NSA Intercepted Data from Google and Yahoo Servers; Monitors Nearly Everyone's Internet Use
The technology of MUSCULAR, a program jointly carried on by the NSA and its British counterpart, isn't hard to explain. Essentially, technologists at the spy agency have figured out a way to intercept data being exchanged among servers that store everything you do on Google and Yahoo.
Here's the difference between this and other previously revealed spying programs. Your data travels over the Internet to get to those servers and be stored there. For others to see what data you've stored, it must travel out, again over the Internet. That's legally protected data and the NSA (at least theoretically) needs a court order to remove it from those servers. The FISA court (the NSA's blessing source) almost always rubber stamps NSA requests so it's pretty easy to conduct that kind of data extraction but at least there is still a record of what the NSA is looking for and why and some grounds for taking legal action against it.
Muscular doesn't go near the data as it's travelling on the Internet or while it's on those servers. Instead it intercepts data that's already been stored and is travelling through non-public connections between each company's many servers as the companies synchronize stored data or transfer it internally. Internet giants like Google transfer data among their servers constantly in networks of servers known as (you've heard it before) "clouds". This constant transfer helps distribute server activity so that a sudden spike in requests for data on a particular server doesn't crash it (called "load management") or for maintenance, security and other reasons. To do this they use special fibre-optic wires that connect their various servers and are not publicly available.
The data transferred among these servers is typically encoded so nobody can read it without having the decoding keys. That's a security measure. According to these reports, the NSA has figured out a way to de-code those formats, then captures the data being transferred by tapping into these internal connections and then, without anyone outside the NSA knowing it, decodes the stuff and analyses it to decide what, if anything, they want to do with it. If they decide to store it, they have several NSA storage centers that can easily handle it. They then allow the data to resume its journey. It all happens in micro-seconds.
This is typically called a "man in the middle interception" and it's like tapping the wire between your computer and an external hard drive you use for storage -- except multiplied hundreds of millions of times.
"I knew the NSA drawing was real from the smiley-face," wrote Slate's David Auerbach, referring to the Internet smile icon used in the leaked diagram and replicated above. "Only an eager and myopic software engineer -- seeing the interception of Google and Yahoo’s data as a challenge and game rather than as a security and political matter -- would make such a light-hearted and self-satisfied gesture at the prospect of hacking into Google’s internal servers."
Of course, it's not a game. It is a highly sophisticated and intentionally intrusive method of data-gathering: spycraft at its most pernicious performed constantly on the email, photos, videos and other data posted by the people of this country (and many others).