Slashdot Mirror
FBI Carnivore Screwup Destroys E-Mail Evidence
An Anonymous Coward writes: "The FBI apparently used Carivore in an attempt to collect information on Osama bin Laden't network. Unfortunately they screwed up and collected information on "non-covered targets" (*ahem*, isn't this the sort of thing we weren't supposed to worry about...). Then the FBI tech was "so upset" that he destroyed ALL of the collected email, not only the information that was not covered by the warrant. Here is the SF Gate Story and EPIC's press release."
Here's the original FBI memo: http://www.epic.org/privacy/carnivore/fisa.html
What is a geek to do when he can't rely on his own government to keep secret, accurate, and complete backups of his email!?
Is Carnivore still around? I heard they were tracking gaming websites, particularly those that involve terrorists and counter-terrorists. Counterstrike is not only the number one online game right now, but there are many websites revolving around it. For example, NerdTreeHouse is a huge haven for Counterstrike fans and I heard the FBI requested information from them. I'm not sure what happened.
www.time.com/time/covers/1101020603/memo.html
you've got to read it to believe it.
Attorney General John Ashcroft and FBI Director Robert Mueller were expected to outline high-profile changes Wednesday at the FBI's headquarters, including closer ties to the CIA and an overhaul of the FBI's outdated computer systems.
Does anyone believe for a second that the FBI's computer systems are outdated? Sounds like a spin job to me....
Later watch the FBI try to attribute their missed tip-offs prior to 9/11 to slow computers. They'll have all kinds of "contributing" factors that'll spread the blame out thin enough so no one loses their job.
Samsung took back my unlocked bootloader because Google wants me to rent movies. They're both evil.
FBI Agent 1: We have a problem... Carnivore was doing its thing, but we got caught grabbing stuff we shouldn't!
FBI Agent 2: Hmmm. I know! We claim that some lowly tech in a spat of moral outrage deletes ALL the material as he is so offended that it captured the, uhh, "non-target" mail, but we actually keep all the files and use them as we see fit.
FBI Agent 1: Perfect!
FBI Agent 2: (Takes long drag off cigarette)
"They do not preach that their god will rouse them, a little before the Nuts work loose." Kipling, 'The Sons of Martha'
The guy goofed. What's nice to read is that he was upset about collecting information on innocent Americans, and that he deleted it. I would have been more upset if he did something with the information. Could you imagine the slashdot headline for *that*?
So Carnivore ate its own data? Maybe they should give it a new name. I think Cannibal would work pretty well.
For every post, there is an equal and opposite re-post.
Perhaps this can be a fighting point for us against the carnavore. This proves that they are collecting the wrong stuff. I would have liked for them to find Bin Laden, and the FBI can go through my Akai mailing list and Spam that I recieve if that will catch him, because I don't really do anything personal that isn't encrypted heavily.
I wonder if this will be the evidence that they need to make them stop using it.
Tibbon
tibbon.com
The article actually says that the collected information was not destroyed -- citing an unnamed source. One would wonder with the backups a system like that would (should) have that destroying the evidence would be a lengthy job and may not have been done completely.
The article also notes people who have had their e-mail unintentionally collected are entitled to be informed. Can't wait to see if that happens...
Unfortunately, he must of have forgot the Laden:
/bin/laden
/bin.
rm -rf
We all know he just typed:
rm -rf
They just aren't advertising backups. The memo said that the agent was so upset that she deleted the email. An agent contributed my favorite quote in the article:
A Justice Department official, speaking on condition of anonymity, said Tuesday night that the e-mails were not destroyed. The official did not elaborate or try to reconcile the statement with the memo.
Yeah, I'm sure there are backups. I'm sure the FBI is avoiding confirming that there are records somewhere of emails captured from "non-target" subjects, while trying to cover its ass in re: losing evidence.
Do something about world hunger. Click here
An Anonymous Coward writes: "The FBI apparently used Carivore in an attempt to collect information on Osama bin Laden't network.
Gee, I didn't know Osama was dutch.
To-do List: Receive telemarketing call during a tornado warning. Check.
We only have a surveillance device known as DCS-1000. You civil libertarians are so paranoid. Sheesh.
I'll bet I know how they figured out there was a problem:
[modal window]
Drive C:/ is Full.
