Manage updates with the Download App
January 30, 2007 4:00 AM PST
FBI turns to broad new wiretap method
- Related Stories
-
Net wiretapping plans under fire
December 19, 2005 -
Carnivore redux
January 31, 2005 -
Feds back wiretap rules for Internet
August 4, 2004 -
FBI wants to eavesdrop on fiber links
August 3, 2004 -
Feds step up push to wiretap VoIP calls
February 11, 2004 -
FBI targets Net phoning
July 29, 2003 -
FBI wants Carnivore powers for phone taps
November 21, 2001 -
FBI takes the teeth out of Carnivore's name
February 9, 2001 -
New documents shed more light on FBI's "Carnivore"
November 16, 2000
The FBI appears to have adopted an invasive Internet surveillance technique that collects far more data on innocent Americans than previously has been disclosed. Instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling the activities of thousands of Internet users at a time into massive databases, according to current and former officials. That database can subsequently be queried for names, e-mail addresses or keywords.
Such a technique is broader and potentially more intrusive than the FBI's Carnivore surveillance system, later renamed DCS1000. It raises concerns similar to those stirred by widespread Internet monitoring that the National Security Agency is said to have done, according to documents that have surfaced in one federal lawsuit, and may stretch the bounds of what's legally permissible.
Call it the vacuum-cleaner approach. It's employed when police have obtained a court order and an Internet service provider can't "isolate the particular person or IP address" because of technical constraints, says Paul Ohm, a former trial attorney at the Justice Department's Computer Crime and Intellectual Property Section. (An Internet Protocol address is a series of digits that can identify an individual computer.)
That kind of full-pipe surveillance can record all Internet traffic, including Web browsing--or, optionally, only certain subsets such as all e-mail messages flowing through the network. Interception typically takes place inside an Internet provider's network at the junction point of a router or network switch.
The technique came to light at the Search & Seizure in the Digital Age symposium held at Stanford University's law school on Friday. Ohm, who is now a law professor at the University of Colorado at Boulder, and Richard Downing, a CCIPS assistant deputy chief, discussed it during the symposium.
In a telephone conversation afterward, Ohm said that full-pipe recording has become federal agents' default method for Internet surveillance. "You collect wherever you can on the (network) segment," he said. "If it happens to be the segment that has a lot of IP addresses, you don't throw away the other IP addresses. You do that after the fact."
DOJ takes issue with wiretapping story
spokesman responds
to CNET News.com report.
"You intercept first and you use whatever filtering, data mining to get at the information about the person you're trying to monitor," he added.
On Monday, a Justice Department representative would not immediately answer questions about this kind of surveillance technique. (Late Tuesday, the Justice Department responded with a statement taking issue with this description of the FBI's surveillance practices.)
"What they're doing is even worse than Carnivore," said Kevin Bankston, a staff attorney at the Electronic Frontier Foundation who attended the Stanford event. "What they're doing is intercepting everyone and then choosing their targets."
When the FBI announced two years ago it had abandoned Carnivore, news reports said that the bureau would increasingly rely on Internet providers to conduct the surveillance and reimburse them for costs. While Carnivore was the subject of congressional scrutiny and outside audits, the FBI's current Internet eavesdropping techniques have received little attention.
Carnivore apparently did not perform full-pipe recording. A technical report (PDF: "Independent Technical Review of the Carnivore System") from December 2000 prepared for the Justice Department said that Carnivore "accumulates no data other than that which passes its filters" and that it saves packets "for later analysis only after they are positively linked by the filter settings to a target."
See more CNET content tagged:
Carnivore, surveillance, Internet provider, IP, IP address
139 comments
Join the conversation! Add your comment
Not surpised that this is happening, and it is a wonderful means to have control over all aspects of life...
Not surpised that this is happening, and it is a wonderful means to have control over all aspects of life...
Only a few steps before the government subjects the population to an UFIA.
~Mr. Network
Only a few steps before the government subjects the population to an UFIA.
~Mr. Network
It?s the fed?s they get lots of free money so they can afford to build large and
Fast search systems.
Just start off by doing a keywords search that's easy.
