Usa surveillance tools

Récupération de l'archive de wikipedia.fr / à retravailler
The US National Security Agency uses code names to describe its systems, databases, and programs. Aspects of these classified systems have occasionally been the subject of press reports and leaks by whistle blowers, but during the 2013 mass surveillance disclosures, many more of these code names became subjects of public discussion. As analysis and press reporting of documents leaked by Edward Snowden continues, a clearer picture of the nature and relationship between these programs is gradually emerging.

The confused nature of technology companies' initial responses to the disclosure of PRISM suggest that these companies knew it under a different name. It is therefore likely that many or all of these programs have multiple code names that refer to the same thing.

APERIODIC
SI-ECI compartment related to the BULLRUN program

AQUACADE
AQUACADE is a class of SIGINT spy satellites (formerly RHYOLITE)

AUNTIE
SI-ECI compartment related to the BULLRUN program

BEACHHEAD
Computer exploit delivered by the FERRETCANNON system&lt;ref&gt;|Bruce Scheier The NSA's New Risk Analysis&lt;/ref&gt;

BLARNEY
BLARNEY (US-984 and US-984X)is a communications surveillance program, started in 1978 and operated under FISA&lt;ref name=fantastico1&gt;&lt;/ref&gt; &lt;!--Really screengrabs in the attached video, they are exposed for only a few frames each--&gt;.&lt;ref name=&quot;wp_slides&quot;&gt;&lt;/ref&gt; The collection takes place at top-level telecommunications facilities within the United States, choke points through which most traffic will flow, including wireless. This type of surveillance is referred to as &quot;Upstream Collection.&quot; It was first brought to public view in a PRISM slide revealed by Edward Snowden.&lt;ref name=&quot;wp_slides&quot;/&gt; &lt;!-- It retains the content of emails, and phone calls made with Internet technology (i.e., VoIP) made within the United States. [May not be specific enough]--&gt; Among the facilities associated with BLARNEY are AT&amp;T's Room 641A in San Francisco, California, revealed in 2006 by Mark Klein, and another in New Jersey. Like its counterparts, BLARNEY was expanded after the September 11 attacks.&lt;ref name=wsj1&gt;&lt;/ref&gt; Information collected from BLARNEY is shared with many agencies in the United States, including the CIA, NSA, FBI and DOJ, it is also shared with the Five Eyes and NATO. A number of private companies also have access.&lt;ref name=fantastico1/&gt;

BLUEANCHOR
Partner providing a network access point for the YACHTSTOP program

BLUEZEPHYR
Subprogram of OAKSTAR

BOUNDLESS INFORMANT
Boundless Informant is a big data analysis and data visualization system used by the United States National Security Agency (NSA) to give NSA managers summaries of the NSA's world wide data collection activities.&lt;ref name=&quot;guardian1&quot;&gt;&lt;/ref&gt; It is described in an unclassified, For Official Use Only Frequently Asked Questions (FAQ) memo published by The Guardian.&lt;ref&gt;&lt;/ref&gt; According to a Top Secret heat map display also published by The Guardian and produced by the Boundless Informant program, almost 3 billion data elements from inside the United States were captured by the NSA over a 30-day period ending in March 2013.&lt;ref name=&quot;guardian1&quot;/&gt; Data analyzed by Boundless Informant includes electronic surveillance program records (DNI) and telephone call metadata records (DNR) stored in an NSA data archive called GM-PLACE. It does not include FISA data, according to the FAQ memo. PRISM, a government codename for a collection effort known officially as US-984XN, which was revealed at the same time as Boundless Informant, is one source of DNR data. According to the map, Boundless Informant summarizes data records from 504 separate DNR and DNI collection sources (SIGADs). In the map, countries that are under surveillance are assigned a color from green, representing least coverage to red, most intensive.&lt;ref&gt;&lt;/ref&gt;&lt;ref&gt;&lt;/ref&gt;

BULLRUN
Bullrun or BULLRUN is a clandestine, highly classified decryption program run by the United States National Security Agency (NSA).&lt;ref name=register20130905&gt;&lt;/ref&gt;&lt;ref name=&quot;pp20130905&quot;&gt;&lt;/ref&gt; The British signals intelligence agency Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. Access to the program is limited to a group of top personnel at the Five Eyes (NSA and the signals intelligence agencies of Britain, Canada, Australia, and New Zealand - see UKUSA). Signals that cannot be decrypted with current technology may be retained indefinitely while the agencies continue to attempt to decrypt them.&lt;ref name=&quot;pp20130905&quot;&gt;&lt;/ref&gt;

BYEMAN (BYE)
BYEMAN is a retired control system covering certain overhead collection systems, including CORONA and OXCART for overhead collection systems (1961-2005), most BYE content was transferred to TK

CANYON
CANYON is a class of COMINT spy satellites (1968-1977)

COBALTFALCON
Subprogram of OAKSTAR.

