Slashdot Mirror
Answers from Carnivore Reviewer Henry H. Perrit, Jr.
1) Ethical question
by Devolver42
Is it fair for an individual or group with clear political ties to a system to give that system a review? In other words, how can you be unbiased while still being politically tied to the situation?
Perritt:
Members of the review team do not have "clear political ties" to the Carnivore "system." I was last employed by the Federal Government 24 years ago in an Administration of the opposite party. Dean Krent was last employed by the Federal Government in the Reagan Administration, and has spent more time suing the Justice Department than he has working for it.
The notion that past federal employment or consulting with federal agencies, no matter how remote their connection to a particular program, disqualifies one from undertaking an independent review is preposterous. Certain expertise in technology and the functioning of government agencies is prerequisite to a competent review of Carnivore.
2) Is a whitewash inevitable?
by Jay Maynard
There's been a lot of comment on how the conditions the DoJ has put on the reviewers make a fair review impossible. Things like the right to edit before release, the right to veto participants, and the need to only use cleared personnel cast a cloud over the impartiality of the process. Many prestigious institutions were invited to submit proposals,and yet only two - yours and one other lesser-known - did. The backgrounds of the people atIIT and their past ties with the DoJ don't give any more reason to be comfortable.
How do those of us concerned about Carnivore's immense power for invasion of privacy have any reason to believe what you and your institution produce will be other than a whitewash designed to make Carnivore appear in the most favorable light?
Perritt:
Carnivore is used in sensitive criminal and foreign intelligence investigations. The need for confidentiality in such investigations long has been recognized by the Congress and Supreme Court of the United States. It is not unreasonable for the Justice Department to assure that the details of confidential criminal investigations or of foreign intelligence methods and procedures will not disclosed to the public.
The existence of limitations on personnel and on disclosure do not suggest a "whitewash."
It is very unusual for a federal agency to acquiesce in a third party review of an important system. Having commissioned such a review, the interests of the Justice Department would not be served by censoring the review or otherwise acting so as to compromise its integrity and credibility. The review team, institutionally and personally, has an interest in preserving their reputations for professional independence, analytical competence, and candor. None of these interests are tied to future dealings with the Justice Department or the FBI. They are more closely tied to reputation in many of the communities which have been critical of Carnivore. It is counterintuitive to suppose that the review team would sacrifice these interests by undertaking a "whitewash."
3) Political or Technical Review?
by Anonymous Coward
Is the substance of this review to be political or technical?
To wit, is this review to determine if Carnivore performs actions that are within the scope of the law (political), or is it to define the complete potential of Carnvore (technical)?
Perritt:
The review will not be political in the sense that the term "politics" ordinarily is used. It will be technical in the sense that term is used in the RFP.
Because Carnivore is a tool, just as a hammer or a firearm is a tool, which conceivably could be used outside the limits permitted by law, the review appropriately will consider the operation of human, organizational, and judicial controls to limit Carnivore's use.
4) Your impressions.
by M-2
Can you give us your first impressions of the concept of the Carnivore concept when you initially heard about it?
Can you give us your initial feelings as to the legal standings under the Fourth Amendment that allows Carnivore to be used for the purposes stated, which it would appear technically violates the Electronic Communications Privacy Act?
What is your impression of the amount of interest the Internet community at large is taking in the entire Carnivore concept?
Do you feel there is too much paranoid fantasy going on, or do you feel there is some justification?
Perritt:
Any electronic surveillance involves balancing needs for effective enforcement of the criminal laws and protection of national security against threats of invasion of privacy. It is appropriate for the public to be concerned about how this balance is struck.
The Internet community appropriately has been concerned about technological developments that may affect the balance, including restrictions on encryption, development of new telecommunication systems that facilitate or hamper electronic eavesdropping and devices such as Carnivore.
In this respect, interest in Carnivore and a certain amount of controversy over it is healthy.
On the other hand, conspiracy theories suggesting that no one with present or past associations with the Federal Government shares constitutional values or can be trusted to review new systems for their compliance with the law are overblown.
5) Who would Carnivore Really Affect?
by drenehtsral
In the end a system like carnivore will only work for a while, and only against fairly unintelligent users because end-to-end strong encryption is no longer compuationally infeasable. Joe Schmoe with the middle of the road prebuilt gateway could easily handle the processor load of encrypting all his e-mail with 2048 bit RSA (which is now freely available, and even exportable). Not only that, but even with existing (and reasonably near-term) quantum computers, we are not even near enough qbits to start tackling these cyphers, since they can't be broken down when being fed to a quantum computer.
So in short, is this whole thing just a moot point? Who would Carnivore really catch?
Perritt:
Any electronic eavesdropping technique or system is subject to frustration by new technologies. It is appropriate for law enforcement and national security agencies constantly to be developing new technology to keep pace with technological developments generally.
