Slashdot Mirror
Carnivore Comes Up Hungry
voodoogumbo writes "A USA TODAY article says universities are declining to review the FBI's controversial Carnivore email sniffer. Academics are concerned that the Justice Department is looking for little more than "rubber stamp" approval of the system. The sordid details are
on their site."
Have them post the code on slashdot and we'll rip it apart. :)
Why should the universities be taking care of the FBI's dirty laundry?
It's probably all a matter of the possibility that if the university 'rubber stamps' the black box, 5 days later in the media, this appears: "Technology approved by MIT violated 540,392 civil rights issues". No one wants that. Furthermore as a quick sidenote, do they expect Carnivore to break into any Joe Schmoe's Hotmail account with SSL? I think not..
the FBI wants to test Carnivore this way because using it on a university LAN would be like shooting fish in a barrel.
"..don't you eat that yellow snow."
I personally hope that noone agrees to a review since this might raise a red flag in the minds of congress. Could cause it to be shot down quickly.
Quoth the article:
-Researchers may examine only those matters the government wants examined.
Gov't: Please verify that this device has a power switch.
University: check.
Gov't: Thank you, this concludes your exhaustive evaluation.
Ad in classifieds: Pandora's Box (no box) $5
... for not foisting this crap on us.
If the DoJ had their way, they probably wouldn't even let PUCC tell us about it before they started sniffing our mail.
All of you college students out there, get a hold of your computing center's admins. Let them know that this is a bad idea. Most likely, they're geeks like us who are willing to listen (I know the guys around here at Purdue are somewhat accessible, but I also had press credentials at the time. Still, doesn't hurt to try.) Give them a link to this Slashdot story. Just make sure to get the point across in a clear, rational manner.
Well, you have to admit.. the US gov't is sneaky. This way they can tell people "well, we gave 5[or more] universities the chance to look at it and they decided not to"
I wonder how long it will be before they actually find someone to look at the flesh-eater, and what kinda effigy it will be.
-- MrMud
It's pretty common for universities to test products/software/policies that the government wants to issue. That's how they get those grants, you know. For example, my school was involved in determining the privacy implications of the Intelligent Transportion System.
The publishing restriction is quite common, as is the requirement that they be screened. The real issue is the middle restriction, that "Researchers may examine only those matters the government wants examined." This means that the government can basically say "look at this irrelevant stuff only, and tell us whether it works." The university would not be able to actually examine the product as a whole. That is a restriction that few researchers are willing to live with. It basically renders any opinion worthless. So, I'm with those researchers that are unwilling to do this. I don't think they're going to find a reputable university to do the review... of course, there are many third/fourth tier universities that will do backflips for the grant money.
Thalia
These schools do not want to liable if Carnivore. Is used for the wrong reason. Would want to be the school that OK a sysytem that framed the wrong man.
This problem will be approached the same way other "control" attempts have been. If email is gonna be sniffed it will be madly encrypted or hell not used through US pipes. Hell if this gets to be a problem and those whom wish to remain anonymous then what's stopping them from developing their own protocol for messaging. Hell pop and smtp are getting old and are insecure (apop is a nice attempt but the majority of people out there are still using plain text passwords with pop).
encrypt mykey thierkey < mymessage | genericserver"Survival of the fittest Max, and we've got the fucking gun!" - Pi
A lot of people are probably going to accuse me of being paranoid here but... I'm sure the government would like nothing more than a big university like MIT to say carnivore is okay. It's part of a propaganda war. Those who are then less educated or lazy will just think the government isn't spying on me, the folks at MIT even said so, and the as a whole Americans give up another bit of privacy. If the government was truly interested in letting the American people know carnivore was about they would open source it. What do they have to loose? There not going to sell the code to carnivore or are they. They want to assure the American public their privacy isn't being violated, don't they? If carnivore is truly what they say it is, let everyone look, not just the "elite" at a university.
Give it to me, I'll test it for them.
"Judge Judy is a man!?" Bwhahaha! Think of the power.
Uh.. on a realistic note so I don't get moderated down... umm.. Time to start encrypting my email.
-Frijoles-
http://www.netfunny.com/rhf/j okes/92q4/sincerely.html
what happens when terrorists planning to blow up the president through email from saudi arabia sends and email through hotmail, to someone in eville, usa... what is the international law that says that the saudi can't say things like that? even on a us based email service? this could get fun :)
Runnin' On Empty
"What I don't want to see is a road map of the source code that could give the bad guys the ability to thwart this," he says
;)
I'm sorry, but doesn't encrypting the message in the first place make it useless to the fbi anyway?
