FC: India worries about Carnivore's prowl, warrantless searches

[Declan McCullagh <declan () well com>]

By way of background, an article from last December:

http://timesofindia.indiatimes.com/articleshow.asp?art_id=37906058
"NEW DELHI: The Intelligence Bureau (IB) has prepared a list of new 
keywords that are to be used to intercept mails emanating from IP addresses 
in India. The move comes after investigations have revealed that Mohammad 
alias 'Burger,' who led the Parliament attack, was in constant touch with 
his counterparts in Pakistan as well as within India through email."

---

http://www.ciol.com/content/news/trends/102070401.asp

Privacy at stake: The Carnivore is on the prowl
Guard the frontiers of your enterprise from the brainchild of the FBI, 
Carnivore, an e-mail monitoring device now renamed DCS-1000. Carnivore is 
actually a part of the DragonWare Suite, which allows FBI to reconstruct 
e-mail messages, downloaded files and even WebPages. Read on to find out 
more about the e-mail version of the telephone wiretap.
Webscribes
Thursday, July 04, 2002

[...]

The FBI has named none of the ISPs hit with a Carnivore warrant publicly, 
because the agency keeps such information confidential. But one name is 
known: EarthLink Inc., America's second-largest ISP with more than 4.7 
million subscribers. CBI has come out with an agreement to use Carnivore to 
track criminals in India. In the information Technology Bill that was by 
India, there was a provision, which would have mandated that cyber cafes 
keep detailed records of their users and their user's activities. The 
deputy superintendent of police dropped that, but a provision has been made 
that allows warrant less searches. It's only a matter of time that a system 
like this will be installed on any of the mail server or ISP in India.

Warning alarm for enterprises against the prowl of the carnivore

Given the vast range of activities going on in an enterprise, it should be 
apparent that it is not possible to do business without using monitored 
channels. The prudent businessman assumes every fax, email, phone call, 
etc. is monitored sometime between the moment it leaves the local 
environment and before it arrives at its destination.

Many users encrypt only critical communications, flagging those 
communications as important to anyone looking. If you do not choose to 
encrypt everything, what you do choose to encrypt is very important. 
Encrypting everything with a very weak key is more effective than 
encrypting a few things with a very strong key. If those few things 
indicate potentially valuable data, it is easy to track their destination 
and use various means to extract the content.

[...]




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------