43 EYES Echelon Matrix Bots TOP-SECRET DATA Overload

1. ECHELON is also retroactively known as First Echelon. Second Echelon came about after the Cold War and was focused entirely on the high tech communications that evolved afterward. Because of the vast influx of information plus the exponential speed at which tech and encryption advanced, Second Echelon experienced its first system wide crash
2.  
3. Echelon has been used as the name of a worldwide COMINT computer network used by the NSA and also long ago developed its own wide-area network (WAN), much like the public Internet today, only this network is completely inaccessible to public traffic. It uses a particular station’s Dictionary computer contains not only its parent agency’s chosen keywords, but also has lists entered in for other agencies.
4.  
5. It simply sifts through 99.9999 percent of the communication taking place in the world at any given time so as to winnow out the 0.0001 percent that warrants its attention. The stations are run and operated mostly by US INSCOM but also by the partners of the UKUSA Agreement
6.  
7. The ECHELON system is not designed to eavesdrop on a particular individual’s e-mail or fax link. Rather, the system works by indiscriminately intercepting very large quantities of communications and using computers to identify and extract messages of interest from the mass of unwanted ones. A chain of secret interception facilities has been established around the world to tap into all the major components of the international telecommunications networks. The rare intelligence victories over these forces of darkness and death give wholesale justification to indiscriminate surveillance of the entire world and every member of it. But more complicated issues than that remain.
8.  
9. Each of Dictionary computers has a codename to distinguish it from others in the network. The Yakima station, for instance, located in desert country between the Saddle Mountains and Rattlesnake Hills, has the COWBOY Dictionary, while the Waihopai station has the FLINTLOCK Dictionary. These codenames are recorded at the beginning of every intercepted message, before it is transmitted around the ECHELON network, allowing analysts to recognize at which station the interception occurred. UKUSA “embassy collection” operations, where sophisticated receivers and processors are secretly transported to their countries’ overseas embassies in diplomatic bags and used to monitor various communications in foreign capitals.
10.  
11. The Dictionary computers are connected via highly encrypted UKUSA communications that link back to computer data bases in the five agency headquarters. This is where all the intercepted messages selected by the Dictionaries end up. Each morning the specially “indoctrinated” signals intelligence analysts in Washington, Ottawa, Cheltenham, Canberra, and Wellington log on at their computer terminals and enter the Dictionary system. After keying in their security passwords, they reach a directory that lists the different categories of intercept available in the data bases, each with a four-digit code. For instance, 1911 might be Japanese diplomatic cables from Latin America (handled by the Canadian CSE), 3848 might be political communications from and about Nigeria, and 8182 might be any messages about distribution of encryption technology.
12.  
13. They select their subject category, get a “search result” showing how many messages have been caught in the ECHELON net on that subject, and then the day’s work begins. Analysts scroll through screen after screen of intercepted faxes, e-mail messages, etc. and, whenever a message appears worth reporting on, they select it from the rest to work on. If it is not in English, it is translated and then written into the standard format of intelligence reports produced anywhere within the UKUSA network either in entirety as a “report,” or as a summary or “gist.” The agency then works out about 10 to 50 keywords for selection in each category. The keywords include such things as names of people, ships, organizations, country names, and subject names. They also include the known telex and fax numbers and Internet addresses of any individuals, businesses, organizations, and government offices that are targets. These are generally written as part of the message text and so are easily recognized by the Dictionary computers.
14.  
15. THE SECRETS ARE hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.
16.  
17. US has three classifications levels. From the highest to the lowest level these are:
18.  
19. - TOP SECRET (TS, color code: Orange)
20. - SECRET (S, color code: Red)
21. - CONFIDENTIAL (C, color code: Blue)
22.  
23. Government documents that do not have a classification can be marked as:
24. - UNCLASSIFIED (U, color code: Green)
25.  
26. SCI control systems and there compartments are species of Controlled Access Programs (CAPs), which also include Non-SCI CAPs, like for example at the Secret level.
27.  
28. Known and supposed SCI control systems from past and present are:
29.  
30.  
31. Cover sheet for Top Secret Special Intelligence and TALENT KEYHOLE information
32. - COMINT or Special Intelligence (SI)
33. - UMBRA (TSC?)
34. - ENDSEAL (EL)
35. - TALENT KEYHOLE (TK)
36. - HUMINT Control System (HCS)
37. - KLONDIKE (KDK, since 2011)
38. - RESERVE (RSV, since 2005)
39. - BYEMAN (BYE or B, defunct since 2005)
40. - Special Navy Control Program (SNCP)
41. - VERDANT (VER, defunct)
42. - PANGRAM (PM, defunct)
43. - MEDITATE (M, defunct)
44. - SPECTRE
45. - LOMA
46. - KLAMATH (KLM)
47. - CREDIBLE WOLF (CW)
48. - FOCAL POINT (FP)
49. - AZURE BLUE (AB)
50. - EARPOP
51. - ? (GG)
52. - ? (CRU)
53. - ? (OC)
54. - STELLARWIND (STLW, 2001-2009)
55.  
56. In a classification line this is shown like: TOP SECRET//SI
57.  
58. Multiple control systems are shown like: TOP SECRET//SI/TK
59.  
60. COMINT / Special Intelligence (SI)
61. This control system is for communications intercepts or Signals Intelligence and contains various sub-control systems and compartments, which are identified by an abbreviation or a codeword. In a classification line they follow COMINT or SI, connected by a hyphen.
62.  
63. Known COMINT/SI sub-control systems are:
64. - Very Restricted Knowledge (VRK, defunct)
65. - Exceptionally Controlled Information (ECI)
66. - GAMMA (G)
67. - DELTA (D, defunct)
68. - [undisclosed]
69.  
70. In a classification line this is shown like: TOP SECRET//SI-G
71.  
72. Multiple COMINT compartments shown like: TOP SECRET//SI-VRK-G
73.  
74. Very Restricted Knowledge (VRK)
75. This sub-control system was established in 1974 to limit access to uniquely sensitive COMINT activities and programs (no product or content). It contains compartments or categories which have an identifier of one to three alpha numeric characters.* VRK was succeeded by ECI shortly before 2004.*
76.  
