Software Vendor Develops Carnivore Alternative

In an attempt to give Internet service providers a way to comply with court orders for monitoring e-mail without installing the U.S. Federal Bureau of Investigation's controversial Carnivore surveillance system, security software vendor Network ICE Corp. is developing an e-mail sniffing program that it said could be used as an alternative to Carnivore.

The San Mateo, Calif.-based company has released the source code for its Altivore sniffer and posted a demo of the program on its Web site. That's in stark contrast to Carnivore, which has been criticized as a "black box" system that conceals its source code from companies required to install it on their networks in order to comply with court orders.

In a statement, Network ICE said nothing can be done to prevent ISPs and other companies from complying with court orders requiring them to monitor e-mail messages in connection with criminal investigations. But Altivore "can at least reduce the intrusiveness of this legal process," the company added.

However, Robert Graham, the chief technology officer at Network ICE, acknowledged that it's still too early to tell whether Altivore will be accepted by law enforcement officials, prosecutors and judges as a bonafide alternative to Carnivore. "We need a court case where an ISP says [it] will provide the [requested] information with Altivore before the issue can be settled," Graham said.

According to Graham, Altivore was developed in response to a court case earlier this year in which Atlanta-based Internet provider EarthLink Inc. was required by a federal magistrate to install Carnivore on its network after fighting an FBI request to do so. EarthLink later reached an agreement with the FBI and the magistrate that allowed the company to use its own technology to collect the data sought in a court order.

Like the company's BlackICE Defender network monitoring product, Altivore uses stateful packet decoding techniques that Graham said allows for the collection of just one stream of data -- thereby enabling it to avoid violating the privacy of users on a network who aren't being targeted by an investigation. Network ICE is considering offering the program to Internet providers as an open-source tool and will provide a free Altivore license to any provider that's responding to a court order, he added.

FBI spokesman Paul Bresson said Carnivore "was designed to help industry to be in compliance with federal wiretapping statutes." But, he added, if Internet providers come up with alternatives or decide "to construct their own intercepts with their own tools, that works out best for everyone, as long as they are in compliance with wiretapping statutes and are willing to provide evidence on . . . issues such as how the information was intercepted and who had access to it."

NetworkICE said Altivore contains the basic Carnivore feature set outlined in the FBI's solicitation for an upcoming independent review of the surveillance technology. But it added that the source code, which is only aimed at programmers, still requires extensive debugging. Compiling instructions are provided within the source code, and Network ICE is encouraging developers to add features to Altivore such as packet reassembly capabilities and any new features announced for Carnivore. An online forum has been set up to discuss the Altivore project.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Black Box Network ServicesEarthLinkFBIFederal Bureau of InvestigationNetwork IceNetworkICE

Show Comments