Slashdot Mirror
FBI Releases More Carnivore Information
tregoweth writes "CNet has a report about the FBI's release of new information concerning Carnivore, the result of a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center. Contradicting what the FBI has previously said, Carnivore can capture and archive 'unfiltered' Internet traffic."
Maybe the FBI can get FreeDevelopers.net to build a solution people would find less offensive. It would be the ultimate peer review for carnivore.
std::disclaimer<std::legalese> sig=new std::disclaimer; sig->dump(); delete sig;
Make FBI catch Slashdot trolls.
It's just a Solaris box.
And carnivore is just snoop.
That would have been a plum contract, oh yeah, after $500,000, we read the man pages to snoop.
When they said that Carnivore only captured 'filtered' packets they just neglected to mention that they were using '*' as their filter....
-jon
As you may recall, the FBI let admitted pedophile Patr ick Naughton off with a light sentence because he helped the FBI write software.
The FBI pays us Slashdot Trolls to keep a watch on you l337 hax0rz.
We keep telling them how much of a menace you are, when most of you can barely install Linux.
But hey, it keeps us in Macanudas.
user friendly carnivore
std::disclaimer<std::legalese> sig=new std::disclaimer; sig->dump(); delete sig;
Did anyone else find their selective blocking interesting? For example, the entire machine configuration was listed, but they blocked out the word that they use for "computer" on multiple occasions. Is it really that much of a security risk if we know their geeky slang?
RADIUS captures occurred as expected
This is alarming because it has nothing to do with capturing email.
RADIUS stands for "Remote Access DIal Up Service", and is a login password authentication protocol. If Carnivore is designed to capture RADIUS packets, then it is a password-stealing program, not an email collection program.
I had never heard that Carnivore was designed to steal passwords. I heard that it was designed to collect email. Apparently the censors didn't realize that they left in evidence of a completely different purpose for Carnivore than was represented to the public, or was I misinformed?
There's very little new info in this current article. Mostly it says that according to new info, Carnivore is capable of capturing all unfiltered traffic that flows through it and archiving it for later investigation. That's a bad thing.... but then, we've all known that Carnivore was a bad thing the first time we heard about it. This is further confirmation, but hardly surprising.
Did anybody really expect a secret surveillance project by a secretive government organization to be anything BUT invasive?
What remains to be seen is whether or not all the public outcry will have any effect whatsoever on the implementation of this software. (My bet is "No, it will not.")
-The Reverend (I am not a Nazi nor a Troll)
-The Reverend (I am not a Nazi nor a Troll)
=(.\')=
Yeah, and maybe Microsoft will start giving their shit away for free. The FBI is in this to catch subversives, not to give them work. No way any Federal agency would give work to a bunch of communist hippies.
Cunning linguists
Here is the big question I have, where can I find a list of ISP's that have Carnivore installed?
We are never going to get the FBI to change their minds about Carnivore, but if people start to know about Carnivore and the ISP's that have it, then people will not use those ISP's.
I can see it now, advertisements for ISP's who's big selling point is not having Carnivore installed.
Linux O Muerte!
The FBI is the first government organization to realize that PDF files with black bars overlaid on sensitive information isn't effective.
Of course, that is bad for everyone that wonders what is under the redaction marks.
Maybe we could finally get a useful tcpdump clone on a Win platform!
Think outside the... Hey, where'd the friggin' box go?
We really need end to end encryption now.
I mean, like, but, who DIDN'T expect this?
PGP is good. SSH is good. SSL is good. But we really need IPSec / IPv6.
Kinda makes all those expensive Layer-4 switches less useful though (if you encrypt at layer 3).
Cyano.
Don't like my sig? I don't either.
Its a lot more fun when its dangerous. Script kiddies running around like characters from a role-playing game, only to be struck down by vicious carnivores when they aren't looking.
..everything that the government tells you.
