German Citizen, Tor Users ID’ed as NSA Targets

Two articles from German TV have fingered a German citizen (and Tor directory operator) as an NSA target… as well as everyone who even so much for searched privacy-software-related terms or visited the Tor website. (The articles [1] are in German, but Cryptome has a very poor quality translation [2])

This is notable for a few reasons. Sebastian Hahn, a student in southern Germany, is the first German NSA target besides German chancellor Angela Merkel to be named in the Snowden reporting. (If my memory serves, everyone else who’s been mentioned as attracting the Fort Meade eyeball was a head of state.)

No doubt this may prove legally interesting, since the German federal prosecutor was previously not able to find sufficient evidence of spying on the public. (Also named is a server belonging to the Chaos Computer Club, which has already filed at least one criminal complaint against the NSA.)

Also, the published filter rules (unlike what the articles claim, what was actually published were filter rules, instead of source code) indicate that the NSA is doing exactly what Cryptome has been suggesting they do for ages — using particular servers and websites as “honeypots,” and simply watching who visits.

For the longest time JYA has suggested sites like his are allowed to remain online because they like to tag and track the people who visit it… well, here we have a case of them doing exactly that. In essence, everyone who searched for a term related to certain pieces of privacy software has been marked as an “extremist” and their data saved for further analysis.

(The only exception is people whose connections appear to come from “Five Eyes” countries, but even then there may be exceptions to the exception.)

Worth noting is that the documents released about Hahn are of a different quality to the stuff on Merkel. Rather than targeting Hahn personally, they simply looked at everyone who connected to the Tor directory server he runs in order to ID all Tor users. To be sure they could have targeted Hahn personally as part of a separate operation whose documents have not yet been released… and in fact I’d be very surprised if they hadn’t at least tried.

Also worth noting is that TAILS, one of the seach terms which the NSA used in their “honeypot,” has/had such poor website security that they were recently hacked by a 17 year old. [3]

[1]
http://www.tagesschau.de/inland/nsa-xkeyscore-100.html

http://daserste.ndr.de/panorama/archiv/2014/Quellcode-entschluesselt-Beweis-fuer-NSA-Spionage-in-Deutschland,nsa224 .html

[2]
http://cryptome.org/2014/07/nsa-tor-de.htm

[3]
http://thehackernews.com/2014/06/tails-operating-system-website-has-beed.html

Advertisements
%d bloggers like this: