http://www.mediachannel.org/
The spy in your server
Thursday August 10, 2000
Governments all over the world have suddenly become embroiled in controversy about
electronic surveillance of the internet. In the United States, a political storm has
arisen over a new FBI internet tapping system codenamed Carnivore. In Britain, the
Regulation of Investigatory Powers (RIP) Act has just extended telephone-tapping
powers to cover internet service providers (ISPs), and allows the government to
arrange indiscriminate tapping or email interception for foreign police forces and
security agencies.
In the Netherlands, the Dutch security service BVD admitted two weeks ago that it has
been collecting emails sent abroad by companies. In the Hague, laws are being prepared
to allow the Justice Ministry to tap into email and subscriber records, scan messages
and mobile phone calls, and track users' movements.
The Australian government has passed laws allowing security agents to attack and
modify computers secretly to obtain information. Many other governments have similar
schemes in the pipeline.
These developments are no coincidence but the direct result of secret planning over
seven years by an international co-ordinating group set up by the FBI, after Congress
twice refused to extend its telephone tapping powers for digital networks. Under the
innocuous title of the International Law Enforcement Telecommunications Seminar
(ILETS), the group has met annually to plan for and lobby to make telecommunications
systems "interception-friendly".
ILETS excluded lawyers and industry specialists who might have advised on the
arrangements to protect privacy and human rights, or on the feasi bility and cost of
the intelligence officers' wish list of interception requirements. As a result, the
laws based on their recommendations have repeatedly caused controversy.
The work of ILETS first came to light in late 1997, when a British researcher, Tony
Bunyan, revealed collaboration between EU staff and the FBI for many years. Details of
plans to compel ISPs all over the world to install secret internet interception "black
boxes" in their premises appeared in Online last year.
A month ago, the European Parliament appointed 36 MEPs to lead a year-long
investigation into Echelon - the codename for a mainly US system for monitoring
traffic on commercial communications satellites. Echelon has become common parlance
for the worldwide electronic eavesdropping or signals intelligence (Sigint) network
run by the Government Communications Headquarters (GCHQ) together with the US National
Security Agency (NSA). The inquiry will ask if the rights of European citizens are
adequately protected and ascertain whether European industry is put at risk by the
global interception of communications.
French politicians and lawyers have taken the lead in accusing the US and Britain of
using their electronic intelligence networks to win business away from foreign rivals.
US politicians have riposted that France runs a worldwide electronic intelligence
system of its own - "Frenchelon", based at Domme, near Sarlat in the Dordogne, and
includes an eavesdropping station in New Caledonia in the Pacific (see
www.zdnet.co.uk/news/ 2000/25/ns-16207.html).
Electronic eavesdropping has become a battleground between the US and Russia. The
Russian-American Trust and Cooperation Act of 2000, passed on July 19, stops President
Clinton rescheduling or writing off billions of dollars of Russian debts unless a
Russian spy base in Cuba is "permanently closed".
This base at Lourdes, located on leased land near Havana, was the former Soviet
Union's most important intelligence facility. It uses Echelon-type systems to collect
data from telephone calls and satellite links covering the US.
Lourdes allegedly provides "between 60% and 70% of all Russian intelligence data about
the US". A defector has said that spying from Lourdes has grown dramatically following
an order by Boris Yeltsin to step up economic and technological espionage against the
west.
The White House wants to stop the campaign to close Lourdes because other countries
might then ask the US to close down its identical bases. Documents suggest the US
would particularly fear the Lourdes effect spreading to Britain, Germany and
Australia, where the NSA operates large sites. Its station at Menwith Hill, Yorkshire,
is the largest electronic intelligence base in the world.
The US is not alone in this spying. By the end of the year, the Government Technical
Assistance Centre (GTAC) will have begun operations from inside MI5's headquarters at
Thames House, Millbank. Its primary purpose will be to break codes used for private
email or to protect files on personal computers. It will also receive and hold private
keys to codes which British computer users may be compelled to give to the government,
under the RIP Act.
Development of GTAC has been pioneered by the Home Office's Encryption Co-ordination
Unit, which says that the centre will "provide the capability to produce plain
text/images/audio from lawfully intercepted communications and lawfully seized
computer media which are encrypted". The Home Office has not confirmed reports that
GTAC will also be the collecting point for intercepted internet communications relayed
from the "sniffer" boxes to be installed inside British ISPs.
The cost of building GTAC, said to be £25m, is likely to include the price of
ultra-fast super-computers, of the type previously used only to break Soviet codes and
attack other special military targets. Code breakers from the communications
intelligence agency GCHQ will be seconded to work at GTAC.
