Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vinton Cerf Says Carnivore Source Best Left Closed

Posted by timothy on from the he-that-is-so-wise-in-the-ways-of-science dept.

ljrittle writes: "Vinton Cerf might be the rubber stamp that the FBI was trying to find. The ACM article says that according to Vinton, Carnivore ``does not pose a threat to innocent computer users' privacy'' and that [we] mere Internet users need not see code." This is nearly as reassuring as the Justice Department's decision to change the name of Carnivore, as pointed out by observant reader Ripped_Edge. Walks like a duck, talks like a duck ...

7 of 186 comments (clear)

  1. What is the new name for CArnivore going to be? by Glowing+Fish · · Score: 5

    I suppose that they want something that sounds less threatening then "carnivore"

    How about... Sharing our Feelings

    --
    Hopefully I didn't put any [] around my words.
  2. Seriously, don't give in on the language by VValdo · · Score: 5

    Controlling the language often means controlling the argument. If this was called something oblique, half the people wouldn't have cared.

    So for the benefit of the justice department, here are, some suggestions for nicer sounding names and of course names that obfuscate the intended purpose of the device.

    * The Datastream Tickler
    * Electro-Bad Guy Nabberometer
    * The Anti-Evil Communication Filtration Device
    * The eBloodhound safety system
    * The TCP/IP En-Route Packet-Routing Intermediatary Device Monitor Analyzer System
    * The Justice Box
    * The Nothing-To-Worry-About System
    * The Fluffy Bunny Machine
    * The Enigma Trapped In A Riddle Machine
    * The J. Edger Hoover Memorial Email Sniffer

    It would also help if they painted the box red white and blue and put silver stars on it too. Then I'd be less likely to be concerned about potential abuses.

    Thanks

    W

    -------------------

    --
    -------------------
    This is my SIG. There are many like it, but this one is mine.
  3. The Panopticon by daemonc · · Score: 5

    from an essay I wrote a couple of months ago:
    The Panopticon was a prison concept developed in the late 18th century. In the Panopticon prisoners were placed in individual cells arranged in a circle around a central tower. Prisoners could be observed at any time by a gaurd in the tower, but, because the tower had shuttered windows, they did not know when they were being watched or who may be watching.

    Carnivore is the tower, we are all the prisoners.

    We will never be allowed to see how the program works, because it may not be doing anything at all. It is not about catching criminals. The object is to take away the sense of anonymity, so that we know that we can be identified, and to create parnoia that we may watched at any time. The target is not criminals, but the general population. The effect is that it suppresses any radical ideas, creates complacence and conformity.

    I need to go, the Thought Police will be at my door any moment...

    --
    All that we see or seem is but a dream within a dream.
  4. Missing the point by sjames · · Score: 5

    IMHO, the entire 'examination' is worthless and is designed to distract from the real problem with Carnivore.

    For the sake of arguement, let's say for the sake of argument that unlike every other computer based system in history, it is hacker (and cracker) proof, and always does exactly what it's user wants it to do (no more, no less).

    Further, let's assume that the source is released, and 100,000 respected experts are satisfied that the above is actually true.

    The problem still remains: Without non government oversite, how do we know that the FBI isn't on a giant random fishing expedition? Sure, the warrant says JoeBlow@isp.net but how do we know that the perfectly authenticated FBI guy dodn't set it to scan for '.*@.*' with keyword filters instead? How do we know that the actual units being installed at ISPs have any internal resemblance to the one that was examined? Perhaps it has enough hard drives to actually hold '.*@.*' for several days.

    In short, we don't need a detailed independant examination of Carnivore, We need a detailed independant examination of the FBI and DOJ.

  5. Re:Yeah, we're stupid. by barracg8 · · Score: 5
    • Well, it depends. Frankly, some code is proprietary, and as such, we cannot legally look at it.
    I'm not asking for the source code to Windows. The FBI is not a private entity. It is meant to be there to serve the American public, and just saying, "it's our proprietary code, and we don't want to show you," isn't good enough. The American people paid for it. It is the American people's code.

    There are open protocols that the police have to follow if they want to tap your phone. Why? because this is not a police state. I have a right to ask what, when, where and how this may happen. Surely I have equal rights to know what is going on with carnivore. Was that FBI you said, or KGB? I couldn't quite hear.

    • We still can see what it does, and if we know what language it was written in, we can reverse-engineer it, but there will most likely be differences between that code and the original.
    WTF? Are you a troll, or on crack?

    Are you suggesting people try to reverse engineer the carnivore communication protocols? Just how fast do you want a SWAT team on your ass? Please, don't try this at home kids, it would be a bad idea.

    Or do you want to reverse engineer the carnivore program itself? If so, I recommend that an ouija-board will be more useful, than knowledge of what programming language it was written in. How, short of psychic powers, do you intend to calculate what a program that you never get to see running, which is running on a computer that you have no access to, and that you cannot directly communicate with (unless you happen to be a FBI agent), is up to?

    • Also, I can understand, from a security standpoint, that some code may not be made freely available in order to provide greater security for the program that the code is for. I don't necessarily agree with it, but I can understand it.
    Ah - security through obscurity, that old favourite.

    Does the fact that Linux's source code is availably make it inherently more or less secure that Windows NT? Tough one to prove. But I would rather that carnivore was fully security auditted, OpenBSD-style. Many eyes. Shallow bugs.

    Later, you go on to say, "I prefer it if not all information is free," well what if it comes down to this: making information about carnivore free, may make it less likely that your private emails are turned into freely available information. Saying, "I don't either to be free," may not be an option.

    cheers,
    G

  6. Why do you have expectations on Cerf's opinion? by Ars-Fartsica · · Score: 5
    Vint Cerf may have helped author the TCP/IP standard, but this really doesn't provide any credentials regarding the ethics of privacy in a free society.

    This isn't a rip on him - its a rip on slashdot for expecting him to say something momentous.

    Its amusing how the readership of this site hangs on the words of Linus, Alan, ESR, Larry Wall, etc.

    Make up your own mind folks, forget the celebrity worship.

  7. FBI's past history of benevolence by phutureboy · · Score: 5

    If you wanna get a better idea on what kind of intelligence info the FBI gathers, and the type of people it gathers it on, peep the FBI's Freedom of Information act site:

    http://foia.fbi.gov/

    The site has reams of declassified FBI files on famous people like John Lennon, Lucille Ball, Jackie Robinson, Charles Lindbergh, Elvis Presley, John Steinbeck. They're all in PDF format, but at least that way you get to see the nifty black marks over the parts they didn't declassify.



    --