The Electronic Privacy Information Center (EPIC) recently obtained Federal Bureau of Investigation (FBI) documents that show the agency failed to use its DCS-1000 Internet monitoring system effectively during 2002 and 2003. EPIC reports that the agency only used DCS-1000 a mere thirteen times in both years combined.
According to the reports obtained through the Freedom of Information Act (FOIA), the FBI opted instead to use commercially available software to carryout court ordered surveillance. The documents alluded that the agency found Carnivore and similar tools to be inadequate and almost unnecessary, since most Internet Service Providers (ISPs) willingly give out customer information as requested by the FBI and the United States government.
The DCS-1000 Internet monitoring system, once known as Carnivore, was created in 1998 to spy on known criminals and suspected terrorists. It works as a "packet sniffer", which monitors network traffic in order to pickup and decode certain packets of interest. Packet sniffers are also employed by hackers or crackers for illicit purposes such as stealing a user's password, credit card number, or other personal information.
A packet sniffer works two ways, allowing the user to narrow down the information. There is the unfiltered option which captures all of the packets coming through, and the filtered option which only captures packets containing specific data sought after by the FBI.
Carnivore is third in a series of software used by the FBI to monitor individuals and groups online. Not much was disclosed on the first system created by the agency called Etherpeek.
By 1997 the FBI had its hands on Omnivore, which scanned through e-mail, mail server traffic, and even had the capability to print e-mail out instantly while simultaneously creating a backup on a dedicated drive.
Omnivore was old news by 1998, and was dropped in favour of the DragonWare Suite, which allowed the FBI to download files and web pages, as well as re-construct e-mail messages.
DragonWare involved three main parts, Carnivore, Coolminer, and Packeteer. Carnivore used a Windows NT/2000 operating system, and gathered the information while the Coolminer analysed the data as Packeteer reassembled packets. Although the three worked together, the agency assigned the name of the system to "Carnivore".
Although the U.S. government insists the original idea of programmes, such as Carnivore, are designed to monitor suspicious activity by those considered suspect, the programmes are also capable of monitoring anyone without notice or suspicion.
The web sites you visit, the e-mail you send and receive (including all content, mail server information, DNS verification found in full headers, and addresses), the messenger you use to chat to friends and relatives, the music you download, and even the traffic to your own web site can be easily monitored.
EPIC is concerned that the FBI will not fully disclose the number of wiretaps as it once did with Carnivore, since there is currently no requirement to do so with ISPs.
Carnivore/ DCS-1000 Report to Congress
FBI's Carnivore System Disrupted Anti-Terror Investigation
©2006 Anai Rhoads Ford.