John Bronson <[EMAIL PROTECTED]> wrote:
>
> First, I hope it's understood that I'm undecided whether I'm for carnivore
> or against it. The more I read on this list, though, the more I agree with
> you guys. Some of arguments against it are unfounded though, like this 3rd
> amendment thing.
>
> I didn't mean to quip went I asked about the electricity. I was responding
> to Sunder, who likened the carnivore box to a hungry British infantryman.
> At the risk of sounding ignorant, in my understanding a computer causes a
> negligible burden in air-conditioning. And it doesn't use the UPS
> batteries unless the power goes out. And since carnivore is a passive
> system, it doesn't add to your network's traffic burden. Besides, you know
> that it's not the rack space and heat that upsets ISP owners about the
> box.
As Riad Wahby states well in another message, you're way way off
base with your electrical assumptions. The AC burden is not
negligible. And when an ISP is small enough to not own generators,
what the UPS buys is time when the power cuts out. The more machines
sitting on those batteries, the less time you have to run in at 2
am and bring things to a smooth halt.
What's worse, your network assumption is also erroneous. My network
fabric is switched. In order to accomodate a Carnivore, I've got
to make the port leading to the Carnivore "unswitched", or else it
won't see the traffic that they want to see. That puts a load on
the switch, and completely defeats having the switch there in the
first place. (In other words, I've spent several thousand dollars
making sure that all traffic ISN'T visible to all devices on the
local net, and this damn thing would not only undo it, but it would
make the box responsible for the switching work twice as hard!)
>
> As an ISP owner, you have the responsibility that comes with providing
> communication and information to people. It's the same responsibility that
> the telcos have. So if it's in the interest of the people to stop a creep
> that's using your service to commit crimes, it's your duty to help the law
> enforcement guys out (for a moment, let's put away the omnipresent
> assumption law enforcement is inherently evil, and assume that it is
> actually interested in capturing bad guys).
I don't agree with anything you've just said there. Either you're
really on the wrong list, or I'm feeding a troll. Do you honestly
believe that part about responsibility? I don't work for "the
interest of the people", and I don't agree that I have ANY duty to
help out law enforcement, except in the case of a legal and SPECIFIC
court order.
When you casually propose to "put away the omnipresent assumption
that law enforcement is inherently evil", you are pretty much
ignoring one of the underlying purposes of the email list you are
posting to. Are you SURE you're in the right place? Most of the
assumptions that you take as givens are hugely in opposition to
the people you're posting to. There's a big disconnect here.
>
> administrated. It would be interesting if an ISP somehow detected and
> reported activity coming from one of the things. As for back doors in the
> commercial part of the software, I hadn't thought of that, and that's
> definately a real concern.
>
> Does anyone know if Carnivore is remotely administrated, and therefore
> subject to hacking?
It doesn't have to be remotely administered to be subject to hacking.
Windows 9X is not remotely administer-able, and it is hacked all the
time.
To put things in a proper cypherpunks perspective, John, consider:
As an ISP owner, what would my "responsibility to the interest of
the people" be if all email (and other) traffic across my system
was encrypted?
-Bill
--
Bill O'Hanlon [EMAIL PROTECTED]
Professional Network Services, Inc. 612-379-3958
