Mercury Rising 鳯女

Politics, life, and other things that matter

Archive for February 17th, 2014

Stolen cookies

Posted by Charles II on February 17, 2014

Ashkan Soltani, Andrea Peterson, and Barton Gellman of the WaPo, in the Sydney Morning Herald:

According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files called cookies that advertising networks place on computers to identify people browsing the internet. The intelligence agencies have made particular use of the “PREFID”, part of Google-specific tracking software known as the “PREF” cookie.

Separately, the NSA is using commercially gathered information to help it locate mobile devices around the world, the documents show. Many smartphone apps running on iPhones and Android devices, and the Apple and Google operating systems themselves, track the location of each device, often without a clear warning to the phone’s owner. This information is more specific than the broader location data the government is collecting from mobile phone networks.

Google assigns a unique PREF cookie any time someone’s browser makes a connection to any of the company’s web properties or services. This can occur when consumers directly use Google services such as Search or Maps, or when they visit websites that contain embedded widgets for the company’s social media platform Google+. That cookie contains a code that allows Google to uniquely track users in order to “personalise ads” and measure how they use other Google products.

Given the widespread use of Google services and widgets, most web users are likely to have a Google PREF cookie on their computers even if they’ve never visited a Google property directly.

The PREF cookie is specifically mentioned in an internal NSA slide that refers to the NSA using PREFID, its shorthand for the unique numeric identifier contained within Google’s PREF cookie.

Special Source Operations (SSO) is an NSA division that works with private companies to scoop up data as it flows over the internet’s backbone and from technology companies’ own systems. The slide indicates that SSO was sharing information containing “logins, cookies, and GooglePREFID” with another NSA division called Tailored Access Operations, which engages in offensive hacking operations. SSO also shares the information with the British intelligence agency GCHQ.


Posted in NSA eavesdropping | 2 Comments »

%d bloggers like this: