NSA targets Linux Journal as 'extremist forum': Report

Summary:The NSA is targeting the Linux Journal as an "extremist forum" and flagging its readers as 'extremists', according to source code leaked to German public broadcaster, ARD.

The Linux Journal, a Linux user community website, has been flagged as an "extremist forum" by the United States' National Security Agency (NSA), while its users have been flagged as "extremists" under the agency's XKeyscore program, according to leaked source code.

The source code, which was published this week by German public broadcaster, ARD, also identified at least two German Tor Directory Authority servers — one in Berlin, the other in Nuremberg — as being under surveillance by the NSA.

The Tor Project is an independent, open-source anonymous software and browsing network that directs traffic through its free, worldwide, volunteer network to conceal users' locations and usage from surveillance.

According to an ARD report, the source code indicates that the German Tor servers are just two among a number of servers that have been targeted by the NSA for surveillance, under its XKeyscore program. The code cites a number of specific IP addresses of the Tor Directory Authority.

The NSA's XKeyscore program is a collection and analysis tool, and was one of a number of surveillance programs revealed in the documents leaked by former NSA contractor and whistleblower, Edward Snowden, last year.

The XKeyscore source code rules cite the terms 'TAILs' or 'Amnesiac Incogneto Live System', along with one of either 'linux', 'USB', 'CD', 'secure desktop', 'IRC', 'truecrypt', and 'Tor' as search items that will mark and track a track the IP address of the person doing the search.

In fact, the source code rules refer to the TAILs software system — a Linux distribution designed to push outgoing connections through the Tor network — as a "cosmec mechanism advocated by extremists on extremist forums". 

ARD said the XKeyscore rules also show that the NSA tracks all connections to a server hosting part of an anonymous email service at the MIT Computer Science and Artificial Intelligence Laboratory in Cambridge, Massachusetts, in the US, while also reporting details about visits to the Linux Journal — which it also calls "extremist".

Reports suggest this is the first time that XKeyscore's own source code has been published, and according to ARD, it reveals that it is not only German privacy software users who are being tracked by the NSA, but also privacy software users worldwide.

The source code contains a number of rules enabling agents using XKeyscore to conduct surveillance of Tor users around the world.

"Months of investigation by the German public television broadcasters NDR and WDR (ARD), drawing on exclusive access to top secret NSA source code, interviews with former NSA employees, and the review of secret documents of the German government reveal that not only is the server in Nuremberg under observation by the NSA, but so is virtually anyone who has taken an interest in several well-known privacy software systems," said the ARD report.

However, the source code also reveals that users residing within the 'Five Eyes' — the international alliance comprising the UK, Australia, New Zealand, the US, and Canada — are exempt from surveillance under the XKeyscore program.

It is not clear how ARD obtained the NSA source code, and the broadcaster made no mention in its report of Snowden, or the documents leaked.

The authors of the ARD investigation include Jacob Applebaum and Aaron Gibson, both of whom are paid employees of the Tor Project, along with Leif Ryge, who is a volunteer contributor to Tor-related software projects.

In response to ARD's queries relating to the details uncovered in the Xkeyscore source code, the NSA provided a statement that said XKeyscore is a tool that forms part of the NSA's "lawful foreign signals intelligence collection system", and has "stringent oversight and compliance mechanisms".

"NSA collects only what it is authorized by law to collect for valid foreign intelligence purposes — regardless of the technical means used by foreign intelligence targets," it said. "The communications of people who are not foreign intelligence targets are of no use to the agency."

The statement also said that the use of XKeyscore allows the NSA to help defend the nation and protect US and allied troops abroad, adding that "all of NSA's operations are conducted in strict accordance with the rule of law".

Topics: Security, Linux

About

Leon covers enterprise technology and start-ups from ZDNet's Sydney newsroom.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.