Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Privacy Your Rights Online

First Look Inside Carnivore 86

Posted by jamie from the how-do-YOU-read-Amendment-IV dept.
EPIC requested almost 600 pages of data on the FBI's Carnivore through the Freedom Of Information Act. Yesterday, about 200 were "redacted in full" (withheld) and the rest were sent with varying amounts of black marks. EPIC is scanning them and putting them online as quick as it can; SecurityFocus has an interesting overview. It turns out the supposed email scanning tool also stories copies of webpages you read, and, at least in an earlier version, looked into tracking voice-over-IP.

Just for reference:

Amendment IV

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
This discussion has been archived. No new comments can be posted.

First Look Inside Carnivore More

First Look Inside Carnivore

Comments Filter:
  • The slashdot headlines have been known to be terrable misleading at times, especially recently. I wouldn't take anything in the headline and brief as fact until I actually read the articles pointed to. Second, just because the predicessor did something doesn't mean the current one will too. How exactly did they lie? 3rd, Carnivore isn't entirely evil, thinking that is just as bad as the MPAA thinking that napster is inherantly evil. Carnivore can be used to good, law abiding things, jsut like napster. Many people here on slashdot repeatedly say that napster isn't about piracy, it's about getting music that SHOULD be free. Carnivore is about catching the bad guys.
  • They can try to monitor all they like, there are still ways around it.

    While the cat and mouse game can go on and on and people who want to go through all the effort of encrypting or otherwise evade any monitoring techniques can perpetuate it, that's not the real issue, IMHO.

    One of the real issues is the everyday netizen who doesn't believe that they have any reason to need to be at all afraid of undue monitoring. This is a basic matter of privacy and fundamental freedoms.

    What scares me is that the only people who will go through all the hoops to have some modicum of privacy are a) the ones with less than good intentions b) the paranoid c)the out-and-out criminals d) the computer elite who stay on top of the latest technical concerns with such matters and are able to be at least somewhat sure that they're privacy isn't being violated.

    Anyone else is thus, all of the sudden exposed to a potential threat of monitoring, suspicion (due or undue) and danger that hasn't been seen in the USA, even during the time of Hoover or McCarthy. Frankly this scares the shit out of me, and I think it should scare everyone else as well. While I do very little in my life that I would have a problem if anyone else knew, it scares me that when enough power and enough suspicion are brought together, even the innocent and well intending can be "proven" guilty.

  • So far as I am aware, you will only be tracked if you are suspect to criminal activities, in much the same way as more traditional wiretaps.

    Unfortunately, the analogy to the phone/wire tap breaks down in one crucial way; the carnivore system is analogous to the government having a permanently setup tap on your phone and all they have to do to listen to you is take their earplugs out. In a wiretap case, they cannot, and are not allowed access to the phone system without a warrant. In the carnivore case, they've already been given access and there is only a promise that they won't abuse it.

    That's a HUGE difference and if it doesn't scare you that the very organizations that are supposed to enforce the law don't themselves obey it, then I cannot and will not be able to convince you that the threat posed by carnivore to *everyone* is very real. And for that, I am truly sorry.

  • Re:Tough to balance (Score:4)

    by Absimiliard ( 59853 ) on Thursday October 05, 2000 @09:56AM (#729769)
    Balancing constitutional rights with what "law enforcement" wants is not always easy.

    Seems quite easy to me. If you want to live in a free country you say "screw you" to law enforcement and enforce the Constitution. If you want to live in a totalitarian state you say "screw you" to the Constitution and help law enforcement.

    Personally I'm quite willing to let some drug-dealers walk, know some kids have been abused, and watch the Oklahoma bombing all over again if the alternative is to start giving up our Constitution. Freedom must be paid for in blood. You can't change that.

    I certainly wouldn't. And I'm just as willing to die by a terrorists actions as I was to die in the US Navy at the hands of a foreign aggressor. In fact I see no real difference between dying one way or the other, either death is in service to our Constitution.

    Absimiliard

  • Re:Tough to balance (Score:3)

    by Erore ( 8382 ) on Thursday October 05, 2000 @09:58AM (#729770)
    I can respond to this, since I just sat in on a class at which the two guest speakers(FBI guys with the suits to prove it), who are very high up in the FBI Carnivore and Encryption programs, spoke about this very topic.

    1) Criminals are dumb. One speaker relayed conversations he heard through wire taps in which one caller told another caller to keep his voice down the Feds might be listening.

    2) The FBI wants all commercial encryption software to use recoverable means. Not by some secret backdoor that only the government posseses, but one that a dis-interested third party can use when the Feds have obtained the necessary court order to do so.

    3) Your question will then be, why should criminals use software with built in recoverable means. See #1. Criminals are stupid and will use methods that are easily available to them.

    4) The NSA will not get involved in Carnivore. The purpose of the FBI is to collect evidence that can be used in a court of law. If the NSA is involved, then they will be forced to reveal that they had the ability to crack this encryption or that bit strength. Doing so relates back your very own statement that you want to keep your methods a secret. If the NSA is known to have an ability, then the people they spy on will change their methods. That is because the NSA actually has to deal with Intelligence (gent) operations, not stupid criminals.

    5) The FBI only performed some 350 wiretaps last year. Combined nationwide with local authorities, state, and Federal, only some 1320 were done. To date, only 25 Carnivore installs have been done. That is going back 2 years nearly. The majority of wiretaps are for Drug cases, and the majority do not amount to any evidence that can be used for a conviction. I could not get clear information on how useful the 25 Carnivore installs have been.

    6) Carnivore runs on Windows NT. They have a team of engineers whose sole purpose is to worry about the security. I think they spend the day looking at microsoft.com and hoping they have downloaded all patches. ;-)I saw version 1.3.4 I believe, and 2.0 is being worked on. The speaker stated that when they come to install Carnivore, the ISP is given the option of using software they provide and trust in place of Carnivore if such software can meet the demands of the court order. Most ISPs will not want to do this because they will then be reponsible for testifying in court about the evidence collection methods.

    7) I asked specifically about the use of Open Source programs in relation to # 6. The speaker waffled and did not seem to like the idea of Open Source for fear that known methods will lead to criminals using methods for evasion. Which does not seem to tie in at all with the dumb criminal theory the other speaker insisted upon. Instead, they would like to see a Commercial vendor make a product they could use, and that the methods of collection (how to track a dynamic IP assignment)

    8) Criminals aren't all that stupid all the time. The biggest and the baddest will be quite smart and will use smart methods. Since these are some of the ones we want to catch the most badly, they will not use recoverable encryption either on the telephone or over the Net and Carnivore and wiretaps will do no good in the investigation.

    9) I forgot what I was talking about.

  • Alright, that's it, I'm moving to Mars ASAP. Now if only the Mars Society had the $3000000000-$10000000000 it would take to fund four or so missions. At least Mars is 30000000 to 240000000 miles from Totalitaria^H^H^H^H^H^H^H^H^H^Herran, so we could have some vestiges of freedom, although the 5-20 minute delay on internet access would be a bitch, especially if antisniffer boxen were put in.

    I would say the Moon, but that's too easily controlled. Mars has many more elements in easily manipulatable and accessible forms that would be necessary for self-sufficiency of a permanent settlement.

    Any other future Martians here?

  • crystal dragon wrote:

    "In any case, I think you would have to naive to believe that it is only US nationals that are being spied on. It would also be naive to think that is the case in my country or any other technology-enabled country. Many governments watch their citizens whether they admit to it or not.

    I am not so naive as to think that ;). My concern was whether or not the FBI was overstepping its mandated powers in this regard. As I understand it, only certain agencies of the U.S. government have been granted the power to investigate foreign activities (this is not to say that said foreign powers allow this, only that the U.S. government has said, "This is what you do."), just as only certain other agencies have the right to investigate domestic activities. Even if you take a dim view of the ethics of the U.S. government as a whole, you'll have to admit that stepping outside one's established bailiwick is something even they don't like. (cf. attempts by those other than the Secret Service to investigate large scale counterfeiting, and the response of said agency).

    The minute the government starts letting agencies define the appropriate kinds of actions in which to engage, is the minute that the government loses even its minimal ability to prevent abuses against its own people. I don't know about you, but the only thing I worry about more than a big bully in the sandbox (the U.S. government) is a gang of little bullies (unchecked agencies fighting amongst themselves when they aren't united at crushing some external threat). However badly they start treating U.S. citizens, you can bet diamonds to doughnuts that their treatment of non-U.S. citizens (*cough*me*cough*) will be that much worse.

    -TBHiX-

  • Didn't Pat Buccannan say he would get rid of the FBI if he's elected?

    I don't know about Pat, but I bet Harry Browne [harrybrowne2000.com] of the Libertarian Party [lp.org] is willing to remove any federal agency.

  • crystal dragon wrote:

    "I would certainly agree that overstepping their mandate is a serious offense to the people. I know that when the RCMP have done so, that the people of Canada become very concerned."

    If you want to see a real hullabaloo, check out what happened a few years ago when CSIS (basically the Canadian spy agency) had undercover agents planted in certain active hate groups. Not a pretty story, as I recall.

    -TBHiX

  • Very interesting response. I hadn't thought about somthing working at the data link layer. That would indeed be very difficult to detect.

    You are dead on target about the chain of custody issue... in order for evidience to be admissable, LE/prosecutor has to be able to account for it's whereabouts & integrity for ever second from the time it is collected until after the trial (and even then they have to retain it basically forever, at least for some times of crimes)

    This is all speculation until we get an unbiased, nonpartisan analysis of the beastie. This kind of crap is why EVERY single frickin' packet that goes out over the wire needs to be encrypted.

  • Does anyone else besides me see a conflict-of-interest in letting government agencies decide what they want to declassify?

  • Re:Why worry? (Score:3)

    by GigsVT ( 208848 ) on Thursday October 05, 2000 @10:14AM (#729777) Journal
    Simple find and replace, carnivore with "home surveillance" whereby the FBI puts cameras in every room in your house.

    I honestly to not understand the large amount of panic over the home surveillance system. So far as I am aware, you will only be tracked if you are suspect to criminal activities, in much the same way as more traditional wire taps. If you are genuinely worried about what impact home surveillance will have on you, then maybe it is time YOU SHOULD STOP DOING WHATEVER ILLEGAL OR QUASI-ILLEGAL ACTIVITES you are currently engaged. If aren't engaged in said activities then why on Earth are you worring??? "All power to the Soviets"

    Big Brother is Watching.
    -

  • First we must remember just how incompetent the FBI is. With everything they had on Lee at Los Alamos they couldn't do jackshit. The trial of OJ Simpson shows how weak law enforcement is with presenting evidence. Therefore I say that they surely don't need MORE evidence when in most cases having as much as they do they just plea down the defendant or blow the case totally. I have absolutley no faith in a law enforcement juggernaut run by the current administration. The FBI are nothing but the Clintons lackeys? Heres a question. If this rascal gets implanted what will the net citizenry do? What action would they take if any? Why does this all sound like a Gibson novel?
  • The rest of that line could be "via encrypted modem dedicated connection", or something similar.

