Slashdot Mirror
FBI Releases More Carnivore Information
tregoweth writes "CNet has a report about the FBI's release of new information concerning Carnivore, the result of a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center. Contradicting what the FBI has previously said, Carnivore can capture and archive 'unfiltered' Internet traffic."
Maybe the FBI can get FreeDevelopers.net to build a solution people would find less offensive. It would be the ultimate peer review for carnivore.
std::disclaimer<std::legalese> sig=new std::disclaimer; sig->dump(); delete sig;
When they said that Carnivore only captured 'filtered' packets they just neglected to mention that they were using '*' as their filter....
-jon
As you may recall, the FBI let admitted pedophile Patr ick Naughton off with a light sentence because he helped the FBI write software.
Did anyone else find their selective blocking interesting? For example, the entire machine configuration was listed, but they blocked out the word that they use for "computer" on multiple occasions. Is it really that much of a security risk if we know their geeky slang?
RADIUS captures occurred as expected
This is alarming because it has nothing to do with capturing email.
RADIUS stands for "Remote Access DIal Up Service", and is a login password authentication protocol. If Carnivore is designed to capture RADIUS packets, then it is a password-stealing program, not an email collection program.
I had never heard that Carnivore was designed to steal passwords. I heard that it was designed to collect email. Apparently the censors didn't realize that they left in evidence of a completely different purpose for Carnivore than was represented to the public, or was I misinformed?
There's very little new info in this current article. Mostly it says that according to new info, Carnivore is capable of capturing all unfiltered traffic that flows through it and archiving it for later investigation. That's a bad thing.... but then, we've all known that Carnivore was a bad thing the first time we heard about it. This is further confirmation, but hardly surprising.
Did anybody really expect a secret surveillance project by a secretive government organization to be anything BUT invasive?
What remains to be seen is whether or not all the public outcry will have any effect whatsoever on the implementation of this software. (My bet is "No, it will not.")
-The Reverend (I am not a Nazi nor a Troll)
-The Reverend (I am not a Nazi nor a Troll)
=(.\')=
Here is the big question I have, where can I find a list of ISP's that have Carnivore installed?
We are never going to get the FBI to change their minds about Carnivore, but if people start to know about Carnivore and the ISP's that have it, then people will not use those ISP's.
I can see it now, advertisements for ISP's who's big selling point is not having Carnivore installed.
Linux O Muerte!
..everything that the government tells you.
Do you think that email packets are different from RADIUS packets? or from Instant Messenger packets? Or HTTP POSTs containing your password and credit card numbers?
Repeat after me..
A packet sniffer is a packet sniffer is a packet sniffer..
It sniffs whatever the user wants, and if you can't figure out that the FBI wants to sniff EVERYTHING then you are living in fantasy land.
-jon
Ok... Carnivore is Windows NT, which isn't the most stable OS (i say this as an occasional user) and the filters are written in Visual Basic
Hilarious.
Pardon me for going against the tide of slashdot opinions, but I still don't understand what has everyone so riled up. Perhaps I should blame the FBI for choosing a menacing sounding name like "Carnivore," but certainly their intentions are not to destroy or harm. The FBI is a very major government organization paid for by our tax dollars. I may not agree with their moves all the time, but I trust that they are only concerned about the best interest of our country. Why would they go out of their way to harm the very citizens who keep them running?
Government monitoring is nothing new. The FBI have long had many wiretapping systems set up to catch criminals. The USPS scans threatening mail trying to prevent people from mailing bombs and traps to their enemies. Cameras are installed along many city streets to watch crimes and catch traffic violations. I don't understand why these survelaince methods aren't coming under fire as well... why is the internet so incredibly different?
Besides, look at the results of these efforts. Many major crimelords and killers have been caught by slipping up in the presence of wiretapping. Mail monitoring has prevented possible serial terrorists from doing something like send mail bombs. And street cameras catch amazing ammounts of crime, from murders to robberies to prostitution to speeding. I expect Carnivore to be extremely helpful in capturing pedophiles, pirates, terrorists, and other criminals.
Yes, I may be concerned about my own e-mail being read. But I know that I am a law abiding citizen, my messages to people are trivial to the FBI, and that I feel like I need to hide nothing. And even if you *need* privacy, what about encryption? PGP is extremely hard to crack from my knowledge. Use that. I know the Slashdot mentality may contradict it, but it's unrealistic to expect the internet to remain unregulated forever. Regardless, some form of government restricition and monitoring will come eventually, and having read a little about Carnivore, I am satisfied with their efforts.
