dkleinsc writes "The NY Times has a piece about work being done by Congressman Rush Holt (D-NJ) and others to curb NSA efforts to read email and Internet traffic. Here's an excerpt: 'Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency's ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former NSA analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans' e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.'"

ericcantona writes "The Communications Data Bill (2008) will lead to the creation of a single, centralized database containing records of all e-mails sent, websites visited and mobile phones used by UK citizens. In a carnivore-on-steroids programme, as all vestiges of communication privacy are stripped away, The BBC reports that Home Secretary Jacqui Smith says this is a 'necessity.'"

teknopurge writes "Apparently Hushmail has been providing information to law enforcement behind the backs of their clients. Billed as secure email because of their use of PGP, Hushmail has been turning over private keys of users to the authorities on request. 'DEA agents received three CDs which contained decrypted emails for the targets of the investigation that had been decrypted as part of a mutual legal assistance treaty between the United States and Canada. The news will be embarrassing to the company, which has made much of its ability to ensure that emails are not read by the authorities, including the FBI's Carnivore email monitoring software.'"

We posted earlier this week that the FBI has officially dropped Carnivore, its "privacy respecting" eavesdropping program. Now reader Throtex writes "Professor Orin Kerr at the George Washington University Law School, a member of the Volokh Conspiracy discusses why Carnivore came to be in the first place and why it really was terminated (about two years ago). Essentially, the media (as usual) got a bit carried away with a non-story: Carnivore was designed to protect your rights from being invaded while sniffing only suspect data. Carnivore was dropped because, as of two years ago, the available tools met the necessary privacy standards, as Prof. Kerr noted in his article about the PATRIOT Act published at the time."

wikinerd writes "FBI has retired the controversial Carnivore software, strongly criticized by privacy advocates for its email capturing abilities. However, it is believed that unspecified commercial surveillance tools are employed now. What does that mean for Internet users' privacy?"

Teknogeek was one of the many readers to point out today's New York Times report on what one submitter dubbed "Son of Carnivore." "This should scare you: Vice Admiral John Poindexter wants to create a supercomputer capable of hunting through electronic databases all over the world, looking for suspected terrorists. According to the article, Poindexter outlines a need to '"break down the stovepipes' that separate commercial and government databases, allowing teams of intelligence analysts to hunt for hidden patterns of activity with powerful computers.'" Update: 11/10 16:15 GMT by T : Here's an updated link to the (no-registration) Arizona Star. Update: 11/24 17:42 GMT by T : Thanks to expiring links, here's another updated link to the NYTimes story.

An Anonymous Coward writes: "The FBI apparently used Carivore in an attempt to collect information on Osama bin Laden't network. Unfortunately they screwed up and collected information on "non-covered targets" (*ahem*, isn't this the sort of thing we weren't supposed to worry about...). Then the FBI tech was "so upset" that he destroyed ALL of the collected email, not only the information that was not covered by the warrant. Here is the SF Gate Story and EPIC's press release."

timdorr writes: "Looks like a student at Dartmouth wants to turn Carnivore into a much more resonable tool according to this Wired article. I'd personally feel a lot less invaded if I knew the system was in place and in this form. Hopefully the government takes notice becuase Carnivore still seems like quite a loophole for our government to exploit."

tekneeq writes "According to this article on Yahoo, the FCC will require all US wireline, cellular, and broadband PCS carriers to provide law enforcement with surveillance capabilities by June 30th. Carriers will have to supply a multitude of information upon request, such as numbers dialed after a call is connected, call forwarding signals, and signals pertaining to voice mail services." Although it's hard to tell from the Reuters story, this is a continuation of a lawsuit filed against CALEA a few years ago. Read on for more.

A reader writes: "Yahoo has a news item about the continued use of DCS-1000 AKA Carnivore. Looks like it's being used more than ever, and some privacy groups are still fighting in court for more disclosure about its use."

SilverStr writes "Looks like we may be learning more about DCS1000( AKA: Carnavore). Privacy advocates have won another round in their fight to gain access to more information about the FBI's Carnivore e-mail surveillance system."

pamri writes: "India is getting its own version of Carnivore. According to this Times of India article,'...after investigations have revealed that Mohammad, alias "Burger," who led the Parliament attack, was in constant touch with his counterparts in Pakistan as well as within India through email ... The Intelligence Bureau (IB) has prepared a list of new keywords that are to be used to intercept mails emanating from IP addresses in India.'"

