Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Privacy Your Rights Online

What is Carnivore, and How Does it Work? 90

Posted by CmdrTaco from the finally-some-details dept.
MainFrame writes "A friend of a friend of mine, Tom Perrine, was "invited" to testify at the Congressional subcommittee meeting concerning Carnivore. "I had seen Carnivore on a recent trip to Quantico and had the opportunity to discuss the program with some of the developers. This was all before the Earthlink flap. I hope that my (written) testimony was balanced and fair. Those of you who know me, know that I try to balance my firm belief in personal privacy and Constitutional rights with my belief that there *are* times when law enforcement has legitimate needs and a duty to access electronic communications, when properly authorized by a court. " There's a lot of confusion about what carnivore is and what it does, so its nice to see something like this which appears to be much more informed.
This discussion has been archived. No new comments can be posted.

What is Carnivore, and How Does it Work? More

What is Carnivore, and How Does it Work?

Comments Filter:
  • When it is MUCH simpler to encrpyt your eMail than it is to secure your phone communications - why not just HIDE anything you don't want the FBI to see?

  • The guts of the carnivore:DISCLOSED (Score:3)

    by Kalrand ( 177637 ) on Saturday August 05, 2000 @06:14AM (#878005)
    Funny, all they found was a copy of Windows 95 with a copy of Back Orifice running....

    Kalrand

    -the voice of reason

    Kalrand

    -the voice of reason
  • You gotta admint Carnivore [dictionary.com] is a pretty piss-poor choice...

  • How much did they spend? (Score:3)

    by Mr Krinkle ( 112489 ) on Saturday August 05, 2000 @06:21AM (#878007) Homepage
    In college I spent 400$ on an old Mac and DLed a demo copy of etherpeek. I then wrote some filters and had a packet sniffer that could do the exact same things that it sounds like carnivore does. Maybe not with as pretty of an interface but it is still just a packet sniffer nothing more nothing less. For under a grand anyone can do this. I would bet our lovely tax dollars pay 50k or so for each one of these PCs. Gotta love government bloat. AS for privacy from it, like I said anyone including them with a network port and 1k can monitor packets. I prefer to encrypt anything special. Wonders if someone will sniff this since it is from work. Oh well
  • As this stated in this MSNBC article [msnbc.com], Carnivore is just a good idea and system with a bad name.
    br"The need for a system such as Carnivore may be regrettable, but it is a necessary evil. And, just like a police search of your home or a wiretap of your phone, the FBI can use its Carnivore system only with a judge's permission." I dunno, it's a trade-off: personal safety for personal liberties. Everything has it's price, including safety.

  • I have faith in the FBI (Score:4)

    by Emerson Willowick ( 215198 ) on Saturday August 05, 2000 @06:26AM (#878009)
    Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    Government monitoring is nothing new. The FBI have long had many wiretapping systems set up to catch criminals. The USPS scans threatening mail trying to prevent people from mailing bombs and traps to their enemies. Cameras are installed along many city streets to watch crimes and catch traffic violations. I don't understand why these survelaince methods aren't coming under fire as well... why is the internet so incredibly different?

    Besides, look at the results of these efforts. Many major crimelords and killers have been caught by slipping up in the presence of wiretapping. Mail monitoring has prevented possible serial terrorists from doing something like send mail bombs. And street cameras catch amazing ammounts of crime, from murders to robberies to prostitution to speeding. I expect Carnivore to be extremely helpful in capturing pedophiles, pirates, terrorists, and other criminals.

    Yes, I may be concerned about my own e-mail being read. But I know that I am a law abiding citizen, my messages to people are trivial to the FBI, and that I feel like I need to hide nothing. And even if you *need* privacy, what about encryption? PGP is extremely hard to crack from my knowledge. Use that. I know the Slashdot mentality may contradict it, but it's unrealistic to expect the internet to remain unregulated forever. Regardless, some form of government restricition and monitoring will come eventually, and having read a little about Carnivore, I am satisfied with their efforts.

  • There's a lot of people out there (like myself) who, perhaps having watched one too many episodes of "The X-Files," will never buy into Carnivore.

    Open source? Great. How do I know that's the source code the FBI actually used in the live unit? Not possible.

    Technical docs? Spiffy. Same question.

    Only with a warrant? Yeah, like I trust them to stick to that limitation. (Not to mention the fact that warrants can be issued very quietly, at three in the morning, by a "rubber-stamp" judge, and with ridiculously broad criteria.)

    And don't even get me started on the potential of the unit being cracked. Win2K? What were they smoking?

  • It may be that to provide this level of confidence, that the source code for Carnivore might need to become publicly available, and that ISPs be permitted to acquire, examine, compile and configure the Open Source Carnivore software. Interestingly, this is more analogous to the current telephonic wiretap (installed by the telephone service provider), than the current use of Carnivore.

    That's a great idea. (No sarcasm, BTW.) I agree w/him that there are times, limited in number, when a wiretap is justified. And I think the suggestion of handing the software to the ISP, getting them to compile it and install it, would lower the paranoia factor (not that it isn't justified) a great deal. But then, maybe I'm one of THEM.

  • Re:I just don't understand what the big fuss is ab (Score:3)

    by Anonymous Coward on Saturday August 05, 2000 @06:30AM (#878012)
    I'll repost this from the previous Carnivore article. This post was way at the bottom, and thus was completely ignored by the moderators. I am its original author. It deals with the fact that even though your message text is encrypted, the FBI can still read the headers, and find out who is contacting who. This issue was brought up by another anonymous coward, to which I replied:

    --
    You've hit the problem right on the nail, my friend. Visit www.crimelink.com for an example of this program you are talking about. Organizational matrices and all that stuff are very key to finding out who is doing what, and what the odds are that what they are doing is illegal.

    For example. You email Joe Blow regarding a post you saw on a forum about gardening. Little did you know that Joe Blow had earlier emailed someone else, whose email he got off a forsale newsgroup advertising hydroponics. Turns out the guy selling the hydroponics was suspected of selling drugs, because his hydro bill was high enough to set off a flag. Now Joe Blow is just a gardener, but he was dealing with a drug dealer, and now YOU are dealing with someone who has delt with a drug dealer. You automatically have a "relationship" with a drug dealer based on an indirect contact. Carnivor can easily be used to setup such relationships, and programs like Crimelink can easily be used to give graphs and charts outlining any possible relationships.This means police and related agencies can establish a Whose-who in their ISPs neighbourhood.

    Now, I don't believe this sort of thing to be happening to the extent that others might believe (IE Echelon voice regognition crazyness and etc) however the potential is very real, and limited capabilities DO EXIST right now. With the onset of such systems as Carnivore, these capabilities grow exponentially towards the situations similiar to that I've outlined above. What I fear the most though is that by next week, Slashdot et al will have forgotten this and moved on to the newest "tiny computer" or Linux IPO news.

    Signed,
    Your Anonymous (?) Coward.

  • Filtering criteria don't always work (Score:4)

    by AdamHaun ( 43173 ) on Saturday August 05, 2000 @06:30AM (#878013) Journal
    While I agree that the government needs to be able to monitor suspected criminals(with a warrant of course), I'm not sure that arbitrary filtering criteria is the way to go. What would they use? Keyword searches? TCP/IP headers? What's to prevent the FBI from picking up whole usenet threads or the actions of people reading Slashdot? If I post a response to Joe Child Molester on Slashdot will I come under FBI scrutiny just for mentioning his name? What about the people who quote my(and his) message? Admittedly, these are public forums, but it seems like a huge waste of time to have to scan through all of the fluff that will inevitably be produced. And heaven forbid there should be another person on the ISP with the same name.

    Why not just snoop at the (modem/DSLAM/etc) server? If packet sniffing were more like a literal wiretap, I would be a lot more comfortable and I'm sure the FBI would be able to get a lot more work done. It shouldn't be that hard to get only one user's packets.
  • Thank you for your erudite commentary. As it happened, I was only planning on trolling this away for the rest of the day or so -- as you can see from my posting history, I'm much more of a karma whore than a troll. (Though many would say that they're one in the same -- and I'm not inclined to disagree.)

    The only reason that I have continued to post the link to Leisure Town [leisuretown.com] is because I have received nothing but thanks for it. People genuinely seem to enjoy it as much as I do, and no, I had nothing to do with its creation.

    Thank you again for your perspective.

    yours,
    john
  • As the latest Cringley article points out [pbs.org], Carnivore is over kill.
    I quote:

    "And the truly amazing part of this story is that there is nothing illegal about the data gathering, itself. Since the kiosk doesn't belong to you or me, we are bound by terms of usage that allow the kiosk provider to do pretty much whatever they want with the bits we run through their system. By simply using their machine, we give up our privacy without even knowing it."

    It sounds like we need some privacy laws to fill the lupole that Carnivore seeks to exploit. I, for one, favor the british aproach to seeking the informed consent of the people providing the data before collecting it.

  • Yes, it certainly seems simple enough, but I'm sure it was harder to create under Windows than it should have been -- and I wonder how much data is lost when those machines crash.
  • I would like to take this moment to point out that a good number of dinosaurs were actually herbivores.

    Oh? How many dinosaurs were there? Because I haven't heard much good science about dinosaurs since I was in the third grade.

    Mr. science, wouldn't the population of carnivorous dinosaurs have increased as the population of herbivors increased? It's seen all the time today. Are you suggesting that the predator-prey cycles hadn't been invented yet? Or that the carnivorous dinosaurs didn't eat their hebivorous relatives?

    Or, are you just confusing the number of species with the actual population?

    You can eat what you like, as long as you stay in denial of how that meat came to be on your plate. I find my friends can barely drive past a poultry farm for the stench, much less imagine waling into one and observing the harvesting of the meat crop.

  • carnivore (Score:5)

    by VAXGeek ( 3443 ) on Saturday August 05, 2000 @06:38AM (#878018) Homepage
    I like privacy as much as the next guy, so here's my two cents. I know that sometimes the govt. has to spy on people, but WHY DO IT AT THE ISP LEVEL WHERE YOU CAN SPY ON EVERYONE? I don't need my mail being 'accidentally' sniffed. If they want to watch criminals, put wiretaps AT the criminal's connection at his house NOT ON EVERYONE ELSE'S CONNECTION. 2 words: duh.
    ------------
    a funny comment: 1 karma
    an insightful comment: 1 karma
    a good old-fashioned flame: priceless
  • But the filter is aimed at a specific user and keywords. The judge approves such things, as telephone wiretaps allow tapping specific phones and may have restrictions on calls to which phone numbers may be recorded.

    However, notice that a Carnivore can be altered through its modem. A good guy, a bad good guy, or an intruder can alter the configuration remotely. I hope the security on that modem is as good as it should be.

  • Carnivore? No wonder people are worried. If they had called it "Lady peace" or "guardian angel" people wouldn't be so scared! :)
  • Yeah, so what are you worrying about? If the smell is to strong for the sniffer, it will just fold under stress like any Windoze system.... :-)
  • Chairman:
    Yes, Mr. Perrine we appreciate your views on this subject. However, you have not answered my original question.
    Do you know the location of agent Mulder?!
  • Forcing a private business to become an arm of law enforcement is just plain wrong. That's the really nasty part of this. No different than cops using your living room to spy on a neighbor.

  • I think you mean steganography. Stenography is what a court reporter does (they are stenographers.)
  • I for one have faith in King George. Why would he want to harm his loyal subjects?

    Government, by its very nature, will exploit and trample the rights of its people. Therefore, people must actively and vigorously defend their rights.

    -Peter

  • Re:Hrm (Score:2)

    by Anonymous Coward
    Did you read the article? This was addressed quite specifically. Yes, you need a court order to install Carnivore. However, once the system is in place there are no controls or monitoring capabilities over how it's actually used. Suppose instead of getting a warrant for a specific house, the judge just issued a warrant to search any house in the city and we were just supposed to trust the FBI to search the right one, and only that one?

  • why is the internet so incredibly different?

    For one thing, as the article said (it was a whole section titled "The Internet is Different"), a conventional wiretap would be on one or a few persons, with this software you could monitor thousands, and it would be very hard to control what the FBI (or anybody) is doing.

    You know, times change. There are people nowadays that I would like to see nailed, child porn, drug traffic, etc. So, it is legitimite to use this software to nail those. However, if you give authorities such a tool, then you run the risk that the political climate changes and it suddenly becomes politically correct to nail people for anything. Like witch-hunts. So, if you have a bad tool for witch hunts, you're not going to burn as many innocents as you do if you have a good tool for witch-hunts.

    So, yes, there are legitimate uses, but one must proceed with extreme caution.

  • PGP is extremely hard to crack from my knowledge
    Actually, PGP hasn't been cracked to anyone's knowledge. Of course, would the FBI or CIA tell us if they could crack it?
  • For you to code up something and put a machine together it will be cheap. However, whenever a business (or the government) does something it is inherently more expensive.

    They have to pay for the property the building is on, for the building, for cleaning staff, for administrative staff, for management, for office equipment and supplies. They have to pay taxes on everything, and the way the tax laws are written the business has to spend around 130% of an employees wages to actually pay the employee 100%.

    The FBI also probably has to reimburse people for travel, and possibly for hotel stays. Plus, if you're a 40k a year computer admin, and it takes you three hours to drive to the ISP, two hours to set up, and three hours to come back, that's a day wages, which is around $200 (plus travel, and some other hidden costs I'm sure I'm missing). That happens everytime the tape is checked.

    The reason I'm saying something is that I work for a government contractor, and everyone is always saying that the government is a mound of inefficiency. However, profit margins for government contract work is much lower than similar margins for commercial work, although frequently the contracts are bigger...

  • Encryption and E-Mail (Score:4)

    by Th3 D0t ( 204045 ) on Saturday August 05, 2000 @07:05AM (#878030)
    I think sendmail should be updated to by default use encryption/SSL to connect to other servers. Sure, most other servers will refuse the SSL connection, and then sendmail could fall back to unencrypted transport. But, if it used encryption by default, as such a popular mail package, certainly more and more e-mails would begin to be transmitted with encryption. Other mail server vendors would likely follow the lead after it became commonplace.
    ---
  • I agree that "Carnivore" is just a horrible sounding name. But as I read (in this story [slashdot.org], I think) earlier, it's actually an indication of the system having better privacy protections. The earlier system was "Omnivore." This improvement was dubbed "Carnivore" because it gets to the "meat" of the data, better selecting the pertinent messages and ignoring those from innocents.
  • Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    I agree. Governments never break their own laws in the name of overzealous law enforcement. No country would ever, ever do something as silly as turning it's army against the very people that pay for it. We've never had a politician use the FBI to obtain damaging information about their political rivals. Police don't shove toilet plungers up people's asses and they certaintly don't use their influence to quash others in the department from testifying against them if they had.

    Oh, and Santa is compiling his list - you might want to get cracking.

    My .02
    Quux26

  • Actually, PGP hasn't been cracked to anyone's knowledge.

    Somewhere there is a brown-haired individual. He's wearing pressed pants and a tie with a strawberry jelly-doughnut stain on it. He's wishing his badge wasn't digging into his ass so much, and he's laughing his balls off reading this post. =)

    My .02
    Quux26

  • When it is MUCH simpler to encrpyt your eMail than it is to secure your phone communications - why not just HIDE anything you don't want the FBI to see?

    Or hide everything, including the innoculous. Right now encrypting some things and not others might be a red flag. But what do you do when you're tasked with monitoring national security and everyone is guilty.

    Wait, that's already happened. Damn!

    My .02
    Quux26

  • Re:I have faith in the FBI (Score:5)

    by w3woody ( 44457 ) on Saturday August 05, 2000 @07:14AM (#878035) Homepage
    Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    While I have no problems with a law enforcement agency such as the FBI enforcing a legitimately obtained wiretap order in order to catch the bad guys, it's clear that you don't live in Los Angeles.

    To review, the Los Angeles police department is currently being investigated for a number of crimes carried out by bad police officers from the Rampart division. Latest estimates I heard indicated that something on the order of thousands of court cases may be thrown out because a few bad cops planted evidence, engaged in illegal activities (such as selling drugs or murdering suspects) while transfering the blaim to otherwise innocent people who are now sitting in jail. Those thousands of court cases translate to thousands of otherwise innocent citizens who are now sitting in jail due to a few rogue cops.

    At the same time all this started comming out we also learned that the Los Angeles District Attorney's office in conjunction with the LAPD engaged in several hundreds or thousands of illegal wiretap operations, turning over the illegally gathered evidence to the LAPD for followup. Remember: an illegally obtained wiretap may be thrown out of court, but if no-one knows that the wiretap was in place in the first place, the evidence gathered afterwards will not be thrown out later.

    (As an example of how an illegal wiretap could lead to an arrest without any connection to that illegal wiretap, suppose Joe Blow decides to sell cocaine to his friend in the back of the Ralphs supermarket at 9:00 tomorrow. All the LAPD has to do is to have a cop "happen to drive by" the Ralphs. His police report will read "in my routine survalence activities, I happened to catch Mr. Blow selling narcotics", not "I was tipped off by an illegal wiretap.")

    Most of the people working for the LA DA's office and the LAPD are the most top-notch, professional police officers in the country, working under extreme conditions with very little community support. I have very deep respect for these people. And it is their sister organizations in the city of Glendale where I live, who I have interacted with at all levels (from being stopped on the street in the middle of the night while out walking to serving as a witness to a purse snatching) which has made Glendale the safest city of all cities with a population greater than 150,000 in the United States.

    However, it only takes a rogue few to fuck things up totally, as they have in Los Angeles. (By the way, estimates are placing the cost to settle the civil cases caused by this handful of rogue enforcement officers at something like 25% of the total discretionary budget of Los Angeles--which buys a lot of libraries, squad cars, and fire trucks...)

    That's the concern with Carnivore--not that it isn't a powerful law enforcement tool that will be used for lawful purposes. But that a few rogue officers (a'la L.A. Rampart) will abuse the tool in an illegal fashion--and we will have no way to discover their illegal activities. It's clear if you had read the paper refered to in the header that it is Tom Perrine's suggestion to modify how Carnivore is installed and maintained so that at least the ISP knows what the data Carnivore is gathering and if it is in accord to a legally obtained wiretap court order.

    Trust, but verify. Verification creates professionalism, and professionalism creates Glendale (which is spitting distance from the Rampart district), instead of the LA Rampart district.
  • What's to prevent the FBI from picking up whole usenet threads or the actions of people reading Slashdot?

    You say this like it's a question.

    My .02
    Quux26

  • I wonder if I were to setup two accounts with two different ISPs, and then send e-mail from one to another stating things like "DESTROY FBI" and criminal words I know they'll be monitoring for, I wonder if it'll prompt an investigation. Considering I'm sending an e-mail to myself, it should proove quite odd for them. On the other hand, if they got tones of people doing this, would Carnivore's usefullness proove quite useless? :)
  • 2 words: CELLULAR MODEM. A physical tap on a phone line works because of the 'circuit switching' behavior of the phone line. (That is: when you make a phone call, there is a dedicated path for your phone data to travel over.) There is a GUARANTEED point of access for your phone, and it's the copper wire that runs from your phone to a PBX somewhere. This can (and already is) being used to tap your phone line (when authorized.)

    The difference comes when you add internet technologies to this. Becuase of the way a modem works, (handshaking, protocol setup, etc.), it becomes damn difficult to tap the actual modem signal (especially since the two modems agree to protocols on call startup), and introducing a third modem later on would probably disrupt the connection, and not monitor it.

    A cellular modem would also make things difficult to tap because you're still dealing with an analog modem signal. Also, a cellular modem is PORTABLE, and can switch from tower to tower at a moment's notice.

    The ONLY bottleneck you can guarantee their data will be going through in an accessible format will be their ISP, and yes, upstream of their modem pool, because it's very difficult to figure out exactly which modem is being accessed in a dynamic system. That puts an undue burden on the ISP to assist law enforcement agencies in an investigation.
  • Additionally, with the source available it could be:
    - ported to a more secure operating system.
    - examined for flaws.
    - easily patched if any security bugs are detected.
    - fixed if it has a bug that interferes with an ISP's systems.

    And with the configuration done by the ISP the ISP can look out for its subscribers' interests by refusing to tap anyone without the presentation of the appropriate court order. The FBI has a poor track record in that regard.

    ISP configuration of software on an ISP-constructed platform (in an ISP-supplied locked cage locked cage) using ISP-tweaked software has no more problems for evidence custody tracking than the ISP-provided signals to an FBI-operated box. (Especially one that is remotely accessable and reconfigurable.) The ISP might have to provide an expert witness to describe their tweaks. But the evidentiary issues are mainly that the evidence isn't forged or altered, not that the sampling filter is incorrect.
  • From Tom Perrines writen testimony to the subcommittee on the constitution: [sdsc.edu]

    "The FBI will always have to live with the legacy of the Hoover era, just as the Congress will have to constantly compare itself with the McCarthy hearings, and the Executive Branch must always remember Watergate. These and other incidents from our country's history have contributed to an unfortunate general distrust of our public institutions when they concern themselves with the rights of our citizens."

    All it takes is one power hungry nutball to go after anyone they consider "devient" and you're being tracked by your "warm and friendly" FBI for being a member of the NRA, watching Rosie, or enjoying a cuban cigar.

    History is prolog.

  • The problem is that they can keep Carnivore on as long as they want, they only need to get a warrent if the information they want to obtain is to be used in court.

    So, a simple scenario is that they turn it on and wait for a pattern of interesting things to crop up, get a little evidence through other means (enough to get a warrent issued) and then anything post-warrent is admissable in court. Any judge will throw out the stuff they obtained before the warrent was issued, but the problem is that carnivore can be used to listen in on what's going on, and get leads which may or may not turn into real investigations.
  • That would be great if every user had their own sendmail server at their home doing their email.
    MOre than likely as this will affect "small ISPs" you will see non-encrypted network traffic upto the ISPs mail server. If the FBI sniffs before the mail server, whether sendmail, qmail, postfix whatever is encrypted becomes a nonissue.
    The only way to stop this is for each and every ISP to supply encryption to their clients so from origination to destination everything is encrypted. But then again, do we really think that in this day and age, consumer level encryption algorithims are going to stand for more than a couple nanoseconds against some of these behemoth supercomputers the government uses for code breaking. If big brother wants to see what you got, he will pursue it with all the taxpayer money and resources he can find.
    Let's not forget that FBI agents are recruited from among Law and Accounting students. Do they get much more anoretentive?
  • certainly [the FBI] intentions are not to destroy or harm.

    Wrong! The have definitly had intentions to harm people like Martin Luther King when they collected information on him to try and ruin his credibility.

    why is the internet so incredibly different?

    They do not need to do it at the ISP. They can monitor a criminal's data transmissions with an ordinary wiretap request, i.e. tap his phone line to capter modem or DSL. Now, you'd need a way to tap cable modems, but that's not a big deal. I think most people who do not use cable or phone lines for internet do not use an ISP, so Carnivore would not catch them anyway. The point is to force them to wiretap down stream where they can get only the suspects traffic.

    The only time they should really wiretap at the network level is when they think an entire ISP is dedicated to doing something illegal, like proving an ISPc is a money laundering job and not a real ISP by showing that it has no customers.

    Actually, Carnivore may not be a bad thing for privacy in the long run. i think it's a safe bet that someone will crack it and use it for industrial espionage. This will for everyone to encrypt their email. Plus, once someone has exploited one FBI wiretap system then people will be very careful about allowing another one.
  • Apparently you have not taken an American History course to straighten out the jingoism surrounding the Revolutionary War. I am an American patriot myself, but I take exception to your exaggerated interpretation of true history.

    George did not trample the rights of the colonists by any means. First of all, the English government was the one who gave the funding and charters for the colonies, and thus was pretty much entitled to control over their colonies. I mean, the U.S. has its own colonies today, and I don't see you objecting to that.

    And as for representation, the colonists DID have representation through state governors appointed by the English government. Granted it was not fully democratic, but the governors were not overly zealous towards the English. The main issue with the Stamp Act was that the Americans would pay the tax to the British government instead of colonial bodies (although the end result was usually the same anyways). And dont forget that George had a reason for the tax: it cost lots of money to supply and deploy British troops for the Seven Year's War, in which btw Britain was protecting the colonists! We pay taxes for federal defense, and the colonies should have paid for the aid of the British army. Other similar acts like the Sugar and Navigation Acts were in place in the colonies for a long time before, and were not highly contested. And the Tea act, which led to the Boston Tea Party, actually BENEFITED the colonists by saving them a significant amount of money on tea. The intent of the British taxation was to keep colonists satisfied while allowing the British to recover debts from war.

    And need you think that all of America was in full opposition to Britain, you are forgetting that the majority of colonists at the time were either Tories or neutrals. The reason for the uproar was the small, but highly vocal and radical majority, consisting of Sam Adams, Patrick Henry, and the like (BTW read some biographies of them and you'll find theyre not exactly the selfless patriotic heroes you have been conditioned to think they were).

    If you wish to discuss the issue intelligently, make sure you know what you are talking about before blindly spouting out historical inaccuracies in an attempt to be noticed. You may call me a troll if it soothes you, but I think this post is what I call a real troll.

  • In India, where I live - a relatively free, democratic country all ISPs are expected to provide (at their expense) monitoring equipment for the government. The same goes for Cellular Telephone providers. There has not been a single peep of protest here.

