Karma Police, how GCHQ tried to track every visible user on Internet

Pierluigi Paganini September 26, 2015

A new collection of GCHQ’s documents published by The Intercept reveals how the British Agency tried to track Web visits of “every visible user on Internet”

A new revelation made by The Intercept confirms that the UK Government Communications Headquarters (GCHQ) has conducted  a massive online surveillance starting from the 2007.

The documents accessed by The Intercept detailed an operation called “Karma Police” carried out by the GCHQ, the British intelligence tracked online habits of people on a global scale.

KARMA POLICE is also the name of a popular song published in 1997 by the British band Radiohead, suggesting the spies may like it.

The intelligence agency defined the Karma Police as the “world’s biggest” Internet data-mining operation, the program was launched by the GCHQ in an attempt to track “every visible user on the Internet.”

The Karma Police aimed to track individuals listening to Internet streaming audio “radio stations” with the purpose of identifying any abuse of the radio instrument to spread messages among radicals.

“The power of KARMA POLICE was illustrated in 2009, when GCHQ launched a top-secret operation to collect intelligence about people using the Internet to listen to radio shows.” states The Intercept. “A summary report detailing the operation shows that one aim of the project was to research “potential misuse” of Internet radio stations to spread radical Islamic ideas.”

karma police 2

The Karma Police system collected in its Black Hole database log the IP addresses of any individual visiting websites, as well as the associated cookies (referenced in the document as “presence events” and “target detection identifiers”).

The Black Hole  is considered the core of the GCHQ online spying operations, it is used to store raw logs of intercepted material before it has been subject to analysis.

blackhole gtac GCHQ

Among the websites used to track users, there are Amazon, BBC, CNN, Facebook, Google, Microsoft Live, Reddit, Reuters, WordPress, Yahoo, YouTube, and YouPorn.

“To find out the identity of a person or persons behind an IP address, GCHQ analysts can enter the series of numbers into a separate system named MUTANT BROTH, which is used to sift through data contained in the Black Hole repository about vast amounts of tiny intercepted files known as cookies.”

The cookies are a precious information for the online marketing, their analysis allows advertisers to track users’ habits, the same principle exploited by the GCHQ in its surveillance program.

“Cookies are automatically placed on computers to identify and sometimes track people browsing the Internet, often for advertising purposes. When you visit or log into a website, a cookie is usually stored on your computer so that the site recognizes you. It can contain your username or email address, your IP address, and even details about your login password and the kind of Internet browser you are using  like Google Chrome or Mozilla Firefox.” continues The Intercept. 

The agent tracked the users of “websites of interest” by correlating the cookies associated to their web experience.

The British spies targeted streams that included Islamic religious content in an effort to identify their Skype and social media accounts of the radicals. By 2009, the Karma Police program allowed the GCHQ to store over 1.1 trillion “events”, a term used to refer web browsing sessions.  By 2010, the overall volume of collected data reached 30 billion records per day of Internet traffic metadata. According to another GCHQ document, by 2012 the volume grew to 50 billion per day.

The analysis of the cookies allowed the GCHQ agents to discover when individuals were online and their location.

The GCHQ documents also revealed the arsenal of the British intelligence used in the Karma Police Operation. “Infinite Monkeys” was a tool used to track Web bulletin boards, meanwhile the “Samuel Pepys” tool was used to parse the content of Internet sessions and extract instant messages and e-mails.

Pierluigi Paganini

(Security Affairs – GCHQ, surveillance, Karma Police)



you might also like

leave a comment