By gum, that standard should be used today! My traffic in e-mail or anything else is not and should not be seen by anybody without a search warrant. If a warrant is obtained to intercept and read all of my email, the traffic of my neighbors should still be inviolate.
In practice, this means that something needs to look at the headers, but all that needs is a filter. The storage of unfiltered traffic is not only dangerous, it smells illegal as all get out to me.
IANAL, but I'd be happy to help pay for some good ones to argue this in front of the Supremes.
From the article
Omnivore was replaced by Carnivore running on a Windows NT-based computer in June 1999.
"one treats others with courtesy not because they are gentlemen or gentlewomen, but because you are" --G. Henrichs
Yeah, I was thinking the exact same thing. In the first paragraph on the second page, they just blacked out words seemingly at random. The only thing I can think is that the document used the word CPU (referring to a whole box) and the FBI has some secret CPUs (chips) for specialized processing that they don't want us to know about.
In the 2nd paragraph on the 2nd page, they marked out what appear to be either the bandwidth or the capacity of the storage media. Hardly secret information. The last mark-outs may be the times of day that they move data, so that I can understand keeping hidden.
I wonder if the FOI Act has any penalties for blocking out information that has no reason to be kept secret. Unfortunately, I doubt that the Act has any teeth in that regard.
Software sucks. Open Source sucks less.
This is really quite scary. It's not because I do anything illegal, but Carnivore makes interception of all my net traffic possible. Just think of what they can use this for! If there is ever a return to McCarthyism, and I read something about, say, Karl Marx, I could immediately be marked as a "Red" - draw any parallels with any other "subversive" elements. While I feel that "Big Brother" is useful for the prevention and detection of internet-related crime, such as "immoral" BO2000 use etc, the flip-side is that we lose a part of our freedom. How legal is this? Is it, for example, legal here in Britain? Can any intelligence agency in the world just switch it on and type in my name and monitor my activities? This seems to enable monitoring from a distance - therefore, though I am in Britain, could the FBI snoop on me and get away with it because they're on US soil?
Actually, they would capture RADIUS packets to determine when a particular user logs in to the ISP's network. Then they get an IP address for the user. Then they can filter all email coming from that address. Or all packets from that address, as the case may be. To me, this actually shows that they are trying to filter traffic from only one IP address. (Not proof, mind you, but an indication.)
Software sucks. Open Source sucks less.
Hopefully this will force them to admit that the system uses transparent redirection (like on high end switches) to redirect smtp/pop/imap traffic through the carnivore box. There is absolutely no other way for a 350MHz pII to log "all unfiltered" traffic at a pop site to a 1GB hard drive.
The real question is exactly where this redirection occurrs, and what subscriber links bypass it (if any).
This should dispell any idea that Carnivore was just to be put in front of the ISP's email srevers.
Two words: ROT 13.
I work at a regional ISP. If my boss agrees with the feds to investigate me or someone else, I'd like to know what one looks like when it shows up in the server room. :)
Is the FBI a Dell customer? Or do they use Gateways? Or just build their own?
-Chris
...More Powerful than Otto Preminger...
The government is now implementing, in "tacular" stages, a system to invade your privacy, and you're just talking about it as though it's a foregone conclusion. What a bunch of total sissies. 1984 was not written so we can sit around and marvel at how well a person can predict the future. Where's the outcry?
Sounds great, except the law abiding folks aren't getting any back, and we're just giving any criminals in the FBI more power.
Yes, criminals. Corruption happens -- for example, the FBI did some things that were not exactly legal to Martin Luther King (illegal surveilance/wiretaps, as I recall). The people who broke the law in that case were in the FBI, and they were also, by definition, criminals.
Learn some recent history.
If, instead, you acknowledge this, but believe that that sort of thing can't or won't happen again, please be prepared to explain why in fifty words or less.[1]
---[1] Other than "Martin Luther King is dead now"
DNA just wants to be free...
Without giving the targetted individual a static IP (that would be too suspicious), it's extremely difficult to design Carnivore in a way that would allow it to function without searching through all traffic on an entire IP subnet without using RADIUS.