CONVEYANCE
Conveyance is a final layer of filtering to reduce the intake of information about Americans, it provides filtering for PRISM and filtering the voice content processed by S3132. The Conveyance's informations are stocked in Nucleon.&lt;ref&gt;| washingtonpost.com &quot;NSA slides explain the PRISM data-collection program&quot;&lt;/ref&gt;

CORONA
CORONA is a series of photographic surveillance satellites (1959-1972)

CRYPTO ENABLED
collection derived from AO's efforts to enable crypto&lt;ref&gt;|LeMonde.fr La diplomatie FranÃ§aise sur Ã©coute aux Ã‰tats-unis&lt;/ref&gt;

DEWSWEEPER
USB (Universal Serial Bus) hardware host tap that provides COVERT link over US link into a target network. Operates w/RF relay subsystem to provide wireless Bridge into target network.&lt;ref&gt;|LeMonde.fr - Snowden's docs&lt;/ref&gt;

DIODE
Repurposing close-to-target hardware to redirect them to FOXACID servers (back bouncing packets) &lt;ref&gt;|Jacob Appelbaum: NSA's FoxAcid/Quantum Programs at the european parliament - 10/15/2013&lt;/ref&gt;

DROPMIRE
Dropmire is a secret surveillance programme by the National Security Agency aimed at surveillance of foreign embassies and diplomatic staff, including those of NATO allies. The programme's existence was revealed in June 2013 by whistleblower Edward Snowden in The Guardian newspaper.&lt;ref&gt;New NSA leaks show how US is bugging its European allies, The Guardian, 30 June 2013. Retrieved July 2013.&lt;/ref&gt; The report reveals that at least 38 foreign embassies were under surveillance, some of which as far back as 2007.

DRTBOX
Program for intercepting mobile communication networks.&lt;ref&gt;|LeMonde.fr France in the NSA's crosshair : phone networks under surveillance&lt;/ref&gt;
 * US-985D - France
 * US-987LA - Germany
 * US-987LB - Germany

ECHELON
ECHELON, originally a code-name, is now used in global media and in popular culture to describe a signals intelligence (SIGINT) collection and analysis network operated on behalf of the five signatory states to the UKUSA Security Agreement&lt;ref name=pronunciation&gt;Given the 5 dialects that use the terms, UKUSA can be pronounced from &quot;You-Q-SA&quot; to &quot;Oo-Coo-SA&quot;, AUSCANNZUKUS can be pronounced from &quot;Oz-Can-Zuke-Us&quot; to &quot;Orse-Can-Zoo-Cuss&quot;.
 * From Talk:UKUSA Agreement: Per documents officially released by both the Government Communications Headquarters and the National Security Agency, this agreement is referred to as the UKUSA Agreement. This name is subsequently used by media sources reporting on the story, as written in new references used for the article. The NSA press release provides a pronunciation guide, indicating that &quot;UKUSA&quot; should not be read as two separate entities. (The National Archives) (National Security Agency)&lt;/ref&gt;

(Australia, Canada, New Zealand, the United Kingdom, and the United States, referred to by a number of abbreviations, including AUSCANNZUKUS&lt;ref name=pronunciation/&gt; and Five Eyes).&lt;ref&gt;&lt;/ref&gt;&lt;ref&gt;Google books â€“ Echelon by John O'Neill&lt;/ref&gt;&lt;ref&gt;&lt;/ref&gt; It has also been described as the only software system which controls the download and dissemination of the intercept of commercial satellite trunk communications.&lt;ref name = Bamford&gt;Bamford, James; Body of Secrets, Anchor, ISBN 0-385-49908-6; 2002&lt;/ref&gt; It was created to monitor the military and diplomatic communications of the Soviet Union and its Eastern Bloc allies during the Cold War in the early 1960s. By the end of the 20th century, the system referred to as &quot;ECHELON&quot; had evolved beyond its military/diplomatic origins, to also become &quot;... a global system for the interception of private and commercial communications.&quot;&lt;ref name = EP&gt;&lt;/ref&gt;

