Thursday, November 29, 2001

Flashback - Carnivore.

This article from Wired News came out the day after the September 11th attack, and details the FBI's efforts to place monitoring hardware in the central offices of most major ISPs. It further quotes a technician, who tells us they planned to place high-performance versions in all the Tier-1 backbone sites. In other words, ever since shortly after the Twin Towers fell, your email and more has been monitored.

You may feel this is of minimal concern; that the FBI is not allowed to monitor your communications without a warrant, so you couldn't possibly be investigated or charged based on a misinterpreted communication, or on the basis of your web-browsing habits. Unfortunately, this just isn't so. The police don't need a warrant to monitor your actions on the net.

The reason is that no warrant is necessary if the person being monitored does not have any expectation of privacy. It is analogous to having a loud conversation in a crowded restaurant; anyone could overhear what you are saying, and a law-enforcement officer who is having a cup of coffee three tables away could take down your words and use them against you, if he wished to.

An email message bounces between dozens of servers and routers before it reaches your machine; the same is true of the address of any web page you browse. The operator of any one of those machines could listen in on your messages or browsing habits if he wished (and I strongly suspect many of them do). Most people who know this simply grit their teeth and use email anyway, as its convenience, and the lack of a good alternative, outweigh the odds of some Little Brother misusing your information.

Unfortunately, the Federal Government has the resources to parse through the heavy volume of routine communications looking for things they find interesting. And they have the power to SERIOUSLY misuse information they come across. Anything you put in email could be used against you, should they ever decide you were a Bad Man.

And the only solution -- to keep both Big Brother and Little Brother out of our net -- will be to ROUTINELY use encryption to mask our habits.

No comments: