Until it was abandoned in favor of commercially available tools in 2003, the custom-built Carnivore system was used by the FBI to monitor email and other network communication. Originally built to be more precise than the commercial packet sniffers available then and catch only what the government has the right to catch, Carnivore became obsolte when third-party surveillance tools gained in features and filtering abilities.
How Carnivore Worked
- The Carnivore system is a personal computer running Windows and is equipped with a network card and Jaz drive for removable disk media.
- Since Carnivore must be physically connected to the network in order to monitor it, the computer is installed at an Internet Service Provider, a university, company, or other organization that provides internet access for the person to be monitored.
- Once installed, Carnivore uses a packet "sniffer" to collect all data that passes through the network. At an ISP, that includes all emails sent and received by its users, the content of all the Web sites they visit, or all messages sent through an Instant Messaging application, and all other network activity, too.
- The aggregated data is sent through an aggressive filter that discards all information that is not to or from the person subject to a wiretap order.
- Additionally, Carnivore can distinguish between communication that may be lawfully intercepted (emails, for example) and communication that must not be intercepted. To only record emails, for example, Carnivore looks for communication using the Simple Mail Transfer Protocol.
- All data passing the filter is written to the removable disk. Disks are collected by a FBI Special Agent coming to the site and put in a sealed box.