Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Releases More Carnivore Information

Posted by michael on from the following-up dept.

tregoweth writes "CNet has a report about the FBI's release of new information concerning Carnivore, the result of a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center. Contradicting what the FBI has previously said, Carnivore can capture and archive 'unfiltered' Internet traffic."

15 of 139 comments (clear)

  1. This isn't a contradiction..... by jcrb · · Score: 3

    When they said that Carnivore only captured 'filtered' packets they just neglected to mention that they were using '*' as their filter....

    --
    -jon
  2. Password-stealing capabilities? by jms · · Score: 5

    RADIUS captures occurred as expected

    This is alarming because it has nothing to do with capturing email.

    RADIUS stands for "Remote Access DIal Up Service", and is a login password authentication protocol. If Carnivore is designed to capture RADIUS packets, then it is a password-stealing program, not an email collection program.

    I had never heard that Carnivore was designed to steal passwords. I heard that it was designed to collect email. Apparently the censors didn't realize that they left in evidence of a completely different purpose for Carnivore than was represented to the public, or was I misinformed?

  3. Beating it to death... by John_Prophet · · Score: 5

    There's very little new info in this current article. Mostly it says that according to new info, Carnivore is capable of capturing all unfiltered traffic that flows through it and archiving it for later investigation. That's a bad thing.... but then, we've all known that Carnivore was a bad thing the first time we heard about it. This is further confirmation, but hardly surprising.

    Did anybody really expect a secret surveillance project by a secretive government organization to be anything BUT invasive?

    What remains to be seen is whether or not all the public outcry will have any effect whatsoever on the implementation of this software. (My bet is "No, it will not.")


    -The Reverend (I am not a Nazi nor a Troll)

    --
    -The Reverend (I am not a Nazi nor a Troll)
    =(.\')=
  4. You must be one of those people who believes... by jcrb · · Score: 3

    ..everything that the government tells you.

    Do you think that email packets are different from RADIUS packets? or from Instant Messenger packets? Or HTTP POSTs containing your password and credit card numbers?

    Repeat after me..

    A packet sniffer is a packet sniffer is a packet sniffer..

    It sniffs whatever the user wants, and if you can't figure out that the FBI wants to sniff EVERYTHING then you are living in fantasy land.

    --
    -jon
  5. This isn't so scary anymore... by spankenstein · · Score: 5

    Ok... Carnivore is Windows NT, which isn't the most stable OS (i say this as an occasional user) and the filters are written in Visual Basic

    Hilarious.

  6. Unfiltered Storage != Fourth Ammendment Compliance by LauraLolly · · Score: 3
    In 1928, in his dissent from Olmstead vs. the United States, Louis Brandeis wrote,
    "The makers of the Constitution... conferred, as against the government, the right to be let alone - the most comprehensive of rights, and the right most valued by civilized men."
    Nowadays, the protection of the fourth ammendment as protection against search and seizure without a specific warrant is extended to wiretapping.

    By gum, that standard should be used today! My traffic in e-mail or anything else is not and should not be seen by anybody without a search warrant. If a warrant is obtained to intercept and read all of my email, the traffic of my neighbors should still be inviolate.

    In practice, this means that something needs to look at the headers, but all that needs is a filter. The storage of unfiltered traffic is not only dangerous, it smells illegal as all get out to me.

    IANAL, but I'd be happy to help pay for some good ones to argue this in front of the Supremes.

  7. Not password-stealing: IP/username association by Plasmic · · Score: 3
    If Carnivore is designed to capture RADIUS packets, then it is a password-stealing program
    According to the presentation given at NANOG (North American Network Operators Group) by the FBI on Carnivore, RADIUS is used to associate the user ID of the person whose traffic is being intercepted with their dynamically-assigned IP address.

    Without giving the targetted individual a static IP (that would be too suspicious), it's extremely difficult to design Carnivore in a way that would allow it to function without searching through all traffic on an entire IP subnet without using RADIUS.

    As an aside, RADIUS packets are not sent in clear-text; they are encrypted using a common plain-text key that is (usually) manually assigned on both the RADIUS client and server. Is it breakable? Sure. But, then again, any value given to the FBI's explanation is derived from the notion that they aren't lying to you.

    The bottom line(s):
    • Carnivore isn't stealing passwords
    • It actually makes a lot of sense to use RADIUS to allow the monitoring of a user with a dynamic IP address
    • Regardless of how little you trust the FBI, the design and implementation methodology that they claim to be using is actually not phenomenally bad

  8. Time to beat the traffic-analysis drum again... by isaac · · Score: 4
    Yes, Carnivore (or whatever it's called this week) does more than just sniff email. This is no surprise.

    I don't see enough people recognizing the importance of routing information, email headers, connection logs, etc - all information which the FBI steadfastly maintains it does not need a warrant to collect.

    This is probably the most important purpose of Carnivore - to build an interconnected dataset of who's talking to whom, who's visiting what sites when, etc. The message body isn't nearly as important or useful (from the law-enforcement perspective) as this information. You may be encrypting all your mail with 4096-bit PGPG but who it came from and where it's going is all right there at the top. Same with your browsing habits, telnet/ssh , voice-over-IP connections, etc. etc.