    In most countries, including the UK and the rest of the EU, there is not as much concern for individual freedom as there is in the US.In Singapore, for example, when Internet access was first provided, it was through proxy servers so that the government could censor the 'net. This is still true of countries like Saudi Arabia.

    I am quite sure that the FBI will never be allowed to attempt the kind of monitoring that is probably going on right now around the world.

    If you live in the United States -- count your blessings!

  • Carnivore sucks like a Hoover.

  • can we afford to have faith in the FBI? (Score:3)

    by nels_tomlinson ( 106413 ) on Saturday August 05, 2000 @07:46AM (#878047) Homepage
    I think that we could say everything that you have said about the FBI about the KGB, and with equal plausibility. The KGB is an arm of a recognized government, why would the harm the very serfs^H^H^H^H^Hcitizens who support them?


    Government monitoring is nothing new. Hitler's Gestapo did it, Pol Pot's gangs did it, and Mao's whatever, and Stalin's GRU, and Nixon's burglers, and Clinton's FBI, and each of these organizations believed that they were doing the right thing. Sometimes, all of them were doing things we'd approve of. Usually they were not.


    Your messages may well seem trivial to the FBI. Every government uses trivial people to make examples of, to keep the rest in line. You're as good as any to persecute for some trivial act which our government has chosen to demonize. Do you smoke pot? Do you tell people we should leave pot smokers alone, even though they smell bad? Have you ever carried cash across town pay for a used cars? Harmless people who represented no threat to society have been persecuted for these activities, recently, in the US.


    Law enforcement organizations indoctrinate their (usually stupid) employees with the mindset that there are three sorts of people: cops, suspects and convicts. If they haven't found a way to frame you yet, they should try harder. The US Fish and Wildlife cops are usually NOT considered to be corrupt or politicised. A friend of mine was cook on one of their enforcement boats in the gulf of Alaska. He was shocked to find that the two topics of conversation (other than cheating on their wives) were "how we framed so-and-so" and "how we'll plant evidence on this next guy we want to get". He quit after one trip; the cops were too disgusting to live around, morally at least.

    One last point: did mail monitoring really stop the unibomber? I thought it was the fact that some newspaper published one of his diatribes, which was recognized by a brother.

    In conclusion, I believe that law enforcement is vitally important. Allowing them to work in secret only helps them to become worse than the people they are supposed to protect us from: worse in the same way that the mafia is worse than a bunch of disorganized crooks. Corrupt government is the worst possible threat to law abiding citizens, and secrecy breeds corruption, just as does power.

    Nels

  • No, it's a great name doing exactly what it should be doing. Carnivore, when operating correctly, records only emails relevant to a court ordered case. It was used (not counting cases involving large ISPs which provide the logging themselves, *cough*AOL*Cough*) in somewhere between 25 and 100 cases in just 1999.

    Omnivore, an 'earlier version' (which I'm /sure/ has gotten totally replaced!) sucked in 6 gigs of data an hour. For comparison, James Joyce's Ulysses is 1.6megs. so, 3840 copies of Ulysses an hour.

    ( http://www.msnbc.com/news/431355.asp?0nm=B16M&cp1= 1 ; Calculation (6gig*(1024meg/gig)) * (1 book/1.6meg)) )

    Hear anything about Omnivore recently?

    Right. So, the Carnivore name is perfect.

    The real question is when are they gonna product an OpenBSD/Trusted Extensions or a Linux version? I mean, it's running on Windows. I don't want to trust the FBI with the power to monitor all my email, much less every skript kiddie in the world.
  • Yes, it tweaked everyone, just like Dan Farmer naming his security tool SATAN got lots of publicity; naming either product "NetTool3" wouldn't have created any publicity, though its existence would still cause some publicity. But this let them be in your face about what they're doing, and about the fact that almost all ISPs they've asked have let them use it, except one that had technical difficulties, and that it's part of "da legitimate needs o' law enforcement". Janet Reno got to say "those crazy guys should have picked a better name" but still be in favor of rampant wiretapping.
  • Yah, in 8th grade (about 6 years ago) when I got in trouble with the Law & AOL, they had every single conversation (including emails) logged. I wouldn't be suprised if a lot of email systems already do self-snooping. I was pretty freaked out when the feds showed me about 200 pages of logs from chat rooms, email, and instant messages.

    But then again, I don't think a lot of terrorists or hackers prefer the glitter and the privacy invasion of "You've Got Mail", so Carnivore has it's place.

  • Re:They could have picked a better name... (Score:5)

    by LukeyBoy ( 63868 ) on Saturday August 05, 2000 @08:45AM (#878051) Homepage
    Or they could have named it Herbivore, saying it gets to the root of the problem.
  • But also, most large ISPs (RoadRunner, for example) also reserve the right and probably do log a lot of their text traffic. I wasn't saying at all that Carnivore isn't 'useful' for the FBI, but rather that 25-100 cases involved it in 1999, and that'll be a very low extent to the amount of email that the FBI had access to and used in cases due to the fact that carnivore isn't often installed on larger ISPs.

  • Yes it was. The Declaration of Independence was one of history's greatest trolls. If you knew anything about American History, you would know that Jefferson and company deeply exaggerated their complaints, made them exclusively against the king, and made them very vague and general in order to inflame colonists into joining them in the rebellion. Factually, it is a long way from true. By the way, you should try reading it sometimes instead of taking ignorant people's word on it.



  • So if I am to understand then the 4th Amendment reads like this -

    "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Unless we, in the course of a reasonable search of a third party, have to search your persons, papers, and effects to conduct the search of the third party because otherwise it would be to technically challenging to conduct this search legally. "

    Funny how I always forget about that last part.

  • The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    Oh that's easy. Because they're assholes.

    - Rev.

  • The problem is that if the Carnivore system was only doing what the FBI says it is doing, then there would be no reason to be so secretive about how the system works. There would be no advantage in hiding how it works if it only did what they said; it wouldn't help people circumvent the system as we already know that the only ways to circumvent it are to not use internet routers, or to encrypt your data - that we know without having to know how it works.

    So why the secrecy?

    I'm afraid I don't share your naive trust in the government.

  • Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    Government is never to be trusted a priori.

    We have a Bill of Rights in the US. This assures us that private communication between its citizens is private unless there is a reasonable grounds for the government to remove that privacy - as decided by a judge.

    Carnivore is implementation of the capaciblity to listen to ALL communications with NO capability of anyone except the FBI to know who is actually being monitored. The government has no right even to install such capabilities.

    In the case of the phone system, the FBI obtains a WARRANT, and then goes to the telephone provider. The provider facilitates the action, and ALSO SERVES TO DOUBLECHECK THE WARRANT IS THE ONLY PRIVATE COMMUNICATION REVEALED TO THE FBI. With Carnivore there is no such check. There is really no way for anyone to know how much or how little sniffing those Carnivore boxes are doing.

    That is the essence of the problem. No one would deny the FBI the right to execute a warrant to sniff email from a particular party. But there is no check on their action as executed through Carnivore. And that is intolerable.

  • To summarize what other people have responded to this: Cops (in the loosest sense of the term) are just normal people. However, many normal people are scumbags. Therefore, many cops are scumbags. Not all, and not because they are cops, but just because they are. Giving his kind of surveillance capabilities to *any* scumbags is, IMHO, a Bad Thing.
  • It's clear if you had read the paper refered to in the header that it is Tom Perrine's suggestion to modify how Carnivore is installed and maintained so that at least the ISP knows what the data Carnivore is gathering and if it is in accord to a legally obtained wiretap court order.

    I'm not sure what paper or header you're referring to (I saw no reference to a paper in the testimony); and Mr. Perrine didn't suggest that directly. But your idea is a very good one, and it follows directly from his concerns over the potential misuses of Carnivore and the differences between it and traditional telephone wiretaps.

    Personally I would be much less concerned about potential abuse of Carnivore if they made two basic changes:
    • Remove all remote access capability; and
    • Implement some kind of dual-login requirement so both an ISP employee and an FBI agent would have to be physically present to initiate monitoring.

    There are so few wiretaps actually performed that any arguments the FBI makes about "convenience" are total hogwash. It should require significant effort to monitor; Mr. Perrine makes an excellent argument for that in his testimony.

  • Something like this had crossed my mind... Why would the box be hooked into the ISP's network? Wouldn't tapping the connection between the user and the ISP be much more efficient and legal? After all, then you ONLY have traffic going to or from the user, so you don't have to worry about filtering at all. And I'm sure that for pretty much any means of connecting to the internet, there's a way to monitor it by tapping the line between it and whats on the other end. Right?


    -RickHunter
  • Forcing a private business to become an arm of law enforcement is just plain wrong. That's the really nasty part of this. No different than cops using your living room to spy on a neighbor.

    This is a large part of the original intent of the T hird Amendment [cornell.edu] to the U. S. Constitution.
    /.

  • I would guess that they needed some fairly decent hardware in order to process the packets. A Mac (especially an older one) or an older PC won't be able to keep up and analyze the packets to see if they fit the criteria and will start missing packets. A Mac or low end PC might be able to keep up with a 10BaseT network, but would probably start to lose packets as the network speed increased to 100BaseT, Gigabit, ATM, etc.


    Just my .02
  • Lets say that the FBI only uses Carnivore in a reasonable, legal way. But who else could use it?

    I don't like this part:
    "...did have the capability to be monitored itself from a remote site via telephone...would also allow a remote user to change the filtering criteria...capable of transmitting some gathered data via the telephone connection."

    How difficult would it be to find the dial-up number as the ISP? And then to crack the login?

    The fact that it runs on a Windows box isn't reassuring either.
  • The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country.
    At first I thought you had to be trolling, but I'll assume you're serious.

    Let's get it straight - federal law enforcement is, by and large, Concentrated Evil. Does the word COINTELPRO mean anything to you? We're talking about an organization that tried to blackmail Martin Luther King with information about his sex life. We're talking about an organization that lied again and again and again about the assults at Waco and Ruby Ridge.

    Very few federal LEO activities have anything to do with protecting the rights of citizens; mostly, they deal with the organized crime spawned by unconstitutional drug laws and with investigating and intimidating leaders of dissident political groups.

    Why would they go out of their way to harm the very citizens who keep them running?
    Power corrupts. Or, maybe as David Brin put it, power attracts the corruptible. We've seen it repeatedly in local police forces in New York and Los Angeles over the past few years.

    The rule these days is simple: never trust anyone with a badge. They can make a lot of trouble for you, they can do very little to help you when you're in trouble (it's rare that anyone has a cop standing by when they're mugged, isn't it?), they have no legal obligation to help you, and there's little evidence that they have any interest in doing so. Spend some time browsing the CopCrimes web site [copcrimes.com], it'll open your mind.

    (I gave up any last shred of hope in police "protection" last year when my housemate was being stalked by a psycho. The cops' best advice? "Well, you could change your phone number." Despite explicit death threats left of her voice mail, it took weeks for the cops to take action. I think I'm much better off relying on .357 instead of 911 for my personal safety.)

  • Clever. I've never seen anyone try to paint Bill Clinton as a nazi/commie bastard before through the use of (dare i say) FUD. Just for the record, I think the FBI has been around a little longer than Bill Clinton. Maybe. Possibly.
  • Oh, I know how simple looking at packets is. I was actually more concerned about the Windows graphical configuration -- and if they're using Windows for data collection, they're probably also using it for the analysis (but nobody has mentioned those tools -- "Carnivore" is only the data collector, not the analyzer).
  • <speculation>
    1. Omnivore was EtherPeek from Ag Group [aggroup.com]
    2. Carnivore is SilentRunner from Raytheon [raytheon.com]
    </speculation>

    Do we really think that the FBI Lab is capable of developing something like this on their own? (after they hid the fact that total credit for id'ing MafiaBoy should go to outside consultants)?

    Silentrunner has a matching feature-set.

    And Tom Perrine says source code will be a snapshot in time.. ahem, how about reconstructing ALL the capabilities from the code; then we know what is the worst it can do. Is the man an idiot or just trying to get a promotion?

  • Umm.
    The point is, they get an order to get JOHN SMITH's email. They then configure carnivore and set it up in such a way that they are reasonably confident that THAT IS WHO'S EMAIL THEY ARE RECORDING, and NOBODY ELSES.

    Carnivore is not, and never was, intended to be a 'bad guy sniffer outter' for the internet.. all it is is a bloody piece of software/workstation taht is used when a court gets an order to snoop on email.

    How is this not like a 'traditional' wiretap? It's a network man, you *have* to packet sniff. YOu sniff using the easiest method available.. a wiretap traditionally tapped the users phone line because that was easiest. If the dude says that Mr. Joe's email at location X is to be sniffed, then they bring in carnivore...

    They aren't talking about deploying it by default at every ISP in America, are they?
  • And you're a fucking coward.

    "Record'em all, that part just takes money. Now wait for criminals, then check what you had on them, find patterns, refine the search algorithm."

