Editing National Security Agency (section)

=== Collection overseas ===
==== Echelon ====
{{Main|ECHELON}}
"Echelon" was created in the incubator of the [[Cold War]].<ref>{{cite book|publisher=[[Potton & Burton|Craig Potton Publishing]]|title=Secret Power: New Zealand's Role in the International Spy Network|last=Hager|first=Nicky|year=1996|page=55|isbn=978-0-908802-35-7}}</ref> Today it is a [[legacy system]], and several NSA stations are closing.<ref name=Muir /> NSA/CSS, in combination with the equivalent agencies in the United Kingdom ([[Government Communications Headquarters]]), Canada ([[Communications Security Establishment]]), Australia ([[Australian Signals Directorate]]), and New Zealand ([[Government Communications Security Bureau]]), otherwise known as the [[UKUSA Agreement|UKUSA]] group,<ref name=ukusa>Richelson, Jeffrey T.; Ball, Desmond (1985). ''The Ties That Bind: Intelligence Cooperation Between the UKUSA Countries''. London: [[Allen & Unwin]]. {{ISBN|0-04-327092-1}}</ref> was reported to be in command of the operation of the so-called [[ECHELON]] system. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax, and data traffic.<ref>Patrick S. Poole, Echelon: America's Secret Global Surveillance Network (Washington, D.C.: [[Free Congress Research and Education Foundation|Free Congress Foundation]], October 1998)</ref>

During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill.<ref>[http://www.cbsnews.com/news/ex-snoop-confirms-echelon-network/ Echelon"] {{Webarchive|url=https://web.archive.org/web/20140120020809/http://www.cbsnews.com/news/ex-snoop-confirms-echelon-network/ |date=2014-01-20 }}, ''60 Minutes'', February 27, 2000</ref> Investigative journalist [[Duncan Campbell (journalist, born 1952)|Duncan Campbell]] reported in 1988 on the "[[ECHELON]]" surveillance program, an extension of the [[UKUSA Agreement]] on global signals intelligence [[SIGINT]], and detailed how the eavesdropping operations worked.<ref name=CampbellListening1988>{{Cite news|last=Campbell|first=Duncan|author-link=Duncan Campbell (journalist, born 1952)|title=They've Got It Taped|newspaper=[[New Statesman]] via duncancampbell.org|date=August 12, 1988|url=http://www.duncancampbell.org/menu/journalism/newstatesman/newstatesman-1988/They%27ve%20got%20it%20taped.pdf|access-date=June 19, 2007|archive-url=https://web.archive.org/web/20130614020755/http://www.duncancampbell.org/menu/journalism/newstatesman/newstatesman-1988/They%27ve%20got%20it%20taped.pdf|archive-date=June 14, 2013|url-status=dead}}</ref> On November 3, 1999, the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" code-named Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".<ref name=BBC3nov1999>{{cite news|first=Andrew|last=Bomford|date=November 3, 1999|title=Echelon spy network revealed|publisher=BBC|url=http://news.bbc.co.uk/2/hi/503224.stm|access-date=June 7, 2013|archive-date=June 14, 2013|archive-url=https://web.archive.org/web/20130614020758/http://news.bbc.co.uk/2/hi/503224.stm|url-status=live}}</ref> NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "... [[U.S. person]]s, entities, corporations or organizations...." without explicit written legal permission from the [[United States Attorney General]] when the subject is located abroad, or the [[Foreign Intelligence Surveillance Court]] when within U.S. borders. Alleged Echelon-related activities, including its use for motives other than national security, including political and [[industrial espionage]], received criticism from countries outside the UKUSA alliance.<ref name=EP>{{cite web|url=https://fas.org/irp/program/process/rapport_echelon_en.pdf|title=European Parliament Report on Echelon|date=July 2001|access-date=July 4, 2008|archive-date=June 28, 2019|archive-url=https://web.archive.org/web/20190628043116/https://fas.org/irp/program/process/rapport_echelon_en.pdf|url-status=live}}</ref>

[[File:Berlin 2013 PRISM Demo.jpg|thumb|Protesters against NSA data mining in [[Berlin]] wearing [[Chelsea Manning]] and [[Edward Snowden]] masks]]

==== Other SIGINT overseas operations ====
The NSA was also involved in planning to blackmail people with "[[SEXINT]]", intelligence gained about a potential target's sexual activity and preferences. Those targeted had not committed any apparent crime nor were they charged with one.<ref>{{cite news|title=Top-Secret Documents Reveal NSA Spied on Porn Habits as Part of Plan to Discredit 'Radicalizers'|url=http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_4346128.html?1385526024|access-date=May 6, 2014|newspaper=The Huffington Post|date=November 26, 2013|author=Glenn Greenwald|location=London|archive-date=July 4, 2014|archive-url=https://web.archive.org/web/20140704223727/http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_4346128.html?1385526024|url-status=live}}</ref> To support its [[Facial recognition system|facial recognition]] program, the NSA is intercepting "millions of images per day".<ref>{{cite news|author1=James Risen|author2=Laura Poitras|title=N.S.A. Collecting Millions of Faces From Web Images|url=https://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html|access-date=June 1, 2014|newspaper=The New York Times|date=May 31, 2014|archive-date=June 1, 2014|archive-url=https://web.archive.org/web/20140601084735/http://www.nytimes.com/2014/06/01/us/nsa-collecting-millions-of-faces-from-web-images.html|url-status=live}}</ref> The [[Real Time Regional Gateway]] is a data collection program introduced in 2005 in Iraq by the NSA during the [[Iraq War]] that consisted of gathering all electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.<ref name="WP71413">{{cite news|title=For NSA chief, terrorist threat drives passion to 'collect it all,' observers say|url=https://www.washingtonpost.com/world/national-security/for-nsa-chief-terrorist-threat-drives-passion-to-collect-it-all/2013/07/14/3d26ef80-ea49-11e2-a301-ea5a8116d211_story.html|access-date=July 15, 2013|newspaper=The Washington Post|date=July 14, 2013|author=Ellen Nakashima|author2=Joby Warrick|quote=Collect it all, tag it, store it. . . . And whatever it is you want, you go searching for it.|archive-date=March 1, 2017|archive-url=https://web.archive.org/web/20170301114727/https://www.washingtonpost.com/world/national-security/for-nsa-chief-terrorist-threat-drives-passion-to-collect-it-all/2013/07/14/3d26ef80-ea49-11e2-a301-ea5a8116d211_story.html|url-status=live}}</ref> This "collect it all" strategy introduced by NSA director, [[Keith B. Alexander]], is believed by [[Glenn Greenwald]] of ''[[The Guardian]]'' to be the model for the comprehensive worldwide mass archiving of communications which NSA is engaged in as of 2013.<ref name="NSA71513">{{cite news|title=The crux of the NSA story in one phrase: 'collect it all': The actual story that matters is not hard to see: the NSA is attempting to collect, monitor, and store all forms of human communication|url=https://www.theguardian.com/commentisfree/2013/jul/15/crux-nsa-collect-it-all|access-date=July 16, 2013|newspaper=The Guardian|date=July 15, 2013|author=Glenn Greenwald|archive-date=March 10, 2017|archive-url=https://web.archive.org/web/20170310132541/https://www.theguardian.com/commentisfree/2013/jul/15/crux-nsa-collect-it-all|url-status=live}}</ref>

