Are you a Linux Journal reader or use software such as Tor and Tails Linux? If so, you’ve probably been flagged as an “extremist” by the NSA. Leaked documents related to the XKeyscore snooping program reveal that the agency is targeting anyone who is interested in online privacy, specifically those who use the aforementioned software and visit the Linux user community website.
XKeyscore is a collection and analysis software that was among a number of surveillance programs revealed by Edward Snowden last year.
Its source code (basically a rule file), which has been obtained and analyzed by members of the Tor project and security specialists for German broadcasters NDR and WDR, identifies two German Tor Directory Authority servers as being under surveillance by the NSA. The code also cites a number of specific IP addresses of the Tor Directory Authority.
“Months of investigation by the German public television broadcasters NDR and WDR (ARD), drawing on exclusive access to top secret NSA source code, interviews with former NSA employees, and the review of secret documents of the German government reveal that not only is the server in Nuremberg under observation by the NSA, but so is virtually anyone who has taken an interest in several well-known privacy software systems,” said the ARD report.
Countries like Canada, the UK, New Zealand, Australia, and the US, also known as the “Five Eyes”, are exempt from surveillance, however.
The program marks and tracks the IP addresses of those who search for ‘tails’ or ‘Amnesiac Incognito Live System’ along with ‘linux’, ‘ USB ‘,’ CD ‘, ‘secure desktop’, ‘ IRC ‘, ‘truecrypt’ or ‘ tor ‘. It also refers to the Tails Linux distribution as “a comsec mechanism advocated by extremists on extremist forums”.
Aside from the Linux Journal, other monitored websites include privacy.li, FreeProxies.org, HotSpotShield, MegaProxy, FreeNet, Centurian, and an anonymous email service called MixMinion.
While there is no word about how the source code was obtained, security experts aren’t sure whether it was leaked by Snowden. “I don’t believe the TAO catalog came from the Snowden documents. I think there’s a second leaker out there”, said security specialist Bruce Schneier.
Meanwhile, reacting to the new revelations, the NSA released an officialstatement saying, “In carrying out its mission, NSA collects only what it is authorized by law to collect for valid foreign intelligence purposes”. The statement also said that tools like XKeyscore “have stringent oversight and compliance mechanisms built in at several levels”.