After The Washington Post reported last week that the NSA was tapping into private networks at Google and Yahoo, Director of National Intelligence James Clapper wasted no time in denying the allegations. Clapper said the report had "misstated facts, mischaracterized NSA’s activities, and drawn erroneous inferences about those operations." Today, the Post struck back with an even more detailed look at the NSA's network-tapping capabilities, including proprietary details that all but prove the agency was pulling data from the company's private lines.
"What the NSA and GHCQ collect is found nowhere else."
The new documents show data held by the NSA in formats that are otherwise only found on Google and Yahoo's private network — essentially a smoking gun for the previously alleged network-tapping. In Google's case, it comes from a proprietary network protocol known as a "remote procedure call" that company servers use to verify a server's identity. For security reasons, these calls are kept secret and Google's specific call is only used on Google networks. But these new documents show data with Google's remote procedure call on an NSA server, a highly incriminating discovery. There's also data showing secret characteristics of Gaia, Google's universal authentication system, on the NSA servers. Another document describes how to unpack data sent in Yahoo's proprietary "NArchive" format, which is only used on the company's private networks.
Google and Yahoo have yet to confirm the report, but the Post cites third-party analysts who are familiar with both networks "We do not know exactly how the NSA and GCHQ intercept the data, other than it happens on British territory," the Post report concludes, "but we do know they are intercepting it from inside the Yahoo and Google private clouds, because some of what NSA and GCHQ collect is found nowhere else."