Slashdot Mirror

← Back to Stories (view on slashdot.org)

GNU Carnivore With Perl Data Lookup

Posted by timothy on from the jsubverting-the-datastream dept.

Kallahar writes: "Inspired by the FBI's DCS1000: Carnivore is a networked art project in two parts. The first part is Carnivore Server, an application which performs packet-sniffing on a specific local area network and serves the resulting data stream via the net. The second part consists of an unlimited number of client applications which tap into this data stream and interpret it in creative ways."

10 of 161 comments (clear)

  1. Chaos theory at work by cculianu · · Score: 2, Interesting

    I always love art that is based on chaotic systems. It's really cool how order can arise from chaos, and vice-versa.

  2. Lets Hope by JohnHegarty · · Score: 2, Interesting

    "performs packet-sniffing on a specific local area network"

    lets hope no one is look at naughty pictues... might give an effect which is less than random, and a bit more 18+

    --
    Cruise TT
  3. is an open source Carnivore more acceptable? by fetta · · Score: 2, Interesting

    One of the critiques that I've seen of the FBI's Carnivore was that it required an ISP to install a "black box" on their network about which the ISP knew very little.

    Would an open source Carnivore be more palatable to the ISP community? The privacy implications remain, of course, but if the U.S. government adopted an open source program would ISPs be more willing to implement it?

    --
    ** The opinions expressed here are my own, and do not reflect those of my employers - past, present, or future**
  4. Disappointment... by Xerithane · · Score: 3, Interesting

    I have to say, I am severely disappointed that they don't have a Matrix-style display. To have a realistic matrix display that contains real information about network data would just rock. Warm and fuzzy all over.

    --
    Dacels Jewelers can't be trusted.
  5. Want to cause havoc with their monitoring? by The+FooMiester · · Score: 2, Interesting
    Send your friends some streams of /dev/random They'll waste a few cpu-hours trying to decrypt each. If everyone did this, all monitoring of traffic would either be very expensive or very worthless.



    Start secret message:
    s^O(^S^XltkA@[1^Z;
    end secret message

    --
    The previous has been a secret message to my comrades.
    1. Re:Want to cause havoc with their monitoring? by flonker · · Score: 2, Interesting

      This happened to me about four years ago. I posted a message to Usenet (my first post to alt.discordia, among other groups), with a .sig containing "Filter bait: He will assassinate the president, but needs the password." followed by RC4 in 3 lines of Perl. The secret service obtained my (unlisted) home phone number, probably from my university, (probably not entirely legal, but I'm not pushing it,) and called me up at the ungodly hour of 9AM to question me about my website. They were referring to this post, which they had found using Dejanews.

      My point being, I'm a bit afraid of the run of the mill agents having access to technical anti-privacy nukes that they don't quite know how to use.

  6. Free spyware!! by tuxlove · · Score: 2, Interesting

    While I suppose this software could be used for legitimate security purposes, much as programs like Snort which monitor your network, the potential for abuse is great. By providing network administrators with a tool for sifting through network traffic for fun tidbits like email messages and other personal communications, the bar has been raised in the battle for privacy. Tools like this will make it that much easier for your ISP or employer to spy on you unless you take great precautions like encrypting everything. Since that's not always feasible, I guess we need to accept that there's no such thing as privacy on the net.

    Of course that was always the case, but in the past it's been similar to the "school of fish" mode of defense. By schooling, fish reduce their chance of being singled out by predators. In a group of a million fish, the chance of any particular one of them getting eaten by a shark is small. One could liken this scenario to the millions of Internet users. But now, with tools like Carnivore, you can catch all of the fish at once and devour them at your leisure.

    I think I see why it's named Carnivore.

  7. Re:All net traffic now under Carnivore surveillanc by vsavatar · · Score: 2, Interesting

    As much as I'd like to, very few, if any people I know have any idea how to decrypt PGP messages. The problem with PGP is you have to have one side to encrypt it and the other side to decrypt it, and since a lot of my friends, family members, and clients are 100% computer illiterate, it does not lend itself to being a realistic solution. I think all messages should, by default, be encrypted by all SMTP servers before they leave the network and be decrypted by the receiving SMTP servers before delivery, by using one of RSA's lovely encryption mechanisms, but that's just me.

  8. Re:Carnivore is one place open source ain't great by btempleton · · Score: 3, Interesting

    Of course. The question is, why make it easier for them? Half of why we want open source is to make our programs better. We don't want these privacy invading programs to be better and easier to use! That's quite different from our goals on most packages.

    We do want to be sure that they aren't snooping on us improperly, and some feel that if they are open source, that means we can check for that sort of thing. But in fact, that's possibly a big mistake.

    We can verify that the open source version is OK, but as you point out, there are people who can modify the code. And it's a lot easier to take the open source snooper and add patches to it to take out the safeguards than it is to write one without safeguards from scratch. This is really quite different from the goals of open source.

    The people who take out the safeguards won't tell you they did it, nor will they contribute their patches. Nor will they follow the GPL.

    When the FBI shows up with a DCS1000 Carnivore, they just attach a black box to your ethernet. They claim it's even wired so it can read, and not write, to your ethernet. But you don't get to inspect it, or check MD5s on the binaries to assure they were inspected to behave well.

    Now, I like the idea of a free tool for ISPs so they can install it to comply with warrants and thus refuse the police black box. But what advantage is gained by that being open source. It would be nice if it's free to the ISPs, with source available if you sign a contract, but that's about it.

    I'm also concerned that since secuity at ISPs is not super high (some run IIS for chrisakes) that it's not that hard for anybody, even a script kiddie to break in to a machine on my ISP's ethernet, and then get another script based on this open source snooper you want to snoop me. Forget the feds, these guys are worse.

    So I want to work to encrypt all my traffic but I can't yet, so I hope to not make it easier for the snoops.

    Not that it should be illegal or anything to release this package. I just want to argue that it's not a great idea. It doesn't match the reasons we like open source.

    --
    Has it been over a year since you last donated to the Electronic Frontier Foundation
  9. But is it "art"? by Jamie+Zawinski · · Score: 4, Interesting

    I did this better in webcollage years ago. But of course I didn't call myself an Artist Collective, and I didn't put out a press release, so no article in the Times for me, darn. I guess that's why webcollage is a ``hack'' rather than an ``art project.''

    I swear, one of these days I'm gonna apply for a federal grant to hack on xscreensaver . I've seen people get money for worse things . All you have to do is swallow your sanity and gag up an artist statement of some kind, and the literati will take you seriously: if you cloak it in pretentiousness, the most trivial piece of eye candy can become a Serious Work, full of Insight And Meaning!

    The problem with art is artists. My goal has long been to eliminate the artist from the creative process.