Do you think that email packets are different from RADIUS packets? or from Instant Messenger packets? Or HTTP POSTs containing your password and credit card numbers?
Repeat after me..
A packet sniffer is a packet sniffer is a packet sniffer..
It sniffs whatever the user wants, and if you can't figure out that the FBI wants to sniff EVERYTHING then you are living in fantasy land.
-jon
Ok... Carnivore is Windows NT, which isn't the most stable OS (i say this as an occasional user) and the filters are written in Visual Basic
Hilarious.
There's a long history of Really Dirty Shit coming out about the United States. The real problem is that the event horizon for this sort of thing is 10 to 30 years. At that point, news about the heinousness may or may not come out. The media gets to make a big stink about it, while keeping an implicit attitude that says "That sort of thing couldn't happen these days". For example, Operation Shamrock, the secret bombing of Cambodia, heinous shit in all of Central and South America, UKUSA, Nixon's dirty tricks, Crypto AG, and the list goes on.
The real problem is that nothing is done to fix the system. The people involved are not taken outside and shot, they're still where they were before. What's the current set of semi-atrocities? If you read a lot of the foreign or independent press, you might find out sooner.
Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?
Government monitoring is nothing new. The FBI have long had many wiretapping systems set up to catch criminals. The USPS scans threatening mail trying to prevent people from mailing bombs and traps to their enemies. Cameras are installed along many city streets to watch crimes and catch traffic violations. I don't understand why these survelaince methods aren't coming under fire as well... why is the internet so incredibly different?
Besides, look at the results of these efforts. Many major crimelords and killers have been caught by slipping up in the presence of wiretapping. Mail monitoring has prevented possible serial terrorists from doing something like send mail bombs. And street cameras catch amazing ammounts of crime, from murders to robberies to prostitution to speeding. I expect Carnivore to be extremely helpful in capturing pedophiles, pirates, terrorists, and other criminals.
Yes, I may be concerned about my own e-mail being read. But I know that I am a law abiding citizen, my messages to people are trivial to the FBI, and that I feel like I need to hide nothing. And even if you *need* privacy, what about encryption? PGP is extremely hard to crack from my knowledge. Use that. I know the Slashdot mentality may contradict it, but it's unrealistic to expect the internet to remain unregulated forever. Regardless, some form of government restricition and monitoring will come eventually, and having read a little about Carnivore, I am satisfied with their efforts.
By gum, that standard should be used today! My traffic in e-mail or anything else is not and should not be seen by anybody without a search warrant. If a warrant is obtained to intercept and read all of my email, the traffic of my neighbors should still be inviolate.
In practice, this means that something needs to look at the headers, but all that needs is a filter. The storage of unfiltered traffic is not only dangerous, it smells illegal as all get out to me.
IANAL, but I'd be happy to help pay for some good ones to argue this in front of the Supremes.
I'll mail you a copy if you mail me a copy, ad infinitem...
FatPhil
Also FatPhil on SoylentNews, id 863
That I had assumed all along they were lying, and as a result I was not particularly shocked by the discovery of the truth.
I'm not happy about it, I'm just not surprised by it.
-jon
this thing can monitor all your habits, which is much more of a privacy issue than people thought. it's one thing if they look at your email, but would you want to have the fbi wondering what you're doing visiting the "free kevin mitnick" websites? And if the thing has internal zip and jaz drives as stated in the document, the fbi can just walk in and switch the stuff without having to even open up their little black box and stop monitoring. Next time i go isp shopping i have a few more things to add to my list of "good things".
I am !amused.
Excuse the ignorant question, but WTF is 'DragonWare'? The last paragraph mentions Carnivore as being part of the DargonWare Suite... what other stuff is running around out there?
And does any of it fall into the "We're fucked if this gets into the wrong (ie, script kiddie) hands" category?
From the article
Omnivore was replaced by Carnivore running on a Windows NT-based computer in June 1999.
