Home / Bitcoin / The NSA worked to "track down" Bitcoin users

The NSA worked to "track down" Bitcoin users

Internet paranoids designed the bitcoins have long abandoned the fantasies of the American spies that subvert the rapidly expanding and controversial digital currency. Increasingly popular among rapidly enriching speculators, bitcoin began as an ambitious project to make financial transactions mathematically verifiable, while offering discretion. Governments, with a vested interest in controlling how money moves, believed, some of Bitcoin's ferocious supporters, naturally sought to impede the coming techno-libertarian financial order.

It turns out that conspiracy theorists were on something. The classified documents provided by the informer Edward Snowden show that the National Security Agency in fact, he worked urgently to direct bitcoin users around the world and handled at least one mysterious source of information to "help track down senders and recipients of Bitcoin," according to a top-secret passage in an internal NSA report dating back to March 2013. It appears that the data source exploited the NSA's ability to collect and analyze raw and global Internet traffic, while exploiting a nameless software program that aimed to provide anonymity to users, according to other documents.

Although the agency was interested in monitoring some competing cryptocurrencies, "Bitcoin is the number one priority," said an internal NSA report of March 15, 2013.

The documents indicate that bitcoin users of "tracing" have gone well beyond the in-depth examination of the bitcoin public transaction ledger, known as Blockchain, in which users are typically cited through anonymous identifiers; tracking could also involve gathering intimate details on these users' computers. The NSA has collected information on the password of some bitcoins, Internet activity and a type of unique device identification number known as MAC address, suggested an NSA memo of March 29, 2013. In the same document, analysts also discussed the detection of Internet users' Internet addresses, network ports and timestamps to identify the "BITCOIN Goals".

The agency seems to have wanted even more data: the memorandum of 29 March raised the question of whether the origin of the data has validated its users and suggested that the agency keep bitcoin information in a file called "Provider user full.csv." search functionality against target bitcoins, suggesting that the NSA may have used its XKeyScore search system, where bitcoin information and a wide range of other NSA data have been cataloged, to improve its information on bitcoin users. An NSA reference document indicated that the data source provided "user data such as billing information and Internet protocol addresses". With this type of information in hand, putting a name to a given bitcoin user would be easy.

The NSA's bitcoin spying operation seems to have been enabled by its unparalleled ability to smash traffic from the physical connections of the cables that form the Internet and ferry its traffic around the planet. Starting in 2013, the bitcoin monitoring of the NSA was accomplished through the code code OAKSTAR, a collection of secret business partnerships that allows the agency to monitor communications, even collecting data via the Internet while traveling along cables in optical fiber that can be found on the Internet.

Specifically, the NSA targeted the bitcoin through MONKEYROCKET, a sub-program of OAKSTAR, which exploited network equipment to collect data from the Middle East, Europe, South America and Asia, according to classified descriptions. Since spring 2013, MONKEYROCKET has been "the sole source of SIGDEV for the BITCOIN Targets", said the NSA report of March 29, 2013, using the term for the development of intelligence of the signals, "SIGDEV", to indicate that the agency had no other way of monitoring bitcoin users. The data obtained through MONKEYROCKET are described in the documents as "full take" surveillance, ie the whole series of data passing through a network has been examined and at least some complete data sessions have been archived for a subsequent analysis. .

At the same time, MONKEYROCKET is also described in documents as a "non-Western Internet anonymization service" with a "significant user base" in Iran and China, with the program brought online in the summer 2012. It is not clear which is exactly this product was, but it would seem that it was promoted on the Internet with false pretexts: the NSA notes that part of its "long-term strategy" for MONKEYROCKET was "attracting targets in terrorism, [including] Al Qaida "to the use of this" navigation product ", which" the NSA can then exploit. "The scope of targeting would then expand beyond terrorists. it functioned as a bait and a privacy switch, causing bitcoin users to use a tool that they thought could provide online anonymity, but was actually channeling data directly to the NSA.

