control channel cipher satisfactory?

go558a83nk

Air uses

TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

for the control channel.

I've noticed another VPN provider of mine is now using

TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

Is there any reason to worry that Air still uses a TLSv1.0 control channel cipher?

zhang888

Probably to add more compatibility for older devices. Some older Ubiquity and other embedded routers do not support TLS1.2.

TLSv1 was only "broken" in conjunction with active web sessions, something not currently applicable to attack OpenVPN.

Let's wait for Staff's comment.

go558a83nk

update. today I noticed that Air is now using the same TLS1.2 cipher as above.

I'm glad for the change.

go558a83nk

another update. I guess each server is different. Metallah still uses the TLS1.0 cipher.

InactiveUser

I probed all servers a few weeks ago: All servers added to AirVPN since 19 Jun 2015 use TLSv1.2. All other servers use TLSv1.

I don't think it makes much of a difference but it'd still be interesting to hear from staff what they changed in their infrastructure and whether they plan to upgrade the older servers as well.

go558a83nk

I probed all servers a few weeks ago: All servers added to AirVPN since 19 Jun 2015 use TLSv1.2. All other servers use TLSv1.

I don't think it makes much of a difference but it'd still be interesting to hear from staff what they changed in their infrastructure and whether they plan to upgrade the older servers as well.

Interesting. I do know that Etamin was using TLS1.2 though it was added in May. Perhaps the change to TLS1.2 occurred during one of the maintenance sessions it had recently?

pr1v

I would like sha512 too

atoir

Everybody wants a bigger SHA....why not SHA4096 ? ;-)

Remember SHA-1,2 is designed by NSA... ;-) I don't remember for SHA-0.. SHA-3 on the other hand is not designed by NSA

zhang888

Please read

https://forums.openvpn.net/topic11913.html

I totally agree with the comments of one of the OpenVPN forum Staff members:

The Rijdael cipher comes in 128, 160, 192, 224, and 256-bit variants,
officially there is not 512bit variant by its original authors...

one of the 512bit variants is Moh'd, A., Jararweh, Y., & Tawalbeh, L. (2011) AES-512: 512-bit Advanced Encryption Standard algorithm design and evaluation. Information Assurance and Security (IAS),
2011 7th International Conference on. pp. 292 - 297. DOI 10.1109/ISIAS.2011.6122835

keep in mind though that these 512bit variants have not under gone the same deep analysis as the derivative of Rijndael that became AES.

my personal opinion is that for now AES-256 is enough....

bigbrosbitch

I wouldn't feel too comfortable about available VPN standards in providing solid defences against anything more than low level to perhaps intermediate adversaries.

Why?

Here's Schneier's views on AES-256 for example (used in AirVPN) - probably not crackable, but it is the implementation of the protocols and so on that poses the actual risk. That is, advanced attackers don't break the crypto, they focus on weak-points, key leakages and so on:

My guess is that they can't break it [AES256]. That is, they don't have a cryptanalytic attack against the AES algorithm that allows them to recover a key from known or chosen ciphertext with a reasonable time and memory complexity. I believe that what the "top official" was referring to is attacks that focus on the implementation and bypass the encryption algorithm: side-channel attacks, attacks against the key generation systems (either exploiting bad random number generators or sloppy password creation habits), attacks that target the endpoints of the communication system and not the wire, attacks that exploit key leakage, attacks against buggy implementations of the algorithm, and so on. These attacks are likely to be much more effective against computer encryption.

Heard of Bullrun or Scarlet Fever? The spooks can already crack SSL/TLS traffic including VPNs for certain targets, presumably due to how it is implemented:

According to a Bullrun briefing document, the agency had successfully infiltrated both the Secure Sockets Layer as well as virtual private network (VPN). ... By 2010, the Edgehill program, the British counterencryption effort, was unscrambling VPN traffic for 30 targets and had set a goal of an additional 300." As part of Bullrun, NSA has also been actively working to "Insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets".

Other relevant attacks directed against VPNs include (by NSA codename): Gallantwave, Turmoil/Apex, Longhaul, Valiantsurf, Malibu, Poisennut, and SPIN9.

So yeah, running a VPN by itself ain't gonna do squat, if they are really interested. If you don't believe me, then read this from Der Spiegel:

According to an NSA document dating from late 2009, the agency was processing 1,000 requests an hour to decrypt VPN connections. This number was expected to increase to 100,000 per hour by the end of 2011. The aim was for the system to be able to completely process "at least 20 percent" of these requests, meaning the data traffic would have to be decrypted and reinjected. In other words, by the end of 2011, the NSA's plans called for simultaneously surveilling 20,000 supposedly secure VPN communications per hour.

VPN connections can be based on a number of different protocols. The most widely used ones are called Point-to-Point Tunneling Protocol (PPTP) and Internet Protocol Security (Ipsec). Both seem to pose few problems for the NSA spies if they really want to crack a connection. Experts have considered PPTP insecure for some time now, but it is still in use in many commercial systems. The authors of one NSA presentation boast of a project called FOURSCORE that stores information including decrypted PPTP VPN metadata.

Out of interest, why do we trust RSA either? See below - they have some explaining to do:

The New York Times has reported that the random number generator Dual_EC_DRBG contains a back door from the NSA, which would allow the NSA to break encryption keys generated by the random number generator. Even though this random number generator was known to be insecure and slow soon after the standard was published, and a potential NSA backdoor was found in 2007 while alternative random number generators without these flaws were certified and widely available, RSA Security continued using Dual_EC_DRBG in the company's BSAFE toolkit and Data Protection Manager until September 2013.

While RSA Security has denied knowingly inserting a backdoor into BSAFE, it has not yet given an explanation for the continued usage of Dual_EC_DRBG after its flaws became apparent in 2006 and 2007. It was reported on December 20, 2013 that RSA had accepted a payment of $10 million from the NSA to set the random number generator as the default. Leaked NSA documents state that their effort was “a challenge in finesse” and that “Eventually, N.S.A. became the sole editor” of the standard.

Experts also think successful attacks have been made against RC4, and that the NSA may be able to crack 1024-bit RSA keys....

By 2010, the NSA had developed “groundbreaking capabilities” against encrypted Internet traffic. A GCHQ document warned however “These capabilities are among the SIGINT community’s most fragile, and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability.” Another internal document stated that “there will be NO ‘need to know.’” Several experts, including Bruce Schneier and Christopher Soghoian, have speculated that a successful attack against RC4, a 1987 encryption algorithm still used in at least 50 per cent of all SSL/TLS traffic, is a plausible avenue, given several publicly known weaknesses of RC4. Others have speculated that NSA has gained ability to crack 1024-bit RSA/DH keys.

All of these factors are why I don't ever pretend that sitting behind a VPN is any good against the government minders, except to keep out script kiddies, Kali Linux wannabe hackers, and to stop some basic profiling/tracking by corporates.

Staff

All of these factors are why I don't ever pretend that sitting behind a VPN is any good against the government minders, except to keep out script kiddies, Kali Linux wannabe hackers, and to stop some basic profiling/tracking by corporates.

A very odd conclusion on the basis of what you have reported... On the contrary, all the leaks up to now confirm that NSA is not able to crack ciphers currently used by our service. That's exactly why they need backdoors or directly the keys. If you further read between the lines you'll also see what tremendous effort is putting NSA to bypass encryption, never to crack encryption directly, except for very special cases with very specific ciphers. They know the math very well.

Kind regards

bigbrosbitch

Hi staff,

I don't deny AirVPN puts everything into having the latest standards, protocols and so forth. I wouldn't have signed up otherwise - your rep is solid, and you haven't turned on anyone that we know of for pissy things like torrenting, reading censored materials and so on. As far as we know, you don't keep logs also, but running Tor should be par for the course (zero trust model, sorry).

You misunderstood me. I agree - they are not cracking the crypto directly, but undermining it and working around it. But that is my main point.

If there really is a Snowden Jnr, Bradley/Chelsea Manning, Mr Silk Rd 3.0, pedo image peddler, intelligence would-be whistleblower etc actually using AirVPN servers right now, then they are deluded if they think that sitting purely behind a VPN with 256-AES comm channels and 4096 RSA will do anything to keep an adversary from finding out what they are doing. Only exceptional measures would suffice.

As per the NSA slides, they are already decrypting (by subterfuge methods that we agree on, NOT directly cracking the crypto) 10,000s, probably 100,000s VPNs connections PER HOUR now in 2015.

They simply can't tolerate any traffic they can't break down, so they have invested 10s of billions to backdoor, work-around, undermine, etc all the relevant protocols. Probably a million zero days in the code too that is identified by those highly overpaid cryptos/mathematicians enticed from the best US universities.

We also know from disclosures that all encrypted traffic e.g. PGP, VPNs is put aside for later analysis and potential decryption. This is why X-KeyScore has special markers for the signatures of PGP, Tor and so on and also marks things like requests for Tor bridges, certain websites e.g. Linux security journal, Tor, firstlook.org etc (all the usual suspects).

We also know that if you hit enough markers for X-KeyScore e.g. use encrypted email all the time, Tor all the time, use certain keywords in unprotected comms etc, then you end up on a special list, presumably for back-dooring.

Disclosures also indicate they actively attack various VPN providers. Given your rep, you'd be high on my list if I was a spook.

I forget all the specifics, but basically their global network monitoring systems can detect the initial key exchange, and they use this somehow to subsequently perform a successful attack. A lot of this has to do with timing i.e. if I exist everywhere on the matrix with sensors, I can usually beat back an original request with a malicious one e.g. a method also seen in malicious HTTP GET requests for example that serve up a world of hurt (the nasty url hits your browser before the legit one).

I am happy to re-source the documents and provide a detailed post to prove I'm not full of shit, if you'd like. I don't think most VPN users realise how fucking good they really are.

Any basic desktop user connecting to the internet can be pwned by a government level adversary, probably in minutes. Considering there is probably 15,000 (estimated) unpatched bugs in the linux kernel, a million ways to bust through standard firewalls and routers, another million ways to inject malicious code into browsers, force malware downloads, and a specialist TAO unit exists that is reputed to be able to break into anything, a standard user has ZERO chance if directly targeted.

Even basic FinFisher or Hacking Team software would get you into most places. You know, the stuff that is always leaked into the private sector in the short-term and becomes the common topic for a PhD some years later.

Recent, multiple break-ins to the OPM and Pentagon (civvie staff) - protected by apparently the best computer security the US has to offer - couldn't keep presumably state-level hackers out.

So anybody at home who has delusions of grandeur about hiding their Pablo Escobar status behind AES and RSA had better wake up pretty fast.

This view - all computers connected to the net can be pwned - is pretty well shared by Jacob Appelbaum, Bruce Schneier, Glen Greenwald and others that have pored over the materials, directly and in depth. So, I feel pretty comfortable in sharing it.

That said, I think everyone should be using a VPN at all times as a bare minimum, given it DOES provide a lot more privacy/security capability against a host of miscreants and certain attack vectors.

Cheers

Staff

Hello,

please do post documents, they can be interesting for many readers. Assuming that no human error is committed (and that's a big assumption, of course) normally an adversary as the one you describe can be defeated under the aspects you cite, except when you already are a specific target (however, in this case the scenario is totally different and attacks, even physical attacks by real persons in your home or work place, against your own devices, must be considered).

See here for more details on some scenarios in which it is possible and relatively easy to defeat some types of high power adversaries.

https://airvpn.org/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745

The example cites Tor over OpenVPN and OpenVPN over Tor, but course any analogous solution could be applicable.

Kind regards

bigbrosbitch

Hi Staff,

Actually you were right - they still struggle with OpenVPN. My thoughts below.

NSA How To: Break Down VPN traffic

Preamble

This post aims to better inform VPN users of current government capabilities in breaking down VPN sessions. Most of the successful attacks are against PPTP (Point-to-Pont Tunneling) - a proven insecure protocol, LTP2 (Layer 2 Tunnel Protocol)/IpSec (through stealing keys mostly), but OpenVPN seems to pose some problems, due to ephemeral (temporary) key exchanges (Perfect Forward Secrecy).

As a civil libertarian I believe it is everyone's right to have a free internet that is uncensored and unmonitored. However, since that is a pipe dream, you should at least be forewarned of their technical capabilities and respond accordingly. This is particularly true if you are a legitimate target, come from a privacy-hostile country (where isn't these days?), like playing "Mr Robot" or truely wish to maintain a semblance of privacy in your activities (benign or otherwise).

I'm not overly concerned about my own fascist-leaning government knowing my thoughts - I'm sure they already do. One cannot use, research and play with a host of anonymity and privacy tools across a certain period, and speak your mind frankly about police-state antics, without striking off some bells somewhere in the newly revealed military-net. Further, the authoritarians really don't tolerate thought-crime well, nor facts or evidence, and have a serious glass jaw.

Despite the possible attacks against VPNs discussed below, they still provide a host of security and privacy benefits and should be readily used. Obviously, service providers like AirVPN which have a solid reputation and the strongest available protocols (OpenVPN, 256 bit keys, 4096 bit RSA) are a good choice.

At worst, if you chose the wong provider you might hit a NSA honeypot.

What? You didn't imagine they would be running poisoned wells out there on the net?

This is already known from disclosures! We just don't know which services they are trying to entice people to use. When you think about it, this is also another obvious method to use as part of a net dominance strategy when you have almost unlimited funds for BigFoot hunting.

Introduction

I'm going to assume for the purpose of this discussion the NSA doesn't already have a quantum computer capable of brute-forcing immensely large keys and that dystopian future is 20 years away. If and when that capability matures, then I'm sure they will be highly aroused in decrypting decades of 'secure' data and communications, since the 3-letter agencies have all the hallmark symptoms of compulsive hoarding disorder, with paranoid features.

You do realise that once a system is broken the agencies can 'look back in time', right? Never forget it. Even today, brute-forcing of keys is estimated to be capable at somewhere below the 80-bit threshold.

I will also leave aside the disturbing fact the NSA has for the longest period been working on a working quantum computer that can "...attack high-grade public key encryption systems" and also has an "Owning the Net" initiative.

What else would 35,000 NSA staff do with a black budget of $11 billion ($440 million for R&D) annually; around $35 million for Cryptanalysis and Exploitation Services? Because information is power, they really mean to own everybody's ass by owning your complete electronic record.

In earlier decades like the 1970s, the NSA made significant breakdthroughs against encryption algorithms at the time. It is therefore possible that expert NSA mathematicians have had successes against popular modern algorithms: AES, Twofish, Serpent and so on. Further, the NSA may have improved their factoring methods using techniques that are unknown to academia. Even if this is confirmed, a sufficiently large key above 500 bits should help to solve this problem.*

* Avoiding the elliptic curve cryptography that the NSA endorses is another prudent decision, since it can be readily assumed they have made in-roads against the technique.

Despite these possible scenarios, it is far more likely the greatest successes against encryption protocols are occuring by more nefarious methods: backdoors, zero day exploits in code, using an priveleged position within the internet infrastructure to monitor/detect/intercept encrypted traffic, and so on. Fortunately, a treasure trove of Snowden documents lend support to this position.

The Stasi on steroids (what else do we call them?) have a number of proven capabilities to undermine VPNs and SSL/TLS traffic in general which we will now explore in further detail.

Just remember your taxpayer dollars are working to create the electronic infrastructure for a turn-key totalitarian state. In essence, if you can't tell the difference between the US and Cuba in terms of policies, that is because you are Cuba, with a shiny two-party badge on your lapel.

Why does the Stasi struggle to decrypt sessions using the OpenVPN protocol compared to LTP2/IPSec, PPTP and others?