    Build a nice database of who's talking to whom and when, and it's much easier to find people to lean on. ("I see you emailed Bob on April 43, while he was chatting on IRC with known subversives planning protests at the Government, Inc. convention in Topeka - explain yourself citizen!")

    To me, the collection of header information is the scariest part about Carnivore, especially considering the FBI's self-styled and sordid role in "ensuring domestic tranquility" by secretly attempting to undermine dissident groups and leaders (The muckraking and attempts at blackmailinng MLK Jr. being merely the most famous of many examples).

    It's bad enough that they conduct illegal wiretaps - this information is considered today to be perfectly legal to snoop and store without a warrant or even probable cause. Dirty business.

    -Isaac

    --
    I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.
  9. Uptime issues by dmuth · · Score: 3
    About halfway through page 2, the document mentions refrers to "long term stability" as being 48 hours or more. Is it just me, or does that sound kinda um, ridiculous?

    I can see it now... FBI agents showing up at an ISP every other day because they need to reboot Carnivore... :-)

  10. Ya know.... by Raymond+Luxury+Yacht · · Score: 3

    I go to the link, and there is the document, and there are all these bits blacked out.

    I tell ya, censorship really burns my ***! I mean granted that they want to keep *********'s name hidden, and that information about ****** with the ***** and the ***** with the sheep, it stands to reason. There are still laws about that in most states. But I tell you **** *** ********* **** **** and another thing *** ** ****** ** ***** ** ***** *** ****** ***** government security!?!?! Well they can take their ******* and shove it right ** ** ***** ****** *************!


    "Put a glide in yo stride and a dip in yo hip, and come on to the Mothership!"

    --

    Ceci n'est pas une sig.
  11. Is the FBI allowed to seize s-mail in transit? by Gendou · · Score: 3
    I may be wrong (I think I might be, but I'm still curious). Isn't the FBI not allowed to seize snail mail in transit? If I send a letter to someone and it doesn't violate any of the postal service's policies (no flamables, no biohazards, etc... just a letter) then they don't have a right to it, correct?

    If this is the case, why is email any different? If I send a letter to someone, even if it's an evil plot for world domination, how can the FBI have a right to grab it midstream?

  12. Skript Kiddies working at the FBI by nyet · · Score: 5

    Is it just me or does the FBI sound like a bunch of *wannabe* leet hax0rs/warez pups. I laughed out loud when I read this "sekret document" with the word "Dell" repeatedly blacked out (because its leet to black out stuff.. like 1-800-ITS-PRIVATE!).

    "WE POWN joo we have l33t warez - we call it (yes is has a leet name) C4RN1V0R (part of our DR4GUNW4R3Z Suite!!) ph33r!!! Me and KnightDeathRider wrote it with alot of help from DragonMaster! Shout outs and props to my peeps DeathBringer and NightStalker!"

    "We are l33t visual BASIC haxors!! THE LEETEST LANGUAGE EVER!!"

    "IT IS so leet it runs on NT. Plus we call our patches "SERVICE PACKS" thats how leet we are! phr33r!"

    "It has very long term reliability - it stays up for up to 48 hours!!!! thats like two days!! leet!!!"

    I mean, please. These guys are total no talent lamers. What decent coder in the RIGHT mind would join the FBI for 1/4 the pay doing shit they HATED.

  13. version 0.3 by mightbeadog · · Score: 3
    Carnivore was conceived under the name "Omnivore" in February 1997. It was proposed originally for a Solaris X86 computer. Omnivore was replaced by Carnivore running on a Windows NT-based computer in June 1999.

    The next version will be called "Herbivore" and will run on a Mac. ;-)

  14. Holy Cow! by rocketjesus · · Score: 3

    It's a PC running EtherPeek.

    Wow.

    They spent (at least) $5,000,000 of taxpayer money on a system that could have been put together by a 12 year old kid in less than an hour.

    Most Impressive.

    I'm no longer particularly worried about carnivore. I'm now worried about what they're REALLY doing with that money.

  15. You didn't get it by mangu · · Score: 3
    The FBI is not after you, they are after criminals

    You're right, but that's not the point when the "your rights online" discussions pop up in slashdot. The problem is how you define "crime".

    When politicians make "decency" laws, they cater to the hysterical old ladies who believe everything is a sin because their favorite televangelist said so. The result is that government agencies get an enormous power to define perfectly normal activities as "criminal" if they want to.

    For example, suppose you went to Spain in your vacations, and had some pictures taken of you at a beach. In the background there's a nude twelve year old person bathing at the beach, something that's perfectly legal to do at many beaches in Spain. If you have this picture in your computer, you can be accused of being a pedophile and of having "child pornography" in your possession.

    Now, this doesn't mean the FBI will go after everyone who ever travelled to Spain and put them in jail. But it means that, if you ever witness some crime committed by an FBI employee, you cannot testify against them, since they can send you to a prolonged jail sentence.

    I'm not a paranoid, I don't think they are after me. But I do want to keep it that way, I don't want to give them the power to come after me either.