GCHQ has used sophisticated computers for many years to examine foreign or "external"
messages and phone calls, as part of the worldwide intelligence network operated with
other English-speaking countries. The key part of this system utilises computers
called Dictionaries, which hold lists of thousands of target names, addresses and key
words. They are used to select messages of interest, while discarding the majority of
communications.
GCHQ was not normally permitted to encroach on domestic communications. Now the RIP
Act says that as many domestic internet communications travel on the same "trunks" as
external communications, GCHQ will be allowed to trawl through these messages without
restriction.
Another limitation, which had prevented the direct targeting of people in Britain by
GCHQ without specific authorisation has also been dropped. The Home Secretary has been
given powers under Section 16 (3) of the Act to sign an "overriding" warrant every
three months. This will allow general surveillance without the need for individual
warrants.
This will apply to "serious crime", which can include organising demonstrations that
may affect public order. The government has offered no justification for its
willingness to allow GCHQ to intrude on domestic political and policing matters. The
RIP act will also allow any agency nominated by the Home Secretary to tap into the
addresses of emails sent and received (though not their content) without a warrant.
Caspar Bowden, whose lobbying organisation, the Foundation for Information Policy
Research, FIPR, helped to bring some important changes to the RIP Act, believes that
letting Dictionary type computers carry out broad-ranging surveillance on much
internal UK traffic will break the new Human Rights Act.
The FBI has just been granted funds for an $85m electronic surveillance programme
called Digital Storm. This foresees the quadrupling of telephone tapping in the US
over the next decade, because of the convenience of digital processing and the
automated delivery of intercepted messages and conversations to FBI agents.
The FBI hopes to build in automated transcription and translation systems. According
to its budget application for the next US fiscal year, a related programme called Casa
de Web will include central computer archives for intercepted audio and data reports.
It will also provide "analytic tools for automated speaker identification, text key
word spotting, and voice key word spotting".
The existence of Carnivore, the FBI tapping system, was revealed three months ago as
the result of a lawsuit between a US ISP and federal marshals, who demanded that the
ISP wire a Carnivore box into its network. The FBI initially wanted to install its own
version of a commercial "sniffer" programme called Etherpeek. Then it turned up with
Carnivore and a court order to install it.
The FBI claims there are only 20 Carnivores, and that they have been used only 25
times in the last 18 month. But the system is so controversial that the US Congress
held special hearings two weeks ago. A judge has ordered the FBI to answer requests
for details made under the Freedom of Information Act.
Carnivore consists of a laptop computer and communications interface cards. It runs a
packet sniffer programme to select the data it wants from inside the ISP local
network. According to Marcus Thomas, head of the FBI's Cyber Technology Section, they
are PCs using proprietary software and acting as a "specialized sniffer".
The bureau claims that although Carnivore's hardware sees all the traffic passing
through the ISP where it is installed, its software looks only at the origin and the
destination of each internet packet. If the addresses correspond with those
specifically authorised in a court order, then the information and/or the contents are
extracted and forwarded to the FBI. The agency claims no other data is recorded or
examined.
But US computer experts do not believe this is possible. For example, many ISPs
dynamically allocate internet addresses to their customers. This means that every time
you dial in to your ISP, you will use a different internet address. Unless Carnivore
is also intercepting this type of data, it cannot work.
The experts have asked the FBI to reveal the source code of Carnivore. The FBI has
refused, but says it will arrange a "privacy audit". US Attorney General Janet Reno
has publicly regretted the woodenheaded selection of the codename Carnivore. She says
it will soon be changed to a less threatening name.
Despite the power of systems such as Echelon or Carnivore, they face many practical
difficulties in conducting the type of extensive surveillance that some people fear.
The risk they pose to civil liberties has often been questioned because of the simple
techniques that criminals or terrorists can use to outrun surveillance.
Setting up new internet accounts and email addresses to use for a few days or weeks
takes barely a minute to do, yet can limit or defeat law enforcement or intelligence
targeting.
For the ordinary computer user who wants their email and web surfing activities to
regain at least the same level of privacy enjoyed by ordinary letters, the best and
probably the only tool to use is a system called Freedom.
Pioneered by the Canadian-based Zero Knowledge company, Freedom uses multiple
encrypted links to carry every kind of internet traffic. The first step is a secure
connection to a local ISP running a Freedom server. Several are now operating in
Britain. Your message, re-encrypted each time it travels, is passed among one or more
Freedom servers before being inserted onto the internet at a distant location. The
system used means that no one, including Zero Knowledge itself and the ISPs you use,
knows what messages are being sent or who is sending them.