As an aside, RADIUS packets are not sent in clear-text; they are encrypted using a common plain-text key that is (usually) manually assigned on both the RADIUS client and server. Is it breakable? Sure. But, then again, any value given to the FBI's explanation is derived from the notion that they aren't lying to you.
The bottom line(s):
I don't see enough people recognizing the importance of routing information, email headers, connection logs, etc - all information which the FBI steadfastly maintains it does not need a warrant to collect.
This is probably the most important purpose of Carnivore - to build an interconnected dataset of who's talking to whom, who's visiting what sites when, etc. The message body isn't nearly as important or useful (from the law-enforcement perspective) as this information. You may be encrypting all your mail with 4096-bit PGPG but who it came from and where it's going is all right there at the top. Same with your browsing habits, telnet/ssh , voice-over-IP connections, etc. etc.
Build a nice database of who's talking to whom and when, and it's much easier to find people to lean on. ("I see you emailed Bob on April 43, while he was chatting on IRC with known subversives planning protests at the Government, Inc. convention in Topeka - explain yourself citizen!")
To me, the collection of header information is the scariest part about Carnivore, especially considering the FBI's self-styled and sordid role in "ensuring domestic tranquility" by secretly attempting to undermine dissident groups and leaders (The muckraking and attempts at blackmailinng MLK Jr. being merely the most famous of many examples).
It's bad enough that they conduct illegal wiretaps - this information is considered today to be perfectly legal to snoop and store without a warrant or even probable cause. Dirty business.
-Isaac
I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
I can see it now... FBI agents showing up at an ISP every other day because they need to reboot Carnivore... :-)
I go to the link, and there is the document, and there are all these bits blacked out.
I tell ya, censorship really burns my ***! I mean granted that they want to keep *********'s name hidden, and that information about ****** with the ***** and the ***** with the sheep, it stands to reason. There are still laws about that in most states. But I tell you **** *** ********* **** **** and another thing *** ** ****** ** ***** ** ***** *** ****** ***** government security!?!?! Well they can take their ******* and shove it right ** ** ***** ****** *************!
"Put a glide in yo stride and a dip in yo hip, and come on to the Mothership!"
Ceci n'est pas une sig.
If this is the case, why is email any different? If I send a letter to someone, even if it's an evil plot for world domination, how can the FBI have a right to grab it midstream?
I particularly liked where they discussed the hardware.
"This [CENSORED] has both Zip and Jaz drives."
Now, the only reason they could censor that word is because it is the brand of the machine used. Based on the fact that it takes up about four letters of space, we can guess that the program was probably tested on a Dell PII-300.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Is it just me or does the FBI sound like a bunch of *wannabe* leet hax0rs/warez pups. I laughed out loud when I read this "sekret document" with the word "Dell" repeatedly blacked out (because its leet to black out stuff.. like 1-800-ITS-PRIVATE!).
"WE POWN joo we have l33t warez - we call it (yes is has a leet name) C4RN1V0R (part of our DR4GUNW4R3Z Suite!!) ph33r!!! Me and KnightDeathRider wrote it with alot of help from DragonMaster! Shout outs and props to my peeps DeathBringer and NightStalker!"
"We are l33t visual BASIC haxors!! THE LEETEST LANGUAGE EVER!!"
"IT IS so leet it runs on NT. Plus we call our patches "SERVICE PACKS" thats how leet we are! phr33r!"
"It has very long term reliability - it stays up for up to 48 hours!!!! thats like two days!! leet!!!"
I mean, please. These guys are total no talent lamers. What decent coder in the RIGHT mind would join the FBI for 1/4 the pay doing shit they HATED.
And yet, large chunks of it are blacked out. From such innocuous things like (probably) "Dell", to the performance metrics of the beast, to...well, I can't tell because it's blacked out.
If its unclassified, don't black the stuff out when responding to a FOIA request!
My mom is not a Karma whore!
Replace the blacked-out parts of the document with your own!
"Basic interface code change now allows MARTHA STEWART for SMTP and POP3"
"LITTLE NIKKI will pass this to JOE MONTANA at the first available opportunity."
"I see you emailed Bob on April 43, while he was chatting on IRC with known subversives planning protests at the Government, Inc. convention in Topeka - explain yourself citizen!"
cpeterso
Wait let me correct that: I am shocked that the FBI admitted that Carnivore will capture unfiltered email.
There was a time in the US when people would have been shocked at government snooping; but I suspect that by now most people have figured out that there is no tooth fairy, and that governments regularly lie to the people they govern.