The assumption that the NSA "would launch a whole operation abroad under false pretenses" just to track the goals is "pernicious," said Matthew Green, assistant professor at the University of Texas. Johns Hopkins University Information Security Institute. This practice could spread the mistrust towards privacy software in general, particularly in areas such as Iran, where these dissidents desperately need these tools. This "feeds a narrative that the United States is unreliable," said Green. "This worries me."

The NSA declined to comment for this article. The Bitcoin Foundation, a nonprofit advocacy organization, could not comment immediately.

This "feeds a narrative that the United States is not reliable".

Even if it offers many practical advantages and advantages over traditional currency, a crucial part of bitcoin's promise is its decentralization. There is no Bank of Bitcoin, no single entity that tracks the currency or its spenders. Bitcoin is often misunderstood as completely anonymous; in fact, each transaction is linked to publicly accessible ID codes included in the Blockchain, and bitcoin "exchange" companies typically require banking or credit card information to convert Bitcoins into dollars or euros. But bitcoin offers much greater privacy than traditional payment methods, which require personal information up to and including the social security number, or must be linked to a payment method that requires such information.

Furthermore, it is possible to conduct private bitcoin transactions that do not require exchange brokers or personal information. As explained in the 2009 white paper launching bitcoin, "the public can see that someone is sending an amount to someone else, but without information linking the transaction to anyone." For bitcoin adherents around the world, this ability to execute secret transactions is part of what makes the currency so special and such a threat to the global financial status quo. But the relative privacy of bitcoin transactions has naturally frustrated governments around the world and order forces in particular – it is difficult to "follow the money" for criminals when money is designed to be more difficult to follow. In a letter to the Congress in November 2013, an internal security official wrote "With the advent of the virtual cthe urns and the ease with which fFINANCIAL transactions can be exploited by criminal organizations, DHS has recognized the need for a aggressive posture towards this evolving trend. "

Green told The Intercept that he believes the MONKEYROCKET "browsing product" component is very similar to a virtual private network or VPN. VPNs encrypt and redirect Internet traffic to mask what you're doing on the Internet. But there's a problem: you have to trust the company that provides you with a VPN, because it provides both software and a network service in progress that potentially allows them to see where you're going online and even to intercept some of your traffic. An unscrupulous VPN would have full access to everything you do online.

Emin Gun Sirer, associate professor and co-director of the Criptovalute Initiative for Cornell University, told The Intercept that financial privacy "is something that matters incredibly" for the bitcoin community, and expects "the Privacy-conscious people will change to "privacy-oriented currencies" after learning about the NSA's work here Despite the reputation of bitcoin for privacy, Sirer added, "when the opposing model involves the NSA, the pseudonymy disappears. … You should really lower your privacy expectations on this network. "

"Privacy-conscious people will switch to privacy-oriented coins."

Green, who co-founded and currently recommends a privacy-focused bitcoin competitor named Zcash, echoed those feelings, saying that NSA techniques make privacy features in all digital currencies such as Ethereum or Ripple "totally worthless" for those targeted.

The NSA's interest in cryptocurrency is "bad news for privacy, because it means that in addition to the really difficult problem of making real transactions private … you also need to make sure that all network connections [are secure]", Added Green.Green said he was" rather skeptical "about the fact that the use of Tor, the popular anonymous browser, could hinder the long-term NSA, in other words, even if you trust of the underlying bitcoin technology (or that of another coin), you will still need to be able to trust your Internet connection – and if you are targeted by the NSA, it will be a problem.

The NSA documents point out that, although MONKEYROCKET works by touching an unspecified "foreign" fiber-optic cable site, and that data is then forwarded to the European Technical Center of the agency in Wiesbaden, Germany sometimes meetings were held in Virginia. Northern Virginia has been an expanding city for decades both for the vast state of national security and for the giants of the American Internet: telecommunications, Internet companies and spy agencies call the outskirts of the area and the home office parks.

Liberty_Reserve_seizure-1519149164

Notice of seizure of the name of the Liberty Reserve website.

Screenshot: Liberty Reserve

Bitcoin could have it was the main goal of the NSA's cryptocurrency, but it was not the only one. The March 15, 2013 NSA report detailed progress on MONKEYROCKET bitcoin surveillance and noted that American spies were also working to break Liberty Reserve, a distant predecessor. Unlike bitcoin, which facilitated drug deals and money laundering was secondary to larger targets, Liberty Reserve was more or less designed with crime in mind. Despite its headquarters in Costa Rica, the site has been charged with running a $ 6 billion "recycling scheme" and a triple team from the US Department of Justice, Homeland Security and IRS, with a 20-year sentence for its Ukrainian founder. In March 2013 – just two months before the removal and indictment of the Liberty Reserve – the NSA considered the currency exchange its objective no. 2, second only to bitcoin. The prosecution and prosecution of the Liberty Reserve and its staff have not made any mention of the help of the NSA.

"The government should not hide the true sources for its trials".

Just five months after the Liberty Reserve was closed, the feds turned their attention to Ross Ulbricht, who was later sentenced as the mind behind the well-known darkweb Silk Road drug market, where transactions were conducted in bitcoins, with a cut to the owner site. Ulbricht is reported to have held bitcoins worth $ 28.5 million at the time of his arrest. Part of his failed defense was the insistence that the story of the FBI on how he found it did not accumulate and that the government could have discovered and penetrated the Silk Road servers with help. of the NSA – perhaps illegally. The prosecution rejected this theory bluntly:

Having failed in his previous act of dismissal of all government allegations, Ulbricht now pushes this court to suppress virtually all government evidence, based on the fact that it was allegedly obtained in violation of the Fourth Amendment. Ulbricht offers no evidence of government misconduct to support this radical statement. Instead, Ulbricht evokes a bogeyman – the National Security Agency ("NSA") – that Ulbricht suspects, without any evidence, responsible for locating the Silk Road server, in a way that simply hypothesizes somehow violating the Fourth Amendment.

Although the documents leaked by Snowden do not refer to the fact that the NSA has assisted the investigation on the Silk Road of the FBI, they show that the agency works to unmask bitcoin users about six months before the event. arrest of Ulbricht and who had worked to monitor the Liberty Reserve during the same period. The source of bitcoin and Liberty Reserve monitoring, MONKEYROCKET, is governed by a foreign oversight authority known as Executive Order 12333, whose language is said to offer ample freedom to US security services to use intelligence when investigating US citizens.

Civil libertarians and security researchers have long feared that the otherwise unacceptable intelligence from the agency will be used to build cases against the Americans through a process known as "parallel construction": building a criminal case using Eligible tests obtained by consulting other tests beforehand, which is kept secret, outside the courtroom and in the public eye. A previous investigation by The Intercept, based on Snowden's documents and court documents, found evidence that the most controversial forms of surveillance by the NSA, which imply massive scrutiny of e-mail and fiber-optic cables , could have been used in court by means of parallel constructions.

Patrick Toomey, a lawyer with the national security project of ACLU, said that the bitcoin documents of the NSA, albeit circumstantial, underline a serious and continuing question in the American order forces:

If the criminal investigations of the government were to rely on the secretive intelligence of the NSA, it would be a serious concern. Individuals who face criminal proceedings have the right to know how the government has arrived with its evidence, so that they can challenge whether the methods of government were lawful. This is a basic principle of due process. The government should not hide the true sources for its court trials by inventing a different track.

Although a NSA document on MONKEYROCKET stated that the "initial" concern of the program was counter-terrorism, it also stated that "other targeted users will include those sought by NSA offices as Int & # 39; l Crime & Narcotics, Follow-The-Money and Iran. " On March 8, 2013 the NSA note stated that the agency staff "hoped to use it [MONKEYROCKET] for their mission to look at organized crime and cybernetic goals using online e-money services to move and recycle money. "There is no elaboration on who is considered a" cyber-goal ".

Documents

Documents published with this story:

Source link