77. Example: TOP SECRET//SI-VRK 11A
78.  
79. Exceptionally Controlled Information (ECI)
80. This sub-control system protects highly sensitive information and sources and contains compartments, which are identified by a classified codeword. In the classification line there's a three-letter abbreviation of this codeword. ECI succeeded VRK around 2004.*
81.  
82. Recently disclosed codewords for ECI compartments include:
83. - AMBULANT (AMB), APERIODIC, AUNTIE, ESCAPEE? (ESC), PAINTEDEAGLE, PAWLEYS, PENDLETON, PIEDMONT, PICARESQUE (PIQ), PITCHFORD, RAGTIME (RGT), REDHARVEST (RDV), WHIPGENIE (WPG).
84. Lists of ECI compartments from 2003 and 2013.
85.  
86. Example: TOP SECRET//SI-ECI PIQ
87.  
88. Multiple compartments: TOP SECRET//SI-ECI PIQ-ECI AMB
89.  
90. Since 2011, SCI type indicators used to group compartments, like ECI, may not be used anymore in classification lines and portion markings. For example, information formerly marked TS//SI-ECI ABC must now be marked TS//SI-ABC.
91.  
92. GAMMA (G)
93. This sub-control system of SI is for highly sensitive communication intercepts (product or content)* and may contain compartments, which are identified by a codeword or an identifier of four alphabetic characters.
94.  
95. Some former GAMMA compartments were:
96. - GABE, GANT, GART, GILT, GOAT, GOUT, GROL, GUPY, GYRO
97.  
98. Example: TOP SECRET//SI-G GUPY
99.  
100. Multiple compartments: TOP SECRET//SI-G GUPY GYRO
101.  
102. [undisclosed]
103. Classification manuals say there are undisclosed SI compartments which have identifiers of three alphabetical characters. Some documents from such a compartment were declassified in early May 2014. It seems that this compartment is for protecting information related to metadata collection, but is different from STELLARWIND.* It probably contains sub-compartments which are identified by three numeric characters.*
104.  
105. For example: TOP SECRET//SI-XXX 888
106.  
107. ? (GG)
108. This control system is for information derived from Measurement and Signature Intelligence (MASINT) and is identified by a codeword that is still classified. It's only known by the abbreviation.*
109.  
110. ? (CRU)
111. This control system is identified by a codeword that is still classified and is only known by the abbreviation which was accidentally revealed in 2009.* It's related to highly secret CIA programs.
112.  
113.  
114. ECHELON is exploited many times by the NSA, as it used the signal intelligence to intercept industrial data. The industrial and commercial espionage raised controversies in the past, when CIA spied on Nissan and Toyota to boost the America’s automobile industry. Industrial espionage also gained two contracts for the US companies like McDonnell Douglas and Raytheon, where the NSA acted as a whistleblower after intercepting the communications of Airbus and Thomson-Alcatel and revealing their briberies to attain the contracts.
115.  
116.  
117. Microsoft has been accused more than enough for developing spyware and granting government agencies, the access to their Outlook data by bypassing their encryptions. There are notable mentions that Microsoft partnered with FBI to use the intercepted data to analyze the problems with their alias emails. Though Microsoft has been blamed a little regarding ECHELON, the company’s involvement in the PRISM program is more quantifiable when Skype interceptions and the potential Windows 8 backdoor exploit with Trusted Computing are taken into account. Besides Microsoft, other software companies like Google, Facebook, and Apple have nothing to disclose than a flattering statement about their respect to their customer’s privacy.
118.  
119. A quick analysis of the surveillance scheme of the PRISM program could also list out the primary sources of the surveillance is from computer network exploitation performed by teams of elite hackers by the NSA. An anonymous disclosure explains a lot about these exploits as the infected systems worldwide flooded the NSA with about 2000TB of data per hour.
120.  
121. NSA’s Quantum Computer
122. It is still transparent that the global surveillance had its origins from the Cold War period or even back from the World War II era and no wonder if ECHELON could have evolved into PRISM and the rest of the programs. NSA has just got its quantum computer (!) D-Wave, and fueled the privacy issue to a larger scale as they could be now capable of decrypting all the public-keys.
123.  
124. The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.
125.  
126. Demultiplexer
127. The process used to split captured signals back into individual data streams. It is sometimes referred to as a "demux" tool. One alleged NSA leak makes reference to developing "custom demultiplexers" so the agency could make use of data sourced from Yahoo. It said these used a proprietary data format called Narchive to transfer packages containing entire email accounts between Yahoo's servers.
128.  
129. QuantumInsert
130. A "man-in-the-middle" technique used to redirect a target's computer to a fake website where it can be infected with malware. The NSA and GCHQ are said to do this by placing undisclosed computer servers at privileged positions along the fibre-optic cables that form the internet's backbone. These servers provide the agencies with the ability to reply to a web page request more quickly than the computers used by the site the user is trying to visit. The agencies are alleged to do this in order to route the user to a spoof site. This looks identical to the real one but exists solely to install spyware using the NSA's FoxAcid tool. According to a report by Der Spiegel, the QuantumInsert system was used by GCHQ to infiltrate Brussels-based telecoms operator Belgacom's systems by using fake pages for the LinkedIn social network and the tech news site Slashdot - two sites commonly visited by several of the firm's maintenance and security staff.
131.  
132. Quantum Servers
133. NSA uses these super fast Quantum servers to execute a packet injection attack, which surreptitiously redirects the target to the FoxAcid server. An article in the German magazine Spiegel, based on additional top secret Snowden documents, mentions an NSA developed attack technology with the name of QuantumInsert that performs redirection attacks. Another top-secret Tor presentation provided by Snowden mentions QuantumCookie to force cookies onto target browsers, and another Quantum program to "degrade/deny/disrupt Tor access".
134.  
135. This same technique is used by the Chinese government to block its citizens from reading censored internet content, and has been hypothesized as a probable NSA attack technique. The Five-Eyes are the five Anglo-Saxon countries have constructed an important technological component of a totalitarian system. IBM became an international business solutions company by ensuring its ‘deliverables’ for the Nazi nightmare were logistically efficient. Fascism goes global as pinstriped executives collaborate with the NSA.
136.  
137. Interceptions Capabilities 2000 also provides an account of previously unknown secret international organization led by the FBI. The Secret Organization called ILETS (International Law Enforcement Telecommunications Seminar working on building wiretap capabilities into all forms of modern communications including satellite. The National Security Agency was formed after World War II so that the United States is never surprised again with another Pearl Harbor-type attack.
138.  
139. Despite what the NSA still claims, Japanese diplomatic messages did contain military information and the Japanese fleet did not travel under radio silence, because they did not know their communications had been decrypted. Evidence presented by independent 9/11 investigators show US-Saudi-Pakistani state-corporate actors most likely orchestrated 9/11 as well. The major media have barely begun to scratch the surface of the ‘deep state’ recently. This is in spite of the fact that much credible evidence has been presented to them.
140.  
141. Operation Gladio was one component of a globally-linked ‘deep state’ criminal web. Prior to the highly public exposure of Operation Gladio in 1990, and numerous state investigations, the US-NATO Alliance added a new modus operandi by funding, training and resourcing groups in jurisdictions not under their control, to create what appear to be grassroots uprisings in order to topple ‘insubordinate’ governments. Such ‘uprisings’ as the Arab Spring have been called ‘color revolutions’ because a color is chosen for flags, banners and clothing to manipulate perceptions and emotions by manufacturing the image of widespread solidarity, as Thierry Meyssan has identified. This style of coup is made to appear as though it started in the ‘streets’ through a popular uprising to rid an oppressed people of an autocratic leader or government. The US Congress gives AID funds through ‘democracy building’ programs. The Western mainstream media can be counted on to report a Bubble Gum TV News version of events that fails to challenge these US-NATO clandestine operations. The events themselves and their distorted reconstructions in the Bubble Gum News are written by black satirists with a taste for the fascist aesthetic of violence.
142.  
143.  
144. The invisible intrusiveness of Echelon spy software such as X-KEYSCORE belie the psychopathic trait of lacking respect for others’ personal space. Fives Eyes’ data mining creates new world maps for economic, political and military conquest in the Global Matrix. Inexpensive, high-powered PCs with powerful algorithms for encrypting speech and computer communication and the Internet have also helped level the playing field for terrorists. Echelon has other shortcomings as well. Echelon satellites are unable to penetrate fiber-optic communication cables, which must be directly tapped. Furthermore, the increasing availability of 128-bit and higher encryption algorithms have slowed considerably the speed at which Echelon's supercomputers can "crack" encrypted messages. RSA Security is so certain of its 2,048-bit algorithm's key security that it is offering a $200,000 prize to anyone who cracks it.
145.  
146. In January 2000 a computer glitch blinded the NSA's satellites for three days, while later in July a National Reconnaissance Office Series 3100 "Lacrosse" radar-imaging satellite shut down for 12 hours. Novelist George Orwell warned of the dangers of propaganda, surveillance and terrorism in his dystopian world, Nineteen Eighty-four. Most people lack the skills necessary to process ‘the news’ safely. Major media outlets practice unofficial censorship to protect powerful state and corporate actors. Bilderberg meetings often feature future political leaders shortly before they become household names. Bill Clinton went in 1991 while still governor of Arkansas, Tony Blair was there two years later while still an opposition MP.
147.  
148. The reality of the NSA's mission is that it is swamped by a typhoon of electronic data, with too few specialists to wade through the chaff in "real time." Western governments are throwing money at the problem for more computers and more software, a technological "quick fix" that in time may come back to haunt them. David Rockefeller’s legacy shows capitalism’s centralized planning is more ruthless, inefficient and plundering than communism. The secret meetings of the Bilderbergers have been deliberately suppressed by major media outlets. 63,000 rich and super-rich people possess $39 trillion in wealth, while 800 million starve.
149.  
150.  
151. Markings used by multiple agencies:
152. - FOR OFFICIAL USE ONLY (FOUO)
153. - SENSITIVE INFORMATION (SINFO, defunct since 2002)
154. - LAW ENFORCEMENT SENSITIVE (LES)
155.  
156.  
157. Intelligence community markings:
158. - WARNING NOTICE - INTELLIGENCE (WNINTEL; eliminated in 1987)
159. - NOCONTRACT (eliminated in 1987)
160. - ORIGINATOR CONTROLLED (ORCON) (OC)
161. - ORIGINATOR CONTROLLED-USGOV (ORCON-USGOV, since 2013)
162. - CONTROLLED IMAGERY (IMCON) (IMC)
163. - SOURCES AND METHODS INFORMATION (SAMI, defunct since 2009)
164. - NO FOREIGN NATIONALS (NOFORN) (NF)
165. - PROPRIETARY INFORMATION (PROPIN) (PR)
166. - AUTHORIZED FOR RELEASE TO (REL TO) [country trigraph or coalition tetragraph]
167. - Releasable by Information Disclosure Official (RELIDO)
168. - Foreign Intelligence Surveillance Act (FISA)
169. - DISPLAY ONLY [country trigraph or coalition tetragraph]
170.  
171.  
172. National Security Agency (NSA) markings:
173. - [country trigraph] EYES ONLY
174. NSA also used SIGINT Exchange Designators, which were gradually replaced by the 'REL TO [...]' marking. Some former SIGINT Exchange Designators were:
175. - FRONTO
176. - KEYRUT
177. - SEABOOT
178. - SETTEE
179.  
180. National Geospatial intelligence Agency (NGA) markings:
181. - LIMITED DISTRIBUTION (LIMDIS) (DS)
182. - RISK SENSITIVE (RSEN)
183.  
184.  
185. Department of Defense (DoD) markings:
186. - NC2-ESI
187. - SPECIAL CATEGORY (SPECAT, defunct since 2010)
188.  
189.  
190. Department of Homeland Security (DHS) markings:
191. - SENSITIVE SECURITY INFORMATION (SSI)
192.  
193.  
194. State Department (DoS) markings:
195. - EXCLUSIVE DISTRIBUTION (EXDIS) (XD)
196. - NO DISTRIBUTION (NODIS) (ND)
197. - SENSITIVE BUT UNCLASSIFIED (SBU)
198. - SBU NOFORN
199.  
200.  
201. Drug Enforcement Administration (DEA) markings:
202. - DEA SENSITIVE (DSEN)
203.  
204.  
205. Nuclear weapons related markings:
206. - RESTRICTED DATA (RD)
207. - FORMERLY RESTRICTED DATA (FRD)
208. - DOD UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (DCNI)
209. - DOE UNCLASSIFIED CONTROLLED NUCLEAR INFORMATION (UCNI)
210. - TRANSCLASSIFIED FOREIGN NUCLEAR INFORMATION (TFNI)
211.  
212. In a classification line this is shown like: SECRET//SI//ORCON
213.  
214. Multiple markings are shown like: SECRET//SI//ORCON/NOFORN
215.  
216.  
217. Nuclear weapons related markings
218. The markings Restricted Data (RD) and Former Restricted Data (FRD) are used by the Department of Defense and the Department of Energy for information about design and operation of nuclear warheads. Both can have the following two additional sub-markings:
219.  
220. - CRITICAL NUCLEAR WEAPON DESIGN INFORMATION (CNWDI)
221. - SIGMA (SG, followed by a number between 1 and 20)
222.  
223. In a classification line this is shown like: SECRET//RD-CNWDI
224.  
225. Multiple SIGMA markings are shown like: SECRET//RD-SIGMA 2 4
226.  
227.  
228. Internal markings
229. Some intelligence agencies also use internal markings, indicating that information may not be released or shown to anyone outside that particular agency without proper permission. Internal markings are shown after the dissemination markings at the very end of a classification line.
230.  
231.  
232. Central Intelligence Agency (CIA) internal markings:*
233. - CIA INTERNAL USE ONLY
234. - Administrative Internal Use Only (AIUO)
235.  
236.  
237. Federal Bureau of Investigation (FBI) internal markings:
238. - SENSITIVE
239. - JUNE (protecting the FBI's most sensitive soources, now defunct)*
240. - [undisclosed] *
241.  
242.  
243. National Security Agency (NSA) internal markings:
244. These markings are used to identify a COI or CoI, which stands for Community Of Interest. It seems that this term has recently been replaced by Secure Community of Interest (SCoI). Recently disclosed COI identifiers are:
245. - BULLRUN
246. - ENDUE
247. - NOCON
248.  
249. In a classification line this is shown like: TOP SECRET//SI//NOFORN/BULLRUN
250. Coalition designators-The designators or tetragraphs which are used in the dissemination marking "AUTHORIZED FOR RELEASE TO (REL TO)" are listed here.
251.  
252. - ABCA: American, British, Canadian, Australian (and New Zealand Armies’ Program)
253. - ACGU: Australia, Canada, Great Britain, United States (Four Eyes)
254. - AFSC: Afghanistan SIGINT Coalition
255. - BWCS: Biological Weapons Convention States
256. - CFCK: Combined Forces Command, Korea
257. - CMFC: Combined Maritime Forces Central
258. - CMFP: Cooperative Maritime Forces Pacific
259. - CPMT: Civilian Protection Monitoring Team (for Sudan)
260. - CWCS: Chemical Weapons Convention States
261. - ECTF: European Counter-Terrorism Forces
262. - EFOR: European Union Stabilization Forces in Bosnia
263. - FVEY: Five Eyes (Australia, Canada, New Zealand, UK, US)
264. - GCTF: Global Counter-Terrorism Forces
265. - GMIF: Global Maritime Interception Forces
266. - IESC: International Events Security Coalition
267. - ISAF: International Security Assistance Forces (for Afghanistan)
268. - KFOR: Stabilization Forces in Kosovo
269. - MCFI: Multinational Coalition Forces – Iraq
270. - MIFH: Multinational Interim Force Haiti
271. - NACT: North African Counter-Terrorism Forces
272. - NATO: North Atlantic Treaty Organization
273. - OSAG: Olympic Security Advisory Group
274. - UNCK: United Nations Command, Korea
275.  
276.  
277. GC-Wiki, which mention the following telecommunications providers (meanwhile some have merged) and their codenames.
278. - Verizon Business (DACRON)
279. - British Telecom (REMEDY)
280. - Vodafone Cable (GERONTIC)
281. - Global Crossing (PINNAGE)
282. - Level 3 (LITTLE)
283. - Viatel (VITREOUS)
284. - Interoute (STREETCAR)
285.  
286. Here's a short summary of all three different PRISM programs:
287. 1. PRISM
288. This is a codeword for an NSA project of collecting information about foreign targets from data of nine major US internet companies. This program started in 2007 and was unveiled by Edward Snowden in June 2013.
289.  
290. 2. Planning tool for Resource Integration, Synchronization and Management (PRISM)
291. This is a web tool used by US military intelligence to send tasking instructions to data collection platforms deployed to military operations. This program is not very secret and was first mentioned in 2002.
292.  
293. 3. Portal for Real-time Information Sharing and Management (PRISM)
294. This is an internal NSA program for real-time sharing of information, apparently in the NSA's Information Assurance Directorate. Its existance was revealed by the NSA in July 2013.
295.  
296.  
297. ADVISE (Analysis, Dissemination, Visualization, Insight, and Semantic Enhancement) is a research and development program within the United States Department of Homeland Security (DHS) Threat and Vulnerability Testing and Assessment (TVTA) portfolio. It is reported to be developing a massive data mining system, which would collect and analyze data on everyone in the United States and perform a "threat analysis" of them. The data can be everything from financial records, phone records, emails, blog entries, website searches, and any other electronic information that can be put into a computer system. The information is then analyzed, and used to monitor social threats such as community-forming, terrorism, political organizing, or crime. ADVISE will possess the ability to store one quadrillion data entities. The exact scope and degree of completion of the program is unclear. ADVISE is in the 2004-2006 Federal DHS Budget as a component of the $47 million TVTA program. The program was officially scrapped in September 2007 after the agency's internal Inspector General found that pilot testing of the system had been performed using data on real people without required privacy safeguards in place.
298.  
299. Onyx (interception system)
300. Onyx is a Swiss intelligence gathering system maintained by the Federal Intelligence Service - Nachrichtendienst des Bundes (NDB). The costs of the system are not public, but the amount of 100 million Swiss francs has been mentioned several times,[1] in particular in 2000 by Werner Marti, SP deputy to the National Council of Switzerland. In March 2005, journalist Urs Paul Engeler estimated that the costs (hidden in various military construction budgets) reached 400 million CHF.[2] The Onyx system was launched in 2000, originally under the name SATOS-3 (the SATOS 1 and 2 systems were started in 1992, in particular to intercept faxes), and was completed in late 2005.
301.  
302. Frenchelon is the nickname given to French signal intelligence system in reference to its Anglo-American counterpart ECHELON.
303.  
304. Operation Ivy Bells was a joint United States Navy, CIA, and National Security Agency (NSA) mission whose objective was to place wire taps on Soviet underwater communication lines during the Cold War.
305.  
306.  
307. The 14-Eyes
308. The SIGINT Seniors Europe comprise 14 countries, and when we look at their names, we see that they are identical to the nations of which The Guardian in November said they form a group called 14-Eyes. As this latter group was also never heard of, we looked for some possible explanations in an article on this weblog last month. But by then we didn't know exactly and for sure which countries were 3rd Party partners, so it was hard to get things clarified.
309.  
310. Now that we know that all nine European countries, including Sweden, Denmark and The Netherlands, have 3rd Party status, it's clear that our option "A" came closest: 14-Eyes stands for a number of 3rd Party countries who have something in common - likely having a 'SIGINT Senior' officer as single point of contact for NSA and the Five Eyes. As explained in our earlier article, an 'Eyes' designation is most often used as a handling instruction for restricting dissemination of sensitive information among a certain group of countries. In this case, 14-Eyes apparently serves as dissemination marking for information authorized for release to the 14 members of the SIGINT Seniors Europe group.
311.  
312.  
313. Data Warehouse
314. In computing, a data warehouse (DW or DWH), also known as an enterprise data warehouse (EDW), is a system used for reporting and data analysis, and is considered a core component of business intelligence. DWs are central repositories of integrated data from one or more disparate sources. They store current and historical data and are used for creating analytical reports for knowledge workers throughout the enterprise. Examples of reports could range from annual and quarterly comparisons and trends to detailed daily sales analysis. The data stored in the warehouse is uploaded from the operational systems (such as marketing or sales). The data may pass through an operational data store for additional operations before it is used in the DW for reporting.
315.  
316.  
317. Data mart
318. A data mart is a simple form of a data warehouse that is focused on a single subject (or functional area), hence they draw data from a limited number of sources such as sales, finance or marketing. Data marts are often built and controlled by a single department within an organization. The sources could be internal operational systems, a central data warehouse, or external data. Denormalization is the norm for data modeling techniques in this system. Given that data marts generally cover only a subset of the data contained in a data warehouse, they are often easier and faster to implement. # types of data mart's: Dependent, Independent and Hybrid
319.  
320. Online analytical processing (OLAP)
321. OLAP is characterized by a relatively low volume of transactions. Queries are often very complex and involve aggregations. For OLAP systems, response time is an effectiveness measure. OLAP applications are widely used by Data Mining techniques. OLAP databases store aggregated, historical data in multi-dimensional schemas (usually star schemas). OLAP systems typically have data latency of a few hours, as opposed to data marts, where latency is expected to be closer to one day. The OLAP approach is used to analyze multidimensional data from multiple sources and perspectives. The three basic operations in OLAP are : Roll-up (Consolidation), Drill-down and Slicing & Dicing.
322.  
323. Online transaction processing (OLTP)
324. OLTP is characterized by a large number of short on-line transactions (INSERT, UPDATE, DELETE). OLTP systems emphasize very fast query processing and maintaining data integrity in multi-access environments. For OLTP systems, effectiveness is measured by the number of transactions per second. OLTP databases contain detailed and current data. The schema used to store transactional databases is the entity model (usually 3NF). Normalization is the norm for data modeling techniques in this system.
325.  
326. Predictive analysis is about finding and quantifying hidden patterns in the data using complex mathematical models that can be used to predict future outcomes. Predictive analysis is different from OLAP in that OLAP focuses on historical data analysis and is reactive in nature, while predictive analysis focuses on the future. These systems are also used for CRM (customer relationship management).
327.  
328. TALON (Threat and Local Observation Notice), was a database maintained by the United States Air Force after the September 11th terrorist attacks. It was authorized for creation in 2002 by Deputy Defense Secretary Paul D. Wolfowitz, in order to collect and evaluate information about possible threats to U.S. servicemembers and civilian workers in the US and at overseas military installations. The database included lists of anti-war groups and people who have attended anti-war rallies. TALON reports are collected by various US Defense Department agencies including law enforcement, intelligence, counterintelligence and security, and were analyzed by a Pentagon agency, the Counterintelligence Field Activity. CIFA had existed since 2004, and its size and budget are secret.
329.  
330. On August 21, 2007, the US Defense Department announced that it would shut down the database, as the database had been criticized for gathering information on peace activists and other political activists who posed no credible threat, but who had been one topic of this database due to their political views.[4] The department is working on a new system which would replace TALON, but for the time being, information on force protection threats will be handled by the FBI’s Guardian reporting system.
331.  
332.  
333. Project 6, or simply P6, is a global surveillance project jointly operated by U.S. Central Intelligence Agency (CIA) in close cooperation with the German intelligence agencies Bundesnachrichtendienst (BND) and Bundesamt für Verfassungsschutz (BfV).[1] As part of efforts to combat Terrorism, the project includes a massive database containing personal information such as photos, license plate numbers, Internet search histories and telephone metadata of presumed jihadists. The headquarters of the project is located in Neuss, Germany.
334.  
335. STATEROOM is the code name of a highly secretive signals intelligence collection program involving the interception of international radio, telecommunications and internet traffic. It is operated out of the diplomatic missions of the signatories to the UKUSA Agreement and the members of the ECHELON network including Australia, New Zealand, Britain, Canada and the United States.
336.  
337. In almost a hundred U.S. embassies and consulates worldwide, Stateroom operations are conducted by the Special Collection Service (SCS), a unit that is jointly operated by the Central Intelligence Agency (CIA) and the National Security Agency (NSA). According to documents leaked by Edward Snowden, the true mission of Stateroom personnel is generally not revealed to the rest of the diplomatic staff at the facilities where they are assigned. These sites are small in size and in number of personnel staffing them. They are covert, and their true mission is not known by the majority of the diplomatic staff at the facility where they are assigned."
338.  
339. — Excerpt from the NSA's STATEROOM Guide';
340.  
341. Contrary to the claims made on Jam Echelon Day, U.S. defense officials said, the NSA has neither the computer power nor the huge number of linguists and analysts necessary to snatch every e-mail, fax and telephone conversation around the world.
342.  
343. "This argument that NSA is out there sucking in all your e-mails into its basement and reading everything -- that's just crazy," said one official.
344.  
345. Specifically, they suggest the following keywords:
346.  
347. FBI CIA NSA IRS ATF BATF DOD WACO RUBY RIDGE OKC OKLAHOMA CITY MILITIA GUN HANDGUN MILGOV ASSAULT RIFLE TERRORISM BOMB DRUG HORIUCHI KORESH DAVIDIAN KAHL POSSE COMITATUS RANDY WEAVER VICKIE WEAVER SPECIAL FORCES LINDA THOMPSON SPECIAL OPERATIONS GROUP SOG SOF DELTA FORCE CONSTITUTION BILL OF RIGHTS WHITEWATER POM PARK ON METER ARKANSIDE IRAN CONTRAS OLIVER NORTH VINCE FOSTER PROMIS MOSSAD NASA MI5 ONI CID AK47 M16 C4 MALCOLM X REVOLUTION CHEROKEE HILLARY BILL CLINTON GORE GEORGE BUSH WACKENHUT TERRORIST TASK FORCE 160 SPECIAL OPS 12TH GROUP 5TH GROUP SF
348.  
349.  
350. Echelon showed years ago that all espionage is economic espionage. Terrorists and communists or witches and satanists are nothing but side shows to the real game: Spying for a commercial advantage. European Parliament had a resolution on ECHELON on 05-SEP-2001. With Cell phone/cell tower takes, botnets, modular rootkits, “Full take” on all major fiber lines, BIOS/firmware Bootkits, SSL stripping, photocopying of all US mail and so on – today's spying is several magnitudes more powerful than ECHELON.
351.  
352. A black chamber in Utah called the Intelli­gence Com­munity Compre­hensive National Cyber­security Initiative Data Center, its storage capacity is estimated to exceed a yottabyte, the largest unit of data that computer scientists have. That’s around half a sextillion (500,­000,­000,­000,­000,­000,­000) pages of text, more than enough to store everything that’s ever been written, as well as every email and phone call to be made in the coming century.
353.  
354. Sometimes lists of their strangely evocative names appear anonymously online: COASTLINE, CROSSBONES, MESSIAH, NIGHTSURF. Another is called PANOPTICON. It had also been unlawfully provided with intercepts of Dotcom’s emails that originated in an FBI surveillance program called TESSA. In other words, the intelligence and law enforcement agencies of New Zealand broke their own laws to collude with a foreign power to spy on, arrest and attempt to extradite one of their own residents, using information from a program not dissimilar to PRISM.
355.  
356. Those who are not paying much attention (most people) will think that everything is all right because this (Echelon) has been going on for over half a century without any serious issues as they see it, and thus these people will sink even deeper into disbelief and scepticism towards anyone who is trying to raise awareness even when such is based on now publicly available documents. Mostly historical focus on Echelon detracts from the “big picture” reality and consequences of nearly total surveillance & manipulation targeting everyone and everything. There is a shortage of actual information and this should trouble everyone. In addition to that there is a desperate need for more detailed technical information for those who might actually be able to do something defensive.
357.  
358.  
359. Tracking BOTS
360. The NSA traced him after he visited a Web site at the Los Alamos National Laboratory and downloaded a file on “Condensed Matter Plutonium” (no longer available after Sept. 11). Using strings of self-contained computer code called “bots,” short for “robots,” the NSA tracked him back to his computer. The NSA is engaged in clandestine technology intelligence — ECHELON, Semantic Forests — there are other names that I am not allowed to tell you. Clandestine technology intelligence allows us to track dark networks; if you go to certain Web sites a bot will follow you. Bots empower human agents.”
361.  
362. The bots are strings of computer code that roam the Internet like fish in the sea, entering people's computers and performing automated tasks on their own. They are everywhere on the Web. The bots become a different animal. “[The NSA's] bots are like corporate-marketing and data-mining bots on steroids! NSA uses custom-designed bots to ferret out information on Web pages, Usenet, and open databases. These spybots are many times more powerful than common search engines, which skim the surface of the Web as they follow a series of hypertext links from one Web page to another. A South Dakota company designs bots for the government that access 500 times more data than normal searchbots. These are thousands of self-replicated copies a badbot, nesting inside hundreds of innocent computers, can send cascades of 1,000-page e-mail files to the server hosting the Web site of the front group for the suspect's terrorist organization, crashing it. On the other hand, a low-profile snitchbot can just sit quietly inside a font file and rat him out to the NSA every time he goes online.
363.  
364. NSA's biggest challenge appears to be buying or inventing programs capable of analyzing the billions of messages it captures every day. To that end, the NSA openly partners with and makes substantial investments in a wide range of technology companies, such as Northrop Grumman Corp. and Verizon Communications, that manufacture hardware and software capable of scouring the microwave spectrum and tapping into fiber-optic pipelines to look for targeted content.
365.  
366.  
367.  
368. FORNSAT (Foreign Satellite interception)
369. Finally, the orange dots on the map represent locations where there are stations for intercepting the signals of foreign communication satellites. The orange dots are the second biggest ones, so maybe this indicates that FORNSAT collection provides the second largest share of intelligence.
370.  
371. "12 + 40 Regional" FORNSAT stations, but on the map there are only 6 dots and the list in the upper right corner lists only 10 codenames. The six locations on the map can be identified as:
372. - INDRA - Khon Kuen (Thailand)
373. - ? - (Philippines)
374. - LADYLOVE - Misawa (Japan)
375. - TIMBERLINE - Sugar Grove (US)
376. - CARBOY - Bude, on the map combined with:
377. - MOONPENNY - Menwith Hill (Great Britain)
378. - ? - Skibsbylejren (Denmark)
379.  
380. Five FORNSAT stations have their codename listed, but are, for reasons unknown, not marked on the map:
381. - STELLAR - Geraldton (Australia)
382. - IRONSAND - Waihopai (New Zealand)
383. - JACKKNIFE - Yakima (US)
384. - SOUNDER - Ayios Nikolaos (Cyprus)
385. - SNICK - near Seeb (Oman)
386.  
387. Satellite intercept stations:
388. US Sites:
389. - TIMBERLINE, Sugar Grove (US)
390. - CORALINE, Sabena Seca (Puerto Rico)
391. - SCS, Brasilia (Brazil)
392. - MOONPENNY, Harrogate (Great Britain)
393. - GARLICK, Bad Aibling (Germany)
394. - LADYLOVE, Misawa (Japan)
395. - LEMONWOOD, Thailand
396. - SCS, New Delhi (India)
397. 2nd Party Sites:
398. - CARBOY, Bude (Great Britain)
399. - SOUNDER, Ayios Nikolaos (Cyprus)
400. - SNICK, near Seeb (Oman)
401. - SCAPEL, Nairobi (Kenya)
402. - STELLAR, Geraldton (Australia)
403. - SHOAL BAY, Darwin (Australia)
404. - IRONSAND, New Zealand
405. - CORALINE - Sabena Seca (Puerto Rico)
406. - GARLICK - Bad Aibling (Germany)
407. - SCAPEL - Nairobi (Kenya)
408. - SHOAL BAY - Darwin (Australia)
409. The station in Sabena Seca was closed down and the same has probably happened to the one in Nairobi.
410.  
411.  
412. The INDRA station
413. A final difference between the FORNSAT stations shown in the maps of 2002 and 2012 is the station in Thailand, which was codenamed LEMONWOOD in 2002. The location near the city of Khon Kaen was identified as being an intercept facility since 1979, but with a different codename: INDRA. This facility fell into disrepair in the 1990s and seems to have been closed somewhere before 2002. In the years following 9/11, the old station apparantly has been reactivated and expanded to an important satellite intercept mission, and appeared again under its old codename INDRA in the 2012 map. Why this place (or another one?) was called LEMONWOOD in 2002 remains a mystery
414.  
415. 9-Eyes could already be found in some other sources. One is an extensive article by the French weblog Zone d'Intérêt about the NATO exercise Empire Challenge 2008 (EC08), in which a number of operational and testing networks were used. One of them is the Combined Federated Battle Laboratories Network (CFBLNet), which is for research, development and testing on command, control, communication, computer, intelligence, surveillance and reconnaissance (C4ISR) systems.
416.  
417. The CFBL network consists of an unclassified (black) backbone network (the Blackbone) with transporting the encrypted traffic of several classified and unclassified enclaves as its main purpose. The main secure domains on the CFBL Blackbone are:
418. - The CFBLNet Unclassified Enclave (CUE), which is unclassified, but traffic is secured using 128 bit Advanced Encryption Standard (AES) encryption.
419.  
420. - The Four-Eyes Enclave (FEE), which is a classified enclave at the SECRET level, accessible for USA, GBR, CAN and AUS only. This enclave was moved from behind the BLUE enclave to the Blackbone in 2006.
421.  
422. - The 6-Eyes or BLUE Enclave, which is a classified enclave at the SECRET level, accessible for the Five Eyes plus NATO (see paragraph about 6, 8 and 10-Eyes)
423.  
424. - The 9-Eyes or NATO RED Enclave, which is also a classified enclave at the SECRET level, accessible for the NATO members of the Five Eyes plus France, Germany, Italy, Spain, The Netherlands and Norway. This enclave was established in 2006 for classified initiatives among NATO members.
425.  
426. - The Initiative Enclaves, which are created temporarily to support specific initiatives and are classified according to the initiative requirements.
427.  
428. The 9-Eyes countries are also listed in a table in a NATO standardization document (pdf) from 2010. There we see that from the 4-Eyes only the US, the UK and Canada are part of the 9-Eyes, which makes sense, as Australia is not a NATO partner.
429.  
430.  
431. CENTRIXS networks
432. The main US-led multinational coalition networks are called CENTRIXS, which stands for Combined ENTerprise Regional Information eXchange System. It's a secure wide area network (WAN) architecture, which can be established according to the demands of a particular coalition exercise or operation. CENTRIXS supports intelligence and operations information sharing at the SECRET REL TO [country/coalition designator] level. Some notable CENTRIXS networks are:
433.  
434. - CENTRIXS Four Eyes (CFE) for the US, Britain, Canada and Australia.
435. - CENTRIXS-NZ for the Four Eyes plus New Zealand.
436. - CENTRIXS-JPN for the United States and Japan.
437. - CENTRIXS-K for the United States and South-Korea.
438. - CENTRIXS-PHI for the United States and the Philippines.
439. - CENTRIXS-CNFC for the Combined Naval Forces CENTCOM (VPN within GCTF).
440. - CENTRIXS-MCFI for the Multinational Coalition Forces Iraq.
441. - CENTRIXS-ISAF (CX-I) which is the US component of the Afghan Mission Network to share critical battlefield information among 50 coalition partners.
