From NextGov:

Wor­ried about the Na­tion­al Se­cur­ity Agency mon­it­or­ing you? If you take cer­tain steps to mask your iden­tity on­line, such as us­ing the en­cryp­tion ser­vice TOR, or even in­vest­ig­at­ing an al­tern­at­ive to the buggy Win­dows op­er­at­ing sys­tem, you’re all but ask­ing for “deep” mon­it­or­ing by the NSA.

TOR is an en­cryp­tion net­work de­veloped by the U.S. Nav­al Re­search Labor­at­ory in the 1990s. The mil­it­ary’s hope was to en­able gov­ern­ment work­ers to search the web without ex­pos­ing their loc­a­tions and iden­tit­ies. The sys­tem today is widely avail­able, runs on open-source code, and is pop­u­lar among pri­vacy ad­voc­ates as a more se­cure al­tern­at­ive to open In­ter­net surf­ing, par­tic­u­larly in coun­tries with re­press­ive re­gimes. It works by en­crypt­ing the user’s ad­dress and rout­ing the traffic through serv­ers that are loc­ated around the world (so-called “onion rout­ing.”) How does the NSA ac­cess it? Through a com­puter sys­tem called XKey­score, one of the vari­ous agency sur­veil­lance tools that NSA leak­er Ed­ward Snowden dis­closed last sum­mer.

Ac­cord­ing to a re­cent re­port from the Ger­man me­dia out­let Ta­gesschau, a group of TOR af­fil­i­ates work­ing with Ta­gesschau looked in­to the source code for XKey­score. They found that nine serv­ers run­ning TOR, in­clud­ing one at the MIT Com­puter Sci­ence and Ar­ti­fi­cial In­tel­li­gence Labor­at­ory, were un­der con­stant NSA sur­veil­lance. The code also re­vealed some of the be­ha­vi­ors that users could un­der­take to im­me­di­ately be tagged or “fin­ger­prin­ted” for “deep-pack­et in­spec­tion,” an in­vest­ig­a­tion in­to the con­tent of data pack­ages you send across the In­ter­net, such as emails, Web searches, and brows­ing his­tory.

If you are loc­ated out­side of the U.S., Canada, the U.K., or…

Continue Reading