ACLU Files For Carnivore Info

Robert J. Berger writes: "A press release from the ACLU says they are using the Freedom of Information Act to seek all of the codes, records, letters and memorandums related to the FBI programs dubbed 'Carnivore', 'Omnivore' and 'Etherpeek.' "The FBI is saying 'trust us, we're not violating anybody's privacy,"' said Barry Steinhardt, associate director of the ACLU. "With all due respect, we'd like to determine that for ourselves.""

Earthlink Slashback

[acidrain]

EarthLink will do FBI's surveillances itself.

FOIA exemptions...

[Stonehand]

Just skimming the Freedom of Information Act, one particular exemption catches my eye --


...would disclose techniques and procedures for law enforcement investigations or prosecutions, or would disclose guidelines for law enforcement investigations or prosecutions if such disclosure could reasonably be expected to risk circumvention of the law


I'd think the FBI might make the case that if the design of the *vore systems shows WHAT it monitors -- how it selects such -- then this clause might apply. Certainly, this would seem to allow the FBI to refuse to describe *which* ISPs are being monitored... But then, I'm neither a lawyer nor a Fed.

Etherpeek?

[ktakki]

Etherpeek is the name of a commercial packet sniffer/network analysis tool.

I sense a lack of imagination where the naming of secrets is concerned. What's next: Operation Trashpicker or Operation Hold-your-ear-against-the-wall-Here-use-this-drink ing-glass-you'll-hear-better?

I guess even spies get bored.

k.
--
"In spite of everything, I still believe that people
are really good at heart." - Anne Frank

Freedom of Redaction

[Speare]

The Freedom of Information requests don't return something useless like,

• Carnivore, general term for any animal that subsists mainly on the flesh of other animals. More specifically, it refers to any member of the mammal order Carnivora. The carnivores are at the top of the food chains that make up the food web of the earth's life forms. They feed on herbivores, or planteaters, which in turn feed on the plants or dinoflagellates, at the bottom of the food chains, that absorb and store energy directly from the sun. Carnivores live mainly alone or in small groups and are not preyed upon except by other carnivores.

However, they often return something just as useful, in that the government redacts the information returned "for security purposes." While redact means edit, in such cases it is effectively, black out with a wide felt-tip marker.

If SlashDot were redacted the way most "important" data received through FoI requests, it would appear like this:

• ***** Files For Carnivore Info
  Posted by ***** on *****
  from the ***** dept.
  ***** writes: "A press release from the ***** says they are using the Freedom of Information Act to seek all of the ***** related to the ***** " The ***** is saying ' ***** ,' said ***** , ***** of the ***** . " ***** ""

Look at the government's actions this way...

[Christianfreak]

I've lived in forign countries where the government owned all the land, took care of all the health care, (third world country so you can imagine what that was like) and could search homes or stop people without any reason at all.

I don't really believe that the government doesn't have our best interest in mind at least for the most part. There is no possible way the FBI could read all email, and I would go even farther to say there's no way they are going to get the software installed at all ISPs. There's dozens of Mom and Pa Internet shops that simply aren't going to do it. The FBI found a loophole where they can gather information a possibly catch criminals. I truely don't believe there's a consipiracy to label everyone as a bad guy.

Is what they are doing wrong? Yes I think so. Is it particulary dangerous to our freedom? Probably not, especially when compared to what goes on in some other countries. I'm glad the ACLU is stepping in but really what can they do about it? I'm sure that this sort of thing will still go on unless Congress opens an investigation and puts a stop to it. So if you are worried about the FBI reading your mail then encrypt it. Personally I have nothing to hide.

Never knock on Death's door:

The FBI claims that they are already sharing...

[jerdenn]

The FBI claims that they are already sharing information with the industry...

(I'll believe it when I see it).