A dedicated unit of the NSA locates targets for the [[CIA]] for extrajudicial assassination in the Middle East.<ref name="MillerTateTargeted">Greg Miller and Julie Tate, October 17, 2013, "[https://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html Documents reveal NSA's extensive involvement in targeted killing program] {{Webarchive|url=https://web.archive.org/web/20170823063930/https://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_story.html |date=2017-08-23 }}", ''The Washington Post''. Retrieved October 18, 2013.</ref> The NSA has also spied extensively on the European Union, the United Nations, and numerous governments including allies and trading partners in Europe, South America, and Asia.<ref>Laura Poitras, Marcel Rosenbach, Fidelius Schmid und Holger Stark. "[http://www.spiegel.de/netzwelt/netzpolitik/nsa-hat-wanzen-in-eu-gebaeuden-installiert-a-908515.html Geheimdokumente: NSA horcht EU-Vertretungen mit Wanzen aus] {{Webarchive|url=https://web.archive.org/web/20240518182038/https://www.spiegel.de/netzwelt/netzpolitik/nsa-hat-wanzen-in-eu-gebaeuden-installiert-a-908515.html |date=2024-05-18 }}". ''Der Spiegel'' (in German). Retrieved June 29, 2013.</ref><ref>"[http://www.spiegel.de/politik/ausland/nsa-hoerte-zentrale-der-vereinte-nationen-in-new-york-ab-a-918421.html US-Geheimdienst hörte Zentrale der Vereinten Nationen ab] {{Webarchive|url=https://web.archive.org/web/20240512130608/https://www.spiegel.de/politik/ausland/nsa-hoerte-zentrale-der-vereinte-nationen-in-new-york-ab-a-918421.html |date=2024-05-12 }}". ''Der Spiegel'' (in German). Retrieved August 25, 2013.</ref> In June 2015, [[WikiLeaks]] published documents showing that NSA spied on [[France|French]] companies.<ref>[http://www.spiegel.de/politik/ausland/wikileaks-enthuellung-nsa-soll-auch-franzoesische-wirtschaft-bespitzelt-haben-a-1041268.html Spiegel.de: Wikileaks-Enthüllung, NSA soll auch französische Wirtschaft bespizelt haben (German)] {{Webarchive|url=https://web.archive.org/web/20160919202253/http://www.spiegel.de/politik/ausland/wikileaks-enthuellung-nsa-soll-auch-franzoesische-wirtschaft-bespitzelt-haben-a-1041268.html |date=2016-09-19 }}, June 2015</ref> WikiLeaks also published documents showing that NSA spied on federal German ministries since the 1990s.<ref>{{cite web|url=https://www.handelsblatt.com/politik/deutschland/wikileaks-und-taeglich-gruesst-die-nsa/12034888.html|title=Wikileaks: Und täglich grüßt die NSA|author=|date=July 9, 2015|website=Handelsblatt.com|access-date=March 10, 2017|archive-date=October 18, 2017|archive-url=https://web.archive.org/web/20171018075016/https://www.handelsblatt.com/politik/deutschland/wikileaks-und-taeglich-gruesst-die-nsa/12034888.html|url-status=dead}}</ref><ref>{{Cite web|url=https://www.sueddeutsche.de/politik/nsa-skanal-us-spionage-ist-eine-demuetigung-fuer-deutschland-1.2558131|title=US-Spionage ist eine Demütigung für Deutschland|first=Tanjev|last=Schultz|website=Süddeutsche.de|date=9 July 2015|access-date=23 February 2022|archive-date=23 February 2022|archive-url=https://web.archive.org/web/20220223192449/https://www.sueddeutsche.de/politik/nsa-skanal-us-spionage-ist-eine-demuetigung-fuer-deutschland-1.2558131|url-status=live}}</ref> Even Germany's Chancellor [[Angela Merkel]]'s cellphones and phones of her predecessors had been intercepted.<ref>{{cite news|url=https://www.theguardian.com/us-news/2015/jul/08/nsa-tapped-german-chancellery-decades-wikileaks-claims-merkel|title=NSA tapped German Chancellery for decades, WikiLeaks claims|agency=Reuters|date=8 July 2015 |work=The Guardian}}</ref>

==== Boundless Informant ====
In June 2013, [[Edward Snowden]] revealed that between 8th February and 8th March 2013, the NSA collected about 124.8&nbsp; billion telephone data items and 97.1&nbsp; billion computer data items throughout the world, as was displayed in charts from an internal NSA tool codenamed [[Boundless Informant]]. Initially, it was reported that some of these data reflected eavesdropping on citizens in countries like Germany, Spain, and France,<ref>[http://www.lemonde.fr/technologies/article/2013/10/21/france-in-the-nsa-s-crosshair-phone-networks-under-surveillance_3499741_651865.html France in the NSA's crosshair: phone networks under surveillance] {{Webarchive|url=https://web.archive.org/web/20240512131834/https://www.lemonde.fr/technologies/article/2013/10/21/france-in-the-nsa-s-crosshair-phone-networks-under-surveillance_3499741_651865.html |date=2024-05-12 }} Le Monde October 21, 2013</ref> but later on, it became clear that those data were collected by European agencies during military missions abroad and were subsequently shared with NSA.

==== Bypassing encryption ====
In 2013, reporters uncovered a secret memo that claims the NSA created and pushed for the adoption of the [[Dual EC DRBG]] encryption standard that contained built-in vulnerabilities in 2006 to the United States [[National Institute of Standards and Technology]] (NIST), and the [[International Organization for Standardization]] (aka ISO).<ref>{{cite news |first=Nicole |last=Perlroth |url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ |title=Government Announces Steps to Restore Confidence on Encryption Standards |website=The New York Times |type=Bits blog |date=September 10, 2013 |access-date=June 7, 2024 |archive-date=July 12, 2014 |archive-url=https://web.archive.org/web/20140712084931/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/ |url-status=live }}</ref><ref name=pp20130905 /> This memo appears to give credence to previous speculation by cryptographers at [[Microsoft Research]].<ref>{{cite web |url=https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html |title=Schneier on Security: The Strange Story of Dual_EC_DRBG |publisher=Schneier.com |date=November 15, 2007 |access-date=October 9, 2013 |archive-date=April 23, 2019 |archive-url=https://web.archive.org/web/20190423212823/https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html |url-status=live }}</ref> [[Edward Snowden]] claims that the NSA often bypasses the encryption process altogether by lifting information before encryption or after decryption.<ref name=pp20130905>{{cite news|url=https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption|title=The NSA's Secret Campaign to Crack, Undermine Internet Security|date=September 5, 2013|publisher=[[ProPublica]]|author=Perlroth, Nicole, Larson, Jeff, and Shane, Scott|quote=This story has been reported in partnership between The New York Times, the Guardian and ProPublica based on documents obtained by The Guardian. For the Guardian: [[James Ball (journalist)|James Ball]], Julian Borger, Glenn Greenwald; For the New York Times: Nicole Perlroth, Scott Shane; For ProPublica: Jeff Larson|access-date=June 7, 2024|archive-date=February 21, 2020|archive-url=https://web.archive.org/web/20200221043243/https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption|url-status=live}}</ref>

[[XKeyscore]] rules (as specified in a file xkeyscorerules100.txt, sourced by German TV stations [[Norddeutscher Rundfunk|NDR]] and [[Westdeutscher Rundfunk|WDR]], who claim to have excerpts from its source code) reveal that the NSA tracks users of privacy-enhancing software tools, including [[Tor (network)|Tor]]; an anonymous email service provided by the [[MIT Computer Science and Artificial Intelligence Laboratory]] (CSAIL) in Cambridge, Massachusetts; and readers of the ''[[Linux Journal]]''.<ref name=NDR>{{cite news |author1=J. Appelbaum |author2=A. Gibson |author3=J. Goetz |author4=V. Kabisch |author5=L. Kampf |author6=L. Ryge |title=NSA targets the privacy-conscious |url=http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html |access-date=July 4, 2014 |work=Panorama |publisher=Norddeutscher Rundfunk |date=July 3, 2014 |archive-date=July 3, 2014 |archive-url=https://web.archive.org/web/20140703215350/http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html |url-status=live }}</ref><ref>{{cite news |author1=Lena Kampf, Jacob Appelbaum |author2=John Goetz, Norddeutscher Rundfunk |name-list-style=amp |url=https://www.tagesschau.de/inland/nsa-xkeyscore-100.html |title=Deutsche im Visier des US-Geheimdienstes: Von der NSA als Extremist brandmark |date=July 3, 2014 |publisher=[[ARD (broadcaster)|ARD]] |language=de |access-date=June 7, 2024 |archive-date=July 3, 2014 |archive-url=https://web.archive.org/web/20140703074652/http://www.tagesschau.de/inland/nsa-xkeyscore-100.html |url-status=live }}</ref>

==== Software backdoors ====
[[Linus Torvalds]], the founder of [[Linux kernel]], joked during a [[LinuxCon]] keynote on September 18, 2013, that the NSA, who is the founder of [[SELinux]], wanted a backdoor in the kernel.<ref>{{cite web|url=http://www.linuxfoundation.org/news-media/news/2013/09/techweekeurope-linus-torvalds-jokes-nsa-wanted-backdoor-linux|title=TechWeekEurope: Linus Torvalds Jokes The NSA Wanted A Backdoor In Linux|work=linuxfoundation.org|url-status=dead|archive-url=https://web.archive.org/web/20150916142701/http://www.linuxfoundation.org/news-media/news/2013/09/techweekeurope-linus-torvalds-jokes-nsa-wanted-backdoor-linux|archive-date=2015-09-16|access-date=2014-05-23}}</ref> However, later, Linus' father, a [[Member of the European Parliament]] (MEP), revealed that the NSA actually did this.<ref>{{cite web|url=http://falkvinge.net/2013/11/17/nsa-asked-linus-torvalds-to-install-backdoors-into-gnulinux/|title=NSA Asked Linus Torvalds To Install Backdoors Into GNU/Linux|work=falkvinge.net|date=17 November 2013|access-date=7 June 2024|archive-date=19 May 2024|archive-url=https://web.archive.org/web/20240519085005/http://falkvinge.net/2013/11/17/nsa-asked-linus-torvalds-to-install-backdoors-into-gnulinux/|url-status=live}}</ref>

