Breaking news -

0 9 Gross Chemicals in Everyday Products That Could Be Killing You

You probably know that formaldehyde is a key component of embalming fluid. 
But are you aware that it's also been found in a leading brand of baby shampoo—and not as a random contaminant?

Johnson & Johnson has just announced that its one hundred baby products, including the popular No More Tears shampoo, have been purged of formaldehyde, as well as 1,4-dioxane. (Almost: levels of the latter have been reduced to trace amounts.) 

Under pressure from consumers, who wondered what carcinogens were doing in child care products, J&J vowed two years ago to get rid of the chemicals. Famous for its use in the preservation of dead bodies, formaldehyde is released by preservatives found in many cosmetics; 1,4-dioxane is a byproduct of the process that makes cleansing agents in personal care products less abrasive.
J&J maintains that the chemicals are safe, according to the New York Times, even as it has spent tens of millions of dollars to eliminate them. (By 2015, the company pledges, all of its consumer products will be free of so-called chemicals of concern.) Neither formaldehyde nor 1,4-dioxane were listed on product labels, since they weren't technically ingredients; synthetic compounds used for fragrance, which are also set to be phased out, have gone undisclosed as well.
While it's especially shocking to learn of the presence in baby shampoo of a compound known to cause cancer in human beings, and associated with pickling corpses, this is just the tip of the toxic iceberg in terms of the noxious chemicals to which we are exposed every day (or nearly so). Household products harbor hundreds of synthetic compounds, the vast majority of which have never been adequately tested to determine their effects on human health (to say nothing of how they act in combination). Formaldehyde, for one, is also found in carpeting, soaps and detergents, cabinetry, and glues. Here are nine other chemicals of concern that are not just all around you, but inside of you as well.

These plasticizers are all over the place. One billion tons are produced each year, and they go into (among other things) children's toys, pharmaceutical tablets, shower curtains, adhesives, food packaging and fragrances used in all manner of cleaning products, personal and otherwise. What's troubling: phthalates are easily released into the environment, and they seem to act like hormones in the human body. Possible consequences include (in males) genital deformities, sterility and diabetes, and (in females) premature births, early puberty and breast cancer. Links have also been found with allergies and asthma.

An antimicrobial agent, triclosan was originally intended for use in hospitals, but soon found its way into a wide variety of consumer products: toothpaste, cutting boards, shoes, trash bags and antibacterial soaps. As a result, triclosan is now in all sorts of places it shouldn't be: in the bile of wild fish exposed to wastewater, in human breast milk and in nearly 75% of urine samples tested in 2008.
Triclosan penetrates the skin and enters in the bloodstream, where its effects on people are unknown. But it's been shown to mess with the endocrine systems of several different animals, and to interfere with human muscle cell function in vitro. The benefits of using it in soap have been questioned; the FDA says there's no evidence of triclosan's upside, apart from an anti-gingivitis effect demonstrated by Colgate Total toothpaste. And some studies have raised the possibility that widespread use of triclosan could contribute to microbial resistance to biocides.

Bisphenol A
Known as BPA for short, bisphenol A is used to make hard plastics, including the materials for water bottles, sports equipment, DVDs, medical and dental devices and eyeglass lenses. It's also used in the lining of metal food and beverage cans, as well as in the thermal paper on
which receipts are printed. In other words, it's everywhere, including in our bodies: it leaches into substances we consume and is absorbed through our skin. And its effects on animals, at levels below the EPA's limit for human exposure, are pretty awful: adverse changes to reproductive organs and tissue, including predispositions to cancer, as well as neural and behavioral impacts on non-human primates. A recent FDA ban on the use of BPA in baby bottles was denounced by the Environmental Working Group as "purely cosmetic," since the chemical is still present in food packaging.

Also known as Perc, or just dry-cleaning fluid, tetrachloroethylene is as almost as tough on the nervous system as it is on stains. It's classified as a probable human carcinogen by the International Agency for Research on Cancer, and studies have also shown that it significantly increases the risk of developing Parkinson's disease. One researcher found that the children of dry cleaners are 3.5 times more likely than other kids to develop schizophrenia.
Perc is a common contaminant of soil and groundwater, so you can't avoid it entirely. But organic dry cleaners don't use it, and you can steer clear of residential buildings that house Perc machines.

Brought to market in the 1970s by Monsanto, which gave it the ruggedly suggestive name Roundup, glyphosate is an herbicide that kills almost anything growing. Instantly popular with farmers, it really took off with the introduction of genetically modified "Roundup Ready" seeds, which grow into glyphosate-resistant crops that enable less discriminant spraying. Roundup is also sold to ordinary homeowners, for use against yard weeds.
Unsurprisingly, a chemical that's toxic to plantlife doesn't seem to be good for animals: birth defects have been observed in rats and frogs exposed to glyphosate. Human harm has not been conclusively demonstrated, but some argue that Roundup's presence in the food supply and environment is contributing to the prevalence of several diseases. The development of herbicide-resistant superweeds is also a concern.

The purpose of parabens is preservative, to kill bacteria and fungi, and they're present in a host of personal care products: shampoos, moisturizers, shaving gels, lubricants, cosmetics, deodorants and toothpaste. They've even added to food. The problem is that parabens have been found in breast cancer tumors, and are known to mimic estrogen, the hormone that drives that disease. Reproductive toxicity is also suspected. In light of these concerns, some products have gone paraben-free, and are labeled as such.

Perfluorinated compounds, which can make materials resistant to stains, oil, and water, are found in clothing, cookware, fast food wrappers, microwave popcorn bags, and carpets. (Teflon and Scotchguard, for instance, are derived from PFCs.) Since they don't degrade organically, they persist in the environment and accumulate in living tissue. Health concerns include toxic fumes from heated nonstick pans causing "Teflon flu" (which can kill pet birds!); stainless steel and cast iron could be safer alternatives.
Polybrominated diphenyl ethers replaced the first generation flame retardants, polychlorinated biphenyls, which were banned in the U.S. for their toxicity in 1977. Predictably, PBDEs have also come under scrutiny for adverse health and environmental impacts, as well as questionable effectiveness. Ubiquitous in the home, PBDEs are found in furniture, TVs, computer, and electrical equipment. An alarming 2010 study suggested that children with higher prenatal exposure to PBDEs score lower on tests of mental and physical development between the ages of one and six.

A solvent used to make paints, paint thinners, fingernail polish, lacquers, adhesives and rubber, toluene is toxic to the nervous system, though it's less bad than the highly carcinogenic benzene, which it largely replaced. Some people huff it to get high, which is just about the stupidest thing imaginable, since inhalation can cause (in addition to euphoria and dissociation) fatigue, confusion, temporary hearing or color vision loss, severe lung damage and even death.
--Written by Eamon Murphy for MainStreet


0 More than 33 inches of snow reported in parts of Worcester,County, Mass.; 26 inches reported in Boston

1107 PM EST TUE JAN 27 2015


********************STORM TOTAL SNOWFALL********************

                     SNOWFALL           OF
                     /INCHES/   MEASUREMENT


   MARLBOROUGH           22.0   448 PM  1/27  TRAINED SPOTTER
   WETHERSFIELD          12.5   650 PM  1/27  DEPT OF HIGHWAYS
   EAST GRANBY            8.0   653 PM  1/27  DEPT OF HIGHWAYS
   1 WNW WINDSOR LOCKS    7.5   700 PM  1/27  AIRPORT
   NORTH GRANBY           4.5   336 PM  1/27  TRAINED SPOTTER

   STAFFORDVILLE         23.0   901 PM  1/27  TRAINED SPOTTER
   TOLLAND               20.0   807 PM  1/27  TRAINED SPOTTER
   SOMERS                15.2   421 PM  1/27  TRAINED SPOTTER
   COVENTRY              14.5   719 PM  1/27  TRAINED SPOTTER