I've never seen the source for this, or heard anything about how it works, but I just figured that out. I must be an evil genius
--
--
grep "xercist"
The secrecy sorrounding the entire sordid affair needs to go to the wayside. If they have no dirty secrets to hide, they should willingly expose carnivores innards for review. Especially when viewed with their logic that only "criminals" need to be concerned about privacy.
If Big Brother wants to calm anybody's fears about Carnivore, they should give L0pht, 2600, and their friends at Antionline free and unfettered access to one of the machines for a week. Let them do an independent review and post a nice report on its capabilities, along with demonstrations of how easy it is for the individual FBI agent to 'improperly' use the device.
So, encrypt, or forge headers/ip addresses, or tunnel, or...
whatever. move on, nothing to see here.
Never meant half of the things I said to you. So you know, there's a half that might be true - G. Phillips
--
What follows is an executive summary of Carnivore. The information provided is accurate to the best of my ability. I am not responsible for any omissions or factual errors.
--
First, it is called Carnivore. Second, "victim" is spelled "victim". I will make a brief summary for those who have not heard of it. Carnivore is a network of black boxes the FBI is planning on deploying at all major ISPs to monitor e-mail traffic. One of the first major ISPs to be asked to install it, Earthlink, refused on the grounds that it was incompatible with their network infrastructure. Based on information released, it is essentially a glorified packet sniffer modified to capture e-mail communications.
The FBI claims that Carnivore is needed because criminals are becoming more sophisticated and using e-mail to carry out criminal activity. There is some precident to support this, as well as evidence that the FBI may very well be justified in this. In many cases since the early 80's phone logs have had a substantial impact on forensics. The phone companies currently maintain logs on who calls where for an indeterminate period of time, generally atleast 90 days. It makes sense to provide a network where this information could be garnered online. The fact that e-mail is "plain text" and requires no additional processing (unlike voice, which requires someone to actually listen and transcribe the conversation), there is a lower barrier to entry. Translated, it is cost effective.
Those are the justifications. Now, essentially the argument against this boils down to one simple statement: Do you trust the government? There is plenty of reason not to trust the government. There have been a variety of high profile cases where the government spied on citizens without a warrant or any judicial approval. In particular, the handling of the Waco, TX and Ruby Ridge incidents come to mind for the FBI. As a result, the FBI has been busily modifying judicial procedures to allow them to tap without a warrant, as well as the ability to use illegally obtained evidence. They have continually been expanding their power base. Something which was illegal 5 years ago is now not only legal but approved by the majority of citizens. Carnivore could be seen as part of a larger initiative by the FBI to remove accountability for its actions and also to treat the average citizen as the enemy until proven otherwise (guilty until proven innocent). The current political atmosphere the so-called "baby boomer" generation has engendered has further fostered this attitude.
Other intelligence / law enforcement agencies have also been busily adapting their organizations to take advantage of net-based technology. Recently it was discovered the NSA had (and continues to) partner with several countries including Great Britain, Franch, and Australia to form a global monitoring network called Echelon. It is a more general information gathering network than Carnivore and is more in-line with the NSA's role in our government - handling signals intelligence (SIGINT).
I would request in advance that political discussion on this matter be taken offline, as this issue has been hashed and rehashed on a variety of websites, lists, and zines. Further information is available by simply searching on Google (www.google.com).
--
Signal 11 -o- BOFH, boredengineers.com
All truth goes through three stages. First, it is ridiculed.
Then, it is violently opposed. Finally, it is accepted as self-evident.
The government's inherent authority to conduct electronic surveillance? Funny, I thought the government was only supposed to have the powers enumerated in the Constitution, and I'm fairly sure Madison&co. didn't include an "inherent authority to conduct electronic surveillance."
TheFrood
If you say "I'll probably get modded down for this..." then I will mod you down.
Any moderators up for some irony?
___
__
Do ya feel happy-go-lucky, punk?
This is ridiculous. Everyone already knows how to "thwart" Carnivore: Encryption! What the FBI I probably really afraid of is someone hacking the server and using it to steal passwords. Gee, wouldn't that be embarassing. Of course, we all know how well simply not mentioning vulnerabilities helps in stopping them....
--
Behold the Power of Cheese!
