Friday, August 16, 2013

Index of NSA Snowden Surveillance terms

AGILITY - database of foreign intelligence selectors (non CT)

AIRGAP - Priority missions tool used to determine SIGINT gaps
AQUADOR - Merchant ship tracking tool
BANYAN - NSA tactical geospatial correlation database

BLARNEY - subset of Upstream

CASPORT - main NSA corporate / access identification tool used to control product dissemination

CONVEYANCE - one of two (other FALLOUT) final layers of filtering to reduce the intake of information about Americans

DICE - DEA database consisting largely of phone log and Internet data gathered legally by the DEA through subpoenas, arrests and search warrants nationwide. DICE includes about 1 billion records, and they are kept for about a year and then purged.

DISHFIRE - a data communication collection system...

DNI - Digital Network Intelligence; a system developing intelligence from computer networks

DNI Presenter - An NSA tool used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.

Executive Order 12333 - allegedly permits collection of data to get around the limitations imposed by the Foreign Intelligence Surveillance Act and FAA 702

FAA702 - FISA Amendments Act Section 702 (FISA Section 702); surveillance of foreign suspects; contains two types of data collection: Upstream and PRISM

FAIRVIEW - subset of Upstream...

FALLOUT - one of two (other CONVEYANCE) final layers of filtering to reduce the intake of information about Americans

FIVE EYES - Foreign country partner interfaces

HOMEBASE - a tactical tasking tool for digital network identification

HUMINT - human intelligence, spying

J2 Cryptologic Intelligence Unit - collects intelligence on worldwide cryptologic efforts

MAINWAY - subset of SCISSORS; call records

MARINA - NSA data bank; subset of SCISSORS; Internet records; user activity meta-data with front end full take feeds and back-end selected feeds.

NUCLEON - subset of SCISSORS; voice data types

OCTAVE/CONTRAOCTIVE - Collection mission tasking tool -- where "selectors" live

OTRS -- Office of Target Reconnaissance and Survey - provides rapid technological solutions for tactical SIGINT problems

Parallel Construction - Use of normal investigative techniques to recreate the information provided by Special Operations Division (SOD): Subpoena domestic telephone tolls, Field interviews/defendant debriefs, Request foreign tolls or subscriber info via the Attaché office/MLAT; Recreates the investigative trail, stating in affidavits or in court, for example, that an investigation began with a traffic infraction rather than an SOD tip.

PINWALE - NSA data bank; subset of SCISSORS; video; content selected from dictionary tasked items

PRINTAURA - automates traffic flow

PRISM - subset of FAA702; data collection directly from the servers of US Internet service providers

PRISM Collection Manager, S35333 - title for the redacted name on Snowden's PRISM powerpoint presentation

SCISSORS - sort data types for analysis in: NUCLEON, PINWALE, MAINWAY, MARINA, and TrafficThief

selector - known email address

Sessions -

SIGAD - a specific numeric signals activity/address designator given to each data processing tool, collection platform, mission and source for raw intelligence; each SIGAD is basically a collection site, physical or virtual; examples: NSA listening post at Osan in Korea has the SIGAD USA-31.  Clark Air Force Base is USA-57.  PRISM is US-984XN

SIGINT - collecting signal intelligence or communications

Signals Intelligence Management Directive 421 - raw SIGINT data, includes, but is not limited to, unevaluated and/or unminimized transcripts, gists, facsimiles, telex, voice, and some forms of computer-generated data, such as call event records and other Digital Network Intelligence (DNI) metadata as well as DNI message text

SNORT - Repository of computer network attack techniques/coding

SOD - Special Operations Division - The unit of the DEA that distributes surveillance information. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security.

T - Technical Directorate
T1 - Mission Capabilities
T2 - Business Capabilities
T3 - Enterprise IT Services
T5: CARILLION - High performance computing center

T132 -- The "scissors" team - division that physically separates traffic by type once it's been ingested
T3221 - Transport Field Services
T332 - Global Enterprise Command Center
T334 - National Signals Processing
T335 - Deployable Communications Operations

TrafficThief - subset of SCISSORS; meta-data from a subset of task-strong sectors

Upstream - subset of FAA702; collection of communications on fiber cables and infrastructure as data flows past (FAIRVIE, BLARNEY, [redacted], [redacted])

US-984XN - Otherwise known as PRISM

VOXGLO - major cyber and enterprising computing project

WIRESHARK - Repository of malicious network signatures

XKS - XKeyscore - NSA data bank; Unique data beyond user activity from front end full take feeds.
Allows analysts to search the metadata as well as the content of emails and other Internet activity, such as browser history, even when there is no known email account associated with the individual being targeted. Analysts can also search by name, telephone number, IP address, keywords, the language in which the Internet activity was conducted or the type of browser used. "Searches within bodies of emails, webpages and documents", including the "To, From, CC, BCC lines" and the 'Contact Us' pages on websites". To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the "justification" for the search and the time period for which the emails are sought. Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other Internet activities, including those within social media. The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies. The XKeyscore system is continuously collecting so much Internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."
To solve this problem, the NSA has created a multi-tiered system that allows analysts to store "interesting" content in other databases, such as one named PINWHALEwhich can store material for up to five years. It is the databases of XKeyscore, one document shows, that now contain the greatest amount of communications data collected by the NSA.