[ISN] Anti-Attack Feds Push Carnivore

From: InfoSec News (isnat_private)
Date: Wed Sep 12 2001 - 22:48:43 PDT

  • Next message: InfoSec News: "[ISN] Office Space for those in the NYC area..."

    By Declan McCullagh 
    2:00 a.m. Sep. 12, 2001 PDT
    WASHINGTON -- Federal police are reportedly increasing Internet
    surveillance after Tuesday's deadly attacks on the World Trade Center
    and the Pentagon. 
    Just hours after three airplanes smashed into the buildings in what
    some U.S. legislators have dubbed a second Pearl Harbor, FBI agents
    began to visit Web-based, e-mail firms and network providers,
    according to engineers at those companies who spoke on condition of
    An administrator at one major network service provider said that FBI
    agents showed up at his workplace on Tuesday "with a couple of
    Carnivores, requesting permission to place them in our core, along
    with offers to actually pay for circuits and costs." 
    The person declined to say for publication what the provider's
    response was, "but a lot of people" at other firms were quietly going
    along with the FBI's request. "I know that they are getting a lot of
    'OKs' because they made it a point to mention that they would only be
    covering our core for a few days, while their 'main boxes were being
    set up at the Tier 1 carriers' -- scary," the engineer said. 
    The FBI's controversial Carnivore spy system, which has been renamed
    DCS1000, is a specially configured Windows computer designed to sit on
    an Internet provider's network and monitor electronic
    communications. To retrieve the stored data, an agent stops by to pick
    up a removable hard drive with the information that the Carnivore
    system was configured to record. 
    Microsoft's Hotmail service has also been the target of increased
    federal attention, according to an engineer who works there. 
    "Hotmail officials have been receiving calls from the San Francisco
    FBI office since mid-(Tuesday) morning and are cooperating with their
    expedited requests for information about a few specific accounts," the
    person said. "Most of the account names start with the word 'Allah'
    and contain messages in Arabic." 
    By Tuesday evening, nearly 12 hours after the twin attacks that
    crippled Manhattan and left Washington deserted by mid-afternoon, it
    was unclear who was responsible. The Washington Post, citing anonymous
    government sources, reported that former Saudi businessman Osama bin
    Laden appears to be the prime suspect. 
    In February, U.S. officials claimed that bin Laden had turned to
    data-hiding steganography software to conceal communications with his
    operatives by means of public websites. 
    In Washington, use of data-scrambling encryption software is also
    frequently mentioned in conjunction with terrorists. "Uncrackable
    encryption is allowing terrorists Hamas, Hezbollah, al-Qaida and
    others to communicate about their criminal intentions without fear of
    outside intrusion," then-FBI Director Louis Freeh told a Senate panel
    last year. "They're thwarting the efforts of law enforcement to
    detect, prevent and investigate illegal activities." 
    Those comments, and the prospect of congressional reaction to
    Tuesday's terrorist attacks, have prompted some civil libertarians to
    fret about possible domestic regulation of encryption products. 
    A few years ago, one House committee approved a bill that would have
    banned any encryption product without a back door entrance for the
    federal government. By Tuesday afternoon, at least one NBC affiliate
    had interviewed defense expert Jim Dunnigan, who warned that "PGP and
    Internet encryption" would be blamed for the attacks. 
    "Those of us who value our liberty, even in the face of danger, will
    need to be vigilant in the days to come," says Thomas Leavitt, an
    online activist who co-founded Webcom. 
    Other civil libertarians say it's a mistake to believe that the
    U.S. government will overreact to Tuesday's disasters. Marc Rotenberg
    of the Electronic Privacy Information Center said he believes that the
    better approach is to argue that the U.S. must not allow a terrorist
    attack on our form of open government to succeed. 
    It's too early to tell whether he's right or not, but by late Tuesday,
    operators of anonymous remailers were already so worried about being
    conduits for terrorist communications -- or being blamed for the
    communications, rightly or wrongly -- that they pulled the plug. 
    Operator Len Sassaman said in a post to a remailer-operators list: "I
    don't want to get caught in the middle of this. I'm sorry. I'm
    currently unemployed and don't have the resources to defend myself. At
    this point in time, a free-speech argument will not gain much sympathy
    with the Feds, judges and general public." 
    Remailers forward messages but remove the originating information, so
    that the resulting e-mail is anonymized. They customarily don't keep
    logs, so if the system works as designed, it should be nearly
    impossible for anyone to find who sent the message. 
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Sep 13 2001 - 00:45:35 PDT