"one treats others with courtesy not because they are gentlemen or gentlewomen, but because you are" --G. Henrichs
Giving Americans cancer for research purposes, capturing radio transmissions, listening in all all kinds of information transfer, this is nothing new.
I'm sure there are lots more things that we don't know about. Maybe Carnivore has been around for a lot longer in a more primitive form, capturing passwords, emails and other dubious info.
What people should realized is that maybe the paranoid people out there aren't paranoid, maybe everyone else is just too naive. I think people put too much faith in their government and assume it will take care of them and respect them as individuals. People want to believe that the government will handle all the problems of the world and will allow certain rights to privacy to be taken away to get this safety net. Do you really think those millions of AOL subscribers care that their email may be read?
Apathy is a common problem in the US these days and I don't think we should be surprised to learn that someone is trying to do some sneaky things to citizens who don't really care anyway.
=-=-=-=-=
"Do you hear the Slashdotters sing,
=-=-=-=-=-=-=-=-=
Oh bother.
Yeah, I was thinking the exact same thing. In the first paragraph on the second page, they just blacked out words seemingly at random. The only thing I can think is that the document used the word CPU (referring to a whole box) and the FBI has some secret CPUs (chips) for specialized processing that they don't want us to know about.
In the 2nd paragraph on the 2nd page, they marked out what appear to be either the bandwidth or the capacity of the storage media. Hardly secret information. The last mark-outs may be the times of day that they move data, so that I can understand keeping hidden.
I wonder if the FOI Act has any penalties for blocking out information that has no reason to be kept secret. Unfortunately, I doubt that the Act has any teeth in that regard.
Software sucks. Open Source sucks less.
The mating call of the facist. The Nazi's were really fond of saying that, as they asked for your travel papers. Is that the kind of country you want to live in?
I think it was Thomas Hume who said first "It is seldom that liberty of any kind is lost all at once". This is a perfect example of that, and of the attitudes of the lazy, self-centered people that got us there.
So what you're saying is that since it doesn't bother you, or affect you, you don't see a problem with it? It's all about you, eh? Way to look out for #1, bud. Just go back to playing your N64 and forget all about that nasty world outside.
Sheep.
"Those who would give up essential liberty for temporary safety deserve neither liberty nor safety" - Benjamin Franklin,
This is really quite scary. It's not because I do anything illegal, but Carnivore makes interception of all my net traffic possible. Just think of what they can use this for! If there is ever a return to McCarthyism, and I read something about, say, Karl Marx, I could immediately be marked as a "Red" - draw any parallels with any other "subversive" elements. While I feel that "Big Brother" is useful for the prevention and detection of internet-related crime, such as "immoral" BO2000 use etc, the flip-side is that we lose a part of our freedom. How legal is this? Is it, for example, legal here in Britain? Can any intelligence agency in the world just switch it on and type in my name and monitor my activities? This seems to enable monitoring from a distance - therefore, though I am in Britain, could the FBI snoop on me and get away with it because they're on US soil?
It hasn't been submitted for peer review. They're running NT4. *shudder*
----
----
Am I the only one who thinks Microsoft is a misnomer? Perhaps Macrosoft would be a better fit?
Actually, they would capture RADIUS packets to determine when a particular user logs in to the ISP's network. Then they get an IP address for the user. Then they can filter all email coming from that address. Or all packets from that address, as the case may be. To me, this actually shows that they are trying to filter traffic from only one IP address. (Not proof, mind you, but an indication.)
Software sucks. Open Source sucks less.
Plus that, the eipc site appears /.'ed already. :(
I wonder what was said in either. I wonder if I'll I'll hear are replies to some mistaken AC, etc.
Bah, some days suck in /.-ville.
Hopefully this will force them to admit that the system uses transparent redirection (like on high end switches) to redirect smtp/pop/imap traffic through the carnivore box. There is absolutely no other way for a 350MHz pII to log "all unfiltered" traffic at a pop site to a 1GB hard drive.
