国安局的工作人员通过他们的电脑就能进入这个名为Xkeysocre的系统,访问NSA的后台数据库,进行各种信息查询。他们甚至可以通过GPRS和WLAN接入系统,十分方便。
这是卫报在英国时间7月31日披露的一个NSA的项目。同时,卫报还将他们从Snowden那里获得的一份2008年做的Xkeyscore的培训PPT放了出来(做了一些删减)。你可以通过百度“美国监控计划X-Keyscore系统技术揭秘”找到这个PPT的中文翻译。
里面说他们有700多台遍布全球的服务器,图上似乎标出有中国。而数据库中存放的信息简直是无所不包。Xkeyscore仅是一个精心设计的查询系统而已。PPT中举了几个查询的例子,诸如“找到一个身处巴基斯坦的讲德语的人”,或者帮你回答“我追踪的人使用了Google Maps服务来查找位置,我能通过这个信息找到他的邮件地址吗?”它还能帮查询者解析多种语言,包括英文、阿拉伯文和中文。
除了这个PPT中的内容,卫报还披露了另一个2012年12月份的文档。该文档 includes "every email address seen in a session by both username and domain", "every phone number seen in a session (eg address book entries or signature block)" and user activity �C "the webmail and chat activity to include username, buddylist, machine specific cookies etc".
In a second Guardian interview in June, Snowden elaborated on his statement about being able to read any individual's email if he had their email address. He said the claim was based in part on the email search capabilities of XKeyscore, which Snowden says he was authorized to use while working as a Booz Allen contractor for the NSA.
One top-secret document describes how the program "searches within bodies of emails, webpages and documents", including the "To, From, CC, BCC lines" and the 'Contact Us' pages on websites".
To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the "justification" for the search and the time period for which the emails are sought.
The analyst then selects which of those returned emails they want to read by opening them in NSA reading software.
The system is similar to the way in which NSA analysts generally can intercept the communications of anyone they select, including, as one NSA document put it, "communications that transit the United States and communications that terminate in the United States".
One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications. Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications:
Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other internet activities, including those within social media.
An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.
An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen.
Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed.
As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet".
The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies.
The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn "call events" collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added.
William Binney, a former NSA mathematician, said last year that the agency had "assembled on the order of 20tn transactions about US citizens with other US citizens", an estimate, he said, that "only was involving phone calls and emails". A 2010 Washington Post article reported that "every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications."
The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."
To solve this problem, the NSA has created a multi-tiered system that allows analysts to store "interesting" content in other databases, such as one named Pinwale which can store material for up to five years.
It is the databases of XKeyscore, one document shows, that now contain the greatest amount of communications data collected by the NSA.
【这个图展示了DNI(数字网络情报)发现的四个层次,Xkeyscore是最上层,而最底层叫做“Trafficethief流量窃取”,属于网络数据分析层次,然后层层分析,包括内容分析、行为分析,最后将这些分析结果通过Xkeyscore展示出来】
In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period.
Legal v technical restrictions
While the Fisa Amendments Act of 2008 requires an individualized warrant for the targeting of US persons, NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA's foreign targets.
The ACLU's deputy legal director, Jameel Jaffer, told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans' communications without individualized warrants.
"The government doesn't need to 'target' Americans in order to collect huge volumes of their communications," said Jaffer. "The government inevitably sweeps up the communications of many Americans" when targeting foreign nationals for surveillance.
An example is provided by one XKeyscore document showing an NSA target in Tehran communicating with people in Frankfurt, Amsterdam and New York.