Slashdot Mirror
Answers from Carnivore Reviewer Henry H. Perrit, Jr.
1) Ethical question
by Devolver42
Is it fair for an individual or group with clear political ties to a system to give that system a review? In other words, how can you be unbiased while still being politically tied to the situation?
Perritt:
Members of the review team do not have "clear political ties" to the Carnivore "system." I was last employed by the Federal Government 24 years ago in an Administration of the opposite party. Dean Krent was last employed by the Federal Government in the Reagan Administration, and has spent more time suing the Justice Department than he has working for it.
The notion that past federal employment or consulting with federal agencies, no matter how remote their connection to a particular program, disqualifies one from undertaking an independent review is preposterous. Certain expertise in technology and the functioning of government agencies is prerequisite to a competent review of Carnivore.
2) Is a whitewash inevitable?
by Jay Maynard
There's been a lot of comment on how the conditions the DoJ has put on the reviewers make a fair review impossible. Things like the right to edit before release, the right to veto participants, and the need to only use cleared personnel cast a cloud over the impartiality of the process. Many prestigious institutions were invited to submit proposals,and yet only two - yours and one other lesser-known - did. The backgrounds of the people atIIT and their past ties with the DoJ don't give any more reason to be comfortable.
How do those of us concerned about Carnivore's immense power for invasion of privacy have any reason to believe what you and your institution produce will be other than a whitewash designed to make Carnivore appear in the most favorable light?
Perritt:
Carnivore is used in sensitive criminal and foreign intelligence investigations. The need for confidentiality in such investigations long has been recognized by the Congress and Supreme Court of the United States. It is not unreasonable for the Justice Department to assure that the details of confidential criminal investigations or of foreign intelligence methods and procedures will not disclosed to the public.
The existence of limitations on personnel and on disclosure do not suggest a "whitewash."
It is very unusual for a federal agency to acquiesce in a third party review of an important system. Having commissioned such a review, the interests of the Justice Department would not be served by censoring the review or otherwise acting so as to compromise its integrity and credibility. The review team, institutionally and personally, has an interest in preserving their reputations for professional independence, analytical competence, and candor. None of these interests are tied to future dealings with the Justice Department or the FBI. They are more closely tied to reputation in many of the communities which have been critical of Carnivore. It is counterintuitive to suppose that the review team would sacrifice these interests by undertaking a "whitewash."
3) Political or Technical Review?
by Anonymous Coward
Is the substance of this review to be political or technical?
To wit, is this review to determine if Carnivore performs actions that are within the scope of the law (political), or is it to define the complete potential of Carnvore (technical)?
Perritt:
The review will not be political in the sense that the term "politics" ordinarily is used. It will be technical in the sense that term is used in the RFP.
Because Carnivore is a tool, just as a hammer or a firearm is a tool, which conceivably could be used outside the limits permitted by law, the review appropriately will consider the operation of human, organizational, and judicial controls to limit Carnivore's use.
4) Your impressions.
by M-2
Can you give us your first impressions of the concept of the Carnivore concept when you initially heard about it?
Can you give us your initial feelings as to the legal standings under the Fourth Amendment that allows Carnivore to be used for the purposes stated, which it would appear technically violates the Electronic Communications Privacy Act?
What is your impression of the amount of interest the Internet community at large is taking in the entire Carnivore concept?
Do you feel there is too much paranoid fantasy going on, or do you feel there is some justification?
Perritt:
Any electronic surveillance involves balancing needs for effective enforcement of the criminal laws and protection of national security against threats of invasion of privacy. It is appropriate for the public to be concerned about how this balance is struck.
The Internet community appropriately has been concerned about technological developments that may affect the balance, including restrictions on encryption, development of new telecommunication systems that facilitate or hamper electronic eavesdropping and devices such as Carnivore.
In this respect, interest in Carnivore and a certain amount of controversy over it is healthy.
On the other hand, conspiracy theories suggesting that no one with present or past associations with the Federal Government shares constitutional values or can be trusted to review new systems for their compliance with the law are overblown.