The next version will be called "Herbivore" and will run on a Mac. ;-)
In the past, the FBI has at the direction of Congress or the Whitehouse "targeted" groups that were so ill-defined as to include all Americans. In every instance of this (so far), complaints from within the FBI have led to the bureau's investigations being greatly toned down and constrained. However, each case of this has taken years for the corrections to occur. Carnivore has a lot of people ticked off because it looks as though it steps outside of the FBI's defined powers and limitations unless active effort is taken to make sure it doesn't "go too far".
Carnivore also has the issue of making abuse by individuals tremendously scalable. While the FBI as a whole is not likely to be able to take full advantage of the system, individuals within the FBI and in the right place could use it to heap more abuse on the populace than they've ever been able to do before. Basically, organization issues aside, Carnivore has tremendous potential to play into the hands of the corrupt.
T. M. Pederson
"...and so the moral of the story is: Always Make Backups."
T. M. Pederson
"Lies, Damn Lies, and Documentation"
It's a PC running EtherPeek.
Wow.
They spent (at least) $5,000,000 of taxpayer money on a system that could have been put together by a 12 year old kid in less than an hour.
Most Impressive.
I'm no longer particularly worried about carnivore. I'm now worried about what they're REALLY doing with that money.
You're right, but that's not the point when the "your rights online" discussions pop up in slashdot. The problem is how you define "crime".
When politicians make "decency" laws, they cater to the hysterical old ladies who believe everything is a sin because their favorite televangelist said so. The result is that government agencies get an enormous power to define perfectly normal activities as "criminal" if they want to.
For example, suppose you went to Spain in your vacations, and had some pictures taken of you at a beach. In the background there's a nude twelve year old person bathing at the beach, something that's perfectly legal to do at many beaches in Spain. If you have this picture in your computer, you can be accused of being a pedophile and of having "child pornography" in your possession.
Now, this doesn't mean the FBI will go after everyone who ever travelled to Spain and put them in jail. But it means that, if you ever witness some crime committed by an FBI employee, you cannot testify against them, since they can send you to a prolonged jail sentence.
I'm not a paranoid, I don't think they are after me. But I do want to keep it that way, I don't want to give them the power to come after me either.
If "unfiltered" means the obvious, everything it sees, not just stuff pertaining to a single IP/user, then there is a very strong case that it violates the 4th amendment protection against search and seizure without cause. Precisely, if it is intercepting all traffic, they would have to have a search warrant saying "all traffic passing through Earthlink" or whatever. If it can target traffic, they can get a search warrant saying, "all traffic passing through Earthlink originating or terminating at x.x.x.x". No judge would grant the former; the latter would be much easier to get.
In my (layman's) interpretation, "particularly describing the place to be searched, and the persons or things to be seized", means that a warrant would have to say something like "all traffic going through Earthlink's network" for it to be legal. This is because it's quite clear to me that anything that is intercepted can be considered searched. Anything that's archived can be considered seized.
The obvious solution is for people to start whipping out the constitution, pointing to the 4th amendment, and telling the police, "go get a proper warrant, or go fuck yourself".
I think you must be pretty young. I remember a time (more than 30 years ago now) when I, too, believed the FBI, a governmental agency, was full of trustworthy, loyal agents just trying to protect ordinary citizens. In fact, there was a tv show, called _The FBI_, which showed these wonderful people struggling at great risk to their own lives to protect the innocent. Then I learned the FBI specializes in car theft rings because it's relatively simple and keeps their solve rate up so they can justify bigger budget, but they will fight being called in on kidnapping cases because those usually end badly and lower their solve rate... That's just one example, but it's probably enough.
I'm sorry, but the same kids you see in the classroom every day are the ones who grow up to be the bosses, employees, police officers, and yes, even the FBI agents of the future. Those kids don't change much in the process.
Also, bank officers are not out to help you get loans so you will benefit from a good education, congressmen aren't really legislating to solve your problems, professors don't care much if you learn what they have to teach, grocers don't care if your food is irradiated (as long as it extends the shelf-life of their produce), mechanics don't love your car as much as you do... Okay? I'm sorry, but you might as well come to understand these things now rather than later. Just one last thing: realize that none of this means you yourself should give up your own passions or ideals. I haven't, and if you look around you'll find we have a lot of company.