Now after you found keywords you then can perform a contextual search.
Where by reading the entire content of a message where the keyword came from you can see if the message is evil or good.
You can even buy this type of software yourself; this is just one of the many companies that sell this type of software.
<a class="jive-link-external" href="http://www.zyn.com/flcfw/fwtproj/perilog-ames.html" target="_newWindow">http://www.zyn.com/flcfw/fwtproj/perilog-ames.html</a>
Than way automatically you can with a computer tell the difference between.
Let?s say your message software is scanning in the gigs of messages and it sees.
The keyword, ?bomb? it tags that message stuff it in different database for more research.
Now completely under computer controls it looks at the messages in this detail search database.
The contextual search then reads this database and sees.
Message 1) from: juicee.moo@quake.com
Jan 10, 2007 10.00 am
From Ip 532.234.356
Traceroute information:
Body of message;
This party was a bomb.
End of message
Message 2) from: al-ki-da@aol.com
Jan 11, 2007 1:00 pm
From ip. 764.434.643
Trace route information:
Body of message;
After the party starts we detonate the bomb.
End of message:
Which message is more evil? The software can tell.
And if the above is true, then why the h_ll does the FBI need such intrusive methods to spy on all our e-mail traffic (mostly from innocent citizens), since a more likely terrorist message would be, "tell Mom that I will pick her up at 11:00 pm?" which, of course, would likely not alert anyone?
It?s the fed?s they get lots of free money so they can afford to build large and
Fast search systems.
Just start off by doing a keywords search that's easy.
Now after you found keywords you then can perform a contextual search.
Where by reading the entire content of a message where the keyword came from you can see if the message is evil or good.
You can even buy this type of software yourself; this is just one of the many companies that sell this type of software.
<a class="jive-link-external" href="http://www.zyn.com/flcfw/fwtproj/perilog-ames.html" target="_newWindow">http://www.zyn.com/flcfw/fwtproj/perilog-ames.html</a>
Than way automatically you can with a computer tell the difference between.
Let?s say your message software is scanning in the gigs of messages and it sees.
The keyword, ?bomb? it tags that message stuff it in different database for more research.
Now completely under computer controls it looks at the messages in this detail search database.
The contextual search then reads this database and sees.
Message 1) from: juicee.moo@quake.com
Jan 10, 2007 10.00 am
From Ip 532.234.356
Traceroute information:
Body of message;
This party was a bomb.
End of message
Message 2) from: al-ki-da@aol.com
Jan 11, 2007 1:00 pm
From ip. 764.434.643
Trace route information:
Body of message;
After the party starts we detonate the bomb.
End of message:
Which message is more evil? The software can tell.
And if the above is true, then why the h_ll does the FBI need such intrusive methods to spy on all our e-mail traffic (mostly from innocent citizens), since a more likely terrorist message would be, "tell Mom that I will pick her up at 11:00 pm?" which, of course, would likely not alert anyone?
Michael
Michael
approach for safeguarding opportunities to
perform their jobs. My ONLY possible gripe
might be if a function of the programming
causes the waste of my time or the use of
my computer's functions in any way. In a
case like that, then whichever controlling
party, (not at all just our security agencies),
but, perhaps we ought to be concerned about the
ways that big business can cause us to loose the
use of computer functions or residual printer
cartridge ink (if, for example, we are not buying
enough ink cartridges to offset the losses in the
sale of the printer if that were the case).
I feel that the folks in our security agencies
are really as ethical as can be. They do not at
all have anything to gain by not being as ethical
as can be. The frustrations which I sometimes
have, instead, are always with large firms which
change the way that my computer or printer works.
These changes are NOT seamless, and are very very
disruptive in my offices.
Thank you for considering my email.
Dan.
Just another step down the path to dictatorship.
What I find REALLY odd, is that all of the people out here whining and complaining have essentially signed an agreement to let their ISP store and monitor any of their traffic. But when the FBI, working in our intereste, gets a court order(check/balance for our interests) to obtain data for an investigation, people suddenly become paranoid and accuse the government of being abusive.
