Who Let the Carnivores Out?
Imagine this scenario. At your local post office, investigators are busily opening and glancing at the contents of every first-class letter, resulting in significant delays for postal patrons. When asked why they're doing this, the investigators affirm that they have a legally valid warrant to read the mail of an individual who's under criminal investigation. Sure, they're opening everyone's mail, but they're only reading the mail involving the investigation's target. Would you believe them?
To the extent that such an investigation would involve first-class snail mail, it would be highly illegal under U.S. law (and, indeed that of most countries)--and rightfully so. An abundance of experience worldwide proves that citizens are all but bound to suffer political persecution and loss of liberty when their governments willfully monitor the activities of law-abiding citizens (Banisar 1995). However, such monitoring isn't so clearly illegal in cyberspace, where the letters in question are conveyed via e-mail.
Alarmingly, the post office scenario accurately describes what the U.S. Federal Bureau of Investigation (FBI) could be doing with its notorious Carnivore system. This system--essentially a dedicated PC running specially designed software--is installed on the premises of Internet service providers (ISP) when investigators have obtained a legal warrant to scrutinize e-mail and other electronic communications that pass through the ISP's computers. In this article, you'll learn why Carnivore poses a far more dangerous threat to law-abiding citizens than it does to criminals, and why should you start encrypting all of your electronic communications, if you haven't already.
Carnivore (Graham 2000, FBI 2000) derives its name from its voracious appetite; it "chews" all the e-mail messages routed through an ISP to which it is connected, even though--according to the FBI--it only "eats" the mail of those who are legally targeted (by means of a warrant) for an investigation. The result slows down mail servers to the point that at least one major ISP, EarthLink, has refused to cooperate with a Carnivore installation (Hayes 2000). The broader issue, of course, is whether the system provides investigators with too much power to intercept the e-mail conversations of private, law-abiding individuals who are not the target of an investigation.
According to the FBI's critics, such conversations are already intercepted far too frequently; the American Civil Liberties Union (ACLU) charted in Congressional testimony that nearly two million innocent conversations per year are illegally intercepted by law enforcement wiretaps (ACLU 1995). Reacting to the increasing threat of terrorist activity within the U.S., judges are approving significantly more wiretaps; the total number of approved wiretaps annually grew by 38 percent from 1994 to 1998 (Willing 1998). Worldwide, government use of legal and illegal wiretapping is exploding and is often used to monitor the activities of human rights groups, labor unions and political dissenters instead of fighting crime (Banisar 1995). Despite repeated assurances to the contrary, U.S. investigative agencies are known to have used illegal wiretaps and other surveillance measures to monitor law-abiding citizens who espouse political beliefs with which the government disagrees, sometimes ruining their lives in the process.
At the core of concerns about systems such as Carnivore is that they routinely monitors a "great deal of Internet traffic", including the communications of "users who are not targeted for surveillance and not named in any court authorization" (Electronic Privacy Information Center 2000). An independent review of the Carnivore system noted it is "capable of broad sweeps", and that, improperly configured, it can "record all traffic it monitors" (Bellovin et al., 2000).
If you tend to get paranoid over such things, don't worry too much about Carnivore tracking your e-mail--at least, not yet. Carnivore isn't a massive, nationwide monitoring system; only some 20 Carnivore systems are believed to be in existence, and they are not permanently installed. According to the FBI, the longest Carnivore installation lasted 45 days. The FBI claims that the system has been used only a few dozen times to monitor terrorists, hackers and drug traffickers. But there's every reason to suspect that use of Carnivore-like systems will grow by leaps and bounds, perhaps to the point, years or decades down the road, that virtually all e-mail will be routinely scrutinized. Will basic Constitutional guarantees against reasonable search and seizure be protected?
|Dynamic DNS—an Object Lesson in Problem Solving||May 21, 2013|
|Using Salt Stack and Vagrant for Drupal Development||May 20, 2013|
|Making Linux and Android Get Along (It's Not as Hard as It Sounds)||May 16, 2013|
|Drupal Is a Framework: Why Everyone Needs to Understand This||May 15, 2013|
|Home, My Backup Data Center||May 13, 2013|
|Non-Linux FOSS: Seashore||May 10, 2013|
- Dynamic DNS—an Object Lesson in Problem Solving
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Using Salt Stack and Vagrant for Drupal Development
- New Products
- A Topic for Discussion - Open Source Feature-Richness?
- Drupal Is a Framework: Why Everyone Needs to Understand This
- Validate an E-Mail Address with PHP, the Right Way
- RSS Feeds
- Readers' Choice Awards
- Tech Tip: Really Simple HTTP Server with Python
- BASH script to log IPs on public web server
1 hour 14 min ago
4 hours 50 min ago
- Reply to comment | Linux Journal
5 hours 22 min ago
- All the articles you talked
7 hours 46 min ago
- All the articles you talked
7 hours 49 min ago
- All the articles you talked
7 hours 50 min ago
12 hours 15 min ago
- Keeping track of IP address
14 hours 6 min ago
- Roll your own dynamic dns
19 hours 19 min ago
- Please correct the URL for Salt Stack's web site
22 hours 31 min ago
Enter to Win an Adafruit Pi Cobbler Breakout Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Pi Cobbler Breakout Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- 5-21-13, Prototyping Pi Plate Kit: Philip Kirby
- Next winner announced on 5-27-13!
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?