This document provides an overview of PRISM and how it allows the NSA to collect data from major tech companies. It explains that PRISM functions like a prism, splitting internet traffic between the intended web server destination and the NSA's data center. While encryption protects some data as it transfers, unencrypted information like email is accessible to NSA collection. The document warns that the NSA has massive storage capacity and collects data indefinitely, even for non-Americans, through programs like PRISM. It concludes that individuals have little power to protect their data from these government surveillance programs.
7. For anonymity and privacy you need to
secure all 3:
Secure your Client
Secure your connection
Secure your Web server
8. Client
If someone manages to install spyware on your machine they can see
everything you do on your client
So it’s your job to make sure there’s no spyware on your client
You are responsible to secure this, and you can--because you own it
Client Web Server
9. Connection
Someone performing a wire-tap can see everything you do online
If you want to remain secure you can encrypt the data flow
SSL connection to the Web Server or VPN would resolve this
Client Web Server
10. Web Server
Client Web Server
• Your Web server in most cases stores a huge amount of data on you
• But you don’t own it and can’t control the security of it
• However, Google and Facebook have better security than you
11. If I secure them all…am I safe?
Even if you secure them all…
Client Web Server
12. The NSA has figured out…
The internet is Public
And the NSA has tapped the Public Internet just before the likes of Google,
Facebook, Microsoft…
While most of the data is encrypted, some of it isn’t.
16. And there’s more
Email
Photos
Chats
File transfers
Login activity
Social media Profiles
17. All stored here
And stored for eternity
Could include encrypted data (for decryption when future computing
power allows it)
Unfortunately, we don’t know anything for sure.
They have HUGE storage capacity and no qualms about storing data for
non-Americans…i.e. 80% of the users of these services
18. Why is it called PRISM
Because a PRISM splits light
19. Why is it called PRISM?
Client Web Server
• Your internet connection is Fibre-Optic
• Which means the signal is light
• To split light…you use a PRISM
20. Why is it called PRISM?
Client Web Server
Prism
• Light split between the webserver you want to access and;
• The NSA Datacenter
21. Why is it called Prism?
Prism
NSA datacenter
Prism