CARNAVORE is BACK>>>Only more powerful than ever..watch out...cause they ARE WATCHING YOU!
MIRVman
Why did GOOGLE go to court to Block the FBI from gaining access to our
Internet communications/Searches?
One of the most significant provisions of the Patriot Act (THE ACT)
makes it far easier for the authorities to gain access to records of
citizens' activities being held by a third party.
At a time when computerization is leading to the creation of more and
more such records, Section 215 of the Patriot Act allows the FBI to
force anyone at all - including doctors, libraries, bookstores,
universities, and Internet service providers - to turn over records on
their clients or customers
You may have heard about CARNAVORE (DCS1000), a controversial program
developed by the U.S. Federal Bureau of Investigation (FBI) to give the
agency access to the online/e-mail activities of suspected criminals,
and now the unsuspecting US Citizen.
For many, it is eerily reminiscent of George Orwell's book " 1984"
Just 45 days after the September 11 attacks, with virtually no debate,
Congress passed the USA PATRIOT Act.(ACT) .There are significant flaws
in the Patriot Act, flaws that threaten your fundamental freedoms by
giving the government the power to access to your medical records,
Internet history/archives, tax records, information about the books you
buy or borrow without probable cause, and the power to break into your
home and conduct secret searches without telling you for weeks, months,
or indefinitely.
Although Carnivore was supposedly abandoned by the FBI in favor of
commercially available eavesdropping software by January 2005, the
program that once promised to renew the FBI's specific influence in the
world of computer communications monitoring is nonetheless been
modified and upgraded in the shadow of the ACT, yet remains intriguing
in its structure and application
What exactly was Carnivore? Where did it come from? How did it work?
What was its purpose? In this treatise, you will learn the answers to
these questions and more.
Carnivors Evolution
Omnivore was retired in late 1999 in favor of a more comprehensive
system, the DragonWare Suite, which allowed the FBI to reconstruct
e-mail messages, downloaded files or even Web pages.
DragonWare contained three parts:
Carnivore - A Windows NT/2000-based system that captures the
information.
Packeteer - No official information released, but presumably an
application for reassembling packets into cohesive messages or Web
pages.
Coolminer - No official information released, but presumably an
application for extrapolating and analyzing data found in the messages.
As you can see, officials never released much information about the
DragonWare Suite, nothing about Packeteer and Coolminer and very little
detailed information about Carnivore.
But we do know that Carnivore is basically a packet sniffer, a
technology that is quite common and has been around for a while.
Packet Sniffing
Computer network administrators have used packet sniffers for years to
monitor their networks and perform diagnostic tests or troubleshoot
problems. Essentially, a packet sniffer is a program that can see all
of the information passing over the network.
As data streams back and forth on the network, the program looks at, or
"sniffs," each packet.
Normally, a computer only looks at packets addressed to it and ignores
the rest of the traffic on the network. Today post ACT , when a packet
sniffer is set up on a computer, the sniffer's network interface is set
to promiscuous mode. This means that it is looking at everything that
comes through.
The amount of traffic largely depends on the location of the computer
in the network. A client system out on an isolated branch of the
network sees only a small segment of the network traffic, while the
main domain server sees almost all of it.
A packet sniffer can usually be set up in one of two ways:
Unfiltered - Captures all of the packets
Filtered - Captures only those packets containing specific data
elements.
Packets that contain targeted data are copied as they pass through. The
program stores the copies in memory or on a hard drive, depending on
the program's configuration.
These copies can then be analyzed carefully for specific information or
patterns.
When you connect to the Internet, you are joining a network maintained
by your ISP. The ISP's network communicates with other networks
maintained by other ISPs to form the foundation of the Internet.
A packet sniffer located at one of the servers of your ISP would
potentially be able to monitor all of your online activities, such as:
Which Web sites you visit
What you look at on the site
Whom you send e-mail to
What's in the e-mail you send
What you download from a site
What streaming events you use, such as audio, video and Internet
telephony.
Who visits your site (if you have a Web site).
In fact, many ISPs use packet sniffers as diagnostic tools. Also, a lot
of ISPs maintain copies of data, such as e-mail, as part of their
back-up systems.
Carnivore and its sister programs ARE a controversial step forward for
the FBI, but they were not new technology.
The Process
Now that you know a bit about what Carnivore was, let's take a look at
how it worked:
Before the Patriot ACT of 2001, if the FBI had a reasonable suspicion
that someone was engaged in criminal activities they would request a
court order to view the suspects online activity
A court would then grant the request for a full content-wiretap of
e-mail traffic only and issued an order.
A term used in telephone surveillance, "content-wiretap" means that
everything in the packet can be captured and used. The other type of
wiretap is a trap-and-trace, which means that the FBI can only capture
the destination information, such as the e-mail account of a message
being sent out or the Web-site address that the suspect is visiting.
A reverse form of trap-and-trace, called pen-register, tracks where
e-mail to the suspect is coming from or where visits to a suspects Web
site originate.
The FBI contacts the suspects ISP and requests a copy of the back-up
files of the suspects activity.
The ISP does not maintain customer-activity data as part of its
back-up.
The FBI sets up a Carnivore computer at the ISP to monitor the suspects
activity.
Attorney General Ashcroft has gone to great lengths to keep secret even
the most basic information about the FBI's spying. For example, in
answering questions posed by the House Judiciary Committee, he
classified information that should not have been classified, including
information that would have shown how often the FBI is spying on people
based on their exercise of First Amendment rights.
The Patriot Act sniffer computer ( A DCS1000 version) probably consists
of:
A Pentium VI Windows NT/2006 6+GB system with 1024 megabytes (MB) of
RAM.
A commercial advanced communications software application.
A custom C++ application that works in conjunction with the commercial
program above to provide the packet sniffing and filtering.
A type of physical lockout system that requires a special passcode to
access the computer (This keeps anyone but the FBI from physically
accessing the Carnivore system.)
A network isolation device that makes the Carnivore system invisible to
anything else on the network (This prevents anyone from hacking into
the system from another computer.)
A 25-gigabyte (GB) Iomega Jaz drive for storing the captured data (The
Jaz drive uses 25-GB removable cartridges that can be swapped out as
easily as a floppy disk.)
The FBI used to configure the Carnivore software with the IP address of
the citizen(s) so that Carnivore would only capture packets from these
particular location's . And rather than ignoring all other packets as
Carnavore did, this Latest Patriot Act model SNIFF's them all!
Carnivore copied all of the packets from the suspects system without
impeding the flow of the network traffic.
Once the copies are made, they go through a filter that only keeps the
e-mail packets. The program determines what the packets contain based
on the protocol of the packet. For example, all e-mail packets use the
Simple Mail Transfer Protocol (SMTP).
The e-mail packets are saved to the Jaz cartridge.
Once every day or two, an FBI agent would visit the ISP and swaps out
the Jaz cartridge. The agent takes the retrieved cartridge and puts it
in a container that is dated and sealed. If the seal is broken, the
person breaking it must sign, date and reseal it -- otherwise, the
cartridge can be considered "compromised."
Before the Patriot Act, the surveillance could not continue for more
than a month without an extension from the court. Once complete, the
FBI removed the system from the ISP.
The captured data is processed using Packeteer and Coolminer.
If the results provide enough evidence, the FBI can use them as part of
a case against the suspect.
Prey of the Carnivore
The FBI plan's used Carnivore for specific reasons. Particularly, the
agency would have had to request a court order to use Carnivore when a
person was suspected of:
Terrorism
Child pornography/exploitation
Espionage
Information warfare
Fraud
There are some key issues that caused a great deal of concern from
various sources, before the Patriot Act.
Privacy - Many folks viewed Carnivore as a severe violation of privacy.
While the potential for abuse was certainly there, the Electronic
Communications Privacy Act (ECPA) used to provide legal protection of
privacy for all types of electronic communication's was all set aside
in 2001....
It used to be, any type of electronics surveillance required a court
order and must show probable cause that the suspect is engaged in
criminal activities. Therefore, use of Carnivore in any way, prior to
the 2001 ACT, that did not adhere to ECPA was illegal and could be
considered unconstitutional.
Gee whats the fuss now? Our constitutional rights are now in perpetual
peril !
Regulation - Prior to the ACT, there was a widespread belief that
Carnivore was a huge system that could allow the U.S. government to
seize control of the Internet and regulate its use, with our current
computing technology, that is a true fact !(Redundancy aside! )
100's of Millions of dollars have been spent to create an amazing
infrastructure- -- the FBI is placing Post ACT Carnivore systems at
every ISP, including private, commercial, organizations and
educational.
While it is theoretically possible to do so for all of the ISPs
operating in the United States, they still have not figured out a way
to regulate those operating outside of U.S. jurisdiction.
Any such move would have also faced serious opposition from every
direction.
Free speech - The NEW Carnivore monitor's all of the content flowing
through an ISP, looking for certain keywords such as "bomb" or
"assassination."
Any packet sniffer can be set to look for certain patterns of
characters or data. Before the ACT, without probable cause, the FBI had
no justification to monitor your online activity and would have been in
severe violation of ECPA and your constitutional right to free speech
if it did so.
Echelon - This is a secret network rumored to be already employed by
the National Security Agency (NSA), supposedly designed to detect and
capture packets crossing international borders that contain certain
keywords, such as "bomb" or "assassination."
It can be acknowledged that the International outcry would be so severe
at least justifying the secrecy of Echelon . There is no solid evidence
to support the existence of Echelon. Many people could confuse this
system with the Carnivore system-but they are actually two different
commonities!
Prior to the ACT, all of these concerns made the implementation of
Carnivore an uphill battle for the FBI. The FBI refused to disclose the
source code and certain other pieces of technical information about
Carnivore, which only added to people's concerns.
Safe and Free: There has never been a more urgent need to preserve
fundamental privacy protections and our system of checks and balances
than the need we face today, as illegal government spying, provisions
of the USA PATRIOT Act and government-sponsored invasions transcend the
bounds of law and our most treasured values in the name of national
security.
MIRVman