Slashdot Mirror
GNU Carnivore With Perl Data Lookup
Kallahar writes: "Inspired by the FBI's DCS1000: Carnivore is a networked art project in two parts. The first part is Carnivore Server, an application which performs packet-sniffing on a specific local area network and serves the resulting data stream via the net. The second part consists of an unlimited number of client applications which tap into this data stream and interpret it in creative ways."
I always love art that is based on chaotic systems. It's really cool how order can arise from chaos, and vice-versa.
Just how "creative" is this system going to be? Is it going to be the intruiging kind of creative, or the exploitable kind of creative?
I thought Carnivore was a really bad packet sniffing program used by the FBI to monitor terrorist cells. Has GNU been infiltrated? Or are they simply showing their stripes?
"performs packet-sniffing on a specific local area network"
lets hope no one is look at naughty pictues... might give an effect which is less than random, and a bit more 18+
Cruise TT
One of the critiques that I've seen of the FBI's Carnivore was that it required an ISP to install a "black box" on their network about which the ISP knew very little.
Would an open source Carnivore be more palatable to the ISP community? The privacy implications remain, of course, but if the U.S. government adopted an open source program would ISPs be more willing to implement it?
** The opinions expressed here are my own, and do not reflect those of my employers - past, present, or future**
On November 17th, a draft version of a review of Carnivore, the FBI tool for monitoring Internet traffic, was made available to the public. This review was performed by members of the ITT Research Institute in Lanham, Maryland and is 127 pages long. In the Executive Summary, the review makes several recommendations for ways in which Carnivore must be improved, in order to protect individual privacy and assuage concerns about the potential for unauthorized use.....
....
.....
In other words, they found a flawed product, which can currently be easily manipulated to gather information beyond that authorized in a court order. They believe the flaws are fixable and have made recommendations as to what needs to be done, including eventually releasing the source, but not until some glaring security problems have been fixed first.............
Read on here:
http://www.lwn.net/2000/1207/security.php3
Cruise TT
I have to say, I am severely disappointed that they don't have a Matrix-style display. To have a realistic matrix display that contains real information about network data would just rock. Warm and fuzzy all over.
Dacels Jewelers can't be trusted.
If you are nervous about your messages being intercepted, get yourself a implementation of PGP and use it religiously. If you are really feeling paranoid, get the source code to 'Gnu Privacy Guard' and compile your own copy.
I am part-owner of one ISP, and know personally top network administrators for at least a dozen other providers, both major and minor. None of them have 'Carnivore' or other government-mandated software or hardware on their networks.
The Feds did make a one-time request of several major providers to scan their logs for email with a certain set of 'From' addresses, but there is no new ongoing traffic analysis at individual ISPs.
There is absolutely no privacy left on the Net any more. None. Keep that in mind when you rant. That's what crypto is for. Ranting on Slashdot is by it's very nature, about as public as you can get.
Coudn't this count as an attempt to reverse-engineer the communication protocol of networked applications and therefore be breaking the DMCA??
Seems to me this is more about the programmer creatively setting up a was for a computer to place overlayed text or randomly grabbed images into a layout. I don't see the computer making many of the artistic decisions, except maybe applying the color wheel maybe?
Posiks
Years ago when Linux 2C tips had just started, I published a little script to periodicly generate random wallpaper by tiling gifs plucked out of the netscape cache........
Judging by the amount of feedback I got the concept was quite popular.
Carnivore Server is a set of Perl scripts running on top of tcpdump
You know, sadly, this is probably far more sophisticated than the actual Carnivore system.
Good grief.
--
What happens when you outlaw guns
This would offcourse hardly be any safer if you'd not audit all the code before compiling it:)
0x or or snor perron?!
Here is some more information about the artwork (NYTimes login required blah blah blah blah)
So they release a "Art Project" that convinces people to install a box on a bunch of networks, join an IRC channel and dump packets...
...
And this is a good thing because
???
Would need to be some kind of no-hop-added router, I guess. (I know IPF can do this, but parsing packet content is a bigger job than just reading headers, especially at the major nodes)
Like others have wisely said, if your unsure, encrypt with your own keys. Everyone sniffs around these days, run ipmon for fun!
I agree.. I know that with what is happening lately with terrorism in our country, the fbi wants to implement anything they can to track any potential criminals.. but with all this "tracking" going on, and with no one having any privacy left at all, i wonder how many times people will be under suspicion for something when they really didn't do anything wrong at all.
