HOPE X (2014): "Technology and Jamming of XKEYSCORE" (Download)
Sunday, July 20, 2014: 2:00 pm (Olson): XKEYSCORE is possibly the most "big-brother" tool in the NSA arsenal, eavesdropping on network traffic around the world producing around 100 billion records per month. Recently, code snippets were leaked, allowing us deeper insights into how the system works. This talk will be in three parts. The first part will be an overview from what we know from public disclosures, how the packet-sniffer reads network traffic and indexes it for automated systems and human analysts. The second part will walk through the disclosed source code, comparing it to public deep-packet-inspection tools, in order to get a detailed understanding of the internals. The third part will look at jamming the system, both the specific fingerprints in the disclosed source code, but also other fingerprints that might exist. The unexpected ways that the source may indirectly run afoul of FISA regulations will also be investigated. Questions from the audience are encouraged.