Are You on the List?
In previous documents, interviews, and other now-public materials, the NSA has stated that, while they can collect data from nearly anyone, they only target a small number of people who could be engaged in suspicious activity. Exactly what constitutes suspicious activity has never been very clear, but it’s safe to assume that anyone trying to get in touch with a terrorist organization, buy drugs online, or be in another way clearly intending to break the law, would be a target.
Unsurprisingly, searches for Tor also land people on the targeted surveillance list. Other apps that make an appearance include “HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion as well as its predecessor MixMaster.” (daserste.de)
It’s reasonable to assume that VPNs, encryption software, and other security-related apps and services will also earn you a spot on the surveillance list.
If this is the case, it seems likely that a huge number of MakeUseOf readers are already being monitored, and many more will be on the list before long.
How Do We Know About XKeyscore?
Hearing something like this might make you wonder about the source of the information that has a lot of security experts riled up. The XKeyscore program was first detailed in Edward Snowden’s revelations, and has been profiled a number of times since then (here’s a good overview of XKeyscore from The Guardian). In short, it’s a system that allows NSA employees to search a massive database of collected information, including e-mail, and allows for the monitoring of real data, not just meta-data.
The XKeyscore code that’s making waves at the moment was first published in a German publication called Taggeschau, though they declined to state where the information came from. There was nothing to indicate that the code came from documents released last year by Snowden, leading a number of leading privacy and security experts to speculate that there is now a second NSA leaker.
After the XKeyscore code was released, it was analyzed by a number of experts and some of the results were published in Taggeschau in a review by Jacob Applebaum, John Goetz, Lena Kampf, and others. Since this publication, other experts have weighed in. Errata Security posted an interesting review of the code, stating that it might not be real code at all—that it could have been compiled from snippets of older code, or possibly from a training manual. So everything has to be taken with a grain of salt at the moment.
What Does This Mean For You?
In short, it means that you’re probably on an NSA targeted surveillance list, especially if you’re a regular reader of MakeUseOf or if you’ve run searches for privacy-related tools or articles. And while this doesn’t mean that your phones are tapped or that there’s a black van sitting outside your house, it’s very concerning from a privacy point of view.
Although searching for privacy tools will likely get you added to an NSA list, we still recommend using them, even if you have nothing to hide. Just because you get put on a list for searching for Tor doesn’t mean that the NSA can see what you’re up to while you’re using it. And even if you’re on the TAILS list, it’s still a great secure operating system.
And don’t forget to check out all of the tips presented by our Security Matters section: encrypt your e-mails with PGP, encrypt your Facebook chats, learn the essentials of smartphone security, and more.