If people want to protect information over the net they should encrypt it, which unfortunately is very infeasible at the moment because 99% of people don't have the right software installed to use it on the other end. (In short, the current infrastructure is dismal.)
That said, the net is an open system like it or not. The concept of privacy by regulation (government or otherwise) is as unfeasible as expecting information to be automatically delivered to the place it was sent without any end-to-end intervention to check the correct information actually got there. This is why TCP is used so much, because it creates reliable information streams over an open system.
If net privacy is going to go anywhere seriously, it has to be end-to-end. Relying on anyone, government included, to turn their back because you ask nicely doesn't make much sense in the long term. Encryption needs to be opened and standardised fast. It also needs to be more decentralised, so nobody can take control of it. (At the moment my favourite idea for email decentralisation is if ISP's began running their own public key servers for email addresses on their domains.)
Other useful things to happen would be if web providers started using secure connections automatically. This would be much easier to get going if browser makers would stop popping up annoying dialog boxes that "warn" people when they're entering a secure session by default.
Warning about entering an insecure session is understandable, even though this almost never happens unless the user was in a secure session first. Otherwise all the dialog boxes do is provide an incentive for web designers not to make things secure until they absolutely have to.
===
The secrecy FEDGOV is attempting to maintain around this Privacy Invasion Tool(PIT)(tm) is laughable if you even think about it just a little while.
FEDGOV appears to be implementing what is essentially just a custom filter that seems to be tweakable to some degree that is designed to suck up email (and possibly other traffic) for a targeted individual. The key to this is that they aren't willing to settle for logs and the cooperation of the ISP they are placing their black box in front of. Seems to me that they are trying to do a bit of an end-run around any possible accountability that might somehow be seen if they had to actually ask politely and show a warrant like they have had to do in the past.
This is the real danger of such devices being placed in the network. What is it that will be coming out of this box? Bits and Bytes. Are we really supposed to trust the FBI by essentially writing them a blank check? Let's consider that question in light of the fact that the FBI has been known to manufacture evidence when they feel the need is "pressing".
If they want to place these PITs on a network, there need to be verifyable protocols to determine that the bits the FBI claims were found were actually there. I think if they are entirely on the up-and-up, these things should be opened up and the internet community solicited for comments on how to make sure that they are verifiable and trustworthy.
Z
This is an ex-parrot!
Change your name to Sarin N. Gas. Find a pen-pal in Saudi Arabia. Have the word LETTERBOMB as your letterhead. Talk exclusively about 'freeing the people'. And end all correspondance with the cryptic phrase, "My Bird takes a long walk."
"..don't you eat that yellow snow."
I'm guessing they don't want the public embarrassment of the universities disclosing the fact that ROT-13 will defeat 99% of their snooping ability.
Never meant half of the things I said to you. So you know, there's a half that might be true - G. Phillips
Washington, DC (AP) - In a surprise development, the Department of Justice announced today that Hope College (Holland, MI) has been selected to review the controversial Carnivore program. In a rather terse statement, DoJ stated, "Carnivore is written in Perl and and Hope College is internationally renowned for their excellence in Perl. Researchers associated with Hope College will provide a comprehensive review of the Carnivore program and will be presenting their results in a timely manner". A highly place unnamed source with DoJ commented that the review methodology was based on the established twin methods of release early, release often, and bop the mole. It is rumored that the project will be led by a former U.S. Navy Officer.
Warning: this post is going to be seriously random.
I almost can't take this anymore. How can we wake up the public to see that our Constitutionally guaranteed freedoms are being stolen right from under our nose? On a related note, check out this article Harry Browne wrote about his Supreme Court litmus test (question 1: "Can you read?").
Back to the serious part: what can we do? What organizations are out there watching the government now? A thousand angry Slashdot readers are nothing but noise. How can we organize; create an "open source" protest against this ("this" not being Carnivore specifically, but the gradual movement of the USA to Oceania)? Let's get some suggestions here.
I tried to register unconstitutional.org yesterday but it's already taken. Does anyone know of a site that lists all of the laws in effect which are clearly unconstitutional? I'd love to see that.
--jbAnyone working on this system (at whatever organization decides to test the Carnivore system) *must* be 'cleared' before they can work on this?
What a bunch of BS!
"What I don't want to see is a road map of the source code that could give the bad guys the ability to thwart this," [Assistant Attorney General Stephen Colgate] says. "If evaluators say there are security deficiencies that need to be addressed, that's precisely what we want them to address."
