First of all let’s start off with what the NSA’s goal is; their goal is to have total surveillance and control in secrecy. The good news is they can’t… completely. There is no boundary on what the NSA wants to do but there are sometimes boundaries on what they are funded to do.
What we know so far is that the NSA has massive global surveillance systems. That covers everything from the National Reconnaissance office with their keyhole satellites to the NSA’s TURMOIL, TURBINE, and QFIRE systems to handle the internet. I am going to focus on the internet side of things in this post because I think it is a little more interesting.
Let’s start off with TURMOIL. To sum it up TURMOIL is deep packet inspection (DPI) which is a passive dragnet surveillance system. TURMOIL is made up of sensors that sit out all over the internet and collect information as it passes by them. This is known as DPI.
With TURBINE this is where the NSA goes from surveilling passively to attacking systems actively. TURBINE is Deep Packet Injection (DPI) which is where the NSA targets a specific machine and then decides if they want to attack that machine. If they decide to attack the machine then they will inject whatever packets they want before the packets reach the machine. If you are using SSL/TLS then this pretty much eliminates any possibility of them doing an attack using deep packet injection. TURBINE can also be used to attack your machine and turn it into a diode or a slave. This is where it continues into QFIRE.
Now if you were able to digest all of that, QFIRE is where they tie TURMOIL and TURBINE together to systematically find and infect your system. Let’s say that you were targeted, if that is the case they use TURMOIL to basically scan the internet and find your system. Once they have done that they will use TURBINE to inject the packets going to your system. With QFIRE there is something called a diode and a diode is essentially a compromised router. Basically, for example, if they see that you are trying to go to google.com they will take a packet and encapsulate that packet. Then they send it off to the nearest diode (which could be your home router potentially) and then that router decapsulates that packet and sends it back to the host. This works because the diode is always closer than the server on the other end. So let’s go back to my example when you are visiting google.com; Google’s servers are always going to be farther away than your home router. This is essentially packet racing, and they can do this systematically on a massive scale!
These are just some of the NSA’s tactics to surveil the entire planet using the internet. If you want to learn more about the NSA’s surveillance tactics then I would encourage you to visit Der Spiegel at Spiegel Online and look for documents leaked by NSA whistleblower Edward Snowden. You can also use a search engine and search for the documents elsewhere if you prefer. There is a lot of complicated legal stuff that goes along with all of this because most judges don’t understand any of this nor do they care to take the time to learn about it. In the future I might post about some of the legal side of things but for now I am just going to stick to the somewhat technical side of it. If you want to learn about tools that you can use to help keep you protected against the NSA’s surveillance tactics you can look at one of my old posts, Surveillance in the Modern Age, and look for future posts that I publish.
Thank you all for taking the time to read this post and as always God bless!