Carnivore - the FED's new intelligence gathering tool to track us
There is something terribly ominous about this
"Carnivore" of the U.S. Intelligence establishment. There is something
terribly threatening about governments' drift to dominance over every facet of
our daily lives... in our homes, in our business and in or personal affairs.
A short time ago, it was brought to public attention that a building was being
built in the Washington D.C. to "house intelligence surveillance equipment
and operations." The provisions for funds for this building
were "off the budget," or unpublished. That is to say, the U.S.
Government was building one of the largest buildings in the world and one of the
most expensive in secrecy.... information being hidden from the public.
There was no estimate in the reports as to how much the hardware, software and
other equipment would cost!
The FBI's notorious Internet traffic sniffer Carnivore includes a handy,
idiot-proof GUI interface enabling nosey Feds to capture and examine a broad
range of what passes through, from headers alone to full-bore content retrieval,
which is pictured in the Justice Department's final assessment from the IIT
Research Institute and the Illinois Institute of Technology Chicago-Kent College
of Law (IITRI).
The 'IP addresses' field conveniently accepts settings for particular IPs or IP
ranges; and the 'protocols' field accepts settings enabling Feds to choose among
TCP (transmission control protocol), UDP (user datagram protocol) and ICMP
(Internet control message protocol) retrieval, each one separately configurable
for 'full retrieval', 'pen mode' (headers only) and 'off'.
Another option enables Fed-defined text-string inputs to be searched (e.g., say
an e-mail contains the string, "blow up the President's motorcade").
It is not clear whether there is a lockout to prevent text-string scanning when
the device is running in pen mode.
Particular ports for SMTP (simple mail transfer protocol), POP (post office
protocol), HTTP (hyper-text transfer protocol) and FTP (file transfer protocol),
can also be chosen freely with the interface, as can port ranges. The machine
accommodates both DHCP (dynamic host configuration protocol) and RADIUS (remote
authentication dial-in user service) connections, though one
assumes from the layout that the Feds need to know which they're dealing with
ahead of time.
The actual Carnivore box as installed at an ISP lacks a monitor and a keyboard,
which one hopes might discourage bored administrators from mucking about with
it. The data it captures, and its configuration, are dealt with off-site by an
FBI geek operating a control machine linked to the bare-bones box via a
(hopefully secure) telephone link.
Privacy questions remain
As for the chief privacy concern, that Carnivore can easily be misused by
overzealous Feds examining more data than their court orders permit, the IITRI
report offers little in the way of reassurance. Basically, we have to trust the
Feds not to abuse it.
With that sticky issue in mind, the report goes to pains to emphasize the way
responsibility is divided among 'case agents' who try to get the thing
installed, and the geeks who actually operate it.
"Case agents establish the need and justification for the surveillance. A
separate team of technically trained agents installs the equipment and
configures it to restrict collection to that allowed by the court order,"
the report notes.
"In the case of Carnivore, all installations have been performed by the
same small team. Case agents are motivated to solve or prevent crimes, but
technically trained agents are motivated by FBI policy and procedures to ensure
that collection adheres strictly to court orders and will be admissible in court
as evidence."
In other words, the Bureau's geeks are going to provide the primary fail-safe
against abuse, motivated by their natural civic piety and concerns that the
collection of excess information would jeopardise a prosecution. "Potential
criminal prosecution of agents involved in over-collection provide
further....controls protecting against misusing Carnivore," the report
states, but notes that "the statutory suppression remedy available for
illegal interception of other communications in Title III is not expended to
electronic
communications."
So if the Feds were to over-collect using Carnivore, and use what they learned
in the course of a prosecution, the data gathered would not automatically be
thrown out as tainted evidence.
Another serious deficiency in Carnivore's privacy protection is the lack of any
auditing mechanism for supervisors to check up on the actions of field agents.
"Carnivore operators are anonymous to the system," the report says.
"All users are logged in as 'administrator' and no audit trail of actions
is maintained."
So this gives the Feds total deniability in cases where over-collection might be
proven. Not only is the over-collected data useful as evidence against the
victim, there is no way to determine who in the FBI is guilty of violating his
rights. Where no one can be identified as the culprit, the so-called remedies of
civil or criminal action are pure window-dressing and entirely moot.
Very slick, and not at all nice.