Slashdot Mirror

← Back to Stories (view on slashdot.org)

What is Carnivore, and How Does it Work?

Posted by CmdrTaco on from the finally-some-details dept.

MainFrame writes "A friend of a friend of mine, Tom Perrine, was "invited" to testify at the Congressional subcommittee meeting concerning Carnivore. "I had seen Carnivore on a recent trip to Quantico and had the opportunity to discuss the program with some of the developers. This was all before the Earthlink flap. I hope that my (written) testimony was balanced and fair. Those of you who know me, know that I try to balance my firm belief in personal privacy and Constitutional rights with my belief that there *are* times when law enforcement has legitimate needs and a duty to access electronic communications, when properly authorized by a court. " There's a lot of confusion about what carnivore is and what it does, so its nice to see something like this which appears to be much more informed.

11 of 90 comments (clear)

  1. I just don't understand what the big fuss is about by Mark+A.+Rhowe · · Score: 3

    When it is MUCH simpler to encrpyt your eMail than it is to secure your phone communications - why not just HIDE anything you don't want the FBI to see?

    --


    M$: "We're #2!"
  2. The guts of the carnivore:DISCLOSED by Kalrand · · Score: 3

    Funny, all they found was a copy of Windows 95 with a copy of Back Orifice running....

    Kalrand

    -the voice of reason

    Kalrand

    -the voice of reason

  3. How much did they spend? by Mr+Krinkle · · Score: 3

    In college I spent 400$ on an old Mac and DLed a demo copy of etherpeek. I then wrote some filters and had a packet sniffer that could do the exact same things that it sounds like carnivore does. Maybe not with as pretty of an interface but it is still just a packet sniffer nothing more nothing less. For under a grand anyone can do this. I would bet our lovely tax dollars pay 50k or so for each one of these PCs. Gotta love government bloat. AS for privacy from it, like I said anyone including them with a network port and 1k can monitor packets. I prefer to encrypt anything special. Wonders if someone will sniff this since it is from work. Oh well

    --
    I am 31337 or something.
  4. I have faith in the FBI by Emerson+Willowick · · Score: 4

    Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

    Government monitoring is nothing new. The FBI have long had many wiretapping systems set up to catch criminals. The USPS scans threatening mail trying to prevent people from mailing bombs and traps to their enemies. Cameras are installed along many city streets to watch crimes and catch traffic violations. I don't understand why these survelaince methods aren't coming under fire as well... why is the internet so incredibly different?

    Besides, look at the results of these efforts. Many major crimelords and killers have been caught by slipping up in the presence of wiretapping. Mail monitoring has prevented possible serial terrorists from doing something like send mail bombs. And street cameras catch amazing ammounts of crime, from murders to robberies to prostitution to speeding. I expect Carnivore to be extremely helpful in capturing pedophiles, pirates, terrorists, and other criminals.

    Yes, I may be concerned about my own e-mail being read. But I know that I am a law abiding citizen, my messages to people are trivial to the FBI, and that I feel like I need to hide nothing. And even if you *need* privacy, what about encryption? PGP is extremely hard to crack from my knowledge. Use that. I know the Slashdot mentality may contradict it, but it's unrealistic to expect the internet to remain unregulated forever. Regardless, some form of government restricition and monitoring will come eventually, and having read a little about Carnivore, I am satisfied with their efforts.

    --


    Emerson Willowick: Thinker, Writer, Human Being.
    1. Re:I have faith in the FBI by w3woody · · Score: 5

      Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?

      While I have no problems with a law enforcement agency such as the FBI enforcing a legitimately obtained wiretap order in order to catch the bad guys, it's clear that you don't live in Los Angeles.

      To review, the Los Angeles police department is currently being investigated for a number of crimes carried out by bad police officers from the Rampart division. Latest estimates I heard indicated that something on the order of thousands of court cases may be thrown out because a few bad cops planted evidence, engaged in illegal activities (such as selling drugs or murdering suspects) while transfering the blaim to otherwise innocent people who are now sitting in jail. Those thousands of court cases translate to thousands of otherwise innocent citizens who are now sitting in jail due to a few rogue cops.

