You are here
Announcements
Recent blog posts
- Male Sex Trade Worker
- Communities resisting UK company's open pit coal mine
- THE ANARCHIC PLANET
- The Future Is Anarchy
- The Implosion Of Capitalism And The Nation-State
- Anarchy as the true reality
- Globalization of Anarchism (Anti-Capital)
- Making Music as Social Action: The Non-Profit Paradigm
- May the year 2007 be the beginning of the end of capitalism?
- The Future is Ours Anarchic
Carnivore, The Backdoor, The Rogue Agent & The Mishap
November 18, 2001 - 1:10pm -- autonomedia
Anonymous Comrade writes: "http://www.stopcarnivore.org/threeproblems.htm
The Backdoor, the Rogue Agent, and the Mishap:
The Hidden Dangers of Carnivore
Introduction
Most of the discussion about the F.B.I. spy tool
Carnivore has focused on the 4th Amendment. By its
nature, Carnivore violates the 4th Amendment, but many
people have seemed willing to overlook that,
especially in recent weeks, as long as it will make
them safer.
This paper is written for the people who believe the
"4th Amendment argument" is not sufficient to justify
prohibiting Carnivore. Make no mistake, we at
StopCarnivore.org still firmly hold that Carnivore is
in clear and disturbing violation of the 4th
Amendment, but there are clearly those who believe
that is not a good enough reason to prevent its use.
This paper is intended to provide convincing reasons,
beyond the 4th Amendment argument, why Carnivore is a
law enforcement tool that we all should reject.
This paper is also designed to provide a response to
those who say, "If you're not doing anything wrong,
you don't have anything to worry about." The following
are things that affect everyone, innocent people
included.
The three primary dangers of Carnivore to innocent
people can be called the Backdoor problem, the Rogue
Agent problem, and the Mishap problem.
The Backdoor problem
The Backdoor problem is probably the most serious of
the three problems. When installed, Carnivore provides
a very high level of access to the data pipeline which
it monitors. F.B.I. documents and the IIRTI
"independent" study of Carnivore show that the system
can be accessed by a username/password combo. In
IIRTI's own words, "any action taken by the Carnivore
system could have been directed by anyone knowing the
Administrator password. It is impossible to trace the
actions to specific individuals."
There is no question that there are hackers and
computer experts who can break into "secure" computer
networks. The Air Force, the Pentagon, and many other
high-profile government and corporate web servers have
been hacked into in the past. Carnivore provides
hackers, and those that fund them, with a new and very
fruitful target.
Currently, Internet Service Provider (ISPs) take
efforts to maintain the security of their networks
from outside invasion or manipulation. Unfortunately,
Carnivore obviates those security measures, and takes
the data out of the ISP's control. In order to have
the access that it has, Carnivore must, by design,
bypass all of the ISP's security measures, which would
otherwise block such efforts by and outside entity to
spy on the ISP's users. In order to function,
Carnivore must be allowed full access to the data
pipeline. Unfortunately, this opens up a backdoor into
the network, and ISP's are powerless to protect it. If
someone with untoward motives were to gain control of
a Carnivore installation, they would have full,
unrestricted access to all of the data coming through
that particular pipeline.
This means they could do anything from spying on
people, to accessing their computers, to shutting down
websites, company servers, and so on. They could pass
on a computer virus to thousands of people at once, or
just stop e-mail access for thousands of people at
once. They could access identity information, bank
information, credit card information, etc. And all of
this presumably without being detected by the ISP's
security systems.
Very little has been said about how Carnivore could
weaken the security of the Internet, but it is a very
real threat. How long will it be before hackers and
others figure out how to find Carnivore and then hack
into it? It's only a matter of time. Then, all of the
access that we have granted to the F.B.I. will be in
the wrong hands, and it won't be limited to just
accessing one or two accounts, because that's not how
Carnivore is designed. Carnivore is designed to have
total access to the whole data pipeline, and
unfortunately, it isn't designed to be very secure.
We won't belabor the various nightmare scenarios that
could come about due to this flaw in Carnivore, but we
shouldn't need to. The F.B.I. would very much like it
if Carnivore was installed everywhere, giving them
immediate access to all U.S. Internet traffic. But
they have failed to mention how easily that access
could be taken over by people with ill intent, or the
obvious security problems that such a takeover would
raise.
