FBI sucks in complete internet pipes in latest surveillance evolution.

According to the ZDNet newswire, this approach effectively monitors the online activities of thousands of internet users at a time into massive databases, which can then be queried for names, e-mail addresses or keywords.

The Carnivore system - aka DCS-1000 - is a Windows-driven customisable packet sniffing platform that was first deployed in the field by the FBI back in 1997 and was very successful. The system was reportedly augmented by another system, an enhanced version of NarusInsight, in 2005, Infosecurity notes.

`NarusInsight-plus’, it seems, is also getting pensioned off in favour of what some experts call the `vacuum cleaner' approach.

In fact, says ZDNet, the vacuum cleaner system is deployed "when police have obtained a court order and an ISP cannot isolate the particular person or IP address because of technical constraints."

That kind of full-pipe surveillance, notes the newswire, can record all internet traffic, including web browsing and/or all email messages flowing through the network.

Interestingly, the newswire claims the vacuum cleaner approach was revealed at a search & seizure stream at the Digital Age conference held at Stanford University earlier this month.

After investigating the revelation in some depth, ZDNet's Declan McCullagh found that the vacuum cleaner approach to IP monitoring may be quite widespread, and is something that has been given the thumbs down by Kevin Bankston, a staff attorney at the Electronic Frontier Foundation.

"What they're doing is intercepting everyone and then choosing their targets", he told McCullagh.

Bankston disagrees that the FBI has the rights to employ its vacuum cleaner surveillance approach, arguing that the agency is "collecting and apparently storing indefinitely the communications of thousands - if not hundreds of thousands - of innocent Americans in violation of the Wiretap Act and the 4th Amendment to the Constitution."

Infosecurity understands that several UK law enforcement agencies have deployed variations of the DCS-1000 platform when they have obtained the appropriate court orders.

Unfortunately, since the UK agencies do not operate in the same open manner as their colleagues in the US, it is unlikely that internet users on this side of the Atlantic will discover whether - or not - they are being surveilled by a similar post-NarusInsight-plus system.

What’s Hot on Infosecurity Magazine?