Slashdot Mirror

← Back to Stories (view on slashdot.org)

Talk to One of the Chief Carnivore Reviewers

Posted by Roblimo on from the going-straight-to-the-source- dept.

All right, this FBI Carnivore thing and the review it's undergoing at the Illinois Institute of Tech [IIT] has been getting lots of press and lots of flack. The person overseeing the legal end of the process is Dean Henry H. Perritt, Jr. of the IIT's Chicago-Kent College of Law. Ask Dean Perritt any question you want. Tomorrow afternoon we'll forward 10 of the highest-moderated ones to him, and we expect his answers back sometime next week. Note: Before you start questioning Dean Perritt, you may want to check this story in Slashdot's Your Rights Online section, which links to some interesting new Carnivore information. (Special thanks to pridkett for arranging this interview.)

14 of 79 comments (clear)

  1. Ethical question by Devolver42 · · Score: 5

    Is it fair for an individual or group with clear political ties to a system to give that system a review? In other words, how can you be unbiased while still being politically tied to the situation?

    --

    Devolver's Homepage... more fun than a box of crackerjacks.
  2. Franklin by ucblockhead · · Score: 5

    Do you agree with Ben Franklin, that those who would trade liberty for security deserve neither?

    --
    The cake is a pie
  3. Why IIT? by update() · · Score: 5
    What factors do you think caused the FBI to select IIT over other applicants, like UC-Davis and the National Software Testing Laboratory? Political concerns or the technical merits of your proposal? What were they?

    ---------

  4. Oversight of this interview by Col.+Klink+(retired) · · Score: 5

    Are you free to answer questions posted here, or does the FBI review your answers first?

    --

    -- Don't Tase me, bro!

  5. Can you justify... by sconeu · · Score: 5


    Will you be able to justify the time and expense of a) reviewing Carnivore, and b) deploying Carnivore, when Network ICE has created Altivore, an open source program which claims to do everything for which the DOJ says that they need to use Carnivore?

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
  6. Political or Technical Review? by Anonymous Coward · · Score: 5
    Is the substance of this review to be political or technical?

    To wit, is this review to determine if Carnivore performs actions that are within the scope of the law (political), or is it to define the complete potential of Carnvore (technical)?

    If the former has anything to do with it, how can you justify performing this review without bias with your clear political connections to the parties invovled?

  7. Why? by LaNMaN2000 · · Score: 5

    After all major research universities refused to apply to review Carnivore because the restrictions imposed on the reviewers are too stringent, why did IIT apply? What do you hope to acheive by reviewing Carnivore under the government's current terms?

    --

    ByteMyCode.com: A Web 2.0 code sharing community.
  8. Your impressions. by M-2 · · Score: 5

    Can you give us your first impressions of the concept of the Carnivore concept when you initially heard about it?

    Can you give us your initial feelings as to the legal standings under the Fourth Amendment that allows Carnivore to be used for the purposes stated, which it would appear technically violates the Electronic Communications Privacy Act?

    What is your impression of the amount of interest the Internet community at large is taking in the entire Carnivore concept? Do you feel there is too much paranoid fantasy going on, or do you feel there is some justification?
    ----

    --
    Brazil has decided you're cute.
  9. Postal Mail vs. Electronic Mail by drenehtsral · · Score: 5

    In the end a system like carnivore will only work for a while, and only against fairly unintelligent users because end-to-end strong encryption is no longer compuationally infeasable. Joe Schmoe with the middle of the road prebuilt gateway could easily handle the processor load of encrypting all his e-mail with 2048 bit RSA (which is now freely available, and even exportable). Not only that, but even with existing (and reasonably near-term) quantum computers, we are not even near enough qbits to start tackling these cyphers, since they can't be broken down when being fed to a quantum computer.

    So in short, is this whole thing just a moot point? Who would Carnivore really catch?

    --

    ---
    Play Six Pack Man. I
  10. Comparing to wire-tapping laws by VP · · Score: 5

    During the congressional hearing on Carnivore, the FBI stated that current wire-tapping laws are adequate for the use of Carnivore. Further more, they revealed that the uses so far of Carnivore had been according to the regulations of optaining a "pen-register" wire tap. Are you aware that (from what we know) technically Carnivore is much closer to the concept of trunk-tapping, as most, if not all the traffic at the ISP has to go through Carnivore? AFAIK, trunk-tapping is illegal - would you be of the opinion that Carnivore automatically falls under the same illegal category of wire-tapping?

  11. Are you willing to lose everything for your rights by anticypher · · Score: 5

    If you found that carnivore did more than the FBI is claiming, would you stand up to their threats if you published your results to counter their "edited" report? Would you be willing to lose everything you have to stand up for the rights of Americans, your property, your retirement, your liberty, and your professional reputation? You would be vilified and persecuted by the FBI for your actions, even though you would win the admiration of liberty loving individuals all over America.

    Or...

    Would you shrug your shoulders, and knowing that some day the truth will out, say nothing if the FBI completely changed your report, and hope that when exposed your reputation is not too badly tarnished?

    the AC

    --
    Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
  12. Exactly what will you be looking for? by Masem · · Score: 5

    Right now, most people think of Carnivore as a black box that basically looks at email headers, grabs the emails of headers of marked addresses, and copies that off to somewhere else. Certainly enough speculation on the technical aspects of this, and many on the ethical side. What will you be looking for when you actually start this study? Are you trying to understand the technology behind it? Are you looking at it's effectiveness? The invasion of privacy issues that come from it? Will you be allowed to make suggestions and recommendations to the FBI, or are you mainly there to try to tell us, the American public, what and what not the Carnivore system can do?

    --
    "Pinky, you've left the lens cap of your mind on again." - P&TB
    "I can see my house from here!" - ST:
  13. Is this a real review? by Apuleius · · Score: 5

    Jeff Schiller of MIT
    has declined to review Carnivore,
    saying that "what they want is a rubber stamp."

    Obviously, you will say you intend to do a genuine
    review.

    Why should anyone take your word over Schiller's?

  14. Carnivore vs. Sniffer vs. Altivore by RobertGraham · · Score: 5
    I'm the author of Altivore and a long time sniffer user. The RFP was for a "technical" review to validate that Carnivore captures only the data allowed by the court order. Yet reading the resumes of the members of your team, I don't see anybody with sufficient techical experience in sniffing technologies.

    Packet reassembly and state-based protocol analysis are critical to the minimization function. My believe is that Carnivore is essentially stateless, just like my own Altivore. I can create real-world scenarios where Altivore fails the minimization test. Sure, they occur less than 1% of the time; I don't know how that fits within the law. However, software can be written to meet minimization requirements 100% of the time (e.g. BlackICE does this for detecting cr/hacking).

    My question is: will a sniffing expert be analyzing the packet reassembly and protocol analysis part of the source code in order to validate that Carnivore captures all the data authorized by the court order, but no additional data? Moreover, is there really somebody on your team that understands even what I'm talking about?