[Paleopsych] Enterprise Security Today: FBI Ditches Carnivore, Turns to ISPs

Premise Checker checker at panix.com
Sat Feb 5 11:04:16 UTC 2005 

Enterprise Security Today (Online Security): NewsFactor Network -
Security Products/Services - FBI Ditches Carnivore, Turns to ISPs
http://enterprise-security-today.newsfactor.com/secproser/story.xhtml?story_title=FBI-Abandons-Carnivore--Turns-to-ISPs&story_id=29831&category=secproser#story-start
By Elizabeth Millard
    January 19, 2005 10:59AM

    The Federal Bureau of Investiagtion has stopped using Carnivore, a
    controversial software program designed to read online communications
    between suspected spies, criminals and terrorists. The bureau instead
    is moving toward use of commercial software and ISPs for surveillance.

    The [44]Federal Bureau of Investigation has abandoned Carnivore, its
    home-grown Internet surveillance technology, in favor of commercial
    software, according to bureau oversight reports recently given to
    Congress.

    Carnivore, also known as DCS-1000, was first designed in 1998 to help
    the FBI read online communications between suspected spies, criminals,
    and terrorists. Although the cost of creating the system has not been
    disclosed, some estimates have put the price between US$6 million and
    $15 million.

    As disclosed in the report to Congress, the FBI actually used
    Carnivore very rarely. The Electronic Information Privacy Center
    (EPIC) noted that the agency did not use the system at all during
    fiscal years 2002 and 2003, preferring instead to partner with
    Internet Service Providers and use commercial software.

    Public Private Partnership

    Although the recent Congressional report does not include the complete
    history of Carnivore use, the FBI clearly has been moving toward using
    ISPs in preference to its own custom-built system for some time.

    "It's likely that most of the Internet traffic intercepted by the FBI
    has been done with the help of ISPs, and it seems to have been that
    way for years," Marcia Hofmann, EPIC's staff counsel and director of
    the open government project, told NewsFactor.

    Because Carnivore is basically a packet sniffer, finding similar tools
    in the commercial sector would not be a difficulty. But Hofmann doubts
    that the agency is doing very much of the surveillance alone with
    commercial software, without the assistance of ISPs.

    Hide and Seek

    The move from Carnivore toward ISPs does not mark a fundamental shift
    in how the FBI gathers its online information; it is merely getting it
    from a different source.

    But it does change the agency's requirements in terms of reporting and
    accountability, and that worries privacy [45]Latest News about privacy
    watchdog groups like EPIC.

    "When there's no requirement to report on what kind of cooperation
    it's getting from the private sector or what kind of software it's
    using, it's certainly more difficult to know what the FBI is doing,"
    Hofmann said.

    When the FBI was using Carnivore, it was required to report on the
    number and type of Internet wiretaps it initiated. But no such mandate
    is attached to its work with ISPs.

    "There's less transparency now," Hofmann added. "And that's a
    concern." [end-nfn.gif]

References

   44. http://www.fbi.gov/

More information about the paleopsych mailing list