5) Who would Carnivore Really Affect?
by drenehtsral
In the end a system like carnivore will only work for a while, and only against fairly unintelligent users because end-to-end strong encryption is no longer compuationally infeasable. Joe Schmoe with the middle of the road prebuilt gateway could easily handle the processor load of encrypting all his e-mail with 2048 bit RSA (which is now freely available, and even exportable). Not only that, but even with existing (and reasonably near-term) quantum computers, we are not even near enough qbits to start tackling these cyphers, since they can't be broken down when being fed to a quantum computer.
So in short, is this whole thing just a moot point? Who would Carnivore really catch?
Perritt:
Any electronic eavesdropping technique or system is subject to frustration by new technologies. It is appropriate for law enforcement and national security agencies constantly to be developing new technology to keep pace with technological developments generally.
6) Are you willing to lose everything for your rights
by anticypher
If you found that carnivore did more than the FBI is claiming, would you stand up to their threats if you published your results to counter their "edited" report? Would you be willing to lose everything you have to stand up for the rights of Americans, your property, your retirement, your liberty, and your professional reputation? You would be vilified and persecuted by the FBI for your actions, even though you would win the admiration of liberty loving individuals all over America.
Or...
Would you shrug your shoulders, and knowing that some day the truth will out, say nothing if the FBI completely changed your report, and hope that when exposed your reputation is not too badly tarnished?
Perritt:
Neither the Justice Department nor the review team has any interest in a process that will not report conclusions of the review honestly and candidly.
I have seen no indication of any intent by the Justice Department to block the review team from expressing its views completely.
Given the level of interest in the Carnivore review, it is unlikely that an effort by the FBI to "completely change" the review team's report would succeed.
I am not willing to speculate as to what action I would take if inappropriate control is exercised.
7) Is this a real review?
by Apuleius
Jeff Schiller of MIT has declined to review Carnivore, saying that "what they want is a rubber stamp."
Obviously, you will say you intend to do a genuine review.
Why should anyone take your word over Schiller's?
Perritt:
I don't know how Mr. Schiller has any knowledge of what the Justice Department wants. I have been assured by senior officials at the Justice Department that a complete review, with honest conclusions freely expressed, is desired.
It may be that what Mr. Schiller wants is a soapbox, and I don't see why he should use a government-funded review for that purpose.
8) Carnivore vs. Sniffer vs. Altivore
by RobertGraham
I'm the author of Altivore and a long time sniffer user. The RFP was for a "technical" review to validate that Carnivore captures only the data allowed by the court order. Yet reading the resumes of the members of your team, I don't see anybody with sufficient techical experience in sniffing technologies.
Packet reassembly and state-based protocol analysis are critical to the minimization function. My believe is that Carnivore is essentially stateless, just like my own Altivore. I can create real-world scenarios where Altivore fails the minimization test. Sure, they occur less than 1% of the time; I don't know how that fits within the law. However, software can be written to meet minimization requirements 100% of the time (e.g. BlackICE does this for detecting cr/hacking).
My question is: will a sniffing expert be analyzing the packet reassembly and protocol analysis part of the source code in order to validate that Carnivore captures all the data authorized by the court order, but no additional data? Moreover, is there really somebody on your team that understands even what I'm talking about?
Perritt:
A number of members of the review team are quite familiar with sniffing technology. Sniffers are routinely used as network management tools.
9) Comparing to wire-tapping laws
by VP
During the congressional hearing on Carnivore, the FBI stated that current wire-tapping laws are adequate for the use of Carnivore. Further more, they revealed that the uses so far of Carnivore had been according to the regulations of optaining a "pen-register" wire tap. Are you aware that (from what we know) technically Carnivore is much closer to the concept of trunk-tapping, as most, if not all the traffic at the ISP has to go through Carnivore? AFAIK, trunk-tapping is illegal - would you be of the opinion that Carnivore automatically falls under the same illegal category of wire-tapping?
