For example, they claim Canada is monitoring hockey sites:
> Canada's Communications Security Establishment (CSEC) even monitors sites devoted to the country's national pastime: "We have noticed a large increase in chat activity on the hockeytalk sites. This is likely due to the beginning of playoff season," it says in one presentation.
But if you look at the actual slide https://i.imgur.com/2GO8H6L.png, it is clearly a fake sample report of what a real one might look like. It even uses the name 'Canukistan' as the country name.
There are 44 slide decks, one of the biggest leaks so far. It will take time to make sense of the noise. And any misinformation from reporting by non-technical journalists doesn't help the cause.
* Revealed: US spy operation that manipulates social media (http://www.theguardian.com/technology/2011/mar/17/us-spy-ope...)
* How Covert Agents Infiltrate The Internet To Manipulate, Deceive, And Destroy Reputations (https://firstlook.org/theintercept/2014/02/24/jtrig-manipula...)
(But I guess you knew that already.)
Do I take the ssh claim seriously? Do I just pretend the hockey monitoring paragraph isn't there?
Perhaps I should read the source for myself. http://www.spiegel.de/media/media-35515.pdf
Alas, there's very little in the way of detail. There's exactly one slide (19) dedicated to ssh, which says it can "potentially recover usernames and passwords." That would adequately describe a simple mitm attack where somebody either accepts an unknown server key or uses a client that doesn't even check (e.g. Prompt for iOS). Slides 35 and 36 mention ssh and decryption, but it sounds like they're talking about further processing after decryption. How is that decryption being done?
