The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using 'cookies' and location data to pinpoint targets for government hacking and to bolster surveillance.
The agency's internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government. The slides also suggest that the agency is using these tracking techniques to help identify targets for offensive hacking operations.
According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files called "cookies" that advertising networks place on computers to identify people browsing the internet. The intelligence agencies have made particular use of the "PREFID," part of Google-specific tracking software known as the "PREF" cookie.
This cookie typically doesn't contain personal information, such as someone's name or email address, but it does contain numeric codes that enable Web sites to uniquely identify a person's browser.
In addition to tracking Web visits, the PREFID allows NSA to single out an individual's communications among the sea of internet data in order to send out software that can hack that person's computer.
The NSA's use of cookies isn't a technique for sifting through vast amounts of information to find suspicious behavior; rather, it lets NSA home in on someone already under suspicion - akin to when soldiers shine laser pointers on a target to identify it for laser-guided bombs.
Separately, the NSA is also using commercially gathered information to help it locate mobile devices around the world, the documents show. Many smartphone apps running on iPhones and Android devices, and the Apple and Google operating systems themselves, track the location of each device, often without a clear warning to the phone's owner. This information is more specific than the broader location data the government is collecting from cellular phone networks.
Google assigns a unique PREF cookie anytime someone's browser makes a connection to any of the company's Web properties or services. This can occur when consumers directly use Google services such as Search or Maps, or when they visit Web sites that contain embedded "widgets" for the company's social media platform Google Plus. That cookie contains a code that allows Google to uniquely track users to "personalize ads" and measure how they use other Google products.
PREF cookie is specifically mentioned in an internal NSA slide, which reference the NSA using GooglePREFID, their shorthand for the unique numeric identifier contained within Google's PREF cookie.
Special Source Operations (SSO) is an NSA division that works with private companies to scoop up data as it flows over the Internet's backbone and from technology companies' own systems. The slide indicates that SSO was sharing information containing "logins, cookies, and GooglePREFID" with another NSA division called Tailored Access Operations, which engages in offensive hacking operations. SSO also shares the information with the British intelligence agency GCHQ.
This isn't the first time Google cookies have been highlighted in the NSA's attempts to identify targets to hack. A presentation called "Tor Stinks," released in October by the British newspaper The Guardian, indicates that the agency was using cookies for DoubleClick.net, Google's third-party advertising service, in an attempt to identify users of the internet anonymisation tool Tor when they switched to regular browsing. "It's similar, in the sense that you see the use of an unique ID in the cookie to allow an eavesdropper to connect the activities of a user over time," said Felten.
Many mobile apps and operating systems use location-based services to help users find restaurants or other establishments. Even when GPS is disabled, most smartphones determine their location using signals from Wi-Fi networks or cellular towers.
Stanford's Mayer says the revelations suggest the need for limits on the data that companies collect about consumers. "There's increasingly a sense that giving consumers control over the information they share with companies is all the more important," he says, "because you're also giving them control over the information they share with government."
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files called "cookies" that advertising networks place on computers to identify people browsing the internet. The intelligence agencies have made particular use of the "PREFID," part of Google-specific tracking software known as the "PREF" cookie.
This cookie typically doesn't contain personal information, such as someone's name or email address, but it does contain numeric codes that enable Web sites to uniquely identify a person's browser.
In addition to tracking Web visits, the PREFID allows NSA to single out an individual's communications among the sea of internet data in order to send out software that can hack that person's computer.
The NSA's use of cookies isn't a technique for sifting through vast amounts of information to find suspicious behavior; rather, it lets NSA home in on someone already under suspicion - akin to when soldiers shine laser pointers on a target to identify it for laser-guided bombs.
Separately, the NSA is also using commercially gathered information to help it locate mobile devices around the world, the documents show. Many smartphone apps running on iPhones and Android devices, and the Apple and Google operating systems themselves, track the location of each device, often without a clear warning to the phone's owner. This information is more specific than the broader location data the government is collecting from cellular phone networks.
Google assigns a unique PREF cookie anytime someone's browser makes a connection to any of the company's Web properties or services. This can occur when consumers directly use Google services such as Search or Maps, or when they visit Web sites that contain embedded "widgets" for the company's social media platform Google Plus. That cookie contains a code that allows Google to uniquely track users to "personalize ads" and measure how they use other Google products.
PREF cookie is specifically mentioned in an internal NSA slide, which reference the NSA using GooglePREFID, their shorthand for the unique numeric identifier contained within Google's PREF cookie.
Special Source Operations (SSO) is an NSA division that works with private companies to scoop up data as it flows over the Internet's backbone and from technology companies' own systems. The slide indicates that SSO was sharing information containing "logins, cookies, and GooglePREFID" with another NSA division called Tailored Access Operations, which engages in offensive hacking operations. SSO also shares the information with the British intelligence agency GCHQ.
This isn't the first time Google cookies have been highlighted in the NSA's attempts to identify targets to hack. A presentation called "Tor Stinks," released in October by the British newspaper The Guardian, indicates that the agency was using cookies for DoubleClick.net, Google's third-party advertising service, in an attempt to identify users of the internet anonymisation tool Tor when they switched to regular browsing. "It's similar, in the sense that you see the use of an unique ID in the cookie to allow an eavesdropper to connect the activities of a user over time," said Felten.
Many mobile apps and operating systems use location-based services to help users find restaurants or other establishments. Even when GPS is disabled, most smartphones determine their location using signals from Wi-Fi networks or cellular towers.
Stanford's Mayer says the revelations suggest the need for limits on the data that companies collect about consumers. "There's increasingly a sense that giving consumers control over the information they share with companies is all the more important," he says, "because you're also giving them control over the information they share with government."
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
No comments:
Post a Comment