6) Are you willing to lose everything for your rights
by anticypher
If you found that carnivore did more than the FBI is claiming, would you stand up to their threats if you published your results to counter their "edited" report? Would you be willing to lose everything you have to stand up for the rights of Americans, your property, your retirement, your liberty, and your professional reputation? You would be vilified and persecuted by the FBI for your actions, even though you would win the admiration of liberty loving individuals all over America.
Or...
Would you shrug your shoulders, and knowing that some day the truth will out, say nothing if the FBI completely changed your report, and hope that when exposed your reputation is not too badly tarnished?
Perritt:
Neither the Justice Department nor the review team has any interest in a process that will not report conclusions of the review honestly and candidly.
I have seen no indication of any intent by the Justice Department to block the review team from expressing its views completely.
Given the level of interest in the Carnivore review, it is unlikely that an effort by the FBI to "completely change" the review team's report would succeed.
I am not willing to speculate as to what action I would take if inappropriate control is exercised.
7) Is this a real review?
by Apuleius
Jeff Schiller of MIT has declined to review Carnivore, saying that "what they want is a rubber stamp."
Obviously, you will say you intend to do a genuine review.
Why should anyone take your word over Schiller's?
Perritt:
I don't know how Mr. Schiller has any knowledge of what the Justice Department wants. I have been assured by senior officials at the Justice Department that a complete review, with honest conclusions freely expressed, is desired.
It may be that what Mr. Schiller wants is a soapbox, and I don't see why he should use a government-funded review for that purpose.
8) Carnivore vs. Sniffer vs. Altivore
by RobertGraham
I'm the author of Altivore and a long time sniffer user. The RFP was for a "technical" review to validate that Carnivore captures only the data allowed by the court order. Yet reading the resumes of the members of your team, I don't see anybody with sufficient techical experience in sniffing technologies.
Packet reassembly and state-based protocol analysis are critical to the minimization function. My believe is that Carnivore is essentially stateless, just like my own Altivore. I can create real-world scenarios where Altivore fails the minimization test. Sure, they occur less than 1% of the time; I don't know how that fits within the law. However, software can be written to meet minimization requirements 100% of the time (e.g. BlackICE does this for detecting cr/hacking).
My question is: will a sniffing expert be analyzing the packet reassembly and protocol analysis part of the source code in order to validate that Carnivore captures all the data authorized by the court order, but no additional data? Moreover, is there really somebody on your team that understands even what I'm talking about?
Perritt:
A number of members of the review team are quite familiar with sniffing technology. Sniffers are routinely used as network management tools.
9) Comparing to wire-tapping laws
by VP
During the congressional hearing on Carnivore, the FBI stated that current wire-tapping laws are adequate for the use of Carnivore. Further more, they revealed that the uses so far of Carnivore had been according to the regulations of optaining a "pen-register" wire tap. Are you aware that (from what we know) technically Carnivore is much closer to the concept of trunk-tapping, as most, if not all the traffic at the ISP has to go through Carnivore? AFAIK, trunk-tapping is illegal - would you be of the opinion that Carnivore automatically falls under the same illegal category of wire-tapping?
Perritt:
Any network interface card on a networked computer "taps" all of the traffic traversing a particular network segment. It is far from clear that such limited acquisition of network packets at lower levels of the OSI stack constitutes interception under the law. Indeed, if appropriate filters are used in a sniffer or other network monitoring device, preventing human knowledge of material that is filtered out, there may be less threat to privacy interests than if human beings must review content in order to apply minimization requirements, as is commonplace with telephone wiretaps.
We will review whether Carnivore acquires information not permitted by law or in a manner prohibited by law.
10) Oversight of this interview
by Col. Klink (retired)
Are you free to answer questions posted here, or does the FBI review your answers first?
Perritt:
Neither the FBI nor any other government agency reviewed my answers to these questions.
The government is going to be voting on a bill today that may give them the right to search records without a warrant, in secret. This bill has already passed the Senate! HELP!!!
The full story is at http://www.defendyourprivacy.com/
I have some other urls as well to go along with this:
http:/http://thomas.loc.gov/cgi-bi n/b dquery/z?d106:s.02516:
http://www.nationalreview.co m/k opel/kopel101000.shtml
From reading Perrit's answers, it looks like his mind is already made up. Dismissing serious concerns over the constitutionality of Carnivore as conspiracy theories, and the overall tone of his answers makes it pretty darn clear that he's going to say that Carnivore's just fine and perfectly legal.
And even if he comes to the opposite conclusion,
It is not unreasonable for the Justice Department to assure that the details of confidential criminal investigations or of foreign intelligence methods and procedures will not disclosed to the public.
