Carnivore Extinct!

[JAZZMAN]

Article smells of disinformation to me......perhaps they just want the general public to believe
Carnivore is dead......when you consider they never wanted it to become public knowledge anyway, it wouldn't be too far-fetched an idea to "scrap it" publically....
Of course, I speak from a purely paranoid point-of-view....

[©opy®ight]

I was gonna post something the same nature as jazzman, but then again who knows, i also read that the public is 12 years behind the governments technology (anyone agrue with that )

Yes yes it was Dan Brown book, is it true ?

[Juridian]

They say in the article and in this new one that they are simply abandoning that piece of software for a commercial solution.

http://www.securityfocus.com/printable/news/10307

[;TT]

Originally posted here by RoadClosed
Nah Tiger, knowing the government's ability to stay away from Linux or open source, it's probably some program that masks Ethereal's engine but really is Ethereal through a polished interface, and cost 1 million per copy.

Hmm, "the government's ability to stay from Linux or open source"? I, with a friendly smile, suggest that you look into SE Linux [1].

With the passing of the USA patriot act... they no longer needed to use the carnivore system.
The carnivore system still required a court order.... which is just a pain in the ass for them.

I, with a blinding smile, recommend you read over the actual PATRIOT Act legistlation... more specifically about intercepting data [2].


[1] http://www.nsa.gov/selinux/index.cfm
[2] http://thomas.loc.gov/cgi-bin/query/...:H.R.3162.ENR:

[hypronix]

IIRC Carnivore was deployed in "black-boxes" at ISP sites and was capturing the data at those points. For some reason I don't think that court order was required, at least not after the Patriot Act, but it would be largely unfeasible to filter all traffic - if not only in terms of bandwidth but also manpower to scan through false positives etc.

Also, a solution for filtering would be distributing computing... with esotheric things like SETI or Folding even if one was to capture all the incoming traffic for those programs it wouldn't make much sense [say if the network packets were packaged within special, encrypted file blocks]... I know it sounds a bit of a conspiracy theory but it's something we don't really know for a fact.

It's little that we actually do know when it comes to government affairs, in any country. That's kind of the point... problems arise when services that are supposed to protect us from 'enemies' tend to monitor us... kind of like saving me from myself I guess.

[IKnowNot]

I don’t know, maybe it’s me ... but I think the whole point is missed here. This is a political, a personal hot-spot issue and must be approached as such.

If they have abandoned Carnivore ( and it makes sense ) the reasons are ( IMHO ):
a) the publicity ( and resulting outrage )
b ) the costs of defending it in court as reliable and viable
c) the program became outdated
d) they did not need it

As far as:
a) nuff said, Google it
b) If I was an attorney ( Prosecutor ) representing the Feds in court I would much rather defend software that was possibly scrutinized by millions ( open source ) then defend the use of proprietary software developed for the government for a specific purpose. Remember, you have to convince a jury composed of common people, most of which know nothing about legal or technical matters. If they hear from a few experts, contradicted by a few Defense experts, but know the program has had review by millions others, who are they going to believe?

c) Times, computers, software, and standards changed since the program was created. Just think about the changes in SSL, PGP, Java, etc., even HTML ( CSS and XML included ) since Carnivore’s inception. ( look at the dates of last admitted use )

from the link that Juridian provided http://www.securityfocus.com/printable/news/10307

The new documents only enumerate criminal investigations in which the FBI deployed a government-owned surveillance tool, not those in which an ISP used its own equipment to facilitate the spying. Cases involving foreign espionage or international terrorism are also omitted.

Developed by a contractor, Carnivore was a customizable packet sniffer that, in conjunction with other FBI tools, could capture e-mail messages, and reconstruct Web pages exactly as a surveillance target saw them while surfing the Web. FBI agents lugged it with them to ISPs that lacked their own spying capability.

( oh yeah, if the ISP provided the monitoring they now have to defend it’s credibility, even if that monitoring was mandated )


d) Other programs, as MsMittens said could replace it, and more defendable, both economically and politically.

