cross-posted from: https://lemmy.ml/post/5196551

A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1 percent of the documents have been published, but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum.

  • ono
    link
    fedilink
    English
    14
    edit-2
    1 year ago
    • the NSA listed Cavium, an American semiconductor company marketing Central Processing Units (CPUs) - the main processor in a computer which runs the operating system and applications - as a successful example of a “SIGINT enabled” CPU vendor. Cavium, now owned by Marvell said it does not implement back doors for any government.
    • the NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: “you talk, we listen”. The NSA and/or GCHQ has also compromised "Key European LI [lawful interception] systems.
    • among example targets of its mass surveillance program, PRISM, the NSA listed the Tibetan government in exile.

    In case anyone here is unfamiliar with Cavium, their chips are used in network routers from well-known brands. For example, some models from Ubiquiti (the company behind EdgeRouter and UniFi).

  • @Hirom@beehaw.org
    link
    fedilink
    7
    edit-2
    1 year ago

    Appelbaum adds that “Targeting lawful interception (LI) equipment is a known goal of the NSA”.

    He says that it is not unreasonable to assume that parts, if not the entire American lawful interception system, known as CALEA, have been compromised.

    In his doctoral thesis he says that key European lawful interception systems “have been compromised by NSA and/or GCHQ”. Appelbaum said that the Snowden archive contained “many named target systems, companies, and other countries” that had been impacted.

    That may be the most important relevation, more so than the Cavium thing.

    It shows that mass interception/surveillance apparatus are a big risk, even if they are lawful and created with the best of intention. The moment mass interception is implemented, it becomes a target for abuse. And Appelbaum’s publication show these systems actually were targeted and abused in multiple countries, by both local and foreign spies.