That sounds to me like he's willing to be censored. This whole thing is a bit more than fishy if you ask me.
And yes, if you worked for the Feds at any time (even 24 years ago), much less the DoJ (Krent), then that sure as hell disqualifies one from undertaking an independent review. That's what impartiality means.
Oh well. Big Brother knows best I guess.
There comes a time in every man's life when he must say, "No mother! I do not want any more Jell-O!"
Very formal and cautious...
The FBI didn't need to review this interview, since they know that he is very careful with his wording. He answered every question by either determining not to answer, or by being very terse and formal. Oh well, it's better than nothing, and gives us a peek into how their minds operate. We'll end up with a report that is worded very carefully and scholarly. They won't leave anything out, but they aren't going to speculate or probe the possibilities. More of a technical specification than a discussion of Carnivore.
-Adam
But roses don't eat people... do they?
...that "Since I can't see into the future, I'm not going to guess how I might react to any of an infinite number of possibilities, especially in a public forum famous for roasting alive anybody who doesn't swear by the Linux Party Line."
Don't you think that what action he takes might, just might depend on exactly what kind of "inappropriate control" is exercised?
Seemed a fair answer to me. What were you expecting? "I shall immediately flood the DoJ with complaints even though I haven't read the edited report!"??
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
You could say that.. but you could also say that the Wire itself taps all the traffic, and so does the T-connector...
The entire *point* of having that layer model is that a clear hierachy is specified as to what has access where, and the NIC is an integral part of the network layer itself. By default a network card doesn't generate an interrupt for packets that aren't addressed to itself, and I'm fairly sure that if I placed a card onto someone else's network and set it to promiscuous mode against their wishes I'd be violating a law or two.
I concede there are a few ambiguities... one of the reason that strong encryption by default is a good idea, so only the source and recipient can read that data? (Every web session over SSL, every shell over SSH etc...) Ooops, the government doesn't like widespread crypto either.
This man does not share the belief that most
Ok. Maybe you don't believe this. But I believe it. And many other people believe it.
For instance, the people who wrote the US Constitution believed it. That's why they set up three branches of government specially designed to frustrate and impede each other. The US government is set up to do as little as possible. And for very good reasons: bureaucracies (and governments) expand to fill all available space. Go down to the DMV some afternoon and see for yourself.
It would be easy to say that he's just a governmen patsy, but that wouldn't be true.
Correct. He's not doing anything he knows to be wrong.
The man's being asked to do a job. He'll do it. And he honestly believes that there will be no problems with issuing his report afterwards. And, you know? He's right.
Ah.... I don't know. "Security" and "avoidance of embarassment" are very easily interchangeable.
The government isn't always out to screw us, people. Don't go bashing the guy for his point of view.
I'm not going to bash him, but I believe he's not suspicious enough. I might trust him as a person, but I'm still not going to trust his report.
Bruce
Bruce
You are the real Bruce Perens.
The most important question I saw only got moderated to a 4, in favor of repetitious "Can we really trust you? Really, really?" BS.
To paraphrase, the question was something like "How do you know the software you are reviewing will be the (only) software installed on the FBI's black boxes?"
Perritt did admit in question 9 that Carnivore would need to physically tap all traffic on a subnet, then apply software to reject packets not related to a particular investigation.
So how does he know that the software actually going into use will be the same as the software he is being asked to review? Since the FBI will need encrypted remote access to operate the Carnivore boxes, what is to stop them from uploading whatever software they want, without any judicial review or ISP knowledge, after the fact?
Of course, the answers have to be "he doesn't know", and "nothing", but I would have liked to hear it from Perritt himself.
Let's not forget the second most important question, which only got moderated to a 3:
In Marshall v. Barlow's, US Supreme Court 1978, the court found that businesses are subject to the same Fourth Amendment protection as individuals are, in regard to Administrative agencies. How will the FBI install these boxes in ISPs when there is no ongoing investigation, and no warrant?
Really, what happens when an ISP says, "No, we aren't going to violate our customers' privacy." Do they get hit with a "sure, we're investigating someone, and it's going to take an awful long time so we'll have to leave this box here indefinitely" warrant? Do they get pressured into accepting Carnivore installations in spite of the 4th amendment?
Then read Dean Perrit's answers, which were not written or checked by the FBI or DoJ, whose agents can read them here for the first time just like anyone else, assuming they have nothing better to do than read Slashdot.
Unless of course he sent it in an email.
For example
This is a dodge - he was asked to address why the secrescy about the functioning of the device, not its actual in-operation placement. Let "regular" people see the source - the system is effective by its placement not by its function.
And the answer?
Yes, we know that about sniffer - anyone here that has run Network General product to diagonose packet problems is aware that they are used routinely.
- Dont talk down to us, we probably know more than you do!
