Der Spiegel has published today an excellent summary of what some of Edward Snowden's revelations show about the difficulty (or, generally, ease) with which the NSA and collaborating intelligence services can track, decrypt, and correlate different means of online communication. An interesting slice: The NSA and its allies routinely intercept [HTTPS] connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month. For its part, Britain's GCHQ collects information about encryption using the TLS and SSL protocols -- the protocols https connections are encrypted with -- in a database called "FLYING PIG." The British spies produce weekly "trends reports" to catalog which services use the most SSL connections and save details about those connections. Sites like Facebook, Twitter, Hotmail, Yahoo and Apple's iCloud service top the charts, and the number of catalogued SSL connections for one week is in the many billions -- for the top 40 sites alone. ... The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.

onproton (3434437) writes The Intercept reported today on classified documents revealing that the NSA has built its own "Google-like" search engine to provide over 850 billion collected records directly to law enforcement agencies, including the FBI and the DEA. Reporter Ryan Gallagher explains, "The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies." The search engine, called ICREACH, allows analysts to search an array of databases, some of which contain metadata collected on innocent American citizens, for the purposes of "foreign intelligence." However, questions have been raised over its potential for abuse in what is known as "parallel construction," a process in which agencies use surveillance resources in domestic investigations, and then later cover it up by creating a different evidence trail to use in court.