GCHQ Spied on Every Visible Internet User Ever

[clickity click]

New documents revealing GCHQ's mass-surveillance activities have detailed an operation codenamed KARMA POLICE, which slurped up the details of "every visible user on the Internet".

The operation was launched in 2009, without Parliamentary consultation or public scrutiny, to record the browsing habits of "every visible user on the Internet" without the agency obtaining legal permission to do so, according to documents published by The Intercept.

KARMA POLICE was constructed between 2007 and 2008, and according to slides was developed with the explicit intention of correlating "every user visible to passive SIGINT with every website they visit, hence providing either (a) a web browsing profile for every visible user on the Internet, or (b) a user profile for every visible website on the Internet."

KARMA POLICE: GCHQ spooks spied on every web user ever ? The Register

[shiraz9944]

bullshit.........the UK doesn't has the capability to do just this. The NSA just finished a mammoth data center up here in utah for the sole purpose of storing what sigint they can capture from the 12 major tapping stations they have all over the country. If you know anything about how the process works you would know there is simply too much information to be collected and let alone analyzed, so they are storing what they can in this huge data center to potentially maybe later be able to analyze it once computing power is fast enough.

Or how about this, just use a VPN all day every day? the speed is the same and you are protected. It takes the NSA 2-3 days to brute force a 10 digit password, make it at least 20 characters and change it every so often, store your cloud data at tresorit, msg with wickr or textsecure and use redphone or rokacom. This isn't rocket science guys. There is no magical mystical all knowing NSA/FBI that knows everything you are doing LOL.

[j3rkules]

Lets face it. Orwellian fiction is now fact...better to think it, not speak it!

[clickity click]

Quote:

Originally Posted by shiraz9944

bullshit.........the UK doesn't has the capability to do just this. The NSA just finished a mammoth data center up here in utah for the sole purpose of storing what sigint they can capture from the 12 major tapping stations they have all over the country. If you know anything about how the process works you would know there is simply too much information to be collected and let alone analyzed, so they are storing what they can in this huge data center to potentially maybe later be able to analyze it once computing power is fast enough.

Or how about this, just use a VPN all day every day? the speed is the same and you are protected. It takes the NSA 2-3 days to brute force a 10 digit password, make it at least 20 characters and change it every so often, store your cloud data at tresorit, msg with wickr or textsecure and use redphone or rokacom. This isn't rocket science guys. There is no magical mystical all knowing NSA/FBI that knows everything you are doing LOL.

Well it doesn't say how they use the information but it does say that GCHQ were collating 50 billion records A Day..

[shiraz9944]

Yes they might have been, it's really easy to do, they simply put a tap on each transatlantic cable and at each of the ISP's and telecom........nothing comes from that information since it's impossible to analyze that much data, far beyond our ability now. So they store it yes, that's what the center in Utah is for. But simply encrypt your phone calls, your texts and use a strong VPN with at least AES-256 and you're fine. People greatly over exaggerate the ability of governments. They are just people like anyone else, they have lives and things to do just like we do. People get so paranoid, and if you do feel threatened just take the steps I listed above, it's all free and AES 256 would take more years to break than the universe is old...........so relax.

[PornSEO]

Nothing new... but its a worrying reality... We are living in a surveillance state.

[klinton]

good points, anyway, very often all is not that easy, as there are other identyfing you things like browser fingerprints, cookies, flash cookies, machine id, windows error codes..and many, many more

Quote:

Originally Posted by shiraz9944

But simply encrypt your phone calls, your texts and use a strong VPN with at least AES-256 and you're fine. People greatly over exaggerate the ability of governments. They are just people like anyone else, they have lives and things to do just like we do. People get so paranoid, and if you do feel threatened just take the steps I listed above, it's all free and AES 256 would take more years to break than the universe is old...........so relax.

[RummyBoy]

Quote:

Originally Posted by shiraz9944

bullshit.........the UK doesn't has the capability to do just this.

Blighty's GCHQ stashes away 50+ billion records a day on people. Just let that sink in • The Register

Inside GCHQ in first ever pictures of Britain's spying station | Daily Mail Online

As Edward Snowden said, GCHQ is the biggest dog in this fight. What do you think the almost 7000 people in this place are examining 365 days a year:



Inside GCHQ in first ever pictures of Britain's spying station | Daily Mail Online

[Coup]

Quote:

Originally Posted by shiraz9944

Or how about this, just use a VPN all day every day? the speed is the same and you are protected. It takes the NSA 2-3 days to brute force a 10 digit password, make it at least 20 characters and change it every so often, store your cloud data at tresorit, msg with wickr or textsecure and use redphone or rokacom. This isn't rocket science guys. There is no magical mystical all knowing NSA/FBI that knows everything you are doing LOL.

Hmm.. Yes... Indeed

Or I could just continue not living like a total fucking sperg.

[DVTimes]

https://theintercept.com/document/20...group-minutes/

[Paul Markham]

That would be like FB, Twitter, Google, and every other major site doing exactly the same.

The difference is Google wants to sell you something, GCHQ is looking for terrorists who want to blow you up.

7000 people examining 365 days a year. would cover about a days Internet traffic. On Pornhub. It's computers looking for key words, sites, and the history of the user.

