from:
http://www.guardianunlimited.co.uk/online/story/0,3605,352394,00.html
Click Here: <A
HREF="http://www.guardianunlimited.co.uk/online/story/0,3605,352394,00.html">G
uardian Unlimited | The spy in your server</A>
-----
The spy in your server
There is no hiding place on the net as governments around the world chase
your data, reports Duncan Campbell
Special report: privacy on the net
Thursday August 10, 2000
Governments all over the world have suddenly become embroiled in controversy
about electronic surveillance of the internet. In the United States, a
political storm has arisen over a new FBI internet tapping system codenamed
Carnivore. In Britain, the Regulation of Investigatory Powers (RIP) Act has
just extended telephone-tapping powers to cover internet service providers
(ISPs), and allows the government to arrange indiscriminate tapping or email
interception for foreign police forces and security agencies.
In the Netherlands, the Dutch security service BVD admitted two weeks ago
that it has been collecting emails sent abroad by companies. In the Hague,
laws are being prepared to allow the Justice Ministry to tap into email and
subscriber records, scan messages and mobile phone calls, and track users'
movements.
The Australian government has passed laws allowing security agents to attack
and modify computers secretly to obtain information. Many other governments
have similar schemes in the pipeline.
These developments are no coincidence but the direct result of secret
planning over seven years by an international co-ordinating group set up by
the FBI, after Congress twice refused to extend its telephone tapping powers
for digital networks. Under the innocuous title of the International Law
Enforcement Telecommunications Seminar (ILETS), the group has met annually to
plan for and lobby to make telecommunications systems
"interception-friendly".
ILETS excluded lawyers and industry specialists who might have advised on the
arrangements to protect privacy and human rights, or on the feasi bility and
cost of the intelligence officers' wish list of interception requirements. As
a result, the laws based on their recommendations have repeatedly caused
controversy.
The work of ILETS first came to light in late 1997, when a British
researcher, Tony Bunyan, revealed collaboration between EU staff and the FBI
for many years. Details of plans to compel ISPs all over the world to install
secret internet interception "black boxes" in their premises appeared in Onlin
e last year.
A month ago, the European Parliament appointed 36 MEPs to lead a year-long
investigation into Echelon - the codename for a mainly US system for
monitoring traffic on commercial communications satellites. Echelon has
become common parlance for the worldwide electronic eavesdropping or signals
intelligence (Sigint) network run by the Government Communications
Headquarters (GCHQ) together with the US National Security Agency (NSA). The
inquiry will ask if the rights of European citizens are adequately protected
and ascertain whether European industry is put at risk by the global
interception of communications.
French politicians and lawyers have taken the lead in accusing the US and
Britain of using their electronic intelligence networks to win business away
from foreign rivals. US politicians have riposted that France runs a
worldwide electronic intelligence system of its own - "Frenchelon", based at
Domme, near Sarlat in the Dordogne, and includes an eavesdropping station in
New Caledonia in the Pacific (see www.zdnet.co.uk/news/ 2000/25/ns-16207.html)
.
Electronic eavesdropping has become a battleground between the US and Russia.
The Russian-American Trust and Cooperation Act of 2000, passed on July 19,
stops President Clinton rescheduling or writing off billions of dollars of
Russian debts unless a Russian spy base in Cuba is "permanently closed".
This base at Lourdes, located on leased land near Havana, was the former
Soviet Union's most important intelligence facility. It uses Echelon-type
systems to collect data from telephone calls and satellite links covering the
US.
Lourdes allegedly provides "between 60% and 70% of all Russian intelligence
data about the US". A defector has said that spying from Lourdes has grown
dramatically following an order by Boris Yeltsin to step up economic and
technological espionage against the west.
The White House wants to stop the campaign to close Lourdes because other
countries might then ask the US to close down its identical bases. Documents
suggest the US would particularly fear the Lourdes effect spreading to
Britain, Germany and Australia, where the NSA operates large sites. Its
station at Menwith Hill, Yorkshire, is the largest electronic intelligence
base in the world.
The US is not alone in this spying. By the end of the year, the Government
Technical Assistance Centre (GTAC) will have begun operations from inside
MI5's headquarters at Thames House, Millbank. Its primary purpose will be to
break codes used for private email or to protect files on personal computers.
It will also receive and hold private keys to codes which British computer
users may be compelled to give to the government, under the RIP Act.
Development of GTAC has been pioneered by the Home Office's Encryption
Co-ordination Unit, which says that the centre will "provide the capability
to produce plain text/images/audio from lawfully intercepted communications
and lawfully seized computer media which are encrypted". The Home Office has
not confirmed reports that GTAC will also be the collecting point for
intercepted internet communications relayed from the "sniffer" boxes to be
installed inside British ISPs.
The cost of building GTAC, said to be £25m, is likely to include the price of
ultra-fast super-computers, of the type previously used only to break Soviet
codes and attack other special military targets. Code breakers from the
communications intelligence agency GCHQ will be seconded to work at GTAC.
GCHQ has used sophisticated computers for many years to examine foreign or
"external" messages and phone calls, as part of the worldwide intelligence
network operated with other English-speaking countries. The key part of this
system utilises computers called Dictionaries, which hold lists of thousands
of target names, addresses and key words. They are used to select messages of
interest, while discarding the majority of communications.
GCHQ was not normally permitted to encroach on domestic communications. Now
the RIP Act says that as many domestic internet communications travel on the
same "trunks" as external communications, GCHQ will be allowed to trawl
through these messages without restriction.
Another limitation, which had prevented the direct targeting of people in
Britain by GCHQ without specific authorisation has also been dropped. The
Home Secretary has been given powers under Section 16 (3) of the Act to sign
an "overriding" warrant every three months. This will allow general
surveillance without the need for individual warrants.
This will apply to "serious crime", which can include organising
demonstrations that may affect public order. The government has offered no
justification for its willingness to allow GCHQ to intrude on domestic
political and policing matters. The RIP act will also allow any agency
nominated by the Home Secretary to tap into the addresses of emails sent and
received (though not their content) without a warrant.
Caspar Bowden, whose lobbying organisation, the Foundation for Information
Policy Research, FIPR, helped to bring some important changes to the RIP Act,
believes that letting Dictionary type computers carry out broad-ranging
surveillance on much internal UK traffic will break the new Human Rights Act.
The FBI has just been granted funds for an $85m electronic surveillance
programme called Digital Storm. This foresees the quadrupling of telephone
tapping in the US over the next decade, because of the convenience of digital
processing and the automated delivery of intercepted messages and
conversations to FBI agents.
The FBI hopes to build in automated transcription and translation systems.
According to its budget application for the next US fiscal year, a related
programme called Casa de Web will include central computer archives for
intercepted audio and data reports. It will also provide "analytic tools for
automated speaker identification, text key word spotting, and voice key word
spotting".
The existence of Carnivore, the FBI tapping system, was revealed three months
ago as the result of a lawsuit between a US ISP and federal marshals, who
demanded that the ISP wire a Carnivore box into its network. The FBI
initially wanted to install its own version of a commercial "sniffer"
programme called Etherpeek. Then it turned up with Carnivore and a court
order to install it.
The FBI claims there are only 20 Carnivores, and that they have been used
only 25 times in the last 18 month. But the system is so controversial that
the US Congress held special hearings two weeks ago. A judge has ordered the
FBI to answer requests for details made under the Freedom of Information Act.
Carnivore consists of a laptop computer and communications interface cards.
It runs a packet sniffer programme to select the data it wants from inside
the ISP local network. According to Marcus Thomas, head of the FBI's Cyber
Technology Section, they are PCs using proprietary software and acting as a
"specialized sniffer".
The bureau claims that although Carnivore's hardware sees all the traffic
passing through the ISP where it is installed, its software looks only at the
origin and the destination of each internet packet. If the addresses
correspond with those specifically authorised in a court order, then the
information and/or the contents are extracted and forwarded to the FBI. The
agency claims no other data is recorded or examined.
But US computer experts do not believe this is possible. For example, many
ISPs dynamically allocate internet addresses to their customers. This means
that every time you dial in to your ISP, you will use a different internet
address. Unless Carnivore is also intercepting this type of data, it cannot
work.
The experts have asked the FBI to reveal the source code of Carnivore. The
FBI has refused, but says it will arrange a "privacy audit". US Attorney
General Janet Reno has publicly regretted the woodenheaded selection of the
codename Carnivore. She says it will soon be changed to a less threatening
name.
Despite the power of systems such as Echelon or Carnivore, they face many
practical difficulties in conducting the type of extensive surveillance that
some people fear.
The risk they pose to civil liberties has often been questioned because of
the simple techniques that criminals or terrorists can use to outrun
surveillance.
Setting up new internet accounts and email addresses to use for a few days or
weeks takes barely a minute to do, yet can limit or defeat law enforcement or
intelligence targeting.
For the ordinary computer user who wants their email and web surfing
activities to regain at least the same level of privacy enjoyed by ordinary
letters, the best and probably the only tool to use is a system called
Freedom.
Pioneered by the Canadian-based Zero Knowledge company, Freedom uses multiple
encrypted links to carry every kind of internet traffic. The first step is a
secure connection to a local ISP running a Freedom server. Several are now
operating in Britain. Your message, re-encrypted each time it travels, is
passed among one or more Freedom servers before being inserted onto the
internet at a distant location. The system used means that no one, including
Zero Knowledge itself and the ISPs you use, knows what messages are being
sent or who is sending them.
For those less worried about intelligence agencies but infuriated by the
privacy-destroying habits of some websites and internet companies, the
American-based Junkbusters group offers an excellent free tool which stops
unwarranted data collection and also limits the time-wasting effects of
downloading of advertising material.
Systems like Carnivore and the black boxes, which MI5 and the police want to
install soon in British ISPs, are based on internet technologies used every
day by network managers and trouble-shooters.
Packet sniffers utilise the fact that all the traffic being handled by an ISP
will travel on one or more very high-speed data links. These typically handle
hundreds or even thousands of megabits of data every second.
Everyone's data travels on these shared links, in the form of datagrams, or
packets of data. Each packet contains details of the sender and the intended
destination of the data packet. In principle, this information can be used to
select only the data being sent to or received by the target of a government
approved warrant.
But the ISP has no way of knowing how much data is being extracted from their
clients' private messages. It all depends on how the software is programmed,
and this is kept secret.
One program used by the FBI to tap email is Etherpeek, which can be
programmed to select any type of data from an internet data stream. Its
manufacturers say it can "capture all conversations on a network segment,
much like a tele phone tap". It costs less than $1,000 to buy and may be the
proprietary software used for Carnivore.
Another commercial packet sniffer modified for internet surveillance is
WireSpeed, which can analyse more than 300 different network types. The
WireSpeed analyser, developed by a US corporation, Radcom, was recommended
for use in a recent Home Office report, which noted that it was "a major
component of another country' s interception solution - it would enable the
user to view the content portion(s) of electronic messages".
Industry and civil liberties critics in Britain and the US say that
packet-sniffing technology is so powerful and undetectable, that it poses a
threat to civil liberties and privacy that could not have existedpreviously.
As even the ISP to whose equipment it is connected will not know what it is
doing, there can be no means of verifying that surveillance is being limited
to what is legally allowed.
Links
Freedom internet privacy protection system
www.zeroknowledge.com
Junkbuster
www.junkbusters.com/ht/en/ijb.html
WireSpeed Internet Analyser
www.radcom-inc.com/products/wire-spec.htm
Etherpeek packet sniffer
www.aggroup.com/products/etherpeek
• Duncan Campbell is a freelance investigative journalist and not the
Guardian's Los Angeles correspondent of the same name.
Guardian Unlimited © Guardian Newspapers Limited 2000
-----
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
All My Relations.
Omnia Bona Bonis,
Adieu, Adios, Aloha.
Amen.
Roads End
<A HREF="http://www.ctrl.org/">www.ctrl.org</A>
DECLARATION & DISCLAIMER
==========
CTRL is a discussion & informational exchange list. Proselytizing propagandic
screeds are unwelcomed. Substance—not soap-boxing—please! These are
sordid matters and 'conspiracy theory'—with its many half-truths, mis-
directions and outright frauds—is used politically by different groups with
major and minor effects spread throughout the spectrum of time and thought.
That being said, CTRLgives no endorsement to the validity of posts, and
always suggests to readers; be wary of what you read. CTRL gives no
credence to Holocaust denial and nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://peach.ease.lsoft.com/archives/ctrl.html
<A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of
[EMAIL PROTECTED]</A>
http:[EMAIL PROTECTED]/
<A HREF="http:[EMAIL PROTECTED]/">ctrl</A>
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
