Dartmouth Student Invents A Carnivore Leash

timdorr writes: "Looks like a student at Dartmouth wants to turn Carnivore into a much more resonable tool according to this Wired article. I'd personally feel a lot less invaded if I knew the system was in place and in this form. Hopefully the government takes notice becuase Carnivore still seems like quite a loophole for our government to exploit."

And remember

[Kierthos]

Don't just leash your Carnivore, spay or neuter it unless you want to be responsible for little baby Carnivores.

Kierthos

unfortunately, it will provide no protection at al

[Syre]

This is an excellent approach! I am really thrilled to see someone coming up with a solution that allows the government all legitimate use while providing the tools to prevent overstepping. And partially funded by the justice department too!

The big problem with this is that even if it's implemented, since under the Patriot Act judges need not sign off on subpoenas, the FBI et al would still be able to get all they keys they want and still access all the data.

For this device to be useful, unfortunately, the law must be changed to require judicial oversight... and the judges must be trustworthy!

Get some perspective

Anyone who thinks Carnivore is a ferocious animal right now, please step into the hallway for your I.Q. test.
Everyone else knows that after 9/11 so many people made calls, emails, HAM traffic to the tune of 'terrorist' this, 'Cell' that, that Carnivore must have sustained a complete mental(server) breakdown. Put your thoughts to things of more importance (Israel/Palistineans, Coke vs Pepsi). The chance that something the FBI/CIA built outside of a national coding symposium would be so utterly, absolutely crashed from the traffic of keywords that it doesn't bear looking at. I'm not trying to point you in the direction of unilateral oversight and say it's OK, I'm just saying that 'right now' there are more important things to look at than a system more crashed and confused, that it probably thinks its an Atari 2600 with a buggy version of Combat loaded up

Re:Get some perspective

[mpe]

Yes, if Carnivore is doing a simple word scan on email messages, but somehow I doubt that. I would imagine that it knows the difference in context from a message like "Say a prayer for those who died by the hands of terrorists" and a message that contains the launch directives for the next message.

Except that a terrorist "go code" probably wouldn't contain any information about what they were doing at all. Since they already know what the mission is.

If I was going to do something similar to a terrorist activity, I wouldn't just be pushing raw ASCII email messages with that kind of information in them. I would encrypt the message in a image and say, "Look at some pictures from my trip to NYC." Carnivore is looking for those kinds of patterns.

No you want to avoid encrypting anything and denfinitly not hiding inside a graphics file. Since this is likely to create obvious patterns. Far better to use a code a good code will appear to be a competly innocent message.

Re:Get some perspective

[Angst+Badger]

I'm afraid there's a lot more to monitoring communications than just keyword searches, which are not necessarily even the first thing an email monitoring system would examine.

When examining a communications network -- which is what we would be doing if we were trying to track illegal activity through email -- the first thing we look at is not the content of the messages, but the pattern of communications between nodes. We would only have to start with keywords if we had no suspects, and that would be the sort of fishing expedition that is prohibited by law. But odds are we do have a suspect, so we look at who he's talking to, who those people are talking to, and so on, until we are eight or nine steps away from the suspect. (Much further than that is not only impractical but generally pointless.)

Having established a clique, we can examine the volume of mail between nodes, and see who is the best-connected (and therefore likely to be exerting some kind of administrative control). If, in the course of this, we see some people who are suspects in a previously unrelated investigation, we can explore the possibility of hitherto unknown connections.

Without once having looked at the content of a single message, we have developed a pretty clear picture of the relationships between our suspect, people not yet suspected of anything, and if we are lucky, other suspects.

Then we can start using keyword searches on a reasonable volume of mail to serve as a starting point for manual examination of message contents.

In any event, the word 'terrorist' is not going to be a problem for law enforcement, because terrorists don't call themselves terrorists -- that's a label that our propagandists apply to them. Judging from what has been released to the public, they refer to themselves as 'freedom fighters', 'fighter brethren', 'mujahideen', and several other labels -- which points out another thing we can exploit: people who belong to cliques, especially tight-knit underground ideological factions, develop their own characteristic jargon. Simple word-frequency analysis as well as more complicated techniques such as n-gram analysis and Markov chains, can be used to pick these out of the crowd once you have a 'model text' to study. (These techniques can be applied with significant but lesser accuracy to less-cohesive cliques, such as professions, religious affiliations, and ordinary political factions.)

In short, it is wise to bear in mind that however misguided federal law enforcement agencies may be, they are not stupid or naive, and neither are the computer scientists who work for them. Even if they were, the kind of programming involved is not especially challenging -- ninety percent of what you'd need to know can be found in Knuth.

great...

[CmdrTaco+(editor)]

Great, just what we need- something comes along to make the public think it's perfectly okay for the government to monitor email. I don't care how secure it is, I would still rather have no government monitoring at all than even a system that would guaranteed not to be prone to abuse.

Re:great...

[NoNeeeed]

Why do people have so much of a problem with the authorities monitoring e-mail, yet don't get up in arms about straight phone tapping? The right of the police to tap your phone is no different from their right to search your home, search you or indeed put you in prison. The same goes for reading your e-mail.

Each of these powers is granted so that they can fight crime. I don't have a problem with the police having any of these powers, as long as they are restricted, i.e. you need a warrent to search someones house, or tap their phone, so you should need one to read their e-mail. I have a problem with echelon and 'fishing-trips', and the police abusing their power of search and arrest. But then thats why we have rules. Its up to us/our representatives/the judges to make sure that the police obay those rules. This is why so many cases get thrown out of court on 'technicalities', because someone broke the rules.

On the whole this is pretty well inforced in britain, for example ALL interviews with the police, MUST be taped, and there has to be a witness, (unlike in the US where recording is only reccommended. That said we do have the rather dubious RIP bill but that still requires a warrent.

So basically, if you are against (restricted, needs a warrent etc) tapping of your e-mails, you should be against the (warrented) search of properties and the (warrrented) tapping of phones.

The internet is no different from any other communications medium. If you really think that it is, or has ever been some utopian paradise of free speech somehow seperate from the real world and real world laws, where anything is allowed, then you need to get out and about a bit more.

The Internet is just another communications network, no different from any other. It is not special, just more advanced. Using the internet is no different from using a phone, or fax. You are not special, it is not special. Grow up and stop seeing the world from such a narrow viewpoint (I can't beleive I just said that on /.)

Paul

Re:great...

[extra88]

You haven't been paying attention to this subject. That's okay, it's not your country.

One problem is that it's an information vacuum, it sucks up *everything* from the ISP, not just the packets sent or received by the suspect. They supposed to toss the packets belonging to everyone but the suspect but we only have their word on that. It's like they tapped every phone at a CO and are supposed to throw out all the tapes except the ones for the one house.

Another is that the implementation of Carnivore does *not* have the same oversight wiretaps or property searches do.

Have you ever seen Goodfellas or The Sopranos? When they do a wiretap, they're only allowed to record or listen if they hear in the first two minutes the target of the wiretap (not his wife, not his cousin) or if it's is material to the case. If its not, they have to turn it off for a period of time (something like 5 minutes) after which they can turn it back on to check again. With Carnivore they keep it all and don't even have a way of knowing who in the household was using the computer. Carnivore is like a secret search warrant of every home or business the suspect or anyone in his family visited.

Someone else mentioned a suspect has no way of knowing if they're being "bugged" by Carnivore but I don't think we have a fundemental right to know if a warrant has been issued with our name on it.

Of course wiretaps have gotten broader. I believe the FBI finally got their "roaming wiretap" law allowing them to listen to any phone the suspect *may* use. I'm sure there are rules of admissability if they record someone else by "mistake" but it's to late, the damage to innocent people's privacy has been done, they can't un-listen to their conversation.

The Internet is different from other communications networks, not in terms of our rights but in technical terms. This has important ramifications for how laws are written and implemented. You should be squirming at the sight of my my similes comparing Carnivore to wiretaps and house searches, most metaphors relating the Internet to the physical world break down with a little scrutiny, but I'm just trying to relate my perspective.

Carnivore is part of a larger trend we've been seeing in this country where what we believe is our right to privacy is being trampled by our government, not to mention corporations and other individuals. We see the lack of oversight for something like Carnivore and we feel the "chilling effect" it has on our speech and acts. It comes down to Quis cusotdiet ipsos custodes, "Who Watches the Watchers?" The recording of interviews by the police in the UK is smart for evdentiary reasons but it's really there to prevent abuses by the police. How do we get that for the use of Carnivore?

Encrypt your mail...

[u01000101]

I'd personally feel a lot less invaded if I knew the system was in place and in this form.

I'll personally continue to encrypt my emails - as many as possible of course.
Routine use of encryption (like for the one-liners) defeats to some extent traffic analysys.

The recent improvements in factoring (look here and here) don't affect 1536- or 2048-bit keys (or larger). For the time being, public-key encryption is the best means of protecting your e-mail privacy. Don't rely on some guys' kindness - with a little effort you can be sure your nosy admin/ parent/ spouse/ street cop won't "accidentally" read your stuff.

http://www.gnupg.org

Re:Encrypt your mail...

[u01000101]

most websites only support 128bit encryption for online transaction, which can be broken in a matter of days

No, AC, you got it wrong: 128bit *symmetric* encryption is very strong - comparable to 1024-1536 bit public-key (or assymetric) encryption.

If you're feeling like a good read, try "Handbook of Applied Cryptography" - do a google search, it downloadable for free.

Re:Too clever for his own good...

[digitalunity]

Un-American? He's being down right UNPATRIOTIC. How dare all you fuckers; privacy? You don't get no stinking privacy! If you are innocent, you have nothing to hide, right?
[/sarcasm]

I'm 1/4 Australian. When can I move?

Re:unfortunately, it will provide no protection at

[Sapphon]

True, they would be able to get all the keys they want - but they would still be limited in the data each key can retrieve. It's highly unlikely that the system would allow the FBI to request key allowing them to access ALL emails, or enough restricted-data keys, without there being some oversight by a third body (the judge)

This is an important developement because it looks like striking the right balance between the individuals' right to privacy and the requirements of the government in their quest to protect us. Whether the system will be used to protect us or not is not something programming can change, sadly, that's a matter for the judges et al signing off on the subpoenas/search warrants/what not

Impractical?

[hazyshadeofwinter]

The Wired article didn't go into too much detail, but I can see a couple of potential problems here..

- how exactly does the FBI (or whatever) specify *what* they're looking for? Searching for "all traffic containing the keywords TERROR, BOMB, COCAINE and OSAMA" sounds like Carnivore as is, and would be pretty easy to defeat anyway. Anyone remember "The Longest Day", in which the Allies sent messages re: the date of the D-Day invasion over clear channel radio, using a code based on a Rimbaud (I think) poem?

- the data vault might hold the FBI/NSA/whoever to their warrant, it does nothing about intentionally vague/overreaching warrants or the laws that enable them.

- re: using this system to keep medical/financial/etc. info private: Hardly a catch all solution, the data vault can't stop companies from spreading/selling your info after you've given it to them in confidence.

- If these do become commonplace, how long before a bungled police investigation results in evidence being lost because of one of these things self destructing? And once that happens, how long until they become outlawed?

Re:hmmm

[digitalunity]

These Orwellian news stories are becoming more frequent. They are beginning to scare me. Average American citizens believe that because they've done nothing wrong that this invasion of privacy does not affect them. That's what eastern europeans thought before WWII. Think about this: So, you have some unfounded trust in your current government. You think that the invasion of privacy will only lead to greater safety. This is laid on the premise that the current government is the only one to ever lay hands on the sensitive information. Can you say now that you trust any future governments to use the information for the greater good?

Can you trust all new administrations to do only good? McCarthy is a prime example of what happens when you let paranoia feed on patriotism. What if in the future a fascist(in the true sense) governemnt controls america. What will you do then? By this time, you've already been catalogued and filed and triplicated in every possible way; you gave up your right to privacy years ago.