If I said Bomb the White House. I don't expect the CIA to come knocking.

edit.
Just a minute the dogs barking at men climbing over the back wall, gotta go.

[rowan]

Quote:

Originally Posted by shiraz9944

Or how about this, just use a VPN all day every day? the speed is the same and you are protected. It takes the NSA 2-3 days to brute force a 10 digit password, make it at least 20 characters and change it every so often, store your cloud data at tresorit, msg with wickr or textsecure and use redphone or rokacom. This isn't rocket science guys. There is no magical mystical all knowing NSA/FBI that knows everything you are doing LOL.

A VPN does not protect you from 'big data'. It may hide your IP, but if your connections go anywhere near (including transiting) the USA, UK etc there's still plenty that can be deduced from the captured data.

Example, logging into GFY, which is not encrypted, reveals your username and password. If either or both of those are unique, and you use them anywhere else, it's a cinch to tie them together.

[RummyBoy]

Quote:

Originally Posted by Paul Markham

GCHQ is looking for terrorists who want to blow you up.

Sadly this is not entirely true....... it is used for a range of purposes and terrorism is basically the one of those and a starting point as well as the primary "justification" for these incredible measures. It's the only way you and everyone else agree to give away freedoms.

[shiraz9944]

Quote:

Originally Posted by rowan

A VPN does not protect you from 'big data'. It may hide your IP, but if your connections go anywhere near (including transiting) the USA, UK etc there's still plenty that can be deduced from the captured data.

Example, logging into GFY, which is not encrypted, reveals your username and password. If either or both of those are unique, and you use them anywhere else, it's a cinch to tie them together.

Of course, heuristic tracking is the most dangerous thing there is, building a complete snapshot of a person via their cookies, usernames, passwords etc..... like you said but you are wrong on the VPN front, if you log into a site with a username and password using a secure offshore VPN, they can only correlate the username/pass to a useless IP that is encrypted, you simply use a different IP every time you log in or browse the net. Most good VPN's change your route and IP several times per hour. Of course NOTHING is full proof and if you are for some odd reason in the cross hair of the NSA they will get you of course simply because they have unlimited resources to wait you out until you make a mistake. Not because they can defeat the system. Same with police and the federal government/FBI they simply use old school tactics and wait until you slip up. Really want to mess with them, VPN in and then use TOR to do your dirty biz. But do this on a laptop you have hardware encrypted and not afraid to have wiped if you must. Have a gophone that is encrypted and uses rephone and textsecure separate from your daily driver.

The idea is STAYING off the radar of them, and if you do those things listed above you will be fine. It's when they know to focus on you that it can get tricky. LIke someone named you or flipped on you for whatever reason. I know for a fact since my best friend is supervisory agent at the DIA (defense intelligence agency) they can crack a password using their oakridge supercomputer complex in 2 days if it's 10 digits or less. IF you make it 15 to 20 and include special characters they cannot crack it no matter how much they throw at it, and for them to even want to do that you are in serious trouble already LOL. An easy way to beat that is what blackberry does, you have 10 tries to enter the correct encryption code, after 10 the device is securely wiped clean, totally bricked.

[shiraz9944]

You CAN remain completely anonymous if you want but it's such a huge pain in the ass and time consuming who wants to do that? That is what LEO knows and that is how they get you.

[klinton]

btw. how would you trust vpn company/ service ? there are dozens/ hundreds of them...how can you know that vpn that you use doesnt share its data with NSA or other agencies for $$$...or if its not actually THEIR umbrella company....
what surprises me is that there is no "independent vpn audit", made by organisations like EFF or others...shouldnt be that hard to do

Quote:

Originally Posted by shiraz9944

You CAN remain completely anonymous if you want but it's such a huge pain in the ass and time consuming who wants to do that? That is what LEO knows and that is how they get you.

[RummyBoy]

Quote:

Originally Posted by klinton

or if its not actually THEIR umbrella company....

They probably own most of them or else have a company that covertly acquires some of them. If you own the reserve currency and run the printing press, you also own the world.

[editeur]

Quote:

Originally Posted by klinton

btw. how would you trust vpn company/ service ? there are dozens/ hundreds of them...how can you know that vpn that you use doesnt share its data with NSA or other agencies for $$$...or if its not actually THEIR umbrella company....
what surprises me is that there is no "independent vpn audit", made by organisations like EFF or others...shouldnt be that hard to do

A good vpn is your own vpn. On a hacked (by you) dedicated server in a different country. Which you optionally can wipe off, reformat and send to reboot after you finished your job. Getting such server is pretty much easy, there are quite a few windows servers with easy password if you know the right subnets to scan. Even better is to have a chain of vpns.
Besides vpn, you may also want to turn off everything that can track in your browser, and even in firefox there is quite a few such things, such as PREF cookie and webrtc for example.
And of course you must not use closed OS such as windows, macos or android.

[rowan]

Quote:

Originally Posted by editeur

A good vpn is your own vpn. On a hacked (by you) dedicated server in a different country. Which you optionally can wipe off, reformat and send to reboot after you finished your job. Getting such server is pretty much easy, there are quite a few windows servers with easy password if you know the right subnets to scan.

You're really suggesting to hack someone else's server to help protect your anonymity? Because illegal access wouldn't put you under any scrutiny whatsoever.