According to the ZDNet newswire, this approach effectively monitors the online activities of thousands of internet users at a time into massive databases, which can then be queried for names, e-mail addresses or keywords.
The Carnivore system - aka DCS-1000 - is a Windows-driven customisable packet sniffing platform that was first deployed in the field by the FBI back in 1997 and was very successful. The system was reportedly augmented by another system, an enhanced version of NarusInsight, in 2005, Infosecurity notes.
`NarusInsight-plus’, it seems, is also getting pensioned off in favour of what some experts call the `vacuum cleaner' approach.
In fact, says ZDNet, the vacuum cleaner system is deployed "when police have obtained a court order and an ISP cannot isolate the particular person or IP address because of technical constraints."
That kind of full-pipe surveillance, notes the newswire, can record all internet traffic, including web browsing and/or all email messages flowing through the network.
Interestingly, the newswire claims the vacuum cleaner approach was revealed at a search & seizure stream at the Digital Age conference held at Stanford University earlier this month.
After investigating the revelation in some depth, ZDNet's Declan McCullagh found that the vacuum cleaner approach to IP monitoring may be quite widespread, and is something that has been given the thumbs down by Kevin Bankston, a staff attorney at the Electronic Frontier Foundation.
"What they're doing is intercepting everyone and then choosing their targets", he told McCullagh.
Bankston disagrees that the FBI has the rights to employ its vacuum cleaner surveillance approach, arguing that the agency is "collecting and apparently storing indefinitely the communications of thousands - if not hundreds of thousands - of innocent Americans in violation of the Wiretap Act and the 4th Amendment to the Constitution."
Infosecurity understands that several UK law enforcement agencies have deployed variations of the DCS-1000 platform when they have obtained the appropriate court orders.
Unfortunately, since the UK agencies do not operate in the same open manner as their colleagues in the US, it is unlikely that internet users on this side of the Atlantic will discover whether - or not - they are being surveilled by a similar post-NarusInsight-plus system.
21 May 2011
Perhaps it would help if, when online, we did some irrational searches, say, for boat tours in Iraq, how to move things with psychic-kinetic energy, hotel rates in some obscure village in some obscure country....
Note: The majority of comments posted are created by members of the
public. The views expressed are theirs and unless specifically stated are not those
Elsevier Ltd. We are not responsible for any content posted by members of the public
or content of any third party sites that are accessible through this site. Any links
to third party websites from this website do not amount to any endorsement of that
site by the Elsevier Ltd and any use of that site by you is at your own risk. For
further information, please refer to our Terms & Conditions.
Comment on this article
You must be registered and logged in to leave a comment
about this article.