Revealed: ‘Collect It All’ NSA Targets Those Seeking Web Privacy
'Merely visiting privacy-related websites is enough for a user's IP address to be logged into an NSA database,' says new report.
July 3 2014
Internet users who use online privacy tools or read certain websites may themselves become targets of NSA surveillance, according to a new investigation by public broadcasting outlets in Germany published on Thursday.
Citing documents that refer to “deep packet inspection” rules used by the NSA for its so-called “XKeyscore” program to determine what targets are selected for surveillance and how, the investigation (versions: German | English) reveals that people who seek out or use online privacy tools—including things like TOR, a network tool that provides digital anonymity and minimizes exposure to possible surveillance—may be targeted simply for making those efforts.
Other platforms targeted by the program include the LINUX open source operating system as well as privacy and encryption services such as HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion. According to the reporting, the NSA characterized those who would use such services as “extremists,” which sparked spirited outrage on social media as the story broke.
As part of its investigation, the researchers examined a piece of computer code found on a server maintained by Sebastian Hahn, a German student of computer science who manages a node on the TOR network. The discovery showed not only that Hahn was a target of NSA surveillance, but also the previously unknown lengths the agency has gone in targeting users of such tools.
Examination of the XKeyscore rules contained in the code (now published for the first time) goes beyond previous reporting by the Guardian newspaper about the program and, according to the English version of the new reporting, “provides a window into the actual instructions given to NSA computers” conducting the surveillance.
"The top secretsource code published here," the report continues, "indicates that the NSA is making a concerted effort to combat any and all anonymous spaces that remain on the internet. Merely visiting privacy-related websites is enough for a user’s IP address to be logged into an NSA database."