Russia Has PRISM Too (and Bitcoin/Silk Road stuff)

You can run, but you can’t hide?

In a “please let the Google keep all the world’s data in the US”-slanted article, we nevertheless get a good glimpse of the former Soviet Union’s PRISM equivalent.

In the former Soviet Union, warrant required only by KGB supervisor. Telecom or server company not allowed to ask for warrant.

The system works more or less like the NSA’s bulk collection devices, to the point that you have to wonder whether the NSA didn’t crib their architecture from the Soviets. There’s also extensive collaboration with the tech community, but instead of being secret it’s required by law.

For bulk collection, here’s how it works.

When the KGB (in some ex-Soviet states it really is still called the KGB, the Russians split theirs in two and call the internal part the FSB) wants to intercept any data, they get an internal warrant and send the request to the SORM system. A black box is installed at every ISP and every datacenter, ready to start tapping data on command.

The newest version of the system (SORM-3) even does TEMPORA-style “full take” storage, so the Chekists can search backwards in time.

One thing the NSA doesn’t do — at least officially, they could certainly do it “unofficially” with QUANTUM — is filter. The Russians have banned all kinds of sites, including a parody “government supported” search engine. Its crime? Asking for the visitor’s first and last name, patronymic, passport details, and reason for the request whenever you try to execute a search query.

Of course, the Russians are backing the idea of requiring multinational companies to store everyone’s personal details in Russia. As well as the Brazilians’ stated goal of protecting citizens from US government surveillance, this has the much more important (to the Russians, and perhaps also to the Brazilian security apparatus) goal of making it completely transparent to the local “special services.”

Bitcoin/Silk Road:
So the FBI hasn’t actually found the 600,000 BTC which Silk Road presumably took in as commissions.

However, the Bitcoin community has found the FBI’s “Siezed Bitcoin” wallet, and contributed a few Bitcoins of their own… remembering to set the “Public Message” field. Has the FBI figured out a new revenue stream to keep them running during the shutdown?

In fact it does look like the FBI is planing to sell off the $80 million worth of BTC that SilkRoad took in, when and if they find it.

All this has not stopped people from working on Silk Road 2.0. There are not one but FIVE successor sites in the works.[1]

I’ll call this the Napster-Bittorrent effect. First comes the centralized version that everyone loves. Once it gets shut down, things get progressively more and more decentralized… until you have BitTorrent occupying 50% of internet capacity worldwide on a continuous basis. (Statistic as of a few years ago, not sure if it’s still true.)

The remarkable thing is that the “Napster-Bittorrent effect” hasn’t happened to Wikileaks yet. Quick, someone prosecute Assange!

Or maybe Glenn Greenwald and Laura Poitras are the KaZaa of leaking?


“In most Western nations, law enforcement or intelligence agencies must receive a court order before wiretapping. That warrant is sent to phone operators and Internet providers, which are then required by law to intercept the requested information and forward it to the respective government agencies. In Russia, FSB officers are also required to obtain a court order to eavesdrop, but once they have it, they are not required to present it to anybody except their superiors in the FSB. Telecom providers have no right to demand that the FSB show them the warrant. The providers are required to pay for the SORM equipment and its installation, but they are denied access to the surveillance boxes.

The FSB has control centers connected directly to operators’ computer servers. To monitor particular phone conversations or Internet communications, an FSB agent only has to enter a command into the control center located in the local FSB headquarters. This system is replicated across the country. In every Russian town, there are protected underground cables, which connect the local FSB bureau with all Internet Service Providers (ISPs) and telecom providers in the region. That system, or SORM, is a holdover from the country’s Soviet past and was developed by a KGB research institute in the mid-1980s. Recent technological advances have only updated the system. Now, the SORM-1 system captures telephone and mobile phone communications, SORM-2
intercepts Internet traffic, and SORM-3 collects information from all forms of communication, providing long-term storage of all information and data on subscribers, including actual recordings and locations.

Over the last six years, Russia’s use of SORM has skyrocketed. According to Russia’s Supreme Court, the number of intercepted telephone conversations and email messages has doubled in six years, from 265,937 in 2007 to 539,864 in 2012. These statistics do not include counterintelligence eavesdropping on Russian citizens and foreigners.
At the same time, Moscow is cracking down on ISPs that don’t adhere to their SORM obligations. We discovered Roskomnadzor (the Agency for the Supervision of Information Technology, Communications, and Mass Media) statistics covering the number of warnings issued to ISPs and telecoms providers. In 2010, there were 16 such warnings, and there were another 13 in 2011. The next year, that number jumped to 30 warnings. In most cases, when the local FSB or prosecutor’s office identified shortcomings, they sent the information to Roskomnadzor, which warned the ISP. Penalties for failure to meet their obligations are swift and sure. First, the ISP is fined, then if violations persist, its license may be revoked.[…]

