Snowden Trove: NSA Uses Browser Advertising Cookies To Track, Hack Targets
December 11, 2013 by Ben Bullard
Another day, another not-at-all shocking revelation about the NSAâ€™s spy dragnet from the trove of classified information Edward Snowden supplied to The Washington Post and The Guardian.
The latest reveal comes from the Post, which reported Tuesday the National Security Agency tracks and singles out targets for hacking by following the same modus operandi advertisers use to tailor their Internet come-ons to the preferences and habits of individual computer users.
That involves placing third-party tracking cookies â€“ small files that remain on a computer after a browser has visited, and then left, a website â€“ which can relay information about the userâ€™s browsing habits and history the next time he visits the same site. Theyâ€™re used by advertisers to create long-term browsing histories for what companies presume to be a single individual, or small number of individuals using a single device, so that the ads that appear on a website continually reflect advertisersâ€™ best guesses, based on the userâ€™s browsing habits, at what that person is most likely to want to buy.
The NSA is, of course, not interested in selling anything. But by using a proprietary, Google-developed iteration of cookie â€“ coupled with GPS location dataâ€”on unsuspecting computer or mobile phone users, government spies can identify a target and even create a gateway for warrantless, secret hacking.
According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files or “cookies” that advertising networks place on computers to identify people browsing the Internet. The intelligence agencies have found particular use for a part of a Google-specific tracking mechanism known as the â€śPREFâ€ť cookie. These cookies typically don’t contain personal information, such as someone’s name or e-mail address, but they do contain numeric codes that enable Web sites to uniquely identify a person’s browser.
In addition to tracking Web visits, this cookie allows NSA to single out an individual’s communications among the sea of Internet data in order to send out software that can hack that person’s computer. The slides say the cookies are used to “enable remote exploitation,” although the specific attacks used by the NSA against targets are not addressed in these documents.
By using the GPS location data Apple and other computer and smartphone software companies pre-install on computing devices, NSA can link an individualâ€™s physical whereabouts with their internet activities, giving the government, under most circumstances, a very refined idea of who you are and what youâ€™re doing.
Read the story, including some newly-released slides that show how the NSA characterizes its track-and-hack abilities for employee training,Â here.