That's a summary of the Washington Post story and what was changed. It looks like the Washington Post reporting of this was a disaster. Not only did they initially publish language that was more sweeping than the Guardian, but they had absolutely no backbone and edited their story when companies said the NSA slides were wrong.
It seems the claims of the Guardian have not been edited, proven incorrect, or retracted. I haven't re-read their entire article, but it appears to be the same one that was initially published.
It appears that the exposé you linked eventually concludes: "According to a more precise description contained in a classified NSA inspector general’s report, also obtained by The Post, PRISM allows “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers." Looking at this from a process perspective and not a technical one, it appears there is little functional difference between this and "direct access" to servers. And it perfectly explains why the NSA presentation cut to the point: you get data from the company's systems without the company being involved.
It's up to the companies and the NSA to clarify things, but it appears the NSA slides are likely correct in terms of process, if not in technical terms.
Oops that is the WaPo story you are right. Also the summary above sounds like the story that floated by on HN yesterday (hard to keep track since all this site is this week is NSA outrage), IE: data is sent via sftp to offsite servers by humans when complying with requests.
It seems the claims of the Guardian have not been edited, proven incorrect, or retracted. I haven't re-read their entire article, but it appears to be the same one that was initially published.
It appears that the exposé you linked eventually concludes: "According to a more precise description contained in a classified NSA inspector general’s report, also obtained by The Post, PRISM allows “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers." Looking at this from a process perspective and not a technical one, it appears there is little functional difference between this and "direct access" to servers. And it perfectly explains why the NSA presentation cut to the point: you get data from the company's systems without the company being involved.
It's up to the companies and the NSA to clarify things, but it appears the NSA slides are likely correct in terms of process, if not in technical terms.