[Paleopsych] Enterprise Security Today: FBI Ditches Carnivore, Turns to ISPs
Premise Checker
checker at panix.com
Sat Feb 5 11:04:16 UTC 2005
Enterprise Security Today (Online Security): NewsFactor Network -
Security Products/Services - FBI Ditches Carnivore, Turns to ISPs
http://enterprise-security-today.newsfactor.com/secproser/story.xhtml?story_title=FBI-Abandons-Carnivore--Turns-to-ISPs&story_id=29831&category=secproser#story-start
By Elizabeth Millard
January 19, 2005 10:59AM
The Federal Bureau of Investiagtion has stopped using Carnivore, a
controversial software program designed to read online communications
between suspected spies, criminals and terrorists. The bureau instead
is moving toward use of commercial software and ISPs for surveillance.
The [44]Federal Bureau of Investigation has abandoned Carnivore, its
home-grown Internet surveillance technology, in favor of commercial
software, according to bureau oversight reports recently given to
Congress.
Carnivore, also known as DCS-1000, was first designed in 1998 to help
the FBI read online communications between suspected spies, criminals,
and terrorists. Although the cost of creating the system has not been
disclosed, some estimates have put the price between US$6 million and
$15 million.
As disclosed in the report to Congress, the FBI actually used
Carnivore very rarely. The Electronic Information Privacy Center
(EPIC) noted that the agency did not use the system at all during
fiscal years 2002 and 2003, preferring instead to partner with
Internet Service Providers and use commercial software.
Public Private Partnership
Although the recent Congressional report does not include the complete
history of Carnivore use, the FBI clearly has been moving toward using
ISPs in preference to its own custom-built system for some time.
"It's likely that most of the Internet traffic intercepted by the FBI
has been done with the help of ISPs, and it seems to have been that
way for years," Marcia Hofmann, EPIC's staff counsel and director of
the open government project, told NewsFactor.
Because Carnivore is basically a packet sniffer, finding similar tools
in the commercial sector would not be a difficulty. But Hofmann doubts
that the agency is doing very much of the surveillance alone with
commercial software, without the assistance of ISPs.
Hide and Seek
The move from Carnivore toward ISPs does not mark a fundamental shift
in how the FBI gathers its online information; it is merely getting it
from a different source.
But it does change the agency's requirements in terms of reporting and
accountability, and that worries privacy [45]Latest News about privacy
watchdog groups like EPIC.
"When there's no requirement to report on what kind of cooperation
it's getting from the private sector or what kind of software it's
using, it's certainly more difficult to know what the FBI is doing,"
Hofmann said.
When the FBI was using Carnivore, it was required to report on the
number and type of Internet wiretaps it initiated. But no such mandate
is attached to its work with ISPs.
"There's less transparency now," Hofmann added. "And that's a
concern." [end-nfn.gif]
References
44. http://www.fbi.gov/
More information about the paleopsych
mailing list