The technology behind FBI's 'Carnivore'

The law enforcement agency's secret box for sniffing emails may run on Windows NT - but details are still a mystery
Written by Ben Charny, Contributor

The FBI's email snooping "Carnivore" -- now the centre of a fierce debate over privacy -- began life on a store shelf. What would later become an email monitoring system rankling civil libertarians and Internet service providers had rather humble beginnings as a commercially available email sniffing program, FBI officials said Tuesday. FBI engineers went to work on it 18 months ago, and within a year added enough bells and whistles to create a telephone tap for the 2000s -- and scandal over just how much information the program is able to cull.

For the last two weeks, the FBI has been quiet about Carnivore, which it has been using with judges' permission since March to sift through email messages that flow through some of the world's ISPs.

But it will be doing a lot more talking beginning Monday. The bureau will trot out its chief technologist, Marcus C Thomas, to brief the press about Carnivore. Hours later, Thomas and others will be on Capitol Hill, telling Congress the same facts and figures.

It's unlikely many of the system's secrets will be made public, as the FBI tries to balance its secret program with an effort to calm the public about what it's snooping on. But some details about Carnivore's inner workings are starting to come out in advance of the Monday gabfest.

An FBI spokesman confirmed today that the Carnivore program was built from an off-the-shelf sniffer program, but declined to say which one. There are at least a dozen available on the market today.

Attorney Robert Corn-Revere, who represents an ISP that at first refused to let the FBI install Carnivore, testified in March that federal marshals who first approached his client initially identified the program as AG Group's EtherPeek, one of the top-rated email sniffing programs available.

But the marshals later said they were in error, and identified the program as "Carnivore", according to the Corn-Revere testimony before Congress.

Just what engineers added in the 18 months of tweaking is still not being discussed. But it was enough to give "Carnivore a unique ability to distinguish between communications which may be lawfully intercepted and those which may not," according to an FBI spokesman.

A source knowledgeable with Carnivore said it operates off a Windows NT system, but the FBI would not confirm that.

Just what exactly it looks like is subject to debate as well. Carnivore has been described as both a two-foot black box, and the size of a metal computer cabinet.

Find out who's spying on you and how they're doing it in our exclusive Echelon News Special.

What do you think? Tell the Mailroom. And read what others have said.

Editorial standards