Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Technology

Network Associates Buys "Better Carnivore" 243

ShaunC writes "CNet is reporting that Network Associates has just purchased a software company called Traxess, whose main product - DragNet - supposedly makes Carnivore look like a toy. DragNet is capable of monitoring everything from email to web, FTP sessions to IMs, even print jobs and VOIP conversations; sorting the protocols and logging it all to disk at gigabit speeds. One NAI exec envisions "the government using it to investigate employees and hackers." NAI has also issued a press release about DragNet."
This discussion has been archived. No new comments can be posted.

Network Associates Buys "Better Carnivore"

Comments Filter:
  • by FortKnox ( 169099 ) on Tuesday August 27, 2002 @10:53AM (#4148951) Homepage Journal
    I am no longer filtering spam. I'll make those suckers wish they didn't monitor my email!!
    • Actually this got me to think about the huge amount of spam they must filter before getting to the really crunchy bits... So I guess there's a bright side to the spam too.
    • Unless it automatically associates the spam with you...

      In this case, they've profiled you as having an odd fetish for watersports and interspecies mating, as well as having an undersized libedo among various other email discernable details.

      Suddenly the police show up at your door with a search warrant for unlawful pornography... and your boss demotes you for similar reasons...
    • Re:Haha, suckers! (Score:2, Interesting)

      by Anonymous Coward
      Maybe under the old rules.. but in this brave new world here in the year 2010, if you don't filter your spam, you are presumed to have accepted it and you are responsible for the content it contains. George W's successors implemented this strategy to cut down terrorism-- people who receive appeals to donate to terrorist organizations (as defined under section 8.3.23 of the SAFTA, the Save America From Terrorists Act), correlate highly with those who fund terrorism.

      - Marty
  • Neat. (Score:3, Insightful)

    by Wakko Warner ( 324 ) on Tuesday August 27, 2002 @10:54AM (#4148960) Homepage Journal
    I will continue not caring as I use my SSH sessions with impunity.

    - A.P.
    • My thoughts exactly. SSH is here for a reason.
    • Eventually there's probably going to be a few high-profile break-ins or espionage. VPNs and/or SSH tunneling will become mandatory, and all this monitoring crap that takes advantage of remnants of the kinder, gentler computing world 20 years ago is going to be dead in the water.
    • Ha! Like SSH isn't vulnerable to man-in-the-middle attacks. (as is SSL).

      Sure, it's better than nothing, but Dug Song's work on Dsniff [monkey.org] (and the resulting controversy [oreilly.com]) clearly revealed that SSH is not a panacea to sniffing and/or session hijacking. In fact, with a compromised network host doing ARP spoofing it's probably nowhere near as secure as you think, especially if the clients and servers aren't set up with appropriate configurations. (i.e. only allow SSH2, don't allow log in as root, perhaps even use skey if necessary, etc.

      Also, if you use Windows, don't let WinSCP save your password in the registry. (as it tends to want to do so by default). WinSCP (and perhaps PuTTY?) also saves copies (unencrypted!) of any files you transfer in plain sight, right in your Windows temp folder! argh!)

      I'm not saying it's futile - SSH is a good step in the right direction, obviously miles ahead of Telnet or FTP, but it's not the cure-all some people seem to think it is. So, you might want to think twice about how "secure" your little SSH session is before bragging about it on /.

      Otherwise, you're just drawing attention to yourself. (shh! the feds might hear us. ;-)

      • SSH is only as insecure as the user is stupid, at least with respect to MITM. The only way to do MITM is to get the client to accept a bogus host key, and no one who has any clue what they're doing would do that. And yes, there are plenty of ways to get a host key onto a client machine without relying on an unsecured network connection; think floppies, dead trees, etc.

        Of course, as another poster commented, securing the connection itself won't help you if you're connecting to competitor.com from your work machine--but if you're doing that you've got moral problems anyway and deserve to be screwed.

  • All they need to do is set slashdot.org to 0.0.0.0 in the hosts file and productivity will go up 500%!
  • by StupidKatz ( 467476 ) on Tuesday August 27, 2002 @10:57AM (#4148977)
    Encrypt your traffic!

    They might see that it is SMTP traffic, but they can't see what you wrote. They might see it's web traffic, but they can't see exactly what it is. They might see an ssh session, but they can't sniff your root password. (Thanks to sftp, they can't grab your password there, either!)