If I, as a Prosecutor, can show that the tools used by the Government ( assuming that is that this is a truly democratic government with public scrutiny ) were reviewed and generally accepted by those who have the knowledge to understand it, and thus approve it, my case is already won, as long as I can show an acceptable reason for using it. ( This then would go into either P.C. ( Probable Cause for such things as a warrant,) or reasonable belief for such things as the Patriot act, or whatever they claim they need .

The monitoring is not bad: only those who have something to hid would care about that ( i.e. criminals, terrorists, etc. )

But it is the potential for misuse of that monitoring that is offensive and reprehensible to all. And therein lies the key.

( Ok, I’m drunk ... nuff said )

How does this relate to the IT person who copies e-mails sent or received by specified employees and forwards it to another manager or employee?
What are the implications here?
Did not the employee review and sign the AUP?
Doesn’t everyone know that the Internet is insecure?

( Note: not touching on the CIA and their motives, etc. )

[MrLinus]

Doesn’t everyone know that the Internet is insecure?

No. Courts use the Common Man Rule of Thumb. And we all know how knowledgeable the Common Man is in regards to computers, let alone the Internet. And it's not a question of insecurity but rather an "expectation of privacy". If you expect something to be kept private because of a "false sense of security" based on a lack of understanding (thank you various companies and their "100% hacker proof" PR), then you expect that your company will not read your email (it's private and YOURS of course -- and I've earned the privilege of surfing pr0n while at work -- so says Joe Common Man).

How does this relate to the IT person who copies e-mails sent or received by specified employees and forwards it to another manager or employee?
What are the implications here?
Did not the employee review and sign the AUP?

It has no implications as far as Carnivore is concerned. Carnivore was more for the tracking of specific activities (terrorism, child porn, etc.. Howstuffworks breaks it down some more. It has little to do with office politics and more to do when people do things illegally (like activities at Enron et al).

Additionally, this was an FBI tool (local issues that abuse federal laws). CIA, IIRC, is more interested in dealing with foreign policy and making it work for the US and NSA is more interested in dealing with threats to the state. To my knowledge, these 3 agencies are not really fond of working together or with anyone else for that matter (paranoia to the extreme, me thinks).

Personally I think they retired it for two reasons:

- didn't work as great as it was envisioned to. I bet they had far too many false positives to deal with. How many child porn cases do you know that were resolved with carnivore? I know there were quite a few rings busted up here with some old fashioned detective work and undercover work. Last time I checked Canada doesn't have a carnivore system.

- in a court of law, the "trustability" of an application can also be based on prevailling view. If it's a sensitive and protected product how does the court know that the product isn't generating these false positives on it's own? Who certified and accredited it?

Oh.. and as I was mucking about today I found Carnivore Personal Edition

Carnivore is a surveillance tool for data networks. At the heart of the project is CarnivorePE, a software application that listens to all Internet traffic (email, web surfing, etc.) on a specific local network. Next, CarnivorePE serves this data stream to interfaces called "clients." These clients are designed to animate, diagnose, or interpret the network traffic in various ways. Use CarnivorePE to run Carnivore clients from your own desktop, or use it to make your own clients.

[RoadClosed]

Carnivore wasn't deployed as little "Black Boxes" they were just your basic everyday Cisco routers. And guess what... you could turn them off and see how long it took for them to call. "Opps sorry, must have blown a circuit breaker." Perhaps that is why it's not worth the money, time, expense, effort, etc over localized specific targeting. There is a lot of shake up in the GOV, maybe some one with some common sense said "what the hell is this thing?" It a black hole of nothing.

The NSA has very specific and strict guidlines restricting it's use on American citizens. Alot of the the division comes from a presidential order signed a long time ago. That frankly is why an overall man responsible for all intellignece is NOT really the greatest idea.

[hypronix]

By "blackboxes" I didn't mean some advanced alien-ware [no pun intended] hardware, but supposedly they were made to be tamper proof in the sense of somebody accessing the logs.

[gore]

Maybe they don't need it anymore because they are busy rubbing their Magic Lamp? Or was it Lantern?