   THOMPSON              33.5   647 PM  1/27  MEDIA
   PUTNAM                30.0   650 PM  1/27  DEPT OF HIGHWAYS
   EAST KILLINGLY        24.2   418 PM  1/27  NONE


   WEST HARWICH          28.5   955 PM  1/27  TRAINED SPOTTER
   HYANNIS               27.0   748 PM  1/27  HAM RADIO
   EAST FALMOUTH         24.8  1000 PM  1/27  TRAINED SPOTTER
   HARWICH               23.0   749 PM  1/27  HAM RADIO
   CENTERVILLE           21.0   700 PM  1/27  TRAINED SPOTTER
   SOUTH DENNIS          18.2   728 PM  1/27  EMERGENCY MANAGER
   ORLEANS               17.6   547 PM  1/27  TRAINED SPOTTER
   BREWSTER              14.0   308 PM  1/27  HAM RADIO

   EAST FREETOWN         26.0   458 PM  1/27  HAM RADIO
   FALL RIVER            23.1   805 PM  1/27  TRAINED SPOTTER
   ACUSHNET              22.2   605 PM  1/27  TRAINED SPOTTER
   NEW BEDFORD           21.0   508 PM  1/27  NONE
   MANSFIELD             19.8   548 PM  1/27  TRAINED SPOTTER
   TAUNTON               19.3   648 PM  1/27  NWS OFFICE
   FAIRHAVEN             19.0   629 PM  1/27  HAM RADIO
   NORTH ATTLEBORO       18.9   306 PM  1/27  HAM RADIO
   NORTH DIGHTON         18.4   558 PM  1/27  HAM RADIO
   NORTH ACUSHNET        16.0   806 PM  1/27  HAM RADIO

   METHUEN               31.5   900 PM  1/27  GENERAL PUBLIC
   IPSWICH               28.0   600 PM  1/27  TRAINED SPOTTER
   SWAMPSCOTT            27.1   707 PM  1/27  GENERAL PUBLIC
   PEABODY               27.0   819 PM  1/27  HAM RADIO
   GEORGETOWN            26.5   835 PM  1/27  TRAINED SPOTTER
   NAHANT                25.0   923 PM  1/27  TRAINED SPOTTER
   TOPSFIELD             24.5   922 PM  1/27  TRAINED SPOTTER
   SALEM                 24.0   345 PM  1/27  TRAINED SPOTTER
   ROCKPORT              23.5   855 PM  1/27  MEDIA
   GLOUCESTER            23.0   453 PM  1/27  TRAINED SPOTTER
   MARBLEHEAD            22.0   546 PM  1/27  TRAINED SPOTTER
   ANDOVER               22.0   626 PM  1/27  HAM RADIO

   HEATH                  5.0   412 PM  1/27  NONE

   WALES                 16.0   810 PM  1/27  BROADCAST MEDIA
   LUDLOW                14.0   729 PM  1/27  TRAINED SPOTTER

   HUDSON                36.0   400 PM  1/27  GENERAL PUBLIC
   ACTON                 34.0  1014 PM  1/27  NONE
   LITTLETON             34.0   600 PM  1/27  TRAINED SPOTTER
   CHELMSFORD            33.8   925 PM  1/27  HAM RADIO
   FRAMINGHAM            33.5   540 PM  1/27  HAM RADIO
   WESTFORD              33.0  1004 PM  1/27  TRAINED SPOTTER
   DRACUT                33.0   952 PM  1/27  TRAINED SPOTTER
   TYNGSBORO             32.5   540 PM  1/27  GENERAL PUBLIC
   NORTH CHELMSFORD      32.5   813 PM  1/27  HAM RADIO
   DUNSTABLE             32.0   330 PM  1/27  NONE
   LOWELL                31.0   410 PM  1/27  TRAINED SPOTTER
   NORTH READING         29.0   825 PM  1/27  TRAINED SPOTTER
   WAKEFIELD             29.0   758 PM  1/27  TRAINED SPOTTER
   WINCHESTER            29.0   804 PM  1/27  TRAINED SPOTTER
   GROTON                29.0   449 PM  1/27  TRAINED SPOTTER
   PEPPERELL             26.5   513 PM  1/27  TRAINED SPOTTER
   TEWKSBURY             25.6   603 PM  1/27  TRAINED SPOTTER
   BEDFORD               25.0  1021 PM  1/27  TRAINED SPOTTER
   NATICK                23.0   459 PM  1/27  GENERAL PUBLIC
   MELROSE               23.0   841 PM  1/27  GENERAL PUBLIC
   SOMERVILLE            21.7   315 PM  1/27  GENERAL PUBLIC
   TOWNSEND              21.6   528 PM  1/27  NONE
   HOLLISTON             21.5   618 PM  1/27  HAM RADIO
   WAYLAND               20.0   428 PM  1/27  HAM RADIO

   NANTUCKET             12.0   411 PM  1/27  HAM RADIO

   MILTON                29.7   727 PM  1/27  COOP OBSERVER
   SHARON                29.0   546 PM  1/27  GENERAL PUBLIC
   BRAINTREE             26.0   407 PM  1/27  GENERAL PUBLIC
   WALPOLE               24.6   619 PM  1/27  HAM RADIO
   QUINCY                24.5   840 PM  1/27  GENERAL PUBLIC
   SOUTH WEYMOUTH        24.0   907 PM  1/27  MEDIA
   WEYMOUTH              23.0   404 PM  1/27  HAM RADIO
   RANDOLPH              22.3   713 PM  1/27  TRAINED SPOTTER
   FOXBORO               22.0   624 PM  1/27  HAM RADIO
   NORWOOD               22.0   623 PM  1/27  HAM RADIO
   NEEDHAM HEIGHTS       21.0   312 PM  1/27  TRAINED SPOTTER
   MEDFIELD              19.0   430 PM  1/27  HAM RADIO
   STOUGHTON             17.0   429 PM  1/27  HAM RADIO
   MILLIS                16.5   620 PM  1/27  HAM RADIO

   KINGSTON              28.0   526 PM  1/27  TRAINED SPOTTER
   HANOVER               24.0   736 PM  1/27  GENERAL PUBLIC
   HULL                  23.5   817 PM  1/27  HAM RADIO
   PEMBROKE              23.0   432 PM  1/27  HAM RADIO
   ROCKLAND              22.0   913 PM  1/27  TRAINED SPOTTER
   CARVER                21.3   900 PM  1/27  NWS EMPLOYEE
   HANSON                20.0   605 PM  1/27  HAM RADIO

   RANDOLPH              23.0  1003 PM  1/27  TRAINED SPOTTER

   SOUTH BOSTON          29.0   900 PM  1/27  TRAINED SPOTTER
   1 N EAST BOSTON       23.3   700 PM  1/27  AIRPORT
   WINTHROP              23.3   700 PM  1/27  NONE
   BOSTON CITY           17.6   534 PM  1/27  HAM RADIO

   AUBURN                36.0   947 PM  1/27  TRAINED SPOTTER
   LUNENBURG             36.0   717 PM  1/27  TRAINED SPOTTER
   CLINTON               34.1   419 PM  1/27  GENERAL PUBLIC
   WORCESTER             33.5   809 PM  1/27  CWO
   WEST BOYLSTON         33.5   730 PM  1/27  COCORAHS
   3 WNW WORCESTER       33.5   825 PM  1/27  AIRPORT...RECORD
   HOLDEN                32.0   546 PM  1/27  TRAINED SPOTTER
   SHREWSBURY            30.9   740 PM  1/27  TRAINED SPOTTER
   MILFORD               30.7   833 PM  1/27  TRAINED SPOTTER
   WHITINSVILLE          30.0   503 PM  1/27  TRAINED SPOTTER
   FITCHBURG             30.0   305 PM  1/27  TRAINED SPOTTER
   STERLING              29.3   352 PM  1/27  NONE
   SPENCER               29.0   735 PM  1/27  TRAINED SPOTTER
   NORTH GRAFTON         29.0   805 PM  1/27  TRAINED SPOTTER
   LEOMINSTER            29.0   437 PM  1/27  NONE
   BOYLSTON              28.0   534 PM  1/27  TRAINED SPOTTER
   BOLTON                26.0   318 PM  1/27  HAM RADIO
   NORTH WORCESTER       24.0   914 PM  1/27  HAM RADIO
   DOUGLAS               24.0   312 PM  1/27  TRAINED SPOTTER
   SOUTHBRIDGE           20.0   700 PM  1/27  TRAINED SPOTTER
   WESTMINSTER           15.0   617 PM  1/27  HAM RADIO
   ASHBURNHAM            10.0   426 PM  1/27  CO-OP OBSERVER


