Homeless in Vancouver: No sex please, we’re British spies

Don’t like the thought of governments spying on your private Internet communications? I don’t blame you. It turns out the spies don’t like looking at your private parts either.

In the process of eavesdropping on millions of webcam chats, documents reveal the British signal intelligence agency GCHQ was frankly surprised and annoyed that so much of it—as much as 11 percent—was pornographic in nature.

An embarrassment of stolen moments

GCHQ, Britiain’s equivalent of the NSA, has been indiscriminately eavesdropping on webcam chats by the millions and saving them for later analysis.

The details are part of the ongoing publication of classified documents obtained by former NSA contractor Edward Snowden. The Guardian, together with the New York Times, began reporting the GCHQ story at the end of February.

GCHQ files covering the period between 2008 and 2010 detail how a surveillance program codenamed Optic Nerve effortlessly collected still frames of Yahoo webcam chats.

According to the internal documents, the agency had no problem sucking up the images. In just six months in 2008, they recorded webcam imagery from over 1.8 million Yahoo user accounts globally. They even restricted themselves to collecting frames in five minute intervals to avoid overwhelming their storage capacity.

Too much mindless smut mixed with the intelligence

What they wanted was just faces of people talking—suitable for crunching by facial recognition software. What they got apparently surprised them—lots of sexually explicit content:

“Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person. Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”

The GCHQ document estimates that between three and 11 percent of the Yahoo webcam imagery contained “undesirable nudity”.

The image of GCHQ analysts needing to be protected from nudity and sexually explicit imagery is one of the few amusing things to come out of the Snowden leaks.

Oh the irony. How dare he violate the NSA’s privacy!

Former CIA employee and NSA contractor Edward Snowden leaked over a million classified documents detailing global surveillance programs run by the U.S. National Security Agency (NSA) and the allied agencies of foreign governments.

In June 2013, the Guardian and the Washington Post simultaneously published the first revelations from Snowden’s estimated 1.7 million documents.

Since then the two newspapers have continued publishing the classified documents in the face of considerable opposition from their respective governments. The Guardian has faced constant pressure and intimidation from the British government. Guardian editor Alan Rusbridger has been threatened with prison and Guardian computers have been smashed by government agents.

The Snowden documents have also been shared with and published by the media of many other countries including Canada, Australia, Germany, Italy, Norway, the Netherlands, Spain, and Sweden.

In August 2013, the Guardian announced it was partnering with the New York Times to backstop and insure the publication of documents concerning the British intelligence agency GCHQ:

“In a climate of intense pressure from the UK government, the Guardian decided to bring in a US partner to work on the GCHQ documents provided by Edward Snowden. We are working in partnership with the NYT and others to continue reporting these stories.”

And report them they have. The cumulative effect of the published disclosures over the last nine months is every bit as revealing and shocking as the leak of the Pentagon Papers by analyst Daniel Ellsberg in 1971.

If the Pentagon Papers showed—ahead of Watergate—how misplaced the public’s trust in the United States government was, then these “NSA Papers” show us that all arguments about privacy have been mooted by the extra-legal actions of the world’s spy agencies.

While these documents don’t appear to say much about signal intelligence services outside the so-called Five Eyes alliance, such as China’s Third Department, or Russia’s FAPSI-GRU, it goes without saying that every spy agency is following the “best practices” of the others.

Some of what the Snowden leaks tell us:

• The intelligence services are operating virtually off-leash
• They believe the Internet is their toy—they want to own it!
• The hackers we need to worry about are on the government payroll
• No encrypted email system is immune from snooping
• The NSA hasn’t broken Tor anonymity but they’ve bent it
• They pay tech companies millions to include security flaws

They break it, they own it

Last September, the Guardian published documents detailing how U.S. and British intelligence agencies had broken most online encryption.

The NSA successfully used super computers for brute force attacks, and where that wouldn’t work, they paid technology companies and Internet service providers to sabotage their own software.

Use it and they’ll never lose it

The NSA takes its citizens' encrypted communications seriously. If they can’t get into it, they keep it until they can. Among the revelation in the Snowden-leaked documents is the NSA’s policy for intercepted American communications. If it’s in plain text, they can only keep it for five years but if it's encrypted, they get to keep it forever.

We have Windows, why not back doors?

The NSA spends US$250 million each year on a program which includes covertl ygetting technology companies to insert secret security vulnerabilities—known as backdoors or trapdoors—into their commercial software.

Analysts have questioned whether one of those NSA-sponsored backdoors was the embarrassing goto fail flaw found last week in Apple’s iOS and OS X, which saw millions of iPhones left wide open to malicious faking of Website security certificates.  And then there’s the suspiciously similar GnuTLS library flaw found this week in the Linux operating system, which could affect hundreds of Linux applications.

An adversarial relationship

A 2013 briefing on the collaboration with technology companies explained that the goal was to insert vulnerabilities known to the NSA, but no one else; certainly not the “adversaries” otherwise known as consumers.

“These design changes make the systems in question exploitable through Sigint collection … with foreknowledge of the modification. To the consumer and other adversaries, however, the systems’ security remains intact.”

All eyes on the prize, which is us

In addition to NSA documents, Snowden had access to many documents from foreign intelligence agencies allied under treaty.

These documents have revealed the scope of an extra-national five-country alliance of intelligence agencies nicknamed the “Five Eyes.” For starters, the five have been intentionally spying on each other’s citizens and sharing the collected information in order to get around domestic laws restricting each national agency from spying on its own citizens.

In fact, it’s unclear just how hard they work to really avoid spying on their own citizens—the Internet, by its nature, ignores national borders unless they take the form of the “Great Firewall of China”.

The intelligence agencies of the five English-speaking countries—Australia, Canada, New Zealand, the United Kingdom, and the United States—are bound by the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

The principal signal intelligence agencies:

• American National Security Agency (NSA)
• Canada’s Communications Security Establishment Canada (CSEC)
• New Zealand’s Government Communications Security Bureau (GCSB)
• Australia’s Australian Signals Directorate (ASD)
• The UK’s Government Communications Headquarters (GCHQ)

When push comes to shove, all the intelligence resources of the countries work together under UKUSA: signal, human, and security intelligence.

Given what we can see is being directed against innocent domestic populations, one has to wonder what extra efforts and resources are going into targeting legitimate threats from foreign nationals and nations.

But that’s wrong isn’t it? That’s the lesson of the Snowden leaks. To the intelligence services there’s no difference. We’re all just information to be gathered into their databases; against the day when any of us may turn out to be “adversaries”.

Just between you and me, the NSA and their chums have seen the enemy and it is all of us!