[/modal window]
followed quickly with a blue screen of death.
#hmmm.. wots up with these warnings?
/etc/munch.etc /mnt/munchData/*
df -k
/dev/hde2 10 000 000 9 900 000 99% \
/mnt/Carnavor data
#Oh crap! All those emails! This is TOTALLY\
illegal!! I'd better restart that piece of crap..
/etc/rc.d/init.d/munch stop
vi
rm -Rf
/etc/rc.d/init.d/munch start
#whew. Legit again. I'm TOTALLY awsome!
not rm -rf... it runs on NT.. the stuff is probably still in the trash bin, or recycle box, or refuse pile, or Whatever-TF they call it.
That ain't funny! One time, I installed AOL's aim program for linux (back before I knew there was gaim) and gave it a try. Unfortunately it's just a simple tar.gz so I untarred it in my home directory. There was no compilation. It installed everything under /home/alan/usr/local. I decided it sucked (and it does) so I was going to remove it.
/usr
alan@darkstar~$su
root@darkstar:/home/alan#rm -fr
DOH!
Slackware forever. Honestly, what else would you trust when it absolutely positively has to be stable, secure, and easy
Assuming that the emails really were deleted and all the backups were also cleared out, what is to stop them from recovering the data using their forensic data recovery techniques. Comerical teams are amazing at this and I would have to assume the FBI is at least as good. How lost is this data really?
As much as I've been following the War on Terrorism, I'm not sure how high this registers on the Need-To-Coverup basis. I suppose we'll find out if/when the Pentagon issues another Emergency Alert to distract the public from how bad an issue it is...
Seriously, it's a pattern. The U.S. just took out a village by accident? Probably didn't hear much about it because everybody's talking about Tora Bora (ever wonder how everybody knows about that location and yet nobody knows what's been accomplished there?) The U.S. bombs 4 Canadians into smithereens? Two days later, a 13-state warning is issued saying that banking outlets are targetted. (Of course, Ashcroft denies that people should avoid banking that day...) Bush actually had information on the attacks before Sept 11th? Whoops, can't talk about that now, because the BIGGEST TERRORIST WARNING EVER where this time they're targeting the STATUE OF LIBERTY!!!!!
Last time I saw, Statue of Liberty's still standing. But that's okay. It makes me feel better knowing that whenever we start thinking for ourselves, the Pentagon's there to put everything back into perspective...
Got war?
Unless you honestly believe that being made fun of on some website reduces peoples' ability to do work, that *is* a troll.
Consider: If being made fun of online made folks unable to get stuff done, Microsoft's release schedules would slip by years!
Oh, wait...
I'm confused. Your point is that /. users would add 'terrorist-like' tags to the end of thier emails to over fill a parser device that saved all suspect email. Your trying to say that because some people might have done this it's the faults of lamers who trade p0rn?
/. readers do *not* trade files, or engage in warez activity. IRC is the forum for those clowns, slashdot has a fairly high level of 19-28yr. old people in the IT/tech industry, with another segment of 'nerdy' teenagers who are fairly clean. I'm not going to deny that there are some lamers here, but the general populus they are not.
I don't think this argument can hold any weight. I honestly think that the majority of
Before 9/11 carnivore was such an absurd system that it was absurdity. I do not agree to any form of blanket-wiretap, if such a tap existed, I would have my telephone lines encrypted. I do not have anything to hide, BUT they do not have any reason to know that. I severly doubt that anyone who has any respect in this world would dare to put terrorist-like messages in thier emails post 9/11, it's simply not kosher in this era of post-crisis nationalism.
I would guess that carnivore instead accidently collected *all* emails/communications that passed through it, weither they were the target or not. This was not the intended behavor, so they made a big deal about it and tried to cover it up. Typical behavior (I'm not for/against it, I'm just stating this is likley what happeend).
I have no objection to the type of wiretap they imposed against mafiaboy (he could only get one of a set of ip's, they tapped his phone line, very specific packet sniffing), I am against this sort of blanket 'big brother is watching' actions.
Before you reply, I'd like to make it very clear, I am 100% for selective wiretaps with a judges approval. I am not for the ability to bypass the judge, and I am not in any way supportive of the police acting in thier own authority when it comes to extended spying.
I live in a giant bucket.