Imagine setting up a dual-homed, 802.11b equipped laptop near a major business, then using this art project to broadcast what you hear to the world.
Scary!
Start secret message:
s^O(^S^XltkA@[1^Z;
end secret message
The previous has been a secret message to my comrades.
So there's no public domain software.
is owned by the Jews..
Those bastards control the media and everything.
IF the 'Jews' controll the 'media and everything,' as you put it - then my hat is off to them as they have been running the country and the media pretty well. Maby we should have more Jewish people in control if they are doing such a good job.
Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.
The FBI's carnivore is based on proven technology. This anarchist's version of software is that open-source garbage. It will take someone 2 years to figure out how to install it, then they'll have to wait 3 more for the next release.
Are the algorithms used to generate the "art" one-way or reversible? I.e. is this art project a security hole of its own by allowing the original datastream to be resurrected?
While I suppose this software could be used for legitimate security purposes, much as programs like Snort which monitor your network, the potential for abuse is great. By providing network administrators with a tool for sifting through network traffic for fun tidbits like email messages and other personal communications, the bar has been raised in the battle for privacy. Tools like this will make it that much easier for your ISP or employer to spy on you unless you take great precautions like encrypting everything. Since that's not always feasible, I guess we need to accept that there's no such thing as privacy on the net.
Of course that was always the case, but in the past it's been similar to the "school of fish" mode of defense. By schooling, fish reduce their chance of being singled out by predators. In a group of a million fish, the chance of any particular one of them getting eaten by a shark is small. One could liken this scenario to the millions of Internet users. But now, with tools like Carnivore, you can catch all of the fish at once and devour them at your leisure.
I think I see why it's named Carnivore.
Plus, you need to build your own compiler, starting with hand-built machine code and bootstrapping your way up (see the classic C Compiler hack).
Of course, you then need to build your own processor to ensure there are no hacks in the processor too...
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
I searched all the web site , and couldn't find the clients :(
Examples are cute, but where is the software ?
"We all know Linux is great...it does infinite loops in 5 seconds." -- Linus
It seems that the purpose of this project is to make fun of the FBI. Interpretting the data in creative ways is exactly what we assume the FBI would do with the captured data anyways.
Plus, "well, it's not an invasion of privacy, it's just art" is a nice spin to "well, it's not an invasion of privacy, it's just security."
Handing out guns to school kids and calling the blood splatters "art".
This stuff is more enjoyable to look at than most of what's on the walls at the Guggenheim!
A feeling of having made the same mistake before: Deja Foobar
Now not only do you have the Feds watching everything you do online, but you also have the approval of those who claim to fight for your "freedom". What a joke, indeed. It is time that we, the freedom-loving citizens of the Internet, teach these people that it is not ever acceptable to watch other peoples' network traffic. This is a violation of privacy pure and simple and if we need cause a great disturbance in protest against such a thing, then so be it. We will retain our right to privacy.
--sdem
Just imagine it - due to the wild success of the SETI@home and protein folding efforts, the FBI has decided that they too can distribute the loads of finding nefarious people in the world.
And, with the MPAA and RIAA @home supplemental modules, your MP3s will be reported directly to the master FBI server...
I donate all spillover Karma to the charity of my choice... Ada was still a babe despite what people may say...
As much as I'd like to, very few, if any people I know have any idea how to decrypt PGP messages. The problem with PGP is you have to have one side to encrypt it and the other side to decrypt it, and since a lot of my friends, family members, and clients are 100% computer illiterate, it does not lend itself to being a realistic solution. I think all messages should, by default, be encrypted by all SMTP servers before they leave the network and be decrypted by the receiving SMTP servers before delivery, by using one of RSA's lovely encryption mechanisms, but that's just me.
Sad to say, while there were many compelling arguments for open sourcing Carnivore so that the public could see if the FBI's boxes could be trusted, there is a major downside.
You've just given Carnivore tools to the Chinese, The Iraqis and all the other oppressive governments of the world. Even though buying a network sniffer and configuring it was within their power before, this makes it easier.
And whatever fears I may have (and they are many) about the U.S. government and its agents abusing their powers, they are nothing compared to the fears I have about those other powers.