The FBI is sharing information regarding Carnivore with industry at this time to assist them in their efforts to develop open standards for complying with wiretap requirements. The FBI did so two weeks ago, at the request of the Communications Assistance for Law Enforcement Act (CALEA) Implementation Section, at an industry standards meeting (the Joint Experts Meeting) which was set up in response to an FCC suggestion to develop standards for Internet interception. [1]

What's interesting in this case is the FBI's press department, and their use of the word 'industry'. Usually, one would assume that they are referring to the 'computer' industry, but here, apparently, they are refering to the 'law enforcement' industry. See the CALEA web site, and you'll understand...

-jerdenn

Integrated into the design of telcom companies

[MousePotato]

Hi all, Here is some info that you may find interesting. I have worked in and out of the architectural/design/building industry for the better part of the last 14 years. In that time I have worked on the design and build of many telcom centers and ISP's. For this work security is stringent and done on a per project, eyes only basis.Most of these places (I am generalizing due to very real security issues in the telcom industry) are designed with very highly secure areas where the main switch/com centers and computer rooms setup with the following (very generalized and non specific) criteria: 1. switch/control centers have to be on an 'open' wall so that they may be visually inspected for bugs and taps. 2. computer centers and the racks they mount to have to have 100% visible access as well. 3. walls of secure areas usually have leadlined wallboard and welded wire mesh installed from deck to deck behind the leadlined wallboard. 4. these installations usually use the box within a box within a box scenario (ie secure areas within secure areas within even more secure areas built just as above.) 5. highly secure and mostly invisible CSTV systems monitor every square inch of the space inside and out of these installs, capable of doing so in complete darkness(i have done quite a few casinos that use very similar CSTV systems which can see every player and dealer at any given time) These are not the only security measures involved in building a telcom but this is as far as i can go without having to post as an AC. The folks working inside these areas have to have all sorts of additional clearances/citizenship requirements etc. Building these installations is not easy due to the fact that even the staff of contractors doing the build out typically have to pass security checks and sign nondisclosure agreements as to what they have seen and built. Telcoms are not the only types of businesses that have to follow these stringent security measures. There are a great many 'local companies' all over that are really offices for other agencies. You may or may not be aware of this but many times when these places are built they use names of 'private' corporations etc. to hide thier real ownership. Ironically, the ISP's that I worked on didn't have such security in thier design criteria (usually they are mostly concerned with disaster proofing and service interruption proofing) but if things keep going as they are it would not surprise me if they had to implement these types of upgrades due to the *ivor boxes being located within thier facilities. If that happens we will see a lot of ISP's go under as this type of construction, whether new build or retrofit is really very expensive. To sum it up, let me say this: the freedom of information act is really an obscene joke. I have seen documents released for the purposes of building these installations where as much as 90% of the actual design criteria is totally blacked out, 5% is readable but 'classified' (and usually printed in nonreproducable photo blue) and the remaining 5% is as generalized as this post is. Even if *ivor information is released to us via FOI act it will be mostly useless and not yield any clues as to the level that security is going to be compromised by it. Hopefully, there are some IT folks out there who work in these facilities that can provide us some insight to the systems without compromising themselves and thier positions. After all, matters of National Security are not a joke and in the big picture a little loss of personal privacy may seem trivial compared to whats really at stake (read:I am not in agreemnet with them doing this but I do understandwhy they are doing this). If you want privacy in your email the answer is very simple: use strong encryption and exercise due diligence in deleting/scrubbing your email after reading it. If enough people use highly encrypted email bigbrother will not have the time to decrypt all of it enmasse.

Re:ACLU- Yeah!!

[gmhowell]

>>>We do not have a constitutional right to privacy

Okay, I'll assume you live in the US, and therefore cannot use that as an excuse for ignorance. You may remember hearing of a case about 25 years ago called 'Roe v. Wade'. The crux of the decision was based on the fact that people in the US DO have a constitutional right to privacy. It is not specifically written (AFAIK) but it has been interpreted thus.