The real question is exactly where this redirection occurrs, and what subscriber links bypass it (if any).
This should dispell any idea that Carnivore was just to be put in front of the ISP's email srevers.
Two words: ROT 13.
I work at a regional ISP. If my boss agrees with the feds to investigate me or someone else, I'd like to know what one looks like when it shows up in the server room. :)
Is the FBI a Dell customer? Or do they use Gateways? Or just build their own?
-Chris
...More Powerful than Otto Preminger...
Who's to say what we find to be compleatly moral, and right today won't be outlawed tomorow. In the US anyone can drink, but ever heard of prohabition? Sometimes america outlaws some of the wierdest things. We pride ourselves on freadom of speach and freadom of religeon. The government anymore seems to want to take our guns, speach, and fredome from us all. I know what it is like to not be able to own a firearm(even to hunt with). I know what it's like to be told you can't worship that way because I don't like it. I know what it is like to have your voice quelled. Carnivore is about power in the government, not about criminals. It's the same as having a 24 Hour a day tap on your line that they can listen in to your conversations any time they want. Or better yet a monitoring station that Listens to your house 24 hours a day (Some of us have our house pluged into the net 24 hours a day, with web cams, et al).
Incidently who's to say that some corupt FBI official doesn't use the information to blackmail you, not just about criminal offences, but also about your marriage. If you write your online "friend" and tell them that you had fun "playing with them" and it gets intersepted by your spouce.... Just think about it.
I thought Slim Shadey was nuts, then I met my ex-wife.
The government is now implementing, in "tacular" stages, a system to invade your privacy, and you're just talking about it as though it's a foregone conclusion. What a bunch of total sissies. 1984 was not written so we can sit around and marvel at how well a person can predict the future. Where's the outcry?
Sounds great, except the law abiding folks aren't getting any back, and we're just giving any criminals in the FBI more power.
Yes, criminals. Corruption happens -- for example, the FBI did some things that were not exactly legal to Martin Luther King (illegal surveilance/wiretaps, as I recall). The people who broke the law in that case were in the FBI, and they were also, by definition, criminals.
Learn some recent history.
If, instead, you acknowledge this, but believe that that sort of thing can't or won't happen again, please be prepared to explain why in fifty words or less.[1]
---[1] Other than "Martin Luther King is dead now"
DNA just wants to be free...
Without giving the targetted individual a static IP (that would be too suspicious), it's extremely difficult to design Carnivore in a way that would allow it to function without searching through all traffic on an entire IP subnet without using RADIUS.
As an aside, RADIUS packets are not sent in clear-text; they are encrypted using a common plain-text key that is (usually) manually assigned on both the RADIUS client and server. Is it breakable? Sure. But, then again, any value given to the FBI's explanation is derived from the notion that they aren't lying to you.
The bottom line(s):
Any lawyers in the room care to start the class action suit?
-jon
...because it's good to remember that good soldiers Adapt and Overcome.
EC
I don't see enough people recognizing the importance of routing information, email headers, connection logs, etc - all information which the FBI steadfastly maintains it does not need a warrant to collect.
This is probably the most important purpose of Carnivore - to build an interconnected dataset of who's talking to whom, who's visiting what sites when, etc. The message body isn't nearly as important or useful (from the law-enforcement perspective) as this information. You may be encrypting all your mail with 4096-bit PGPG but who it came from and where it's going is all right there at the top. Same with your browsing habits, telnet/ssh , voice-over-IP connections, etc. etc.
Build a nice database of who's talking to whom and when, and it's much easier to find people to lean on. ("I see you emailed Bob on April 43, while he was chatting on IRC with known subversives planning protests at the Government, Inc. convention in Topeka - explain yourself citizen!")
To me, the collection of header information is the scariest part about Carnivore, especially considering the FBI's self-styled and sordid role in "ensuring domestic tranquility" by secretly attempting to undermine dissident groups and leaders (The muckraking and attempts at blackmailinng MLK Jr. being merely the most famous of many examples).
It's bad enough that they conduct illegal wiretaps - this information is considered today to be perfectly legal to snoop and store without a warrant or even probable cause. Dirty business.
-Isaac
I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
SIGN ME UP...
I can see it now... FBI agents showing up at an ISP every other day because they need to reboot Carnivore... :-)
one can only consider some public domain facts:
1. m$ word has an owner i.d. number attached to EVERY document.
2. the f.b.i. are not the only group that internet 'sniffs'.
3. some mental cripple's entertainment is worth peanuts when compared to the value of a business idea...
4. corperate espionage exists
who has access to m.$.'s list of authorized users of m.$.word? *grin*
A list I am a member of had an 'anti-echelon' day where we all mailed each other with lots of random stuff including words like 'Clinton', 'Death by Mutilation' 'President', 'Assasination' and 'Firearms'.
It was quite fun actually.
Elgon
Really now?
Do you use envelopes for your snailmail letters, or do you only use postcards that are (more easily) readable?
Do you have curtains or blinds in your office or residence, and use them rather than leave them open?
Do you leave meeting room and bedroom and other doors open, allowing anyone to look in as they please?
Do you use transparent trash bags?
How about a transparent backpack or briefcase?
No?
Gee, what do you have to hide?
It's about privacy. No one here is saying that the FBI shouldn't go after criminals. But the wanton removal of privacy is a removal of freedom. And the removal of freedom must be always guarded against.
If you really are comfortable with being monitored by government, there's this warm island some miles of Florida...
I don't subscribe to RMS's GNUtopian vision.
I go to the link, and there is the document, and there are all these bits blacked out.
I tell ya, censorship really burns my ***! I mean granted that they want to keep *********'s name hidden, and that information about ****** with the ***** and the ***** with the sheep, it stands to reason. There are still laws about that in most states. But I tell you **** *** ********* **** **** and another thing *** ** ****** ** ***** ** ***** *** ****** ***** government security!?!?! Well they can take their ******* and shove it right ** ** ***** ****** *************!
"Put a glide in yo stride and a dip in yo hip, and come on to the Mothership!"
Ceci n'est pas une sig.
If this is the case, why is email any different? If I send a letter to someone, even if it's an evil plot for world domination, how can the FBI have a right to grab it midstream?
I particularly liked where they discussed the hardware.
"This [CENSORED] has both Zip and Jaz drives."
Now, the only reason they could censor that word is because it is the brand of the machine used. Based on the fact that it takes up about four letters of space, we can guess that the program was probably tested on a Dell PII-300.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
When I worked for the Forest Circus they were deep into an IBM contract. But judging from the boneyard, they'd had a Gateway fetish in years past. So the answer is.. we don't know.
It's much more reasonable to ask "what's that mystery box?" about any new hardware that appears when you're off shift. When you're on shift, it's much easier. Not all cops and feds look like the stereotype, but the cheap suit and cheap shoes ID is always a tip. It worked the morning my office was filled with armed EPA agents. But that was another story.
Wait... you mean you still haven't joined the ACLU?
This is from their advertisement for DSL service at www.thinkgeek.com
Eat meat? No competition here, no carnivore plans either.
Either it means they only hire vegetarians (grin), or that they won't allow Carnivore to be put in their network (well, without a fight, at least).
In post-9/11 America, the CIA interrogates YOU!
Is it just me or does the FBI sound like a bunch of *wannabe* leet hax0rs/warez pups. I laughed out loud when I read this "sekret document" with the word "Dell" repeatedly blacked out (because its leet to black out stuff.. like 1-800-ITS-PRIVATE!).
"WE POWN joo we have l33t warez - we call it (yes is has a leet name) C4RN1V0R (part of our DR4GUNW4R3Z Suite!!) ph33r!!! Me and KnightDeathRider wrote it with alot of help from DragonMaster! Shout outs and props to my peeps DeathBringer and NightStalker!"
"We are l33t visual BASIC haxors!! THE LEETEST LANGUAGE EVER!!"
"IT IS so leet it runs on NT. Plus we call our patches "SERVICE PACKS" thats how leet we are! phr33r!"
"It has very long term reliability - it stays up for up to 48 hours!!!! thats like two days!! leet!!!"
I mean, please. These guys are total no talent lamers. What decent coder in the RIGHT mind would join the FBI for 1/4 the pay doing shit they HATED.
I must admit that this whole carnivore/FBI thing just gives me those happy, tingly vibes all over... NOT!
Some people seem to get worked up over the invasiveness... what worries me, especially in the litigation-happy US... just think if the FBI got some wild-ass lead, felt the need to investigate a whole bunch of people with this, and then random things were read into the context of the messages... sounds paranoid? maybe, maybe not... don't we know of someone who was investigated for basically visiting a site just after it was hacked? just what we need to "fight crime": a toy to give a self-rightous FBI more false leads and to sstir the rest of us into a frenzy... too bad we can't just shove that raw steak in the Jaz drive and make it GO AWAY!
Anyway... enough of my ranting.
I bid thee, adieu!
Hi! This is the Sig, blatantly attached to the end of this comment.
Okay, first off, I live in Canada. I was just about to lean back in my chair and make some nasty remarks about silly Americans and move on with my day.
I thought to myself, wait a minute these bastards are probably sooping on me too!
We are getting to the point where there are a number of multi national ISPs out here. IIRC my provider (@home) told the FBI to stick their little machine up their a$$ but who says its' going to stay that way. If the FBI did get a machine installed in @home's network I'm going to have some pretty big questions.
Who says that some of my traffic doesn't cross the border on an @home network before going out. With what little knowledge I have about large scale routing I have, I'm going to have to say its' not very likely, this would be waaay to expensive. I think @home has local UUNet connections in most cities, but it is possible that some of my traffic could go by a Carinvore in the future. Not Cool.
Are there not some sort of international rules about this? Who has jurisdiction over packets that are routed across borders?
Aaron
And yet, large chunks of it are blacked out. From such innocuous things like (probably) "Dell", to the performance metrics of the beast, to...well, I can't tell because it's blacked out.
If its unclassified, don't black the stuff out when responding to a FOIA request!
My mom is not a Karma whore!
You don't get it, do you?
1. The Bill of Rights does not grant us any rights. We already have them. The Bill of Rights merely spells out some of them (but not all of them).
2. Those rights apply to all persons.
3. Those rights do NOT apply to imaginary persons such as corporations.
4. Copyrights and patents are limited monopolies. Our Founding Fathers felt that granting these for a set period of time was good for the community as a whole (Congress has since screwed this up by making copyrights virtually unlimited).
5. I could care less about the "United Nations Universal Decleration of Human Rights". It's a poorly written piece of crap that is designed to do absolutely nothing.
6. PETA is run by a bunch of airheads that think animals are more important and have more rights than people. They would rather kill every person on the planet than allow a few rats to be used to cure deadly diseases. It should be legal to shoot members of PETA.
7. What do morals have to do with human rights? Absolutely nothing. Morals are a religious issue. When religion is invoked, rights are destroyed. I have no morals - but I have strict ethics.
-- Will program for bandwidth
Replace the blacked-out parts of the document with your own!
"Basic interface code change now allows MARTHA STEWART for SMTP and POP3"
"LITTLE NIKKI will pass this to JOE MONTANA at the first available opportunity."
The FBI can't open your mail without a warrant. But they can look at the envelope, which often has two addresses and the point of entry.
BTW, your mailbox (if you have one) is USPS property. Suppose the FBI is caught looking inside. Who is going to prosecute them?
Do you know how hard it is to get AT to run batch files?!?! I mean come on!