   WEST WARWICK          20.5   954 PM  1/27  TRAINED SPOTTER
   2 NNW WARWICK         18.5   700 PM  1/27  AIRPORT
   GREENE                18.0   351 PM  1/27  TRAINED SPOTTER

   TIVERTON              19.0   807 PM  1/27  HAM RADIO

   BURRILLVILLE          26.5   357 PM  1/27  GENERAL PUBLIC
   WEST GLOCESTER        24.4   321 PM  1/27  TRAINED SPOTTER
   NORTH FOSTER          20.7   546 PM  1/27  CO-OP OBSERVER
   SMITHFIELD            18.0   913 PM  1/27  HAM RADIO
   CRANSTON              17.0   338 PM  1/27  GENERAL PUBLIC
   PROVIDENCE            17.0   913 PM  1/27  HAM RADIO
   1 W PROVIDENCE        15.5   509 PM  1/27  TRAINED SPOTTER
   PAWTUCKET             15.5   350 PM  1/27  GENERAL PUBLIC
   EAST PROVIDENCE       14.5   837 PM  1/27  TRAINED SPOTTER

   WESTERLY              21.0   624 PM  1/27  TRAINED SPOTTER
   HOPE VALLEY           18.5   527 PM  1/27  TRAINED SPOTTER
   NORTH KINGSTOWN       15.0   430 PM  1/27  NONE


0 Was Winchester's 2.9 earthquake A result of Recent Fracking In The Area?

An earthquake with a magnitude of 2.9 has been recorded in Hampshire, the British Geological Survey has confirmed.
Postings on social media reported buildings in the Winchester area shaking following a tremor shortly after 18:30 GMT.
A police spokeswoman said no injuries or serious damage had been reported.
Matthew Emery, from South Wonston, near Winchester described the experience as "almost as if Concorde had flown over".
The British Geological Survey (Bgs) reported a tremor at a depth of 3km (1.9miles) at Headbourne Worthy, just north east of Winchester.
BGS Seismologist David Galloway said the UK experienced about 10 quakes of such a size each year which were "usually quite widely felt around the area".
Winchester earthquake mapThe epicentre of the quake was at Headbourne Worthy, just north of Winchester
"We live on a dynamic planet. We're actually sitting in the middle of one of the plates on the earth's crust, but because of the stresses caused by all the movement, we still get little earthquakes in the UK."
The BGS said it had received a report from a residents who said "the whole bed was visibly shaking" as well as one who said the earthquake sounded "like a bus" crashing "into the neighbours house at speed".
Hampshire Constabulary said it had initially received lots of calls from concerned residents in the Kingsworthy area following reports of something which "felt like an explosion which shook their houses".
Residents also took to social media to describe what happened.
Rowland Rees tweeted: "Quake felt in Crawley, Winchester. Whole house shook for a few seconds!"
And Jen Gupta said in a tweet: "Our house in Winchester just shook enough to rattle glasses in the cupboard, accompanied by a boom sound."
Rachel Cristofoli, in Kings Worthy, said: "Everyone felt it and came outside to see what was going on. It lasted about 5 seconds, but the houses all shook from top to bottom."
Brook Ethridge, barmaid at the South Wonston Social Club, said: "About half past six, I was sitting reading my book and all the glasses started shaking. It sounded like someone had driven into the back of the club.
"Everyone ran outside, couldn't see anything. It doesn't sound like the sort of thing that happens in a quiet little place - you just don't expect it."

