This sample source code, so we're told, for XKeyscore has been deconstructed by members of the Tor project and security specialists for German broadcasters NDR and WDR. The results show that the NSA is specifically targeting Tor directory servers, is recording connections from IP addresses to privacy-focused websites, and suggest that the American agency is breaking international law in doing so.
These include Linux Journal, which the code calls an "extremist forum," the website for the Linux operating system Tails (described as "a comsec mechanism advocated by extremists on extremist forums"), and the encryption software Truecrypt.
If something as innocuous as Linux Journal is on the NSA's hit list, it's a distinct possibility that El Reg is too, particularly in light of our recent exclusive report on GCHQ – which led to a Ministry of Defence advisor coming round our London office for a chat. If you take even the slightest interest in online privacy or have Googled a Linux Journal article about a broken package, you are in an NSA surveillance database, according to these latest leaks.
Other monitored sites include HotSpotShield, FreeNet, Centurian, FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion.