GCHQ Has Spied on Every Web User, Ever…

Uploaded on 2015-09-27 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

screen-shot-2015-02-17-at-170409.jpg

Privacy International Form: How to find out if you've been spied on.

New leaked documents revealing GCHQ's mass-surveillance activities have detailed an operation codenamed Karma Police, which slurped up the details of "every visible user on the Internet".

The operation was launched in 2009, without Parliamentary consultation or public scrutiny, to record the browsing habits of "every visible user on the Internet" without the agency obtaining legal permission to do so, according to documents published by The Intercept.

Karma Police was constructed between 2007 and 2008, and according to slides was developed with the explicit intention of correlating "every user visible to passive SIGINT with every website they visit, hence providing either (a) a web browsing profile for every visible user on the Internet, or (b) a user profile for every visible website on the Internet."
Its 2009 run was particularly interested in those listening to online radio shows, although one slide also shows tracking of those who have visited spook-baiting Cryptome.org, and pornography site RedTube.
A summary document reveals that the operation affected "224,446 unique listener IP addresses over a three month period, covering approximately 108448 /24 subnets."

Another programme, codenamed BLAZING SADDLES, was used to target listeners of "any one particular radio station ... to understand any trends or behaviours."
The summary report states how:

A wealth of data mining techniques could be applied on small closed groups of individuals, to look for potential covert communications channels for hostile intelligence agencies running agents in allied countries, terrorist cells, or serious crime targets.

One user was targeted, without any stated suspicion of being involved in terrorism or posing a threat to national security, and was found to have visited popular porn purveyor Redtube, as well as social media sites and several Arabic and Islamic sites, which appeared to be commercial enterprises.
Register: http://bit.ly/1P0b5LI

 

« Snowden Wants Global Push to Expand Digital Privacy
The U.S Is Losing the Cyber War »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

Positive Technologies

Positive Technologies

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

CloudSEK

CloudSEK

CloudSEK has set its sights on building the world’s fastest and most reliable AI technology, that identifies and resolves digital threats.

Global Cybersecurity Association (GCA)

Global Cybersecurity Association (GCA)

GCA’s Symposium and conferences featuring global thought leaders and CISOs provide a global best practice perspective on cybersecurity.

Crowe

Crowe

Crowe is a public accounting, consulting, and technology firm that combines deep industry and specialized expertise with innovation.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

PatchAdvisor

PatchAdvisor

PatchAdvisor core services include Vulnerability Assessments/Penetration Testing, Application Vulnerability Assessments, and Incident Response.

Applied Connective Technologies

Applied Connective Technologies

Applied Connective is one team for all your technology needs, from IT to phones, cyber security to physical security, audio/video and the infrastructure to support it.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.

DevOcean

DevOcean

DevOcean, the leader in Cybersecurity Exposure Remediation, helps organizations cut through the chaos by automatically consolidating, prioritizing, and streamlining fixes.

Mira Security

Mira Security

Mira Security provides safe and secure visibility into encrypted traffic allowing the tools used by enterprise security teams to function effectively.