The National Security Agency has gained access to Google and Yahoo’s cloud networks and downloaded massive amounts of data including from Americans, according to the latest revelation on leaks from Edward Snowden, this time in the Washington Post.
The project involved, known as MUSCULAR, is operated jointly with the British intelligence agency known as GCHQ, and engages in copying data from an undisclosed interception point outside of the United States from fiber-optic cables that carry information between the companies’ data centers.
Circumventing a court-approved process that allows intelligence agencies to make requests directly from companies, the NSA inhales data as it moves between data centers around the world. Data is shuttled around this as part of regular backup processes at the companies, and to enable you to quickly access your data from anywhere in the world. Google and Yahoo run their own private networks, often passing data between countries and making it vulnerable to NSA taps.
Some of this was already implied to have been happening, given that Google said early last month that it was working to encrypt the torrents of information that flow among its data centers (see “Circumventing Encryption Free’s NSA’s Hands Online”). According to the report, none of Yahoo’s inter-server traffic is encrypted, and not all of Google’s is, though the companies are working to change that.
The scale of the NSA data-grab is staggering. The Post reported that “according to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.”
Those kinds of numbers dwarf what the companies themselves have been saying they are compelled to hand over. For instance, last week Yahoo issued an earnest “government transparency report,” in which it said it had received 12,444 requests for data from the U.S. government this year, covering the accounts of 40,322 users.
Although Google already encrypts much of the data sent between you and its servers, weaknesses exist in between its own data centers. And that compromises user information including e-mails, search queries, videos and Web browsing history (see “Bruce Schneier: NSA Spying is Making Us Less Safe.”)
The gene-edited pig heart given to a dying patient was infected with a pig virus
The first transplant of a genetically-modified pig heart into a human may have ended prematurely because of a well-known—and avoidable—risk.
Meta has built a massive new language AI—and it’s giving it away for free
Facebook’s parent company is inviting researchers to pore over and pick apart the flaws in its version of GPT-3
Saudi Arabia plans to spend $1 billion a year discovering treatments to slow aging
The oil kingdom fears that its population is aging at an accelerated rate and hopes to test drugs to reverse the problem. First up might be the diabetes drug metformin.
The dark secret behind those cute AI-generated animal images
Google Brain has revealed its own image-making AI, called Imagen. But don't expect to see anything that isn't wholesome.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.