    That would let them use a transparent tap network card.
  • Amendment III

    No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.

    Is it too much of a stretch to get a carnivore box defined to be an electronic soldier? After all, the new documents show that it carries out a very broad intelligence gathering function.

  • What the hell is so secret we can't even see what it's called? We could tell you, but then we'd have to kill you.
  • True, and that was a HUGE abuse of FBI powers, but IIRC that was under J. Edgar's term. He had all sorts of hidden agendas. C'mon this is a guy that tapped Frank Sinatra for little mob nuggets.

    If you are somewhat an optimist, you might believe that Director Freeh might not have alot of hidden agendas. The story goes that Edgar kept tabs on everyone to keep himself in power. That really isn't a problem now, since the Director's position is now more dynamic. But hey, this would be IF you are an optimist.

  • I doubt your agreement with the ISP has anything to do with wether or not your carnivore can be hooked up, becasue it's not your ISP tapping you, its the FBI.

  • Re:No Worries! (Score:3)

    by prak ( 48563 ) on Thursday October 05, 2000 @07:05AM (#729784) Homepage

    In the specifications for Carnivore 1.2 one of the features listed is:
    "Remote control of system from another location [Rest of line blacked out]" from http://www.epic.org/privacy /ca rnivore/evolution.html [epic.org]

    Now they could be talking about the user's system, which is really scary, but I read it to be talking about the Carnivore box. Which would seem to suggest a port or two being left open.

    -prak

  • I honestly to not understand the large amount of panic over the Carnivore system. So far as I am aware, you will only be tracked if you are suspect to criminal activities, in much the same way as more traditional wire taps.
    If you are genuinely worried about what impact Carnivore will have on you, then maybe it is time YOU SHOULD STOP DOING WHATEVER ILLEGAL OR QUASI-ILLEGAL ACTIVITES you are currently engaged. If aren't engaged in said activities then why on Earth are you worring???

  • It's called encryption. I can't wait until enryption (no back doors, please) becomes as ubiquitous as a paper envelopes. Let 'em scan THAT.

  • Did anyone else try to guess what words were maked out?

    The (noun) system is capable of (verb) (adjective) (plural noun), while remaining (adjective) and (adjective), provided that the (adjective) (plural nouns) are (state of being). It is important to note that (phrase).

    If only I could see the documents EPIC has, so I could pull a Mad Libbish phrase out of the Real Thing... Can't seem to get anything from the server they're on. Slashdot Effect? :)


    ---
    Hold the mold, Klunk.
  • Having been involved (on the 'good' side) in a few cases involving electronic communication, I must say that this box goes too far, and is entirely unnecessary in enforcing the laws of this country.


    Given my background, my initial reaction to the box was 'Cool, that'd make it so much easier to catch "Mr. X"' (Mr. X was/is a sick sick sick child molester that I was helping 'da man track down evidence against). But the more I think about it, the less I like this.


    There are already plenty of ways to acquire evidence of electronic communications that fall unquestionably inside the bounds of the Constitution. I totally understand what the FBI is thinking here, but sometimes you get so involved in something that you can't see the forest for the trees. It's tough to spend your life catching heinous criminals and _not_ get an 'end justifies the means' attitude when it comes to these things. That's a dangerous path to tread though, which is why I thank God for the checks and balances that exist inour government.


    Keep fighting the fight, and have faith - this box _will_ go away if we do our part.

  • No, your assumption is incorrect.

    Carnivore runs on FBI-supplied hardware, not on the ISP's mail server directly.

    The Carnivore box works like any packet sniffer, it needs to be on a hub or switch's span port to receive a copy of all traffic destined for the ISP's mail server.

    If the FBI had decided to use Linux as the underlying OS, would you still be as joyful?

  • You see, the probable cause is where they've got us. They know that we're all doing naughty things all the time. But, at least we can take comfort in the fact that they are also doing naughty things so we can search them back. We just have to figure out who they are.
  • Gee, thanks for explaining, stubob. I guess I really didn't understand the "Top Secret" clearance I used to hold.

    Silly me.

  • Identify Carnivore remotely? No. (Score:3)

    by Nonesuch ( 90847 ) on Thursday October 05, 2000 @07:26AM (#729792) Homepage Journal
    I seriously doubt that the Carnivore host is going to be assigned any IP address on the ISP's network.

    It's doubtful that the network card will be physically capable of responding to any packets, so antisniff, nmap, Satan, etc will not do you any good.

    One such product I have worked with is the Shomiti Century Tap [shomiti.com], a 10/100Mps Full duplex transparent network tap. Undetectable without either a TDR or physically tracing the wires.

    This also means that unless you have physical access to the machine (e.g. you work for an ISP at which the FBI has placed a Carnivore box), there is little possibility of running any exploits against weaknesses in the underlying OS.

    From the articles I have read, the Carnivore dumps the collected evidence to tape, the FBI can then send an agent to retrieve the tape from the ISP. This makes sense from a 'chain of custody' standpoint, it's easier to explain to a judge how the FBI is sure the evidence has not been tampered with than if it was uploaded electronically to www.fbi.gov.

  • Here's a nice paper by Matt Blaze & Steve Bellovin at AT&T/Bell Labs -

    http://www.crypto.com/papers/carnivore-risks.htm l

    Enjoy. Eat your veggies!...

  • Could measuring network latency reveal the presence of Carnivore? I know some work is being done to find firewalls this way.
  • They took great care in reminding us of improperly classifying things that should have been unclassified when I got my Secret clearance ages ago. It's apparently done often enough that they stress it as much as not classifying things that should be labeled Confidential, Secret, Top Secret, etc. I find it amazing and highly disappointing to see this all classified- the things that weren't redacted were disturbing enough as it is. This isn't a mere e-mail sniffer like it's been implied. This is an uber wiretap for the Internet.
  • It seems, as Americans, we have a fork in the path. The American Government has taken our rights, stomped on them, and expect us not to care !? It was the intention of those who created the American Government to add a scheme in which, in the case of the Government becoming corrupt, that it's citizens may abolish it and rebuild a new government. THE AMERICAN GOVERNMENT HAS SECURED IT'S TOTALITARIAN CONTROL OVER THE AMERICAN PEOPLE BY HAVING THE NSA,FBI, AND CIA STRIKE FEAR INTO IT'S CITIZENS AND CONTROL THEM LIKE SHEEP. Carnivore is just another one of it's tools to take away our freedom! People who say that digital information is not protected in the constitution are full of shit. Information is information, whether stored in atomic, genetic, or electronic form! Shit, for all we (we being non-government people) know, the US Government could have generated those released documents themselves and blanked out some shit to make us think they are hiding something, just to lead us away from what they are really hiding, THE FACT THAT THEY WANT TO CONTROL US, TOTALLY AND COMPLETELY! Pretty fucking soon, we won't be allowed to think for ourselves anymore! I propose we work beyond the government by creating a protocal of information transfer that builds on top of common protocols of today. For all we know the government may have already implemented complex quantum computers that can break public key encryption like expensive china! We must be able to have freedom of thought, freedom of action, and freedom of word, if we are to be free!
  • The fact that I live here gives me much information on what they do, at least as reported by the major news networks. If only they would stop losing briefcases full of top secret documents .

  • Too bad they didn't just use PDFs with extra markup added to overwrite the secret parts, eh?


    ---

  • What steps are being taken to insure that the FBI is unable to use Carnivore's information to destroy the career of someone

    Steps like this [slashdot.org] and this [slashdot.org], perhaps?


    ---

  • Remember that many computers these days come with microphones and cameras, which will become even more ubiquitous in the future. Most people absent-mindedly leave the microphone and camera connected when they're not using them, so if the FBI wanted to, they could use Carnivore (see the documents about remote control of a system) to covertly install software to take pictures and sound recordings and silently transmit the data to them - as compressed sound or still pictures for low bandwidth connections, or streaming video for high bandwidth connections. This becomes more feasible now that persistent high-speed net connections are available and affordable to more people.

    Your computer may be transmitting everything you say and do to the three-letter-agencies, and most people won't even notice. Welcome to 1984 ladies and gentlemen.

  • I wonder if it would be possible to remove the redactions from the documents? Obviously this is probably only semi-legal, but it would be in the public interest to at least attempt it.

    Does anyone know of methods for distinguishing between various inks/toners placed on a page?
  • our computer may be transmitting everything you say and do to the three-letter-agencies, and most people won't even notice. Welcome to 1984 ladies and gentlemen.

    You know, I always use the "video cameras in your house" argument against this stuff.... but I always use it as a logical exaggeration to get people to think about this stuff. I never thought that I would hit the point so soon where I am not exaggerating anymore.
    -

  • Does anyone know of methods for distinguishing between various inks/toners placed on a page?

    I would start with looking at the reflected spectrum of various wavelengths (infrared..ultraviolet) from the back of the paper. Any wavelength that makes the two toners reflect differently will do for reading. The problem is resolution... just telling the toners apart is easier than getting an exact picture. Maybe a laser could scan it, and reflectivity would be sent to a computer for image reconstruction.

    -- LoonXTall

  • This certainly looks to be more than an Email waire tap to me. I guess I had better stop reading the Communist Manifesto, the FSF's web site and this photo essay on "Nubile young teens and their dogs."

  • Is there any talk of putting this on backbones or just ISPs? ie, being an international jetsetting playboy was there any talk of watching the world?
  • Well, looks like we have nothing to fear from Carnivore. According to the article a Security Focus:

    In September 1998, the FBI network surveillance lab in Quantico launched a project to move Omnivore from Sun's Solaris operating system to a Windows NT platform.

    It runs on NT! I feel much better now that I know it runs on an unstable platform.

    Picture a group of frustrated FBI snoops staring at a BSOD instead of your email...

    ------------------------------------------------ ------------

  • I didn't know that Carnivore might also have abilities to monitor voice-over-IP. Just this ability, alone, is enough to make me run for cover. With more phone companies and internal business systems going to VOIP, how easy would it be to listen in to our phone conversations? Maybe I am just paranoid?

  • 1.1 History - Carnivore is software that runs under Windows NT with Service Pack Three or Better...

    So all those ISPs that run Linux is safe. Good.

  • Tough to balance (Score:3)

    by akey ( 29718 ) on Thursday October 05, 2000 @06:18AM (#729809)
    Balancing constitutional rights with what "law enforcement" wants is not always easy. Since Carnivore largely amounts to a tool for gathering intelligence, it's quite understandable that the Feds don't want to release details. The first rule of intelligence gathering is to keep your methods secret -- otherwise your targets will be able to adapt and avoid interception.

    Of course, if the targets use strong encryption, Carnivore is worthless (without the NSA, of course). Which leaves us with the question, who is Carnivore actually aimed at? Criminals who are smart enough to use email, but dumb enough not to encrypt, and evil enough to have committed federal felonies? Somehow I doubt that that group is large enough to justify Carnivore.


    ---
  • They can try to monitor all they like, there are still ways around it. Soneone could set up multiple NAT/Masquerade servers with various encryptions. A sort of 'ring' similar in concept to a 'webring' could be established, where hundreds of server all send encrypted data back and forth, and only one of these servers, or only one of these servers per port connection actually makes the final request. Subscribers to this service would have to deal with some annoyances with protocols that don't like NAT/Masquerading, but I don't see why it wouldn't work. If no one can tell where the data request truly came from, it won't matter if it's being tracked or not. E-mail services could also run through something like this, encrypting email to the point that it'll take months to break that encryption. Some applications like the instant messaging programs won't work with this approach, but if this encrypted network is popular enough, I'm sure someone would find a way to let clients connect. To be honest, I don't think I would care nearly so much if I was potentially being monitored if I was behind such a system, for at that point it would be difficult enough to track that it probably wouldn't be worthwhile unless they already knew who I was, then they wouldn't even need carnivore, there'd be a TEMPEST van parked outside my house or something.

    pardon the ranty nature of that, I haven't had my morning coffee...

  • Problem with Amendment 4 (Score:3)

    by Life Blood ( 100124 ) on Thursday October 05, 2000 @06:19AM (#729811) Homepage

    Presumably Carnivore would only be used once the FBI has a warrant, therefore the fourth Amendment does not apply. While there is still a question of "who watches the watchers" Carnivore has appropriate uses just as Napster has appropriate uses. It can be used for perfectly legal and moral purposes for criminal investigations.

    IANAL, but the other problem is that the fourth Amendment in its strictest interpretation technically only applies to physical objects (effects, persons, houses, etc.). Electronic data is not physical really, however it is a type of correspondence which means it should still be protected by the 4th amendment.

  • Re:No Worries! (Score:5)

    by Tassach ( 137772 ) on Thursday October 05, 2000 @06:19AM (#729812)
    Carnivore/Omnivore on Solaris is scary. Carnivore/Omnivore on NT is VERY scary. If someone were able to exploit a hole on a carnivore box, they could then use it to monitor anyone's communication. This is of course possible under Solaris too, but NT is far more vulnerable to remote exploits.

    A black-hat being investigated by the FBI could possibly turn their tool against them, using *nivore for counter-intelligence. At least the FBI has to pretend to obey the law and respect some limits -- a black-had has no such restrictions.

    I wonder if there is enough information in what has been released to be able to identify a carnivore box remotely. Does it use promiscuous mode packet sniffing? Could you detect one with a variant of l0pht's antisniff [l0pht.com]? Does it exhibit any tcp/ip eccentricities that could be detected with nmap [insecure.org] or SATAN?

  • Top Secret Titles (Score:3)

    by dr_strangelove ( 16081 ) on Thursday October 05, 2000 @06:12AM (#729813)
    I don't know about you folks, but the fact that the FBI felt it necessary to redact parts of the TITLES of test sections doesn't really make me sleep any easier. I mean, c'mon guys. What the hell is so secret we can't even see what it's called?

    Janet Reno needs to be slapped. Repeatedly.

  • Just wondering... assume I, as one of the flap-heads up north of the 49th, just happen to have my online e-mail/actions caught by this system. Does reading my private messages constitute espionage? Whether or not they have a mandate to investigate domestic stuff, they certainly don't have any rights granted to them covering external messages, do they? Perhaps if I was plotting terrorist activities, maybe...

    Ah well, time to fire up the CSA spooler trigger package on Emacs again.... ;)

    -TBHiX-

  • I might have to take a look at my ISP's agreement to see if there is anything about them being able to monitor my traffic when I am connected to them.

    Also I would think that the first ISP to agree to have this attached to their systems might see a bunch of customers leaving. I think I would drop my ISP if I heard that they agreed to host this system.

    I think one way to help control this is to take the control of the box away from the FBI and put it in the ISP's control. This would be somewhat similar to wiretaps. Instead of the FBI doing it they present the warrent to allow a tap and let the phone company do it at its switches. Maybe this is how Carnivore should work. It is only installed when a warrent for a tap is presented instead of it always sitting there gathering information on anyone it chooses.

    This thing is starting to sound scarier and scarier. Now even though I doubt they would monitor me (working on a Government contract with clearances they already know a lot about me), but the thought of it being able to without anyone but the Government to say it can't does not make me happy. There needs to be checks/balances for its operation.
  • Someone over at the FBI has very bad sense of humor. Out of the 164 pages of source code they reviewed for release, only 2 pages were actually released. Out of those, it looks like one was completely redacted, the other has some innocuous handwritten note on it. Why did they even bother with hose two pages?

    This must be their way of thumbing their nose at EPIC.

  • Nonesense.

    The biggest danger of Carnivore IS it's usefullness for both legal and illegal general surveilence.

    Think about this, under the current practice of law it is only illegal to use materials gained "illegally" as *evidence in court.*

    This is *EXACTLY* the sort of crap that the Constitution and Bill of Rights were formulated to try to prevent.
    I practice it is NOT illegal to gather such information. When was the last time you heard of a law enforcment agent being criminally prosecuted after having his evidence dismissed as illegally obtained? Have you EVER heard of such a case?

    It is common practice to use illegal survielence to *target* a specific individual who otherwise would in no way come to the attention of the authorities. This illegal material is THEN used to gather probable cause that can be presented legally to a judge.

