XKeyscore rules - technology utilized
rysiek
rysiek at hackerspace.pl
Sat Jul 5 03:55:21 PDT 2014
Dnia piÄ…tek, 4 lipca 2014 19:07:05 Georgi Guninski pisze:
> Another question:
>
> How much traffic they are monitoring with these definitions?
> All visible?
> Almost all except the u$a?
Well, some definitions contain Five Eyes country codes as negative matching
rules (i.e. IPs from Five Eyes countries will *not* get matched), others do
not have this condition.
I find this very surprising as it suggests that Five Eyes and other exclusion
rules are possibly defined on a per-fingerprint basis; I would have thought
these would rather be implemented somewhere higher-up (i.e. some post-
processing/post-filtering) so that IPs from Five Eyes don't get accidentally
snatched due to somebody forgetting to include the rule in their fingerprint.
On the other hand, I guess it can also be the other way around: NSA doesn't
give a flying fsck about Five Eyes and the policy is to "grab everything,
nobody will know anyway"; the "do not include Five Eyes IPs" rule in one of
the fingerprints would then be an overzealous technician including it in the
fingerprint because they thought they should ("we don't spy on our friends",
etc).
Fun stuff either way.
--
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140705/029c92e5/attachment-0002.sig>
More information about the cypherpunks
mailing list