The system has been reported in a number of public sources. One of the earliest reports to describe the program, code-named &quot;ECHELON,&quot; was the 1988 article, &quot;Somebody's listening&quot; by Duncan Campbell in the New Statesman.&lt;ref&gt;&lt;/ref&gt; The program's capabilities and political implications were investigated by a committee of the European Parliament during 2000 and 2001 with a report published in 2001,&lt;ref name=&quot;EP&quot;/&gt; and by author James Bamford in his books on the National Security Agency of the United States.&lt;ref name=Bamford/&gt; The European Parliament stated in its report that the term ECHELON is used in a number of contexts, but that the evidence presented indicates that it was the name for a signals intelligence collection system. The report concludes that, on the basis of information presented, ECHELON was capable of interception and content inspection of telephone calls, fax, e-mail and other data traffic globally through the interception of communication bearers including satellite transmission, public switched telephone networks (which once carried most Internet traffic) and microwave links.&lt;ref name = EP/&gt;

EGOTISTICALGIRAFFE (EGGI)
NSA program for exploiting the TOR network&lt;ref name=&quot;theguardian.com&quot;&gt;|TheGuardian: 'Peeling back the layers of Tor with EgotisticalGiraffe'&lt;/ref&gt;

EGOTISTICALGOAT
(EGGO) - NSA tool for exploiting the TOR network&lt;ref name=&quot;theguardian.com&quot;/&gt;

ENDUE
A COI for sensitive decrypts of the BULLRUN program

ERRONEOUSINGENUITY
(ERIN) - NSA tool for exploiting the TOR network&lt;ref name=&quot;theguardian.com&quot;/&gt;

EVENINGEASEL
Program for surveillance of phone and text communications from Mexico's cell phone network&lt;ref&gt;|DerSpiegel: NSA Accessed Mexican President's Email&lt;/ref&gt;

EVILOLIVE
Collects internet traffic and data&lt;ref&gt;|TheVerge: NSA expanded bulk collection of internet data under newly uncovered surveillance programs&lt;/ref&gt;

FAIRVIEW
Fairview' is a secret mass surveillance programme run by the National Security Agency, aimed at collecting phone, internet and e-mail data in bulk from the computers and mobile telephones of foreign countries' citizens.&lt;ref name=&quot;globo&quot;&gt;EUA espionaram milhÃµes de e-mails e ligaÃ§Ãµes de brasileiros, O Globo, 6 Jul 2013. Retrieved 9 Jul 2013.&lt;/ref&gt; According to 2013 revelations by whistleblower Edward Snowden â€“ According to the revelations, the NSA had collected 2.3 billion separate pieces of data from Brazilian users in January 2013 alone.&lt;ref name=&quot;globo&quot; /&gt;

FOXACID
FoxAcid identifies Tor users on the Internet and then executes an attack against their Firefox web browser.&lt;ref&gt;Bruce Schneier: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID&lt;/ref&gt;&lt;ref&gt;[ArsTechnica&lt;nowiki&gt;&lt;/nowiki&gt; NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show]&lt;/ref&gt;&lt;ref&gt;[Slate.com&lt;nowiki&gt;&lt;/nowiki&gt; How the NSA Is Trying to Sabotage a U.S. Government-Funded Countersurveillance Tool]&lt;/ref&gt; See Quantum for the Man-in-the-middle.
 * 1) finding Tor users via programs codenamed Stormbrew, Fairview, Oakstar and Blarney.
 * 2) The NSA creates &quot;fingerprints&quot; that detect HTTP requests from the Tor network to particular servers.
 * 3) These fingerprints are loaded into NSA database systems like XKeyscore,
 * 4) Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically look for Tor connections.
 * 5) After the identification, the NSA uses its network of secret Internet servers to redirect those users to another set of secret Internet servers, with the codename FoxAcid, to infect the user's computer.
 * 6) Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information back to the NSA.