    A little discussed part of the philosophical background of the Constitution is that it was explicitly intended to *prevent the government from being able to prosecute certain kinds of crimes.*

    The framers knew full well that the government would eventually fall to passing and prosecuting uncontitutional law, such as the war on drugs, and the Constitution and Bill of Rights were *specifically* formed in such a way as to make it difficult to impossible to prosecute such "crimes."

    Some of the framers also saw the danger in explicitly enumerating any rights. We have seen their fears come to life as well, as the specific wording of the Bill of Rights has been twisted and interpredted to limit rights, and indeed go so far as to classify them as meer priviledge granted by the government. It is called the Bill of Rights, NOT the Bill of Priviledge.

    Carnivore is nothing more, and nothing less, than a means of subverting the *Rights* enmureated in the Bill of Rights.

    Carnivore will be of little use against terroists, except those stupid enough to try to get the security deposit back on the rented van they just blew up, who will commincate in multilayered codes and ciphers which even when decrypted will have no meaning except to the intended recipient.

    No, Carnivore's main use will be in targeting in on the poor, dumb kid selling pot who sends an e-mail to a friend letting him know that "I got the dope man."

    Then, and ONLY then, using this inadmissable "evidence", will the "legal" case against him begin and the fact that the initial "probable cause" was obtained through illegal means will never see the legal light of day.

  • Carnivore is GOOD! It finaly shows people that not useing encryption for personal messages and data is tupid! I often use a computer system from the university network and I know there is a good chance someone (sniffer) is listening in. So I use ssh all the time. PGP (GPG) is not easy enough yet, so I'm sorry to say I don't use it much, then again, I don't send private things via email.
    If this does not give a huge boost to crypto usage around the globe, I don't know what will.
  • Because most police have shown that they often overstep the law in their snooping, and all too often do so not becasue of illegal activites on the part of the investigated person, but rather because someone with clout doesn't like that person. Check the history of the anti-war, womans suffarge, and civil rights movements in the Western countries, and religous and anti-Communist movements in the Eastern block. Look at China today. Look at how many activities are illegal now, and what has been illegal in the past that is now considered acceptable or even good (join a union, eh).

    In some cases someone was being wiretapped and 'bugged' because they were suspected of some illegal activity. Sometimes the activity was vague, "engaged in counter-government actions". It might be even less specific, the bugging was actual a "fishing expedition" where the policed hoped to find the person doing something they could come done on them for.

    And in many cases the person being investigated wasn't doing anything illegal. However the bugging turned up other activities that could be used against that person such as pre/extra-marital affairs or homosexual actions, talking with known Communists/Imperialist-running-dogs/fags/skatepunk s, dressing in drag (hi JEH!) or watching the Partridge Family (or using Open Source Software).

    Such activities were not illegal, or were of a much milder degree than the reasons given for the bugging. (come on, half of British humour is based on men in drag, does that threaten national security?)

    And then there's the general privacy aspect - do you want your love emails to your wife going into the police databases? You could be suspect of wrongdoing even if you aren't actually doing anything wrong; or you could be in commincations with someone else who is being investigated. Or the loss of freedom - if you say "just don't snailmail/email anything you don;t want others to see", then does not that reduce your freedom?

    One more example - you and your fiance are planning the post-wedding honeymoon on the phone. You conference-call the hotel in Vegas, which happens to be owned by folks the FBI is watching. Matter of fact, the person taking your reservation is under a wiretap authorization. According to the FBI wishlist for CALEA, your call to them would be recorded, and the recording would continue even after they (the wiretapped suspect) had dropped out of the conference call - leaving your and your fiance to discuss what you would be doing on the honeymoon for the benefit of the FBI voice recorders - and that converaation would be legal for them to keep. (that provision has been challanged and possibly overturned).

  • If you are genuinely worried about what impact Carnivore will have on you, then maybe it is time YOU SHOULD STOP DOING WHATEVER ILLEGAL OR QUASI-ILLEGAL ACTIVITES you are currently engaged. If aren't engaged in said activities then why on Earth are you worring???

    Because apparently, the FBI has an unusually broad understanding of what constitutes suspicion. Apparently, there is a strong correlation (according to their actions) between saying politically inconvieniant things (like 'I have a dream' or 'give peace a chance' for example) and criminal activity. They also have a history of getting warrants after the fact and cover-ups. This is not the sort of agency that should have additional surveilance capabilities with decreased oversight.

    The question can also be turned around: If the FBI isn't doing anything wrong, why don't they just tell us all about carnivore? If they're worried about what impact public knowledge of their capabilities might have on them, maybe it is time THEY SHOULD STOP DOING WHATEVER ILLEGAL OR QUASI-ILLEGAL ACTIVITES they are currently engaged in.

  • Why worry?

    This box is basically a packet sniffer owned by the government and dropped onto the backbone of an ISP, situated to intercept all traffic to and from the ISPs mail server(s).

    The FBI can only place the box with a warrant, and they claim that once in place, Carnivore will only retain information about mail messages to and from the specific individual targeted by the warrant.

    However, in order to do that, it must first intercept the headers and bodies from all messages to all customers of the ISP. The FBI says "Trust us, we have programmed Carnivore to throw away all of the non-target data".

    It's not "ILLEGAL OR QUASI-ILLEGAL ACTIVITIES" that you should worry about, it's anything you do or say via e-mail that the current or future administration might object to, or use as dirt if you ever run for office, work to oppose new legislation, or just annoy somebody who has connections to your local FBI office.

  • I'm sorry, but unless you actually complete a transaction to buy illicit substances it is not illegal. Just searching for drugs is not in and of itself illegal.