OpenVPN is open source and uses epheremal (temporary) key exchanges (Perfect Forward Secrecy). This means a new key is generated for each exchange and there is rotation of keys at a regular interval. Consequently, there is no reliance on certificates to establish trust.

On the other hand, PPTP and other protocols regularly employ a non ephemeral key exchange which relies solely on the secrecy of the certificate’s private key in order to maintain exchange secrecy. As such, in this case, once a private key is compromised, then all past, present and future non ephemeral exchanges will be compromised, just by watching the traffic.

Does this mean OpenVPN is perfect? No - it still relies on SSL/TLS handshakes which the NSA has spent considerable time on breaking down (see below).

Setting the Scene - NSA Programs Targeted at Decrypting Traffic - PPTP, SSH, SSL, IPSec

"Sniff It All, Collect It All, Know It All, Process It All, Exploit It All"

This infamous NSA powerpoint quote should make it clear that any goal less than complete information awareness is unacceptable to them. Essentially, spooks everywhere want a Minority Report pre-crime infrastructure fully implemented, despite the dehumanising and unjustified nature of capturing whole-sale data on an entire planet's population.

The Stasi complain in a number of disclosed documents that they experience serious difficulties with Tor, CSpace instant messaging, OTR, Truecrypt (development ceased after probable government pressure), PGP and ZRTP encryption. But nowhere that I can find do they declare VPNs in isolation pose them great difficulties. Side channel attacks seem popular against most protocols.

That should ring alarm bells and here's why:

IpSec VPNs are typically targeted by HAMMERSTEIN. It achieves man-in-the-middle attacks to compromise the internet key exchange (IKE) on VPNs and other secure connections and has the capability to recover selected keys using the TURMOIL system. A VPN meta-data record is kept of each key exchange and goes to a database of VPN meta-data including endpoints (TOYGRIPPE). The repository stores information on VPN sessions between systems of interest, including their “fingerprints” for specific machines and which VPN services they’ve connected to, their key exchanges, and other connection data.

VPN “fingerprints” can also be extracted from XKEYSCORE, the NSA’s distributed “big data” store of all recently captured Internet traffic, to be used in identifying targets and developing an attack. Because XKEYSCORE includes data from “untasked” sources—people and systems not designated as under surveillance—the OTP VPN Exploitation Team’s presentation requested, “Try to avoid relying on (XKEYSCORE) workflows due to legal and logistical issues.” But XKEYSCORE, it was noted, is best for attacks on SSH traffic.

While some VPN technologies—specifically, those based on the Point-to-Point Protocol (PPTP)—have previously been identified as being vulnerable because of the way they exchange keys at the beginning of a VPN session, others have generally been assumed to be safer from scrutiny. But in 2010, the NSA had already developed tools to attack the most commonly used VPN encryption schemes: Secure Shell (SSH), Internet Protocol Security (IPSec), and Secure Socket Layer (SSL) encryption.

Analysis of TOYGRIPPE and XKEYSCORE data, as well as from “daily VPN exploits,” is fed into BLEAKINQUIRY—a metadata database of “potentially exploitable” VPNs. This database can be searched by NSA analysts for addresses matching targeted individuals or systems and to generate requests for the VPN Exploit crew to convert the "potentially" into an actuality.

When an IPSec VPN is identified and “tasked” by NSA analysts, according to the presentation, a “full take” of its traffic is stored in VULCANDEATHGRIP, a VPN data repository. There are similar, separate repositories for PPTP and SSL VPN traffic dubbed FOURSCORE and VULCANMINDMELD, respectively.

The data is then replayed from the repositories through a set of attack scripts, which use sets of preshared keys (PSKs) harvested from sources such as exploited routers and stored in a key database called CORALREEF. Other attack methods are used to attempt to recover the PSK for each VPN session. If the traffic is of interest, successfully cracked VPNs are then processed by a system called TURTLEPOWER and sorted into the NSA’s XKEYSCORE full-traffic database, and extracted content is pushed to the PINWALE “digital network intelligence” content database.

But for those that aren’t successfully cracked, the VPN Exploit Team’s presentation noted, the team works to “turn that frown upside down” by doing more data collection—trying to capture IPSec Internet Key Exchange (IKE) and Encapsulating Security Payload (ESP) traffic during VPN handshakes to help build better attacks. In cases where the keys just can’t be recovered, the VPN Exploit Team will “contact our friends for help”— gathering more information on the systems of interest from other data collection sites or doing an end-run by calling on Tailored Access Operations to “create access points” through exploits of one of the endpoints of the VPN connection.

There are a host of others that I haven't covered right now (takes a while), but they include: GALLANTWAVE, LONGHAUL, VALIANTSURF, SPIN 9 and so on. So, take it for granted that these other protocols are stuffed. FLYING PIG and BULLRUN are used to break down SSL/TLS used for HTTPS and the NSA claims they have a program capable of breaking down SSH conenctions.

If all else fails, the NSA and its allies resort to brute force: They hack their target's computers or Internet routers to get to the secret encryption -- or they intercept computers on the way to their targets, open them and insert spy gear before they even reach their destination, a process they call interdiction.

If OpenVPN is not mentioned, does this mean I am invulnerable to attack?

I don't think so, and here's why.

If the private key is compromised than a man-in-the-middle (MITM) attack could target the OpenVPN connection. This would have to be a specially crafted attack and it would only yield information for the session, not the entire VPN history due to regularly expiring temporary keys.

If you are Breakin Bad and they want to break your ass (based on identifying you as interesting in X-KEYSCORE), then a combination of TURMOIL, TURBINE and QUANTUM can be used to do a MITM attack at the point of key exchange protocol.

Bad Boy Bruce Schneier gives us the low down on QUANTUM:

As part of the TURMOIL* system, the NSA places secret servers, codenamed QUANTUM, at key places on the internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target's browser to visit a Foxacid server. In the academic literature, these are called "man-in-the-middle" attacks, and have been known to the commercial and academic security communities. More specifically, they are examples of "man-on-the-side" attacks.

* TURMOIL is the passive network surveillance system that provides all the data accessed through the NSA’s XKeyScore** database. This is closely associated with TURBINE which is associated with active collection and detection of packets on the network.

** X-KeyScore gathers data from social media, chat, browsing, emails and more, including their metadata, covering practically everything a user does online.

X-KeyScore can find every email address recorded in a browsing session by both username and domain, every phone number, address book entry or signature block, webmail and chat activity including usernames, buddylists, machine specific cookies, and so much more that is supposed to be within the realm of a user’s assured account privacy.

The NSA can therefore read emails, private messages, chats, and any communications that are stored online. They can also monitor these in real-time. Essentially, you are easily identified through your prior (extensive) history in X-KeyScore. The Stasi probably already has a very fat file before you learnt about VPNs, Tor, proper encrypted communications and so on. Also, people log into real accounts all the time behind VPN connections providing correlational data that is useful for attack vectors.

Based on this information, if I am the spook behind the levers, my basic AirVPN hack would occur as follows - if I'm not already inside your servers and infrastructure ala Kasperksy ala Stuxnet!:

1. I use the wealth of information at my fingertips with ICREACH and X-KEYSCORE to identify persons of interest via certain keywords, emails, specific networks, use of Tor, email domains and so on. A 'trouble-maker' survey (they already do this). I know pretty well everything about them: contacts, previous unecrypted behaviours (likely to be repeated behind the VPN veil), porn habits, browsing behaviours, social media interests, financial purchases etc.

2. I set my TURMOIL passive sensors to detect key exchanges using the OpenVPN protocol (it has a specific signature). Along with TURBULENCE AND TUMULT, I continually sift through the internet traffic in real time until the systems hits what I am looking for.

Alternatively, the system can be set to wait for persons of interest to log into accounts like Facebook, Gmail, Google+ etc (given you were active before VPNs and probably also when using them), in waiting for a browser hijack.

3. When TURMOIL detects packets on the Internet containing a selector (i.e. some identifying information) targeted by the NSA, it “tips” the TURBINE system.

4. A response is triggered in the TURBINE system to attempt to deploy an active exploit, using the tasked QUANTUMTHEORY* attack method, on the target computer.

5. Essentially the race is on between you and the NSA when you are attempting the key exchange, and if they are fast enough, they could MITM you to a fake AirVPN server, or in the case of the browser hijack, send you to NSABook instead of Facebook - the so-called FOX-ACID** servers.

6. The NSA will probably win the race - they have a global system in place - and latency times (total milliseconds) are as follows: TURMOIL sensors (10ms), TURBINE command/control decision (150ms), Covert network - MITM attack (240ms), Malware injection implant (315ms), Network effect on target destination (686ms).***

7. I merrily continue to view the target behind their 'safe' OpenVPN connection, whilst they are really being logged into the Death Star and being totally pwned.

* There are several individual QUANTUMTHEORY attack methods from which an officer can select; the end goal for all is to infect the targeted computer such that NSA can maintain access for exfiltrating information e.g. QUANTUMINSERT, QUANTUMBISCUIT etc.

** These servers are run by the NSA's tailored access operations, or TAO, group. TAO is another subgroup of the systems intelligence directorate. The servers are on the public internet. They have normal-looking domain names, and can be visited by any browser from anywhere; ownership of those domains cannot be traced back to the NSA.

In the normal instance, someone visiting a FOX-ACID server with a browser and specially crafted URL has their browser and computer infected and taken control of. Thus, the TAO operation could instead modify this expectation to an active VPN server arrangement which is unique to the target.

*** Note: these are 2010 figures, so no doubt they picked up the pace a tad...

Summary OpenVPN attack

In short, if I can use TURMOIL to tap the internet backbone as a sensor, tip off TURBINE, which then automatically aims for a range of QUANTUM functions (there are many), then I can probably own your ass for a direct implant or just plain 'Intel Inside' kind of surveillance, due to my Usain Bolt effort of 686ms to get inside. Whether it is FOX-ACID re-directs, browser hacks, or corruption of the SSL/TLS handshake, I'm pretty sure it's not too much work for these guys.

I should also note that disclosures show tens of thousands of computer networks have already had NSA malware directly implanted, along with a plan for infection of millions of computers. Now which computers do you think they have/plan to infect outside of the normal industrial, economic and political espionage?

That's right, anybody hitting their X-KeyScore markers, you know, people who use Tor, encryption, steganography, VPNs, have visited certain websites, use certain keywords, have certain contacts and the like.

Conclusion

OpenVPN is by far the strongest protocol available and kudos to AirVPN for using it. Ephemeral keys and PFS are essential for good security and do not have the weakenesses associated with certificate systems that allow for broad passive surveillance on a host of VPN users due to known security weaknesses, interception of keys or other methods.

While OpenVPN is not subject to the wide range of attacks facing PPTP, IpSec and other protocols based on disclosures, it would be risky indeed to assume the NSA can't outpace you in the matrix and MITM your ass with a specially crafted attack when they operate in 100s of milliseconds based on disclosures.

There are a wide number of automated systems already in place that are pre-configured to zoom in on 'interesting' behaviour, whether it is in real-time or a passive collection of data gathered over years that finally happens to hit a certain threshold of indicators.

The vast repository of data available makes it very likely that unique signatures, correlation between activities and so on can identify 33+ bits of information that information theory suggests is necessary to ID someone amongst billions of people - especially when you consider the average agent string in a browser contains 10.5 bits of information....

bigbrosbitch

Source NSA slides re: VPNs are attached for those interested. The really smart ones can put it together better than I have attempted.

As indicated above - PPTP and IPSec are no good. That much is clear. Also, for those who really want to appreciate how pwned the internet is, check out this large list of known programs that has been compiled. Happy reading...

NSA Codewords and Nicknames

http://electrospaces.blogspot.ch/p/nicknames-and-codewords.html

A

ABNER I - ASA-sponsored general-purpose analytic computer (1952)
ACIDWASH - Covert access point for a mobile phone network in Afghanistan, part of the MYSTIC program * *
ACORN - Compartment for Top Secret COMINT information (1950-1951) *
ACCORDIAN - Type 1 Cryptographic algorithm used in a number of crypto products
ACRIDMINI - TAO computer hacking project *
AETHER - ONI tool "to correlate seemingly disparate entities and relationships, to identify networks of interest, and to detect patterns" *
AGILITY - NSA internet information tool or database
AGILEVIEW - NSA internet information tool or database
AIRGAP - Database which deals with priority DoD missions
AIRHANDLER (AH) - Processing system for wireless data collected by a drone platform, like AST-221A *
AIRSTEED - Cell phone tracking program of the Global Access Operations (GAO) *
AIRWOLF - ?
ALAMITO - The mission of Mexico at the United Nations in New York *
ALBATROSS - Soviet cipher system of the 1940s and maybe 1950s
ALPHA - Retired SIGINT Exchange Designator for Great Britain
ALTEREDCARBON - An IRATEMONK implant for Seagate drives *
ALTEREGO - A type of Question-Focused Dataset based on E.164
AMBERJACK - SIGINT/EW collection and exploitation system
AMBLE - Retired SIGINT product codeword
AMBULANT (AMB) - SI-ECI compartment related to the BULLRUN program
ANCHORY - NSA software system which provides web access to textual intelligence documents
ANGRYNEIGHBOR - Family of radar retro-reflector tools used by NSA's TAO division *
APALATCHEE - The EU mission in New York
APERIODIC - SI-ECI compartment related to the BULLRUN program
APERTURESCIENCE - TAO computer hacking project *
APEX - See Abbreviations listing
APPLE1 - Upstream collection site
APPLESAUCE - Civilian(CIA)-run station on Cyprus (1950s)
APRIL STRAWBERY - Small-scale program that researched vulnerabilities in computer networks running critical infrastructure *
APSTARS - NSA tool that provides "semantic integration of data from multiple sources in support of intelligence processing" *
AQUADOR - Merchant ship tracking tool
ARGYLEALIEN - Method to cause a loss of data by exploiting zeroization of hard-drives *
ARKSTREAM - Implant used to reflash BIOS, installed by remote access or intercepted shipping
ARTIFICE - SSO corporate partner (foreign?) *
AUTOSOURCE - NSA tool or database
AQUACADE - A class of SIGINT spy satellites (formerly RHYOLITE)
ARCA - SIGINT Exchange Designator for ?
ARGON - Satellite mapping program
ARMOR - System related to the Predator drone *
ARTIFICE - SSO corporate partner under the STORMBREW program
ASPHALT - Project to increase the volume of satellite intercepts at the Menwith Hill Station in the UK *
ASPHALT-PLUS - See above
ASSOCIATION - NSA analytical tool or database for telephone (meta)data
ATALANTA - EU anti-piracy operation
ATLAS - CSEC database
ATLAS - Cryptanalytic computer using magnetic drum storage technology (delivered in 1950)
AUNTIE - SI-ECI compartment related to the BULLRUN program
AURORAGOLD (AG) - Repository of data about international GSM/UMTS networks *
AUTO ASSOCIATION - Second party database
AZUREPHOENIX - Cable tapping facility operated in cooperation with a trusted 3rd Party agency, part of the RAMPART-A program *

