Since there is enough already out there, allow me to speculate on the email account password sharing.
The bad guys have a way to defeat carnivore. The way they do this is by logging into an internet based email account (yahoo email) and composing a message - with no send to address.
save the message and log-off (no send executed)
The message sits on the yahoo server.
The next bad guy logs on to that very email account (note the passing around of Berg's password) reads the message then deletes it.
Carnivore never gets to intercept the email - because it is never sent.
Berg was either used by the bad guys, for his email account (probable), or he was an intelligence asset and this was a setup to access Moussaui's communication network (less than zero probability).
If the later, this guy was a hero - and a new star will go on the wall - with no name attached.
If the former, this guy was today's version Forrest Gump.
Regards,
Factors to consider:
Carnivore might trigger on all three criteria being satisfied. Raise "might" to "would" if the email address was already under suspicion.
Remember, the information is still traveling over a network to get to and from the webmail server.
If you really want to beat Carnivore, send email--but never forward it from the same account. For example, an email is sent to Account A, with encryption. Reader A downloads email at a Starbucks or a Schlotsky's Deli via Wi-Fi, then disconnects. Email is decrypted and read.
Most of the email is padding--i.e., bulk intended to disguise the true length of the message. The actual message is cut-and-pasted into a new email, with different padding, encrypted with a different algorithm, and sent from a Account B.
The guy with the laptop then walks around with a Wi-Fi-equipped PDA, looking for an unsecured Wi-Fi network (which are legion--and usually unauthorized by the company hosting them).
He then boots up his computer, logs into the network, and sends the email from Account B.
Carnivore will have a very hard time connecting the two events, because they don't share a common IP address, email account, or message content.
Thanks for the heads up on how they can share messages on an email account and why they would all want the same email access password and account. But wouldn't Berg become aware of all these unsent emails in his account?