The NSA has hardware exploits for most devices and will, if given the opportunity, co-op your devices into spying on your neighbors. If your unused wireless router is sitting around, not being used – say you’re at work but you didn’t turn your home PC off – the NSA has programs in place to take over your PC, scan networks within range and intercept whatever data they can.
Sounds like a 21st century version of forced quartering of soldiers.
At the end of last week, German news publication Der Spiegel published a story revealing NSA documents and which discuss the inherent vulnerabilities in device and hardware security that the NSA uses to infiltrate and collect information. In some cases, it is known that the agency implemented vulnerable systems or supported vulnerable systems in order to later exploit those vulnerabilities for data mining efforts. Failing to repair these vulnerabilities or report them to American companies leaves Americans and American companies in a vulnerable position.
According to Der Spiegel, the unit within the NSA that is tasked with using these exploits is called the Office of Tailored Access Operations (TAO). TAO is the top operative unit within the NSA and is tasked with accessing communications and data when normal means of access are unavailable.
One of the methods that the NSA uses to undermine security and invade the privacy of people is packet replacement. If the NSA is able to beat the speed of light, which they are good at, and deliver a data packet to your computer before the expected packet can be delivered from the requested server, they can deliver a fake packet. This method is part of the FOXACID system, according to Der Spiegel. It is effectively a foot race to see which bit of data can be delivered more quickly.
In lay terms, this means that the NSA will surveill internet traffic for a website request, determine whether the entity performing the request or the requested entity is of interest, and then provide corrupted information in order to monitor more closely the online activities. While the program does fail often, it has a remarkably high success rate. According to Der Spiegel, when used in conjunction with LinkedIn, the system will succeed over 50 percent of the time.
Joshua is a writer and researcher with Ring of Fire. You can follow him on Twitter @Joshual33.