FBI to investigate Internet's role in terrorist attacks

Computerworld - WASHINGTON -- More than 30,000 tips have poured into the special Web site set up by the FBI to manage leads in the investigation of Tuesday's terrorist attack against the World Trade Center in New York and the Pentagon, the agency said.

At a press briefing today, Attorney General John Ashcroft characterized many of the tips as useful to the investigation, and said the number of accomplices who may have assisted the estimated 18 hijackers is likely "significant."

Meanwhile, officials at two major Internet service providers have acknowledged that they're cooperating with the FBI in the search for data that could help lead investigators to individuals who may have assisted the hijackers. Executives at Dulles, Va.-based America Online Inc. and Atlanta-based EarthLink Inc. said they're assisting authorities with information from their user and connection logs.

The FBI wouldn't confirm whether it's looking into any Internet service provider records, nor would the agency say whether its controversial Carnivore e-mail-monitoring program was being used. Carnivore, which is now called DCS1000, has raised fears among privacy advocates who have said the software could lead to random surveillance of e-mail messages unrelated to an FBI investigation.

Sifting through the mountain of data from various Internet service providers may be difficult, however. AOL membership recently surpassed 31 million accounts, with more than 7 million added during the past year alone. EarthLink has about 5 million subscribers and more than 8,800 dial-up points around the nation.

Richard Forno, a security administrator with a major domain-name registration firm in Virginia, said it would be easy for authorities to piece together information from ISP records, but how useful those records would be to the investigation is unclear.

Brian O'Higgins, chief technology officer at Entrust Inc., an Internet security firm in Plano, Texas, said the information garnered from Internet service provider logs could help the FBI narrow down where and against whom to conduct future communications-intercept operations.

"Once you have the e-mail, you can look at all the other information in it, including the entire route," said O'Higgins.

Doug Barbin, principal consultant and security architect at Waltham, Mass.-based Guardent Inc., said any information in Internet service provider logs that might be of use to investigators could have come from a variety of places, including Web sites, chat rooms and e-mails that can point law enforcement officials to foreign Internet service providers.

However, unless authorities already know which users they're looking for, they may find it difficult to uncover a lot of data, because Internet service providers regularly delete logs,