Perritt:
Any network interface card on a networked computer "taps" all of the traffic traversing a particular network segment. It is far from clear that such limited acquisition of network packets at lower levels of the OSI stack constitutes interception under the law. Indeed, if appropriate filters are used in a sniffer or other network monitoring device, preventing human knowledge of material that is filtered out, there may be less threat to privacy interests than if human beings must review content in order to apply minimization requirements, as is commonplace with telephone wiretaps.
We will review whether Carnivore acquires information not permitted by law or in a manner prohibited by law.
10) Oversight of this interview
by Col. Klink (retired)
Are you free to answer questions posted here, or does the FBI review your answers first?
Perritt:
Neither the FBI nor any other government agency reviewed my answers to these questions.
The most important question I saw only got moderated to a 4, in favor of repetitious "Can we really trust you? Really, really?" BS.
To paraphrase, the question was something like "How do you know the software you are reviewing will be the (only) software installed on the FBI's black boxes?"
Perritt did admit in question 9 that Carnivore would need to physically tap all traffic on a subnet, then apply software to reject packets not related to a particular investigation.
So how does he know that the software actually going into use will be the same as the software he is being asked to review? Since the FBI will need encrypted remote access to operate the Carnivore boxes, what is to stop them from uploading whatever software they want, without any judicial review or ISP knowledge, after the fact?
Of course, the answers have to be "he doesn't know", and "nothing", but I would have liked to hear it from Perritt himself.
Let's not forget the second most important question, which only got moderated to a 3:
In Marshall v. Barlow's, US Supreme Court 1978, the court found that businesses are subject to the same Fourth Amendment protection as individuals are, in regard to Administrative agencies. How will the FBI install these boxes in ISPs when there is no ongoing investigation, and no warrant?
Really, what happens when an ISP says, "No, we aren't going to violate our customers' privacy." Do they get hit with a "sure, we're investigating someone, and it's going to take an awful long time so we'll have to leave this box here indefinitely" warrant? Do they get pressured into accepting Carnivore installations in spite of the 4th amendment?
Then read Dean Perrit's answers, which were not written or checked by the FBI or DoJ, whose agents can read them here for the first time just like anyone else, assuming they have nothing better to do than read Slashdot.
Unless of course he sent it in an email.
For example
This is a dodge - he was asked to address why the secrescy about the functioning of the device, not its actual in-operation placement. Let "regular" people see the source - the system is effective by its placement not by its function.
And the answer?
Yes, we know that about sniffer - anyone here that has run Network General product to diagonose packet problems is aware that they are used routinely.
- Dont talk down to us, we probably know more than you do!
Are your team members going to ensure that it captures only the authorized intercepts and not infringing on the innocent? We are still waiting for a clear and definite answer on that oneAfter reading his evasive and non-responsive answers, its pretty obvious that Mr Perrit (or should I say " Mr Parrot ") appears to be a shill, a disengenuous legal weasel, and is quite obviously comfortable at being kept firmly in the government's pocket.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
For this review, I have chosen to compare the merits of two well known carnivores:
1. The Tyranosaurus Rex, Common name T-Rex.
2. The Eatius Roadrunnerus, Common name Wile E. Coyote.
For the purpose of this review, I will be dealing with five categories: Attack method, Persistance, Cyclic Preference (Day or night?), Natural tools, and Success rate.
I.) Attack method.
First we will examine the Tyranosaurus Rex, here forward referred to as T-Rex. The Tyranosaurus has two main attack methods. The first and primary method is its enormous, powerful jaws. This attack allows a very quick kill of the quarry and is effective in preparing the meal for easy digestion. The second attack method of the T-Rex is its long tail, which can be used to knock over or stun the quarry at range. This attack has one major disadvantage, namely that it puts the T-Rex off balance, leaving it vulnerable.
The Coyote, on the other hand, has many attacks, but tends to focus on two: The Trap, and the Pursuit. In both cases, the attack is augmented by techological means, showing the cognitive abilities of the Coyote, also known as its "Suuuper Geeeenius."
II.) Persistance
In this case, the coyote is a clear winner. The coyote has been known to stalk the same prey for well over twenty years, showing that it is a very vicious and persistant hunter.