What we needed was two things. One was source review of the boxes the goverment uses by a wide range of trusted people, and two was a free as in free beer tool for U.S. ISPs so they can use it as an excuse to refuse a carnovore box on their ISP in the first place.
Has it been over a year since you last donated to the Electronic Frontier Foundation
I always thought GNUs were herbavores...learn something new every day...
KidA
"Karma can only be portioned out by the cosmos." -Homer Simpson
There is absolutely no privacy left on the Net any more. None. Keep that in mind when you rant. That's what crypto is for.
PGP, GnuPG, or whatever public key crypto you use, enables you to sign, verify, encrypt or decrypt documents. That's it. It's not an anonymizer. You can use them to keep your personal communications private, but they're useless for public posts on Slashdot. What good's a post on Slashdot that no one can read?
Now a PGP based mailing list would be a very Good Thing(tm). Encrypt your messages to the list server, which then sends it out encrypted for each subscriber.
A Government Is a Body of People, Usually Notably Ungoverned
I've often thought of vocalizing my lan. Does anyone know where to start to realize tcp packets as sounds?
-----BEGIN PGP SIGNED MESSAGE-----
s gV oww12N31MAn3bz
Hash: SHA1
Ok.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use
iQA/AwUBO9n6FOgdudoliF6NEQJLdgCfTNY0q4J2v15vMdt
bVeoMECtVIHLkx9CGKL7WCKV
=2sZe
-----END PGP SIGNATURE-----
eythay illway evernay igurefay isthay outway!
Oh yay! X just crashed in the middle of a huge download, that just rocks so much...
open source stable...shea ok...
Windows XP doesn't randomly die after a massive swapp-o-rama...even thought i have 256 megs of ram...
X on Linux sure does though...
I swear, about 5 stories a week on slashdot are straight from memepool.com and the submitters never credit the site.
--
Don't sweat the petty things, and don't pet the sweaty things.
ok.. everyone try to slashdot uhh slashdot.org on my mark.. 1...2...3...GO!
ahh dident work.
Daddy would you like some sausage?
Version: PGPfreeware 7.0.3 for non-commercial use
Does this mean if I use my laptop with this version of PGP "freeware" at my employer's location whilst on the clock, a BSA raid could net another violation?
That's Mr. GNU/Karnivore to you, buster. ;)
So... When can we expect Carnivore@Home? Personally, I'm kinda tired of Seti@Home...
Doesnt it seem just a little creepy that they (http://www.bsa.org/)have a globe with a (C)opy right sign on it?
"Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
-- Could you use my software consulting serv
No, but you do need to use a compiler that hasn't been hacked in the manner described by your link. I submit that it is possible to do this without building the compiler myself.
Wow, 45 days from seeing Carnivore as a horseman of the apocalypse to striving to make a more effective open source version.
Kevin Fox
I did this better in webcollage years ago. But of course I didn't call myself an Artist Collective, and I didn't put out a press release, so no article in the Times for me, darn. I guess that's why webcollage is a ``hack'' rather than an ``art project.''
I swear, one of these days I'm gonna apply for a federal grant to hack on xscreensaver . I've seen people get money for worse things . All you have to do is swallow your sanity and gag up an artist statement of some kind, and the literati will take you seriously: if you cloak it in pretentiousness, the most trivial piece of eye candy can become a Serious Work, full of Insight And Meaning!
The problem with art is artists. My goal has long been to eliminate the artist from the creative process.
But that's the whole point. Unless you've vetted the compiler you don't know what's been hacked into it!
And if you build a compiler using a different compiler, you have the same problem. Therefore, you need to bootstrap your own compiler!
They're art fags... logic isn't one of their strong points.
Yes, exactly. I don't know about you, but it's much easier for me to vet my compilers than it is for me to write them from scratch.
The process is greatly simplified by the fact that you can often use the same compiler to compile itself; yes, you have to start with a precompiled one, but simply compare the vetted one with the precompiled one to determine if the precompiled one has been compromised.
In fact, I would go so far as to claim that most people vet their compilers already. Their standards simply vary quite a bit in thoroughness from our own.
There is absolutely no privacy left on the Net any more. None. Keep that in mind when you rant. That's what crypto is for. Ranting on Slashdot is by it's very nature, about as public as you can get.
I have to say, I fear you people way more than I fear the government. It's people like you that bombed Oklahoma City.
LOL! Good one!
To call this retarded hack an open-source Carnivore is totally ridiculous, as jwz says.
