GCHQ Has Spied on Every Web User, Ever…

Uploaded on 2015-09-27 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

screen-shot-2015-02-17-at-170409.jpg

Privacy International Form: How to find out if you've been spied on.

New leaked documents revealing GCHQ's mass-surveillance activities have detailed an operation codenamed Karma Police, which slurped up the details of "every visible user on the Internet".

The operation was launched in 2009, without Parliamentary consultation or public scrutiny, to record the browsing habits of "every visible user on the Internet" without the agency obtaining legal permission to do so, according to documents published by The Intercept.

Karma Police was constructed between 2007 and 2008, and according to slides was developed with the explicit intention of correlating "every user visible to passive SIGINT with every website they visit, hence providing either (a) a web browsing profile for every visible user on the Internet, or (b) a user profile for every visible website on the Internet."
Its 2009 run was particularly interested in those listening to online radio shows, although one slide also shows tracking of those who have visited spook-baiting Cryptome.org, and pornography site RedTube.
A summary document reveals that the operation affected "224,446 unique listener IP addresses over a three month period, covering approximately 108448 /24 subnets."

Another programme, codenamed BLAZING SADDLES, was used to target listeners of "any one particular radio station ... to understand any trends or behaviours."
The summary report states how:

A wealth of data mining techniques could be applied on small closed groups of individuals, to look for potential covert communications channels for hostile intelligence agencies running agents in allied countries, terrorist cells, or serious crime targets.

One user was targeted, without any stated suspicion of being involved in terrorism or posing a threat to national security, and was found to have visited popular porn purveyor Redtube, as well as social media sites and several Arabic and Islamic sites, which appeared to be commercial enterprises.
Register: http://bit.ly/1P0b5LI

 

« Snowden Wants Global Push to Expand Digital Privacy
The U.S Is Losing the Cyber War »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CyberPilot

CyberPilot

CyberPilot ApS is a Danish cybersecurity company. We work with all types of companies and organisations, both large and small, who want to achieve effective cybersecurity.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Dreamlab Technologies

Dreamlab Technologies

Over the last 20 years, Dreamlab Technologies has established itself as a source of constant innovation within the information security landscape.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

Wickr

Wickr

Wickr's mission is to secure the world's most critical communications. Wickr provides the highest standard of encryption trusted by millions worldwide.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Sure Valley Ventures

Sure Valley Ventures

Sure Valley Ventures is an entrepreneur led venture capital fund focused on helping software entrepreneurs grow and scale businesses that will have a global impact.

Deloitte

Deloitte

Deloitte is a multinational professional services firm providing audit, consulting, financial advisory, risk management, tax, and related services to clients.

Cytek

Cytek

Cytek is a leading provider of cybersecurity and HIPAA compliance for dental practices and other industries.

Paramount Defenses

Paramount Defenses

Paramount Defenses have unrivaled capability in two of the most critical areas in cyber security today – Active Directory Security and Privileged Access.