The Rogue Agent problem
One bad apple can spoil the bunch, as they say. As
easy as it would seem to be for hackers and terrorists
to gain access to Carnivore, it is many degrees easier
for a federal agent to do so. The story of Robert
Hannsen, the F.B.I. agent who was spying for the
U.S.S.R. and Russia for so many years, is widely
known. Of course, he operated in the days before
Carnivore existed, and he was stealing secrets the
"old fashioned way": by taking papers and selling
them.
What could a rogue agent do with access to Carnivore?
Basically, anything he or she wanted to. If Carnivore
is scanning a server that hosts a bank, the rogue
agent can access bank files. The rogue agent could
intercept and even alter e-mails or websites, could
commit damaging acts, could commit corporate
espionage, and so on. Instead of having to steal
papers, the rogue agent powered by Carnivore can
simply load the info onto a disk, or even e-mail it to
his or her cohorts, and then cover up his or her
tracks, using Carnivore to do so.
A recent investigation in Michigan uncovered a long
history of abuse by State Troopers of the state Law
Enforcement Investigation Network, a police database.
Officers used the database as a tool to meet women,
settle scores, and torment motorists. It would be
naive to believe that other states don't suffer from
similar misuses of such information—and it would be
equally naive to believe there are no agents in the
federal police forces who would commit similar acts.
One bad apple indeed can spoil the whole barrel, and
if one rogue F.B.I. agent misuses Carnivore to harm or
threaten an innocent person, or as a tool for
industrial or governmental espionage, then it will
spoil the whole benefit of using it in the first
place. With the current design of Carnivore, and the
aims to make its use widespread, it is sensible to
believe that misuse and abuse of the system by
unsavory elements on the "inside" will occur. To what
degree, we don't know- and we may never know, given
the IIRTI's assessment that it is impossible to
discover who has done what with Carnivore.
The Mishap problem
The F.B.I. is well-known for its mishaps, mis-steps,
and questionable tactics, and these are worth noting
as we look at Carnivore as well. As noted above,
Carnivore is placed at a very central part of whatever
network it is installed at, and all the data at that
location flows through it. If something goes wrong in
a carnivore installation, it could interfere with a
substantial portion of the Internet.
Indeed, Carnivore has been at the root of at least one
network mishap already. Back in 1999, the F.B.I.
forced Earthlink to install Carnivore on one of their
network nodes, even after Earthlink went to court to
protest the order. In order to install Carnivore, the
tech people at Earthlink had to install a different
operating system. At a point late in the Carnivore
installation, that portion of their network had
serious problems, and their customer's access was
adversely affected. As a result, Earthlink removed
Carnivore from their system, and negotiated an
arrangement with the F.B.I. that would prohibit future
use of Carnivore on Earthlink's network.
There may be other instances of Carnivore disrupting
service in other installations, but no information has
been released about any of the other cases in which
Carnivore has been used.
This issue becomes particularly relevant in light of
the news that the F.B.I. is seeking to install
Carnivore on the bigger network hubs—introducing the
potential for Carnivore to be scanning hundreds of
thousands of people's data. Or, to disrupt those
people's data, if something in Carnivore interferes
with the network.
Carnivore unfortunately takes ultimate control out of
the hands of Internet Providers, and puts it in the
hands of less technically savvy people, whose primary
motivation is not providing secure Internet
connectivity, but instead is surveillance and
investigation. We at StopCarnivore.org wouldn't be at
all surprised if we come to find out about a number of
instances where Carnivore has caused a disruption in
service or security for the customers of various ISPs.
With a more widespread deployment of Carnivore, such
as the Department of Justice seeks, the likelihood of
such interruptions and problems will increase
substantially.
Conclusion
Carnivore goes too far, and that fact has implications
well beyond the 4th Amendment argument. We say again:
Make no mistake, we at StopCarnivore.org still firmly
hold that Carnivore is in clear and disturbing
violation of the 4th Amendment. For those who don't
feel that the 4th Amendment argument is convincing
enough, then we offer three other significant reasons
why Carnivore is a dangerous and unworthy law
enforcement tool. It goes too far, and in going too
far it weakens the Internet itself, increasing our
vulnerability to cyber-attack, espionage, identity
theft, and accidental disruption of service.