    Since some protocol headers can't very well be encrypted, there's no good reason to try running services on alternate ports; maybe now I can finally get my friends to install PGP (or similar) on their machines.
    • Perhaps we should get cracking on an encrypted proxy that is peer to peer now...

      Filtering traffic that is encrypted is like getting a haystack full of needles of which only one or two are sharp ;-)

      Software such as Peekabooty would be efficient at getting just http secure, or PGP is great for email but encryping all packets and hiding your ips would be the comprehensive privacy solution to the problem of an all knowing sniffer.
    • The problem with encrypting HTTP is that SSL requires one IP address for every VirtualHost. If we suddenly turned off HTTP on all of our VirtualHosts (something I am in favour of) then we would reallize we ran out of IPs. The solution simply is to switch to IPv6, like now.
    • Since back in the day...

      Never write an email that you would mind the world reading. An old addage that holds true...

      My accountant actually asked me to email him my figures for the year.... Umm no
      • My accountant actually asked me to email him my figures for the year.... Umm no

        Make this sound like your accountant should care about this issue. First of all, theoretically someone could spy on your e-mail, but in practice the odds are just about zero. Second of all, unless your circumstances are unique in some way (doubtful), your accounting figures just don't matter very much. Who the hell cares if someone saw them or not. Hey! Someone might hijack the courier that's carrying your accounting figures to your accountant! Better have them transported in an armored car.

        I guess this is just what somewhat annoys me about all this. People for whatever reason feel the need to inflate their own importance.

    • by drdink ( 77 ) <smkelly+slashdot@zombie.org> on Tuesday August 27, 2002 @11:32AM (#4149299) Homepage
      Actually, I'd use IPSec. When you use IPSec, even the destination port is part of the encrypted payload. They wouldn't be able to tell what kind of traffic it was, just where it was headed.
    • by pesc ( 147035 ) on Tuesday August 27, 2002 @11:41AM (#4149365)
      Sorry, but encryption really does not solve the problem. It helps (a teeny weeny bit), but if you think you are safe just because you use encryption, think again.

      They might see that it is SMTP traffic, but they can't see what you wrote

      Yes, they can see that you are mailing newjobs@careerpath.com, sales@cybersex.com and tipping off anonymoustips@big.newspaper.com, but they can't see what you actually wrote.

      They might see it's web traffic, but they can't see exactly what it is
      They can see that you frequent www.goatse.cx, but they can't see what you saw. They may have to go there themselves...

      They might see an ssh session, but they can't sniff your root password
      They can see that you ssh to our.competitor.com and eevil.haxors.md, but can't see what you are doing. Time to target some other surveillance techniques on you!

      Yeah, you are leaving them completely in the dark by using super-duper cant-ever-crack-this 128-bit encryption...
      • As the public need increaces, the number of annonimizers will also increace. As it stands now, anyone (almost) with a DSL/Cable connection can set up a system to keep them completely annonymous.

        I think there is even a howto. Firewall peircing howto or something like that. Set up ssl on the remote box, ssh into it, and surf from there. All the sniffer sees is a really long session to www.yourstupidsoftwareiscrap.net.
    • Encrypt your traffic!
      Yes, indeed. The best way to do this right now is to support the FreeS/WAN project [freeswan.org]. Install and test. Enable opportunistic encryption and make sure it works.
    • Today i read Slashdot and suddenly feel that maybe the time is ripe for PGP for just plain old email's... when just yesterday i read a article [satirewire.com] asking me not to do that ;)
  • by Anonymous Coward
    I am the only one who read "better carnivore" as "sharks with lasers"?
  • If you thought the idea behind carnivore was bad.... wow. Where do theses people live? Must be under a rock... they obviously don't remember the backlash there was against carnivore... now they're making an announcement about it?! how smart is that...

    Of course Carnivore was pre-9/11 and I'm sure they'll spin this off as "Counter-Terrorism".

    Its funny, every time I hear "War on Terrorism" or "to help counter-terrorism" I cringe because thats probably one more civil liberty being dragged off into some room to be beaten and interrogated...

    but thats just my 2 cents on it.
    • It looks to me like they're going to market it as a tool for extra paranoid sysadmins. On one hand, I think it would be cool to be able to easily reconstruct common types of traffic on my own network. (Think Cuckoo's Egg reborn!)

      Of course, it would be foolish to think that Carnivore won't ever be replaced with something new and "better."

      Sigh.
    • FYI - There are no such things as civil liberties. The U.S. Constitution never mentions them. The ACLU, for example, believes in only the ones they think we should have and makes up some that could not otherwise exist. Statists like to call them that so that they can be taken away or sold - after all, they only exist through civil (government) fiat.

      There are only human rights. When people tread on them they are acting less than human. They are undeniable, inalienable, and exist regardless of your race, citizenship, or religion. The U.S. Constitution is the only one that recognizes this and which does not claim to grant such rights. Alas, it's been long since abandoned and now we are reduced to discussing "civil rights".

      When you lose the language, you lose the ability to defend the things it used to represent. Stop using the language of the enemy and insist that they recognize and respect your human rights and individual liberties. Live up to your personal responsibilities.
  • it's a company we can all trust.
  • ...to utterly fill up disks like mad. I can just imagine some poor sap rotting in jail or on bail, while investigators pore over everything coming and going and waiting for his "speedy" trial.

    "Eureka! We've got the evidence we need to convict! Too bad he died of old age a couple years ago..."

  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Tuesday August 27, 2002 @11:00AM (#4149011)
    Comment removed based on user account deletion
    • Re:IPSEC (Score:1, Funny)

      by Viol8 ( 599362 )
      Yeah , and as we all know , windows is sooo well written there'll never be another backdoor they could use to get hold of your stuff , oh no , won't ever happen , never...
    • Re "Junk company" -- well, here's the comment in the article that disturbed me the most:

      "After acquiring more than 40 companies from 1994 to 1998, Network Associates took a break to restore profitability and integrate its new additions. The Traxess deal is Network Associates' first buyout in four years."

      That's 40 companies, and gods know how many products, that for the most part vanished off the landscape. Why compete with another product when you can buy it out and kill it? And remember, NAI/McAfee's antivirus is the one that requires every sort of Windows scripting vulnerability be enabled to do auto-updates (and yes, I know what McAfee said about creating a market for antivirus products). Makes me feel just SO confident in whatever they might do with a sniffer-type product. [/cynic]

      So where does one find this IPSEC?

  • Don't you just love network spyware for corporations? It's fitting for Network Solutions, though:

    Network Solutions: The Dot Commie People [userfriendly.org]
  • by DeadSea ( 69598 )
    I hope that if they put that much effort into it, it can act as man-in-the-middle for all your ssh traffic.
    • OpenSSH, at least, will warn you if the host key changes, so you're immune to MITM attacks if you listen to the warnings. (This assumes you've ssh'd into the machine before.)
  • I guess it is a little more clear now why they shelved PGP.

    Can't have everybody getting around our spiffy new spyware now, can we?

    At least somebody finally bought it.

  • Well there is one positive thing to this story, the fact that a private sector company got a hold of this software before the govt. did.
    At this in this case, NA will be somewhat hesitant to allow the government to use this technology (the FBI could even turn it against NA!) to invade the privacy of citizens, whereas as we saw with Carnivore, the FBI pretty much gave us the answer "we have this technology and we are going to use it, too bad!"

    • hesitant? maybe until they buy a license...
    • NA is not hesitant, it just has not finished testing and has not had time to get in touch with the police yet...but they plan to.

      You would know this if you had READ THE ARTICLE.
    • Well there is one positive thing to this story, the fact that a private sector company got a hold of this software before the govt. did. At this in this case, NA will be somewhat hesitant to allow the government to use this technology

      Um, do you really think if the government flashed enough money at NA, they wouldn't sell it in a heartbeat? This is a corporation we're talking about here. Wish I didn't have to be so cynical, but I have this gut feeling the next press release will be how NA signed a multimillion deal with the NSA/FBI for this new product.

      The problem with new technology is that people marvel at what they can do so much that they don't stopt to think whether it should be done or not (thank you Jurassic Park for that one). Yeah, this system may have wonderful uses, but it's got much more capacity for abuse by both the private sector and the government. "Oh look, you're sending encrypted data? You must be a terrorist...let's drag you in for questioning and take all your equipment while we're at it. It may take us a few years to clear your name, but it's all in the name of national security" :(

    • I don't know... there are a lot more laws limiting what the FBI can do with technology like than there are limiting what a private company can do with technology like that. Not to mention, there's absolutely no information about me that the FBI would find useful in the least; there's tons of information corporations might like to have. Of course, the reality is, this won't change my use of the Internet in the least, but it's food for thought.
    • Oh god, who slipped the libertarian-drug into your coffee this morning?

      [sarcasm]Yeah, I'd much rather a private company have ahold of this. I defiantely support the use of this product as a means of spying in order to profit (why else would a company use it?) rather than using it for spying on citizens to enforce national security.[/sarcasm]

      Here's a newsflash: If this thing came through your door, rippied out your internal organs, and spat on them, a private company would still sell to the highest bidder. At least the government is only interested in the supposed security of its citizens (ignoring for the moment that their attempts may be misguided) .. NA would give this power to *anyone*, *without* the onus of being public regarding its use like your government must be.

      Why retards^H^H^H^H^H^H^Hpeople like you would rather place a gun in a hands of a group that needn't be transparent and accoutable regarding its use is abolutely beyond me. The market is big enough to support 'evil' consumers that would use this software in a way you wouldn't approve of, and to boot, wouldn't even have to tell you. Your government doesn't have that priviledge nearly to the extent that private corperations have, and still people shit on them for some stupid reason.
  • excellent (Score:4, Funny)

    by tps12 ( 105590 ) on Tuesday August 27, 2002 @11:05AM (#4149050) Homepage Journal
    Wow, this technology sounds incredible. Anyone who's run a packet sniffer on even a smallish office LAN (for debugging network problems, I swear! :) knows that it's nearly impossible to keep all of the different ports, protocols, and IP addresses straight.

    It'll be great to see what law enforcement can do with this. I imagine if we'd had this kind of tech in place a year ago, we might have averted 9/11 altogether, so maybe this will help ensure it never happens again. Imagine the power: wondering if Tom R. O'Layman is funnelling money to the IRA? Just click a button and check out his emails, phone calls, and web history. It looks like we're headed toward a new era of public safety.
    • I imagine if we'd had this kind of tech in place a year ago, we might have averted 9/11 altogether,
      Wishful thinking. From all credible accounts, terrorist organizations like al-Queda rely primarily (almost exclusively) on human couriers to transmit secret operational information. For the most part, these people are HIGHLY trusted insiders, often blood relatives of the leaders. This is why it's almost imposible to infiltrate these groups - in order to get into a position of trust, you pretty much have to be born into it. Terrorist organizations that don't follow this pattern are pretty hard to find: most of them have been eliminated.
      Also, remember that these people were trained in operational secrecy and tradecraft by people who learned from the KGB (and probably the CIA, as well). They know all too well the capabilities of the intelligence organizations that work against them. Combine this with their outright loathing of anything Western, and you can see why they put little to no faith in technological solutions.

    • For the sarcasm-challenged, the parent is joking.

      For those who modded the parent underrated without modding it funny, wake up.

      Having all of Muhamed Atta's emails probably would not have prevented 9/11. Sadly, there will be another 9/11 eventually. Many terrorists are not stupid. Cells work independantly and may not have much communication at all. Terrorist agents may in many respects remain "sleepers" by staying out of contact while carying out acts of terror. Once the pilots were trained, killing off all of Al Qaeda except for the 19 hijackers would probably not have prevented 9/11. Killing any one or two of the 19 except Atta probably would not have prevented 9/11. Terrorist networks have evolved into fault-tollerant distributed systems.

      Trying to shut down a well-run terrorist network is more difficult than shutting down Freenet.

  • Pr()n Net (Score:3, Funny)

    by GibsonSundman ( 599726 ) on Tuesday August 27, 2002 @11:05AM (#4149051)
    So, the govt and nai will then be opening the worlds largest pr()n sites from the stored cache?
  • If joe user would wake up and learn to encrypt his email (GnuPG [gnupg.org]). Alas, I have ranted about that to many times. No one listens.
    • Well for the most part joe public doesn't care .... Hell I don't care if the FBI finds out my master plan for friday night (get shit faced and hopefully laid).

      If you feel that your email is important enough to encrypt good for you .... some of us dont need it.
    • It's not that hard (at all) to install Eudora Light and PGP for Windows (since that's what all my non-techie friends use). Urging them to use a different email proggie and/or browser should be simple if they get bitten by "drive-by downloads" that randomly spawn porn windows; that's how I got my folks to use Eudora and Mozilla. :) However, PGP has Outlook Epress plugins, so it will work even if they refuse to use a different email client.

      Encryption does not have to be a major pain to deal with, either. Frankly, the secret key DOES NOT need a passphrase to decrypt a message. I've set my folks up with a strong private key with no passphrase so they just open the message to read it as normal. (To encrypt, it's just another button.) Yes, I know this means that I shouldn't ultimately trust that a signed message is from them, but the whole point of encryption, in this case, is to "put your letter in an envelope"; to make it harder to arbitrarily read.
      This solution does that nicely.
  • GollumSoft (Score:5, Funny)

    by pete-classic ( 75983 ) <hutnick@gmail.com> on Tuesday August 27, 2002 @11:09AM (#4149090) Homepage Journal
    Traxess, formerly known a GollumSoft.

    We traxess it, doesn't we, precious. Yesss, we traxess and logsess all its nasssty little emailsess.


    -Peter
  • it can't see (Score:2, Insightful)

    by Apreche ( 239272 )
    the whole internet. While it's obviously no good that something like this exists, I'm not too worried. Sure RIT (the college I'm at) could install one of these systems and see what I do, but there is no way that anyone can watch the whole internet. And as other have said, encryption is nice. VNC is encrypted too.
    • VNC passwords aren't encrypted. Tunnel it through ssh.

      RIT doesn't need to run this, the students are already reading your email. Just go sit in the library or sau cafeteria, pull a roaming IP, and sniff dce passwords on port 143. (Why does one of the most wired colleges in the country not have ssl for imap?!). Then register the sucker for 8am basket weaving. Or drop all his classes.
  • I hope it has fun monitoring my SSHv2 connections. Traffic analysis is fine with me. Eavesdropping on plaintext conversations is not.

    Everyone should use good encryption! The EFF should start a fund to develop easy to use encryption infrastructure for the masses.

    Needed:

    FTP clients that transparently use SFTP whenever possible, and warn the user when their session is unencrypted.

    Seamless plugins to mozilla-mail and other popular standalone and web-based email clients to allow for easy key-exchange, signing, and encryption. Ideally the email client would automatically encrypt whenever it had the recipient's public key, and there was an automated mechanism to retrieve that key via an email attachment. Likewise, the client would automatically sent out attachments with your public key to all your recipients along with your normal email so others could use them.

    Encrypted IM. Jabber, please save us. IM clients should be written to prefer jabber servers over "all your conversation are belong to us" style servers such as AIM and MSM.

    FreeNet. Take however long it is necessary to do the right thing. Just don't give up. We need you.
    • Is there any plugins that can browse freenet from explorer or mozilla? For example to be able to get
      freenet://topic
      ?
    • Make everything encrypted and make it easy to use.

      If it is really easy to use, it will likely be insecure anyway.

      It is safer to have people know it is insecure and act as such, then to operate under a false sense of security because they use N-bit encryption.
    • If you want encrypted IM for over a standard network, you can always give Miranda [sourceforge.net] a shot. Setting up the GNU PG plugin with it can take a little bit of work, but it's possible.

      I agree with you, though; something as simple as this should be included right out of the box with every chat client.
  • ...What's the big deal? Seriously?

    a.) It's a computer sniffing the traffic. No big deal. I prefer a computer getting nauseated by my lovenotes to my gf than a human.

    b.) Who's been busted by it? I mean if I saw a story saying somebody was improperly jailed over it, then yeah I'd be all over getting it removed.

    c.) Who didn't expect this after 9-11? What I think will happen is they'll sift through the data and realize "there's nothing we can do to use this to stop another attack." However, if everybody stars PGP'ing everything, then they won't stop until they've got the technology to break encyrption. The good news is that it might aceellerate development of a quantum computer, but once that's done you're hosed.

    d.) Despite what scifi movies tell us, the Gov't can't really use this to control anybody. What resources do they have to use this for blackmail? "Heh, you think my wife's going to believe I had cybersex with a 13 year old? HAHAHAH!" It's not like the United States is hiding a Clone Army ready to swoop down and restore order.

    e.) You're not being very smart if you're putting sensitive info on the net to begin with. Never mind the Gov't, somebody could be watching everything you do right now. It might be your employer, it might be a curious trainee at your ISP, it could be somebody playing with one of the servers routing your data. If info you are transmitting around the net is so sensitive you don't want the gov't anyway, you'd best be encrypting it anyway instead of acting surprised. Security on the internet is a pipe-dream. It wasn't built that way. Heck, this post is going to go through 19 different computers before it gets to the Slashdot server. You guys are worried about carnivore variants? You guys should be worried that you can't attain privacy on the internet PERIOD.

    So maybe I'm being naieve, but I don't see it is a huge stinking threat that wasn't already there. It's certainly not going to change my privacy habits.
  • The technology itself is fine, and potentially beneficial, if properly and very narrowly used. It could accomplish a lot of good. But any good it could accomplish would be obliterated by the vast rights violations that would take place if it was mis-used.

    In other words, this technology should be controlled by courts, which would grant access to government agencies to use it (i.e., by giving a temporary pass for limited purposes) for very specific and targetted purposes, when warranted by probable cause or reasonable suspicion.

    But if we fear this kind of technology and want to outlaw it off-hand, declaring the technology evil, then we're no better than the RIAA/MPAA, who want to ban technologies (DVD-R(W), DVD-RAM, CD-RW, CD-R, P2P, etc) simply because they *can* be used for illegal purposes.
  • I am not even sure how I feel about "advances" such as this. On the one hand I am glad that things are moving in a direction so that criminals can be caught quicker (or even before the act) but at what cost? I don't plan on ever commiting any sort of crime that would make me the target of such a system, however I would hate to be the victim of a misunderstanding or data glitch. It seems to me that the ability to gather information in this way needs to be tempered and balanced in some way with expanded rights to protection and defense or else its one sidedness will bring more damage to our society than the persons and acts it is designed to defend us against.
    • criminals can be caught quicker (or even before the act)

      That is scary. Get them before they do anything illegal. People are scared and jumpy, they want something to happen, but arresting people before they commit a crime is wrong.

      It is already illegal to plan a crime, now we're going to bust people for "maybe thinking about planning a crime". This is nuts.

    • Re:Torn (Score:3, Insightful)

      by SirSlud ( 67381 )
      > glad that things are moving in a direction so that criminals can be caught quicker (or even before the act)

      Have you ever heard of the cliff metaphor when discussing technology as solutions to problems?

      This town had a cliff. Kids kept falling off the cliff, so they put an ambulance and a few nurses at the bottom. So, people got less careful around the cliff, and more folks fell off. So they added more ambulances and more medical staff. A small group of people in the town wanted to put some signs up at the top of the cliff saying, "Do not approach the cliff. In doing so, you are at your own risk," and conducting some classes around the town on how the cliff is not to be triffled with. But they were ignored. More ambulances, more nurses, more technology were added. Soon, everybody in the town was falling off the cliff. Nobody could act in a responsible manner, since the technological barriers were in place to prevent real-world (tm) tragedy.

      This is the real problem. In placing all our eggs in the technology basket, we might be better at catching criminals, but we're doing very little to try and resolve the problem of why people are criminals in the first place. If you ask me which is the smarter society, the one that treats the symptoms, or the one thay tolerates symptoms to deal with cause of the problem, I'll take the society that can exercise tolerance and sacrifice for the overall good of the future. Unfortunately, the cliff story above is particularly blasphemous to the lifeblood of the american economy, the entrepeneur, although it would be music to the ears of all the folks getting BA's in psychology and sociology. Think about it .. placing more emphasis on the analysis of why people do these things could save millions of BA grads from Starbucks and Footlocker jobs, and prevent the american economy from becoming 100% service/retail/maintenance based in the future.
      • When you said technological solutions, I thought there would be a fence somewhere in this story...
  • Data collection is useful only if you can analyze the data. There's no way with millions/billions of records stored this product will manage to expose that information in a useful way.

    Unless, that is, they couple it with a high-speed database such as the addamark log management system [addamark.com], a high-compression Linux/SQL/Perl query engine.

    • Databases with millions or billions of records can be processed and analyzed easily. Computing power is cheap these days. You think if the government bought the software they'd stick it on a couple P200's in a closet somewhere?
  • by WolfWithoutAClause ( 162946 ) on Tuesday August 27, 2002 @11:22AM (#4149213) Homepage
    Check out their slogan on their homepage:

    "Your network. Our business."

    My motto is:

    "My network. None of your business." but I guess that is where they and I have a parting of the ways... ;-)

  • It's a million-to-one chance ... But it might just work!

    We need to kill this YRO-infringing monster by getting the people who own the rights to the DragNet TV series to sue these guys' asses off :-)

    Fire with fire.

  • I don't know about the rest of you, but when I hear the words "Drag" and "Net" together [imdb.com], all I can imagine is Dan Akroyd as Det. Joe Friday doing the Can Can in Goatskin trousers..