One would think that they'd have tested the software BEFORE it was installed. That is how it's supposed be done, right?
I wonder why the person that submitted this chose to do this as "Anonymous Coward"
;-)
Help fight continental drift.
I didn't know VB was available for Linux.
I was forced to work for this pervert for a few months . Everyone knew he was bad news, even before he entered a guilty plea for possession of child pornography including photos of infants.
Why are we letting pedophiles write software to catch criminals?
This guy is NO GENIUS! After all, he thought there really were young girls in an IRC chat room called "Dads & Daughters Sex" and he got caught!
Patrick was supposed to be an Internet Expert, yet he didn't even PGP his kiddie porn!
The Walt Disney Company lost $1Billion dollars investing in Patrick Naughton's company (his college roommate and best friend still works for Disney!). Now the FBI lost hard-earned evidence investing in Naughton's technology.
-Disney paid the price for Naughton's stupidity.
The FBI paid the price for Naughton's stupidity.
And THE AMERICAN PUBLIC did, too! By standing still while "pretty boy" Patrick was able to plea bargain by writing crappy software for the FBI, he got out of jail sooner and he's free to endanger more young girls, maybe even your son or daughter!
--
Ask the Ya-Hoot Oracle Anything!
Well, we Jeffersonians are not suprized a bit. Nor are we suprized that the Hamiltonians are suprized either LOL!
Wooly Mammoths and Sally Hemmings indeed!
Eve Fairbanks says I drive a hybrid!LOL
You can't handle the TRUTH!
They were using the GXP series harddisks for more than 8 hours at a time!
Peace. Love. Linux. Head Crash.
Have you read the moderator guidelines? Well, have you, PUNK? (and I want a Karma: Gnarly option)
Not to bash law enforcement, but those among them who aren't completely ignorant of technology often know just enough to be dangerous.
CEE5210S The signal SIGHUP was received.
The best part of this article is the fact that an FBI agent was upset at collecting email that wasn't supposed to be collected.
Whether they have backups, whether they collected the information or not, it points out the fact that individuals in the FBI are concerned about privacy issues as much as many of us are.
"The FBI technical person was apparently so upset
that he destroyed all the e-mail take, including the take on" the suspect, the memo said.
temper temper FBI Guy.
The Justice Department's Office of Intelligence and Policy Review was furious after learning the evidence captured by the e-mail wiretap system was destroyed because of the glitch, the memo states.
temper temper Justice Dept.
Henry Perritt, who led a team authorized by the FBI to review the surveillance system, said he was surprised the technician deleted the e-mails.
Wha? something wrong in the "system"?!
"The collection is supposed to be retained for judicial review," Perritt said. "If an agent simply deleted a whole bunch of files without the court instructing, that's not the way it's supposed to work."
Really? didn't these guys assure us that everything works fine with carnivore? And that we could trust them not to use it improperly?
Now we have hothead FBI techies misdeploying a software package that has the potential to break the laws they are trying to enforce with the help of the "furious" Dept. of Justice to oversee their work?
Somehow I get the feeling I'm gonna be watched by mad men.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
The Washington Post's got a story up too: Article
So close and yet so far from the world's perfect ID number
Amendment IV of the U.S. Constitution: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Notice that the Constitution does not say that illegal searches may be performed as long as any resulting evidence is not used against the persons being illegally searched. It says that it shall not happen. This interception of mail was not just a violation of federal wiretap law, it was a violation of the Bill of Rights. We are supposedly fighting a "war on terrorism" to protect our way of life, but that way of life is rooted in our Constitution. The only way to win the hearts and minds of the rest of the world is to stick to our principles and abide by the highest law of the land which is the U.S. Constitution.
-
Why You Should Use Encryption
You would be suprised how easy it is to get access to the data you transmit over the Internet, and how many people are in a position to easily access it.When you're done with that, consider also reading Is This the America I Love?
Thank you for your attention.
-- Could you use my software consulting serv
And on a related note, do not ever EVER attempt to delete all hidden files with the command:
.*
/root, and you've erased your entire harddrive. I'll leave the reason why as an exercise for the reader.
rm -rf
Login as root and do this in
It's not easy to speak out about what you believe in, but if more people did, the world would be a better place.
-- Could you use my software consulting serv
There, OsamaBin Ladoni wields the Death Jet, a Jet with the power to destroy an entire building.