    Okay, Mr. Brilliant: let's see you show me even a simple 2-level Van Wijigarden(sp) or phase-structure grammar that could do even 1/1000th of what you just said. You do that, and I'll reply and admit in bold italics that I'm a fucking idiot. Otherwise, you admit that you're the moron.

    (We'll leave out that phase-structure grammars have no known method of being parsed, and just go with the fact that it's the most powerful grammar, equal to a Van Wijjigarden grammar.)

    You're also the kind of person who also goes around saying things like "The NSA and the CIA and the FBI together have many billions of dollars. You think they can't crack triple-DES? You've gotta be kidding!!! I mean, I have no idea what the fuck I'm talking about, but I'm sure that the government is smart enough that they do!!! Really! Because they have a few billion dollars, a lotta Crays, and some MIT grads, they can solve problems that the entire civilian population can't! Really!!!"

    The rest of your argument is, uh, too stupid for me to waste my time with. The above does fine.

    Have a nice day!

  • Here in Australia I've heard that government legislation forces any telecommunications carrier to be able to give access to law enforcement when requested. They also have an obligation to be able to decrypt any information which they have encrypted for their clients (e.g. GSM digital mobile calls). This is one of the reason new technologies take so long to get rolled out here, they have to have it approved by AUSTEL that the police have access. Luckily I don't think this applies to ISP's, only the telcos.
  • For example. You email Joe Blow regarding a post you saw on a forum about gardening. Little did you know that Joe Blow had earlier emailed someone else, whose email he got off a forsale newsgroup advertising hydroponics. Turns out the guy selling the hydroponics was suspected of selling drugs, because his hydro bill was high enough to set off a flag. Now Joe Blow is just a gardener, but he was dealing with a drug dealer, and now YOU are dealing with someone who has delt with a drug dealer. You automatically have a "relationship" with a drug dealer based on an indirect contact.

    Hmm, lets see here, 6 degrees around the world, how many drug dealers and other undesirables do you suppose we are all linked to in just a couple steps?

  • For those of you who didn't read Tom Perrine's statement to the subcomittee... the best quote was from Dr. Steve Bellovin of AT&T...

    (sic) protect us from a govt technology that can "scale up to oppression"

    In the context of what the good Dr. was talking about. The real problem with Carnivore is that it is trivial to scale this thing up to spy on anybody for any reason. With traditional wire-taping, its relatively difficult for the FBI to do (they need to send out a tech, attach wires, etc.) But for Carnivore, they can change the search parameters remotely.

    The point is, that it should be made expensive for the FBI to run a query on someone via Carnivore. This would help ensure that they weren't using it wholesale against anyone and everyone that they had 'reasonable suspicion' about.

  • I spoke with Mudge at BlackHat/DEFCON this last week, and the subject of Carnivore came up (I actually watched Messrs Perrine, Blaze, et al on CSPAN2 - do I get some kind of uber-geek award?) Anyway, Mudge's response, and I quote, was "I've got a copy of Carnivore, and it's pretty lightweight." I'm reassured by Mudge's comment and by the fact that the Representatives' questions, especially Messrs Watt and Nadler, were germane to the testimony. I'd say freedom's safe for the time being, but let's not get complacent, either!
  • Please read my web page on Why You Should Use Encryption [goingware.com].

    Tip: the Digital Telephony Act has been around for years mandating built-in wiretaps in phone switches, but Speak Freely [speakfreely.org] is free, includes source, and provides your choice of strong encryption methods.

    Tilting at Windmills for a Better Tomorrow

  • I figure that, if I did make it into the Carnivore logs, then they'd get pretty bored monitoring my traffic. Unless they have something against searches and links to paganism, ghosts, and slashdot. ;)

    I do notice that the worry seems not to be on Carnivore itself but concern over appropriate usage. If that's the case, here's a proposal:

    Require Carnivore to be installed on all ISPs, as well as on the FBI's external sites (the ones they'd use for Carnivore, not the FBI itself ;)). When they do decide to log something, then it'd require configuration on the FBI side and the ISP side. If anything suspicious is found, run a diff to verify that it appears on both sides. Therefore, "accidentally" misinterpreting an IP would be less likely. I mean, what if xxx.xxx.xxx.88 is the guilty party but someone decides it's actually .86?

    Seeing as this thread is already getting old, I doubt this will get read, but at least it makes me feel better. ;)

  • Re: 07-24-00 Committee on the Judiciary - Perrine Statement

    Based on what I have read so far about Carnivore, ISP's will be forced to put a Windows box in front of their router. I'm not sure whether I feel better or worse about Carnivore knowing that, sitting right in front of any given ISP's router, will be a computer running a commercial OS that is vulnerable to intrusion, clearly unsuitable for any mission-critical work, and will probably need to be rebooted frequently.

    So... (for security reasons, of course) the ISP is not going to be able to participate in the administration of a piece of hardware that is placed at the nerve center of their service. When there is an outage "because of the government", is the ISP going to just have to eat the expense of getting things working again, and losing their customers?

    I wonder who is going to babysit the machine when it pukes from being the front door to the internet access for a large ISP.

    I would feel better about Carnivore if the ISP could verify what was on the box, were paid to administer and monitor the access to it (i.e. double login by agent/ISP and no remote administration permitted as suggested earlier), and if a more secure, stable OS were used.

    OTOH, it's pretty amusing to think that FBI Special Agents would need the ERF to let 'em know when the removable media is full. That's kind of basic, yes/no? Maybe we should encourage them to use "the AOL" also. That'll fix 'em.

  • Interesting observations and good points.

    Somebody mod this up!

  • "I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?"

    HA! Now that is funny. This is the organization that kept files on every major hollywood and artistic figure (lesse, Beatles, Elvis, Marilyn Monroe, etc.), because they were all commies. Just ask them for the Dorothey Kilgallen files, and why she all of a sudden was found dead, supposedly a "suicide", right before she was about to break her story...all her files magically missing.

    Remember, keep a VERY healthy skepticism of these been faceless organizations.
  • Governments around the world have always found new ways to keep tabs on the public, and our electronic age has made their job much easier. Carnivore is bound to be misused to gather information, to think any differently would be we to admit we live in fairyland. The potential for misuse is astronomical. Do the FBI really think that they will find many genuine emails detailing plans to blow up the Pentagon, rob banks, commit murder etc? It would be interesting to see what happened if every member at slashdot started a chain letter containing a number of keywords to set Carnivore sniffing away. Most Laws and restrictions usually only hurt the honest man - criminals will always find ways around them (usually harming the innocent to arrive at their goal). Isn't it about time that the email protocol was revamped and the security holes sewn up? A protocol that is decades old is surely not suitable for the way we do business today.