The T-Rex, on the other hand, shows limited persistance, generally giving up on any given quarry within ten to fifteen minutes, and not possibly re-attempting the attack more than an hour and fifteen minutes or so later.
III.) Cycle
Here, again, the Coyote is a clear winner. It has been known to stay up all night preparing for the next day's hunt. The T-rex, on the other hand, basically only attacks something near it, and has only been known to hunt during the day, unless it's raining.
IV.) Natural Tools.
In this case, the coyote is a sore loser at best. Its only natural tool is its mind, which, having no physical presence, does not really satisfy this category. The T-Rex, on the other hand, has many natural tools, including its attacks (see I. above), and its large, well formed muscles and skeletal structure, designed for the pursuit.
V.) Success rate
This, being the deciding factor between the two, determines who is the superior carnivore. So far, the contestants are fairly evenly matched, with the T-Rex excelling at attack methods and natural tools, while the Coyote is both persistant and follows a more effective day/night cycle. This makes the final category, the Success Rate, the tie breaker. In this category, the T-Rex clearly excels. It is able to make regular meals of many varieties of woodland creature, ranging from goats to Pondus Scumus, the modern Lawyer. The Cotote, however, has not once been seen to successfully capture and consume its prey. More often than not, it severely injures itself in the course of its hunt.
Therefore, the clear winner is: The Coyote, because it is much more entertaining.
Thank you and good night.
Question 2. You will Lie. Right?
Question 3. You have no integrity...right?
Question 4. You are a government shill...right?
Question 5. Why should I believe you...You are a liar...right?
Question 6. How will Natalie Portman be affected by carnivore?
*ahem* half those questions were absolutely redundant. If I was that guy I would have refused to answer attacks on his integrity after the third or fourth time.
rev
> (Every web session over SSL, every shell over
> SSH etc...)
I have to agree.
One of the battle cry's we have used at work is
"Plaintext Passwords must die" (they wont die soon but we are working on it).
I am in favor of doing it up right. Phase out http in favor of https. I know my webserver will soon have a rewrite rule to redirect all http traffic to https.
I like the analogy used in the PGP manual the best. Would you send all your personal mail on psotcards? If everyone did, then sending something in an envelope would look weird - suspicous even.
So encrypt it all. Everything. ALL traffic in and out of everywhere. What is really needed is a free public CA, who can sign ssl certs for people. Or, better yet, come up with a "web of trust" system and build support for it into the web browsers...then into everything else.
Crypto needs to be made painless to use. Simple and default.
-Steve
"I opened my eyes, and everything went dark again"
This man does not share the belief that most /.ers have, that being, the government in inherently evil and trying to screw us over.
I, for one, have to applaud him for answering these questions without resorting to calling us the paranoid delusionals we really are.
It would be easy to say that he's just a governmen patsy, but that wouldn't be true. The man's being asked to do a job. He'll do it. And he honestly believes that there will be no problems with issuing his report afterwards. And, you know? He's right.
The government isn't always out to screw us, people. Don't go bashing the guy for his point of view.
Interesting to me that the question by Mr. Graham, a well known and respected technical expert, was answered in a two sentence response as follows: "A number of members of the review team are quite familiar with sniffing technology. Sniffers are routinely used as network management tools." This looks like a deliberate attempt to avoid answering the question in any way, shape, or form. Who has experience? What type? How much? I am FAMILIAR with Linux, and have installed it one time, but I am sure not an expert who is qualified to make any sort of judgement on any Linux device. Similarly, how do we know whether these people are truly qualified in the manner that Mr. Graham asks? And network management is a LOT different than performing a critical review of something like Carnivore. I will be totally honest, I cannot even begin to understand the second paragraph of Mr. Graham's question. Why does Mr. Perritt neglect to even attempt to respond to any part of that, or if he is not qualified, even mention forwarding it to someone who is qualified to respond as to whether or not it is relevant? Seems like this is a very deliberate avoidance of the truth. Let the whitewash begin!
Scott Plumlee