See Dsniff for a collection of free, open-source tools even more powerful than Carnivore:
http://www.monkey.org/~dugsong/dsniff/
and without all the artsy-fartsy pretense...
...adding GNU to a name just makes it silly.
In other news, Richard Stallman is considering changing the GNU Project's name to Monty Python and hawking its software as parodies of the real stuff.
I find rather strange that a software developped to snoop on other people's private matters seek 'linux community' approval by releasing it GPL?
:D
This will be a GREAT tool for people to just try & snoop on everybody else
What's the big deal, bad guys are not going to send an e-mail with their attack plans.
diff/ my dear, = dzat {
. [0+0] m9nd declard `webcollage` art / non-art
. `Jamie Zawinski` == jealous
. (`Jamie Zawinski`) => `carnivore` prjkt !=
(group) => `webcollage`
}
. `Jamie Zawinski` == jealous
bzzt!
. `Jamie Zawinski` == jealous
bzzt!
. `Jamie Zawinski` == jealous
bzzt!
. `Jamie Zawinski` == jealous
++
may ! add
= `Jamie Zawinskie` expzct
(lo.tekk korporat zerv) => Times 2
ztart look!ng 16384 ueb pagz 4rom
[normalement] _!ll!terate ++
zlf-obzeSSd ['!' = obzeSSd u!z
be!ng obsessiv ] !nelegant
programm9rs [ any fool can program
a computer and most do ]
uen zrch!ng 4 `works ov art` _+?
g!gglb!t
My little brother is THE admin at a major co. that provides web hosting and marketing services, I asked him about carnivore about a year ago and he said "I could tell you but then I'd have to kill you." I let the subject drop.
Maybe your friends are just doing you a favor and you don't realise it, or maybe it doesn't realy work yet, only a select few know and nobody's talking.
OK, fine, try GnuPG then. It's an open source implementation of the OpenPGP standard, and doesn't have US export restrictions (because it's German, and importing foreign encryption munitions _into_ the US is fine). It and recent PGP versions should be fully compatible (by default, it doesn't quite implement the OpenPGP standard, for compatibility with older PGP versions, but you can set it to pedantic standards-compliance mode if you want a fully correct implementation).
Will this compile on Cygwin? I don't think TCPDump will, or will it? I'll take a look later. I also own a copy of flash, mebbe I'll write something cool as a vis client..... I'll post my results later. --j0shua
--- BEGIN PI-GUY ENCRYPTED MESSAGE ---
lasdkasldAlaskd;sdkHasl;djasAdakls! Casd;AsaNlk alsYlaksdfOalskdfsdfUasdflj jklRlkjaEajksAalskjDasdklj alskdjTadslkjHlasdjIalsdjSladjs?lasdj
--- END PI-GUY ENCRYPTED MESSAGE ---
HINT: Look at the caps...
If you think it's so trivial, join the project and add your collage as a client--that's the whole point. Maybe you'd wow all those naive artists with your programming skill. Maybe you'd fall flat on your face. And maybe, just maybe, you and the artists might get along and produce a really good piece of collaborative software art.
So you wrote a program, and then a bunch of other people made a better version, and now you're whining about them getting all the attention.
Funny that an ex-Netscape guy still believes in first-mover advantage.
Is it just me, or would anyone else be entirely unsurprised if the FBI discontinues development of carnivore and its successors, and swtiches to GNU carnivore? After all, now they have a similar application developed by experts all over the world, and they can review all of the code for backdoors. Hell, I can see governments all over the world picking up this program and abusing it to the detriment of humanity worldwide. I hate to say it, but this is one project that I wish had never happened, and will not miss if it dies out.
This isn't an "open source version of the FBI's Carnivore," and it's not a "GNU Carnivore." It's an art project inspired by the FBI's Carnivore, and it has nothing to do with monitoring internet usage or violating anyone's privacy. Basically, this Carnivore project serves up data culled from tcpdump, and then clients use the data to generate intriguing and sometimes beautiful audio or visual art. Go check it out; it's very cool.
Maybe this could be configured to detect virus attacks and draw a few skulls in a window to inform you...
;)
That might stimulate a few lax sysadmins when bosses see their boxen showing jolly rogers..
---
Paul
If you are nervous about your Usenet posts being intercepted by Spootnik, please moderate him into oblivion.