  • Encrypting the sendmail connection only protects one link in the chain.

    What if your external SMTP server gets it encrypted, but has to shuttle it over to the abominable Exchange server in plain text? That can get sniffed. If you use IMAP or POP without SSL/TLS, they can sniff that instead. It will be in plain text as it is downloaded to your mail client. Some software (notably Eudora) have no SSL support, which makes these folks particularly vulnerable.

    If e-mail travels over the wire encrypted, but is stored in plain text in your mailbox, it's not safe. They can get a subpeona for your mailbox just as easily as they can get the wiretap order. Wrapping all the e-mail related connections is the only way to completely prevent Carnivore-style sniffing. Even if you do that they could get the the ISP to hand over the contents of your mailbox, and you'd never know.

    Antivore [antivore.org] uses SSL/TLS on all connections that send your e-mail unencrypted. It also keeps your encrypted email encrypted in your mailbox. Even if they subpoena your mailbox, they can't decrypt it without your passphrase for your private key. It also tries to (but, of course, cannot actually) prevent you from storing all your email unencrypted anywhere. There's even a (coming soon) interface through the Web Horde's IMP [horde.org] web mail interface.

    Antivore [antivore.org] is not the 100% perfect solution, but it gets encryption into the hands of the average person easily and painlessly. We use it here, and have no fears about our ISP, even if the did install Carnivore

    .
  • Err, I can't see how a Windows PC with a 100Mb Ethernet card is going to keep up with a OC12 or OC48 backbone data stream as is prevelant in large ISP backbones.

  • There is no job security like security.

    Once you have eradicated all the real threats, create some more and eradicate them also. It's not important that they be real threats. Funding is what is really important.

    Would the drug war have lasted this long were it not so lucrative for law enforcement?

  • Actually any one who is a registered Telecommunication carrier must open their networks (voice and data) to the police on demand. You'll find that all first tier and most 2nd tier ISP's ARE official telecommunication providers. On the flip side, I've yet to see a proposal out of any of the law enforcement angencies on exactly how they want (to do/have provided) the wiretap on data.

  • Nice advertisement, Paco. Were you planning mentioning that you like it so much you work for the company? :-)

    (Yes, I could tell fairly readily, but then again, I know most of the people who work there. You may want to be a little more up front when doing advertising.)

    SeanMike

  • I think it is a good name. They named it carnivore because it just looks at the target information -- or meat -- instead of looking at everything.

    I think it's just that we're all worried about what or who that meat is. Are they really just looking at criminals, or are they focusing it back at law abiding people. Will Carnivore end up being a cannibal?

  • "I'm not a criminal so I have nothing to worry about," seems awfully popular when discussing law enforcement monitoring. Just remember this. Laws change. Governments change. Agencies change. Even if you trust the FBI, the Congress, and the President today, are you confident that no U.S. government agency will become corrupt or abuse its power in the future.
  • <parody>
    > like a fox watching the hen house.

    You know, I get tired of people blindly believing what they are told about foxes. Foxes are one of the most
    trustworthy creatures in the animal kingdom!
    <parody>

    Hey, guy, I was making the statement that the government can't be trusted to monitor its self.

    We could spend years citing period references, trying to figure out who's right.

    But that's not the point. I was alluding to the popular conception of American history. Whether or not it is
    accurate is completely irrelevant to the discussion.

    So, take your history fetish elsewhere, okay?

    -Peter
  • even though your message text is encrypted, the FBI can still read the headers, and find out who is contacting who

    Which is what anonymizer services are great at hiding. Yes, just using PGP won't render Carnivore useless, but there are ways around it.


    ---
    Zardoz has spoken!
  • I do count my blessings.

    Every time something like this pops up and the government or big business or whoever decides that they have the right to trample my rights, I'm thankful that I still have the right to stand up on my soapbox and shout for all the world to hear, "DON'T YOU DARE TREAD ON ME!" That's one of the ten basic freedoms this country (yeah, I'm in the US) was founded on, and I'm thankful that I can use it now that yet another one of those freedoms is again in jeopardy.

    For what it's worth, I'm in favor of those same basic freedoms in other countries, too. It's a small rock we're all stuck on, after all.
  • Reminds me of when I had to deal with the fact that the FBI was monitoring groups I am in constant contact with.

    PRO-LIFERS AS 'TERRORISTS'? [nypost.com]

    List of progressive and revolutionary NON-VIOLENT pro-lifers [mindspring.com]
  • Ever hear of VAAPCON (for Violence Against Abortion Providers Conspiracy? Well this is Janet Reno's little demon child that subverted the rights to privacy of some very dear friends of mine Feminists for Life [feministsforlife.com], Atheist and Agnostic Pro-Life League [godlessprolifers.org], and many other pro-life groups that I am not in contact with because they are anti-homesexual/anti-birth control.
  • Well... i can see someone forgot to take his/her anti-anal retentive pill today.

    Well.. just to fill up the government is a lot more powerful then you think...
    When you're sitting at home on your 'puter wondering what type of trouble you can get into.
    There watching thousands of people simultaneosly. THEY are already listening to you.

    So... next time you go off and blow up.. think a little next time.
    And hey... have a little respect for the other slashdoter's.

    Thanks
    --------------------------------------------------
    Just Anonther Person Who Know's Whats Going on in This Side of the World.. But Doesn't Give A Shit.
  • Hey, I will wait to see what the university review of the system says. I'm not going to let some CS BS artist that wants to apologize for the FBI's snooper machine sway me one bit. What if the FBI had a machine that could swift through all the snail mail to check for contents that could be illegal. Therefore every person in the United States would have their mail scanned for illegal content just to find a few criminals they have warrants on. The Los Angeles County police agencies had a similar type of operation that targeted drug dealers using pay phones. The problem is that thousands of innocent people had their private conversations taped by the police. This email snoop has the potential to be abused and that is the fundamental problem with it's use. The real solution is for the FBI to obtain a warrant and then have the ISP forward a copy of every email sent to the user. To give the FBI the ability to scan every email header is a infringement of the Fourth amendment against unreasonable search and seizure and the right to be secure in our homes and papers.

Slashdot Top Deals

FORTRAN is not a flower but a weed -- it is hardy, occasionally blooms, and grows in every computer. -- A.J. Perlis

Close