That’s according to a report by German broadcasters NDR and WDR, based on analysis of the source code of the NSA mass data collection tool XKeyscore, which found that using or even simply searching the Web for encryption software like the Tor anonymity network or the Tails operating system can put you in the crosshairs of NSA surveillance.
Comments in the NSA code ominously labeled Tor users and others picked up by the surveillance system “extremists.”
The exceptions to the rule are for those connecting from “Five Eyes” nations: The U.S., U.K., Canada, Australia, and New Zealand, which cooperate closely on intelligence.
If you have ever considered supporting #Tor, now is an excellent time to start. Privacy matters, even yours
— Sebastian Hahn (@sebastianhahn) July 3, 2014
The report specifies that the NSA was targeting a German student named Sebastian Hahn, who runs a node on the anonymization network Tor.
The source code includes the IP address for a server administered by Hahn, believed to be the second specific individual reported to be tracked by the NSA after German chancellor Angela Merkel.
Hahn runs a Tor directory authority which lists almost every one of Tor’s 5,000 network nodes. It’s not clear if the NSA was directly monitoring Hahn’s server of if German intelligence was involved.
The code also reveals that the Chaos Computer Club, one of the oldest hacking collectives in the world, was targeted by American surveillance.
Tor, which was first developed by the U.S. Navy, and Tails have been mainstays of important computer security discussions for a decade. If anyone outside of Five Eyes who discusses or uses Tor is an extremist, the list must be vast and full of the tech elite—not to mention virtually anyone at all interested in Internet privacy.
Although it’s not clear how the journalists Lena Kampf, Jacob Appelbaum, and John Goetz obtained the source code, Edward Snowden’s leaks revealed XKeyscore to the world in 2013.
Tech activists are calling on the journalists to publish the source code to the public.
— the grugq (@thegrugq) July 3, 2014
Tor itself appears to remain uncompromised, but American surveillance is monitoring German-based Tor directory authorities that act as “gateways to the entire system,” Russia Today reports. That gives them the IP addresses of those accessing the system, a resource that can be cross referenced with the agency’s massive intelligence troves.
The report says that the NSA extracts emails sent over the Tor network for extra scrutiny, including the full content of the emails if it is available to them.
Reacting to the news, Internet freedom activists are furious though, at this point, hardly surprised.
Man, the NSA has no fucking idea what they’re doing. They’re bumbling fools with an unprecedented scope of resources and no oversight and
— sarah jeong (@sarahjeong) July 3, 2014
The NSA did not immediately respond to our request for comment.
Photo via West Midland Police/Flickr (CC BY-SA 2.0) | Remix by Jason Reed