  • Comment removed based on user account deletion
  • it was:

    cxzncf fdsajffirtur9340 saaafaa))P)Pf djfkjccn,fggrr irifk sdafjogjfklgurejg isafhsiohgosfu hfhgjpiogurio[a t589dfsmsapppyQ!3 hgvwerut90307948yt89ryudpojps [k]aitw90ug sup'hk

    They admitted though they were stumped about what it said.
  • This already exists! (Score:5, Interesting)

    by XaV_K ( 587510 ) on Tuesday August 27, 2002 @11:51AM (#4149463)
    Whilst this story may grab the headlines, an application that has very similar functionality already exists and can be purchased today. I have a friend who works for Silent Runner ( http://www.silentrunner.com/ ) and believe me, this is already selling well to top corporates and governments / police forces here in Europe. Created by Raytheon, who work closely with US Government on many levels (NSA, CIA, Military - they make the software for the Patrior missile etc), Silent Runner is the one to look out for today. This announcement by NAI is them attempting to play catch up in the market. Their product is not yet ready to sell (ie you can't buy it today), whilst SR are quietly installing themselves in many large organisations. Big brother is already here!
    • There's also NetIntercept from Sandstorm (http://www.sandstorm.net/) which is available and deployed at a number of US sites (and has been advertized on slashdot, for that matter).
  • by account_deleted ( 4530225 ) on Tuesday August 27, 2002 @12:06PM (#4149639)
    Comment removed based on user account deletion
  • Okay, you have massive amounts of this raw data. I have always thought the problem isn't the collection of the data but rather the mining of the data. Am I wrong? and I didn't see anything beyond the data collection in the article.
  • by FuriousJester ( 7941 ) on Tuesday August 27, 2002 @12:54PM (#4150189) Homepage
    Except NetIntercept [sandstorm.net] is available now, and DragNet is avaialable in 2003 [internet.com]. Oh, and NetIntercept comes with SSH2 decryption by default. (It involves compromising one half of the connection.) And NetIntercept is silent on the monitored wire, making it difficult to detect or tamper with.

    There is also Raytheon's SilentRunner and Niksun's NetDetector. But while the privacy wonks are running scared, they are missing the essential usefulness of these tools. It's for forensics - something goes wrong, you can go back and see what it was. I can't comment for the other tools, but NetIntercept makes digging 500,000+ connections from 2 weeks ago easy.

    Yes, I work for Sandstorm. Our motto, "Tools with Sharp Edges". Its a fun company.

  • What software did carnivore use before? I have always assumed it was a hacked up version of Convera's (formerly Excalibur's) RetrievalWare product.

    I took a couple of classes at their HQ (near Washington DC of all places), and there were a lot of big government acronyms in the room taking the class with me. If you know the RetrievalWare product, you'll know that it has a lot of features which are perfect for wading through very large amounts of data, with minimal false positives.

    RetrievalWare also does conceptual searching (very complex thesaurus) and OCR searching (works well for misspellings and l33t sp33k too), and all can be run through filters that continuiously scan a stream of data... weighs the results, and alerts the user to matching hits above the result threshold.

    I've always assumed it was RWare they were using, does anyone know if this is true? =)

  • by moc.tfosorcimgllib ( 602636 ) on Tuesday August 27, 2002 @01:03PM (#4150270) Journal
    Collecting the data now doesn't bother me. What bothers me is when I look for a new job 20 years from now, only to have my potential employer pull out a breifcase that holds EVERYTHING I've done on the internet since 2002 (Including all encrypted stuff, I'll bet brute force methods are a lot easier with faster computers).
    But for me, that isn't a big deal, I'm already an adult. What happens for my kids, where they have their entire lives scrutinized before being given a job? What happens if they get in some trouble and are put in juvenile detention, but then they clean up their act? Will that be a permanent black marker on their file for the rest of their life?
    What if they have controversial ideas or views?
    This isn't about data mining for the present, when you are a sheep in the herd, no one will notice you. When people look at you as an individual, they will know everything about you, personal history and otherwise, that is what this is about.
    Have you ever run a google search on someone? Imagine the results coming up with everything that person has done on the web, and being able to make sure it IS the person you wanted to look for.
  • To think the entire thing is rendered useless by my wide use of ssl, ssh and Freenet.

    But alas, maybe they'll catch a lot of really careless people.

Real programmers don't bring brown-bag lunches. If the vending machine doesn't sell it, they don't eat it. Vending machines don't sell quiche.

Working...