GENIE
implants of spywares&lt;ref name=&quot;lemonde.fr&quot;&gt;|LeMonde.fr la diplomatie franÃ§aise Ã©tait sur Ã©coute aux Etats-Unis&lt;/ref&gt;
 * US-3136
 * US-3137

HIGHLANDS
spywares implants &lt;ref name=&quot;lemonde.fr&quot;/&gt;

INTRUDER
INTRUDER is a series of ELINT and COMINT spy satellites (since 2009)

JUGGERNAUT
Picks up all signals from mobile networks&lt;ref name=&quot;spiegel.de&quot;&gt;|&amp;#91;spiegel.de&amp;#93; Photo Gallery: NSA Documentation of Spying in Germany&lt;/ref&gt;

JUMPSEAT
JUMPSEAT is a class of SIGINT reconnaissance satellites (1971-1983)

LOPERS
LOPERS is a software application for Public Switched Telephone Networks&lt;ref name=&quot;spiegel.de&quot;/&gt;

MADCAPOCELOT
Subprogram of STORMBREW - DNI and metadata through XKEYSCORE, PINWALE and MARINA.

MAGNETIC
sensor collection of magnetic emanations |LeMonde.fr la diplomatie franÃ§aise Ã©tait sur Ã©coute aux Etats-Unis&lt;/ref&gt;

MAGNUM
MAGNUM is a series of SIGINT spy satellites (since 1985)

MAINWAY
MAINWAY is a database maintained by the United States' National Security Agency (NSA) containing metadata for hundreds of billions of telephone calls made through the four largest telephone carriers in the United States: AT&amp;T, SBC, BellSouth (all three now called AT&amp;T), and Verizon.&lt;ref name=&quot;USA&quot;&gt;&lt;/ref&gt; The existence of this database and the NSA program that compiled it was unknown to the general public until USA Today broke the story on May 10, 2006.&lt;ref name=&quot;USA&quot; /&gt; It is estimated that the database contains over 1.9 trillion call-detail records.&lt;ref name=&quot;DemocracyNow&quot;&gt;&lt;/ref&gt; According to Bloomberg News, the effort began approximately seven months before the September 11, 2001 attacks.&lt;ref&gt;&lt;/ref&gt; As of June 2013, the database stores metadata for at least five years.&lt;ref =&quot;ab_week&quot;&gt;&lt;/ref&gt; The records include detailed call information (caller, receiver, date/time of call, length of call, etc.) for use in traffic analysis&lt;ref name=&quot;traffic analysis&quot;&gt; &quot;And, by the way, I hate the term 'metadata.' What's wrong with 'traffic analysis,' which is what we've always called that sort of thing?&quot;&lt;/ref&gt; and social network analysis,&lt;ref name=&quot;social network analysis&quot;&gt; &quot;The data are used for 'social network analysis,' the official said, meaning to study how terrorist networks contact each other and how they are tied together.&quot;&lt;/ref&gt; but do not include audio information or transcripts of the content of the phone calls.

MARINA
Marina is a metadata database for the National Security Agency (NSA), it aggregates NSA metadata from a large scale of sources. Any computer metadata picked up by NSA is routed in this system. Marina tracks the browser datas, gathering contacts and contents of a user. Marina can look in the last 365 days of DNI such as page request, emails, voice over IP and any packet on the Internet.&lt;ref&gt;| theguardian.com &quot;NSA stores metadata of millions of web users for up to a year, secret files show&quot;&lt;/ref&gt;

MENTOR
MENTOR is a class of SIGINT spy satellites (since 1995)

MINARET
MINARET is a sister project to Project SHAMROCK (1967-1973) collection from LAN implant

MONKEYROCKET
Sub-program of OAKSTAR

MOONLIGHTPATH
Moonlightpath is a Special Sources Operations (SSO) program, maintained by the National Security Agency (NSA), it's a collection program to query metadatas, started in September, 2013 &lt;ref&gt;|&amp;#91;theguardian.com&amp;#93; How the NSA is still harvesting your online data&lt;/ref&gt;

MUSCULAR
MUSCULAR is a tool to exploit the data links from Google and Yahoo, operated jointly by the National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ). They are copying entire data flows across fiber-optic cables that carry information among the data centers.&lt;ref&gt;| NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say&lt;/ref&gt;