Licences for fracking issued for countryside near Winchester

Licences for fracking issued for countryside near Winchester
Licences for fracking issued for countryside near Winchester
First published  in NewsHampshire Chronicle: Photograph of the Authorby 
DRILLING licences have already been issued for possible fracking underneath huge parts of Hampshire.
Gas companies have been awarded no fewer than eight licences in the south of the county.
The new technology – formally known as hydraulic fracturing – is controversial because it involves blasting underground rock deposits with water, to release trapped pockets of gas.
The alarm has been raised over groundwater contamination and toxic air around sites. In Lancashire, fracking was blamed for causing small earthquakes.
Greenpeace, the environmental group, has mapped the areas covered by licences, using information from the Department for Energy and Climate Change (DECC).

In the south of Hampshire, they are located: * North of Southampton stretching east from North Baddesley to the A3051 at Fairthorne.

* North of Winchester, from Kings Worthy west almost to Stockbridge.
* Further north, reaching from Chilbolton west to Amport.
* East of Winchester, underneath Hampage Wood.
* Stretching west from Hinton, in the New Forest.
* From east of Fareham, stretching further east.
* East from the Hambledon area (two licences).
It is unlikely that all the sites would be fracked – even if drilling went ahead – because many have the potential to generate conventional gas instead.
The revelations came as Hampshire councillors were denied a chance to vote on a proposal to make the county a fracking-free zone.
Liberal Democrat environment spokesman Adam Carew had called for the ruling Tories to forbid fracking on council land and oppose it in all parts of the county. He said: “We know you are opposed to wind farms. I think the people of Hampshire have a right to know where you stand on fracking as well.”
But the new council leader Roy Perry said a ban could prejudice future planning applications to drill from oil companies. The county council, as minerals and waste authority, decides planning applications for oil and gas though not wind farms which are decided by district councils.
If permission was refused, oil companies could appeal to the High Court to overturn the decision on the grounds their application had been pre-judged.
The British Geological Survey has mapped potential shale gas reserves around the country and suggested massive gas reserves worth millions of pounds could be hidden beneath Hampshire.
Thousands of jobs could be created if drilling companies believe it is worth trying to extricate the supplies, which have lain buried in tiny holes in rocks for millions of years.
Ray Cobbett, co-ordinator of Hampshire Friends of the Earth, said his organisation was opposed to fracking because of the environmental damage and pollution caused by fracturing rocks with chemicals and high pressure water.

0 Anonymous Takes Down 9 Known ISIS Websites, Confirms Leaked Government Documents Were Real

Anonymous, the online hacktivist collective, has avenged the brutal murder of the Charlie Hebdojournalists. Shortly after the ghastly Paris massacre, the group vowed to shut down websites promoting terrorism and released a video declaring war against the terrorists. They kept their promise and shut down a number of confirmed ISIS websites as part of the ongoing operation, #OpISIS.
Anonymous’ account, @OpCharlieHebdo (since suspended by Twitter), confirmed it took down the French terrorist website, The page was directing users to the search engine DuckDuckGo.
Some more of the ISIS websites that were taken offline by Anonymous / RedCult team:
#Target (Imposter Website)#TANGODOWN
Any website or email related to ISIS or Al-Qaeda will be targeted by Anonymous from now on. The group called on its followers and ‘netizens’ to help them find the terrorists.

Anonymous confirmed that ISIS did in fact obtain classified US intelligence documents. These documents were shrugged off by the mainstream media and the government as not being classified. However, it appears that they are exactly what ISIS claimed them to be.