The anti-government comments here really make zero sense. Basically, people are saying... "I trust all my data to my ISP and whomever they choose to hire." While at the same time they seem to be saying "I don't trust my data to the FBI, who is working to protect me, even after a court reviews their request and agrees that it doesn't violate my rights or present unnecessary harm."
Some people really have this situation layed out completely backwards. It is your ISP you should be frightened of. They'll hire ANYBODY. Consider how many hackers would find it adventageous to work for an ISP. ISPs don't need court orders to research your activities. You've thrown all your information into the hands of the unknown, while you sit around and complain that national defense and crime fighting efforts using the same information are abusive. When will people grow up?
Now after saying this, I am sure the Canadian government has a very similar approach, but we just don't hear about it. One thing I can say about you Americans, is that eventually you do get the news,something I can't say we Canadians get. Thank you for allowing me to voice my opinion.
approach for safeguarding opportunities to
perform their jobs. My ONLY possible gripe
might be if a function of the programming
causes the waste of my time or the use of
my computer's functions in any way. In a
case like that, then whichever controlling
party, (not at all just our security agencies),
but, perhaps we ought to be concerned about the
ways that big business can cause us to loose the
use of computer functions or residual printer
cartridge ink (if, for example, we are not buying
enough ink cartridges to offset the losses in the
sale of the printer if that were the case).
I feel that the folks in our security agencies
are really as ethical as can be. They do not at
all have anything to gain by not being as ethical
as can be. The frustrations which I sometimes
have, instead, are always with large firms which
change the way that my computer or printer works.
These changes are NOT seamless, and are very very
disruptive in my offices.
Thank you for considering my email.
Dan.
Just another step down the path to dictatorship.
What I find REALLY odd, is that all of the people out here whining and complaining have essentially signed an agreement to let their ISP store and monitor any of their traffic. But when the FBI, working in our intereste, gets a court order(check/balance for our interests) to obtain data for an investigation, people suddenly become paranoid and accuse the government of being abusive.
The anti-government comments here really make zero sense. Basically, people are saying... "I trust all my data to my ISP and whomever they choose to hire." While at the same time they seem to be saying "I don't trust my data to the FBI, who is working to protect me, even after a court reviews their request and agrees that it doesn't violate my rights or present unnecessary harm."
Some people really have this situation layed out completely backwards. It is your ISP you should be frightened of. They'll hire ANYBODY. Consider how many hackers would find it adventageous to work for an ISP. ISPs don't need court orders to research your activities. You've thrown all your information into the hands of the unknown, while you sit around and complain that national defense and crime fighting efforts using the same information are abusive. When will people grow up?
Now after saying this, I am sure the Canadian government has a very similar approach, but we just don't hear about it. One thing I can say about you Americans, is that eventually you do get the news,something I can't say we Canadians get. Thank you for allowing me to voice my opinion.
With this new revelation we all need to remember that America is a land OF THE PEOPLE, and if we allow fear to control us we will, in fact, be putting our Democracy away forever.
We must stand up for our rights or we will no longer have any.
Robin Szczepaniak
United States considering the Democrats now have control of both
the house and senate.
But then again, fools will be fools. Let me give you a tip. Go spend
a month in a country that really is a totalitarian regime. If you
survive, you may gain some wisdom.
With this new revelation we all need to remember that America is a land OF THE PEOPLE, and if we allow fear to control us we will, in fact, be putting our Democracy away forever.
We must stand up for our rights or we will no longer have any.
Robin Szczepaniak
United States considering the Democrats now have control of both
the house and senate.
But then again, fools will be fools. Let me give you a tip. Go spend
a month in a country that really is a totalitarian regime. If you
survive, you may gain some wisdom.
Stop being philosophical about how our "rights" are bing violated and think about how many people have been stopped from hurting the US through the FBI's wiretapping.
If you've got nothing to hide, you shouldn't be worried.
while. Essentially you are equating the desire for privacy with
unlawful acts. You are a fool.
Ruby Ridge, Waco, OKC, TWA 800, WTC.... how many lies does it take?
I?m down with the Constitution, and would die for it, however the executive and its agencies will do whatever they want, in the name of protecting America. Its only when things like this are exposed is when public debate decides it a good or bad thing.