NUCLEON
Nucleon is a database maintained by the National Security Agency (NSA) which intercepts telephone calls and routes the spoken words.&lt;ref&gt;| U.S. surveillance architecture includes collection of revealing Internet, phone metadata&lt;/ref&gt;

OAKSTAR
OAKSTAR is an umbrella program involving surveillance of telecommunications, it falls under the category of &quot;upstream collection,&quot; meaning that data is pulled directly from fiber-optic cables and top-level communications infrastructure.&lt;ref name=fantastico1&gt;&lt;/ref&gt; &lt;!--Really screengrabs in the attached video, they are exposed for only a few frames each--&gt; &lt;ref name=&quot;wp_slides&quot;&gt;&lt;/ref&gt; Upstream collection programs allow access to very high volumes of data, and most of the pre-selection is done by the providers themselves, before the data is passed on to the NSA. The FY 2013 budget for OAKSTAR is $9.41 million.&lt;ref name=&quot;WP20130830&quot;&gt;&lt;/ref&gt; OAKSTAR consists of the following SIGADs:

OCELOT
Actual name: MADCAPOCELOT, a sub-program of STORMBREW for collection of internet metadata about Russia and European counterterrorism. MADCAPOCELOT uses DNI from XKEYSCORE, PINWALE and MARINA&lt;ref&gt;&lt;/ref&gt;

ORANGEBLOSSOM
Sub-program of OAKSTAR for collection from an international transit switch (sigad: US-3251)

ORANGECRUSH
Subprogram of OAKSTAR.

PATHFINDER
PATHFINDER is a SIGINT analysis tool made by Science Applications International Corporation (SAIC), a new US company headquartered in McLean, Virginia that provides government services and information technology support.

PINWALE
Pinwale is the code name for an NSA database of archived foreign and domestic e-mails it has collected under its SIGINT efforts. It is searchable by monitored NSA analysts. Its existence was first revealed by an NSA analyst who was trained to use it during 2005.&lt;ref&gt;&lt;/ref&gt; However, according to Homeland Security Today, Pinwale has in it much more than email, it also contains other forms of Internet data, and other forms of digital communications as well. Its software has built-in protections against collecting from any of the Five Eyes members. Unlike its successor XKeyscore, targets for PINWALE have to be approved beforehand by the FISC.&lt;ref name=homeland1&gt;&lt;/ref&gt;

PRISM
PRISMis a clandestine mass electronic surveillance data mining program known to have been operated by the United States National Security Agency (NSA) since 2007.&lt;ref name=&quot;WaPo1&quot;&gt;&lt;/ref&gt;&lt;ref name=&quot;apbraun061513&quot;&gt;&lt;/ref&gt;&lt;!----&gt; PRISM is a government code name for a data-collection effort known officially by the SIGAD US-984XN.&lt;ref&gt;&lt;/ref&gt;&lt;ref&gt;&lt;/ref&gt; The Prism program collects stored Internet communications based on demands made to Internet companies such as Google Inc. under Section 702 of the FISA Amendments Act of 2008. The NSA can use these Prism requests to target communications that were encrypted when they traveled across the Internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier,&lt;ref name=&quot;WSJ20130821&quot;&gt;&lt;/ref&gt;&lt;ref&gt;&lt;/ref&gt; and to get data that is easier to handle, among other things.&lt;ref&gt;&lt;/ref&gt; The original Washington Post and Guardian articles reporting on PRISM noted that one of the leaked briefing documents said PRISM involves collection of data &quot;directly from the servers&quot; of several major Internet services providers.:&lt;ref name=&quot;GenCoop&quot;&gt;&lt;/ref&gt;
 * Microsoft&lt;ref name=&quot;TechCrunch&quot;&gt;&lt;/ref&gt;
 * Yahoo!&lt;ref name=&quot;WaPoJune12&quot;&gt;&lt;/ref&gt;
 * Facebook &lt;ref name=&quot;TechCrunch&quot; /&gt;
 * Google&lt;ref name=&quot;TechCrunch&quot; /&gt;&lt;ref name=&quot;WaPoJune12&quot; /&gt;
 * Apple&lt;ref name=&quot;AllThingsD&quot;&gt;&lt;/ref&gt;
 * Dropbox

