The NSA Reads Your Google Cookies to See if It Should Hack You

The Washington Post is reporting that the NSA has a simple way to work out if you’re worth hacking or not: it just reads your Google cookies.

Leaked slides from an internal presentation reveal that the NSA use the cookies and location data from Google to pinpoint targets for government hacking. The Post explains:

According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files or “cookies” that advertising networks place on computers to identify people browsing the Internet. The intelligence agencies have found particular use for a part of a Google-specific tracking mechanism known as the “PREF” cookie. These cookies typically don’t contain personal information, such as someone’s name or e-mail address, but they do contain numeric codes that enable Web sites to uniquely identify a person’s browser.

In addition to tracking Web visits, this cookie allows NSA to single out an individual’s communications among the sea of Internet data in order to send out software that can hack that person’s computer. The slides say the cookies are used to “enable remote exploitation,” although the specific attacks used by the NSA against targets are not addressed in these documents.

It’s not a way of finding suspicious behaviour, then, but a way to home in on someone already under suspicion. Which doesn’t sound as bad as some of the NSA tricks in use, but is still a serious invasion of privacy. [Washington Post]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s