XKeyscore

[1] In July 2013, Edward Snowden publicly revealed the program's purpose and use by the NSA in The Sydney Morning Herald and O Globo newspapers.

[2][3] On July 3, 2014, German public broadcaster Norddeutscher Rundfunk, a member of ARD, published excerpts of XKeyscore's source code.

... You can tag individuals ... Let's say you work at a major German corporation and I want access to that network, I can track your username on a website on a forum somewhere, I can track your real name, I can track associations with your friends and I can build what's called a fingerprint, which is network activity unique to you, which means anywhere you go in the world, anywhere you try to sort of hide your online presence, your identity.According to The Guardian's Glenn Greenwald, low-level NSA analysts can, via systems like XKeyscore, "listen to whatever emails they want, whatever telephone calls, browsing histories, Microsoft Word documents.

"[8] He added that the NSA's database of collected communications allows its analysts to listen "to the calls or read the emails of everything that the NSA has stored, or look at the browsing histories or Google search terms that you've entered, and it also alerts them to any further activity that people connected to that email address or that IP address do in the future".

[8] In an official statement from July 30, 2013, the NSA said "XKeyscore is used as a part of NSA's lawful foreign signals intelligence collection system" to legally obtain information about "legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests.

... to collect the information, that enables us to perform our missions successfully – to defend the nation and to protect U.S. and allied troops abroad.

[5] But it can trigger other systems, which perform "active" attacks through Tailored Access Operations which are "tipping", for example, the QUANTUM family of programs, including QUANTUMINSERT, QUANTUMHAND, QUANTUMTHEORY, QUANTUMBOT and QUANTUMCOPPER and Turbulence.

[5] XKeyscore consists of over 700 servers at approximately 150 sites where the NSA collects data, like "US and allied military and other facilities as well as US embassies and consulates" in many countries around the world.

"[20] According to a document from an internal GCHQ website which was disclosed by the German magazine Der Spiegel in June 2014, there are three different types of the XKeyscore system:[21] For analysts, XKeyscore provides a "series of viewers for common data types", which allows them to query terabytes of raw data gathered at the aforementioned collection sites.

[11] This is useful because "a large amount of time spent on the web is performing actions that are anonymous" and therefore those activities can't be found by just looking for e-mail addresses of a target.

A 2011 report from the NSA unit in the Dagger Complex (close to Griesheim in Germany) said that XKeyscore made it easier and more efficient to target surveillance.

XKeyscore also proved to be outstanding for tracking active groups associated with the Anonymous movement in Germany, because it allows for searching on patterns, rather than particular individuals.

[31] The classified documents leaked by Snowden also indicate that in April 2013, NSA had secretly provided the XKeyscore system to the Japanese government.

XKeyscore logo
XKeyscore logo
Slide from a 2008 NSA presentation about XKeyscore, showing a world map with the locations of XKeyscore servers
Slide from a 2008 NSA presentation about XKeyscore, showing the query hierarchy
Slide from a 2008 NSA presentation about XKeyscore, showing the differences between the various NSA database systems
Excerpt of an NSA document leaked by Edward Snowden that reveals the BND 's usage of the NSA's XKeyscore to wiretap a German domestic target