What about PGP? It seems like a VERY simple workaround for this system! Plus anyone with any brians could use something like yahoo mail or hotmail; or even better would be a service like www.ziplip.com. This is a waste of everyone's money; in fact, I believe the whole 'war on drugs' falls under the same category. This whole issue is just plain dumb.
...that everyone thinks 1) the FBI is looking for a rubber stamp in order to lull the avg. american (further) into her/his sense of complacency - or provide continuity in it; 2)the FBI has consistently illustrated its inability to control itself in regards to information gathering on the 'average' person (if you think the FBI is watching you, you're probably NOT paranoid); and 3) if the FBI implements it anyway, they will probably only catch the 'dumb' criminals who communicate/work on-line.
The question is: will the FBI care (read: 'revise' or 'not use/release') if no educational institution provides the rubber stamp? I have no faith (but that's beside the point), and I have no trust that any congressional committee/panel/hearing will in any way change the actions of the FBI (though it might change their line of BS).
Several documents on the Carnivore system and what it does:
Statement for the Record on Internet and Data Interception Capabilities Developed by FBI presented by Donald M. Kerr, Assistant Director FBI Laboratory Division to the House Judiciary Committee's subcommittee on the Constitution.
The Carnivore System: the FBI's own report on it.
Open Internet Wiretapping: a paper by Steve Bellovin and Matt Blaze.
If they really feel that this software is nothing to be worried about, why don't they put it up as an 'Ask Slashdot'?
Janet Reno asks:"I have the source code to a piece of software that my employer is a bit worried about. Do you think that this is a violation of anyone's rights?" So, what do you think crowd? Go ahead and check it out, and feel free to let us know what you think...
((Source Code Follows, then followed by 12 first posts, 18 Dickinson Poems, 23 Penis Birds, 4 rants on MDMA, and 1 comment about how the FBI sucks, moderated up to +5 Insightful.))
September 4, 2000
1. The Department of Justice reconfirms its acceptance of all relevant resolutions of the People of the United states, including the declaration of independence and the bill of rights. The Department of Justice further reiterates it's undertaking to cooperate fully with the People of the United States.
2. The People of the United States reiterate the consent of all people to respect the lawful application of justice. We hear by give the department of justice permission to execute our will as defined by the Constitution and bill of rights.
3. The Department of Justice undertakes to accord to The People of the United States immediate, unconditional and unrestricted access to CARNIVORE
4. The People of the United States and the Department of Justice agree that the following special procedures shall apply to the initial and subsequent inspections of CARNIVORE.
a) A special group shall be established for this purpose by the People. This group shall comprise a group of people selected an modded on /. The group shall be headed by a commissioner elected by the group. Possible people include Linus Tovaralds, Steve Gibson, Neal Stephenson and Kevin Mitnick
b) In carrying out its work, the special group shall operate under no mandated guidelines other than this: Find the Truth. This is the will of the people.
c) The report of the special group on its activities and findings shall be submitted to the People.
5. The People of the United States and the Department of Justice agree that all other areas, facilities, equipment, records and means of transportation shall be subject to Inspection at all times.
This contract was derived from The memo we sent Iraq in regards to inspections involving weapons of mass destruction...The DOJ is pulling all the same tricks that Iraq did. This is an example of Government NOT deriving their just power from the consent of the governed.
If voting were effective, it would be illegal by now.
Most people call that a non breaking space.. heh
And I don't even live in fucking America.
I do. Can I come live with you?
With phone records, and in court, you only need to show record that something passed between two parties. You don't need to show what passed between two parties, only that the two parties communicated.
It's also funny that academia, usually seen as the enemy of Big Brother, is now seen by the FBI as saviour.
Justice's Colgate counters the FBI already has laws it must follow to intercept e-mail. "What we don't want is a debate over the government's inherent authority to conduct electronic surveillance. If researchers find there are issues that have to be addressed, we can do that," he says.
They may not want a debate, but they sure as heck are going to get one. When did a citizen's right to privacy become so radical an issue, anyway?
I don't know about everyone else, but this is absolutely ridiculous. While the FBI does have some grounded beliefs in how this system may stop acts of terrorism and the like, the opposers equally have strong grounded beliefs why this system is an invasion of our privacy, etc.