Round two: A computer cracker or a corporate spy thieves the database for their own personal gain. You, and all 249 million of your neighbors are now in the hands of the highest bidding corporation or marketing firm. What are you gonna do? Nothing. You don't have any rights. You gave them away already.

Although the right to electronic privacy is not in the constitution for obvious reasons, the true intent of the bill of rights is obvious. The Bush Legislation Regime is feeding on our own fear of the enemy(whoever that is) to take away our rights. Everything from Carnivore to the SSSCA(or whatever new derivative is in the works) to the USA Patriot Act, our rights are being eroded away one law at a time. Americans are like frogs, they'll sit in their apathetic zombie worlds letting their rights vaporize while calmly waiting for the water to boil.

I may be a elitist prick; but the apathy, disillusionment, and ignorance surrounding me makes me want to vomit.

Re:unfortunately, it will provide no protection at

[u01000101]

For this device to be useful, unfortunately, the law must be changed to require judicial oversight... and the judges must be trustworthy!

[ I said this before, but I like to repeat myself :) ]
Current public-key encryption (gnupg, pgp) is strong enough to keep you safe from "casual" prying eyes - like your spouse, children, parents, syadmin, boss, street cops, even the fbi. Maybe they *can* crack it (i mean the feds), but they won't go to that without strong reasons and probably more thinking.

What really pisses me off if this "casual" attitude to authorities snooping my personal communication; I'm sure that if the cia, nsa, kgb, mafia, big corporations or who knows else - want to read my email, they will. But I'm also sure that by using gpg, none of the small big-brothers will get their kicks.

Private Citizens vs. FBI

[blankmange]

I guess, for me anyway, the irony here is that a single student did this. Not the FBI or any other agency/department of the government, but a private citizen had to come up with a way to harness and focus the power of Carnivore. I know the FBI probably could have done so themselves, or any other company/corporation, but they didn't. Never underestimate the power of the individual.

Hold on

[njord]

The problem is the people have huge misconceptions about Carnivore. Being concerned about personal privacy, I chose to research Carnivore for an Ethics class at school. I found that Carnivore is pretty much just misunderstood; it is really incapable of doing any large-scale surveillance. There's an independant review that was conducted by IITRI last year that points out that Carnivore is the safest of any online monitoring tool and that it is incapable of wantonly collecting data. Incidentally, the report suggests that Carnivore be open-sourced. Fat chance.

The real issue is whether or not it's right to perform surviellance. I think that it can be necessary at times (with the required warrants) but I also think that it needs to be taken more seriously and greater restrictions need to be in place to ensure that it is only used in extreme situations. If you think that Carnivore could invade your privacy, read up on how many wiretaps are used every year. Carnivore is used much less and is safer to boot. The real problem here is whether the government should be allowed to monitor communications at all, not that Carnivore gives the government some awesome new powers of data capture.

njord

By the way, I really have no association with the government. I'm just a left-winger college student that did a little research and was surprised by what I found.

Re:Hold on

[vidarh]

Carnivore in itself may not be a problem. The problem is if the FBI is given the ability to place tools in an ISPs environment without any control over what is placed there. How will the ISP know that FBI is using the version of Carnivore that has been through an independent review?

If the ISP was allowed to review the code, compile it themselves, and install it one of their own boxes, the chance of abuse would be much smaller.

How to predict government actions...

[PHAEDRU5]

Simply take them to their logical end.

The fact that Carnivore exists, in any form, indicates that the government wants access to all your communications, to know exactly what it is you're saying and hearing.

This modified Carnivore is an attempt to claw a way back up the slippery slope when you've already hit bottom.

You're only real options are either not to say or do or listen to anything the government might find objectionable, or encrypt all your communications.

Backdoor?

[Diabolical]

The article mentions the use of an cryptographic coprocessor that will self destruct if it notices any breach of security, rendering the stored data useless. It also states that this "vault" could be used to store medical information etc..

I for one would like to know for sure that my medical information could be retrieved even after the destruction of the coprocessor.. would be nice when i'm caught in accident and i'm not able to sum up my medical history myself...

