CDR: Re: Carnivore All-Consuming
Steve Schear
schear at lvcm.com
Sun Nov 19 18:13:20 PST 2000
At 06:21 PM 11/19/00 +0000, Jim Dixon wrote:
>On Sat, 18 Nov 2000 George at orwellian.org wrote:
>
> > EPIC FOIA...
> >
> > http://www.latimes.com/wires/20001117/tCB00V0387.html
> >
> > WASHINGTON--The FBI's controversial e-mail surveillance tool,
> > known as Carnivore, can retrieve all communications that go
> > through an Internet service -far more than FBI officials have
> > said it does -a recent test of its potential sweep found,
> > according to bureau documents
> > [snip]
>
>Carnivore is an NT-based PC. How could it conceivably process all
>communications through even a mid-sized ISP?
>
>There are at least two problems: processing power and network
>architecture.
>
>As regards the first, our customers, many of them smaller ISPs,
>find it necessary to employ NT clusters to handle subsets of their
>traffic (Usenet news, Web proxies, and so forth). So it is
>difficult to believe that a single NT box could monitor their
>entire traffic load.
A PC, using off-the-shelf HW, is capable of filtering a full 100 Mbps link
(144K packets/sec) as demonstrated by the BlackICE products
http://www.networkice.com/html/blackice_sentry.html
steve
>As regards the second, most ISPs of any size have multiple PoPs
>and multiple high-speed connections to other networks. It would
>require incredible contortions to route all of their traffic to
>one point for monitoring. And for the larger network, the bandwidth
>into that single point would be unmanageable.
>
>The UK government proposed building something more sophisticated than
>Carnivore. Consultants led them to believe that this was feasible,
>and costed a solution. The UK ISP associations (the LINX and ISPA)
>replied to their proposals by saying that (a) the proposals showed
>no understanding of the technical structure of the Internet and
>(b) their cost estimates were ridiculously low, even if the
>Internet could be distorted sufficiently to be monitored in the
>manner envisioned.
>
>As far as we can see, the UK government as an institution is not
>capable of even understanding the Internet. They simply do not have
>enough competent technical staff. They do have a lot of relatively
>senior people who claim to be competent - and give bad advice, some
>of which finds its way into legislation and programs of action.
>
>The overall capacity and the complexity of the Internet is increasing
>at an explosive rate. For better or for worse, this far exceeds the
>growth in any government's capability of monitoring Internet traffic.
More information about the cypherpunks-legacy
mailing list