Red Meat Encryption

Decoding the FBI's Carnivore program

By Dave Kopel, director of the Independence Institute, & Tim Daneliuk  

8/23/00 12:10 p.m., National Review Online

he FBI's new Carnivore cyber-snooping device may turn out to be one of the best developments ever for Internet privacy. Carnivore is attached to the hardware of compliant Internet Service Providers (AOL says yes, while Vario refuses) and reads all Internet traffic to and from an ISP's customers which is a promise to ignore traffic which the FBI isn't supposed to read.

The outrage over Carnivore is not about Carnivore's immense computational power; that's simply a natural outcome of scientific progress. Rather, the outrage is the cavalier manner in which due process and judicial oversight are being fractured.

Although earlier Supreme Court precedents barred the police from rummaging through a person's diary or private correspondence, current legal doctrine plainly allows for a person's snail mail to be searched, pursuant to a search warrant. If snail mail searches are alright, then there should be no per seobjection to e-mail searches.

The difference between Carnivore and an ordinary mail search, however, is gigantic. If the FBI obtains a warrant to read your snail mail, an agent will examine your mail and your mail only at the post office, before the mail is delivered to you. Carnivore, though, has the ability to track every item of e-mail going to or from an ISP. It's like the FBI searching every letter to or from a local post office, based on a search warrant for one postal customer.

Of course, the FBI promises never to use Carnivore improperly, and never to read anything that it's not supposed to. Folks who will surrender their privacy based on such guarantees from the FBI which began privacy and civil-liberties abuses began under J. Edgar Hoover, abuses that have certainly not abated under the Clinton administration probably think that Charlie Brown should believe Lucy's promise not to yank the football away again.

Underlying the FBI's aggressive push for more surreptitious surveillance power (a push which was no less aggressive under the Bush administration than today) is the fact that our absurd drug laws have made police work and incarceration into growth industries. This in the face of declining violent crime rates for years. No government contractor ever had it better: The Hill will pass laws simultaneously guaranteeing that "crime" will increase and that the means to arrest those evildoers will be funded. Along the way, of course, the rest of us can expect to pick up the tab and be exposed to the risk that the technology will be brought to bear on us.

Bitter Pills
The latest round in the guaranteed employment program for the federal police is the methamphetamine bill, which the House will take up shortly. The Prison Industrial Complex is pushing for an amendment to create a five-year mandatory sentence for simple possession of the drug Ecstasy. Thus, if some informant (e.g., a drug addict being paid off by the FBI or the DEA) claims that he heard that your college-age child might use Ecstasy occasionally, then the FBI gets to turn Carnivore on you, and read every bit of your Internet traffic.

Why the federal government (as opposed to state governments) should have any law at all concerning mere drug possession (as opposed to interstate sales) is difficult to see. Nothing in the Constitution grants Congress a general police power over local crimes.

So, what will happen? The means to easily and deeply encrypt the content of e-mail already exists and is readily available in a variety of forms all the way up to Industrial Strength. An e-mail encrypted by its sender is transported over the Internet in a form that looks like cartoon cursing utterly unreadable unless you have the "key" which unlocks and decrypts the message.

To date, much of the focus in the encryption technology has been on striking a balance between ease of use and strength of encryption. (A "stronger" encryption mechanism is one which requires a larger amount of computational power to break.) Most of the commonly used encryption systems today are breakable, at least in principle, but they are sufficient. Breaking them requires an immense amount of computing power say, the resources of the National Security Agency.

While college students with a single ecstasy dose in their pockets may not be very clever about avoiding detection, actual drug dealers are. These dealers are generally well-heeled; one of the byproducts of a black market economy is large sums of untaxed money. Dealers are also not stupid. If you are a dealer who is not terribly worried about convenience, there are a number of extremely powerful encryption mechanisms available.

There is a general approach called "one time pads" which can make a message uncrackable by even the most powerful computer systems on earth. This approach was used all the way back in World War II by the Allies and the European Resistance. (See Between Silk And Cyanideby Leo Marks for a wonderful treatment of this period.)

This is also the method that the CIA reputedly uses when communicating with its intelligence officers around the world. One time pads, while clumsy to use, are not terribly complex to implement. It is well within the capability of the average home computer to create one-time-pad encryption which is essentially unbreakable.

Fiction writers have been predicting this for decades. Robert Heinlein was the first, followed by cyperpunk writers of the 1970s and '80s like Gibson and Sterling. More recently, Neal Stephenson's brilliant Cryptonomiconexplicates the exact scenario Carnivore has precipitated. Stephenson is a writer of rare talent who predicts the creation of information freeholds untouchable by any government, army, or agency.

So, Carnivore will, in all likelihood, further encourage rapid motion toward heavily encrypted data transport over the Internet. This was already well underway because of concern for corporate privacy and industrial espionage. Carnivore merely accelerates this. When the dust settles, the "bad guys" and anyone else who has a serious need to protect their data or who simply values her privacy will use encryption, thereby neutralizing the snoopy Feds.

It's ironic that the Clinton FBI's relentless assault on privacy could actually help grow the consumer market for convenient, powerful encryption. But it's no less ironic than the most lawless administration in U.S. history has the hubris to claim that trampling civil liberties even further is necessary for a lawful society.  

Share this page:

| More

 

Kopel RSS feed Click the icon to get RSS/XML updates of this website, and of Dave's blog posts.

Follow Dave on Twitter.

Search Kopel website:

Make a donation to support Dave Kopel's work in defense of constitutional rights and public safety.
Donate Now!

Nothing written here is to be construed as necessarily representing the views of the Independence Institute or as an attempt to influence any election or legislative action. Please send comments to Independence Institute, 727 East 16th Ave., Colorado 80203. Phone 303-279-6536. (email) webmngr @ i2i.org

Copyright 2014