Wired: Anti-Attack Feds Push Carnivore
Owen Blacker
owen.blacker at wheel.co.uk
Wed, 12 Sep 2001 12:53:08 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://www.wired.com/news/print/0,1294,46747,00.html
| Anti-Attack Feds Push Carnivore
| By Declan McCullagh <declan@wired.com>
| 2:00 a.m. Sep. 12, 2001 PDT
|
|
| WASHINGTON -- Federal police are reportedly increasing Internet
| surveillance after Tuesday's deadly attacks on the World Trade Center and
| the Pentagon.
|
| Just hours after three airplanes smashed into the buildings in what some
| US legislators have dubbed a second Pearl Harbor, FBI agents began to
| visit Web-based, e-mail firms and network providers, according to
| engineers at those companies who spoke on condition of anonymity.
|
| An administrator at one major network service provider said that FBI
| agents showed up at his workplace on Tuesday "with a couple of
| Carnivores, requesting permission to place them in our core, along with
| offers to actually pay for circuits and costs."
|
| The person declined to say for publication what the provider's response
| was, "but a lot of people" at other firms were quietly going along with
| the FBI's request. "I know that they are getting a lot of 'OKs' because
| they made it a point to mention that they would only be covering our core
| for a few days, while their 'main boxes were being set up at the Tier 1
| carriers' -- scary," the engineer said.
|
| The FBI's controversial Carnivore spy system
| <http://www.epic.org/privacy/carnivore/foia_documents.html>, which has
| been renamed DCS1000, is a specially configured Windows computer designed
| to sit on an Internet provider's network and monitor electronic
| communications. To retrieve the stored data, an agent stops by to pick up
| a removable hard drive with the information that the Carnivore system was
| configured to record.
|
| Microsoft's Hotmail service has also been the target of increased federal
| attention, according to an engineer who works there.
|
| "Hotmail officials have been receiving calls from the San Francisco FBI
| office since mid-(Tuesday) morning and are cooperating with their
| expedited requests for information about a few specific accounts," the
| person said. "Most of the account names start with the word 'Allah' and
| contain messages in Arabic."
|
| By Tuesday evening, nearly 12 hours after the twin attacks that crippled
| Manhattan and left Washington deserted by mid-afternoon, it was unclear
| who was responsible. The Washington Post, citing anonymous government
| sources, reported that former Saudi businessman Osama bin Laden appears
| to be the prime suspect.
|
| In February, US officials claimed
| <http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm> that
| bin Laden had turned to data-hiding steganography software to conceal
| communications with his operatives by means of public websites.
|
| In Washington, use of data-scrambling encryption software is also
| frequently mentioned in conjunction with terrorists. "Uncrackable
| encryption is allowing terrorists Hamas, Hezbollah, al-Qaida and others
| to communicate about their criminal intentions without fear of outside
| intrusion," then-FBI Director Louis Freeh told a Senate panel last year.
| "They're thwarting the efforts of law enforcement to detect, prevent and
| investigate illegal activities."
|
| Those comments, and the prospect of congressional reaction to Tuesday's
| terrorist attacks, have prompted some civil libertarians to fret about
| possible domestic regulation of encryption products.
|
| A few years ago, one House committee approved a bill that would have
| banned any encryption product without a back door entrance for the
| federal government. By Tuesday afternoon, at least one NBC affiliate had
| interviewed defense expert Jim Dunnigan
| <http://www.jim.dunnigan.com/aquickdirty.htm>, who warned that "PGP and
| Internet encryption" would be blamed for the attacks.
|
| "Those of us who value our liberty, even in the face of danger, will need
| to be vigilant in the days to come," says Thomas Leavitt, an online
| activist who co-founded Webcom <http://www.webcom.com/>.
|
| Other civil libertarians say it's a mistake to believe that the US
| government will overreact to Tuesday's disasters. Marc Rotenberg of the
| Electronic Privacy Information Center <http://www.epic.org/> said he
| believes that the better approach is to argue that the US must not allow
| a terrorist attack on our form of open government to succeed.
|
| It's too early to tell whether he's right or not, but by late Tuesday,
| operators of anonymous remailers were already so worried about being
| conduits for terrorist communications -- or being blamed for the
| communications, rightly or wrongly -- that they pulled the plug.
|
| Operator Len Sassaman said in a post to a remailer-operators list: "I
| don't want to get caught in the middle of this. I'm sorry. I'm currently
| unemployed and don't have the resources to defend myself. At this point
| in time, a free-speech argument will not gain much sympathy with the
| Feds, judges and general public."
|
| Remailers forward messages but remove the originating information, so
| that the resulting e-mail is anonymized. They customarily don't keep
| logs, so if the system works as designed, it should be nearly impossible
| for anyone to find who sent the message.
|
| Copyright (c) 1994-2001 Wired Digital Inc. All rights reserved.
| http://hotwired.lycos.com/home/copyright.html
|
| [ends]
- --
Owen Blacker
Senior Software Developer / InfoSec Consultant Wheel: Clerkenwell
See http://www.owens-place.org.uk/pgp.html -- more about my PGP keys
Sig 0x3e2056b9 | 18cd 92aa 32aa 81b9 f5e8 c520 6475 6239 3e20 56b9
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
Comment: Due to RIP, pls check for revocation before using this key!
iQA/AwUBO59ME2R1Yjk+IFa5EQKjWgCfb/md+vNwOduhxrpI1UKSu4efYtoAoLm7
quSR01bbAzZAGlPbQfpK/Zur
=/fa4
-----END PGP SIGNATURE-----
_____________________________________________________________________
This message has been checked for all known viruses by UUNET delivered
through the MessageLabs Virus Control Centre. For further information visit
http://www.uk.uu.net/products/security/virus/