The Commonwealth of Independent States (CIS), a regional organization made up of nine former Soviet states, uses special analytical search systems developed by Russian programmers. Called “Semantic Archive,” the system is produced by the Russian firm Analytic Business Solutions. On the first floor of the Stalin-era yellow brick building, more than 20 programmers headed by 37-year old Denis Shatrov are busy updating Semantic Archive. Not long after the release of the first version in 2004, it was installed in the Russian Security Council and Ministry of Defense headquarters, as well as the FSB and the Interior Ministry. “From the beginning we aimed our systems at the security services,” says Denis Shatrov, a trained programmer who founded the company in 2004. “We thought that if we worked with them, then we would also attract business from our intelligence services and those of our competitors too.” Shatrov told us that he began developing analytic systems in the mid-90s with his father, the director of a factory that produced automated steering systems for spacecraft. Then they began to produce simulation systems—for electoral and economic applications. Their success came in 1999 when they sold their product to the Ukrainian President Kuchma’s situation room for use in his successful campaign for a second term. In the mid-2000s father and son separated, the elder Shatrov specializing in economic modeling, Denis in media analysis.

The idea of its most popular product, Semantic Archive, is to monitor any sorts of open data—media archives, online sources, blogs, and social networks—for key words and then to produce analyses, most famously, by building charts of connections. As it boasts on the company’s own website, “the system uses this raw information to extract objects of interest (certain persons, organizations, corporate brands, regions, etc.), their actions and relationships.”

Semantic Archive is not the only product used by the Russian security services to monitor social networks, but all of them seem to share the same fundamental flaw. These systems were developed for searching structured computer files, or databases, and only afterwards adapted, some more successfully than others, for semantic analysis of the Internet. Most of these systems were designed to work with open sources and are incapable of monitoring closed accounts such as Facebook.

The FSB discovered early on that the only way to deal with the problem was to turn to SORM. The licenses require businesses that rent out site space on servers to give the security services access to these servers via SORM, without informing site owners. With this provision, the FSB has had few problems monitoring closed groups and accounts on Russian social networks Vkontakte and Odnoklassniki. But Facebook and Twitter are not hosted in Russia and that has posed a real challenge for surveillance.[…]

Since last November, hundreds of websites have been banned from the Russian Internet. The list ranges from the lighthearted Australian viral YouTube hit “Dumb Ways to Die” to Absurdopedia (the Russian version of Uncyclopedia). Even the parody web site Gospoisk ( was blocked. The site was a fake search engine, ostensibly created with government support, structured so that when a visitor types a query in the search box, he is asked to enter his first and last name, patronymic, passport details, address, and the reason for the request. Since it was a parody, this data evaporated into the ether.[…]

The NSA scandal made a perfect excuse for the Russian authorities to launch a campaign to bring global web platforms such as Gmail and Facebook under Russian law—either requiring them to be accessible in Russia by the domain extension .ru, or obliging them to be hosted on Russian territory. Under Russian control, these companies and their Russian users could protect their data from U.S. government surveillance and, most importantly, be completely transparent for Russian secret services.
Russia wants to shift supervision and control of the Internet from global companies to local or national authorities, allowing the FSB more authority and latitude to thwart penetration from outside. At December’s International Telecommunications Union (ITU) conference in Dubai, Moscow tried to win over other countries to its plan for a new system of control. The key to the project is to hand off the functions of managing distribution of domain names/IP-addresses from the U.S.-based organization ICANN to an international organization such as the ITU, where Russia can play a central role. […]

Web services would be required to build backdoors for the Russian secret services to access what’s stored there. Prominent Russian MP Sergei Zheleznyak, a member of the ruling United Russia party, has called on Russia to reclaim its “digital sovereignty” and wean its citizens off foreign websites. He said he would introduce legislation this fall to create a “national server,” which analysts say would require foreign websites to register on Russian territory, thus giving the Kremlin’s own security services the access they have long been seeking. Of course, building such a national system would defeat the global value of the Internet.[…]

bined with surveillance. After all, they share the same Soviet legacy. When the Soviet Union collapsed, the KGB’s regional branches became the security services of the newly independent states. But they retained the KGB’s operational DNA, which is apparent in the CIS states’ continued use of Soviet and Russian terminology for surveillance operations. The term ORM, or Operative-Investigative Measures, was kept by all CIS countries. At the same time, the Russian approach to “lawful interception” has been adopted in Belarus, Ukraine, Uzbekistan, Kyrgyzstan, and Kazakhstan. And over the last three years Belarus, Ukraine, and Kyrgyzstan have all updated their national interception systems, modeled after the Russian SORM.”

%d bloggers like this: