IP: more on FBI 'Carnivore' glitch hurt al Qaeda probe

[David Farber <dfarber () earthlink net>]

-----Original Message-----
From: "Steven M. Bellovin" <smb () research att com>
Date: Thu, 30 May 2002 00:48:37 
To: farber () cis upenn edu
Subject: Re: IP: FBI 'Carnivore' glitch hurt al Qaeda probe

In message <20020529222855.0C036265C9 () admin listbox com>, "David Farber" writes
:
> Seems to they were warned. Djf

Indeed.  See, for example, the "Inside RISKS" column by myself and Matt 
Blaze (http://www.crypto.com/papers/carnivore-risks.html, CACM 10/2000),
where we said:

        First, there is the problem of extracting exactly (no more
        and no less) the intended traffic. Standard network monitoring
        techniques provide only an approximation of what was actually
        sent or received by any particular computer. For wiretaps,
        the results could be quite misleading. If a single packet
        is dropped, repeated, or miscategorized (common occurrences
        in practice), an intercepted message could be dramatically
        misinterpreted. Nor is it always clear ``who said what.''

Much of the attention has been focused on intercepting the wrong
information; this case shows that that can lead directly to failure to
intercept the right people.

For archives see:
http://www.interesting-people.org/archives/interesting-people/