For those less worried about intelligence agencies but infuriated by the
privacy-destroying habits of some websites and internet companies, the American-based
Junkbusters group offers an excellent free tool which stops unwarranted data
collection and also limits the time-wasting effects of downloading of advertising
material.
Systems like Carnivore and the black boxes, which MI5 and the police want to install
soon in British ISPs, are based on internet technologies used every day by network
managers and trouble-shooters.
Packet sniffers utilise the fact that all the traffic being handled by an ISP will
travel on one or more very high-speed data links. These typically handle hundreds or
even thousands of megabits of data every second.
Everyone's data travels on these shared links, in the form of datagrams, or packets of
data. Each packet contains details of the sender and the intended destination of the
data packet. In principle, this information can be used to select only the data being
sent to or received by the target of a government approved warrant.
But the ISP has no way of knowing how much data is being extracted from their clients'
private messages. It all depends on how the software is programmed, and this is kept
secret.
One program used by the FBI to tap email is Etherpeek, which can be programmed to
select any type of data from an internet data stream. Its manufacturers say it can
"capture all conversations on a network segment, much like a tele phone tap". It costs
less than $1,000 to buy and may be the proprietary software used for Carnivore.
Another commercial packet sniffer modified for internet surveillance is WireSpeed,
which can analyse more than 300 different network types. The WireSpeed analyser,
developed by a US corporation, Radcom, was recommended for use in a recent Home Office
report, which noted that it was "a major component of another country' s interception
solution - it would enable the user to view the content portion(s) of electronic
messages".
Industry and civil liberties critics in Britain and the US say that packet-sniffing
technology is so powerful and undetectable, that it poses a threat to civil liberties
and privacy that could not have existedpreviously. As even the ISP to whose equipment
it is connected will not know what it is doing, there can be no means of verifying
that surveillance is being limited to what is legally allowed.
Links
Freedom internet privacy protection system
www.zeroknowledge.com
Junkbuster
www.junkbusters.com/ht/en/ijb.html
WireSpeed Internet Analyser
www.radcom-inc.com/products/wire-spec.htm
Etherpeek packet sniffer
www.aggroup.com/products/etherpeek
• Duncan Campbell is a freelance investigative journalist and not the Guardian's Los
Angeles correspondent of the same name.
*** NOTICE: In accordance with Title 17 U.S.C. Section 107, this material is
distributed without profit to those who have expressed a prior interest in receiving
the included information for research and educational purposes. Feel free to
distribute widely but PLEASE acknowledge the source. ***
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The end is in the means as the tree is in the seed.
- Mahatma Ghandi
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Abraham Lincoln, letter to Wm. F. Elkins Nov. 21 1864
Arthur Shaw ed. The Lincoln Encyclopedia 40 {1950}
"We may congratulate ourselves that this cruel war is nearing
it's end. It has cost a vast amount of treasure and
blood.........It has indeed been a trying hour for the
Republic, but I see in the near future a crisis approaching
that unnerves me and causes me to tremble for the safety
of my country. As a result of the war, corporations have been
enthroned and an era of corruption in high places will
follow, and the money power of the country will endeavor to
prolong it's reign by working on the prejudices of the
people until all wealth is aggregated in a few hands and the
Republic is destroyed. I feel at this moment more anxiety
for the safety of my country than ever before, even in the
midst of war."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://216.167.120.50/cia-ath-pt1.htm
http://cryptome.org/RIPAct.htm
http://www.bytesforall.org
http://www.infoshop.org/hood.html
http://www.slip.net/~knabb/sitemap.htm
http://members.aol.com/cre9ive/
http://www.cpm.mmu.ac.uk/jom-emit/links.html
http://www.anat.org.au/resistant-media/
<A HREF="http://www.ctrl.org/">www.ctrl.org</A>
DECLARATION & DISCLAIMER
==========
CTRL is a discussion & informational exchange list. Proselytizing propagandic
screeds are unwelcomed. Substance—not soap-boxing—please! These are
sordid matters and 'conspiracy theory'—with its many half-truths, mis-
directions and outright frauds—is used politically by different groups with
major and minor effects spread throughout the spectrum of time and thought.
That being said, CTRLgives no endorsement to the validity of posts, and
always suggests to readers; be wary of what you read. CTRL gives no
credence to Holocaust denial and nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://peach.ease.lsoft.com/archives/ctrl.html
<A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of
[EMAIL PROTECTED]</A>
http:[EMAIL PROTECTED]/
<A HREF="http:[EMAIL PROTECTED]/">ctrl</A>
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
