lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.56.0308251254510.9288@catbert.rellim.com>
From: gem at rellim.com (Gary E. Miller)
Subject: JAP back doored

Yo Drew!

On Mon, 25 Aug 2003, Drew Copley wrote:

> > I suggest you do a google on CARNIVORE.  ISPs are required to
> > allow the FBI to jack in a CARNIVORE box to your net, so it
> > can sniff everything, on request.
> >
> > Here is a court order requiring Earthlink to install a CARNIVORE.
> > 	http://www.epic.org/privacy/carnivore/cd_cal_order.html
>
>
> Carnivore is supposed to only tap suspects, not everyone.

Yeah, until the Patriot Act.  Now all they need is the suspicion that
some terrorist may contact someone using your email address, phone number
, etc.


> Carnivore captures on the addresses and subject lines of emails, not eve
> n the content.

Not according to official FBI statements to US congress:
	http://www.fbi.gov/congress/congress00/kerr090600.htm

"In particular, it enables the FBI, in compliance with the Constitution
and the Federal electronic surveillance laws, to properly conduct both
full communications' content interceptions and pen register and trap and
trace investigations to acquire addressing information."

And regardless of how they SAY they are going to use it, there are
documented cases of others hacking those NT boxes for their own
purposes.

> You compare this to the German police forcing German developers to
> secretly trojanize German software.

Yes, I do.  This is wholesale sniffing, not the one-by-one sniffing of
JAP.  OTOH, I know the US has also forced US, Swiss and other developers
to trojanize their software.  So I only fault the Germans for followwing
in our steps.  Just another brick in the wall.


RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
	gem@...lim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