B

BACCHUS - ASA-provided electromechanical cipher equipment for South Korean forces (1953)
BALLOONKNOT - TAO computer hacking project *
BAMBOOSPRING - ?
BANANAGLEE - Software implant that allows remote Jetplow firmware installation
BANCROFT - KY-67 voice encryption system
BANISTER - The Columbian trade bureau in New York *
BANYAN - NSA tactical geospatial correlation database
BARNFIRE - TAO tool to erase the BIOS on a brand of servers that act as a backbone to many rival governments *
BASECOAT - Program targeting the mobile phone network on the Bahamas (sigad: US-3310A) *
BASILHAYDEN - Joint GCSB-NSA operation (proposed) to tap communications between the Chinese consulate and its passport office in Auckland, New Zealand (GCSB codename: FROSTBITE) *
BASTE - Retired SIGINT product codeword
BATON - Type 1 Block cipher algorithm, used with many crypto products
BAYBRIDGE - Codeword related to data exchange at NSA's European Cryptologic Center (ECC) *
BEACHHEAD - Computer exploit delivered by the FERRETCANON system *
BEAMER - ?
BEGGAR SHADOW - Navy airborne SIGINT missions
BELLTOPPER - NSA database *
BELLVIEW - SIGINT reporting tool
BERSERKR - Persistent backdoor that is implanted into the BIOS and runs from System Management Mode * *
BIG LOOK - ELINT systems on Navy EC-121s to detect SAM radars (Vietnam War)
BIGOT - List of personnel cleared for access to highly sensitive information or operations
BIG RIB - airborne telemetry collection program using RB-57 aircraft based in Adana, Turkey (1965-?)
BINOCULAR - Former NSA intelligence dissemination tool
BIRCHWOOD - Upstream collection site
BITTERSWEET - first "advisory warning" (COMINT-provided alert) plan for airborne SIGINT missions (1952)
BLACKBOOK - ODNI tool for large-scale semantic data analysis *
BIRDWATCHER - Automated survey system *
BLACKFOOT - The French mission at the United Nations in New York *
BLACKHAWK - Program for surveillance of the Turkish mission at the UN in New York
BLACKHEART - Collection through FBI implants *
BLACKMAGIC - NSA database or tool
BLACKNIGHT - Filtering or selection tool *
BLACKPEARL - NSA database with SIGINT 5-tuple (TCP/IP), identified routers, routing protocols, and SIGINT access points, maybe also case notations * * *
BLACKWATCH - NSA reporting tool
BLARNEY - Program for intercepting phone and internet traffic at switches in the US (since 1978)*
BLAZING SADDLES - CSE tool? *
BLEAKINQUIRY - Metadata database of potentially exploitable VPNs *
BLINDDATE - Connection for afloat computer network operations like aboard USS Annapolis *
BLUEANCHOR - Partner providing a network access point for the YACHTSHOP program
BLUEFISH (BLFH) - Compartment of the KLONDIKE control system
BLUESASH - Network used by NTOC operational analysts *
BLUE SKY - Airborne COMINT program in Far East (1952-?)
BLUESNORT - TURMOIL type or site? *
BLUEZEPHYR - Sub-program of OAKSTAR
BOOTY - Retired SIGINT product codeword
BORGERKING - Something related to Linux exploits *
BOTANICREALTY - Video demodulation tool (formerly: UNCANNY) *
BOUNDLESSINFORMANT - DNI and DNR metadata visualization tool
BOURBON - Joint NSA and GCHQ program for breaking Soviet encryption codes (1946-?)*
BOXINGRUMBLE - Network attack that was countered by QUANTUMDNS *
BRICKTOP - Project to learn about new malware by intercepting e-mail from several security companies (2009) *
BRIDE - Second codename for what eventually became VENONA *
BROKENRECORD - NSA tool
BROKENTIGO - Tool for computer network operations
BROADSIDE - Covert listening post in the US embassy in Moscow
BROOMSTICK - ?
BRUNEAU - The Italian embassy in Washington DC *
BRUTUS - Tool or program related to MARINA *
BUCKSHOT YANKEE - Operation to remove the computer worm Agent.btz from infected classified and unclassified DoD networks (2008-2009) *
BUFFALOGREEN - The name ORANGECRUSH was known to Polish partners *
BULLDOZER - PCI bus hardware implant on intercepted shipping
BULLRUN - An NSA COI for decryption of network communications
BULLSEYE - NSG High-Frequency Direction-Finding (HF-DF) network (now called CROSSHAIR)
BYEMAN (BYE) - Retired SCI control system for overhead collection systems (1961-2005)
BYZANTINE - First word of nicknames for programs involving defense against Chinese cyber-warfare and US offensive cyber-warfare *
BYZANTINE ANCHOR (BA) – A group of Chinese hackers which compromised multiple US government and defense contractor systems since 2003 *
BYZANTINE CANDOR (BC) – A group of Chinese hackers which compromised a US-based ISP and at least one US government agency * *
BYZANTINE FOOTHOLD (BF) – A group of Chinese hackers who attacked various international companies and internet services providers *
BYZANTINE HADES (BH) – A concerted effort against Chinese hackers who attacked the Pentagon and military contractors. Probably renamed to the LEGION-series *
BYZANTINE TRACE - "intrusion set" already indentified in 2007 *

C

CADENCE - NSA database with tasking dictionaries
CAJABLOSSOM - Automated system for analysing and profiling internet browsing histories
CAKEBREAD - Codename for Osama bin Laden
CALIX - System used at the Waihopai satellite intercept station *
CALYPSO - Remote SATCOM collection facility
CAMBERDADA - Project using SIGINT collection to learn about new malware *
CANDYGRAM - Laptop mimicking GSM cell tower, sends out SMS whenever registered target enters its area, for tracking and ID of targets
CANYON - Class of COMINT spy satellites (1968-1977)
CANOE - Compartment for Top Secret COMINT information (1952-1953) *
CANNON LIGHT - Counterintelligence database of the US Army
CAPRICORN - (former?) database for voice data *
CAPTIVATEDAUDIENCE - Computer implant plug-in to take over a targeted computer’s microphone and record conversations taking place near the device
CARBOY - Second Party satellite intercept station at Bude, England
CARBOY II - Units of ECHELON which break down satellite links into telephone and telegraph channels
CARILLON - Complex of five IBM-370 (or 360, later four IBM 3033s) high performance computers strapped together at Fort Meade, for a mostly traffic analytic process (1973)
CARPAT - NSA contact chaining algorithm *
CASport - NSA user authorization service
CASTLECRASHER - Primary technique for executing DNT payloads for Windows computers *
CATALYST - Computer system capable of automatically analyzing the massive quantities of data gathered across the entire intelligence community *
CENTER ICE - Data center for the exchange of intelligence regarding Afghanistan among the members of the 14-Eyes/SSEUR *
CENTERMASS - NSA tool or database
CENTRICDUD - Tool that can read and write bytes in the CMOS of a targeted Windows computer *
CERF CALL MOSES1 - Contact Event Record Format - for certain telephony metadata *
CERNET - Open Source information used for the TREASUREMAP tool *
CHALET - First codename for CHALET/VORTEX class SIGINT satellites (the codename was changed after 1979 leak)
CHALKFUN - Analytic tool, used to search the FASCIA database *
CHAOS - CIA domestic spying operation (1967-1973)
CHAOSOVERLORD - TAO computer hacking project *
CHARGER HORSE - Communication net for afloat direct SIGINT support detachments (Vietnam War, 1969-?)
CHASEFALCON - Major program of the Global Access Operations (GAO) *
CHATTERII - Communications tool (connecting to 3rd Party agencies?)
CHEER - Retired SIGINT product codeword
CHENEY - Soviet cipher system, probably of the 1950s
CHEROKEE - (former) handling instruction: limited to senior officials
CHESS - Compartment of TALENT KEYHOLE for the U-2 spy plane
CHEWSTICK - NSA tool or database
CHIMNEYPOOL - Framework or specification of GENIE-compliance for hardware/software implants
CHIPPEWA - Some communications network, involving Israel *
CHOCOLATESHIP - TAO computer hacking project *
CHUTE - Retired SIGINT product codeword
CIMBRI - Probably a metadata database *
CINEPLEX - Analytical tool *
CIRCUIT RAPTOR - System for processing data from circuit switched telephone networks *
CLARIFYMIND - Pilot program for secure wireless communications *
CLASSIC - ?
CLASSIC BULLSEYE - Worldwide ocean SIGINT surveillance or direction finding system (1960's-?)
CLASSIC TROLL - System that increases the probability of SIGINT intercept by 500%, supporting tactical and national requirements
CLASSIC WIZARD - Satellite ocean surveillance system for ELINT
CLEVERDEVICE - Upstream collection site
CLOUD - NSA database
CLOUD - DSP program implementing graph algorithms in a cloud computing environment *
CLOUDSHIELD - System that terminates a client-side connection to a malicious server and blocks the server's response *
COASTLINE - NSA tool or database
COBALTFALCON - Sub-program of OAKSTAR
COBRA FOCUS - NSA-G operations center for producing intelligence from Iraq * *
COGNOS - NSA tool or database
COLERIDGE - Soviet cipher system of the 1940s
COMFY LEVI - C-130s with roll-on SIGINT suites (1968-?)
CORDOBA - Type 2 Cryptographic algorithm used in a number of crypto chips
COMBAT SENT - Reconaissance operation
COMMONDEER - Computer exploit for looking whether a computer has security software
COMMONGROUND - System used at the Waihopai satellite intercept station *
COMMONVIEW - Internal NSA monitoring tool *
CONFIRM - NSA database for personell access
CONJECTURE - Network compatible with HOWLERMONKEY
CONTRAOCTAVE - NSA telephony tasking database * Used to determine 'foreigness' *
CONVERSION QUEST - Part of SHAREDQUEST relating to antenna command and control *
CONVEYANCE - Voice content ingest processor *
COPILOT - System that automatically scans digital data for things like language, phone and creditcard numbers and attachments *
COPSE - Compartment for Top Secret COMINT information (1949-1950) *
CORALINE - NSA satellite intercept station at Sabena Seca at Puerto Rico (closed)
CORALREEF - Database for VPN crypto attack data *
CORONA - A series of photographic surveillance satellites (1959-1972)
CO-TRAVELER - Set of tools for finding unknown associates of intelligence targets by tracking movements based upon cell phone locations *
COTTONMOUTH (CM) - Computer implant devices used by NSA's TAO division
COTTONMOUTH-I (CM-I) - USB hardware implant providing wireless bridge into target network and loading of exploit software onto target PCs, formerly DEWSWEEPER
COTTONMOUTH-II (CM-II) - USB hardware host tap provides covert link over USP into target's network co-located with long haul relay; dual-stacked USB connector, consists of CM-I digital hardware plus long haul relay concealed in chassis; hub with switches is concealed in a dual stacked USB connector and hard-wired to provide intra-chassis link.
COTTONMOUTH-III (CM-III) - Radio Frequency link for commands to software implants and data infiltration/exfiltration, short range inter-chassis link within RJ45 Dual Stacked USB connector
COURIERSKILL - Filtering or selection tool *
COWBOY - The DICTIONARY computer used at the Yakima station of ECHELON *
CRAFTY SHACK - Analytics documentation *
CRANKSHAFT - Codename for Osama bin Laden
CREAM - Compartment for Top Secret COMINT information (1946-1947) *
CREDIBLE - Transport of intelligence materials to partner agencies
CREST - Database that automatically translates foreign language intercepts in English *
CRISSCROSS - Database of telecommunications selectors, operated by the CIA and also used by DOJ, DOD and NSA
CROSSBEAM - GSM module mating commercial Motorola cell with WagonBed controller board for collecting voice data content via GPRS (web), circuit-switched data, data over voice, and DTMF to secure facility, implanted cell tower switch
CROSSBONES - Analytic journal *
CROSSEYEDSLOTH - TAO computer hacking project *
CROSSHAIR - NSG High-Frequency Direction-Finding (HF-DF) network (formerly BULLSEYE)
CRUMPET - Covert network with printer, server and desktop nodes
CULTWEAVE - Smaller size SIGINT database *
CYBERQUEST (CQ) - Cyber threat discovery mission? (since 2008)*
CYBERTRANS - A common interface to a number of underlying machine translation systems *
CYCLONE Hx9 - Base station router, network in a box using Typhon interface
CYR - Intelligence exchange agreement between DIA and the Israeli military intelligence directorate (1968) *

D

DAFF - Codeword for products of satellite imagery
DAMEON - Remote SATCOM collection facility
DANCER - Project initiated in 1965 to employ South Vietnamese as linguists in US SIGINT operations
DANCINGOASIS (DGO) - SSO program collecting data from fiber optic cables between Europe and the Far East (since 2011) *
DANDERSPRITZ - Software tool that spoofs IP and MAC addresses, intermediate redirector node
DANGERMOUSE - Tactical SIGINT collecting system for like cell phone calls
DARDANUS - Remote SATCOM collection facility
DAREDEVIL - Shooter/implant as part of the QUANTUM system *
DARKFIRE - TAO computer hacking project *
DARKTHUNDER - TAO computer hacking project *
DARKQUEST (DQ) - Automated FORNSAT survey system * that can for example identify the presence of a VPN *; part of SHAREDQUEST *
DAUNT - Compartment for Top Secret COMINT information (1959-1960) *
DAYSEND - Program at NSA's communications complex receiving intercepts files (1973)
DECKPIN - NSA crisis cell activated during emergencies
DEEPDIVE - An XKEYSCORE related method *
DEFIANTWARRIOR - Program under which a host computer that is infected with an exploitable bot can hijacked through a QUANTUMBOT attack and redirected to the NSA *
DEITYBOUNCE - Provides implanted software persistence on Dell PowerEdge RAID servers via motherboard BIOS using Intel's System Management Mode for periodic execution, installed via ArkStream to reflash the BIOS
DELTA - Former SCI control system for intercepts from Soviet military operations
DEMONSPIT - Dataflow for bulk telephony metadata acquired from major Pakistani telecom providers *
DENIM - Retired SIGINT product codeword
DESERTWINTER - Codeword found in the source code used by the Equation hacking group *
DESPERADO - NSA software tool to prepare reports
DEWSWEEPER - Technique to tap USB hardware hosts *
DIANA - ASA-provided one-time-pad system for South Korean forces (1953)
DIKTER - SIGINT Exchange Designator for Norway
DINAR - Compartment for Top Secret COMINT information (1961-1965) *
DIONYSUS - Remote SATCOM collection facility
DIRESCALLOP - Method to circumvent commercial products that prevent malicious software from making changes to a computer system
DISCOROUTE - NAC/GCHQ repository for router configuration files from CNE and passive SIGINT, like for example telnet sessions * *
DISHFIRE - NSA database for text messages (SMS)
DISTANTFOCUS - A pod for tactical SIGINT and precision geolocation (since 2005) *
DISTILLERY - Tactical collection system(?) *
DISTILLERY - Stream-based platform for executing hacking identification applications *
DIVERSITY - SIGINT Exchange Designator for ?
DOBIE - The South African consulate and mission at the UN in New York *
DOCKETDICTATE - Something related to NSA's TAO division
DOGCOLLAR - A type of Question-Focussed Dataset based on the Facebook display name cookie
DOGHUT - Upstream collection site
DOUBLEARROW - One of NSA's voice processing databases? *
DRAGGABLEKITTEN - An XKEYSCORE Map/Reduce analytic *
DRAWSTRING - Project to "remote" more intercept facilities because of budget cuts (1973-?)
DREADNOUGHT - NSA operation focused on Ayatollah Khamenei *
DRINKPARSLEY - Codeword found in the source code used by the Equation hacking group *
DROPMIRE - Passive collection of emanations (e.g. from printers or faxes) by using a radio frequency antenna
DROPOUTJEEP - STRAITBIZARRE-based software implant for iPhone, initially close access but later remotely
DRTBOX - System for processing data from mobile communication networks
DRUG - Third codename for what eventually became VENONA *
DRUID - SIGINT Exchange Designator for third party countries
DRYAD - A US military numeral cipher/authentication system
DRYTORTUGAS - Analytic tool
DUALTIRE - System used at the Waihopai satellite intercept station *
DUSKPALLET - SSO interception program for GSM networks in Kenya (US-3270), part of the MYSTIC program *
DYNAMO - SIGINT Exchange Designator for Denmark
DYNO - Classifed codename for the Galactic Radiation And Background (GRAB) Low-Earth Orbit ELINT satellite (1960-1962 launches)

E

EAGLE - Upstream collection site
EASYKRAKEN - An IRATEMONK implantation for ARM-based Samsung drives *
ECHELON - Sub-program of FROSTING directed against INTELSAT satellites *
ECHO - SIGINT Exchange Designator for Australia
ECRU (EU) - Compartment of the ENDSEAL control system
EDEN - Upstream collection site
EGOTISTICALGIRAFFE (EGGI) - NSA program for exploiting the TOR network *
EGOTISTICALGOAT (EGGO) - NSA tool for exploiting the TOR network *
EIDER - Compartment for Top Secret COMINT information (1955-1959) *
EIKANOL (or: EIKONAL) - Joint NSA-BND operation to tap a fiber-optic cable of Deutsche Telekom in Frankfurt, part of the RAMPART-A program
EINSTEIN - Cell phone network intercepting equipment used by SCS units
EINSTEIN - Intrusion detection system for US government network gateways (deployed in 2004)
EINSTEIN 2 - Second version of the EINSTEIN program for detecting malicious network activity
EINSTEIN 3 - Third version of the EINSTEIN program that will monitor government computer traffic on private sector sites too *
ELEGANTCHAOS - Large scale FORNSAT data analysis system *
EMBRACEFLINT - Tool for computer network operations
EMERALD - Alternate codename for operation WHARPDRIVE(?) *
ENDSEAL (EL) - SCI control system
ENDUE - A COI for sensitive decrypts of the BULLRUN program
ENTOURAGE - Directional finder for line of bearing for GSM, UMTS, CDMA, FRS signals, works with NEBULA active interrogator within GALAXY program
EPICSHELTER - Sophisticated data backup system designed by Edward Snowden *
EQUATION (Group) - Nickname given by Kaspersky to a highly advanced computer hacking group, suspected of being tied to NSA *
ERRONEOUSINGENUITY (ERIN) - NSA tool for exploiting the TOR network *
ETCHINGSPIN - SSO mobile telephone interception program, part of the MYSTIC program *
EVENINGEASEL - Program for surveillance of phone and text communications from Mexico's cell phone network (sigad: US-3411), part of the MYSTIC program *
EVILOLIVE - Iinternet geolocation tool
EVOLVED MUTANT BROTH - Second party database
EXPLORER I/II/III - Intercept operations using unmaned equipment on hilltops during the Vietnam War (1970-1972)
EYESPY - System that scans data for logos of companies, political parties and other organizations, as well for pictures with faces for facial recognition *

F

FACELIFT - Codeword related to NSA's Special Source Operations division *
FACTOR - NSA program targeting North Vietnamese maritime infiltration (1970-?)
FAIRVIEW - NSA corporate partner with access to international cables, routers, and switches (since 1985)*
FAIRVIEWCOTS - System for processing telephony metadata collected under the FAIRVIEW program *
FAKEDOUBT - An IRATEMONK implantation for ARM-based Hitachi drives *
FALLENORACLE - NSA tool or database
FALLOUT - DNI metadata ingest processor/database
FALLOWHAUNT (FH) - System used at the Waihopai satellite station, New Zealand, part of SHAREDQUEST *
FARLEY - (SIGINT exchange designator?)
FARMER - Projected general-purpose computer for both cryptanalysis and traffic analysis (1950s)
FARNDALE - ? *
FASCIA - DNR metadata ingest processor/database *
FASCIA II - Ibidem with a dedicated HCS partition *
FASCINATOR - Series of Type 1 encryption modules for Motorola digital-capable voice radios
FASHIONCLEFT (FC) - Protocol for hiding packets of VPN and VoIP communications within other packets that are allowed to leave the targeted network *
FASTBAT - Telephony related database?
FASTFOLLOWER - Tool to identify foreign agents who might tail American case officers overseas by correlating cellphone signals
FASTSCOPE - NSA database
FEEDTROUGH - Software implant for unauthorized access to Juniper firewall models N5XT, NS25, NS50, NS200, NS500, ISG1000
FERRETCANON - Subsystem of the FOXACID system *
FIFTYEXCLAIM - Cover term representing NSA's contract with Computer Sciences Corporation (CSC) for mission support in Bad Aibling, Germany *
FINKDIFFERENT (FIDI) - Tool used for exploiting TOR networks
FIRE ANT - Open Source visualisation tool
FIREBIRD - Cable tapping facility operated in cooperation with a trusted 3rd Party agency, part of the RAMPART-A program *
FIREFLY - NSA key generation scheme, used for exchanging EKMS public keys
FIRETRUCK - SIGINT tool or database
FIREWALK -Bidirectional network implant, passive gigabit ethernet traffic collector and active ethernet packet injector within RJ45 Dual Stacked USB connector, digital core used with HOWLERMONKEY, formerly RADON
FISHBOWL - NSA program for securing commercial smartphones
FLARE - Retired SIGINT product codeword
FLATLIQUID - TAO operation against the office of the Mexican president *
FLEMING - The embassy of Slovakia in Washington DC *
FLINTLOCK - The DICTIONARY computer used at the Waihopai station of ECHELON *
FLOWBEE - Project of NSA's Research Directorate for reducing the volumes of metadata collected from high-speed links (2008) *
FLUTE - System used at the Waihopai satellite intercept station *
FLUXBABBITT - Hardware implant for Dell PowerEdge RAID servers using Xeon processors
FOGGYBOTTOM - Computer implant plug-in that records logs of internet browsing histories and collects login details and passwords used to access websites and email accounts
FOREMAN - Tactical SIGINT database? Used to determine 'foreigness' *
FOURSCORE - (former?) database for fax and internet data *
FOXACID (FA?) - System of secret internet servers used to attack target computers * or TAO tool that allows to continually add functions to small malware programs even after they have been installed in target computers *
FOXAMI - (SIGINT exchange designator?)
FOXSEARCH - Tool for monitoring a QUANTUM target which involves FOXACID servers
FOXTRAIL - NSA tool or database *
FRIARTUCK - VPN Events tool or database (CSEC?)
FREEFLOW-compliant - Supported by TURBULENCE architecture
FREEZEPOST - Something related to NSA's TAO division
FRESNELEFFECT - System used at the Waihopai satellite intercept station *
FRETTING YETI - Mobile gateway identification analytic *
FRONTO - Retired SIGINT Exchange Designator for ?
FROSTBITE - GCSB codename for operation BASILHAYDEN
FROSTBURG - Connection Machine 5 (CM-5) supercomputer, used by NSA from 1991-1997
FROSTING - Umbrella program for collecting and processing emanations from communication satellites (est. 1966)*
FROTH - Compartment for Top Secret COMINT information (1953-1954) *
FRUGALSHOT - FOXACID servers for receiving callbacks from computers infected with NSA spying software

G

GADGET HISS - Computer network "intrusion set" already identified in 2007 *
GALACTICHALO - Remote SATCOM collection facility
GALAXY - Find/fix/finish program of locating signal-emitting devices of targets
GALLOWAY - System related to the Predator drone *
GAMBIT - Prototype web portal for the AMOD (Analytical Modernization) QFD (Question Focused Dataset) strategy (2011)
GAMMA (G) - Compartment for highly sensitive communication intercepts
GAMUT - NSA collection tasking tool or database
GARLICK - The NSA satellite intercept station at Bad Aibling (Germany)
GATEKEEPER - NSA user account management system
GAVEL - Retired SIGINT product codeword
GECKO II - System consisting of hardware implant MR RF or GSM, UNITEDRAKE software implant, IRONCHEF persistence back door
GEMINI - Remote SATCOM collection facility
GENESIS - Filtering tool for internet communications, related to XKEYSCORE
GENESIS - Modified GSM handset for covert network surveys, recording of RF spectrum use, and handset geolocation based on software defined radio
GENIE - Overall close-access program, collection by Sigads US-3136 and US-3137 * *
GHOSTMACHINE - NSA's Special Source Operations cloud analytics platform
GHOSTWolf - Something related to CT10 *
GINPENNANT - SSG cloud framework *
GINSU - Provides software persistence for the CNE implant KONGUR having PCI bus hardware implant BULLDOZER on MS desktop PCs
GILGAMESH (GMESH) - Predator-based NSA geolocation system used by JSOC *
GISTQEUE (GQ) - NSA software or database
GJALLER - NSA tool or database
GLAIVE - (Satellite) interception common architecture *
GLINT - Compartment for Top Secret COMINT information (1947-1949) *
GLOBALBROKER - NSA tool or database
GLOBALREACH - Tool for federated querying metadata records shared by NSA and its Five Eyes partners *
GLOBALTIPPER (GT) - System for internal requests of information *
GLOBALWATCH - Software suite within the Real Time Regional Gateway (RT-RG)
GM-Halo/DPS - Data cloud *
GM-PLACE - Database for the BOUNDLESSINFORMANT tool *
GODLIKELESION - Modernization program for NSA's European Technical Center (ETC) in Wiesbaden in 2011 *
GODSURGE - Runs on FLUXBABBITT circuit board to provide software persistence by exploiting JTAG debugging interface of server processors, requires interdiction and removal of motherboard of JTAG scan chain reconnection
GOLD - Joint SIS-CIA operation to wiretap Soviet army landlines through a tunnel under Berlin (1953-1956; British codename: STOPWATCH)
GOLDBERG - First magnetic drum storage technology (1947)
GOLDENCARRIAGE - NSA corporate servers, used by the AURORAGOLD application *
GOLDENRETRIEVER - Storage and/or distribution system *
GOLLUM - Computer implant created by a partner agency *
GOPHERRAGE - Pilot project that seeks to develop a hypervisor implant to provide implant capabilites and a back door *
GOPHERSET - Software implant on GMS SIM phase 2+ Toolkit cards that exfiltrates contact list, SMS and call log from handset via SMS to user-defined phone; malware loaded using USB smartcard reader or over-the-air.
GOSSAMER - SIGINT/EW collection and exploitation system
GOTHAM - Processor for external monitor recreating target monitor from red video
GOURMETTROUGH - Configurable implant for Juniper NetScreen firewalls including SSG type, minimal beaconing
GOUT - Subcompartment of GAMMA for intercepts of South Vietnamese government communications
GOVPORT - US government user authentication service
GRAB - SIGINT satellite program
GRANDMASTER - Processing system for internet traffic, has been replaced by WEALTHYCLUSTER and TURMOIL *
GREY FOX - The 2003 covername of the Mission Support Activity (MSA) of JSOC
GREYSTONE (GST) - CIA's highly secret rendition and interrogation programs *
GROK - Computer implant plug-in used to log keystrokes
GROUPDIVE - Network used by NTOC operational analysts *
GUARDRAIL I / II / IV / V - Series of Army airborne SIGINT collection systems on RC-12 aircraft
GUMFISH - Computer implant plug-in to take over a computer’s webcam and snap photographs
GUNMAN - NSA 1984 OPSEC project to remove 11 tons of electronic devices from the US Embassy of Moscow for thorough inspection in the US. GUNMAN eventually found KGB bugs planted into electric typewriters.
GUPY - Subcompartment of GAMMA for intercepts from Soviet leadership car phones (1960's-70's)

H

HAIRBALL - Project of NSA's Research Directorate (2008) *
HALLUXWATER - Software implant as boot ROM upgrade for Huawei Eudemon firewalls, finds patch points in inbound packet processing, used in O2, Vodafone and Deutsche Telekom
HAMMERCHANT - Implant for network routers to intercept and perform exploitation attacks against data sent through a Virtual Private Network (VPN) and/or phone calls via Skype and other VoIP software *
HAMMERMILL - Insertion Tool controls HEADWATER boot ROM backdoor
HAMMERSTEIN - Implant for network routers to intercept and perform exploitation attacks against data sent through a Virtual Private Network (VPN) and/or phone calls via Skype and other VoIP software
HAMMOCK - Direct SIGINT support process for US Air Force missions over North Vietnam (1965-?)
HAPPYFOOT - Program that intercepts traffic generated by mobile apps that send a smartphone’s location to advertising networks
HAPPYHOUR - Connection for afloat computer network operations like aboard USS Annapolis *
HARD ASSOCIATION - Second party database
HARVEST - An IBM supercomputer used by NSA from 1962-1976
HAVE BLUE - Development program of the F-117A Stealth fighter-bomber
HAVE QUICK (HQ) - Frequency-hopping system protecting military UHF radio traffic
HAWKEYE - AFSS project for an airborne direction-finding system; never operational (1963)
HEADMOVIES - TAO computer hacking project *
HEADWATER - Permanent backdoor in boot ROM for Huawei routers stable to firmware updates, installed over internet, capture and examination of all IP packets passing through host router, controlled by Hammermill Insertion Tool
HEMISPHERE - Program under which AT&T provides telephone records to the DEA
HEMLOCK - The Italian embassy in Washington DC *
HERCULES - CIA terrorism database
HERETIC - NSA tool or database
HERESYITCH - UC collateral tool, collaborative program between NSA units T1222 and SSG *
HERMOS - Joint venture between the German BND and another country with access for NSA (2012)*
HERON - Retired SIGINT product codeword
HIGHCASTLE - Tactical database?
HIGHLANDS - Technique for close access collection from computer implants *
HIGH PRIDE - ? *
HIGHTIDE - NSA tool or database
HOBGOBLIN - NSA tool or database
HOLLOWPOINT - Software defined radio platform
HOMEBASE - Database which allows analysts to coordinate tasking with DNI mission priorities
HOMEMAKER - Upstream collection site
HOMINGPIGEON - Program to intercept communications from airplane passengers *
HOTZONE - ?
HOWLERMONKEY (HM) - Generic radio frequency (RF) transceiver tool used for various applications *
HUFF - System like FOXACID? *
HYDRA - CIA program to secretly access databases maintained by foreign countries and extract data to add to US watchlists *
HYDROCASTLE - Tool or database with 802.11 configuration data extracted from CNE activity in specific locations *
HYSON - Retired SIGINT product codeword

I

ICEBERG - Major NSA backbone project *
ICE CASTLE - Intelligence exchange agreement between DIA and the Israeli military intelligence directorate (1988) *
ICREACH - Tool for sharing communications metadata among the US Intelligence Community (since 2007)*
IDITAROD (IDIT) - Compartment of the KLONDIKE control system
IGLOO WHITE - Program for detecting movement of vehicles through unattended ground sensors, tested in Laos from 1968-1973
INCENSER - Joint NSA-GCHQ program for tapping an internet cable between Europe and Asia with the help of Cable & Wireless; part of the WINDSTOP program
INDEX - Team at Menwith Hill Station (MHS) *
INDIA - SIGINT Exchange Designator for New Zealand (retired)
INDRA - Satellite intercept station near Khon Khaen, Thailand (1979-ca. 2000)
INTERQUAKE (IQ) - A terrestrial signals knowledge base and interface *
INTOLERANT - Data set stolen by hackers, discovered and exploited by CSEC and Menwith Hill Station since 2010 *
INTREPID SPEAR - The 2009 covername of the Mission Support Activity (MSA) of JSOC
INTRUDER - Series of ELINT and COMINT spy satellites (since 2009)
IRATEMONK - Hard drive firmware providing software persistence for desktops and laptops via Master Boot Record substitution, for Seagate Maxtor Samsung file systems FAR NRFS EXT3 UFS, payload is implant installer, shown at internet cafe *
IRONAVENGER - NSA hacking operation against an ally and an adversary (2010) *
IRONCHEF - Provides access persistence back door exploiting BIOS and SMM to communicate with a 2-way RF hardware implant
IRON HORSE - NSA equipment to display intercepted morse grid-positions on a radar scope (1967-?)
IRONSAND (IS) - Second Party satellite intercept station at Waihopai, New Zealand
IRRITANT HORN - Five Eyes pilot project for hacking target's phone connections to app stores in order to implant spyware *
ISHTAR - SIGINT Exchange Designator for Japan (retired)
ISLANDTRANSPORT (IT) - Internal messaging service, as part of the QUANTUM system * or data distribution system *
IVORY - Retired SIGINT product codeword
IVY BELLS - NSA, CIA and Navy operation to place wire taps on Soviet underwater communication cables

J

JACKHAMMER - System used at the Waihopai satellite intercept station *
JACKKNIFE - The NSA satellite intercept station at Yakima (US)
JACKPOT - Internal NSA process improvement program (early 1990s - early 2000s) *
JADE - First codename for what eventually became VENONA *
JAEGER - Former SIGINT Exchange Designator for Austria
JEEPFLEA - TAO computer hacking project *
JEMA - (see Abbreviations listing)
JETPLOW - Persistent firmware back door for Cisco PIX and ASA firewall and routers, modifies OS at boot time
JOLLYROGER - Tool that provides metadata that describe the networking environment of TAO-implanted Windows PCs *
JOSEKI-1 - Classified Suite A algorithm
JOURNEYMAN - Retrieval tool or system *
JUBILEECORONA - NSA unit *
JUGGERNAUT (JUG) - Ingest system that processes intercepted calls from mobile phone networks * *
JUMPDOLLAR - Tool to support various file systems *
JUMPSEAT - Class of SIGINT reconnaissance satellites (1971-1983)
JUNE - FBI classification marking for information related to unwarranted electronic surveillance and surreptitious entries * JUNIORMINT - Implant digital core, either mini printed circuit board or ultra-mini Flip Chip Module, contains ARM9 micro-controller, FPGA Flash SDRAM and DDR2 memories

K

KAMPUS - SIGINT Exchange Designator for ? (retired)
KANDIK (KAND) - Compartment of the KLONDIKE control system
KARMA POLICE - Second party database
KATEEL - The Brazilian embassy in Washington *
KEA - Asymmetric-key Type 2 algorithm used in products like Fortezza, Fortezza Plus
KEELSON - Internet metadata processing system *
KEYCARD - Database for VPN key exchange IP packet addresses * or filtering/selection tool *
KEYRUT - Retired SIGINT Exchange Designator for ?
KILOMISER - System used at the Waihopai satellite intercept station *
KILTING - ELINT database
KIMBO - Retired SIGINT product codeword (used in 1964)
KIRKBOMB - Windows kernel examination to detect loaded drivers and processes *
KLIEGLIGHT (KL) - Tactical SIGINT reports
KLONDIKE (KDK) - Control system for sensitive geospatial intelligence
KLONDIKE - The embassy of Greece in Washington DC *
KNIGHTHAWK - Probably a military SIGINT tool
KOALAPUNCH - TAO computer hacking project *
KODA - Method for summarizing very large textual data sets
KONGUR - Software implant restorable by GINSU after OS upgrade or reinstall
KRAUSS - System used at the Waihopai satellite intercept station *
KRONE - Retired SIGINT product codeword

L

LACEBARK - NSA project to upgrade South Vietnamese SIGINT communications security
LACONIC (LAC) - Retired NSA dissemination control marking
LADYLOVE - The NSA satellite intercept station at Misawa, Japan (since 1982)
LANYARD - Reconaissance satellite program
LARUM - Retired SIGINT product codeword
LATEN(T)TH®EAT - System that breaks intercepted satellite signals down into individual communications *
LAUNDROMAT - Accesses to yet unknown sources, similar to DUSKPALLET *
LEAKYFAUCET - Flow repository of 802.11 WiFi IP addresses and clients via STUN data *
LEGALREPTILE - System that collects text message and call metadata, showing who is contacting whom and when *
LEGION AMBER - Chinese hacking operation against a major US software company *
LEGION JADE - A group of Chinese hackers *
LEGION RUBY - A group of Chinese hackers *
LEGION YANKEE - Chinese hacking operation against the Pentagon and defense contractors (2011)*
LEMONWOOD - NSA satellite intercept station in Thailand
LEXHOUND - CCE Extraction Architecture * and/or Front-end tool that performs Google-like searching across repositories *
LIBERTY - First word of nicknames for collection and analysis programs used by JSOC and other sensitive DOD activities *
LIBERTY BLUE - Modified RC-12 Guardrail surveillance airplane used by JSOC's Mission Support Activity (MSA)
LIFESAVER - Technique which images the hard drive of computers *
LIGHTNING - Research project into a "1,000 megahertz" computer. Didn't produce a functional computer but pioneered many technology "bricks" (1950s)
LIONSHARE - Internal NSA process improvement program (2003-2008) *
LITHIUM - Facility to filter and gather data at a major (foreign?) telecommunications company under the BLARNEY program *
LITTLE CLOUD - Airborne collection program using RB-57 aircraft based in Pakistan (1963-1965?)
LOCATOR - Some kind of NSA database *
LODESTAR - Cryptanalytic computer subcomplex at NSA headquarters (1978)
LODESTONE - NSA's CRAY-1 supercomputer
LOGGERHEAD - Device to collect contents of analog cell phone calls (made by Harris Corp.) *
LOLLYGAG - SSO mobile telephone interception program, part of the MYSTIC program *
LOMA - SCI control system for Foreign Instrumentation and Signature Intelligence* *
LONGFELLOW - Soviet cipher system of the 1940s
LOPERS - System for processing data collected from Public Switched Telephone Networks (PSTN) * *
LOUDAUTO - An ANGRYNEIGHBOR radar retro-reflector, microphone captures room audio by pulse position modulation of square wave
LUSTRE - Memorandum of Understanding regarding the exchange of data between the NSA and the French foreign intelligence service DSGE (2011/12) *
LUTEUSICARUS - TAO computer hacking project *
LUTEUSOBSTOS - Codeword found in the source code used by the Equation hacking group *

M

MACHINESHOP - ? *
MADBISHOP - Hard drive implant *
MADCAPOCELOT - Sub-program of STORMBREW for collection of internet metadata about Russia and European terrorism
MAESTRO-II - Mini digital core implant, standard TAO implant architecture
MAGIC - Codeword for decrypted high-level diplomatic Nazi messages
MAGIC LANTERN - A keystroke logging software developed by the FBI
MAGNES - Remote SATCOM collection facility
MAGNETIC - Technique of sensor collection of magnetic emanations *
MAGNUM - Series of SIGINT spy satellites (since 1985)
MAGNUMOPUS - TAO computer hacking project *
MAGOTHY - The embassy of the European Union in Washington DC *
MAILORDER - Tool for transferring data between NSA, GCHQ, ASD and CSEC * (SFTP-based?)
MAIN CORE - Federal database of personal and financial data of suspicious US citizens
MAINWAY (MW) - NSA database of bulk phone metadata
MAKERS MARK - Computer network "intrusion set" already identified in 2007 *
MANASSAS - Former NSA counter-encryption program, succeeded by BULLRUN
MARINA - NSA database of bulk internet metadata
MARKHAM - NSA data system?
MARTES - NSA software tool to prepare reports
MASTERLINK - NSA tasking source
MASTERSHAKE - Tool or database with FORNSAT and WiFi data collection *
MATCHCRIMP - Network or connection at the Remote Operations Center of NSA's TAO division *
MATRIX - Some kind of data processing system *
MAXFLI - System related to the Predator drone *
MAYTAG - Upstream collection site
MEDLEY - Classified Suite A algorithm
MENTOR - Class of SIGINT spy satellites? (since 1995?)
MERCED - The Bulgarian embassy in Washington DC *
MERCURY - Soviet cipher machine partially exploited by NSA in the 1960's
MERCURY - Remote SATCOM collection facility
MESSIAH - NSA automated message handling system
METAWAVE - Warehouse of unselected internet metadata *
METROTUBE - Analytic tool for VPN data *
METTLESOME - NSA Collection mission system
MIDAS - Satellite program
MIDDLEMAN - TAO covert network
MILKBONE - Question-Focused Dataset used for text message collection *
MINARET - A sister project to Project SHAMROCK (1967-1973)
MINERALIZE - Technique for close access collection through LAN implants *
MIRANDA - System for managing intelligence requirements of GCHQ customers *
MIRROR - Automated survey system that can for example identify the presence of a VPN; interface to the ROADBED system *
MOCCASIN - A hardware implant, permanently connected to a USB keyboard *
MONKEYCALENDAR - Software implant on GMS SIM cards that exfiltrates user geolocation data
MONKEYROCKET - Sub-program of OAKSTAR for collecting internet metadata and content through a foreign access point
MONSTERMIND - Program that can automatically react to cyber attacks against the US
MOONLIGHTPATH (EGL?) - Cable tapping facility operated in cooperation with a trusted 3rd Party agency, part of the RAMPART-A program * *
MOONPENNY - The NSA satellite intercept station at Harrogate (Great Britain)
MOONSCAPE - System used at the Waihopai satellite intercept station *
MORAY - Compartment for the least sensitive (Category I) COMINT material, retired in 1999 *
MORECOWBELL (MCB) - Covert HTTP/DNS monitoring system for operations support *
MORPHEUS - Program of the Global Access Operations (GAO) *
MOTHMONSTER - NSA tool for exploiting the TOR network
MOUSETRAP - Sandia implant for EFI *
MOVEONYX - Tool related to CASPORT
MULBERRY - The mission of Japan at the United Nations in New York *
MURPHYSLAW - TAO computer hacking project *
MUSCULAR (JPM?) - Joint NSA-GCHQ operation to tap the cables linking Google and Yahoo data clouds to the internet * Part of WINDSTOP
MUSKET - Retired SIGINT Exchange Designator for ?
MUSKETEER - NSA's Special Signal Collection unit (military/1990s?)
MYSTIC - SSO unilateral wireless/mobile interception program (since 2009)*
MYSTIC STAR - Presidential Global Communications System

N

NASHUA - The mission of India at the United Nations in New York *
NAVAJO - The mission of Vietnam at the United Nations in New York *
NAVARRO - The embassy of Georgia in Washington DC *
NEBULA - Base station router similar to CYCLONE Hx9
NECTAR - SIGINT Exchange Designator for ? (retired)
NELEUS - Remote SATCOM collection facility
NEMESIS - SIGINT satellite
NEPTUNE SPEAR - Operation to kill or capture Osama bin Laden (2011)
NEPTUNETHUNDER - Connection for afloat computer network operations like aboard USS Annapolis *
NESTOR - Family of digital secure voice equipment: KY-8, KY-28, and KY-38
NETBOTZ - Remote monitoring tool
NETWORKPUMP - Distribution system *
NEWSDEALER - NSA’s internal intelligence news network
NEXUS 7 - Successor program of the Real Time-Regional Gateway (RT-RG) * *
NIAGARAFILES - Data transfer tool * * (SFTP-based?)
NIGHTGLOW - System related to the Predator drone *
NIGHTSTAND - 802.11 wireless packet injection tool that runs on standalone x86 laptop running Linux Fedora Core 3 and exploits windows platforms running Internet Explorer, from 8 miles away
NIGHTWATCH - Portable computer in shielded case for recreating target monitor from progressive-scan non-interlaced VAGRANT signals
NINJANIC - Something related to TURMOIL *
NITESTAND - Connection for afloat computer network operations like aboard USS Annapolis *
NITESURF - NSA tool or database
NITRO - Remote SATCOM collection facility
NOCON - NSA dissemination marking or COI
NOMAD - Projected Navy-sponsored and Raytheon-made computer for mass data handling (1951-1954)
NONBOOK (NK) - Compartment of the ENDSEAL control system
NORMALRUN - NSA tool or database
NUCLEARWINTER - Signal Intelligence Directorate team that uses anti-tamper solutions *
NUCLEON - Database for contents of phone calls
NYMROD - Automated name-matching and recognition system (since 2008)*

O

OAKSTAR - Umbrella program to filter and gather information at major telecommunications companies (since 2004)*
OBELISK - Codename for Al Qaeda’s network of websites and servers *
OBELISK - GSM collection system *
OCEAN - Optical collection system for raster-based computer screens *
OCEANARIUM - Database for SIGINT from NSA and intelligence sharing partners around the world *
OCEANFRONT - Part of the communications network for ECHELON
OCEAN SHIELD - NATO anti-piracy operation
OCEANSURF - Engineering hub of the Global Access Operations (GAO) *
OCELOT - Actual name: MADCAPOCELOT
OCTAVE - NSA tool for telephony tasking (succeeded by the UTT in 2011)
OCTSKYWARD - Collection of GSM data from flying aircraft
OILSTOCK - A system for analyzing air warning and surveillance data
OILYRAG - SSO mobile telephone interception program, part of the MYSTIC program *
OLYMPIA - CSEC tool for discovering and identifying telephone and computer connections
OLYMPIC - First word of nicknames for programs involving defense against Chinese cyber-warfare and US offensive cyber-warfare *
OLYMPIC GAMES - Joint US and Israel operation against the Iranian nuclear program (aka Stuxnet)*
OLYMPUS - Software component of VALIDATOR/SOMBERKNAVE used to communicate via wireless LAN 802.11 hardware
OMNIGAT - Field network component
ONEROOF - Main tactical SIGINT database, with raw and unfiltered intercepts; or an analytic tool *
ONYX - Newer units of the LACROSSE reconaissance satellites
ORANGEBLOSSOM - Sub-program of OAKSTAR for collection from an international transit switch (sigad: US-3251)*
ORANGECRUSH - Sub-program of OAKSTAR for collecting metadata, voice, fax, phone and internet content through a foreign access point
ORION - SIGINT satellite
ORLANDOCARD - NSA operation thtat attracted visits from 77,413 foreign computers and planted spyware on more than 1,000 by using a 'honeypot' computer *
OSAGE - The embassy of India in Washington DC *
OSCAR - SIGINT Exchange Designator for the USA
OSWAYO - The embassy annex of India in Washington DC
OXCART - The Lockheed A-12 program (better known as SR-71)
OZONE - Some kind of application framework *