How the NSA Plans to Infect ‘Millions’ of Computers with Malware



By  and 453
Featured photo - How the NSA Plans to Infect ‘Millions’ of Computers with MalwareOne presentation outlines how the NSA performs “industrial-scale exploitation” of computer networks across the world.
Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.
The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.
The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”
In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.    
“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”
Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be “out of control.”
“That would definitely not be proportionate,” Hypponen says. “It couldn’t possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance.”
The NSA declined to answer questions about its deployment of implants, pointing to a new presidential policy directive announced by President Obama. “As the president made clear on 17 January,” the agency said in a statement, “signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes.”

“Owning the Net”

The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secretinternal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands.
To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency’s term for the interception of electronic communications. Instead, it sought to broaden “active” surveillance methods – tactics designed to directly infiltrate a target’s computers or network devices.
In the documents, the agency describes such techniques as “a more aggressive approach to SIGINT” and says that the TAO unit’s mission is to “aggressively scale” these operations.
But the NSA recognized that managing a massive network of implants is too big a job for humans alone.
“One of the greatest challenges for active SIGINT/attack is scale,” explains the top-secret presentation from 2009. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).”
The agency’s solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an “intelligent command and control capability” that enables “industrial-scale exploitation.”
TURBINE was designed to make deploying malware much easier for the NSA’s hackers by reducing their role in overseeing its functions. The system would “relieve the user from needing to know/care about the details,” the NSA’s Technology Directorate notes in one secret document from 2009. “For example, a user should be able to ask for ‘all details about application X’ and not need to know how and where the application keeps files, registry entries, user application data, etc.”
In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually – including the configuration of the implants as well as surveillance collection, or “tasking,” of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact – allowing the agency to push forward into a new frontier of surveillance operations.
The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.” (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)
Eventually, the secret files indicate, the NSA’s plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations.
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”

Circumventing Encryption

The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.
One implant, codenamed UNITEDRAKE, can be used with a variety of “plug-ins” that enable the agency to gain total control of an infected computer.
An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer’s microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer’s webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.
The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That’s because the NSA’s malware gives the agency unfettered access to a target’s computer before the user protects their communications with encryption.
It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.
Previous reports have alleged that the NSA worked with Israel to develop the Stuxnet malware, which was used to sabotage Iranian nuclear facilities. The agency also reportedly worked with Israel to deploy malware called Flame to infiltrate computers and spy on communications in countries across the Middle East.
According to the Snowden files, the technology has been used to seek out terror suspects as well as individuals regarded by the NSA as “extremist.” But the mandate of the NSA’s hackers is not limited to invading the systems of those who pose a threat to national security.
In one secret post on an internal message board, an operative from the NSA’s Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator’s computer, the agency can gain covert access to communications that are processed by his company. “Sys admins are a means to an end,” the NSA operative writes.
The internal post – titled “I hunt sys admins” – makes clear that terrorists aren’t the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any “government official that happens to be using the network some admin takes care of.”
Similar tactics have been adopted by Government Communications Headquarters, the NSA’s British counterpart. As the German newspaper Der Spiegel reported in September, GCHQ hacked computers belonging to network engineers at Belgacom, the Belgian telecommunications provider.
The mission, codenamed “Operation Socialist,” was designed to enable GCHQ to monitor mobile phones connected to Belgacom’s network. The secret files deem the mission a “success,” and indicate that the agency had the ability to covertly access Belgacom’s systems since at least 2010.
Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers – the devices that connect computer networks and transport data packets across the Internet – the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications.
Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform “exploitation attacks” against data that is sent through aVirtual Private Network, a tool that uses encrypted “tunnels” to enhance the security and privacy of an Internet session.
The implants also track phone calls sent across the network via Skype and other Voice Over IP software, revealing the username of the person making the call. If the audio of the VOIP conversation is sent over the Internet using unencrypted “Real-time Transport Protocol” packets, the implants can covertly record the audio data and then return it to the NSA for analysis.
But not all of the NSA’s implants are used to gather intelligence, the secret files show. Sometimes, the agency’s aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target’s file downloads. These two “attack” techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for “defensive” purposes – to protect U.S. government networks against intrusions.

“Mass exploitation potential”

Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network.
According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a “back-door implant” infects their computers within eight seconds.
There’s only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious.
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.
To perform a man-on-the-side attack, the NSA observes a target’s Internet traffic using its global network of covert “accesses” to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency’s surveillance sensors alert the TURBINE system, which then “shoots” data packets at the targeted computer’s IP address within a fraction of a second.
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.
According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA’s automated TURBINE system.
“As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that’s terrifying,” Blaze says.
“Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?”
In an email statement to The Intercept, Facebook spokesman Jay Nancarrow said the company had “no evidence of this alleged activity.” He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.
Nancarrow also pointed out that other services besides Facebook could have been compromised by the NSA. “If government agencies indeed have privileged access to network service providers,” he said, “any site running only [unencrypted] HTTP could conceivably have its traffic misdirected.”
A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.
This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.
The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party. The same technique is sometimes used by criminal hackers to defraud people.
A top-secret NSA presentation from 2012 reveals that the agency developed a man-in-the-middle capability called SECONDDATE to “influence real-time communications between client and server” and to “quietly redirect web-browsers” to NSA malware servers called FOXACID. In October, details about the FOXACID system were reported by the Guardian, which revealed its links to attacks against users of the Internet anonymity service Tor.
But SECONDDATE is tailored not only for “surgical” surveillance attacks on individual suspects. It can also be used to launch bulk malware attacks against computers.
According to the 2012 presentation, the tactic has “mass exploitation potential for clients passing through network choke points.”
Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale “seems very disturbing.” Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.
“The thing that raises a red flag for me is the reference to ‘network choke points,’” he says. “That’s the last place that we should be allowing intelligence agencies to compromise the infrastructure – because that is by definition a mass surveillance technique.”
To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.
The agency’s hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.
The implants can circumvent anti-virus programs, and the NSA has gone to extreme lengths to ensure that its clandestine technology is extremely difficult to detect. An implant named VALIDATOR, used by the NSA to upload and download data to and from an infected machine, can be set to self-destruct – deleting itself from an infected computer after a set time expires.
In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency’s hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. “If we can get the target to visit us in some sort of web browser, we can probably own them,” an agency hacker boasts in one secret document. “The only limitation is the ‘how.’”

Covert Infrastructure

The TURBINE implants system does not operate in isolation.
It is linked to, and relies upon, a large network of clandestine surveillance “sensors” that the agency has installed at locations across the world.
The NSA’s headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England.
The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet.
When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.
The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.
Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.
What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.
Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.
GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ.
Top-secret documents show that the British base – referred to by the NSA as “MHS” for Menwith Hill Station – is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant “exploitation” attacks against users of Yahoo and Hotmail.
In one document dated 2010, at least five variants of the QUANTUM hacking method were listed as being “operational” at Menwith Hill. The same document also reveals that GCHQ helped integrate three of the QUANTUM malware capabilities – and test two others – as part of a surveillance system it operates codenamed INSENSER.
GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ was apparently reluctant to get involved in deploying the QUANTUM malware due to “legal/policy restrictions.” A representative from a unit of the British surveillance agency, meeting with an obscure telecommunications standards committee in 2010, separately voiced concerns that performing “active” hacking attacks for surveillance “may be illegal” under British law.
In response to questions from The Intercept, GCHQ refused to comment on its involvement in the covert hacking operations. Citing its boilerplate response to inquiries, the agency said in a statement that “all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.”
Whatever the legalities of the United Kingdom and United States infiltrating computer networks, the Snowden files bring into sharp focus the broader implications. Under cover of secrecy and without public debate, there has been an unprecedented proliferation of aggressive surveillance techniques. One of the NSA’s primary concerns, in fact, appears to be that its clandestine tactics are now being adopted by foreign rivals, too.
“Hacking routers has been good business for us and our 5-eyes partners for some time,” notes one NSA analyst in a top-secret document dated December 2012. “But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene.”