Will OsamaBin be able to rescue the FBI from the clutches of those Terrorist Privacy Advocate Infidels?!?!? Will Saddam learn that yuppie ex-president Ronald Reagan is his father? Will Arafat appear on the show Friends as rumored? Stay tuned.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
I ran it through the W3C HTML validator and found quite a few problems with the HTML, and have fixed them. The page now validates as HTML 4.01 transitional.
Also I have long had a bad link to a page called "Email Encryption Made Simple", and several people have written in over the last couple years to give me an updated URL, but I never got around to fixing it. Now the link works.
Finally, I urge the use of PGP on the page. But Network Associates no longer supports PGP. I thought it would be helpful to mention GNU Privacy Guard, which is actually what I use these days. I added links to it and will try to elaborate on it in the discussion sometime in the next week or so.
-- Could you use my software consulting serv
All the issues about privacy with the FBI and the likes aside. I'm pretty worried about the fact that someone, even an FBI tech can delete the contents of a sniff.
Sure, there are -probably- back-ups. But then if the tech makes those backups, whats to say he didnt delete them as well?
Personally, it sounds more like a case of someone trying to abuse a tool they have access to (Tech sneeks a look at other peoples emails) and then messing up covering their tracks.
Then he avoids getting attacked by putting a moral spin on it, and comming out a hero. (maybe)
I saw the light at the end of the tunnel... But it was just someone with a flashlight bringing more work.
Hmm... I read this story and thought...
Is this the first time that a piece of software was defended when it did its' job-- but not what they told people-- by claiming "That's a bug, not a feature"?
Then I noticed my tinfoil hat was maladjusted. So I guess they really did goof, Carnivore is just a powerful (if maladjusted) tool for law enforcement, and my fears to the contrary are just their attempts to discredit my typical insights into their foul ways with an insidiously sublte use of their orbital mind control rays.
Do you like Japanese imports?
When privacy stories come up involving the government's right to peek into citizens' lives, there are always some people who state, "If you're not doing anything wrong, then what do you have to worry about?"
Well, this is clearly one thing we should worry about. What happens when the government, which is composed of fallible humans, goofs in its actions and accidentally destroys the citizens' property? Now no one could say that "that wouldn't happen."
I don't make the rules. I just make fun of them.
As a member of the IITRI team that evaluated the Carnivore system, I'd like to point out that the dates of these memos indicate that the mistakes happened while using an earlier version of Carnivore than the one that we evaluated. I'm not trying to downplay the dangers of a device like Carnivore, but simply to point out that the FBI was aware of problems with their device, and was making modifications to it. One of the caveats of the independent review was that our review would only apply to a specific version of Carnivore, as we could not possibly know how changes made after we reviewed it would fix problems, or possibly introduce new ones. The version of the system we reviewed was not baselined until just before the review began.
As a recap of our report, we pointed out that the accuracy of Carnivore collection was highly dependent on the correct setup of the filtering rules. We also pointed out that it was quite easy to make a mistake setting up those rules which would cause an over collection. The memos which were released do not indicate whether the overcollection was due to a filter setup mistake or some other bug that may have existed in a version prior to the one that we tested.
As stated earlier, I am not trying to defend Carnivore, but you must put these documents into context with the time period in which they were produced.
Mike
-- Could you use my software consulting serv
Personally I'd prefer the caps lock key to be illegal rather then the delete key.
And don't do a "Tab"!
Sure thing-- the hungersite has been back up for a few months now. Another good one is Stop the Hunger ...I hit them both every day.
Do something about world hunger. Click here
I can see from your comment and others that many people are reading "unreasonable" as something which is debatable. It is important that people understand the the terms "reason" and "cause" have specific legal meanings and they are synonyms in this context. Saying that NO searches will take place WITHOUT reason is the same as saying that searches will ONLY take place WITH reason, which is exactly what they say in the following clause when they specify that a narrowly defined warrant MUST be issued first and a warrant can ONLY be issued when the evidence shows that a crime has PROBABLY been committed.
I know you weren't trolling. I wish I had replied sooner so that more people might have seen this because it seems that quite a few people are misinterpreting based on "conversational" English. And this is an incredibly important point today judging by the way things have been headed lately.