QUANTUM
See FOXACID To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the Internet backbone for a man-in-the-middle (or a man-in-the-side).&lt;ref&gt;|Bruce Schneier: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID&lt;/ref&gt;&lt;ref&gt;[ArsTechnica&lt;nowiki&gt;&lt;/nowiki&gt; NSA repeatedly tries to unpeel Tor anonymity and spy on users, memos show]&lt;/ref&gt;&lt;ref&gt;[Slate.com&lt;nowiki&gt;&lt;/nowiki&gt; How the NSA Is Trying to Sabotage a U.S. Government-Funded Countersurveillance Tool]&lt;/ref&gt; The NSA uses these fast Quantum servers to execute a packet injection attack, which surreptitiously redirects the target to the FoxAcid server.&lt;ref&gt;Spiegel.de: Britain's GCHQ Hacked Belgian Telecoms Firm&lt;/ref&gt;

RADON
Bi-directional host tap that can inject Ethernet packets onto the same targets. Allows bi-directional exploitation of Denies networks using standard on-net tools.|LeMonde.fr la diplomatie franÃ§aise Ã©tait sur Ã©coute aux Etats-Unis&lt;/ref&gt;

RAGTIME (RT)
RAGTIME is the code name of four secret surveillance programs conducted by the National Security Agency (NSA) of the United States. These programs date back to at least 2002&lt;ref name=wapo1&gt;NSA report on privacy violations in the first quarter of 2012, The Washington Post, August 16, 2013, p. 12.&lt;/ref&gt; and were revealed in March 2013 in the book &quot;Deep State: Inside the Government Secrecy Industry&quot;, by Marc Ambinder and D.B. Grady. These special programs are conducted under the code name RAGTIME (also abbreviated as RT), and are divided into several subcomponents (RAGTIME-A, RAGTIME-B, RAGTIME-C, and RAGTIME-P&lt;ref&gt;Shane Harris, Ragtime: Code name of NSAâ€™s Secret Domestic Intelligence Program Revealed in New Book, February 27, 2013&lt;/ref&gt; ). It's said that about 50 companies have provided data to this domestic collection program.
 * RAGTIME-A : counterterrorism
 * RAGTIME-B :
 * RAGTIME-C : counterproliferation actvities (like WMD, nuclear, biological, chemical).
 * RAGTIME-P (P -&gt; Patriot act ?) : warantless wiretapping

RAMPART / RAMPART-T
NSA operational branches that intercept heads of state and their closest aides.&lt;ref&gt;[[Der Spiegel]&lt;/ref&gt; Known divisions are RAMPART-A, RAMPART-I and RAMPART-T, which focuses on foreign governments.

RUFF
Compartment of TALENT KEYHOLE for IMINT satellites

RHYOLITE
RHYOLITE is a class of SIGINT spy satellites (in 1975 changed to AQUACADE)

SENTINEL
Sentinel is a National Security Agency (NSA) security filter for SYBASE databases which provides multi-level security down to the row level.&lt;ref&gt;nsa.gov [[NSA]&lt;/ref&gt;

SHAMROCK
Shamrock is an operation for intercepting telegraphic data going in or out the US (1945-1975)

SHELLTRUMPET
Shelltrumpet is a National Security Agency (NSA) metadata processing program which show the NSA's metadata collection scale &lt;ref&gt;theguardian.com&lt;/ref&gt;

SHIFTINGSHADOW
Subprogram of OAKSTAR.

SILKWORTH
A software program used for the ECHELON system

SIRE
A software program used for the ECHELON system

STELLARWIND (STLW)
Stellar Wind or STELLARWIND is the code name of a Sensitive Compartmented Information security compartment for information collected under the President's Surveillance Program (PSP).&lt;ref name =OIG1&gt;NSA Inspector General report on the President's Surveillance Program, March 24, 2009, page 10, note 3.&lt;/ref&gt; This was a program by the United States National Security Agency (NSA) during the presidency of George W. Bush and revealed by Thomas Tamm to the The New York Times in 2008.&lt;ref name=&quot;newsweek1&quot;&gt;&lt;/ref&gt; The program's activities involved data mining of a large database of the communications of American citizens, including e-mail communications, phone conversations, financial transactions, and Internet activity.&lt;ref name=&quot;newsweek1&quot;/&gt; William Binney, a retired Technical Leader with the NSA, discussed some of the architectural and operational elements of the program at the 2012 Chaos Communication Congress.&lt;ref name=&quot;newsweek2&quot;&gt;&lt;/ref&gt;