P

PACKAGEDGOODS (PG) - Globally disperced and clandestine placed traceroute and DNS processors that map internet connections for the TREASUREMAP tool * *
PACKET RAPTOR - System for processing internet packet data *
PACKETSCOPE - Internet cable tapping system
PACKETSWING - NSA tool or database
PACKETWRENCH - Computer exploit delivered by the FERRETCANON system *
PADSTONE - Type 1 Cryptographic algorithm used in several crypto products
PAINTBALL - Analysis tool (for social network analysis?) *
PAINTEDEAGLE - SI-ECI compartment related to the BULLRUN program
PALANTERRA - A family of spatially and analytically enabled Web-based interfaces used by the NGA
PALMCARTE - System that feeds FISA data to the Network Analysis Center (NAC)? *
PANGRAM (PM) - Alleged SCI control system *
PANOPLY - Populates INTERQUAKE with emitter information and reports *
PANTHER - The embassy of Vietnam in Washington DC *
PARCAE - SIGINT satellite for ocean reconnaissance. Unclassified codename: WHITE CLOUD, a.k.a. Naval Ocean Surveillance System (NOSS); part of CLASSIC WIZARD
PARCHDUSK (PD) - Productions Operation of NSA's TAO division *
PARTNERMALL PROGRAM (PMP) - A single collaboration environment, to be succeeded by the Global Collaboration Environment (GCE) *
PARTSHOP - ?
PARTSTREAMER - Codeword related to data exchange at NSA's European Cryptologic Center (ECC) *
PASSIONATEPOLKA - TAO tool for remotely bricking network cards *
PATHFINDER - SIGINT analysis tool (developed by SAIC) *
PATHWAY - NSA's former main computer communications network
PATTERNTRACER - Call chaining analysis tool (developed by i2)
PAWLEYS - SI-ECI compartment related to the BULLRUN program
PEARL - Retired SIGINT product codeword
PEDDLECHEAP - Computer exploit delivered by the FERRETCANON system *
PENDLETON - SI-ECI compartment related to the BULLRUN program
PEPPERBOX - Tool or database for targeting Requests (CSEC?)
PERDIDO - The mission of the European Union at the United Nations in New York *
PERFECT CITIZEN - Research and engineering program to counter cyberattacks, in cooperation with Raytheon *
PERFECTMOON - An out-sites covering system
PERMANENTPRESS - SSO mobile telephone interception program, part of the MYSTIC program *
PHANTOMNOVA - Program in cooperation with Turkey *
PHYLLIS ANN - Air Force airborne radio direction-finding system on EC-47s (1966-?)
PHOTOANGLO - A continuous wave generator and receiver. The bugs on the other end are ANGRYNEIGHBOR class
PIEDMONT - SI-ECI compartment related to the BULLRUN program
PICARESQUE (PIQ) - SI-ECI compartment related to the BULLRUN program
PICASSO - Modified GSM handset that collects user data plus room audio
PINUP - Retired SIGINT product codeword
PINWALE - Database for recorded signals intercepts/internet content
PISCES - Joint NSA, CIA and State Department program collecting biometric data on border crossings from a wide range of countries *
PITCHFORD - SI-ECI compartment related to the BULLRUN program
PIVOT - Retired SIGINT product codeword
PIXIE - Retired SIGINT product codeword
PLANTATION - Ggeneral processing computer project, later integrated into HARVEST (1950s)
PLATFORM - Computer system linking the ECHELON intercept sites *
PLUCKHAGEN - An IRATEMONK implantation for ARM-based Fujitsu drives *
PLUS - NSA SIGINT production feedback program *
POCOMOKE - The Brazilian Permanent Mission to the UN in New York *
POGODA - Soviet cipher system of the 1940s
POISON NUT - CES VPN attack orchestrator *
POLARBREEZE - NSA technique to tap into nearby computers *
POLITERAIN - CNA team or operation from the ATO unit of TAO *
POPEYESEAR - Database and with an interface (including GraphViz) used at NSA's NTOC floor *
POPPY - SIGINT satellite program
POPROCKS - Some tool, probably related to Computer Network Exploitation (CNE)
POPTOP - Collection system for telephony data
POPQUIZ - Project of NSA's Research Directorate to collect network metadata on high-bandwidth protocols such as HTTP, SMTP and DNS (2008) *
POTBED - TAO computer hacking project *
POWDER - Program for surveillance of the Turkish embassy in Washington DC
POWELL - The Greek mission at the United Nations in New York *
PREFACE - Processing system for Opscomm at NSA HQ, replacement of TIDE (1978-?)
PREFER - System for identifying and extracting text messages (SMS) from the DISHFIRE database *
PRESSUREPORT - Software interface related to PRESSUREWAVE
PRESSUREWAVE - NSA cloud database for VPN and VoIP content and metadata * *
PRIMECANE - American high-tech company cooperating in providing a network access point for the ORANGECRUSH program
PRISM - Program for collecting foreign internet data from US internet companies
PROFORMA - Intelligence derived from computer-based data
PROPHET - Mobile tactical SIGINT collection system
PROTEIN - SIGINT Exchange Designator for ?
PROTON - Storage and analysis system for the CRISSCROSS database of (telephony?) metadata of (counterintelligence) targets; operated by CIA and used by DOJ, DOD and NSA *
PROTOSS - Local computer handling radio frequency signals from implants
PURPLE - Codename for a Japanese diplomatic cryptosystem during WWII
PURPLE DRAGON - US military OPSEC program (since 1966)
PUTTY - NSA tool or database
PUZZLECUBE - NSA tool or database
PYLON - SIGINT Exchange Designator for ?

Q

QUADRANT - A crypto implementation code
QUADRESPECTRE PRIME - ?
QFIRE - A consolidated QUANTUMTHEORY platform to reduce latencies by co-locating passive sensors with local decisioning and traffic injection (under development in 2011)
QUANTUM - Secret servers placed by NSA at key places on the internet backbone; part of the TURMOIL program *
QUANTUMBISCUIT - Enhancement of QUANTUMINSERT for targets which are behind large proxies *
QUANTUMBOT - Method for taking control of idle IRC bots and botnets) *
QUANTUMBOT2 - Combination of Q-BOT and Q-BISCUIT for webbased botnets *
QUANTUMCOOKIE - Method to force cookies onto target computers
QUANTUMCOPPER - Method for corrupting file uploads and downloads *
QUANTUMDIRK - Replacement for the QUANTUMINSERT hacking toolset that injects malicious content into chat services provided by websites such as Facebook and Yahoo *
QUANTUMDNS - DNS injection/redirection based off of A record queries *
QUANTUMHAND - Man-on-the-side technique using a fake Facebook server *
QUANTUMINSERT (QI) - Man-on-the-side technique that redirects target internet traffic to a FOXACID server for exploitation *
QUANTUMMUSH - Targeted spam exploitation method *
QUANTUMNATION - Umbrella for COMMONDEER and VALIDATOR computer exploits
QUANTUMPHANTOM - Hijacks any IP address to use as covert infrastructure *
QUANTUMSKY - Malware used to block targets from accessing certain websites through RST packet spoofing *
QUANTUMSMACKDOWN - Method for using packet injection to block attacks against DoD computers *
QUANTUMSPIN - Exploitation method for instant messaging *
QUANTUMSQUEEL - Method for injecting MySQL persistant database connections *
QUANTUMSQUIRREL - Using any IP address as a covert infrastructure *
QUANTUMTHEORY (QT) - Computer hacking toolbox used by NSA's TAO division, which dynamically injects packets into target's network session *
QUANTUM LEAP - CIA tool to "find non-obvious linkages, new connections, and new information" from within a dataset *
QUARTERPOUNDER - Upstream collection site
QUASAR - Relay satellite for reconaissance satellites
QUEEN BEE CHARLIE/DELTA - Airborne SIGINT missions using C-130s in South-East Asia (1964-1965?)
QUEENSLAND - Upstream collection site
QUERTY - TAO keylogger tool, maybe as a module of the WARRIORPRIDE program *
QUICKPOINT - Distribution system *

R

RADIOSPRING - ?
RADIANT - First word for two dozen Navy tactical-national data sharing systems, including satellites and stealth drones *
RADIANT GEMSTONE - System from the RADIANT family, installed at the USS Annapolis around 2005 *
RADIUS - Systems that logs ISP dial up customer records, which can create a "natural link" between DNR and DNI datasets *
RADON - Host tap that can inject Ethernet packets *
RAGEMASTER - Part of ANGRYNEIGHBOR radar retro-reflectors, for red video graphics array cable in ferrite bead RFI chokers between video card and monitor, target for RF flooding and collection of VAGRANT video signal
RAGTIME (RGT) - ECI compartment for call and e-mail content collected under FISA authority *
RAILHEAD - NCTC database project
RAINFALL - (NSA unit for decrypting) Russian secure, encrypted voice communications (around 1979)*
RAINFALL - Unclassified codename for RHYOLITE/AQUACADE SIGINT satellites
RAINFALL - Probably the joint CIA/NSA/DSD satellite ground station in Pine Gap, Australia *
RAISIN - NSA database or tool
RAMPART-A (RAM-A) - Program for collecting information about Russia, the Middle East and North-Africa, in cooperation with at least five 3rd Party partner agencies (since 1992)*
RAMPART-I (RAM-I) - Program for collecting communications from Iraq
RAMPART-M (RAM-M) - Program for collecting data from undersea fiber-optic cables about terrorists, arms traders and Iraq (since 1986)*
RAMPART-T (RAM-T) - Program providing access to land-based cables, in cooperation with the CIA, to collect communications from state leaders and their entourage (since 1991)*
RAMPART-X (RAM-X) - Program for collecting information from Afghanistan *
RAMROD - Unclassified codename for a SIGINT satellite, possibly the 1994-96 ORION launches
RANCIDRINSE - SSO mobile telephone interception program, part of the MYSTIC program *
RANGER - Unclassified codename for a SIGINT satellite (post-2000 launches)
RATTAN - Codename for overall US effort against Soviet codes (1945-1946, later BOURBON)*
RAVEN - SIGINT satellite
REACTOR - Tool or program related to MARINA? *
REBA - Major NSA backbone project *
RECOVERY - ? *
RED DISK - DIA cloud system to distribute information, images and video to soldiers and other military intelligence users.
REDHARVEST (RDV) - ECI compartment that protects names, locations and techniques of RAMPART-A cable tapping facilities *
REDHAWK - NSA tool
REDROOF - NSA tool
REGAL - Compartment for Top Secret COMINT information derivated from the Berlin Tunnel operation (1955-?)
REGIN - Highly sophisticated spyware found in computers systems worldwide, supposedly used by NSA and GCHQ (discovered in 2013, codename by Microsoft) *
REMATION - Joint NSA-GCHQ counter-TOR workshop *
RENOIR - NSA telephone network visualization tool
REQUETTE - A Taiwanese TECO in New York *
RESERVE (RSV) - Control system for the National Reconnaissance Office (NRO)
RESERVEVISION - Remote monitoring tool
RESOLUTETITAN - Internet cable access program?
RETRO - see RETROSPECTIVE
RETROSPECTIVE - 30-day retrospective retrieval tool for SCALAWAG *
RETURNSPRING - High-side server shown in UNITEDRAKE internet cafe monitoring graphic
RHINEHART - Tool for both real-time and retrospective keyword-searching of vast amounts of voice content (introduced in 2004, replaced by VoiceRT)*
RHYOLITE - Class of SIGINT spy satellites (in 1975 changed to AQUACADE)
RICHTER - SIGINT Exchange Designator for Germany
RIPCORD - ?
RIVET GYM - Codename for the four SIGINT positions aboard EC-121 COLLEGE EYE aircraft (Vietnam War)
RIVET JOINT - Reconaissance operation
ROADBED - Probably a military SIGINT database
ROCKYKNOB - Optional DSP when using Data Over Voice transmission in CROSSBEAM
ROGUESAMURAI - Test framework of TAO's persistence division for testing computer exploits *
ROLLERCOASTER - Tool or system that provides access to phone metadata, analyst queries and results of SKYNET Analytics *
RONIN - NSA tool for detecting TOR-node and/or mobile IP-addresses * *
RORIPA - SIGINT Exchange Designator for ?
ROSTER - Unclassified codename for MAGNUM/ORION SIGINT satellites *
ROUTEMASTER - Server/router for VoIP and audio traffic *
ROUTEVIEWS - Open source inforamtion used for the TREASUREMAP tool *
ROYALNET - Internet mapping tool to determine access points for target’s communications *
RUFF - Compartment of TALENT KEYHOLE for satellite imagery *
RUFFER - Unclassified codename for JUMPSEAT/TRUMPET SIGINT satellites
RUMBUCKET - Analytic tool to access FORNSAT data residing on GINPENNANT *
RUNWAY - Unclassified codename for CANYON/CHALET/VORTEX SIGINT satellites; or a processing system at Menwith Hill *
RUSTICBAGGAGE - Data source for the TREASUREMAP tool *
RUTLEY - Unclassified codename for the MERCURY SIGINT satellites (launched 1995-2003); or a processing system at Menwith Hill *
RYE - NSA-developed software for Univac 490 computers (introduced 1963)
RYE - Computer complex supporting CSOC/NSOC, internetting Opscomm circuits, running several softwares including TIDE (late 1960s-?)