If the F.B.I. insists on tapping the Internet, they
simply need to find a better tool to do it with. They
developed Carnivore with little or no oversight, and
they did a poor job at it, designing a system which
puts the needs of law enforcement ahead of security
concerns, privacy issues, and civil liberties. The
system is simply not workable within the American way
of life, and even those who are willing to discard
their constitutional rights should be able to see its
frightening flaws."
Anonymous Comrade writes: "http://www.stopcarnivore.org/threeproblems.htm
The Backdoor, the Rogue Agent, and the Mishap:
The Hidden Dangers of Carnivore
Introduction
Most of the discussion about the F.B.I. spy tool
Carnivore has focused on the 4th Amendment. By its
nature, Carnivore violates the 4th Amendment, but many
people have seemed willing to overlook that,
especially in recent weeks, as long as it will make
them safer.
This paper is written for the people who believe the
"4th Amendment argument" is not sufficient to justify
prohibiting Carnivore. Make no mistake, we at
StopCarnivore.org still firmly hold that Carnivore is
in clear and disturbing violation of the 4th
Amendment, but there are clearly those who believe
that is not a good enough reason to prevent its use.
This paper is intended to provide convincing reasons,
beyond the 4th Amendment argument, why Carnivore is a
law enforcement tool that we all should reject.
This paper is also designed to provide a response to
those who say, "If you're not doing anything wrong,
you don't have anything to worry about." The following
are things that affect everyone, innocent people
included.
The three primary dangers of Carnivore to innocent
people can be called the Backdoor problem, the Rogue
Agent problem, and the Mishap problem.
The Backdoor problem
The Backdoor problem is probably the most serious of
the three problems. When installed, Carnivore provides
a very high level of access to the data pipeline which
it monitors. F.B.I. documents and the IIRTI
"independent" study of Carnivore show that the system
can be accessed by a username/password combo. In
IIRTI's own words, "any action taken by the Carnivore
system could have been directed by anyone knowing the
Administrator password. It is impossible to trace the
actions to specific individuals."
There is no question that there are hackers and
computer experts who can break into "secure" computer
networks. The Air Force, the Pentagon, and many other
high-profile government and corporate web servers have
been hacked into in the past. Carnivore provides
hackers, and those that fund them, with a new and very
fruitful target.
Currently, Internet Service Provider (ISPs) take
efforts to maintain the security of their networks
from outside invasion or manipulation. Unfortunately,
Carnivore obviates those security measures, and takes
the data out of the ISP's control. In order to have
the access that it has, Carnivore must, by design,
bypass all of the ISP's security measures, which would
otherwise block such efforts by and outside entity to
spy on the ISP's users. In order to function,
Carnivore must be allowed full access to the data
pipeline. Unfortunately, this opens up a backdoor into
the network, and ISP's are powerless to protect it. If
someone with untoward motives were to gain control of
a Carnivore installation, they would have full,
unrestricted access to all of the data coming through
that particular pipeline.
This means they could do anything from spying on
people, to accessing their computers, to shutting down
websites, company servers, and so on. They could pass
on a computer virus to thousands of people at once, or
just stop e-mail access for thousands of people at
once. They could access identity information, bank
information, credit card information, etc. And all of
this presumably without being detected by the ISP's
security systems.
Very little has been said about how Carnivore could
weaken the security of the Internet, but it is a very
real threat. How long will it be before hackers and
others figure out how to find Carnivore and then hack
into it? It's only a matter of time. Then, all of the
access that we have granted to the F.B.I. will be in
the wrong hands, and it won't be limited to just
accessing one or two accounts, because that's not how
Carnivore is designed. Carnivore is designed to have
total access to the whole data pipeline, and
unfortunately, it isn't designed to be very secure.
We won't belabor the various nightmare scenarios that
could come about due to this flaw in Carnivore, but we
shouldn't need to. The F.B.I. would very much like it
if Carnivore was installed everywhere, giving them
immediate access to all U.S. Internet traffic. But
they have failed to mention how easily that access
could be taken over by people with ill intent, or the
obvious security problems that such a takeover would
raise.
The Rogue Agent problem
One bad apple can spoil the bunch, as they say. As
easy as it would seem to be for hackers and terrorists
to gain access to Carnivore, it is many degrees easier
for a federal agent to do so. The story of Robert
Hannsen, the F.B.I. agent who was spying for the
U.S.S.R. and Russia for so many years, is widely
known. Of course, he operated in the days before
Carnivore existed, and he was stealing secrets the
"old fashioned way": by taking papers and selling
them.