STORMBREW
STORMBREW is a secret internet surveillance program of the National Security Agency (NSA) of the United States. STORMBREW is an umbrella program involving surveillance of telecommunications. It falls under the category of &quot;upstream collection,&quot; meaning that data is pulled directly from fiber-optic cables and top-level communications infrastructure. There is also a SIGAD of the same name, which is described as a &quot;key corporate partner.&quot; The FY 2013 budget for STORMBREW is $46.06 million.&lt;ref name=&quot;WP20130830&quot;&gt;&lt;/ref&gt; STORMBREW consists of the following SIGADs:

SILVERZEPHYR
Subprogram of OAKSTAR.

TFTP
TFTP is &quot;The Terrorist Finance Tracking Program&quot; is a program to access the SWIFT transaction database

THINTREAD
ThinThread is the name of a project that the United States National Security Agency (NSA) pursued during the 1990s, according to a May 17, 2006 article in The Baltimore Sun.&lt;ref name=&quot;Sun&quot;&gt;&lt;/ref&gt; The program involved wiretapping and sophisticated analysis of the resulting data, but according to the article, the program was discontinued three weeks before the September 11, 2001 attacks due to the changes in priorities and the consolidation of U.S. intelligence authority.&lt;ref&gt;&quot;Obama's Crackdown on Whistleblowers.&quot;&lt;/ref&gt; The &quot;change in priority&quot; consisted of the decision made by the director of NSA General Michael V. Hayden to go with a concept called Trailblazer, despite the fact that ThinThread was a working prototype that protected the privacy of U.S. citizens. ThinThread was dismissed and replaced by the Trailblazer Project, which lacked the privacy protections.&lt;ref name=physorg1&gt;.&lt;/ref&gt; A consortium led by Science Applications International Corporation was awarded a $280 million contract to develop Trailblazer in 2002.&lt;ref name=flib&gt;&lt;/ref&gt;

TRAFFICTHIEF
According to an XKeyscore presentation, TRAFFICTHIEF is a database of &quot;Meta-data from a subset of tasked strong-selectors&quot; &lt;ref name=guardian1&gt;&lt;/ref&gt; According to the XKeyscore presentation, a example of a strong selector is an email address. In other words, it would be a database of the metadata associated with names, phone numbers, email addresses, etc., that the intelligence services are specifically targeting. Marc Ambinder gives what he calls an educated guess: &quot;raw SIGINT viewer for data analysis.&quot;.&lt;ref name =atlantic1&gt;&lt;/ref&gt;

TRAILBLAZER
Trailblazer was a United States National Security Agency (NSA) program intended to develop a capability to analyze data carried on communications networks like the Internet. It was intended to track entities using communication methods such as cell phones and e-mail. It ran over budget, failed to accomplish critical goals, and was cancelled.

TRUMPET
TRUMPET is a series of ELINT reconnaissance satellites (1994-2008)

TURBULENCE
Turbulence is a United States National Security Agency information-technology project started circa 2005. It was developed in small, inexpensive &quot;test&quot; pieces rather than one grand plan like its failed predecessor, the Trailblazer Project. It also includes offensive cyber-warfare capabilities, like injecting malware into remote computers. The U.S. Congress criticized the project in 2007 for having similar bureaucratic problems as the Trailblazer Project.

TURMOIL
Turmoil is involved in the process of decrypting communications.&lt;ref name=guardian2&gt;&lt;/ref&gt;

TUTELAGE
Part of the TURBULENCE program

UPSTREAM
The Upstream program, or Room 641A, is a telecommunication interception facility operated by AT&amp;T for the U.S. National Security Agency that commenced operations in 2003 and was exposed in 2006.&lt;ref name=WiredEvidence&gt;&lt;/ref&gt; &lt;ref name=wired1&gt;&lt;/ref&gt;

VAGRANT
Vagrant is a National Security Agency wiretapping tool which allows to capturing information from screens |LeMonde.fr la diplomatie franÃ§aise Ã©tait sur Ã©coute aux Etats-Unis&lt;/ref&gt;. This information comes from a NSA's top secret internal document.