But beside the obvious, that is allowing this to happen allows abuse and illegal behaviour in the name of protection.
There is a reason why the government is not allowed to search and seize without court oversight
It is so that corrupt police or politicians can't spy on those that would help bring them to justice.. for instance a reporter who that reveals the FBI is spying on everyone via internet service providers.
But it seems to me that people here would rather live in a communist state than have freedom of movement or to be free of search and seizures without court oversight.
When I have to report to the government when I travel by air.. when I have to allow the government listen in on my calls to family overseas.. when I have to allow the government to spy on my internet activity.. when I see people randomly gathered up in foreign countries, stuck in a prison in Cuba, tortured into confessing whatever their inquisitors demand, have their right to demand the reasons for their imprisonment taken away, to have their rights under the geneva conventions taken away (as well as the right to reveal such violations in court made illegal).. when the very soul of what created this nation is tarnished by greedy, scum buckets that use a terrorist attack to enrich themselves and their friends.. creating a communist state in order to protect themselves and hide their illegal behaviour.. I find it disturbing that people say things like
"if you've got nothing to hide then you shouldn't care if we blatently violate the constitution"
But, because the government is doing it, it makes it ok? But if Sony music monitors you, "It's violating my rights" you say.
"But we did it to help better serve our customers" Sony music will say. "But it's violating my right to privacy!" you will reply.
But hey, if you've got nothing to hide, then stop whining.
See <a class="jive-link-external" href="http://www.cbc.ca/news/background/arar/" target="_newWindow">http://www.cbc.ca/news/background/arar/</a>
Stop being philosophical about how our "rights" are bing violated and think about how many people have been stopped from hurting the US through the FBI's wiretapping.
If you've got nothing to hide, you shouldn't be worried.
while. Essentially you are equating the desire for privacy with
unlawful acts. You are a fool.
Ruby Ridge, Waco, OKC, TWA 800, WTC.... how many lies does it take?
I?m down with the Constitution, and would die for it, however the executive and its agencies will do whatever they want, in the name of protecting America. Its only when things like this are exposed is when public debate decides it a good or bad thing.
But beside the obvious, that is allowing this to happen allows abuse and illegal behaviour in the name of protection.
There is a reason why the government is not allowed to search and seize without court oversight
It is so that corrupt police or politicians can't spy on those that would help bring them to justice.. for instance a reporter who that reveals the FBI is spying on everyone via internet service providers.
But it seems to me that people here would rather live in a communist state than have freedom of movement or to be free of search and seizures without court oversight.
When I have to report to the government when I travel by air.. when I have to allow the government listen in on my calls to family overseas.. when I have to allow the government to spy on my internet activity.. when I see people randomly gathered up in foreign countries, stuck in a prison in Cuba, tortured into confessing whatever their inquisitors demand, have their right to demand the reasons for their imprisonment taken away, to have their rights under the geneva conventions taken away (as well as the right to reveal such violations in court made illegal).. when the very soul of what created this nation is tarnished by greedy, scum buckets that use a terrorist attack to enrich themselves and their friends.. creating a communist state in order to protect themselves and hide their illegal behaviour.. I find it disturbing that people say things like
"if you've got nothing to hide then you shouldn't care if we blatently violate the constitution"
But, because the government is doing it, it makes it ok? But if Sony music monitors you, "It's violating my rights" you say.
"But we did it to help better serve our customers" Sony music will say. "But it's violating my right to privacy!" you will reply.
But hey, if you've got nothing to hide, then stop whining.
See <a class="jive-link-external" href="http://www.cbc.ca/news/background/arar/" target="_newWindow">http://www.cbc.ca/news/background/arar/</a>
In this day and age never say never. No system is 100% hack proof. Because the fact that they intercept ALL communications on the internet, they could have people's confidential financial information and once they're hacked, all that info will be compromised.
Even though they haven't been hacked yet, you cannot say it never will happen.
In this day and age never say never. No system is 100% hack proof. Because the fact that they intercept ALL communications on the internet, they could have people's confidential financial information and once they're hacked, all that info will be compromised.
Even though they haven't been hacked yet, you cannot say it never will happen.