They now claim its secure again because they are encrypting internal traffic. It's such a high priority and centralized target with so much valuable intelligence that any such claims have to be taken with a grain of salt.
naturally its hard to keep track of all their cute code names, at the end of the day all the data ends up queryable by analysts with nothing resembling a warrant process
PRISM wasnt a vulnerability, Google (et al) was basically forced to build a system to automatically handle FISA warrants data requests. For example, a single warrant signed in a secret court would request all data for a person of interest plus one or more hops of every person they communicated with which got funnelled through the PRISM system to multiple tech companies in the US simultaneously which then got fed back into XKeyScore for agents to go through the data and do graph analysis.
Which is still really bad but not the same as these software vulnerabilities.
They now claim its secure again because they are encrypting internal traffic. It's such a high priority and centralized target with so much valuable intelligence that any such claims have to be taken with a grain of salt.