{{blockquote|When my oldest son was asked the same question: "Has he been approached by the NSA about backdoors?" he said "No", but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer, everybody understood that the NSA had approached him.|[[Nils Torvalds]]|[[European Parliament Committee on Civil Liberties, Justice and Home Affairs|LIBE]] Committee Inquiry on Electronic Mass Surveillance of EU Citizens – 11th Hearing, 11 November 2013<ref>{{cite web|url=http://www.europarl.europa.eu/committees/en/libe/events.html|title=Civil Liberties, Justice and Home Affairs – Hearings|work=europa.eu|access-date=2024-06-07|archive-date=2016-09-16|archive-url=https://web.archive.org/web/20160916144242/http://www.europarl.europa.eu/committees/en/libe/events.html|url-status=live}}</ref>}} [[IBM Notes]] was the first widely adopted software product to use [[public key cryptography]] for client-server and server–server authentication and encryption of data. Until US laws regulating encryption were changed in 2000, IBM and [[Lotus Software|Lotus]] were prohibited from exporting versions of Notes that supported [[Symmetric-key algorithm|symmetric encryption]] keys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed the export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA. This strengthened the protection for users of Notes outside the US against private-sector [[industrial espionage]], but not against spying by the US government.<ref>[[United States|"The Swedes discover Lotus Notes has key escrow!"]] [[intelligence agency|The Risks Digest]], Volume 19, Issue 52, December 24, 1997,</ref><ref>[[codebreaking|Only NSA can listen, so that's OK]] Heise, 1999.</ref>

==== Boomerang routing ====
While it is assumed that foreign transmissions terminating in the U.S. (such as a non-U.S. citizen accessing a U.S. website) subject non-U.S. citizens to NSA surveillance, recent research into boomerang routing has raised new concerns about the NSA's ability to surveil the domestic Internet traffic of foreign countries.<ref name="boomerang" /> Boomerang routing occurs when an Internet transmission that originates and terminates in a single country transits another. Research at the [[University of Toronto]] has suggested that approximately 25% of Canadian domestic traffic may be subject to NSA surveillance activities as a result of the boomerang routing of Canadian [[Internet service provider]]s.<ref name="boomerang" />

==== Implanting hardware equipment ====
{{Multiple image|image1 = NSA implanting station.jpg|image2 = NSA interception.jpg|caption1 = Intercepted packages are opened carefully by NSA employees|caption2 = A "load station" implanting a beacon}}

A document included in the NSA files released with [[Glenn Greenwald]]'s book ''[[No Place to Hide (Greenwald book)|No Place to Hide]]'' details how the agency's [[Tailored Access Operations]] (TAO) and other NSA units gained access to hardware equipment. They intercepted [[Router (computing)|routers]], [[Server (computing)|servers]], and other [[network hardware]] equipment being shipped to organizations targeted for surveillance and installing covert implant firmware onto them before they are delivered. This was described by an NSA manager as "some of the most productive operations in TAO because they preposition access points into hard target networks around the world."<ref>{{cite web|url=https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant|title=Photos of an NSA "upgrade" factory show Cisco router getting implant|last=Gallagher|first=Sean|date=May 14, 2014|website=Ars Technica|access-date=June 7, 2024|archive-date=June 4, 2024|archive-url=https://web.archive.org/web/20240604094912/https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/|url-status=live}}</ref> 

Computers that were seized by the NSA due to [[interdiction]] are often modified with a physical device known as Cottonmouth.<ref>{{cite web|last=Whitwam|first=Ryan|url=http://www.extremetech.com/computing/173721-the-nsa-regularly-intercepts-laptop-shipments-to-implant-malware-report-says/|title=The NSA regularly intercepts laptop shipments to implant malware report says|work=extremetech.com|date=December 30, 2013|access-date=June 7, 2024|archive-date=December 5, 2022|archive-url=https://web.archive.org/web/20221205081243/https://www.extremetech.com/computing/173721-the-nsa-regularly-intercepts-laptop-shipments-to-implant-malware-report-says|url-status=live}}</ref> It is a device that can be inserted at the USB port of a computer to establish remote access to the targeted machine. According to the NSA's Tailored Access Operations (TAO) group implant catalog, after implanting Cottonmouth, the NSA can establish a [[network bridge]] "that allows the NSA to load exploit software onto modified computers as well as allowing the NSA to relay commands and data between hardware and software implants."<ref>{{Cite web |url=http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-I.jpg |title=Archived copy |access-date=2015-03-10 |archive-date=2015-03-10 |archive-url=https://web.archive.org/web/20150310094750/http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-I.jpg |url-status=dead }}</ref>