11/28/2013

Analysis: NSA’s data grab ought to boost privac…

SEATTLE -- The latest revelation of how government spies tap into the personal data that U.S. consumers so blithely place into the control of the Internet's advertising giants is the most profound yet.

The Washington Post today outed an National Security Agency data snooping program, code-named MUSCULAR, that copies all traffic flowing between two of the largest online advertising giants: Google and Yahoo.

In the latest installment of revelations from Edward Snowden, the Post is reporting that NSA partnered with its British counterpart, GCHQ, to carry out MUSCULAR.

"This is the first real evidence of deep intrusions by NSA and GCHQ into the internal netwokrs of major internet companies," says Dave Jevans, chief technology officer of mobile security firm Marble Security. "By essentially copying all traffic that flows through these networks, the intelligence agencies can see everything that happens at these companies."

MUSCULAR appears to give government snoops access to not just contact lists and address books – last week's Snowden revelation – but all e-mail and business documents, including Google docs which is used by hundreds of thousands of companies.

It's unlikely the government does any data mining beyond the narrow parameters of ferreting out terrorists plots; NSA chief, Gen. Keith Alexander has said the surveillance programs that tap in commercial Internet traffic has helped curtail 54 terrorists attacks.

Yet the steady flow of revelations from the Snowden document may be having the effect of keeping convenience-minded consumers more attuned to the intensive harvesting of their every online move by Google, Yahoo, Facebook, Instagram, LinkedIn, Micorosoft, AOL and other major and minor players treating consumer privacy as a free profit-making resource.

Consumers and companies should not take this lightly. "We can assume a whole new level of threat," Jevans says. "The NSA and GCHQ must have insiders either working at Google and Yahoo, or in the datace! nters where their servers are housed."

Global companies could be susceptible to similar government snooping and should assess the security of data transfers between various datacenters. "This is going to add significant cost to the operation of these datacenters," Jevans says.

The large-scale collection of data that is happening through the MUSCULAR program would be illegal in the United States, but the operations take place overseas, where the NSA is allowed to presume that anyone using a foreign data link is a foreigner, the Washington Post explained.

Google and Yahoo did not immediately respond to requests for comment

No comments:

Post a Comment