S

SABERTOOTH - SIGINT training program for South Vietnam government (launched in 1961)
SABRE - Retired SIGINT product codeword
SADDLEBACK - Hacking tool that performs a firmware modification? *
SALEM - ?
SALTYDOGS - Tool to find frequency and carrier rates and discover signal characteristics of satellite links *
SALVAGERABBIT - Computer implant plug-in that exfiltrates data from removable flash drives that connect to an infected computer
SAMOS - Reconnaissance satellite program
SANDKEY - Joint NSA/DEA program that intercepts and exploits unencrypted VHF voice communications of narco-traffickers at sea *
SAPPY - Retired SIGINT product codeword
SARACEN - Intercept operation using unmaned equipment on a hilltop (Vietnam War, 1972)
SARATOGA - SSO access facility (since 2011) * *
SARDINE - SIGINT Exchange Designator for Sweden
SAVILLE - Narrow band voice encryption for radio and telephone communication
SAVIN - Retired SIGINT product codeword
SCALAWAG - Collection facility under the MYSTIC program *
SCALLION - Upstream collection site
SCAMPI - Secure voice and data network for C4I communications between the commander and the components of the US Special Operations Command, operational sites and other government agencies *
SCAPEL - Second Party satellite intercept station in Nairobi, Kenia
SCHOOLMONTANA - Software implant for Juniper J-series routers used to direct traffic between server, desktop computers, corporate network and internet
SCIMITAR - A tool to create contact graphs? *
SCISSORS - System used for separating different types of data and protocols
SCORECARD - NSA tool or database
SCORPIOFORE - SIGINT reporting tool *
SCREAMINGHARPY - TAO computer hacking project *
SCQAWK - The "SID Mailbag" in the newsletter of NSA's Signals Intelligence Directorate
SEABOOT - SIGINT Exchange Designator for ?
SEADIVER - Collection system for telephony data
SEAGULL - Secure Allied Communications ISO BMD at COMUSSIXTHFLT *
SEAGULLFARO - High-side server shown in UNITEDRAKE internet cafe monitoring graphic
SEARCHLITE - Tactical SIGINT collecting system for like cell phone calls
SEA SENTRY - Program for collecting radar signatures from shipping traffic in the Dardanelles *
SEA SENTRY II - Choke point collection program in cooperation with Turkey *
SEASIDEFERRY - Commercially purchased data source for the TREASUREMAP tool *
SEASONEDMOTH (SMOTH) - Stage0 computer implant which dies after 30 days, deployed by the QUANTUMNATION method
SECONDDATE - Method to influence real-time communications between client and server in order to redirect web-browsers to FOXACID malware servers *
SECUREINSIGHT - A software framework to support high-volume analytics
SEED SPHERE - Computer network "intrusion set" already identified in 2007 *
SEENFLARE(?) - Codeword related to data exchange at NSA's European Cryptologic Center (ECC) *
SEMESTER - NSA SIGINT reporting tool
SEMITONE - System that monitors fax and voice messages *
SENIOR SCOUT - Transportable suite of ISR equipment (since 1991)
SENIOR SPAN - Radome on top of the U2 to relay SIGINT data to ground stations
SENTINEL - NSA database security filter*
SENTRY EAGLE (SEE) - Overarching umbrella program for ECI compartments and SAP programs of the National Initiative to protect US cyberspace
SENTRY HAWK - ECI compartment of SENTRY EAGLE that protects information about Computer Network Exploitation *
SENTRY FALCON - ECI compartment of SENTRY EAGLE that protects information about Computer Network Defense *
SENTRY OSPREY - ECI compartment of SENTRY EAGLE that protects information about HUMINT enabled SIGINT *
SENTRY RAVEN - ECI compartment of SENTRY EAGLE that protects information about exploitation of encipherment *
SENTRY CONDOR - ECI compartment of SENTRY EAGLE that protects information about general Computer Network Operations *
SENTRY OWL - ECI compartment of SENTRY EAGLE that protects information about relationships with industry *
SERENADE - SSO corporate partner (foreign?) *
SERUM - Bank of servers within ROC managing approvals and ticket system
SETTEE - Former SIGINT Exchange Designator for South Korea
SHADOWCAT - Some system to be used at the Waihopai satellite station, New Zealand *
SHAMROCK - Operation for intercepting telegraphic data going in or out the US (1945-1975)
SHAREDQUEST (SQ) - Contains the DARKQUEST program *
SHAREDTAFFY - TAO computer hacking project *
SHAREDQUEST - 5-Eyes modernization program for the satellite interception architecture (follow-up of SHAREDVISION) *
SHAREDVISION (SV) - 5-Eyes modernization program for the satellite interception architecture (until 2010, followed by SHAREDQUEST) *
SHARKFIN - Sweeps up all-source communications intelligence at high speed and volumes *
SHARPFOCUS (SF2) - Productions Operation of NSA's TAO division *
SHARPSHADOW - TAO computer hacking project *
SHELLTRUMPET - NSA metadata processing program (since December 2007)*
SHENANIGANS - Aircraft-based NSA geolocation system used by CIA *
SHERMAN - Cryptanalytic computer subcomplex at NSA HQ (1978)
SHIFTINGSHADOW - Sub-program of OAKSTAR for collecting telephone metadata and voice content from Afghanistan through a foreign access point
SHILLELAGH - Classified Suite A algorithm
SHORTHAND -Pproject initiated in 1966 to employ South Vietnamese as linguists in US LLVI operations
SHORTSHEET - NSA tool for Computer Network Exploitation *
SHOTGIANT - NSA operation for hacking and monitoring the Huawei network (since 2009)
SIDELIGHT - Codeword related to data exchange at NSA's European Cryptologic Center (ECC) *
SIERRAMIST - Tool to support various file systems *
SIERRAMONTANA - Software implant for Juniper M-series routers used by enterprises and service providers
SIGCOM - (National) Signals Intelligence Committee *
SIGINT NAVIGATOR - NSA database
SIGSALY - The first secure voice system from World War II
SILKWORTH - A software program used for the ECHELON system
SILLYBUNNY - Some kind of webbrowser tag which can be used as selector *
SILO - Research project in high-speed computer memory, later integrated into HARVEST (1950s)
SILVER - Soviet cipher machine, 1950s-1960s, partially exploited by NSA in the 1960's
SILVERCOMET - SIGINT satellites? *
SILVER PEAK - WAN optimization project at Waihopai satellite station, New Zealand *
SILVERZEPHYR (SZ) - Sub-program of OAKSTAR for collecting phone and internet metadata and content from Latin and South America through an international transit switch
SIRE - A software program used for the ECHELON system(?)
SKIPJACK - Type 2 Block cipher algorithms used in various crypto products
SKOPE - SIGINT analytical toolkit
SKYHOOKCHOW - Codeword found in the source code used by the Equation hacking group *
SKYNET - Collaborative cloud research program to identify patterns of suspect activity from bulk telephony data *
SKYSCRAPER - Interface to the ROADBED system
SKYWRITER - NSA tool to prepare (internet) intelligence reports
SLICKERVICAR - Used with UNITEDRAKE or STRAITBIZARRE to upload hard drive firmware to implant IRATEMONK
SLINGSHOT - End Product Reports (CSEC?)
SMARTTRACKER - Analytic tool for detecting geolocational patterns in cell phone usage *
SMOKEYSINK (SMK) - Cable tapping facility operated in cooperation with a 3rd Party agency, part of the RAMPART-A program (cosed in June 2011)*
SNICK - GCHQ satellite intercept station in Oman
SNORT - Repository of computer network attack techniques/coding
SNOWGLOBE - Hacking operations against the US that may have originated in France *
SNOWHAZE - NSA tool or database *
SOAPOPERA - (former?) database for voice, end product and SRI information *
SOARING EAGLE - Some US military/intelligence network protection program *
SOCIALSTAMP - Commercially purchased data source for the TREASUREMAP tool *
SOCIOPATH - Storage and/or distribution system *
SODAPRESSED - Linux application presistence *
SOLO - NSA-developped computer, the world's first computer to be entirely transistorized, later marketed by Philco as Transac S-1000 (mid-1950s)
SOMALGET - Umbrella program for collecting content from mobile phone networks of two entire countries, part of MYSTIC (sigad: US-3310**)
SOMBERKNAVE - Windows XP wireless software implant providing covert internet connectivity, routing TCP traffic via an unused 802.11 network device allowing OLYMPUS or VALIDATOR to call home from air-gapped computer
SORTINGHAT - ?
SORTINGLEAD - NSA tool or database *
SOUFFLETROUGH - Software implant in BIOS Juniper SSG300 and SSG500 devices, permanent backdoor, modifies ScreenOS at boot, utilizes Intel's System Management Mode
SOUNDER - Second Party satellite intercept station at Cyprus
SPARKLEPONY - Tool or program related to MARINA *
SPARROW II - Airborne wireless network detector running BLINDDATE tools via 802.11
SPEARGUN - Cable access program of New Zealand's GCSB *
SPECTRE - SCI control system for intelligence on terrorist activities *
SPECULATION - Protocol for over-the-air communication between COTTONMOUTH computer implant devices, compatible with HOWLERMONKEY
SPHINX - Counterintelligence database of the Defense Intelligence Agency
SPINNERET (SPN) - Cable tapping facility operated in cooperation with a trusted 3rd Party agency, part of the RAMPART-A program * *
SPIRITFIRE - Robust voice processing system based on speech-to-text keyword search and paired dialogue transcription (succeeded VoiceRT in 2013) *
SPIT - Typewriter designed for copying morse code; project named for SPecial Intercept Typewriter (1957)
SPITEFULANGEL - Hacking tool or method in or for the Python programming language *
SPLITGLASS - NSA analytical database *
SPLUNK - Tool used for SIGINT Development
SPOKE - Compartment for less sensitive (Category II) COMINT material, retired in 1999 * but apparently still in use as unpublished SCI control system
SPOTBEAM - ?
SPORTCOAST - Upstream collection site
SPRIG - Retired SIGINT product codeword
SPRINGRAY - Some kind of internal notification system *
SPYDER - Analytic tool for selected content of text messages from the DISHFIRE database *
STARBURST - The initial code word for the STELLARWIND compartment
STARFIRE - NSA contact chaining algorithm (developed in 1999) *
STARLIGHT - Analyst tool
STARPROC - User lead that can be uses as a selector *
STARSEARCH - Target Knowledge tool or database (CSEC?)
STATEROOM - Covert SIGINT collection sites based in US diplomatic facilities *
STEALTHFIGTHER - Codeword found in the source code used by the Equation hacking group *
STEELFLAUTA - SSO Corporate/TAO Shaping program
STEELKNIGHT - (foreign?) partner providing a network access point for the SILVERZEPHYR program *
STEELWINTER - A supercomputer acquired by the Norwegian military intelligence agency *
STELLAR - Second Party satellite intercept station at Geraldton, Australia
STELLARWIND (STLW) - SCI compartment for the President's Surveillance Program information
STEPHANIE - Covert listening post in the Canadian embassy in Moscow (est. 1972)
STINGRAY - Device for tracking the location of cell phones (made by Harris Corp.) * STONEGATE - System used at the Waihopai satellite intercept station *
STONEGHOST - DIA network for information exchange with UK, Canada, Australia and New Zealand (TS/SCI)
STONEHOUSE - Site built in the 1960s at Asmara, Ethiopia, for collection against the Soviet space program. Featured two 150-feet diameter dishes (closed in 1975).
STONE RUBY - Intelligence exchange agreement between DIA and the Israeli military intelligence directorate (1996) *
STORMBREW - Program for collection from an international transit switches and cables (since 2001)
STRAITACID - Codeword found in the source code used by the Equation hacking group *
STRAI(GH)TBIZARRE (SBZ) - TAO software implant used to communicate through covert channels * or spyware that can turn computers into disposable and non-attributable "shooter" nodes *
STRAITSHOOTER - Codeword found in the source code used by the Equation hacking group *
STRATOS - Tool or databse for GPRS Events (CSEC?)
STRAWHAT - NSA datalinks between field sites and processing centers (1969-?)*
STREAMLINER - NSA-developed automatic switch for communications centers (early 1970s)
STRETCH - IBM high-performance computer project, later integrated into HARVEST (1950s)
S-TRICKLER - Tool or database with IP address fingerprints and potential vulnarabilities from the FORNSAT collection *
STRIKEZONE - Device running HOWLERMONKEY personality
STRONGMITE - Computer at remote operations center used for long range communications
STRUM - (see abbreviations)
STUCCOMONTANA - Software implant for Juniper T-Series routers used in large fixed-line, mobile, video, and cloud networks, otherwise just like SCHOOLMONTANA
STUMPCURSOR - Foreign computer accessing program of the NSA's Tailored Access Operations
STUXNET - A computer worm that was used to destroy Iran's nuclear centrifuges (discovered in 2010)
STYGIAN FLOW - FBI nickname for network intrusions for which assistance of the NSA was asked *
STYLISHCHAMP - Tool that can create a HPA on a hard drive and then provide raw reads and writes to this area *
SUBSTRATUM - Upstream collection site
SUEDE - Compartment for Top Secret COMINT information (1951-1952) *
SULPHUR - The mission of South Korea at the United Nations in New York *
SUNSCREEN - Tool or database
SURFBOARD - System for processing data from (satellite?) telephone networks *
SURLEYSPAWN - Data RF retro-reflector, gathers keystrokes FSK frequency shift keyed radar retro-reflector, USB or IBM keyboards
SURPLUSHANGAR (SH) - High to low diode, part of the QUANTUM system *
SURREY - Main NSA requirements database, where tasking instructions are stored and validated, used by the FORNSAT, SSO and TAO divisions *
SUTURESAILOR - Printed circuit board digital core used with HOWLERMONKEY
SWAMP - NSA data system?
SWAP - Implanted software persistence by exploiting motherboard BIOS and hard drive Host Protected Area for execution before OS loads, operative on windows linux, freeBSD Solaris
SYNAPSE - NSA tool for analyzing target connections *

T

TABLON - Experiment of mass data storage technology, overtaken by disk storage technology (1960s)
TACOSUAVE - ?
TALENT KEYHOLE (TK) - Control system for space-based collection platforms
TALK QUICK - An interim secure voice system created to satisfy urgent requirements imposed by conditions to Southeast Asia. Function was absorbed by AUTOSEVOCOM
TAPERLAY - Covername for the Global Numbering Data Base (GNDB) containing telephony and provider information *
TARMAC - Program to intercept satellite communications at Menwith Hill Station *
TAROTCARD - NSA tool or database
TAWDRYYARD - Beacon radio frequency radar retro-reflector used to positionally locate deployed RAGEMASTER units
TEABALL - Direct SIGINT support to fighter escorts of operation Linebacker (1972)
TELLURIAN - Internet packet processing system, maybe also used to forward data from the collection site to NSA headquarters.
TEMPEST - Spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations (codename originally from a COMSEC point of view, not an attacker's one)
TENNIS - Network to remote-operate intercept facilities through satellite links (1967-?)
THAWFACTOR - Codeword related to data exchange at NSA's European Cryptologic Center (ECC) *
THESPIS - SIGINT Exchange Designator for ?
THINTREAD - Prototype program for wiretapping and sophisticated analysis of the resulting data (dismissed in 2002 in favor of TRAILBLAZER)
THUMB - Retired SIGINT product codeword
THUNDERCLOUD - Data enrichment tool, collaborative program between NSA units T1222 and SSG *
TIAMAT - Joint venture between the German BND and another country with access for NSA *
TICKETWINDOW - System that makes Special Source collection available to 2nd Party partners *
TIDALSURGE - Router Configurations tool (CSEC?)
TIDE - Software managing the KLIEGLIGHT database
TIDEWAY - Part of the communications network for ECHELON
TIMBERLINE - The NSA satellite intercept station at Sugar Grove (US)
TINMAN - Database related to air warning and surveillance
TITAN POINTE - Upstream collection site
TITAN RAIN - Presumably Chinese attacks on American computer systems (since 2003)
TITLEHOLDER - NSA tool
TOPAZ - Satellite program
TORNSTEAK - Exploit solution for two firewall devices from a particular vendor *
TORUS - Satellite antenna that allows multiple satellites to be viewed simultaneously *
TOTECHASER - Software implant in flash ROM windows CE for Thuraya 2520 satellite/GSM/web/email/MMS/GPS
TOTEGHOSTLY - Modular implant for windows mobile OS based on SB using CP framework, Freeflow-compliant so supported by TURBULENCE architecture
TOWER - SIGINT Emitter Database (SEDB) Query-Focussed Dataset (QFD) fed by telephony metadata from the GMHalo cloud *
TOWERPOWER - NSA tool or database
TOXICARE - NSA tool
TOYGRIPPE - NSA repository of VPN endpoints and metadata * *
TRACFIN - NSA database for financial data like credit card purchases *
TRACTOR - IBM-developed tape drives loading system, used for HARVEST (1960s)
TRAFFICTHIEF - Part of the TURBULENCE umbrella program
TRAILBLAZER - NSA Program to analyze data carried on communications networks (2002-2006, replaced by TURBULENCE)
TRAILMAPPER - NSA tool or database
TRANSIENT - Sub-program of FROSTING directed against Soviet satellites *
TRANSX - Translation, transcription and transliteration system *
TREACLEBETA - TAO hacking against the Pakistani terrorist group Lashkar-e-Taiba *
TREASUREMAP - Mapping, exploration and analysing tool that provides a near-real time, interactive map of the global internet *
TREASURETROVE - Analytic tool
TRIBUTARY - NSA provided voice threat warning network
TRIGGERFISH - Device to collect the content of digital cell phone calls (made by Harris Corp.) *
TRINE - Compartment for Top Secret COMINT information, predecessor of UMBRA (1965-1968) *
TRINITY - Implant digital core concealed in COTTONMOUTH-I, providing ARM9 microcontroller, FPGA Flash and SDRAM memories *
TRIREME - System for processing internet packet data *
TRITON - Tool or database for TOR Nodes (CSEC?)
TROJAN SPIRIT - Tactical network for sharing intelligence information with customers in the field
TROPICPUMA - Fax processing capability *
TRUMPET - Series of ELINT reconnaissance satellites (1994-2008)
TUBE - Database for selected internet content? *
TUMULT - Part of the TURBULENCE program
TUNDRA - DSP Research of new statistics for codebook analysis *
TUNDRAFREEZE - NSA's main in-house facial recognition program *
TUNINGFORK - Sustained collection linked to SEAGULLFARO, previously NSA database or tool for protocol exploitation
TURBINE - Active SIGINT: centralized automated command/control system for managing a large network of active computer implants for intelligence gathering (since 2010) *
TURBOPANDA - The Turbopanda Insertion Tool allows read/write to memory, execute an address or packet; joint NSA/CIA project on Huawei network equipment
TURBULENCE (TU) - Integrate NSA architecture with several layers and sub-programs to detect threats in cyberspace (since 2005)
TURMOIL (TML) - Passive SIGINT sensors: filtering and collection (with selection at the packet level) of internet traffic on high-speed satellite, microwave and cable links, part of the TURBULENCE program * * Maybe also for selecting common internet encryption technologies to exploit.*
TURTLEPOWER - NSA tool
TUSKATTIRE - Ingest system for cleaning/processing/normalizing DNR (telephony) data *
TUTELAGE - Active defense system with detection sensors that monitor network traffic at for example the NIPRNet in order to detect malicious code and network attacks, part of the TURBULENCE program *
TWEED - Retired SIGINT product codeword
TWISTEDKILT - Writes to Host Protected area on hard drive to implant Swap and its implant installer payload, which can be used with the STYLISHCHAMP tool *
TWISTEDPATH - NSA tool or database
TYPHON HX - GSM base station router network in box for tactical Sigint geolocating and capturing user

