Declan reports in his article that Carnivore is a "windows 2000 computer". Given the insecurity of windows, with or without source sooner or later someone is going to figure out a virus which frags it. Say like the email address overflow which hit outlook recently. The payload could be disabling filters, funnelling junk to the filters, or format the disk or whatever -- windows security model makes anything possible. What kind of dumbass deploys servers using windows 2000 (even a snoopware server) anyway? On the question of whether Blaze and Bellovin testifying was productive or actually counter-productive, I suppose the counter argument is that it would seem unlikely to me that the Feds will be able to bring themselves to open source. The Feds want to retain editorial control over what the software does in secret, and spin control in being able to lie about what it does, so perhaps Blaze and Bellovin may achieve some PR when the Feds refuse to open it. But on the whole I'd think it was a hopeless cause hoping for them to open up what it's doing, and they aren't going to get any big media demands for opening it up, so that won't make them look any worse. The strongest argument is as others have been saying, that it's outrageous that they are doing it at all. Adam