They had to use VB since then needed to run it as a service. Otherwise they would have to install IE4 so they could have scheduler, but then they would only get around 32hrs out of the box.
I do agree with the paranoid/conspiracy guys with the B.F. quotes. The FBI is trying to weasle there way in now since the internet is still "young." At least some Reps in Congress lisened and brought this to trial. Just imagine if we had to fight to remove it, not fight to prevent it's installation.
I sig therefore I am...
Mumia Abu-Jamal (Ya, I am sure that is what his parents named him), killed a cop. End of story. Might as well start a "Free Charles Manson" or "Liberation for Nazi War Criminals" movement. It makes about as much sense.
"I see you emailed Bob on April 43, while he was chatting on IRC with known subversives planning protests at the Government, Inc. convention in Topeka - explain yourself citizen!"
cpeterso
Wait let me correct that: I am shocked that the FBI admitted that Carnivore will capture unfiltered email.
There was a time in the US when people would have been shocked at government snooping; but I suspect that by now most people have figured out that there is no tooth fairy, and that governments regularly lie to the people they govern.
It's funny how you're accusing me of having no original thoughts when the post I replied to (again, probably by you) is essentially a carbon-copy of 40,000 other alarmist posts around here. Frankly, I don't care how relevant my comment was, because you tinfoil-hat wearers bore the snot out of me.
---
---
Slashdot: News For Zealots. Stuff That's Hypocritical.
RADIUS really means Remote Autehntication Dial In User Service. But you are close enough...
The RFC definition is 2138, not for the faint of heart.
The next version will be called "Herbivore" and will run on a Mac. ;-)
In the past, the FBI has at the direction of Congress or the Whitehouse "targeted" groups that were so ill-defined as to include all Americans. In every instance of this (so far), complaints from within the FBI have led to the bureau's investigations being greatly toned down and constrained. However, each case of this has taken years for the corrections to occur. Carnivore has a lot of people ticked off because it looks as though it steps outside of the FBI's defined powers and limitations unless active effort is taken to make sure it doesn't "go too far".
Carnivore also has the issue of making abuse by individuals tremendously scalable. While the FBI as a whole is not likely to be able to take full advantage of the system, individuals within the FBI and in the right place could use it to heap more abuse on the populace than they've ever been able to do before. Basically, organization issues aside, Carnivore has tremendous potential to play into the hands of the corrupt.
T. M. Pederson
"...and so the moral of the story is: Always Make Backups."
T. M. Pederson
"Lies, Damn Lies, and Documentation"
It's a PC running EtherPeek.
Wow.
They spent (at least) $5,000,000 of taxpayer money on a system that could have been put together by a 12 year old kid in less than an hour.
Most Impressive.
I'm no longer particularly worried about carnivore. I'm now worried about what they're REALLY doing with that money.
You're right, but that's not the point when the "your rights online" discussions pop up in slashdot. The problem is how you define "crime".
When politicians make "decency" laws, they cater to the hysterical old ladies who believe everything is a sin because their favorite televangelist said so. The result is that government agencies get an enormous power to define perfectly normal activities as "criminal" if they want to.
For example, suppose you went to Spain in your vacations, and had some pictures taken of you at a beach. In the background there's a nude twelve year old person bathing at the beach, something that's perfectly legal to do at many beaches in Spain. If you have this picture in your computer, you can be accused of being a pedophile and of having "child pornography" in your possession.
Now, this doesn't mean the FBI will go after everyone who ever travelled to Spain and put them in jail. But it means that, if you ever witness some crime committed by an FBI employee, you cannot testify against them, since they can send you to a prolonged jail sentence.
I'm not a paranoid, I don't think they are after me. But I do want to keep it that way, I don't want to give them the power to come after me either.