My friend and I were discussing how simple it is to boycott this. For instance, if they attempt to start testing Carnivore at the universities across the world, just have your university email account forward incoming mail to a free account at yahoo.com or another free email service. It is an extremely simple and effective way to show your opinions. The only problem is that Carnivore will still pick up all incoming mail to your university email account...any thoughts on the validity of this measure, should the FBI attempt to implement such a device at a university?
Physically, Carnivore is a personal computer with a network interface, and ZIP or Jaz removable disk drive, running a version of the Microsoft Windows operating system, with the Carnivore software loaded.
http://www.house.gov/judiciary/perr0724.htm
Never meant half of the things I said to you. So you know, there's a half that might be true - G. Phillips
But it'd be interesting to know on what grounds the universities declined to review carnivore--and who is meant by "universities": which schools, and who specifically at those schools. Have they seen specs, or were they only allowed to review particular portions? Are there stipulations? Are they refusing because of principles, administrative reasons (read $$$), or just lack of interest?
Say, for instance, that the NSA was kind enough to forward information to the FBI on some US citizen-US citizen communication? Such information must be 'legitamized' before it can be used in a court of law, and Carnavor can provide that exact service. "Your Honour, we got this information from Echelo..Carnavor [ahem], thats it!"
They could--but don't worry, they *never* would.
a href="http://www.liberty-tree.org/">http://www.lib erty-tree.org/
You can't wake everyone up.
Because "people are WILLING to give up essential liberty to obtain a little temporary safety." (Didn't one of the founding fathers WARN about this?!)
The Constitution has, unfortunately, become just another piece of paper.
Everytime we turn around, we need "permission" (aka licenses) to do anything, and we're the ones that let the crooks, er government get away with demanding permission from us, even though WE ORIGINALLY have the right! What ever power we DON'T give, we RETAIN. But somehow congress has twisted that into meaning, people don't have ANY rights, and must ask them for permission! The NERVE! And we let them get away with this crap!
The best we can do, is get people to READ this book to see documented cases of just how tyrannical the U.S. has become. (Yes, it really is called: The Rape of the American Consistution) It starts off with a discussion on the BACKGROUND on "Colonial crisis with Great Britain, the Articles of Confederation, the Constitutional Convention, and the Bill of Rights."
Here's one quote: Alexander Hamilton,
Unfortunately, its going to get a whole lot worse before it gets any better. One World government is being rammed down people's throats even if they don't want it. e.g. Social Security is already established in most countries, but governments fail to mention that you can legally "opt-out".
Another great book is It's None of Your Business, A Complete Guide to Protecting Your Privacy, Identity, and Assets by Larry Sontag.
Once people are aware of the problem, THEN they can start working on a solution. Like maybe a return to Common Law, Lawfull money, and Trial by Jury.
--
"The only people I can't tolerate are the intolerant bastards that try to tell me how to live my life..." - (ZanThrax?)
Here is a government official, one of the top law enforcement officers in the country, who does not understand his own Constitution. The government has no inherent authority whatsoever! All the government's authority is delegated to it by the American people. If our Supreme Court weren't populated by a bunch of balless pinheads, they would have made that clear by now in numerous rulings. Instead they are by and large content to expand the government's ability to invade our privacy and usurp our rights pretty much whenever they are asked to.
It's things like this that make me despair of the Republic.
And the brethren went away edified.
yeah, those who moderated this to flame-bait. meta-moderation should let us non-moderators moderate the moderation: funny, etc.
-----
Planning to be moderated ± 1: Bad Pun.
Does anyone remeber when we shot down that satelite a while ago? Why can this technology be applied to nucular missles?
"Cornflakes are not the innocent critters they seem"- Sterling Morrison
Can't one set up their own university or call themselves Whatever University?
Is there licensure to the word 'university'?
Once upon a time I was able to get an 'edu' address from the Internic without any sort of verification or authorization or whatever.
Love
Mark
Cleara
This cuts to the core of the matter at hand. This one post should be at the TOP of the moderation list. My Kingdom for Karma!
It seems that some people are pretty angry about this. Perhaps you have listened to too much Rage Against the Machine (as I am now)? Those guys can really get you going! :-)
/. readers are involved with technology and those of us who are out of college know that we all do pretty well economically. Guess who is partly responsible? Yep, the government. While many of us may not remember (or may not want to remember it) there was a time 20-30 years ago when we had double digit inflation and a much larger jobless rate.
