Carnivore: A System Admin's Concerns
Pages: 1, 2
Haven't I seen this before?
In fact, it seems to me that Carnivore could be replaced with tcpdump and Perl.
tcpdump is a packet-sniffer, and a standard Unix utility. It can restrict what is captured based on the type of data and its destination. For example, it could store just email and web pages going to a suspect's IP address.
The captured data could then be analyzed with Perl to discard everything but authorized interceptions, say, emails to another suspect or access to specific web pages.
Because it seems so easy to replace Carnivore with these open-source tools, I asked if the FBI would consider open-sourcing Carnivore, arguing that it would alleviate the public's concerns as to Carnivore's capabilities. Barry's face grew a bit dark at that. He maintained that only the FBI should be allowed to use such a program, and that anyone who codes a similar program must be breaking the law. He's obviously not a system administrator.
The FBI's argument about limited storage capacity argument is less than convincing, as is the "slow" Ethernet connection argument. The limited manpower argument carries a bit more weight, but Perl provides an excellent point of contention. However, if the FBI developers have expended this much effort to recreate tcpdump, it makes me wonder if they'd be able to use Perl. Perhaps they'd roll their own there, too, creating OysterEater.
You'll never take my data alive!
So what can privacy-conscious individuals do to prevent the FBI from reading their emails and seeing that they've visited porn sites?
- Encrypt your email with SMIME or PGP.
- Use a service like Anonimizer.com, which hides all web traffic to your desktop by sending encrypted web requests through many of its servers, none of which know where the data ultimately came from.
- Use FreeNet to exchange files.
- Or, more simply, don't commit crimes that will make the FBI take an interest in you.
Special Agent Smith addressed these issues without anyone bringing them up. If Carnivore is easily defeated, is it valuable? It is, he said, because the average criminal isn't all that bright. He cited an example of one suspect whose phone was tapped saying, "You should whisper, the line might be tapped." He also noted that devices used to scramble telephone calls are widely available, but infrequently used.
Although I'm concerned with Carnivore's capabilities, I believe FBI agents truly need it to do their jobs effectively, and would be hard-pressed to find a much better, less-intrusive solution. While Carnivore is potentially more intrusive than wiretaps, the FBI has proven its restraint with them, and has not abused that power. Why should IP wiretaps prove any different?
If it seems I'm being sympathetic to the FBI, please look at system administrators. At their companies, these folks are graced with the power to read anyone's mail that they want, to play with people's private files, and can easily impersonate their company's CEO. They can do this very quietly, so that no one notices. They generally have no security clearance. Few have sworn to uphold their company's ideals. However, very few abuse the power that they've been given, instead using their powers for good.
Massive conspiracy theories aside, why should we believe that FBI agents are any different? They're deeply involved in criminal cases when they deploy Carnivore -- much like a system administrator would be involved with routing out a cracker when deploying tcpdump.
Sure, the capability is there to read their boss's mail, but who has the time?
Mike DeGraw-Bertsch is a security and Unix system administration consultant in the Boston, Mass. area. When he's not at a job, writing, hacking with Perl, or playing with his wireless network, he can usually be found playing goal in ice hockey.
Return to the Linux DevCenter.
You must be logged in to the O'Reilly Network to post a talkback.
Showing messages 1 through 7 of 7.
-
Why stop at selected targets
2001-06-05 10:36:55 ironthorn [Reply | View]
I think most people miss the ultimate and
unavoidable cost of Carnivore. Anything you ever
say in an email at any time will soon if not already be saved for posterity to hold against
you twenty years from now. With email you have
the one thing the Government has lusted after
years, a means to record ALL interaction between
people. By recording all email and voice conversations a warrent my be obtained to open
the records and prosecute for crimes, use as
evidence in divorce proceedings, evictions of
tenents, cival lawsuits, maybe even for things
as petty as reviews twenty years from now when
you are applying for a secure job with a Government institution.
Have you never said something that you wouldn't
want repeated ten years from now? By it's nature
recording ANY even those of the most vile in our
society is wrong. Nabbing a drug dealer by listening in on private conversations is as wrong
as listening to a love triangles juicy gossip.
American justice is founded on the myth that
every person is responsible for thier actions
and can be punished only for actions. Use of
email and voice translate to the punishment for
thinking about an action. Even if a direct order
to commit a crime is given it is still not an
action until the recipient attempts to carry the
order out. It is THEN that both parties have
become part of a crime.
For these two reasons I oppose ANY search of
email that does not deal with nuclear
or biological weapons. Those are only exempted
because the extinction of mankind takes precident
over cival liberties.
The rest I would not exempt because the loss of
liberty that storing email begets IS the extinction of man. If we are to be drone robots
with perfect thoughts then why bother with
biological units. You can easily make a drone
with current computer technology. All people have
something in thier closet. Capturing email will
open everyone's closets and bring all the
skeletons to light without seriously hindering
crime which rarely uses email in the first place.
