Anti Terrorism

Carnivore Surveillance System

Carnivore is a computer surveillance system developed by the FBI
that the Senate recently approved for use to investigate terrorism
through the Patriot Act.

Surveillance Detection Program - A Do-It-Yourself Article
Click Here for Advanced Counter-Surveillance Equipment
Patriot Act Intro | USA Patriot Act | Carnivore | Magic Lantern | Bibliography

Anti Terrorism Technology:
Surveillance System


Carnivore is a computer system developed by the FBI that can be connected to an ISP network and remotely accessed by a dial-up link. It can be configured to intercept and record digital communications. The senate recently approved the use of the Carnivore system to investigate terrorism through the Patriot Act.

FBI Description of Carnivore

Criminals, including terrorists, regularly use electronic communications in order to execute their plans. The FBI contends that the ability to conduct electronic surveillance has become central to its law enforcement duties: over the past 13 years electronic surveillance has helped to secure the convictions of more than 25,600 felons (Carnivore Diagnostic Tool). The rationale for designing Carnivore is that many ISPs lack the ability to identify the messages of a particular subscriber while excluding the messages of all others.

The FBI claims that Carnivore provides "enhanced privacy protection" by intercepting only the specific communications allowed by a court order (Carnivore Diagnostic Tool). Donald Kerr made clear in his statement to the US House of Representatives that Carnivore "does NOT search through the contents of every message and collect those that contain certain key words like 'bomb' or 'drugs'" (Kerr). Before the passage of the Patriot Act, Carnivore was legally employable only when targeted at a specific individual under suspicion, under direction of a court order, and with cooperation of the ISP.

Concerns Regarding Carnivore

Carnivore has drawn significant criticism from civil rights groups, including the ACLU, the Electronic Privacy Information Center (EPIC), and the Center for Democracy and Technology. One of the major concerns raised by these groups was the potential scope of the system. In response to a lawsuit filed by EPIC the FBI released additional documents regarding Carnivore, one of which stated that "Carnivore was tested on a real world deployment [deletion] having come back from a deployment. The machine had a single 300 MHz processor running Win NT4 SP6 Workstation. There were 384 MB of RAM but the hard disk was relatively small at 1.19 GB. This [deletion] has both Zip and Jaz drives. This PC could reliable capture and archive all unfiltered traffic to the internal hard drive at [deleted]" (Sobel). These documents contradicted Kerr's earlier statements at congressional hearings, and heightened fears about trusting the FBI.

In addition to privacy concerns, the Carnivore system represents a difficult technical problem. First, there is the problem of extracting only the targeted communications. This can be difficult because 1) if a single packet is dropped, repeated, or miscategorized, an intercepted message could be misinterpreted and 2) dynamic IP addresses make it difficult to identify "who said what" (Blaze). The general purpose nature of Carnivore brings up several other problems:

* ISPs vary in their architecture, and components that work in one architecture may fail in others;
* Since Carnivore can be controlled remotely, someone might be able to hack into it;
* There is no way to ensure that Carnivore has been configured correctly so as to allow only the intended traffic to be recorded (Blaze).

Independent Technical Review of Carnivore

The IIT Research Institute and the Illinois Institute of Technology Chicago-Kent College of Law (IITRI) conducted an independent technical review of Carnivore for the Department of Justice. The report is 100+ page long, but the following quotes from the report summarize the findings:

Q: Does Carnivore provide investigators with all, but only, the information it is designed and set to provide in accordance with a given court order?

A: When Carnivore is used in accordance with a Title III order, it provides investigators with no more information than is permitted by a given court order. When Carnivore is used under pen trap authorization it collects TO and FROM information, and also indicates the length of messages and the length of individual fields within those messages possibly exceeding court-permitted collection.

Q: Does Carnivore introduces any new, material risks of operational or security impairment of an ISP's network?

A: Operating Carnivore introduces no operational or security risks to the ISP network where it is installed unless the ISP must make changes to its network to accomodate Carnivore. Such changes may introduce unexpected network behavior.

Q: Does Carnivore risk unauthorized acquisition, whether intentional or unintentional, of electronic communication information by: (1) FBI personnel or (2) persons other than FBI personnel?

A: Carnivore reduces, but does not eliminate, risk of both intentional and unintentional unauthorized acquisition of electronic communication information by FBI personnel, but introduces little additional risk of acquisition by persons other than FBI personnel.

Q: Does Carnivore provide protections, including audit functions and operational procedures or practices, commensurate with the level of the risks?

A: While operational procedures or practices appear sound, Carnivore does not provide protections, especially audit functions, commensurate with the level of the risks.

The report made many other supplementary conclusions, four of which are of particular interest:

* Carnivore represents technology that can be more effective in protecting privacy and enabling lawful serveillance than can alternatives such as commercial packet sniffers.
* While the system was designed to, and can, perform fine-tuned searches, it is also capable of broad sweeps. Incorrectly configured, Carnivore can record any traffic it monitors.
* Carnivore does not have nearly enough power "to spy on almost everyone with an email account". In order to work effectively, it must reject the majority of packets it monitors. It also monitors only the packets traversing the wire to which it is connected. Typically, this wire is a network segment handling only a subset of a particular ISP's traffic.
* Carnivore has significant performance limitations, most of which result from design decisions to enable precise collection.


When it is used in compliance with a court order, Carnivore can be classified as a personal surveillance technology. Additionally, the performance limitations of Carnivore, specifically its inability to record large amounts of network traffic, make it an innefective mass surveillance tool. However, the problem with Carnivore is that is has the potential to be a mass surveillance tool. The reason that Carnivore is not capable of mass surveillance is because it is not extremely well designed. Future versions of the software could easily be designed to be much more powerful.

Accelerated Promotions

Spy Gear | Gas Masks | Night Vision Equipment
Spy Equipment Catalog
Surveillance Detection Program - A Do-It-Yourself Article

Click Here for Advanced Counter-Surveillance Equipment
Patriot Act Intro
| USA Patriot Act | Carnivore | Magic Lantern | Bibliography

| surveillance devices | surveillance detection | counter surveillance | two way radio |
| telephone security | personal security | night vision optics | hidden cameras | armored vehicles |



Spy Gear