We have known for some time now that NSA exploits social networks for surveillance purposes. What kinds of information can be obtained from Online Social Networks (OCNs)? LOTS. Communications, photographs, videos, location and travel information, day to day activities… basically everything about everyone.
An example query screen used to exploit a user’s facebook information
Exploiting Facebook traffic via passive environment to obtain information
Is your Facebook locked down? Doesn’t matter. GCHQ & NSA collect your information anyway by exploiting“inherent weaknesses in Facebook’s security model.” The new slides cite Facebook as “a very rich source of information on targets” as it provides insight into personal details, life patterns and connections to associates. NSA slides demonstrate that online social networks (OSNs) are fully exploited for purposes of spying on everyone.
Facebook is a huge network so it requires a CDN or a Content Delivery Network to deliver content faster. Your Facebook photos and videos are not hosted on Facebook servers, they are uploaded to Akamai (pronounced ACME) servers around the world. Without a CDN all Facebook content would reside only on one server so users who are far away from that server would take awhile to access and load content.
Notice in the slide above, all Facebook images are uploaded to Akamai servers via HTTP. HTTP or “HyperText Transfer Protocol” is the communications protocol used to connect web servers on the internet. HTTP provides a standard for Web browsers and servers to communicate.
Why is the NSA interested in HTTP? Quite simply, everyone uses it for just about everything. Every average user’s most common internet activity is done via HTTP. Facebook, twitter, email, surfing the internet, etc. Virtually all web browsing uses HTTP. The question is…
Why is the NSA interested in the average internet user?
By exploiting HTTP it gives NSA the ability to actively monitor or intercept data by using a “Man in the Middle” approach.
Mark Zuckerberg penned a letter in March 2014, confused and frustrated by the Snowden revelations. He even called President Obama to express his frustration over the damage the government is doing. Maybe another phone call is in order Mark?
