Transcript CARNIVORE

CARNIVORE
And Other Computer Spy Programs
What is Carnivore?
Carnivore helps the FBI conduct ‘wiretaps’ on
Internet connections.
Carnivore is a computer-based system that is
designed to allow the FBI, in cooperation with an
Internet.
Service Providers (ISPs), have to comply with
court orders requiring the collection of certain
information about emails or other electronic
communications to or from a specific user targeted
in an investigation.
The “Packet Sniffer”
All Internet traffic is broken down into
bundles called "packets".
Carnivore eavesdrops on these packets
watching them go by, then saves a copy of
the packets which meet certain criteria, that
are of interest.
Carnivore Continued
Hardware is plugged directly into the
network at a central location.
It’s the electronic equivalent of listening to
everybody's phone calls to see if it’s the
phone call you should be monitoring.
The Carnivore Box
The Carnivore Box is a COTS (Commercial Off The Shelf)
Windows NT (or Windows 2000) computer system with
128-megabytes of RAM, a Pentium III, 4-18 gigabytes of
disk space, and a 2G Jaz drive where evidence is saved.
The software is written in C++.
The box has no TCP/IP protocol use (so it cannot get
hacked into).
A hardware authentication device is used to control access
to the box (preventing ISP personnel from accessing the
device without leaving visible signs of damage).
The Carnivore Box Continued
Use of a "network isolation device", which is probably a
Shomiti or NetOptics tap, this prevents the box from
transmitting even if a hacker where able to break in
somehow.
COTS "communications software“ which means possible
use of a commercial off-the-shelf application to send the
data to the FBI.
Some units are rumored to have dial-in modem ports, but it
seems that the standard procedure is to have an FBI agent
come in daily to exchange the Jaz disk for a fresh one.
Spy Hardware for the Consumer
KeyGhost - A small device that records
every keystroke typed on any PC computer
Over 500,000 keystrokes can be stored with
a STRONG 128 bit encryption in nonvolatile flash memory. (does not need
batteries to retain storage)
KeyGhost
Unlike software keystroke recorders,
KeyGhost records every keystroke
including those used to modify the BIOS
before bootup
Impossible to detect or disable using
software
Costs between 200 and 400 dollars
iOpus Starr Surveillance
Software
Software that allows the user to access
virtually everything that was done on the
computer
iOpus Highlights
Visual logging ( screenshots)
Text logging
Web Spy- Records all URL’s of visited sites
Chat Spy- Records both sides of a chat
conversation ( works with AOLIM, ICQ,
Microsoft messenger and Yahoo chat
iOpus Highlights Continued
AOL spy- Records IM conversations,
emails and other content inside AOL
Sends reports directly to email as a
password protected compressed zip file
Runs invisibly and maintenance free
Cost- $69.95