Cheaper Carnivore Alternatives Still Want To Spy On You

Troodon writes: The Register reports on Forensics Explorers' NetWitness. Rather than relying upon the FBI's 'fail-safe' separation of Carnivore Operators and Case Agents to discriminate between legitimate data and that inadmissably, incidentally siphoned up along with it and submitting to the installation of a mysterious black box within their network, ISP's can comply with CALEA in-house for approximately $2,500 per collector and between $35,000 and $45,000 for an analysis station. Should you fancy a little development, another cheaper alternative exists: Altivore." Not sure any of this is much comfort -- the lesser of two evils is still evil.

Aussies to lose right to remain silent...

[ivi]

Speaking of spies... ASIO is to get the power to compell those it chooses to interrogate to answer its questions... multi-year jail-terms for those who decline to answer the questions...

I beg to differ

[serps]

Not sure any of this is much comfort -- the lesser of two evils is still evil.

There is quite a difference between Carnivore's 'log everything on the server and ask questions later' approach and that of NetWitness. If you are an ISP and forced to comply with the Feds, I know which program your other users would rather have on their pipe.

Carnivore on crack

[gburgyan]

alti - high
vore - eater

It must be carnivore on crack! Run for the hills!

Re:Carnivore on crack

[Mike+Connell]

No! don't run for the hills - if it's already high, it's probably already up there!

Some gems from the FBI website

[CaptainAlbert]

> "The Nation's communications networks are
> routinely used in the commission of serious
> criminal activities, including espionage."

Hmmm. So which large autonomous governmental organisations can we think of who do this... :)

> "The Carnivore device provides the FBI with
> a "surgical" ability to intercept and collect
> the communications which are the subject of the
> lawful order while ignoring those
> communications which they are not authorized to
> intercept."

Sure, it's surgical... in the same way that multiple amputations are surgical...

okay, so there are cheaper alternatives.

[motherhead]

But was that ever an issue, price?

Durring all of this hullaballoo about Carnivour and the FBI's right to hamfistedly and indiscriminatly monitor packet traffic, i don't once recall it being writtin.

"oh yeah and they're easier to get then wire-tap warrants, if these damn things were cheaper it would be green lights all the way bay-bee" -Special Agent Trent Squarenuts.

Evil tech exists, evil tech is being deployed and the guys that want to see it installed usually don't shop with coupons.

Lotek versus Hitek

[Diabolical]

Ha... in France they caught a Homing pigeon with a note in arabic... how will the FBI try to intercept those? Using trained hawks or eagles?

Say that i was a terrorist... i would think twice before using e-mail or other tech to convey messages.. especially now i know they use this privacy invading crap....

Re:Lotek versus Hitek

[motherhead]

Say that i was a terrorist... i would think twice before using e-mail or other tech to convey messages.. especially now i know they use this privacy invading crap....

well then, the FBI would score that as a win... denying an enemy a method of communication and forcing them to use "lotek" is a benifeciary result.. they would assume the homing pigeon problem was a whole 'nother program

Re:Lotek versus Hitek

[Diabolical]

But the flip side is the terrorists have also achieved that NO-ONE trusts the internet.. thus creating another problem.. remember.. terrorists are not dependend on tech.. WE ARE!

The whole issue with ECHELON showed that bussiness use of the internet is depending on strong security and encryption.. giving the keys over to the US government isn't quite safe.. (since echelon allready is US government owned)...

So... who would benefit most from carnivore and anti encrytion laws? Not us... only the government...

Who would lose most from carnivore and anti encrytion laws? Not terrorists.... just us and international bussiness...

I understand this is a very delicate subject but is it important for us to lose our rights as opposed to gain security? And what kind of security will we gain? At this very moment it is a very hot topic in the light of sept 11th but how will we look upon these issues in say 2 years from now?

What are we to gain at all?

Re:Lotek versus Hitek

[blair1q]

> the terrorists have also achieved that NO-ONE trusts the internet

Uh, no, that was achieved the day the thing was lit.

Everyone knew then, and has been telling you ever since, that the Internet is not a secure communications medium.

--Blair

lose right to remain silent... Same as UK

[SomethingOrOther]

This is exactly like the Regulation of Invstagatory Powers (RIP) bill in the UK.
Give us your crypto keys + If you refuse you go to jail (If you tell anyone you are under invstigation you go to jail for even longer)
Tell them you have forgot your keys or missplaced them and the burden of proof is on you to prove your innocence. Not on them to prove your guilt! (Tell me... how I'm supposed to prove I have forgoten something?)

Basicly this walks all over your rights to protect yourself from self-incriminaton and the right to be innocent untill proven guilty
Dont worry too much though, I'm waiting for the first test case to go to the European court of Human rights.... It cant last.

Re:lose right to remain silent... Same as UK

[Twylite]

There are some significant differences to RIP. For a start you require a court order, for which the investigator (say, the FBI) must produce prima facae evidence.

Second, I have seen no US law that requires the handing over of keys. There is a significant distinction, which (if the accept proposals) South Africa have hopefully got right: subject to a court order you can be forced to disclose the content of an encrypted communication (again, there is a requirement for prima facae evidence), but there is no requirement to hand of the keys.

I do agree, however, that the burden of proof part is somewhat worrying.

The cost of it all..

[SomethingOrOther]

$2,500 per collector and between $35,000 and $45,000 for an analysis station.

WTF!
$2,500 for a glorified packet sniffer, plus another $32k-42k for some dude to sit there and sort it all out / analise p0rn for stenographic messages! Somebody is seriously overpaid!

Seriously though. Can anyone out there say why this is so expensive?

It won't matter

[YIAAL]

The WTC bombers communicated in the clear, because no one knew enough to intercept their stuff.

You have to know who to spy on before this stuff does any good. That takes Intelligence. And intelligence.

Both are in short suply.

Re:It won't matter

[motherhead]

agreed, completely. It is hard assets (read : human intelligence assets) that we needed, but you notice this is why the CIA isn't pounding the drum for carniviour, it's the FBI.

The CIA wants more James Bond, not More Larry Ellison. actually that is too glib. what they want is the ability to fund and maintain deep cover assets or agents like we used did in the cold war. Actually have our guys in the bathroom stalls next to the terrorists, complaining about the quality of the toilet paper.

Re:It won't matter

[Tackhead]

> The CIA wants more James Bond, not More Larry Ellison. actually that is too glib.

Actually, I don't think it's too glib at all. It's possibly the most concice statement of the problem I've seen yet.

Repackaged as a soundbite for your consideration:

"The world needs more James Bonds, not more Larry Ellisons."

(Regrettably, nobody outside of Slashdot will understand what that means. But for those of us on slashdot, it's a perfect summation of why we were unable to defend ourselves against the attack of 9/11.)

Re:Why is it so dificult for the message to pass t

[motherhead]

Snail-mail has been surveilled since J. Edgar Hoover was trying on his first set of pumps and as for the bathroom surveillance... well here you go dude

really it doent matter

[johnjones]

why not ?

because the important messages are not sent through a U.S. ISP so this does not applie to them

why do you think that the NSA has listening posts in the UK and Australia ?
so it can listen to phone conversations in china, europe and middle east

why do you think they fly planes over china full of black boxs

this is just an attempt of a company to make money out of legislation, that concept is not exactly new

for what its worth I think an ISP should run Altivore at least then they know that it wont screw up their network

regards

john jones

Court-approved access is Not Bad (TM)

[Twylite]

A lot of civil liberties proponents lose the plot at some point, and viciously attack any attempts at monitoring or interception. While I'm all for screaming blue murder about wholesale invasion of data and privacy, there is a point at which the state investigatory power that be require legitimate access to communications.

No, this would not have stopped Bin Laden & co, who communicated in public. Nor will it stop many related activites. But it is extremely effective against fraud and crime syndicates. I come from a country where these crimes are rife, and most convictions follow some form of search warrant.

