http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-data-with-thousands-of-firms.html

Thousands of technology, finance and manufacturing companies are working closely with U.S. national security agencies, providing sensitive information and in return receiving benefits that include access to classified intelligence, four people familiar with the process said.

These programs, whose participants are known as trusted partners, extend far beyond what was revealed by Edward Snowden, a computer technician who did work for the National Security Agency. […]

Microsoft Corp. (MSFT), the world?s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. […]

If necessary, a company executive, known as a ?committing officer,? is given documents that guarantee immunity from civil actions resulting from the transfer of data. The companies are provided with regular updates, which may include the broad parameters of how that information is used.

Intel Corp. (INTC)?s McAfee unit, which makes Internet security software, regularly cooperates with the NSA, FBI and the CIA, for example, and is a valuable partner because of its broad view of malicious Internet traffic, including espionage operations by foreign powers, according to one of the four people, who is familiar with the arrangement.

Such a relationship would start with an approach to McAfee?s chief executive, who would then clear specific individuals to work with investigators or provide the requested data, the person said. The public would be surprised at how much help the government seeks, the person said.

McAfee firewalls collect information on hackers who use legitimate servers to do their work, and the company data can be used to pinpoint where attacks begin. The company also has knowledge of the architecture of information networks worldwide, which may be useful to spy agencies who tap into them, the person said. […]

The information provided by Snowden also exposed a secret NSA program known as Blarney. As the program was described in the Washington Post (WPO), the agency gathers metadata on computers and devices that are used to send e-mails or browse the Internet through principal data routes, known as a backbone.

That metadata includes which version of the operating system, browser and Java software are being used on millions of devices around the world, information that U.S. spy agencies could use to infiltrate those computers or phones and spy on their users.

?It?s highly offensive information,? said Glenn Chisholm, the former chief information officer for Telstra Corp (TLS)., one of Australia?s largest telecommunications companies, contrasting it to defensive information used to protect computers rather than infiltrate them.

According to Snowden?s information, Blarney?s purpose is ?to gain access and exploit foreign intelligence,? the Post said. […]

Lawmakers who oversee U.S. intelligence agencies may not understand the significance of some of the metadata being collected, said Jacob Olcott, a former cybersecurity assistant for Senator John D. Rockefeller IV of West Virginia, the Democratic chairman of the Senate Commerce Committee. ?That?s what makes this issue of oversight so challenging,? said Olcott, now a principal at Good Harbor Security Risk Management in Washington. ?You have a situation where the technology and technical policy is far outpacing the background and expertise of most elected members of Congress or their staffs.? […]