5-eyes: United Kingdom, United States, Australia, Canada, New Zealand

These five countries make up the core of the UK-USA Agreement. That is to say, they are the main entities spying on everyone, including their partners listed below.

9 eyes: Denmark, France, the Netherlands, Norway

These are third-parties with whom the NSA cooperates, but also spies upon. Denmark for example has allowed the NSA to install surveillance equipment on international fiber-optic cables for data leaving and entering the country under the Rampart-A program. In the return, the NSA assists the Danish intelligence services in various ways including access to NSA hardware, and allowing them access to the surveillance equipment installed on the fiber-optic cables. Germany, too, is part of this program.

14 eyes: Germany, Belgium, Italy, Spain, Sweden

Belgium has actually been targeted by the U.S and U.K of the 5-Eyes. Articles here and here. Sweden has access to XKEYSCORE, a very powerful tool of the NSA.

TL;DR - The 5 are the main spies, the rest are enablers that also spy on each other, with help they receive from taking part of in this intelligence sharing program. Your internet traffic will most likely transit through one of these countries anyway, but if you avoid make sure your traffic doesn't originate from one of these countries, you're better off as far as privacy goes.

"Surveillance is the business model of the Internet," Schneier told attendees. "We build systems that spy on people in exchange for services. Corporations call it marketing."

[...]

"The NSA woke up and said, corporations are spying on the Internet, let's get ourselves a copy,'" Schneier said. Most NSA surveillance "piggybacks" what the companies are already doing, he said.

The government didn't tell anyone they have to carry around a tracking device, but people now carry mobile devices. The government doesn't require users to notify any agency about their relationships. Users will tell Facebook soon enough, Schneier noted. "Fundamentally, we have reached the golden age of surveillance because we are all being surveilled ubiquitously."

Would this be worth it for an intelligence agency? Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous. Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections.

Chaque semestre, le gouvernement américain demande des informations sur au moins 500 comptes, pour un nombre de lettres globalement inconnu.

The court-ordered search Yahoo conducted, on the other hand, was done by a module attached to the Linux kernel - in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled, according to three former Yahoo employees.

They said that made it hard to detect and also made it hard to figure out what the program was doing.

The backdoor was installed in such a way that it was intercepting and querying all Yahoo Mail users’ emails, not just emails of investigation targets.

Fin septembre, Fakt, le magazine politique de la première chaîne de télévision publique allemande, a révélé qu’en 2005, le BND – l’équivalent allemand de la DGSE – avait découvert que Netbotz était doté d’une backdoor, une «porte dérobée», permettant d’activer à distance des fonctionnalités cachées. Et qu’il se connectait à une adresse IP attribuée à l’armée américaine…

[...]

Le BND découvrit qu’en sus de ces fonctionnalités documentées, Netbotz était aussi pourvu d’un système d’analyse d’images comparative déclenchant, à distance, la caméra de vidéosurveillance lorsqu’un individu entrait dans son champ de vision, quand bien même le détecteur de mouvement était éteint ou n’avait pas été activé… Le renseignement extérieur allemand soulignait également qu’APC n’hésitait pas à «casser» les prix pour équiper les datacenters du ministère des Affaires étrangères, et ceux d’entreprises des secteurs de la défense ou de la high tech.

Entre le 3 octobre 2015 et le 2 octobre dernier, quelque 20.282 personnes ont été espionnées par les services français.

[...]

Celle-ci passe par l'emploi de la technique la moins intrusive, à savoir l'obtention des «fadettes» (facturations détaillées) de la personne ciblée jusqu'à des moyens plus lourds, telles que la sonorisation ou l'installation de moyens vidéo dans les domiciles en passant par les interceptions de sécurité, la géolocalisation, l'accès en temps réel aux données de connexion» ou encore l'emploi - encore parcimonieux - des «Imsi catchers» permettant de siphonner à distance les données de connexion des téléphones mobiles.

Vous l’ignorez peut-être, mais depuis le mois de juin, votre historique de navigation est sous surveillance.

The reason there are so many controls and layers of oversight over wiretap warrants is because the potential for abuse is huge. The FBI abused its wiretap authority for years, which resulted in new restrictions for federal wiretap warrants. The DEA...

The Investigatory Powers Act formally legalizes a number of mass surveillance programs revealed by Edward Snowden. Civil liberties campaigners say it's one of the most extreme surveillance laws in any…

It lights you up like a Vegas casino, says compsci boffin