Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Communications

The UK Is About to Legalize Mass Surveillance [Update] (vice.com) 394

From a report on Motherboard: On Tuesday, the UK is due to pass its controversial new surveillance law, the Investigatory Powers Act, according to the Home Office. The Act, which has received overwhelming support in both the House of Commons and Lords, formally legalizes a number of mass surveillance programs revealed by Edward Snowden in 2013. It also introduces a new power which will force internet service providers to store browsing data on all customers for 12 months. Civil liberties campaigners have described the Act as one of the most extreme surveillance laws in any democracy, while law enforcement agencies believe that the collection of browsing data is vital in an age of ubiquitous internet communications. "The Investigatory Powers Act 2016 will ensure that law enforcement and the security and intelligence agencies have the powers they need in a digital age to disrupt terrorist attacks, subject to strict safeguards and world-leading oversight," a statement from the Home Office reads. Much of the Act gives stronger legal footing to the UK's various bulk powers, including "bulk interception," which is, in general terms, the collection of internet and phone communications en masse. In June 2013, using documents provided by Edward Snowden, The Guardian revealed that the GCHQ taps fibre-optic undersea cables in order to intercept emails, internet histories, calls, and a wealth of other data. Update: "Snooper's charter" bill has become the law. The home secretary said:"The Investigatory Powers Act is world-leading legislation, that provides unprecedented transparency and substantial privacy protection. "The government is clear that, at a time of heightened security threat, it is essential our law enforcement and security and intelligence services have the power they need to keep people safe. The internet presents new opportunities for terrorists and we must ensure we have the capabilities to confront this challenge. But it is also right that these powers are subject to strict safeguards and rigorous oversight."
Privacy

Snowden Can Be Asked To Testify In Person In Germany NSA Probe (arstechnica.com) 72

An anonymous reader quotes a report from Ars Technica: Whistleblower Edward Snowden can be asked to give evidence in person by a German committee probing the NSA's spying activities, the country's Federal Court of Justice has ruled. Germany's government has been told that it should make suitable arrangements for that to happen. It has been refusing to invite Snowden to give evidence personally since it would need to guarantee that he would not be handed over to the U.S. -- a promise the German authorities say would risk damaging the political relations between the two countries. Instead, it has called for him to give evidence via a video link, or for German officials to interview him in Moscow, both of which Snowden turned down. Following a formal complaint by the greens and left-wing politicians, Germany's Federal Court of Justice has ruled that the German government must provide the necessary guarantees that would allow Snowden to give evidence in person, or explain why it will not do so. Snowden's lawyer, Wolfgang Kaleck, told the Suddeutsche Zeitung that the German government might refuse to provide guarantees, and officially admit that it regards cooperating with the U.S. on intelligence matters in the future as more important than getting to the bottom of past surveillance. In that case, an appeal could be made to Germany's constitutional court, according to an article in Der Spiegel, which would decide whether the German government was allowed to make that trade-off. The committee of inquiry is examining to what extent German citizens and politicians were spied on by the NSA and its so-called Five Eyes partners -- notably GCHQ -- and whether German politicians and intelligence agencies knew about this activity.
Privacy

President Obama Says He Can't Pardon Snowden (arstechnica.com) 534

Joe Mullin, writing for Ars Technica:A campaign to pardon NSA leaker Edward Snowden, launched in combination with a fawning Oliver Stone film about him, hasn't made any headway. The request spurred the entire membership of the House Select Committee on Intelligence, 13 Republicans and nine Democrats, to send a letter to President Barack Obama urging against a pardon. "He is a criminal," they stated flatly. Obama weighed in on the matter on Friday. During his European tour, he was interviewed by Der Spiegel -- the largest newspaper in Germany, a country where Snowden is particularly popular. After discussing a wide range of issues, he was asked: Are you going to pardon Edward Snowden? Obama replied: "I can't pardon somebody who hasn't gone before a court and presented themselves, so that's not something that I would comment on at this point." He continued: I think that Mr. Snowden raised some legitimate concerns. How he did it was something that did not follow the procedures and practices of our intelligence community. If everybody took the approach that I make my own decisions about these issues, then it would be very hard to have an organized government or any kind of national security system. At the point at which Mr. Snowden wants to present himself before the legal authorities and make his arguments or have his lawyers make his arguments, then I think those issues come into play. Until that time, what I've tried to suggest -- both to the American people, but also to the world -- is that we do have to balance this issue of privacy and security.
Government

NSA Chief: Nation-State Made 'Conscious Effort' To Sway US Presidential Election (aol.com) 667