VORTEX
VORTEX is a class of SIGINT spy satellites (1978-1989)

XKEYSCORE (XKS)
XKeyscore (XKS) is a formerly secret computer system used by the United States National Security Agency for searching and analyzing Internet data about foreign nationals across the world. The program is run jointly with other agencies including Australia's Defence Signals Directorate, and New Zealand's Government Communications Security Bureau. XKeyscore is an NSA data-retrieval system which consists of a series of user interfaces, backend databases, servers and software that selects certain types of metadata that the NSA has already collected using other methods.&lt;ref name=WaPo1&gt;&lt;/ref&gt;&lt;ref name =WaPo2&gt;&lt;/ref&gt; According to the published slides, these come from three different sources:&lt;ref name =theweek1&gt;&lt;/ref&gt; According to documents released by The Guardian, the tool has the ability to query, in real time, &quot;strong selectors&quot;, such as email, or &quot;soft selectors&quot;, such as content .&lt;ref name =Guardian3&gt;&lt;/ref&gt; The tool also gives the analyst the abilities to look for &quot;anomalies&quot;; without any specific person attached, it lists the example of a German speaker in Pakistan as an example of such. It also has the ability to detect encrypted activity such as &quot;all PGP usage in Iran.&quot;.&lt;ref name =ars1&gt;&lt;/ref&gt; The caveat given is that very broad queries can result in too much data to transmit back to the analyst. The presentation suggests that when something of interest is discovered, that the analyst may request particular items, as required.
 * F6, which is the Special Collection Service (SCS), operating from a U.S. embassy or consulate overseas
 * FORNSAT, which means &quot;foreign satellite collection&quot;, and refers to intercepts from satellites that process data used by other countries
 * SSO, which is the Special Source Operations division, the branch of NSA which taps cables, finds microwave paths, and otherwise collects data not generated by F6 or foreign satellites.

YACHTSHOP
Subprogram of OAKSTAR.

Uncategorized or insufficiently described
several Intelligence tools and resources:
 * AGILITY, AGILEVIEW, AIRGAP, AIRSTEED, ALPHA, AMBULANT, ANCHORY, AQUADOR, ARGON, ASSOCIATION, AUTOSOURCE,
 * BANYAN, BELLTOPPER, BELLVIEW, BINOCULAR, BLACKFOOT, BLACKHEART, BLACKMAGIC, BLACKPEARL, BLACKWATCH, BULLSEYE,
 * CADENCE, CANNON LIGHT, CARBOY, CARBOY II, CARILLION, CASPORT, CENTERMASS,  CHALKFUN,  CHASEFALCON, CHEWSTICK, CHIPPEWA, CIMBRICINEPLEX, CLOUD,   COASTLINE,  CONTRAOCTAVE, COURIERSKILL, CREDIBLE, CREST, CRISSCROSS,
 * DANCINGOASIS, DANGERMOUSE, DARKTHUNDER, DECKPIN, DELTA, DIKTER, DISHFIRE, DRAGONFLY, DRUID, DYNAMO,
 * FACELIFT, FALLOUT, FASCIA, FISHBOWL, FOXTRAIL,
 * GAMUT, GENTE, GLOBAL BROKER,
 * HERCULES, HIGHTIDE, HOMEBASE,
 * INTELINK, ISHTAR, IVY BELLS,
 * KLONDIKE (KDK),
 * LIFESAVER, LITHIUM, LONGHAUL,
 * MAGIC LANTERN, MAILORDER, MAIN CORE, MAUI, MESSIAH, METTLESOME,  MINERALIZE,  MORAY,
 * OILSTOCK, OCEAN, OCEANARIUM, OCTAVE, OCTSKYWARD, ONEROOF, OSCAR,
 * PLUS, PROTON, PUZZLECUBE,
 * SABRE, SEMESTER, SETTEE, SHARKFIN,  SKYWRITER, SOLIS, SPHINX, SPINNERET, SPOKE,  SPOTBEAM, STEELKNIGHT, STONE, STUMPCURSOR, SURREY,
 * TALENT KEYHOLE (TK), TALK, QUICK, TAPERLAY, TAROTCARD, TEMPEST, TREASUREMAP, TRIBUTARY, TRINE, TUNINGFORK, TUSKATTIRE,
 * UMBRA, UNIFORM,
 * WEALTHYCLUSTER, WRANGLER, WEBCANDID, WHITEBOX,
 * XCONCORD,