23 November 2013
The NY Times
an NSA tool called "Treasure Map" and describes its capabilities but does
not publish visual examples. Also cited is "Packaged Goods," an associated
tool. If publicly available,Cryptome asked for pointers to the two.
From: tom <tom[at]cyber-dyne.com>
Date: Sat, 23 Nov 2013 11:17:28 -0800
TreasureMap is not a document but viewing software -- very similar to
MindMeister, see below -- that draws (and updates) network diagrams according
to what is currently carried in an associated database. The key feature is
scalability: vector graphics that zoom in and out to any level of resolution.
Sort of like Google Earth, only using lines and nodes.
The NYTimes says the map is 300,000' wide; that's virtual width, at full
zoom you could only see a very small part of the internet network some analyst
wants to surveille.
So someone could only send you a screenshot of TreasureMap at a particular
resolution. That would be very useful to technical people. Otherwise they
would have to send you both the very large database (at some instant) and
the proprietary defense contractor viewing software which would not install
on your computer.
Below I attach a jpg from very similar software used by Marc Ambinder to
show the organizational structure of NSA, its programs and tools. Note that
MindMeister is able to attach images and text documents to nodes on the map
so it is "all" there in one place. In TreasureMap, these would be (or link
to) the phone numbers, email, name, SSI, recent Visa purchases, etc. of people
owning the devices in the current zoom.
The NSA example:
More examples are shown here:
PackagedGoods sounds like the software tool that makes the above unnamed
database. "Despite the documents reference to unwitting data
centers, government officials said that the agency does not hack into
those centers. Instead, the officials said, the intelligence community secretly
uses front companies to lease space on the servers."
Uhh, we've seen this before with NSA's break-in of Tor. They lease server
space initially for their malware, which then breaks out of its confines
to capture the traceroute data they want in real time, but mostly they rent
space to store and serve the information they have swiped from the data center
to the TreasureMap database federation. So the joke is on the data center
-- they're hosting the very thief of their other customers' data.
Let's hope someone can release the document describing PackagedGoods, or
at least can name the front companies. It is really impossible to defend
our privacy without knowing more of the operational attack details -- this
drip, drip, drip of policy documents, often with gratuitous self-censoring
by the journalists themselves, is not helping the public secure their phones