The head of the US National Security Agency has said that a "nation-state" consciously targeted presidential candidate Hillary Clinton's presidential campaign, in order to affect the US election. From an AOL article:Adm. Michael Rogers, who leads both the NSA and US Cyber Command, made the comments in response to a question about Wikileaks' release of nearly 20,000 internal DNC emails during a conference presented by The Wall Street Journal. "There shouldn't be any doubt in anybody's minds," Rogers said. "This was not something that was done casually. This was not something that was done by chance. This was not a target that was selected purely arbitrarily. This was a conscious effort by a nation-state to attempt to achieve a specific effect." Rogers did not specify the nation-state or the specific effect, though US intelligence officials suspect Russia provided the emails to Wikileaks, after hackers stole them from inside DNC servers and the personal email account of Hillary Clinton's campaign manager, John Podesta. At least two different hacker groups associated with the Russian government were found inside the networks of the DNC over the past year, reading emails, chats, and downloading private documents. Many of those files were later released by Wikileaks.Further reading: Quartz and MotherJones.
Government

James Clapper, US Director of National Intelligence, Has Resigned (thehill.com) 170

Reader cold fjord writes: James Clapper, Director of National Intelligence, resigned last night. Clapper spent 30 years in military intelligence at the National Imagery and Mapping Agency. He was selected to be the Director of National Intelligence in 2010 with responsibility for 17 US intelligence agencies. Clapper was DNI during the monumental Snowden leaks of documents from NSA and various allied intelligence agencies as well as the release by WikiLeaks of the documents provided by (at the time) Private Bradley Manning. Besides the Snowden and Manning leaks, Clapper was engulfed in controversy over testimony to Congress in which he is alleged to have lied about NSA data collection in responding to a question from Senator Wyden. Clapper had previously stated he would leave at the end of the Obama administration. Clapper's resignation clears the way for incoming president-elect Trump to appoint his own Director of National Intelligence.
Music

Shazam Keeps Your Mac's Microphone Always On, Even When You Turn It Off (vice.com) 126

An anonymous reader quotes a report from Motherboard: What's that song? On your cellphone, the popular app Shazam is able to answer that question by listening for just a few seconds, as if it were magic. On Apple's computers, Shazam never turns the microphone off, even if you tell it to. When a user of Shazam's Mac app turns the app "OFF," the app actually keeps the microphone on in the background. For the security researcher who discovered that the mic is always on, it's a bug that users should know about. For Shazam, it's just a feature that makes the app work better. Patrick Wardle, a former NSA hacker who now develops free Mac security tools, discovered this issue thanks to his latest software OverSight, which is designed to alert users when apps use their webcam and microphone. After he released OverSight, Wardle received an email from a user who noticed that the security app alerted him that Shazam was still listening even after he had switched the toggle to "off." Curious about this discovery, and worried his own software might be issuing a false alarm, Wardle reverse engineered the Shazam app to figure out what was happening. After a few hours analyzing the code, Wardle found out that, in fact, Shazam never stops listening, as he explained in a blog post published on Monday. James Pearson, VP of global communications for Shazam, said in a statement to Motherboard: "There is no privacy issue since the audio is not processed unless the user actively turns the app 'ON.' If the mic wasn't left on, it would take the app longer to both initialize the mic and then start buffering audio, and this is more likely to result in a poor user experience where users 'miss out' on a song they were trying to identify."
Government

Will Trump's Presidency Bring More Surveillance To The US? (scmagazine.com) 412

An anonymous reader reports that Donald Trump's upcoming presidency raises a few concerns for the security industry: "Some of his statements that industry professionals find troubling are his calls for 'closing parts of the Internet', his support for mass surveillance, and demands that Apple should have helped the FBI break the encrypted communications of the San Bernardino shooter's iPhone," writes SC Magazine. One digital rights activist even used Trump's surprise victory as an opportunity to suggest President Obama begin "declassifying and dismantling as much of the federal government's unaccountable, secretive, mass surveillance state as he can -- before Trump is the one running it... he has made it very clear exactly how he would use such powers: to target Muslims, immigrant families, marginalized communities, political dissidents, and journalists."

Edward Snowden's lawyer says "I think many Americans are waking up to the fact we have created a presidency that is too powerful," and the Verge adds that Pinboard CEO Maciej Ceglowski is now urging tech sites to stop collecting so much data. "According to Ceglowski, the only sane response to a Trump presidency was to get rid of as much stored user data as possible. 'If you work at Google or Facebook,' he wrote on Pinboard's Twitter account, 'please start a meaningful internal conversation about giving people tools to scrub their behavioral data.'"

