Internet Wiretapping - Government and Law Use (Omnivore, Carnivore, DragonWare Suite)
Upcoming SlideShare
Loading in...5

Like this? Share it with your network


Internet Wiretapping - Government and Law Use (Omnivore, Carnivore, DragonWare Suite)

Uploaded on

- Origins of Internet Wiretapping ...

- Origins of Internet Wiretapping
- How Does It Work
- Targets of Internet Wiretapping
- Programs and Laws Involving Internet Wiretapping
- Controversy surrounding Internet Wiretapping
- Protection from Internet Wiretapping
- Potential Future of Internet Wiretapping

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Internet WiretappingGovernment and LawEnforcement UseOverview• Origins of Internet Wiretapping• How Does It Work• Targets of Internet Wiretapping• Programs and Laws Involving Internet• Programs and Laws Involving InternetWiretapping• Controversy surrounding Internet Wiretapping• Protection from Internet Wiretapping• Potential Future of Internet WiretappingOrigins (Omnivore)• In 1997, the FBI deployed the secondgeneration program of online-detection software,Omnivore.• According to information released by the FBI,• According to information released by the FBI,Omnivore was designed to look through e-mailtraffic traveling over a specific Internet serviceprovider (ISP) and capture the e-mail from atargeted source, saving it to a tape-backup driveor printing it in real-time.Origins (Carnivore)• In late 1999, Omnivore was retired infavor of a more comprehensive system,the DragonWare Suite, which allowed theFBI to reconstruct e-mail messages,FBI to reconstruct e-mail messages,downloaded files or even Web pages.• DragonWare contained three parts:Carnivore, Packeteer and Coolminer.
  • 2. Origins (Carnivore)• Carnivore was the third generation ofonline-detection software used by the FBI.• Information about the first version hasnever been released, but it is believed thatnever been released, but it is believed thatit was actually an available commercialprogram called Etherpeek.Carnivore• Carnivore - A Windows NT/2000-based systemthat captures the information.No official information was released aboutPacketeer and Coolminer.• Packeteer – It is presumed that is an• Packeteer – It is presumed that is anapplication for reassembling packets intocohesive messages or Web pages• Coolminer – It is presumed that it is anapplication for extrapolating and analyzing thedata found in the messagesCarnivore• Officials never released much informationabout the DragonWare Suite, Packeteerand Coolminer and very little detailedinformation about Carnivore.information about Carnivore.• What is known about Carnivore is that itwas basically a packet snifferPacket Sniffer• A packet sniffer is a program that can seeall of the information passing over thenetwork it is connected to.• As data streams back and forth on the• As data streams back and forth on thenetwork, the program looks at, or "sniffs,"each packet.
  • 3. Packet SnifferA packet sniffer can usually be set up in oneof two ways:• Unfiltered - Captures all of the packets• Filtered - Captures only those packets• Filtered - Captures only those packetscontaining specific data elementsPacket Sniffer• Packets that contain targeted data are copiedas they pass through.• The program stores the copies in memory or ona hard drive, depending on the programsconfiguration.configuration.Packet SnifferA packet sniffer located at one of the servers of your ISPwould potentially be able to monitor all of your onlineactivities, such as:• Which Web sites you visit• What you look at on the site• What you look at on the site• Whom you send e-mail to• Whats in the e-mail you send• What you download from a site• What streaming events you use, such as audio, videoand Internet telephony• Who visits your site (if you have a Web site)How Carnivore Works• FBI agents take an off-the-shelf PC with theCarnivore software on it directly to the offices ofan Internet service provider (ISP), i.e. AOL.• They leave it there for about 45 days, making• They leave it there for about 45 days, makingdaily visits to retrieve captured data, forexample, the e-mails sent to or from a suspect.• Like the more common phone tap, such anInternet tap must be authorized by court order.
  • 4. Requirements for Carnivore• A type of physical lockout system that requires aspecial passcode to access the computer (Thiskeeps anyone but the FBI from physicallyaccessing the Carnivore system.)• A network isolation device that makes theCarnivore system invisible to anything else onthe network (This prevents anyone from hackinginto the system from another computer.)Targets of CarnivoreThe FBI planned to use Carnivore forspecific reasons. The FBI would request acourt order to use Carnivore when aperson was suspected of:• Terrorism• Child pornography/exploitation• Espionage• Information warfare• Fraud• Between 1998 and 2000: The Carnivorewas used about 25 times.End of Carnivore• In 2002: FBI performed only 5 internetwiretaps.• In 2003: FBI performed only 8 internetwiretaps.wiretaps.• According to FBI reports, Carnivore wasnot used in these wiretaps• In 2005: The FBI effectively abandonedCarnivore and switched to an unspecifiedcommercial software.
  • 5. Criticism of Carnivore• Critics say Carnivore gives the FBI accessto private information that exceeds a courtorder. In theory, it could process all the e-mail that passes through the ISP not justmail that passes through the ISP not justmessages sent to or from the suspect.Criticism of Carnivore• Critics complained they have unlimitedaccess to all Internet users’ personalcorrespondence, whether it is covered bywarrant or not.warrant or not.Criticism of Carnivore• Critics compare the softwares activity tosnooping on all the phones in aneighborhood to zero in on one phone.Others claim Carnivore goes beyond e-Others claim Carnivore goes beyond e-mail surveillance to also monitor overallInternet usage.Flaw in Carnivore• “The Denver field FBI offices terroristelectronic surveillance probe of binLadens network not only snatchedtargeted e-mails "but also picked up e-targeted e-mails "but also picked up e-mails on non-covered targets," said aMarch 2000 memo to agencyheadquarters in Washington. “-