You post has been intercepted by Carnivore, now sit back and relax as we hax0r your inbox... Have a nice day =)
To "prove" that the RADIUS packet is from the ISP's dial network (RADIUS is UDP and easily spoofed - requiring an authenticator) they will need to have the shared secret, so the FBI can collect passwords if they really feel like it. Unless they believe they can trust a UDP packet claiming to be from the ISPs dial network, in which case they have my pity.
I've never bothered to look into spoofing DHCP but I imagine most ISP dial networks are going to be configured for convience rather than security.
Does anyone have any idea how much assistance the FBI is requiring form ISPs on this?
--
You nah, me nah. Screw you guys, I'm going home.
No, email is more like handing your neighbor a piece of paper with a note to your girlfriend and asking them to see that it gets passed along to her at some point. Hopefully it gets to her, and it may not, but there's nothing preventing anybody from reading it. USPS provides a service of delivering objects, and it is a federal offense to read someone else's mail. Therefore the FBI has no right to read your s-mail in transit. There is no "right to email". You may THINK that although "email" is similar sounding to the regular USPS "mail", that it has anything at all to do with it, but you'd be wrong.
"What thou shalt not, I shalt did!" -Bart Simpson
If we knew for a fact that the goverment was 100% honest, trustworthy and compitant it'd be a diferent story.
If the goverment realy was full of saints it'd be great. We could all just put camera's in our living rooms and bedrooms to ensure that we'd be safe. But it's not.
-Andy
If "unfiltered" means the obvious, everything it sees, not just stuff pertaining to a single IP/user, then there is a very strong case that it violates the 4th amendment protection against search and seizure without cause. Precisely, if it is intercepting all traffic, they would have to have a search warrant saying "all traffic passing through Earthlink" or whatever. If it can target traffic, they can get a search warrant saying, "all traffic passing through Earthlink originating or terminating at x.x.x.x". No judge would grant the former; the latter would be much easier to get.
In my (layman's) interpretation, "particularly describing the place to be searched, and the persons or things to be seized", means that a warrant would have to say something like "all traffic going through Earthlink's network" for it to be legal. This is because it's quite clear to me that anything that is intercepted can be considered searched. Anything that's archived can be considered seized.
The obvious solution is for people to start whipping out the constitution, pointing to the 4th amendment, and telling the police, "go get a proper warrant, or go fuck yourself".
yo bro your sig is the wrong lyric
... Primer 55 dont even know what root is
its "watch these fuckers jump when i get loose"
the damn track name is loose
I put here promotion for new opensource project to challange the FBI in its making of wiretapping system, Except that it will be opensourced and better. When they will use our system we will know what exactly they are up to. =)
I think you must be pretty young. I remember a time (more than 30 years ago now) when I, too, believed the FBI, a governmental agency, was full of trustworthy, loyal agents just trying to protect ordinary citizens. In fact, there was a tv show, called _The FBI_, which showed these wonderful people struggling at great risk to their own lives to protect the innocent. Then I learned the FBI specializes in car theft rings because it's relatively simple and keeps their solve rate up so they can justify bigger budget, but they will fight being called in on kidnapping cases because those usually end badly and lower their solve rate... That's just one example, but it's probably enough.
I'm sorry, but the same kids you see in the classroom every day are the ones who grow up to be the bosses, employees, police officers, and yes, even the FBI agents of the future. Those kids don't change much in the process.
Also, bank officers are not out to help you get loans so you will benefit from a good education, congressmen aren't really legislating to solve your problems, professors don't care much if you learn what they have to teach, grocers don't care if your food is irradiated (as long as it extends the shelf-life of their produce), mechanics don't love your car as much as you do... Okay? I'm sorry, but you might as well come to understand these things now rather than later. Just one last thing: realize that none of this means you yourself should give up your own passions or ideals. I haven't, and if you look around you'll find we have a lot of company.
--WP, 11/19/00, page A6
Terruggi was a left-wing journalist...if he were a right-winger, the FBI probably would have supported him!
Buck Mulligan