Interesting People mailing list archives
IP: more on " I read this article and I can't help wondering." Beyond Carnivore: FBI Eyes Packet Taps
From: David Farber <dave () farber net>
Date: Sun, 21 Oct 2001 16:29:45 -0400
From: "Caspar Bowden" <cb () fipr org> To: <farber () cis upenn edu>Subject: RE: " I read this article and I can't help wondering." Beyond Carnivore: FBI Eyes> >From: Dan Steinberg <synthesis () videotron ca> ... > > Dave, I read this article and I can't help wondering.... > >how on earth do they think they can do this? It might be helpful to refer to some of documents in the analagous proposal in Britain, which can require ISPs in Britain to install permanently connected "black-boxes". These feed into a hub monitoring centre in the MI5 building (equiv FBI Washington HQ). This became law as the RIP Act 2000, but is still being implemented. The law allows the boxes to be remote controlled from the centre, so that the target can be selected without the lawful need to serve a warrant on an ISP. The law can require that the boxe(s) can have access to the entire ISP flow for filtering under a special trawling warrant (RIP S.16(3)) - which over-rides limitations on trawling domestic traffic. There is no limitation to the processing power that can be specified for the box (and ISPs must foot the bill after compensation for the initial deployment) ... > >OK. Now go to the packet level. First of all you can't do all your > >processing locally at each ISP. But it may become efficient if the filtering is distributed, and the protocols reconstructed locally, for shipping back to the monitoring centre for further analysis. The Home Office commissioned a study (now discredited at least in terms of cost) which seemed to recognise that an interface of this kind was needed, rather than just shunting raw packets back - http://www.homeoffice.gov.uk/ripa/techcost.pdf ... > >yes you have to look at *every* packet. And you have > re-assemble all the traffic Yes and it will be done locally, and the packaged reconstructed protocols selected to be of interest will be shipped back. >>... > >etc. You don't know who you are looking for. > > If you did, you woulnd't need the central place to > >track packets. You could just go to an ISP or better stilll > go tap their phone or something traditional. Suppose they want to correlate information from a much wider base of suspects. Once you have a "black-box" apparatus you can use it to obtain "traffic data" (cf. Anti-Terrorism Act) - i.e. email From/To, Websites (pages), Usenet articles, search engine terms etc. That can be got simply if "relevant" for some investigation. Once obtained, there are really no limits to how it can be used for traffic analysis of who you talk to, what you read, and with 3G mobiles where you go. ... > >Do they have > >any idea how many packets are flying about? FBI's point I suspect is that if NSA have a shedload of computers to preserve national security, why should FBI be using a few desktop workstations ? -- Caspar Bowden www.fipr.org Director, Foundation for Information Policy Research Tel: +44(0)20 7354 2333
For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: more on " I read this article and I can't help wondering." Beyond Carnivore: FBI Eyes Packet Taps David Farber (Oct 21)