-
we are upset b'caz
2001-06-04 05:49:07 myimran [Reply | View]
the sysadm can do what you subscribed, but they dont. Normally sysadm are the people, has enough powers to do jobs like that, but they act on a un-written law of ethics, they don't. but FBI can never be trusted in this venue. this is nature, that if you dont have any thing you wanted, that will attract you. so when FBI get the powers they will exploite it.
-
Response to comments
2001-05-30 14:08:11 Mike DeGraw-Bertsch | [Reply | View]
First and foremost, nothing I say will change the minds of anyone wholly convinced that the FBI is spying on them. Second, if you are convinced of
this, use encryption. Use Anonimizer.com. And don't use your phone. Personally, my life isn't interesting enough to watch.
Now, regarding what the FBI needs for authorization. The Electronic Communications Privacy Act (ECPA) of 1986 requires that any law
enforcement agency get a court order to issue a wiretap (which applies to Carnivore) or pen register (which may also apply to Carnviore). It is true that pen registers are rubber-stamped and easy to obtain. However, pen registers are expressly forbidden to capture content--only "the numbers dialed or otherwise transmitted." When applied to computers, pen registers are a hazy field, and more legislation is definitely necessary. But even if the FBI is inclined to abuse pen registeres, they still can not capture the content of peoples' actions online. Further, if the FBI wants to read your email, they must get a court order.
As for key escrow. I offered no support for this in my article, nor would I. In an ideal world, it'd be a good thing for law enforcement agencies to use. However, this is far from an ideal world, and I am very much against it.
By the way, sysadmins can't get you arrested? Maybe not directly, but what's stopping them from sending bomb threats as another user, and making it appear that the user really did it? Even just reading or deleting your emails is a clear violation of civil liberties. If you bank online, a particularly mean admin could capture your keystrokes and steal all of your money. The point is, they don't do this.
-
You're kidding, right?!
2001-05-30 13:37:38 michael_hill [Reply | View]
1. My ISP isn't authorized to carry fully automatic, high rate-of-fire weapons.
2. My ISP cannot, with full authority of the law, bust down my door at 2:17 a.m., force me down on the floor at gunpoint, and confiscate anything in my house that looks remotely computer-related. And not give it back. Ever. Or maybe in pieces, if I'm lucky.
Geez. If those reasons aren't enough to convince you, I'll take thirty seconds of thought and come up with another ten reasons.
Oh, and I speak as a system administrator with over five years of experience, in production environments, at corporations with eleven digits in revenues. While I've had full access to all data on the systems in my control, I've never had a whit of control over anybody's life, or freedoms. *That* is the difference.
-
Ref on FBI integrity
2001-05-29 20:50:24 coldaleannie [Reply | View]
You stated:
"While Carnivore is potentially more intrusive than wiretaps, the FBI has proven its restraint with them, and has not abused that power. Why should IP wiretaps prove any different?"
In fact, the FBI's extreme LACK of restraint is well documented; see in particular Diffie & Landau, "Privacy on the Line: The Politics of Wiretapping and Encryption" (1999). To wit:
"Despite strictures to prevent abuses, the US government has invaded citizens' privacy many times over the last 50 years, in many different political situations, targeting individuals and political groups. Politicians have been wiretapped, and lawyers' confidential conversations with clients have been eavesdropped upon by FBI investigators.
Sometimes invasion of privacy has been government policy; sometimes a breach has occurred because an individual within the government misappropriated collected information. The history of the last five decades shows that attacks on privacy are not an anamoly. When government has the power to invade privacy, abuses occur." (p. 148)
-
The difference
2001-05-29 18:18:53 slapd [Reply | View]
If is that Sysadmins do not have a checkered past of illegal wiretapping (Martin Luther King, John Lennon, JFK) over-reacting (Waco, Ruby Ridge) witchhunts, etc...
Additionally, a SysAdmin cannot arrest you for what you say, take away your Civil Liberties based on what you SAY.
I have little faith that the FBI will stay within their "limits" here. Remeber also, they are doing this with PenRegister rules, *NOT* wiretap rules...
Wiretaps require a Judge to authorize ...
Pen Registers DO NOT require the same level of authorization...
So basically they can look at ANYONE for ANYTHING, not like a wiretap where there is a warrant for what they are permitted to do/listen to/record.
Additionally...
A wiretap only captures a single 2 way conversation... as you know sniffing an ethernet network *will* pick up INNOCENT people's traffic, and we both know they can easilly record/transmit it anywhere if they so choose to do, just incase...
I think this would be like if an Mafia boss has the same phone exchange as you, so the FBI taps the entire exchange's lines "just to be safe"...
Blah blah blah...
Whats next? You gonna suggest we go along with Key Escrow also? Not while I can avoid it (legally or otherwise).
-slapd
This is the same government agency that targeted Martin Luther King as well as people suspected of belonging to communist parties.