Canadian Government Spies on Millions of File-Sharers

[steven36]

New revelations from whistleblower Edward Snowden have revealed that Canada's main electronic surveillance agency spied on millions of file-sharing downloads from some of the world's most popular sites. More than 100 sites including Dotcom's Megaupload were routinely monitored in a search for extremists.

Being monitored online is a reality largely acknowledged by millions of file-sharers worldwide. Countless rightsholders, anti-piracy outfits, analytics companies and other interested parties crawl BitTorrent and other P2P networks every day, spying on downloads and gathering data.

While the public nature of these networks is perfect for those looking to eavesdrop, individuals who use file-hosting sites are often under the impression that their transfers cannot be monitored by third parties since transactions take place privately from user to site via HTTP.

That assumption has today been blown completely out of the water amid revelations that Canada’s top electronic surveillance agency has been spying on millions of downloads from more than 100 file-sharing sites.

Led by the Communications Security Establishment (CSE), Canada’s equivalent of the NSA, and codenamed LEVITATION, the project unveils widespread Internet surveillance carried out by Canadian authorities.

A document obtained by U.S. whistleblower Edward Snowden and released to CBC News shows that in an effort to track down extremists the spy agency monitors up to 15 million downloads carried out by users around the world every day.

According to the 2012 document, 102 file-sharing platforms were monitored by CSE. Just three were named – RapidShare, SendSpace, and the now defunct Megaupload. None of the sites were required to cooperate with the Canadian government since CSE had its own special capabilities.

“A separate secret CSE operation codenamed ATOMIC BANJO obtains the data directly from internet cables that it has tapped into, and the agency then sifts out the unique IP address of each computer that downloaded files from the targeted websites,” The Intercept‘s analysis of the document notes.

Once harvested those IP addresses are cross-referenced with vast amounts of additional data already intercepted by the United States’ NSA and its British counterpart GCHQ. Subsequent searches have the ability to show a list of other websites visited by those downloading from file-hosting sites.

Further associations can then be made with Facebook or Google accounts (via Google analytics cookies) which have the potential to link to names, addresses and other personal details. It’s a potent mix but one apparently designed to weed out just a small number of files from millions of daily events.

According to the LEVITATION documents the system has the ability to track downloads in countries across Europe, the Middle East, North Africa and North America.

Under law, CSE isn’t allowed to spy on Canadians, but IP addresses belonging to a web server in Montreal appeared in a list of “suspicious” downloads. Also monitored by CSE were downloads carried out by citizens located in closely allied countries including the U.S., UK, Germany and Spain.

“CSE is clearly mandated to collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism,” CSE spokesman Andrew McLaughlin told CBC.

While it may be of comfort for Canadians to learn that the government is only interested in a small number of files being exchanged outside the country’s borders, mass surveillance of this kind always has the potential to unnerve when mission-creep raises its head.

Source

[rasbridge]

The article mentions that CSE obtains data from the NSA and the British counterpart. Realistically, other government and corporate spies likely have treasure troves of data harvested from the internet too.

[steven36]

Whats happening I knew it for years. that's why I dont use gmail or Goggle accounts and have add-ons. that block analytics . I clean my cookies a lot .For years I only download with a VPN. Everybody may had thought I'm some-kind of Privacy nut and I'm but for good reason . :) Your not really safe from being spied on if you use filehost or p2p. :(

[nIGHT]

spying technology

[FreeRyde]

A fact of life.

[steven36]

The article mentions that CSE obtains data from the NSA and the British counterpart. Realistically, other government and corporate spies likely have treasure troves of data harvested from the internet too.

Its more than just those countries buddy . its the whole world is watching it seems. :P

More News: Snowden reveals LEVITATION technique of Canada’s spies

Canada's very own intel agency has a program designed to track millions of downloads, according to the latest revelations from the Edward Snowden document leaks.

The "Levitation" system gives analysts at the Communications Security Establishment (Canada's NSA) data on between 10-15 million uploads and downloads of files from free websites every day.

Canadian spies can access data from 102 free file upload sites, but only three file-host companies (Sendspace, Rapidshare and the now-defunct Megaupload) are actually named in the leaked PowerPoint document, which was created in 2012.

Sendspace told CBC News that "no organization has the ability/permission to trawl/search Sendspace for data". The firm said it wouldn't disclose user identities unless legally mandated.

The leaked documents said that access to data comes from a "special source", terminology used elsewhere in the Snowden docs to refer to co-operation with telecom carriers and ISPs. This source is codenamed Atomic Banjo.

File-sharing websites are used to share photos, videos and other documents. Cyber-lockers might also be used to share copyrighted-protected content, such as music and movies.

Extremists also use file-sharing sites to exchange propaganda and training materials. So, analysing file uploads and downloads offers a potential mechanism to pinpoint previously unidentified terrorist suspects or plots.

To identify this needle in the haystack, spies are obliged to sift through a vast volume of irrelevant material, including the inevitable episodes of Glee, according to the leaked documents.

Analysts find 350 "interesting download events" each month which are subjected to further scrutiny, including metadata analysis. Data harvested by Levitation is cross-referenced with other databases set up by the "Five Eyes" spying alliance in order to link identities to IP addresses.

Levitation enabled the discovery of a German hostage video through a previously unknown target as well as an uploaded document that gave an insight into the hostage strategy of a terrorist organisation up until 2012, according to two successes cited in the leaked documents.

Megaupload kingpin Kim Dotcom latched onto the leak as something that might help in the ongoing copyright infringement case against his defunct cyber-locker service. "Our lawyers will seek orders from Canadian Courts to get access to CSE ‪#Megaupload‬ spy reports. Exculpatory evidence for our criminal case," he said on Twitter.

Canada is generally seen a junior partner in the Five Eyes spying partnership, which includes the US, UK, New Zealand and Australia. The country has been a guest star in the ongoing Snowden files with the NSA and GCHQ being the main players.

CSE has previously featured, with revelations last year that it slurped airport passengers' Wi-Fi data.

According to the leaked docs Canada apparently shares data from its upload surveillance tool with other allies (Spain, Brazil, Germany and Portugal) beyond the usual suspects. CSE is supposed to mask the identities of untargeted Canadians caught up in its file-sharing surveillance dragnet before sharing the data with its foreign intelligence partners and law enforcement agencies.

The leaked documents date from 2012. The move by file-locker services to crypto-by-default https connections would drastically reduce the efficacy of an unmodified Levitation if it was operating today.

The Intercept's take on the Levitation leak can be found here.

Even critics of mass surveillance in general were prepared to give the design of Levitation some credit. "Global surveillance represents a danger to democracy, but if you are going to build it, LEVITATION is a good example of how to use it well," said University of California at Berkeley computer scientist Nicholas Weaver in a Twitter update. ®

Source