What could a rogue agent do with access to Carnivore?
Basically, anything he or she wanted to. If Carnivore
is scanning a server that hosts a bank, the rogue
agent can access bank files. The rogue agent could
intercept and even alter e-mails or websites, could
commit damaging acts, could commit corporate
espionage, and so on. Instead of having to steal
papers, the rogue agent powered by Carnivore can
simply load the info onto a disk, or even e-mail it to
his or her cohorts, and then cover up his or her
tracks, using Carnivore to do so.
A recent investigation in Michigan uncovered a long
history of abuse by State Troopers of the state Law
Enforcement Investigation Network, a police database.
Officers used the database as a tool to meet women,
settle scores, and torment motorists. It would be
naive to believe that other states don't suffer from
similar misuses of such information—and it would be
equally naive to believe there are no agents in the
federal police forces who would commit similar acts.
One bad apple indeed can spoil the whole barrel, and
if one rogue F.B.I. agent misuses Carnivore to harm or
threaten an innocent person, or as a tool for
industrial or governmental espionage, then it will
spoil the whole benefit of using it in the first
place. With the current design of Carnivore, and the
aims to make its use widespread, it is sensible to
believe that misuse and abuse of the system by
unsavory elements on the "inside" will occur. To what
degree, we don't know- and we may never know, given
the IIRTI's assessment that it is impossible to
discover who has done what with Carnivore.
The Mishap problem
The F.B.I. is well-known for its mishaps, mis-steps,
and questionable tactics, and these are worth noting
as we look at Carnivore as well. As noted above,
Carnivore is placed at a very central part of whatever
network it is installed at, and all the data at that
location flows through it. If something goes wrong in
a carnivore installation, it could interfere with a
substantial portion of the Internet.
Indeed, Carnivore has been at the root of at least one
network mishap already. Back in 1999, the F.B.I.
forced Earthlink to install Carnivore on one of their
network nodes, even after Earthlink went to court to
protest the order. In order to install Carnivore, the
tech people at Earthlink had to install a different
operating system. At a point late in the Carnivore
installation, that portion of their network had
serious problems, and their customer's access was
adversely affected. As a result, Earthlink removed
Carnivore from their system, and negotiated an
arrangement with the F.B.I. that would prohibit future
use of Carnivore on Earthlink's network.
There may be other instances of Carnivore disrupting
service in other installations, but no information has
been released about any of the other cases in which
Carnivore has been used.
This issue becomes particularly relevant in light of
the news that the F.B.I. is seeking to install
Carnivore on the bigger network hubs—introducing the
potential for Carnivore to be scanning hundreds of
thousands of people's data. Or, to disrupt those
people's data, if something in Carnivore interferes
with the network.
Carnivore unfortunately takes ultimate control out of
the hands of Internet Providers, and puts it in the
hands of less technically savvy people, whose primary
motivation is not providing secure Internet
connectivity, but instead is surveillance and
investigation. We at StopCarnivore.org wouldn't be at
all surprised if we come to find out about a number of
instances where Carnivore has caused a disruption in
service or security for the customers of various ISPs.
With a more widespread deployment of Carnivore, such
as the Department of Justice seeks, the likelihood of
such interruptions and problems will increase
substantially.
Conclusion
Carnivore goes too far, and that fact has implications
well beyond the 4th Amendment argument. We say again:
Make no mistake, we at StopCarnivore.org still firmly
hold that Carnivore is in clear and disturbing
violation of the 4th Amendment. For those who don't
feel that the 4th Amendment argument is convincing
enough, then we offer three other significant reasons
why Carnivore is a dangerous and unworthy law
enforcement tool. It goes too far, and in going too
far it weakens the Internet itself, increasing our
vulnerability to cyber-attack, espionage, identity
theft, and accidental disruption of service.
If the F.B.I. insists on tapping the Internet, they
simply need to find a better tool to do it with. They
developed Carnivore with little or no oversight, and
they did a poor job at it, designing a system which
puts the needs of law enforcement ahead of security
concerns, privacy issues, and civil liberties. The
system is simply not workable within the American way
of life, and even those who are willing to discard
their constitutional rights should be able to see its
frightening flaws."