The dividing line between good and bad is the inclusion of the court system into the process. Courts can already give permission for physical searches and wiretaps, subject to the provision of prima facae evidence. This is good.

Enough evidence must exist to convince a court that there is likely to be a crime, and that a particular person/group is likely to be implicated, before such a warrant will be issued.

There should be no difference for digital communications. Wiretaps could be used along with equipment to translate the wire signal into packet data, but this is inefficient. Just a telecoms companies are obliged to cooperate with the police (FBI), so ISPs, arguably the carrier for TCP/IP based data, should be obliged to cooperate (although not necessarily at their own cost).

When it comes to encrypted communication, the lines blur a little more, but only a little. You can be prosecuted for refusing to acknowledge a search warrant, or for refusing to testing (except in cases involving the Fifth Ammendment; and many countries don't have an equivalent), or for withholding evidence; so you should be able to be prosecuted for not providing the cleartext to an encrypted communication and, if necessary, proving it is a decryption of the ciphertext.

crypto silly

[johnjones]

any devent crime syndicates have crypto and look out for things like keyboard taps
so really its a silly thing to say

all the criminals have crypto and really dont care about this

its back to actually solveing crime the old ways instead of recording phones and opening mail

regards

john jones

Re:crypto silly

[Nater]

Why is it OK to open someone's mail with a court order, but it's not OK to read their e-mail with a court order? Why is it OK to tap someone's phone with a court order, but it's not OK to tap the new cellphone they just bought, with a court order?

I think the problem many people see, which I'm not completely in agreement with but I'll swallow for a few minutes at a time, is that opening people's mail and tapping their phones is a multilateral business, i.e. law enforcement can't do it on their own, they actually have to get the USPS or a phone company's help. USPS and the telco's don't have to do squat unless there is a court order. I think email is pretty much in that same bag, law enforcement has to get someone's help in order to get any access at all, legal or not. We kind of have to trust our carriers in that respect, that they won't let just anyone, even law enforcement, see our communications without proper authority to do so. However, cell and cordless phone conversations can be had unilaterally without anyone's help, and so that natural check just doesn't exist there. For those of us using wireless networks, that natural check is gone from our email, too. Therein lies the debate over encryption. So I have mixed feelings on the subject, but I think those are the issues people have and why the new tech is (possibly) demonstrably different from the old tech.

What simple-minded idiots?

[Garry+Anderson]

What simple-minded idiots want the authorities to have access to everything you do?

Government say about surveillance - "you've nothing to fear - if you are not breaking the law"

This argument is made to pressure people into acquiesce - else appear guilty.

It does not address the real reason, why they want this information - they want a surveillance society.

They wish to invade your basic human right to privacy.

This is like having somebody watching everything you do - all your thoughts, hopes and fears will be open to them.

All your finances for them to scrutinize - heaven help you if you cannot account for every cent when they check on your taxes.

Do not believe the lies of Government - even more money spent on Carnivore will not protect you.

Do you not think - even once encryption back doors and greater surveillance are introduced, and you could guarantee the impossible - that they could defeat all steganography:

That - when not planning face to face, terrorists will just have to send personal couriers - or get caught?

Perhaps give mobile for single message when required - just using message - go with plan a / b or abort.

Incidentely, the United States Department of Commerce and the United Nations World Intellectual Property Organization hide solution to trademark use on the Internet. Please visit WIPO.org.uk.

Re:What simple-minded idiots?

[Nater]

Government say about surveillance - "you've nothing to fear - if you are not breaking the law"

To this there exists this proper response: "If I'm not breaking the law, then you're wasting your time, as well as mine and everyone else's tax money by watching me, and you've got nothing to show for all that expenditure because I'm not breaking the law. Go after actual suspects."

Re:What simple-minded idiots?

[Nater]

You're assuming that the phrase "you've nothing to fear - if you are not breaking the law" is the voice of law enforcement. I was assuming it was the voice of Congress. Remember, law enforcement doesn't actually have this power in the United States and won't if intelligent people would just respond appropriately to their Congresscritters. Budget considerations are possibly Congress' biggest soft spot. Pointing out the enormous expense of watching every innocent person without any resulting benefit in public or national security would definitely make a lot of legislators think twice. The trouble is that it's really hard for a less capable mind to understand why there's no benefit.

Amen

[overunderunderdone]

Thank you for a rare note of sanity on /.

ALL police powers (all government powers for that matter) involve some "violation" of our rights. They carry cuffs and have jails and prisons to "violate" your right to liberty, they carry guns to "violate" your right to life (as a last resort hopefully) And they question you, execute search warrants, wire tapping warrants etc. to "violate" your right to privacy.

The fact is a police state is not the only threat to liberty, anarchy is just as bad, and is usually a precurser to a police state. The police powers to "violate" our rights is a balance designed (when working right) to maximise our freedoms and rights. The government has the power and authority, granted by the governed, to "violate" the rights of individuals who have or are suspected of violating or planning to violate the rights of the rest of us.

Don't get me wrong, I think we must always be on guard against overreaching by the state. But often people on /. have elevetated certain rights to such an extreme that they deny *ANY* legitimate police power. Ironically at the same time they are blind to more serious overreaching by the state that threatens other rights not as elevated as the "right" to perfect anonymity & privacy.

We did know

[overunderunderdone]

All of the planes except one had five hijackers. The reason is that most likely we already had in custody the fifth - a man detained on immigration charges because he was a suspected terrorist and was suspiciously learning to fly a commercial jet & asking about flying over NY airspace but had no interest in taking off or landing.

The guy was arrested on immigration charges rather than put under surveilance. The FBI field office asked but was refused a counterintelligence surveilance warrent because a suspected terrorist learning to fly a plane and particularly interested in New York City airspace was not enough for "probable cause"

Story Here

To be fair, if they had just searched his hard drive they probably wouldn't have had enough to know what the terrorists were up to. On the other hand if he had remained free but under surveillance it seems likely we would have been able to gather enough intelligence on this cell to figure it out before hand.

Re:We did know

[technos]

Sigh. It took the FBI a *month* to ask for the warrant. It took them almost a month to hear the unsubstantiated rumour from France that he 'may have been associated with members of an Algerian terrorist group'. That's like saying they should follow me around just because I might know a couple of the same guys Terry Nichols did, and the fact I own a couple books on explosives. They had no hard evidence. If he were a US citizen, he would not be in custody, and they wouldn't have even had his laptop.

Say they did get the FISA warrant, we all know how slow the FBI moves. They wouldn't have even gotten around to searching the hard drive by the time the WTC was hit.

Umm, OK

[panda]

So, what's the deal? Why do you need carnivore in the first place?

Say you're an ISP and the FBI shows up with a warrant and their carnivore doo hickey. They want Joe Blow's email and Internet traffic. OK. You tell them, since you got a warrant I have to comply, but you aren't using carnivore. I'll just dump all of Joe's email with a forward file that gives his email to him and puts it in a file for you guys to get. Since you want everything he does on the Internet. I'll just make sure that he always gets the same IP address when his modem dials in and his account authenticates, and just dump all of his packets to disk for you. This way you get what's in your warrant and nothing more than whats in your warrant.

I don't see why we need crap like carnivore just to get one suspect's email.

There is something else going on here, and you don't have to look too hard to find it!

Why all this??

[josepha48]

Whay not jsut require that mail servers archive a copy of each letter sent. It is possibly. Usually mail servers just delete the mail after it is sent, it could be easily made to archive a copy of each email. Then you can send it all as spam to the FBI and see how long it takes them to read. I know I have a tough time reading the email I get each day.

|-|0\/\/ 70 |)3f347

[hugg]

17'$ 34$y 70 |)3f347 c4r|\|1v0r3, ju$7 c0|\|v3r7 4|| y0ur 73x7 70 |337 $p34|!