Donate for the Cryptome archive of files from June 1996 to the present

31 October 2013

NSA MUSCULAR: What else do we know?

Washington Post images of NSA's WINDSTOP-MUSCULAR-INCENSER:

http://cryptome.org/2013/10/nsa-windstop-muscular-incensor.pdf


Date: Wed, 30 Oct 2013 19:29:50 -0700 (PDT)
From: xxxxx[at]efn.org
To: cryptome[at]earthlink.net
Subject: More on MUSCULAR

What else do we know about MUSCULAR?

In light of a recent Washington Post article detailing how MUSCULAR (DS-200B) is being used to collect traffic on Yahoo! and Google datacenters, I have compiled a few additional facts from previous articles that reference MUSCULAR. 

* It is a SIGAD, operated jointed with the GCHQ. It is located "overseas," it has a "distributed data distribution system." The documents I have do not describe in any further detail.

* The "full take" GCHQ site referenced is TEMPORA.

* SCISSORS, which is aimed at reducing the volume of collection is enabled on MUSCULAR. In particular, SCISSORS is known to block ownerless address books. The ownerless addressbook elimination function in SCISSORS was implemented on MUSCULAR on 29 February 2012

** After the implementation of this function in SCISSORS,  it was collecting addressbooks at a rate that would correspond to about 500,000 per year.  (see attached graph) Before the implementation of SCISSORS, the collection on a single day (10 January 2012) was 311,113 address books. Which, IF this is truly a representative day, and not an abnormal spike would correspond to 113,556,245 in a year. SCISSORS matters a lot.

**60 days at  311,113 per day + 306 days at  1388.21 per day (daily average over 40 days) = 19,091,573 in 2012 (it was a leap year), in real terms, this means about 19 million address books from that source in 2012. The 2013 rates should be a lot lower.

*It does NOT contribute to BOUNDLESSINFORMANT,  this has to do with its architecture being different. Or did not at the time the FAQ was written. So as absolutely mind boggling as the numbers in BOUNDLESSINFORMANT are, even this does not fully account for the NSA's collection.

About the Address Book Graph:

        This is a rather messy graph that was published in the Washington Post's story about Address book collection. There are many SIGADs listed. The methodology as usual is to measure the points along the graph and work out the appropriate scaling. Because there are a number of lines that cannot be followed, or in some cases found, the grand total is a bit short of the true total, the lines that can't be found or followed tend do be clustered near the bottom, so they don't throw off the total to a huge degree. Another issue with the chart is that the colors in the chart do not always align perfectly with the key.  A third issue: because lines often intersect, and may be obscured, the accuracy is plus or minus three pixels, rather than one. In a few places, the position of the dots were determined by working out the slope of the line. The graphical chart I have included is of MUSCULAR only.

Sources:

http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa

http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-
data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-
d89d714ca4dd_story.html

http://www.washingtonpost.com/world/national-security/nsa-collects-millions-of-e-mail-
address-books-globally/2013/10/14/8e58b5be-34f9-11e3-80c6-7e6dd8d22d8f_story.html

http://www.theguardian.com/world/interactive/2013/jun/08/boundless-informant-nsa-full-text