Could a Trump presidency ultimately lead to a massive public backlash against government surveillance?
Businesses

The Internet Association, Whose Members Include Amazon, Facebook and Google, Writes Open Letter To Donald Trump (cnet.com) 19

The Internet Association -- a group of 40 top internet companies including Airbnb, Amazon, Facebook, Google, LinkedIn, Netflix, Twitter, Uber and Yahoo -- issued an open letter on Monday that congratulates Donald Trump on his victory and offers a long list of policy positions they hope he'll consider during his time as president. From a report on CNET:That list includes:
Upholding Section 230 of the Communications Decency Act so internet companies can't get sued easily for things their users say or do online.
Upholding Section 512 of the Digital Millennium Copyright Act so internet companies can't get easily sued if they quickly remove copyrighted content that users upload (such as infringing photos and YouTube videos).
Reforming the 30-year-old Electronic Communications Privacy Act -- "Internet users must have the same protections for their inbox as they do for their mailbox," states the association. Supporting strong encryption (Trump called for a boycott of Apple when it refused to comply with an FBI order to unlock an iPhone linked to terror.)
Reforming Section 702 of the Foreign Intelligence Surveillance Act, which lets the NSA collect online communications without a warrant.
Providing similar copyright protections for companies that operate outside the US.
Reforming the US Patent Office to deter patent trolls, a term for companies that sue other companies based on patents without actually producing new products.
Here's the full list.
Privacy

NSA Hackers The Shadow Brokers Dump More Files (vice.com) 50

The hacker (or a group of hackers) who call themselves The Shadow Brokers today published more files. From an article on Motherboard: This latest release comes while Hal Martin, an NSA contractor and, according to The Washington Post , the prime suspect in The Shadow Brokers case sits in detention after being arrested for allegedly stealing swaths of classified material. "TheShadowBrokers is having special trick or treat for Amerikanskis tonight," a message from the hackers posted to Medium reads. The message is signed with the same PGP key used to sign several previous posts, including the group's original announcement that came with links to a slew of NSA exploits. As for the files, The Shadow Brokers claim they reveal IP addresses linked to the Equation Group, a hacking unit widely believed to be tied to the NSA. "This is being equation group pitchimpair (redirector) keys, many missions into your network is/was coming from these ip addresses," The Shadow Brokers' post continues.The report adds that the dump contains 300 folders of files -- all corresponding to different domains and IP addresses. Security researcher who goes by the alias Hacker Fantastic the dump contains 306 domains and 352 IP addresses relating to 49 countries in total. "If accurate, victims of the Equation Group may be able to use these files to determine if they were potentially targeted by the NSA-linked unit."
Government

Yahoo Scanning Order Unlikely To Be Made Public: Reuters (reuters.com) 61

An anonymous reader quotes a report from Reuters: Obama administration officials briefed key congressional staffers last week about a secret court order to Yahoo that prompted it to search all users' incoming emails for a still undisclosed digital signature, but they remain reluctant to discuss the unusual case with a broader audience. Executive branch officials spoke to staff for members of the Senate and House of Representatives committees overseeing intelligence operations and the judiciary, according to people briefed on the events, which followed Reuters' disclosure of the massive search. But attempts by other members of Congress and civil society groups to learn more about the Yahoo order are unlikely to meet with success anytime soon, because its details remain a sensitive national security matter, U.S. officials told Reuters. Release of any declassified version of the order is unlikely in the foreseeable future, the officials said. The decision to keep details of the order secret comes amid mounting pressure on the U.S. government to be more transparent about its data-collection activities ahead of a congressional deadline next year to reauthorize some foreign intelligence authorities. On Tuesday, more than 30 advocacy groups will send a letter to Director of National Intelligence James Clapper asking for declassification of the Yahoo order that led to the search of emails last year in pursuit of data matching a specific digital symbol. The groups say that Title I of the Foreign Intelligence Surveillance Act, under which sources said the order was issued, requires a finding that the target of such a wiretap is probably an agent of a foreign power and that the facility to be tapped is probably going to be used for a transmission. An entire service, such as Yahoo, has never publicly been considered to be a "facility" in such a case: instead, the word usually refers to a phone number or an email account.
Government

Prosecutors Say NSA Contractor Could Flee To Foreign Power (go.com) 44

An anonymous reader quotes a report from ABC News: The NSA contractor accused of stealing a gargantuan amount of sensitive and classified data from the U.S. government was studying Russian before he was arrested and would be a "prime target" for foreign spies should he be released on bail, prosecutors argued ahead of a court hearing for Harold Martin, III, today. The government said it is "readily apparent to every foreign counterintelligence professional and nongovernmental actor that the Defendant has access to highly classified information, whether in his head, in still-hidden physical locations, or stored in cyberspace -- and he has demonstrated absolutely no interest in protecting it. This makes the Defendant a prime target, and his release would seriously endanger the safety of the country and potentially even the Defendant himself." Prosecutors noted that Martin purportedly communicated online "with others in languages other than English, including in Russian" and that he had downloaded information on the Russian language just a couple months before he was arrested in August. Martin's attorneys, however, said in their own court filing Thursday that there is still no evidence he "intended to betray his country" and argued that he was not a flight risk. All the talk of foreign spies and potential getaway plans, the defense said, were "fantastical scenarios." Martin's defense team said in part: "The government concocts fantastical scenarios in which Mr. Martin -- who, by the government's own admission, does not possess a valid passport -- would attempt to flee the country. Mr. Martin's wife is here in Maryland. His home is here in Maryland. He hash served this country honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. There is no evidence he intended to betray his country. The government simply does not meet its burden of showing that no conditions of release would reasonably assure Mr. Martin's future appearance in court. For these reasons, and additional reasons to be discussed at the detention hearing, Mr. Martin should be released on conditions pending trial."

