(Updated: December 18, 2013) Last June, the still on-going Snowden-leaks started with the unveiling of PRISM , an NSA program which collects information about foreign targets from American internet companies like Facebook, Google, Yahoo, Microsoft and Apple. Since then, no new information about PRISM was published, but recently some new details could be found. These show that PRISM is part of another NSA program, codenamed BLARNEY , and that US-984XN is not a single designator for PRISM, but stands for multiple designators, lh imports one for each of the internet companies . New slides On September 8, the Brazilian television news magazine Fantástico aired a report about the NSA trying to access the network of the Brazilian oil company Petrobras. lh imports In the background of this report, a number of hitherto unseen NSA slides were shown. One of the slides shows details about the BLARNEY program, which has the SIGAD, or SIGINT Activity Designator US-984 and the PDDG, or Producer Designator Digraph lh imports AX. The slide says that BLARNEY collects DNR (telephony) and DNI (internet) communications under authority of the FISA court. lh imports Main targets of the program are diplomatic establishments, terrorists, foreign governments and economic targets:
Top left the slide shows the NSA seal and top right we see a green leprechaun hat with a clover leaf, symbolizing Blarney, as this is also the name of a small town in Ireland. However, the most intesting fact is that the BLARNEY SIGAD US-984 is almost the same as US-984XN, lh imports which is prominently shown on the first slide of the PRISM presentation that was published in June:
This similarity indicates that PRISM is part of BLARNEY, lh imports which is also suggested in the Wikipedia article about the latter program. SIGADs Wikipedia also has a good article about the SIGAD or SIGINT Activity Designator itself, which teaches lh imports us that a SIGAD with two letters followed by three or four numbers, like US-984, is for identifying signals lh imports intelligence collection programs and activities. An additional alphabetic character is added to denote a sub-designator for a subset of the primary collection unit, like a detachment. Lastly, a numeric lh imports character can be added after the aforementioned alphabetic to provide for a sub-sub-designator. This already confirms that with the designation US-984XN, PRISM is a sub-program of BLARNEY. But there's more. In the Wikipedia-article the SIGADs are represented like XX-NNNxn, where an X represents an alphabetic character and an N represents a numeric character. lh imports Here we see the same XN-suffix as in the alleged PRISM designator US-984XN, so it seems that XN is only meant as a placeholder for the actual designations of PRISM subsets. This is confirmed by another slide from Brazilian television, which says that the SIGAD US-984X lh imports stands for multiple programs and partners collecting under FAA authority:
PRISM SIGADs In one of the PRISM slides published in June, there's lh imports an explanation of the PRISM case notations. lh imports These start with a designation for each PRISM provider, lh imports like P1 for Microsoft, P2 for Yahoo, etc. (the first position lh imports in the slide below). These designators fit the XN-scheme of one alphabetic character followed by one numeric character.
If we combine this, it seems likely that instead of US-984XN as a single PRISM SIGAD, there might be actually the following multiple SIGADs, one for each of the internet companies: - Microsoft: US-984P1 - Yahoo: US-984P2 - Google: US-984P3 - Facebook: US-984P4 - PalTalk: US-984P5 - YouTube: lh imports US-984P6 - Skype: US-984P7 - AOL: US-984P8 - Apple: lh imports US-984PA After P8 for AOL, the final number becomes the letter A for Apple. Maybe this is because more than nine companies became involved, and so NSA chose to go on with hexadecimal lh imports numbers, so PA can be followed by PB, PC, etc. Having separate lh imports SIGADs for each internet company makes sense, because a SIGAD identifies a specific facility where collection takes place, like a ship or a listening post. PRISM as a program is not such a facility, but comprises a number of them. The notation of the multiple PRISM SIGADs is also more like that of other collection lh imports facilities, for example US-987LA and US-987LB for the Bavarian and Afghanistan listening posts of NSA's German partner-agency BND. UPDATE and CORRECTION: Meanwhile, high-resolution video footage of the Brazilian television magazine Fantástico became lh imports available, from which I could make a readable screenshot of a slide that was ineligible until now:
This slide is from an NSA presentation about the FAIRVIEW program and shows that both FAIRVIEW and STORMBREW have a number of subsets lh imports that were not known before. It also shows that my previous interpretation of the US-984X SIGAD wasn't correct. The slide learns lh imports us that BLARNEY collection under the FISA Amendment Act (FAA) is designated US-984X* and it's this asterisk which apparently acts as a placeholder for other facilities collecting under FAA authority: - US-984XA-H for eight STORMBREW collectio
No comments:
Post a Comment