      At the same time all this started comming out we also learned that the Los Angeles District Attorney's office in conjunction with the LAPD engaged in several hundreds or thousands of illegal wiretap operations, turning over the illegally gathered evidence to the LAPD for followup. Remember: an illegally obtained wiretap may be thrown out of court, but if no-one knows that the wiretap was in place in the first place, the evidence gathered afterwards will not be thrown out later.

      (As an example of how an illegal wiretap could lead to an arrest without any connection to that illegal wiretap, suppose Joe Blow decides to sell cocaine to his friend in the back of the Ralphs supermarket at 9:00 tomorrow. All the LAPD has to do is to have a cop "happen to drive by" the Ralphs. His police report will read "in my routine survalence activities, I happened to catch Mr. Blow selling narcotics", not "I was tipped off by an illegal wiretap.")

      Most of the people working for the LA DA's office and the LAPD are the most top-notch, professional police officers in the country, working under extreme conditions with very little community support. I have very deep respect for these people. And it is their sister organizations in the city of Glendale where I live, who I have interacted with at all levels (from being stopped on the street in the middle of the night while out walking to serving as a witness to a purse snatching) which has made Glendale the safest city of all cities with a population greater than 150,000 in the United States.

      However, it only takes a rogue few to fuck things up totally, as they have in Los Angeles. (By the way, estimates are placing the cost to settle the civil cases caused by this handful of rogue enforcement officers at something like 25% of the total discretionary budget of Los Angeles--which buys a lot of libraries, squad cars, and fire trucks...)

      That's the concern with Carnivore--not that it isn't a powerful law enforcement tool that will be used for lawful purposes. But that a few rogue officers (a'la L.A. Rampart) will abuse the tool in an illegal fashion--and we will have no way to discover their illegal activities. It's clear if you had read the paper refered to in the header that it is Tom Perrine's suggestion to modify how Carnivore is installed and maintained so that at least the ISP knows what the data Carnivore is gathering and if it is in accord to a legally obtained wiretap court order.

      Trust, but verify. Verification creates professionalism, and professionalism creates Glendale (which is spitting distance from the Rampart district), instead of the LA Rampart district.

  5. Re:I just don't understand what the big fuss is ab by Anonymous Coward · · Score: 3

    I'll repost this from the previous Carnivore article. This post was way at the bottom, and thus was completely ignored by the moderators. I am its original author. It deals with the fact that even though your message text is encrypted, the FBI can still read the headers, and find out who is contacting who. This issue was brought up by another anonymous coward, to which I replied:

    --
    You've hit the problem right on the nail, my friend. Visit www.crimelink.com for an example of this program you are talking about. Organizational matrices and all that stuff are very key to finding out who is doing what, and what the odds are that what they are doing is illegal.

    For example. You email Joe Blow regarding a post you saw on a forum about gardening. Little did you know that Joe Blow had earlier emailed someone else, whose email he got off a forsale newsgroup advertising hydroponics. Turns out the guy selling the hydroponics was suspected of selling drugs, because his hydro bill was high enough to set off a flag. Now Joe Blow is just a gardener, but he was dealing with a drug dealer, and now YOU are dealing with someone who has delt with a drug dealer. You automatically have a "relationship" with a drug dealer based on an indirect contact. Carnivor can easily be used to setup such relationships, and programs like Crimelink can easily be used to give graphs and charts outlining any possible relationships.This means police and related agencies can establish a Whose-who in their ISPs neighbourhood.

    Now, I don't believe this sort of thing to be happening to the extent that others might believe (IE Echelon voice regognition crazyness and etc) however the potential is very real, and limited capabilities DO EXIST right now. With the onset of such systems as Carnivore, these capabilities grow exponentially towards the situations similiar to that I've outlined above. What I fear the most though is that by next week, Slashdot et al will have forgotten this and moved on to the newest "tiny computer" or Linux IPO news.

    Signed,
    Your Anonymous (?) Coward.

  6. Filtering criteria don't always work by AdamHaun · · Score: 4

    While I agree that the government needs to be able to monitor suspected criminals(with a warrant of course), I'm not sure that arbitrary filtering criteria is the way to go. What would they use? Keyword searches? TCP/IP headers? What's to prevent the FBI from picking up whole usenet threads or the actions of people reading Slashdot? If I post a response to Joe Child Molester on Slashdot will I come under FBI scrutiny just for mentioning his name? What about the people who quote my(and his) message? Admittedly, these are public forums, but it seems like a huge waste of time to have to scan through all of the fluff that will inevitably be produced. And heaven forbid there should be another person on the ISP with the same name.

    Why not just snoop at the (modem/DSLAM/etc) server? If packet sniffing were more like a literal wiretap, I would be a lot more comfortable and I'm sure the FBI would be able to get a lot more work done. It shouldn't be that hard to get only one user's packets.

    --
    Visit the
  7. carnivore by VAXGeek · · Score: 5

    I like privacy as much as the next guy, so here's my two cents. I know that sometimes the govt. has to spy on people, but WHY DO IT AT THE ISP LEVEL WHERE YOU CAN SPY ON EVERYONE? I don't need my mail being 'accidentally' sniffed. If they want to watch criminals, put wiretaps AT the criminal's connection at his house NOT ON EVERYONE ELSE'S CONNECTION. 2 words: duh.
    ------------
    a funny comment: 1 karma
    an insightful comment: 1 karma
    a good old-fashioned flame: priceless

    --
    this sig limit is too small to put anything good h
  8. Encryption and E-Mail by Th3+D0t · · Score: 4

    I think sendmail should be updated to by default use encryption/SSL to connect to other servers. Sure, most other servers will refuse the SSL connection, and then sendmail could fall back to unencrypted transport. But, if it used encryption by default, as such a popular mail package, certainly more and more e-mails would begin to be transmitted with encryption. Other mail server vendors would likely follow the lead after it became commonplace.
    ---

    --
    I am the dot in slashdot.org
  9. can we afford to have faith in the FBI? by nels_tomlinson · · Score: 3
    I think that we could say everything that you have said about the FBI about the KGB, and with equal plausibility. The KGB is an arm of a recognized government, why would the harm the very serfs^H^H^H^H^Hcitizens who support them?


    Government monitoring is nothing new. Hitler's Gestapo did it, Pol Pot's gangs did it, and Mao's whatever, and Stalin's GRU, and Nixon's burglers, and Clinton's FBI, and each of these organizations believed that they were doing the right thing. Sometimes, all of them were doing things we'd approve of. Usually they were not.


    Your messages may well seem trivial to the FBI. Every government uses trivial people to make examples of, to keep the rest in line. You're as good as any to persecute for some trivial act which our government has chosen to demonize. Do you smoke pot? Do you tell people we should leave pot smokers alone, even though they smell bad? Have you ever carried cash across town pay for a used cars? Harmless people who represented no threat to society have been persecuted for these activities, recently, in the US.


    Law enforcement organizations indoctrinate their (usually stupid) employees with the mindset that there are three sorts of people: cops, suspects and convicts. If they haven't found a way to frame you yet, they should try harder. The US Fish and Wildlife cops are usually NOT considered to be corrupt or politicised. A friend of mine was cook on one of their enforcement boats in the gulf of Alaska. He was shocked to find that the two topics of conversation (other than cheating on their wives) were "how we framed so-and-so" and "how we'll plant evidence on this next guy we want to get". He quit after one trip; the cops were too disgusting to live around, morally at least.

    One last point: did mail monitoring really stop the unibomber? I thought it was the fact that some newspaper published one of his diatribes, which was recognized by a brother.

    In conclusion, I believe that law enforcement is vitally important. Allowing them to work in secret only helps them to become worse than the people they are supposed to protect us from: worse in the same way that the mafia is worse than a bunch of disorganized crooks. Corrupt government is the worst possible threat to law abiding citizens, and secrecy breeds corruption, just as does power.

    Nels

    --
    See what I've been reading.
  10. Re:They could have picked a better name... by LukeyBoy · · Score: 5

    Or they could have named it Herbivore, saying it gets to the root of the problem.