John Young of Cryptome, though trained as an architect, has garnered recognition in another field entirely. Since 1996, he's been publishing timely, trenchant news online as the mind behind crypto jya.com and Cryptome. ("Our goal is to be the most disreputable publisher on the Net, just after the world's governments and other highly reputable bullshitters." ) This has put him on the forefront of various online liberty issues, from the MPAA's DeCSS crackdown on DeCSS (he fought the lawyers -- and won), to Carnivore, to Dmitry Sklyarov's continuing imprisonment, and now the several fronts along which electronic communications are threatened by current and upcoming legislation. He recently posted this to the front page: "Cryptome and a host of other crypto resources are likely to be shutdown if the war panic continues. What methods could be used to assure continued access to crypto for homeland and self-defense by citizens of all nations against communication transgressors?" Now's your chance to ask him about the fight for online freedom. Please pose just one question per post; we'll send 10-15 of the highest moderated ones on to John for his answers.

StudMuffin writes: "The American Council on Education website has a succinct summary of the new anti-terrorism legislation. The issues raised are those most likely to cause problems on our campuses around the United States. Specifically, the facts that schools must now turn over student records to investigators without informing the students, allows (get this!) monitoring of persons here on student visas, turnover of electronic communications and records, obtain IP addresses and routing and addressing data, records of URL's accessed, and most unfortunately ... install Carnivore at will to track internet use on campus. There are also specific regulations about university researchers and their ability to use biological agents in quantities not 'reasonably justified.' What about all of this doesn't suck? We give up a little freedom now, and later it's impossible to get it back." PDF only -- I wish they would put up a text version as well.

Kallahar writes: "Inspired by the FBI's DCS1000: Carnivore is a networked art project in two parts. The first part is Carnivore Server, an application which performs packet-sniffing on a specific local area network and serves the resulting data stream via the net. The second part consists of an unlimited number of client applications which tap into this data stream and interpret it in creative ways."

Majik was among the stream sof people submitting this story about the FBI wanting to tap the net. Makes carnivore look like a baby monitor since this tracks all packets, and would be placed at key locations on the net.

Ames Cornish writes: "The non-profit SDForum's Internet Security and Privacy group is sponsoring a panel on National Security versus Individual Privacy on Wednesday evening, Oct 17th in Silicon Valley. It includes representatives from the Electronic Frontier Foundation, the California Office of Emergency Services, KPMG Israel, and the Technology Editor from the San Jose Mercury News. The panel will address both sides of controversial topics including the 'Patriot' Act, Carnivore, encryption back-doors, and questions from the audience. This event is an excellent way to participate in intelligent debate about the role of technology in Homeland Security and Civil Liberties. Get your issues heard, and watch the sparks fly!"

Troodon writes: The Register reports on Forensics Explorers' NetWitness. Rather than relying upon the FBI's 'fail-safe' separation of Carnivore Operators and Case Agents to discriminate between legitimate data and that inadmissably, incidentally siphoned up along with it and submitting to the installation of a mysterious black box within their network, ISP's can comply with CALEA in-house for approximately $2,500 per collector and between $35,000 and $45,000 for an analysis station. Should you fancy a little development, another cheaper alternative exists: Altivore." Not sure any of this is much comfort -- the lesser of two evils is still evil.

braddock writes: "The BBC is now reporting that 'The FBI is scouring e-mail accounts for clues as to who might have been behind the terror attacks' and that AOL and Earthlink have confirmed that they are cooperating with investigators. Earthlink maintains 'We're co-operating, but we're not installing any surveillance equipment on our networks.' AOL and Earthlink together have approximatey 36 million accounts. Scary how fast privacy can be compromised when the bulk of a country's e-mail services are centralized." I wonder which ISPs really are installing Carnivore, if not the two largest in the country. Maybe this means it's already in place?

GMontag writes: "The Washington Post Tech Section is running this story FBI's 'Carnivore' Might Target Wireless Text. Apparently, since the industry can't provide big brothering to the satisfaction of the FBI the FBI will will do it *for* them. This is a collector's item too, with no mention in article of DCS1000 being used to "save" children!"