Off course it's possible to use a less secure version of this "vault" for this kind of applications

This is one nice solution though to harden the carnivore system against unwanted, illegal, snooping around for nice bits of information that could be used by a cop or fbi agent on the take...

Re:Questions for the security experts

[vidarh]

First of all the processor destroys itself, not the data. If a second copy of the private key exists, then you could still access the data by installing a new processor with the same key. However of course, then a possible attack against the system would be to get hold of the second copy of the key.

You could keep a set of processors encoded with the same key available as backups in case the processor in use is destroyed, though.

Also, presumably in real life use noone would have network access to the interface you'd request data from, so unless someone gained physical access to the box at the ISPs offices, they wouldn't be able to trigger any destruction.

Re:Justice Dept partially paid for it. Wow

[David+Kennedy]

> I take that back.
> The guy's paper clears says it was funded by DoJ.
>
> Wired == suckAssJournalism

Learn to read carefully; the article clearly states
"The U.S. Department of Justice and IBM partially funded this research."

Wired isn't my journalistic choice, but this criticism at least is unfounded.

Why all the pro-"Clipper Chip" type arguments???

[BitMan]

I think people need a history lesson on all the arguments surrounding the Clipper chip. Remember, the problem isn't always government (although that's definitely part of it), but the inability of government to effectively protect the information from third parties that will abuse it. Key escrow is something that can and will be compromised. And because it is a technology that can and will infiltrated everything, it will allow complete access to your privacy by anyone who wants it. Again, it's the Clipper chip all over again!

Need I revisit the the classic boofernery of the Social Security Number? Outlawed by the government for use outside of its specific creation, it is now used by everyone. And it is extremely easy to obtain, let alone steal! Now the government wants to introduce a national ID, something that is "more controlled" than the SSN. But it too will be easy to obtain and steal in no time as well. Only now, with a national ID, more people will put more of that so-called "faith" it in, so good Americans will have a tougher time proving someone has stolen their identity when it does happen (and it will). And if Microsoft gets Passport behind an "eID," God help us!

Combine this with the CBDTPA/SSSCA, and there's plenty to worry about. The CBDTPA/SSSCA is exactly a pro-Clipper chip mentality! Only it isn't the FBI asking for it, but "Big Media." Heck, I'm surprised no one in "Big Media" is selling the CBDTPA/SSSCA to the government as an "unified solution" for "guaranting copyrights, privacy and law-enforcement" all in one shabang!

Now this researcher has got "all the answers." His solution? Implement an encrypted recording and storage system with key escrow for access. How original! How many times are we going to go in the same damn circle on this???

Re:hmmm

[iamplasma]

Slashdot moderation at work! All you need to do is make a totally content-free paranoid libertarian post, and it's an instant +5.

Do you have the slightest thing to say on topic, or are you just taking any chance to rant? Seriously, I think you need to take off the tin-foil hat for once. Do we oppose phone taps on the grounds that if they really really wanted to, the FBI could tap everyone's phone? No! "Carnivore" is just phone tap for email with a catchy name, nothing more, which for no particular reason has turned into a lightning rod for every paranoid conspiracy out there.

(and just watch me get moderated "-2, Dissenting Opinion" for saying it too)

Not the same.

[Grendel+Drago]

The FBI needs a court order or the permission of one of the two parties involved to get a wiretap. It's not trivial.

Carnivore, on the other hand, listens without permission from the judicial system, without any oversight. There is no balance to this power.

Sure, Carnivore is equivalent to a phone tap for email---a phone tap that the feds can apply to anyone, for any reason, on the merest whim.

I think the tin-foil hats are justified here.

--grendel drago

You know what the big deal is about Carnivore?

[Leven+Valera]

The Internet has become a personal communications medium, with people blissfully chatting away on email, instant messagers, message boards, et cetera. The question is simple: If it was your phone, would you let a machine be installed to listen to all of your conversations without judicial oversight?

No? Well, how about we read all of your mail as a matter of routine.

No again? Why not have someone follow me around and tape all of my meatspace conversations?

Still no? So why are you giving in so easily when it's just the Internet?

Anybody who thinks that this capability won't be abused just has their head in the sand. It's only a matter of time.

LV