442. - CENTRIXS-GCTF (CX-G) for the Global Counter Terrorism Forces, which is the US coalition network in Afghanistan to share information among more than 80 Troop Contributing Nations.
443.  
444. The countries connected to CENTRIXS-ISAF can be recognized as the 41-Eyes of the allied coalition in Afghanistan mentioned by The Guardian. This group grew slowly and was called 43-Eyes in 2010, when the NATO exercise Empire Challenge 2010 (EC10) changed its "main participating security domain" to "an International Security Assistance Forces (ISAF) equivalent 43-Eyes domain".
445.  
446. - 3-Eyes: USA, GBR, AUS (TEYE)
447. - 4-Eyes: USA, GBR, CAN, AUS (ACGU)
448. - 5-Eyes: USA, GBR, CAN, AUS, NZL (FVEY)
449. - 6-Eyes: USA, GBR, CAN, AUS, NZL, NATO
450. - 7-Eyes: USA, GBR, CAN, AUS, FRA, DEU, ITA (MIC?)
451. - 8-Eyes: USA, GBR, CAN, AUS, NZL, NATO, ?, South-Korea
452. - 9-Eyes: USA, GBR, CAN, FRA, DEU, ITA, NLD, NOR, ESP (CFBLNet)
453. - 9-Eyes: Five Eyes + FRA, DNK, NLD, NOR (Guardian)
454. - 10-Eyes: USA, GBR, CAN, AUS, NZL, NATO, Japan, South-Korea, Thailand, Singapore
455. - 14-Eyes: Five Eyes + FRA, DNK, NLD, NOR, DEU, ESP, ITA, BEL, SWE (SSEUR)
456. - 41-Eyes: ISAF-countries in ? (Guardian)
457. - 43-Eyes: ISAF-countries in 2010
458.  
459. Signal Profile
460. The Signal Profile section shows a pie chart which can show the following types of communication:
461.  
462. - PCS: Personal Communications Service (mobile phone networks)
463. - INMAR: INMARSAT (satellite communications network)
464. - MOIP: Mobile communications over IP
465. - VSAT: Very Small Aperture Terminal
466. - HPCP: High Power Cordless Phone
467. - PSTN: Public Switched Telephone Network
468. - DNI: Digital Network Intelligence (internet data)
469.  
470. About thirty miles northeast of CIA headquarters in Langley, Virginia, right off the Baltimore-Washington expressway overlooking the flat Maryland countryside, stands a large three story building known informally as the "cookie factory." It's officially known as Ft. George G. Meade, headquarters of the National Security Agency.
471.  
472. Three fences surround the headquarters. The inner and outer barriers are topped with barbed wire, the middle one is a five-strand electrified wire. Four gatehouses spanning the complex at regular intervals house specially-trained marine guards. Those allowed access all wear iridescent I.D. badges -- green for "top secret crypto," red for "secret crypto." Even the janitors are cleared for secret codeword material. Once inside, you enter the world's longest "corridor" -- 980 feet long by 560 feet wide. And all along the corridor are more marine guards, protecting the doors of key NSA offices. At 1,400,000 square feet, it is larger than CIA headquarters, 1,135,000 square feet. Only the State Department and the Pentagon, and the new headquarters planned for the FBI are more spacious. But the DIRNSA (Director, National Security Agency) can be further distinguished from the headquarters buildings of these three other giant bureaucracies -- it has no windows. Another palace of paranoia? No. For DIRNSA is the command center for the largest, most sensitive and far-flung intelligence gathering apparatus in the world's history. Here, and in the nine-story Operations Building Annex, upwards of 15,000 employees work to break the military, diplomatic and commercial codes of every nation in the world, analyze the de-crypted messages, and send the results to the rest of the U.S. intelligence community.
473.  
474.  
475.  
476. ECHELON Network of SIGINT Capabilities: PROJECT 415
477. CHALET 1978 - 1979 SIGINT VORTEX
478. VORTEX 1979 - SIGINT CHALET MERCURY
479. MERCURY 1987 SIGINT VORTEX
480. MOONPENNY satellite communications monitoring-SPRINKLER
481. SPRINKLER collection processing (CP) MOONPENNY
482. RUNWAY control network for VORTEX
483. SILKWORTH Ground Collection & Processing System @MENWITH HILL STATION
484. SIRE Processing system
485. RHYOLITE
486. STEEPLEBUSH since 1984
487. STEEPLEBUSH II since 1993
488. ARGUS
489. SIRE
490.  
491. US Sites:
492. - JACKKNIFE, Yakima (US)
493. - TIMBERLINE, Sugar Grove (US)
494. - CORALINE, Sabena Seca (Puerto Rico)
495. - SCS, Brasilia (Brazil)
496. - MOONPENNY, Harrogate (Great Britain)
497. - GARLICK, Bad Aibling (Germany)
498. - LADYLOVE, Misawa (Japan)
499. - LEMONWOOD, Thailand
500. - SCS, New Delhi (India)
501. 2nd Party Sites:
502. - CARBOY, Bude (Great Britain)
503. - SOUNDER, Ayios Nikolaos (Cyprus)
504. - SNICK, near Seeb (Oman)
505. - SCAPEL, Nairobi (Kenya)
506. - STELLAR, Geraldton (Australia)
507. - SHOAL BAY, Darwin (Australia)
508. - IRONSAND, Waihopai (New Zealand)
509.  
510. Most of these locations were part of the ECHELON satellite intercept program.
511. SA document describes FALLOUT as a "DNI ingest processor". All other data once again pass the SCISSORS system.
512. The collected data are stored in the following databases:
513. - MARINA: for internet metadata
514. - MAINWAY: for telephone and internet metadata contact chaining
515. - NUCLEON: for voice content
516. - PINWALE: contrary to what many other media say, this database is not only for video content, but also for "FAA partitions" and "DNI content". DNI stands for Digital Network Intelligence, which is intelligence derived from digital networks, or simply: internet content, like forum postings and e-mail and chat messages. The word PINWALE is often combined with the abbreviation UIS, which stands for User Interface Services, apparently an interface tool for accessing and searching databases.