U

ULTIMATE - CIA operation sending weather balloons into Eastern Europe in order to map Soviet defense radar activity (1950s) *
ULTRA - Compartment for Top Secret COMINT information, like decrypted high-level military Nazi messages (until 1946)
UMBRA - Compartment for the most sensitive (Category III) COMINT material (1968-1999) * but apparently still in use as unpublished SCI control system
UNCANNY - Video demodulation tool (now: BOTANICREALTY) *
UNIFORM - SIGINT Exchange Designator for Canada
UNITEDRAKE - Computer exploit delivered by the FERRETCANON system *
UNITY - System for processing data collected from telephony networks *
USHER - Retired SIGINT product codeword

V

VAGRANT - Radar retro-reflector technique on video cable to reproduce open computer screens *
VALIANTSURF - A "major system acquisition" that enables more efficient Computer Network Operations (CNO) by the TAO division; it will integrate into the TURBULENCE architecture *
VALIDATOR - Computer exploit delivered by the FERRETCANON system for looking whether a computer has security software, runs as user process on target OS, modified for SCHOOLMONTANA, initiates a call home, passes to SOMBERKNAVE, downloads OLYMPUS and communicates with remote operation center *
VENATOR - Access to a Philippine mobile network provider, part of the MYSTIC program *
VENONA - Joint US-UK project for decrypting intercepts of messages from the KGB; previously codenamed JADE, BRIDE and DRUG subsequently
VENUSAFFECT - System used at the Waihopai satellite intercept station *
VERDANT (VER) - Alleged SCI control system *
VESUVIUS - Prototype quantum computer, situated in NSA's Utah Data Center
VICTORYDANCE - Joint NSA-CIA operation to map WiFi fingerprints of nearly every major town in Yemen *
VICTORYUNIFORM - Special Source collection *
VIEWPLATE - Processor for external monitor recreating target monitor from red video
VINEYARD - System used at the Waihopai satellite intercept station *
VINSON - KY-57/58 family of voice encryption systems
VINTAGE - System used at the Waihopai satellite intercept station *
VINTAGE HARVEST - Probably a military SIGINT tool
VITALAIR - NSA tool
VITALAIR2 - Tool or database for automated scanned IP addresses for TAO known vulnerabilities *
VOICESAIL - Intelligence database
VORTEX - Class of SIGINT spy satellites (1978-1989)
VOXGLO - Multiple award contract providing cyber security and enterprise computing, software development, and systems integration support *
VOYEUR - US monitoring operation in which an Iranian hacking operation against the US was detected *

W

WABASH - The embassy of France in Washington DC *
WAGONBED - Hardware GSM controller board implant on CrossBeam or HP Proliant G5 server that communicates over I2C interface
WAITAUTO - Network or database at the Remote Operations Center of NSA's TAO division *
WALBURN - High-speed link encryption, used in various encryption products
WARPDRIVE - Joint venture between the German BND and another country with access for NSA (2013)* *
WARRIORPRIDE (WP) - Scalable, flexible and portable unified CNE platform used throughout the Five Eyes; equivalent at GCHQ is DAREDEVIL * It was for example used to break into iPhones *
WATERWITCH - Hand-held tool for geolocating targeted handsets to last mile
WAVELEGAL - Authorization service that logs data queries
WAXTITAN - TAO computer hacking project *
WEALTHYCLUSTER (WC) - Processing system for low data rate internet traffic, that sessionizes all the data on the link before sending it to XKEYSCORE (since 2002, will be replaced by TURMOIL) * *
WEASEL - Type 1 Cryptographic algorithm used in SafeXcel-3340
WEBCANDID - NSA tool or database
WEE LOOK - ELINT systems on Navy EA-3Bs detecting SAM radars (Vietnam War)
WELLGROUNDED - Proposed, but not implemented internal NSA oversight program (early 1990s)
WELLSPRING - Tool that strips out facial images from e-mails and other communications, and displays those that might contain passport images *
WESTPORT - The mission of Venezuela at the United Nations in New York *
WICKEDVICAR - Hacking tool used to perform remote survey and installation *
WILDCHOCOBO - TAO computer hacking project *
WILDCOUGAR - TAO computer hacking project *
WILLOW - Combination of a JUMPSEAT satellite and Low-Earth Orbit Program-989 ELINT sub-satellites (since 1982)
WILLOWVIXEN - Method to deploy malware by sending out spam emails that trick targets into clicking a malicious link *
WISPYKNIT - Special Source collection *
WISTFULTOLL - Plug-in for UNITEDRAKE and STRAITBIZARRE used to harvest target forensics via Windows Management Instrumentation and Registry extractions, can be done through USB thumb drive
WHIPGENIE (WPG) - ECI compartment for details about the STELLARWIND program *
WHITEBIRCH - ASA project to set up an HF-DF network in South East Asia (initiated 1961)
WHITEBOX - Program for intercepting the public switched telephone network? *
WHITE WOLF - Joint Chiefs of Staff "advisory warning" program for all peripheral airborne reconnaissance missions (1963-?)
WHISTLINGDUXIE - TAO computer hacking project *
WHITE CLOUD - Unclassified codename for the PARCAE SIGINT satellite for ocean reconnaissance
WHITELIST - NSA tool
WHITETAMALE - Operation for collecting e-mails from Mexico's Public Security Secretariat *
WHIZBANG - Training program (?)*
WILDCHOCOBO - TAO computer hacking project *
WILLY - AFSS COMINT support program during the Korea War (1950-?)
WINDCHASER - Tool or program related to MARINA *
WINDSORBLUE - Supercomputer program at IBM *
WINDSTOP - Umbrella program for 2nd Party high-volume cable tapping programs *
WINTERLIGHT - A QUANTUM computer hacking program in which Sweden takes part
WIRESHARK - Database with malicious network signatures
WISPYKNIT - Special Source collection *
WITCH - Retired SIGINT product codeword
WITCHHUNT - ?
WOLFPOINT - SSO corporate partner under the STORMBREW program *
WORDGOPHER - Platform to enable demodulation of low-rate communication carriers
Wordscape - Vocabulary tool used at NSA
WRANGLER - Database or system which focuses on Electronic Intelligence

X

XCONCORD - Program for finding key words in foreign language documents
XKEYSCORE (XKS) - Computer system for indexing and searching internet communications

Y

YACHTSHOP - Sub-program of OAKSTAR for collecting internet metadata
YELLOWPIN - Printed circuit board digital core used with HOWLERMONKEY
YELLOWSTONE - NSA analytical database *
YIELD - Combination of a JUMPSEAT satellite and low-Earth orbit Program-989 ELINT sub-satellites (since 1982)
YOKE - AFSS tactical voice intercept support program during the Korea War (1951-?)
YUKON - The embassy of Venezuela in Washington DC *

Z

ZAP - (former?) database for texts *
ZARF - Compartment of TALENT KEYHOLE for ELINT satellites, retired in 1999 *
ZESTYLEAK - Software implant that allows remote JETPLOW firmware installation, used by NSA's CES unit

go558a83nk

back to the topic....

Pavonis (Chicago) had maintenance earlier today and now is using TLSv1.2 control channel cipher. Prior to the maintenance it was TLSv1.0.

atoir

Hi,

After reading this document from EFF I have some questions:

I see in my openvpn logs about control channel: DHE-RSA-AES256-GCM-SHA384 --> so you use DHE, but how many bits ? (>1024 ?). If I understand well, EFF prefer ECDHE (I don't know a lot about elliptic curve...)
You use DHE, so I suppose you had generated your primes to avoid pre-calculation. Right ?
And now a technical question about DHE-RSA-AES256-GCM-SHA384 to see if I understand well:
DHE it's for the key exchange which will be used when encrypting in AES-GCM
RSA: pub key algorithm for authentication (see if I'm connecting with you and not a third party)
AES256-GCM: AES 256 bit in galois counter mode
SHA384: a digest algo but don't know what is its purpose...

Thanks !

go558a83nk

Hi,

After reading this document from EFF I have some questions:

I see in my openvpn logs about control channel: DHE-RSA-AES256-GCM-SHA384 --> so you use DHE, but how many bits ? (>1024 ?). If I understand well, EFF prefer ECDHE (I don't know a lot about elliptic curve...)
You use DHE, so I suppose you had generated your primes to avoid pre-calculation. Right ?

And now a technical question about DHE-RSA-AES256-GCM-SHA384 to see if I understand well:
DHE it's for the key exchange which will be used when encrypting in AES-GCM
RSA: pub key algorithm for authentication (see if I'm connecting with you and not a third party)
AES256-GCM: AES 256 bit in galois counter mode
SHA384: a digest algo but don't know what is its purpose...

Thanks !

Air uses 4096 bit.

Elliptical curve may be better for the current hot topic vulnerability but only if you use ellipses that were not tampered with by the NSA to allow them a back door.

Staff

Hello!

Ok, anyway, if you prefer so, probably you have noticed that since some weeks ago you can use (provided that your OpenVPN and OpenSSL or PolarSSL supports it) the following TLS cipher:

DHE-RSA-AES256-GCM-SHA384

with TLS 1.2.

The RSA keys are of course the same (4096 bit) as well as DH keys (4096 bit).

If you feel that HMAC SHA1 is not adequate for the Control Channel (but we see no reasons for that) you can use the above cipher.

Kind regards

go558a83nk

Hello!

Ok, anyway, if you prefer so, probably you have noticed that since some weeks ago you can use (provided that your OpenVPN and OpenSSL or PolarSSL supports it) the following TLS cipher:

DHE-RSA-AES256-GCM-SHA384

with TLS 1.2.

The RSA keys are of course the same (4096 bit) as well as DH keys (4096 bit).

If you feel that HMAC SHA1 is not adequate for the Control Channel (but we see no reasons for that) you can use the above cipher.

Kind regards

thanks. had to upgrade my openvpn version (Linux Mint 17.2).

sinatosk

Hello!

Ok, anyway, if you prefer so, probably you have noticed that since some weeks ago you can use (provided that your OpenVPN and OpenSSL or PolarSSL supports it) the following TLS cipher:

DHE-RSA-AES256-GCM-SHA384

with TLS 1.2.

The RSA keys are of course the same (4096 bit) as well as DH keys (4096 bit).

If you feel that HMAC SHA1 is not adequate for the Control Channel (but we see no reasons for that) you can use the above cipher.

Kind regards

Hi, I've tried "auth SHA256", "auth SHA384" and "auth SHA512" and only "auth SHA1" works when it comes to the data channel

have you considered uping that aswell?

thanks

Staff

Hi, I've tried "auth SHA256", "auth SHA384" and "auth SHA512" and only "auth SHA1" works when it comes to the data channel

have you considered uping that aswell?

thanks

Hello,

the Data Channel cipher for packets authentication is HMAC SHA (edit: note that there is no GCM support for the data channel yet... it will be probably implemented in OpenVPN 2.4). Perhaps your libraries do not support DHE-RSA-AES256-GCM-SHA384 with TLS 1.2 (also listed as "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384" in OpenVPN 2.3.8). In this case use "TLS-DHE-RSA-WITH-AES-256-CBC-SHA".

Edit: note that there is absolutely no rational reason to rush to SHA384 and drop HMAC SHA1 which is NOT vulnerable to SHA collisions. We often read (even in our forum) a confusion pertaining to SHA1 vulnerabilities, which are thought (with an unexplainable mistake) to be extended to HMAC SHA1. See also here:

https://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure

Back to the Control Channel, which is the subject of this topic. By default, OpenVPN 2.3.3 or higher will first choose TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 if available, over TLS-DHE-RSA-WITH-AES-256-CBC-SHA, so if you needed an explicit directive for the first, very probably your system does not support it. So, at the end of the day, you normally do not need any additional directive, OpenVPN will pick automatically the best cipher between those available both in your and our systems. See also "openvpn --show-tls".

One more edit: please see also here https://security.stackexchange.com/questions/92638/openvpn-cipher-vs-tls-cipher , in particular:

And regarding security, OpenVPN uses encrypt-then-mac for its data channel, rather than mac-then-encrypt like TLS. All the CBC-related issues you hear about are due to the combination mac-then-encrypt + CBC. This means that AES-CBC for the data channel is perfectly fine from a security perspective.

Kind regards

dwright

Does anyone know if there's an OpenVPN command in Linux to display information about the current connection? I'd like to check what ciphers are being used. I'm using network-manager-openvpn-gnome.

If possible I'd like to enforce use of DHE-RSA-AES256-GCM-SHA384 with TLS 1.2 on all of my connections.

My 2 cents on the issue of whether the encryption is being cracked: on single hop personal VPNs with OpenVPN neither the crypto nor the implentation is the real weak point. For someone like the NSA or GCHQ, the best route is traffic analysis. No need to find a zero day or use valuable, highly secret crypto vulnerabilities when you can just match up what's going into the server with what's coming out.

But a VPN is still good to make discovering which Tor guard node you're using a bit more difficult.

go558a83nk

Does anyone know if there's an OpenVPN command in Linux to display information about the current connection? I'd like to check what ciphers are being used. I'm using network-manager-openvpn-gnome.

If possible I'd like to enforce use of DHE-RSA-AES256-GCM-SHA384 with TLS 1.2 on all of my connections.

My 2 cents on the issue of whether the encryption is being cracked: on single hop personal VPNs with OpenVPN neither the crypto nor the implentation is the real weak point. For someone like the NSA or GCHQ, the best route is traffic analysis. No need to find a zero day or use valuable, highly secret crypto vulnerabilities when you can just match up what's going into the server with what's coming out.

But a VPN is still good to make discovering which Tor guard node you're using a bit more difficult.

just look at the openvpn log, it says what cipher is used.

Staff

Does anyone know if there's an OpenVPN command in Linux to display information about the current connection? I'd like to check what ciphers are being used. I'm using network-manager-openvpn-gnome.

If possible I'd like to enforce use of DHE-RSA-AES256-GCM-SHA384 with TLS 1.2 on all of my connections.

Hello,

it's not specific to Linux, it's an OpenVPN directive, tls-cipher

It accepts a list of TLS ciphers (with IANA and/or OpenSSL names format) that your client can accept for the Control Channel. If the directive is specified your OpenVPN will only try the listed ones (watch out, therefore).

If you set only one, you will force that one (again, the server must support it too). Currently it's not necessary (for our service) if your OpenVPN version is 2.3.3 or higher, see our previous post. On the other hand, if your OpenVPN version is older than 2.3.3, you can't use TLS 1.2 DHE-RSA-AES256-GCM-SHA384

For a more precise explanation, please see directive tls-cipher in the OpenVPN manual

Kind regards

control channel cipher satisfactory?

Recommended Posts

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Share this post

Link to post

Join the conversation