  • 6. Internet Wiretapping Programsand Laws• USA PATRIOT ACT• NSA Terrorist Surveillance Program• FISA ACTThe Patriot Act• Parts of the Patriot Act, including a sectionon "roving wiretaps," Such wiretaps allowthe FBI to get permission from a secretfederal court to listen in on any phone linefederal court to listen in on any phone lineor monitor any Internet account that aterrorism suspect may be using, whetheror not others who are not suspects alsoregularly use it.NSA Terrorist SurveillanceProgramThe NSA program intercepted phonecalls and e-mails on U.S. soil, bypassingthe normal legal requirement that sucheavesdropping be authorized by a federalcourt. The program began after thecourt. The program began after theSeptember 11 terrorist attacks andcontinued until January 17, 2007, whenthe white house resumed seekingsurveillance warrants from the foreignintelligence surveillance court.Arguments (NSA TSP)Gen. Michael Hayden• “this program has givenus information that wewould not otherwise havebeen able to get."Sen. John Kerry• “by instituting thesurveillance withoutexplicit congressionalapproval, Bush seemedbeen able to get."• “If the surveillance hadbeen used before Sept.11, we would havedetected some of the9/11 al-Qaeda operativesin the United States."approval, Bush seemedto be saying he was‘above the law.’”
  • 7. • Were the program’s actions legal?• Were the program’s actions ethical?• Were innocent Americans’ privacysacrificed to ensure their safety?sacrificed to ensure their safety?• Sen. Arlen Specter, R-Pa., who chairs theSenate Judiciary Committee, hasquestioned the legality of the program. A1978 law requires the NSA to obtain1978 law requires the NSA to obtainfederal court-approved warrants beforeeavesdropping on U.S. targets.Bush’s Defense of NSA TSP"Congress gave me the authority to use necessaryforce to protect the American people, but it didntprescribe the tactics,"-President BushBush’s Defense of NSA TSP• Bush characterized the surveillanceprogram as a concept brought to him bysenior aides in response to his questionposed internally following the 9/11 attacks:posed internally following the 9/11 attacks:"Is there anything more we can do, withinthe law, within the Constitution, to protectthe American people?"
  • 8. Arguments (warrantlesswiretaps)For making it easier totrack suspects• Acquiring warrants is timeconsuming. Itunnecessarily slowsdown U.S. intelligenceFor limited warrantlesswiretaps• Placing limits onwiretapping without awarrant are aimed atprotecting Americansdown U.S. intelligenceofficials as they tracksuspects.protecting Americansfrom unnecessarysurveillance.• The controversy over President Bushswarrantless domestic eavesdroppingprogram also prompted calls for change inthe FISA law.the FISA law.FISA Updated• The FISA law requires court orders whenthe target of any eavesdropping is anAmerican citizen or individual living in theU.S. Warrants are not necessary if theU.S. Warrants are not necessary if thetarget is overseas.Questions about FISA• Question: What are the key provisions inthe FISA bill?
  • 9. AnswerPam Benson, CNNs National Security ProducerBenson: The bill explicitly establishes FISA as theexclusive means for authorizing electronicsurveillance; requires a court order for thesurveillance; requires a court order for thesurveillance of any targeted American, whetherthe person is in the United States or abroad; andrequires a secret court set up to oversee FISAissues to sign off on provisions for removing thename of any American inadvertently captured ina communication with a foreign target.Questions about FISA• Question: Under the proposed FISA bill,can Americans be spied on without a courtwarrant? Are their civil liberties protected?Answer• Benson: Under the new revised law, awarrant is required to spy on anyAmerican, including, for the first time,Americans who are abroad.Americans who are abroad.Answer• If the intelligence community shouldunintentionally intercept a phone call or ane-mail involving an American, the agencyinvolved must get a warrant if the personinvolved must get a warrant if the personis of interest or take steps to erase thatpersons name from any report.
  • 10. Answer• The bill states that domestic electronicsurveillance is authorized exclusively bythe provisions of FISA. This is an effort toprevent the president from secretlyprevent the president from secretlyauthorizing warrantless eavesdropping,which some lawmakers and civil rightsgroups claim violates the publics FourthAmendment protection againstunreasonable searches.Answer• However, the bill does not addressPresident George Bushs claim that he hasArticle 2 constitutional authority as thecommander-in-chief to order such activitycommander-in-chief to order such activityduring times of war.Protection From Packet SniffingEncrypting DataMIT Recommends:• While sniffer programs usually capture only thefirst 128 characters of a packet, they can be setfirst 128 characters of a packet, they can be setto capture all data as it passes over the network.This includes data sent via FTP or email. Yourbest protection against such eavesdropping is touse a public key encryption system such asPretty Good Privacy (PGP).Potential Future of InternetWiretappingIn 2001:• The FBI is seeking to broadenconsiderably its ability to tap intoInternet traffic in its quest to root outInternet traffic in its quest to root outterrorists, going beyond even the newmeasures afforded in anti-terrorlegislation signed by President Bush.
  • 11. Potential Future of InternetWiretapping• Stewart Baker, a former general consul tothe National Security Agency, said the FBIhas plans to change the architecture of theInternet and route traffic through centralInternet and route traffic through centralservers that it would be able to monitor e-mail more easily.Potential Future of InternetWiretapping• FBI Spokesman Paul Bresson said he wasunaware of any development in the e-mailsurveillance arena that would requiremajor architectural changes in the Internet,major architectural changes in the Internet,but acknowledged that such a plan ispossible. Any new efforts would be incompliance with wiretapping statutes,Bresson said.