New Details About Narus Surveillance Technology

More details from our walk-about on the floor of the RSA Conference, just concluded in San Francisco.

Narus, which builds and sells surveillance software, is a wholly owned subsidiary of Boeing, and is based in Sunnyvale, CA. Narus has long been the focus of privacy concerns. Especially since 2006 when it was revealed in Wired that the Narus STA 6400 installed in ATT’s Internet backbone operation in San Francisco was collecting and analyzing network and customer information in real time for the NSA.

Here’s what Narus is up to now, based on a source who spoke with a Narus representative on the floor of the trade show.

Narus software is capable of, “full packet capture… when we want to go after a specific target, based on a keyword, user ID or an IP address. We decide to target [this] person, we go in and create target, and we can target e-mail, Facebook…”

QuickTime PlayerScreenSnapz035

Narus products capture and retain data for later analysis. We were told, for example, “if six months from now Twitter goes off the edge of the earth, we can render stuff exactly as it happened. We can do the same with email, Facebook, IM, and a lot of chat.”

As for Tor, the program which protects activists and journalists worldwide by hiding their physical location and encrypting their online activities, people Narus talks to in the Middle East are “very interested” in trying to break that capability.

There’s more. Narus can do sentiment analysis on e-mail, and Facebook and Twitter posts to determine the “mood” of a particular post or user. This is useful to predict behavior, such as a nascent protest movement that might otherwise escape notice. Where is the next Arab Spring going to occur? “We have the metadata around the session, now we know who the players were and who they are related to.”

If you are in the U.S. working in the private sector you are at risk from Narus technology. Companies use Narus to monitor employee activities online to determine if they’re doing something on the network they shouldn’t be, or if they’re removing unauthorized data.