Seriously though, what has the government done to each of you specifically that you are so angry about? I am not a Canivore lover either but I am also not ready to burn the White House.
The way I see it, you have two choices:
1. Work within the sytem to make things better. Vote. Write letters. Write e-mails. Get involved.
2. Move somewhere better. Good luck finding a place with as much oppertunity for success and freedom. When you get there, send us a post so that we can visit you.
Most
My point is that while things are far from perfect, they are much better than they are else where and much better than they were here. We are in the midst of one of the longest streaks of prosperity ever. Lets use this time to keep making things better with constructive ideas.
-- soldack
This is just a huge effort by the Post Office Mafia to take over the world by making everybody stop using email and go back to snail mail.
The postmen of the world dropped all thier guns and realized that they could get a piece of what the MPAA, Rambus, and RIAA were all getting.
I can easily envision a future where email is seamlessly encrypted but To and From is recorded for all emails and anybody can be forced to hand over encyption keys given any hint of suspicion of criminal activity (like recieving an email from someone who received email from a person under investigation).
So here's what I'd do:
1. Run Mojo Nation (similar to Gnutella but you can earn money for your bandwidth, disk space, and cpu cycles; see here for details).
2. Since this splits everything up and encrypts it and sends it out, you don't need to be on-line for your partner to download it.
3. You can communicate through a secure channel what to search for, and your partner then searches and downloads it.
4. They communicate back through the same method.
It's like plucking a memo out of a tornado, scribbling something on it, and tossing it back. It's ether -- it's nothingness until it's put back together, then decrypted.
It's two cans and invisible string!
--
I feel fantastic, and I'm still alive.
Given the policies on Internet monitoring in the UK and the Russian Federation, they should invite tenders from GCHQ and the FSB. I am sure that they are quite knowledgable in these things. Perhaps they will even add a couple of backdoors so they can listen too!
Only joking, I think!
Academia USED to be the enemy of Big Brother, back when "tenure" meant something. Nowadays, with universities beholden to a dozen government bureaus for grant money, tenure is only granted with the contractual "understanding" that the scholar will be dismissed if he/she is not being "useful and productive"- i.e. studying only PROFITTABLE subjects and NOT harassing Sugar Daddy Uncle Sam. Academic impartiallity vanished when the government, in an attempt to curtail "waste", required full accounting of where every penny of a grant went, and then told universities where the money COULDN'T go.
If a job's not worth doing, it's not worth doing right.
The tool that grabs certain messages today can grab all messages tomorrow.
The laws (or lack thereof) that allow encryption to happen today, can change tomorrow.
Some people have indicated encryption is the way to get around Carnivore, and that we can ignore this threat on that basis.
OK, what happens when the Government decides to make encryption illegal?
Police departments already refer to the Fourth Amendment as the "One-Fourth Amendment", because of the way seizure laws have been written. We already have the situation where police can seize cash above certain amounts on the basis that possession of large amounts of case is de facto evidence of wrongdoing. Now, think of encryption, and apply the same thinking.
You can't afford to ignore this tool. You can't afford to blow it off.
668: Neighbour of the Beast
- Universities and any other contractors must agree not to publish anything the government deems sensitive.
-Researchers may examine only those matters the government wants examined.
-Teams must agree to clear all personnel working on the evaluation with the government.
On a practical level I can understand the first and third requirement. Actually the first follows from the third. If there is a restriction on publication then you have to know who you are restricting. This is fairly standard Federal Gov stuff. One of the downsides to doing research for say, the DOE or the NSA is there is lots of work that could probably win a Nobel or a Fields but it will never be published.
It's the second requirement that is probably the stumbling block. It's just bad science to be restricted in WHAT you MAY evaluate.
I guess no one has heard of the FISA courts. (No, NOT soccer. FISA is the Foreign Intelligence Surveillance Act, which was expanded after the OK City bombings. Funny thing? The 'experts' claimed foreigners did it, whereas a spook who spoke at H2K predicted 'disgruntled postal employee.' He was right, but Congress heard 'bin Laden' instead of 'John Smith.') These courts ARE the DoJ's 'rubber stamp'. Their proceedings are private, no records are available to the public, and In the 20 years since FISA, the court has not
turned down any of the government's
approximately 10,000 surveillance requests. Additional links are here, here, and here.
"And they said onto the Lord.. How the hell did you do THAT?!"
I used to be someone else. Now I'm someone better.
Real life is underrated.
