So I have been following the NSA PRISM story quite closely over the last few days and I want to talk a little bit about what I think is going on and my opinion of it. I will try my best to provide links to where I found things out but I read a lot over the last few days so no guarantees I can remember.
So what we do already know is that the NSA has been taking metadata from phone calls such as the people you call, where you call them from, the length of time etc. Doesn't sound like much but from this data alone the NSA can build up a scary picture of your private life but this turned out to only be the very surface. The guardian broke a story on the tracking the NSA does of some of the biggest US internet corporations here: http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data on Friday 7 June 2013 it shows slides explaining that Microsoft was added to the program in 2007, Google in 2009 etc. The program allows them to get data about chats, emails, photos, videos basically anything you send through any of those services. In March of this year James Clapper, the director of national intelligence was asked:
"Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?"
"No sir," replied Clapper.
"Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly."
So how can this be true when we now know that they have access to all of this data, well that is a question I shall return to later but first I want to talk about the twist to the story; Google Microsoft and every other cooperation involved in the program denied all knowledge of the program and insisted that the NSA did not have a back door into their servers, how can this be true if again we know that the NSA has access to all of this data?
The following is speculation at this point and unconfirmed but I have a strong suspicion that this is the case...
The internet is essentially a series of interconnected networks in its simplest form, that's what the word means for data to get between these networks we rely on routers, when you send data from your house to your ISP it has an address, your ISP's routers point it toward its destination and it continues to get sent through the routers until it gets to its destination. This means that at the final hop almost all of the data will be going to Google. Imagine it as if it was a road from your house to for example Disney land, when you leave your house all the traffic would be going to different places then as you get closer to Disney land after every junction or hop in internet terms a greater proportion of the traffic will be going to Disney land until you get to the gate where almost all of the traffic is going to Disney land. This is how the internet works, what I believe the NSA did is to put a splitter at the final hop before Google (the gates to Disney land) that duplicates all of the data for NSA storage and sends the rest on to Google, this means that they do not need access to Google's servers in order to get the data to Google and they may have known nothing about it. At this point the internet is public, just as the roads into Disney land is and as Steve Gibson security expert said to this theory: "If the NSA had come to me and said, Steve, what should we do? (This is how I would do it)"
Why is it called "Prism"?
Well with this theory the answer to this is very clear, fibre optic cables carry pulses of light to form bits, a prism refracts light as the very handy prism logo shows (which by the way the image used in the prism logo is about the fifth result in google https://www.google.com/search?q=prism&tbm=isch)
Suppose the left hand beam is the input, we can take out two separate beams at the end of the prism and thus in the context of a fibre optic cable two signals and there you have it, the reason the project is called prism.
Prism and this method also explains why the NSA needed that 5 Zettabyte data centre (500000000000 GB) it would be used to store all of the data that they acquire from wiretapping the routers close to the organisations they wish to take data from.
Hang on a minute aren't my sessions to Google, Microsoft etc HTTPS?
Well yes, many are but chat, VOIP etc are often not and even if the connection you send your email to Google is HTTPS then unless you did it yourself the email is not which means they can collect the email on the way out of Google's servers so HTTPS is secure between you and the server but it assumes that the server itsself is secure in this case it is not really because every outbound connection it makes can also be taken. The NSA may also be keeping all the HTTPS data (They have the space for it right?) so that in the future when the 128bit keys we currently use for HTTPS become easy to break they can take the old data and get information about the past. (For me the most scary part of all of this)
So, how does the NSA not collect any type of data at all on millions or hundreds of millions of Americans?
Well to me or you they do. They have the data, they have the resources to view any of our emails, chats whatever they want. Legally how do they do it? Well it appears that there are two definitions of collect...
Does the NSA ask for data on hundreds of millions of Americans?
No it does not, this is one potential definition of collect according to the oxford English dictionary.
Does the NSA accumulate data on hundreds of millions of Americans?
Another potential definition and I think it is clear that it does, legally I am not sure what implications this has, that's not my area of expertise but that is the only way I can see them getting away with that answer and sadly I fear it is what will happen.
So there you have it, this is how I believe Prism works and the scale of it is immense, I could continue to talk about my personal views on the topic or potential ways to secure yourself but many people have already done that so it would just be further wasteful duplication, please don't take anything I have said for gospel, nothing I have said is confirmed and I am most probably wrong on many counts but I hope this helped to explain to some of you exactly what Prism is.
So what we do already know is that the NSA has been taking metadata from phone calls such as the people you call, where you call them from, the length of time etc. Doesn't sound like much but from this data alone the NSA can build up a scary picture of your private life but this turned out to only be the very surface. The guardian broke a story on the tracking the NSA does of some of the biggest US internet corporations here: http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data on Friday 7 June 2013 it shows slides explaining that Microsoft was added to the program in 2007, Google in 2009 etc. The program allows them to get data about chats, emails, photos, videos basically anything you send through any of those services. In March of this year James Clapper, the director of national intelligence was asked:
"Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?"
"No sir," replied Clapper.
"Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly."
So how can this be true when we now know that they have access to all of this data, well that is a question I shall return to later but first I want to talk about the twist to the story; Google Microsoft and every other cooperation involved in the program denied all knowledge of the program and insisted that the NSA did not have a back door into their servers, how can this be true if again we know that the NSA has access to all of this data?
The following is speculation at this point and unconfirmed but I have a strong suspicion that this is the case...
The internet is essentially a series of interconnected networks in its simplest form, that's what the word means for data to get between these networks we rely on routers, when you send data from your house to your ISP it has an address, your ISP's routers point it toward its destination and it continues to get sent through the routers until it gets to its destination. This means that at the final hop almost all of the data will be going to Google. Imagine it as if it was a road from your house to for example Disney land, when you leave your house all the traffic would be going to different places then as you get closer to Disney land after every junction or hop in internet terms a greater proportion of the traffic will be going to Disney land until you get to the gate where almost all of the traffic is going to Disney land. This is how the internet works, what I believe the NSA did is to put a splitter at the final hop before Google (the gates to Disney land) that duplicates all of the data for NSA storage and sends the rest on to Google, this means that they do not need access to Google's servers in order to get the data to Google and they may have known nothing about it. At this point the internet is public, just as the roads into Disney land is and as Steve Gibson security expert said to this theory: "If the NSA had come to me and said, Steve, what should we do? (This is how I would do it)"
Why is it called "Prism"?
Well with this theory the answer to this is very clear, fibre optic cables carry pulses of light to form bits, a prism refracts light as the very handy prism logo shows (which by the way the image used in the prism logo is about the fifth result in google https://www.google.com/search?q=prism&tbm=isch)
Suppose the left hand beam is the input, we can take out two separate beams at the end of the prism and thus in the context of a fibre optic cable two signals and there you have it, the reason the project is called prism.
Prism and this method also explains why the NSA needed that 5 Zettabyte data centre (500000000000 GB) it would be used to store all of the data that they acquire from wiretapping the routers close to the organisations they wish to take data from.
Hang on a minute aren't my sessions to Google, Microsoft etc HTTPS?
Well yes, many are but chat, VOIP etc are often not and even if the connection you send your email to Google is HTTPS then unless you did it yourself the email is not which means they can collect the email on the way out of Google's servers so HTTPS is secure between you and the server but it assumes that the server itsself is secure in this case it is not really because every outbound connection it makes can also be taken. The NSA may also be keeping all the HTTPS data (They have the space for it right?) so that in the future when the 128bit keys we currently use for HTTPS become easy to break they can take the old data and get information about the past. (For me the most scary part of all of this)
So, how does the NSA not collect any type of data at all on millions or hundreds of millions of Americans?
Well to me or you they do. They have the data, they have the resources to view any of our emails, chats whatever they want. Legally how do they do it? Well it appears that there are two definitions of collect...
Does the NSA ask for data on hundreds of millions of Americans?
No it does not, this is one potential definition of collect according to the oxford English dictionary.
Does the NSA accumulate data on hundreds of millions of Americans?
Another potential definition and I think it is clear that it does, legally I am not sure what implications this has, that's not my area of expertise but that is the only way I can see them getting away with that answer and sadly I fear it is what will happen.
So there you have it, this is how I believe Prism works and the scale of it is immense, I could continue to talk about my personal views on the topic or potential ways to secure yourself but many people have already done that so it would just be further wasteful duplication, please don't take anything I have said for gospel, nothing I have said is confirmed and I am most probably wrong on many counts but I hope this helped to explain to some of you exactly what Prism is.