Are your team members going to ensure that it captures only the authorized intercepts and not infringing on the innocent? We are still waiting for a clear and definite answer on that oneAfter reading his evasive and non-responsive answers, its pretty obvious that Mr Perrit (or should I say " Mr Parrot ") appears to be a shill, a disengenuous legal weasel, and is quite obviously comfortable at being kept firmly in the government's pocket.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
For this review, I have chosen to compare the merits of two well known carnivores:
1. The Tyranosaurus Rex, Common name T-Rex.
2. The Eatius Roadrunnerus, Common name Wile E. Coyote.
For the purpose of this review, I will be dealing with five categories: Attack method, Persistance, Cyclic Preference (Day or night?), Natural tools, and Success rate.
I.) Attack method.
First we will examine the Tyranosaurus Rex, here forward referred to as T-Rex. The Tyranosaurus has two main attack methods. The first and primary method is its enormous, powerful jaws. This attack allows a very quick kill of the quarry and is effective in preparing the meal for easy digestion. The second attack method of the T-Rex is its long tail, which can be used to knock over or stun the quarry at range. This attack has one major disadvantage, namely that it puts the T-Rex off balance, leaving it vulnerable.
The Coyote, on the other hand, has many attacks, but tends to focus on two: The Trap, and the Pursuit. In both cases, the attack is augmented by techological means, showing the cognitive abilities of the Coyote, also known as its "Suuuper Geeeenius."
II.) Persistance
In this case, the coyote is a clear winner. The coyote has been known to stalk the same prey for well over twenty years, showing that it is a very vicious and persistant hunter.
The T-Rex, on the other hand, shows limited persistance, generally giving up on any given quarry within ten to fifteen minutes, and not possibly re-attempting the attack more than an hour and fifteen minutes or so later.
III.) Cycle
Here, again, the Coyote is a clear winner. It has been known to stay up all night preparing for the next day's hunt. The T-rex, on the other hand, basically only attacks something near it, and has only been known to hunt during the day, unless it's raining.
IV.) Natural Tools.
In this case, the coyote is a sore loser at best. Its only natural tool is its mind, which, having no physical presence, does not really satisfy this category. The T-Rex, on the other hand, has many natural tools, including its attacks (see I. above), and its large, well formed muscles and skeletal structure, designed for the pursuit.
V.) Success rate
This, being the deciding factor between the two, determines who is the superior carnivore. So far, the contestants are fairly evenly matched, with the T-Rex excelling at attack methods and natural tools, while the Coyote is both persistant and follows a more effective day/night cycle. This makes the final category, the Success Rate, the tie breaker. In this category, the T-Rex clearly excels. It is able to make regular meals of many varieties of woodland creature, ranging from goats to Pondus Scumus, the modern Lawyer. The Cotote, however, has not once been seen to successfully capture and consume its prey. More often than not, it severely injures itself in the course of its hunt.
Therefore, the clear winner is: The Coyote, because it is much more entertaining.
Thank you and good night.
Question 2. You will Lie. Right?
Question 3. You have no integrity...right?
Question 4. You are a government shill...right?
Question 5. Why should I believe you...You are a liar...right?
Question 6. How will Natalie Portman be affected by carnivore?
*ahem* half those questions were absolutely redundant. If I was that guy I would have refused to answer attacks on his integrity after the third or fourth time.
rev
This man does not share the belief that most /.ers have, that being, the government in inherently evil and trying to screw us over.
I, for one, have to applaud him for answering these questions without resorting to calling us the paranoid delusionals we really are.
It would be easy to say that he's just a governmen patsy, but that wouldn't be true. The man's being asked to do a job. He'll do it. And he honestly believes that there will be no problems with issuing his report afterwards. And, you know? He's right.
The government isn't always out to screw us, people. Don't go bashing the guy for his point of view.
Interesting to me that the question by Mr. Graham, a well known and respected technical expert, was answered in a two sentence response as follows: "A number of members of the review team are quite familiar with sniffing technology. Sniffers are routinely used as network management tools." This looks like a deliberate attempt to avoid answering the question in any way, shape, or form. Who has experience? What type? How much? I am FAMILIAR with Linux, and have installed it one time, but I am sure not an expert who is qualified to make any sort of judgement on any Linux device. Similarly, how do we know whether these people are truly qualified in the manner that Mr. Graham asks? And network management is a LOT different than performing a critical review of something like Carnivore. I will be totally honest, I cannot even begin to understand the second paragraph of Mr. Graham's question. Why does Mr. Perritt neglect to even attempt to respond to any part of that, or if he is not qualified, even mention forwarding it to someone who is qualified to respond as to whether or not it is relevant? Seems like this is a very deliberate avoidance of the truth. Let the whitewash begin!
Scott Plumlee