Analysis by the French intelligence community would result in an exhaustive critique of the software and clear delineation of its merits and pitfalls.
The French are more highly qualified for this task than any other authoritative group on earth.
`
Warning: It is a federal offense to impersonate The President.
I thought this review was to make sure that it wasn't easy for the government to use Carnivore as a catch-all surveilance. In other words, to make sure that the government had to explicitly tell the system to look at a particular person's correspondence. So that they wouldn't be sifting through everybody's email without probable cause.
What's wrong with a technical review of the tools that Law Enforcement uses to make sure that they're not explicitly designed to ignore the "probable cause" clause?
To email, do the obvious.
ARGH! I burned all my mod points. Otherwise I'd mod this up.
To email, do the obvious.
I'm surprised that Dartmouth turned down a chance to evaluate Carnivore, given that the school's engineering and CS depts seem ready to leap into any ill-advised adventure given promises of funding and PR hits.
For example, take the recently founded ISTS. No one has yet been able to explain to me why this is housed at Dartmouth. A bit of investigation reveals some government/Dartmouth administration cronyism. The functional result is that Dartmouth faculty will soon (if they aren't already) be using these new government funds to fund existing projects seemingly unrelated to the purposes of ISTS.
Interesting, mais non?
If anyone has any info or thoughts on this, I'd appreciate it, either here or by email (grossdog@dartmouth.edu) for a story I'm working on. I can keep names/sources confidential if necessary.
--Andrew Grossman
.. looks like the one plugged into the Carnivore box. Wonder how long the FBI will try to ping it before they realize it's offline? Oh well ..
.. this ought to be fun to watch, actually ..
Seriously, if it's hardware and it's in the rack, what's to stop you from 'accidentally' disconnecting its connection to your router? Does it actually sit inline upstream of your POP? It might need to, in order to guarantee that it sees all the traffic. Could it be moved, say, to a bottom level switch so they can still ping it and get a response, but it doesn't see any IP traffic that isn't sent directly to it? (Anyone who's seen one care to comment?)
Once again, it's something made by humans, which other humans, given enough time, can figure out
73 de N5VB (ex-KD5BIV) AR SK
Consider, in light of the :Cue:Cat mess, whether the FBI really *wants* to give you a free box and tell you what to do with it.
.. well, something .. and may well be fscking up your router. You did notice some screwy ICMP messages and looping packets happening about the time they installed it, didn't you? Thought so ..
Also worth noting: Most ISP admins are pretty protective of their hardware. Here's a black box that does
73 de N5VB (ex-KD5BIV) AR SK
The real danger is the idea that the FBI thinks they can muscle academia, ISP's, etc to install and use carnivore.
Carnivore itself on the FBI's own servers is fine by me. However, leveraging private institutions and public service providors to use it is the REAL scary issue at hand. And I wonder how many "scare tatics" the FBI will use to try and convince the public and law makers to allow it.
And actually if they have an order from the court for someones email couldn't they just order the ISP or whatever to copy all incoming and outgoing mail from a users account to them? ( Yes I know that is an issue too for privacy of the people sending the suspect email )...sigh...this is exactly what pisses me off. They have a method for gaining this information already.
If my ISP or University installs this software I would refuse to use thier services. In fact doesn't installing it constitute the installing entity to, in legal fact, become an "Agent of the Police?"
Seems to me this issue isn't so much about Carnivore itself as it is about one's "right to privacy" and "illegal search and siezure."
What I suspect is the FBI wants a precident set by way of carnivore to allow a broadening of other survellience "issues".
Integrity is what you are when nobody is looking.
Network ICE Releases Open-source Carnivore
They are saying this gives ISPs the ability to do what Carnivore is supposed to do on their own, and thus eliminate any need to allow Carnivore to be installed to comply with an intercept order.
The Altivore Page
Newsalert coverage.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
What version of macro economics did you study? Oh... the one where government has no effect on the economy. So you feel that the congress' budget, the FED's policies, the President's domestic and foreign policies, and the court's enforcement of financial and criminal law have nothing to do with our economic prosperity?
Ok, then what in the world does?
-- soldack
The idea that encryption will thwart the purposes of Carnivore is ridiculous. Signal Intelligence rests on the three disciplines of traffic analysis, crytographic analysis and linquistic analysis. Of these, TA is the most important. Who is speaking with whom and when theyre speaking is often more important than the conent of the communication. The web needs secure communication channels, not just secure communication content.