  • I was in an nt lab recently, and I've found that NT kernel panics in responce to a large number of large, fragmented pings. (something like 3 boxes on a 10mb network transmitting solid pings of 65000 bytes). Just ping it to death. :)
  • Windows 2000 and the "Remote control of system from another location"

    Sounds like fun for script kiddies everywhere...

    Michigan teen arrested today after wiping the "Carnivore" boxes of several major ISPs.

    Kalrand

    -the voice of reason
  • Last I checked, electrons are physical objects, although nanoscopic, so data encoded as strings of electron transmissions would therefore theoretically be physical objects by extrapolation.

    If this is actually inaccurate, please don't make the flames too hot!
  • I would certainly agree that overstepping their mandate is a serious offense to the people. I know that when the RCMP have done so, that the people of Canada become very concerned. I think that technology allows most enforcement agencies a way to overstep their bounds, if only because the elected powers that be do not understand the implications involved, and thus make uninformed decisions regarding the use of technology. When they do understand it, I think they hope, and are correct in assuming so, that the majority of the public understand it less than they do.
  • You can download PGPfone at the PGP International [pgpi.com] site. It encrypts voice over either an IP connect or via modem.

    It'll run on Win9.x (probably NT and 2000), Mac (probably OS9 and before). Zimmermann couldn't get his company to push this as a product, so he more or less put it in public domain, and if you think it needs to be run on Linux / other -ix operating systems, port it yourself.

  • Did anyone else try to guess what words were maked out? I'd be particularly interested to see whats hidden under the Carnivore Testing -> Filter sections. My guess would be something to do with keyword and content filtering.

    The answer to this is becoming all too clear. EVERY packet that leaves my home network will need to be PGP encrypted.

    I guess I shouldn't be too surprised ... this IS the US government we're talking about. Hrmph...

  • Nope, Carnivore was designed for warrantless searches, if I can trust what I've read on the subject. The gov't isn't supposed to open your mail without a warrant, but it can look at the postmark and the return-address; it can't listen in on your phone calls without a warrant, but it can make a list of what numbers you call and what numbers call you. Similarly, Carnivore is allegedly designed to be able to do similar things with email - figure out who you're sending email to and who is sending email to you, while keeping the contents of the email hidden until such time as a warrant is issued.
  • This question comes with prefatory context:

    You may feel that an honest man has nothing to fear from Carnivore, but Cardinal Richelieu once said "Give me six lines written by the most honest man, and I will find something to hang him." Along those lines, history shows that the FBI tapped Martin Luther King's hotel phones and found solid evidence that he was having affairs. When they sent this evidence to newspapers on condition of anonymity, not a single newspaper printed it. The FBI's legacy of using evidence outside the bounds of Constitutional rights to convict honest and innocent people is well documented in other cases as well.

    "What steps are being taken to insure that the FBI is unable to use Carnivore's information to destroy the career of someone as human and as controversial as Martin Luther King, Jr.?

    thank you.

  • I might have to take a look at my ISP's agreement to see if there is anything about them being able to monitor my traffic...

    Well, since your ISP won't have access to the box, they won't be monitoring your traffic (the FBI will though).

    Putting the ISP in charge of monitoring seems a little safer, but then they'd be required to become law enforcement themselves; just like if Slashdot started removing posts at the request of M$.

    The other ideas presented (encryption, etc) are good, but I think the best way to handle this scenario is to publicise it and maybe get congress involved (that always messes things up ;). The more the public knows about this the more difficult it will be to implement.
  • If Narcivore gets anywhere, what do you bet that ISP's are just a start? The justice department will come up with some *other* lame excuse that there's just no way they can catch all the [insert favorite criminal behavior here] without having access to the backbone. That's why projects like this (or *any* government project, for that matter) needs VERY careful scrutiny before they're ever started. Typically, it's a one-way street - once they start, they only want more, and more, and more (more money, more control, and more time).
  • well, he did. . .

  • OK, so.... (Score:3)

    by Millennium ( 2451 ) on Thursday October 05, 2000 @06:41AM (#729835)
    The Slashdot story alone tells us two things:
    • The FBI lied. Carnivore can do more than they originally said it could.
    • There are still things they aren't telling us. Remember, two-thirds of the information was withheld. Even the name of Omnivore's predecessor is still classified as "secret" (meaning that, were the secret leaked, national security would be harmed significantly, at least in the eyes of the classifiers).

    Now, the SecurityFocus article also adds one other thing: Carnivore is in fact capable of performing certain kinds of searches without a warrant. According to the FBI it can only do this in "pen mode," and that mode restricts the kinds of searches it can perform, but we know already that they cannot be trusted where Carnivore's capabilities are concerned.

    People talk about balancing Constitutional rights vs. "law enforcement." The fact is, the Constitution has already set the balance. We have a right to not be searched. But law enforcement can override that by getting a warrant or "probable cause" (which must by definition be established without performing any search), at which point they are allowed to search us. That is the balance, and it suffices for enforcing the law (prevention of crime is another matter, but this is not the job of any law enforcement agency, so the point is moot).
    ----------
  • This reminds me of Fedland in Stephenson's "Snow Crash." And it adds a scary plausability to parts of the plot. While, as I posted in a previous article, I'm comfortable with encryption and feel fairly safe using PGP for things and running an encrypted volume for a lot of my hard drive, it is still a little frightening, a little foreshadowing of a time in which the USA becomes a police state. Imagine a time when kids bring guns to school, so schools install cameras to monitor every square inch of the school; where cop's can catch all the speeders, so cameras on stop lights automate the speeding ticket process; a time when Britain's government basically has the right to anything encrypted on the user's computer (don't believe me? look into RIP). Oh wait, that time is now, and it's only getting scarier. What organizations exist to protect our privacy? Do you really thing the existing organizations are working? When was the last time they helped you out? I think as the techno-literate of the world, have an obligation to stand up for human rights in the electronic realm, and to try to hold on to any privacy we have left
  • The VOIP stuff inst that suprising. Current phone providers (Verizon etc) are required by federal law to provide 'hooks' for the easy implementaion of wiretaps on POTS systems. A new way to communicate via voice is surely going to be responded to with a new way to monitor it.
  • Carnivore is significantly more than a packet sniffer. Hell, packet sniffers are now significantly more than packet sniffers. A traditional sniffer like NAI's Sniffer or W&G's Domino line stored all of their date into a flat file format.

    Modern Network analysers parse packets and stream off the distinct fields into a relational database. Typically, this functionality is used for traffic analysis. (For example, you can take a single connection, normalize the sequence number space, and graph the TCP sequence numbers versus time. This is an excellent tool to visual analyze the performance of the TCP connection).

    However, it is possible to do much more complicated analysis. For example, its pretty easy to build a TCP state machine. This can be used to reassemble of the application layer data passed along a connection.

    Prior to these developments, you needed pretty sophisticated end users to read a trace file. The new tools are designed to allow anyone to read the email you send or web pages you are looking at.

    I used to be the product manager for GN Nettest's line of protocol analyzers. The most frequent request that we'd get from law enforcement officials was software that could automatically reconstruct application layer data.

  • You make some decent suggestions, but it wouldn't work, for the primary reason that it would not be long at all before it was made illegal to set up or use such services. The FBI doesn't need to make too much noise about how this clearly obstructs justice (with the usual references to terrorism and child pornographers just to swing the public opinion their way) to get that all banned. Encryption might seem like a nice idea, but when the FBI decides they want that info, asks you for the key, and you refuse to give it to them, you'll be sitting in jail until you change your mind.

  • It is common practice to use illegal survielence to *target* a specific individual who otherwise would in no way come to the attention of the authorities. This illegal material is THEN used to gather probable cause that can be presented legally to a judge.

    Which is really easy to do today, all you have to say is "drugs". BLAM! You got ever thing you need.

  • For obvious reasons [cryptome.org], of course.

    Hee.

    --Perianwyr Stormcrow
  • ZKS Freedom [freedom.net] already has a network of servers designed to obfuscate routes- it would probably be not terribly hard for them to encrypt everything.

    Time for a comment to the developers, I guess!

    --Perianwyr Stormcrow
  • I guess it depends on whether the rednecks south of 49 are smart enough to use it. :-) Actually anytime a transmission is intercepted outside of the country it is considered to be espionage, if only because you are looking for a transmission of some type in the first place. However, I can't see that necessarily being the case when email is somewhat international in nature. Much of the world's email traverses borders when being sent from one place to another. There are ISP's in Canada who relay their mail through the US backbone, depending on from who and where they get their bandwidth. I think that the best you could hope for is that they can't act overtly on your email unless it violates international laws.

    Most likely they could in the case of Canada, inform the RCMP they are viewing you with interest - that is if it were in thier interests to do so.

    In any case, I think you would have to naive to believe that it is only US nationals that are being spied on. It would also be naive to think that is the case in my country or any other technology-enabled country. Many governments watch their citizens whether they admit to it or not.

  • Alas, the JFK assassination occurred just a FEW years before most major governmental bodies began filing documents into electronic media, mostly from the request of Hollywood writers, who needed a new plotline to cliché (westerns were becoming a drag at the time, but the 'elite thief steals info and holds government for ransom' thing hadn't been done yet).

    And my, that was a very long sentence...

    ~Reave
  • This will be no problem as soon as the One World Government (New World Order) is fully in place.
  • Carnivore/Omnivore on NT is VERY scary. If someone were able to exploit a hole on a carnivore box, they could then use it to monitor anyone's communication.

    Now, now, don't be afraid. It's not all that bad.

    First, hacking into a Carnivore box would give you the ability to monitor communications only on that particular network segment where the box is sitting. It will not magically give you the ability to monitory anybody everywhere.

    Second, law enforcement is not known for abundance of brain cells, but I would be VERY surprised if a carnivore box had any open ports at all. All it does is gather packets that pass its filtering criteria and write them to a file. Login should be through physical console only.

    Not to mention that a carnivore box can act like a bridge and thus have no IP address at all. I'd like to see a remote crack for a box that has no IP address.

    Kaa
  • If Carnivore were used to track your own correspondence, what legal rights would you rely on to defend against that use?

  • Carnivore is making me feel like a juicy piece of meat right about now. . .
  • Presumably Carnivore would only be used once the FBI has a warrant, therefore the fourth Amendment does not apply.

    Bzzzz. Sorry, wrong answer.

    It turns out that our wonderful judiciary has decided that while the payload of an IP packet is protected by the Fourth Amendment, its headers are not. Thus Carnivore can (and does) capture packets, discard payload, and store packet headers for further analysis, all without any warrants at all. To understand why this is important, read any crypto text on traffic analysis.

    the fourth Amendment in its strictest interpretation technically only applies to physical objects (effects, persons, houses, etc.).

    No, it doesn't. To give a trivial example, telephone conversations, which are not physical objects, are protected by the Fourth.

    Kaa
  • Now that we know that the resources of Kent Law School are able to be used by the FBI for its purposes, what are you as an individual doing to insure that these purposes are encumbered by the burden of honesty?

Slashdot Top Deals

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries

Close