UPDATE 10/21/16: Slashdot reader chromaexursion writes: "Harold Martin was denied bail. The judge agreed the the prosecution in his decision."
United States

Prosecutors Say Contractor Stole 50 Terabytes of NSA Data (zdnet.com) 90

An NSA contractor siphoned off dozens of hard drives' worth of data from government computers over two decades, prosecutors will allege on Friday. From a ZDNet report: The contractor, Harold T. Martin III, is also accused of stealing thousands of highly classified documents, computers, and other storage devices during his tenure at the agency. It's not known exactly what Martin allegedly stole, but a report from The New York Times on Wednesday suggests that the recently-leaked hacking tools used by the agency to conduct surveillance were among the stolen cache of files. Prosecutors will on Friday charge Martin with violating the Espionage Act. If convicted, he could face ten years in prison on each count. The charges, news of which was first reported by The Washington Post, outline a far deeper case than first thought, compared to the felony theft and a lesser misdemeanor charge of removal and retention of classified information revealed in an unsealed indictment last month.
Government

How a Video Game About Sheep Exposes the FBI's Broken FOIA System (dailydot.com) 116

blottsie writes from a report via Daily Dot: Earlier this year, the FBI released a free, online video game featuring sheep in its attempts to fight terrorism recruitment efforts. The game is called The Slippery Slope of Violent Extremism, and it is a real thing that exists. You can play it here. After journalists filed a FOIA request to find out more about the game, the FBI said it would take two years to respond -- a staggeringly long wait that helps expose how the Bureau actively avoids responding to open-records requests. The information requested asked for "all documents -- specifically memos, email correspondence, and budgets -- around the development, release, and public reception of the FBI's Slippery Slope game. It's the one with the sheep." There are several reasons why it would take two years to respond. One reason is because of the lack of requests. "If 500 people want to have the FBI file on a famous dead person, that's going to be available, and it's going to be available quickly," J. Pat Brown, an employee at MuckRock, a nonprofit that helps journalists, researchers, good government groups, and interested members of the public make FOIA requests of government agencies, said. "But basic requests about agency activities are pushed into their own pile," adds Daily Dot. Another part of the problem has to do with the outdated technology used by government agencies. "Many of the computers the FBI is using to search for this material are from the 1980s and lack graphical interfaces. Outdated technology being a hurdle to government transparency is common across many federal agencies. The CIA only accepts FOIA request by fax machine, for example," reports Daily Dot. "In 2013, the Office of the Secretary of Defense, which oversees the NSA among other agencies, was unable to accept FOIA requests for months because its fax machine broke and it had to wait until the next fiscal year to get it replaced." What's more is that government agencies are often not required to disclose information after long wait times for processing FOIAs. "As Ginger McCall of the Electronic Privacy Information Center told the Daily Dot in 2014, she once waited four years with near total silence on a FOIA request about the TSA's airport body-scanner technology only to get a note out of the blue from TSA saying she had to respond with 30 days if she wanted them to continue processing her request," reports Daily Dot. "When McCall reached out to others who had made FOIA requests to agencies under the Department of Homeland Security umbrella, they reported similar experiences."
Yahoo!

As Contradictions Mount, Experts Call For Declassification of Yahoo's Email-Scanning Order (onthewire.io) 50

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.
Security

Yahoo's Government Email Scanner Was Not A Modified Spam Filter, But a Secret Hacking Tool: Motherboard (vice.com) 45

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.
Government

Yahoo Scan By US Fell Under Foreign Spy Law Expiring Next Year (reuters.com) 50

An anonymous reader quotes a report from Reuters: A Yahoo operation in 2015 to scan the incoming email of its customers for specific information requested by the U.S. government was authorized under a foreign intelligence law, parts of which will expire next year, two U.S. government officials familiar with the matter said. The collection in question was specifically authorized by a warrant issued by the secret Foreign Intelligence Surveillance Court, said the two government sources, who requested anonymity to speak freely. Yahoo's request came under the Foreign Intelligence Surveillance Act, the sources said. The two sources said the request was issued under a provision of the law known as Section 702, which will expire on Dec. 31, 2017, unless lawmakers act to renew it. The FISA Court warrant related specifically to Yahoo, but it is possible similar such orders have been issued to other telecom and internet companies, the sources said. Section 702 of the FISA governs a program exposed by former National Security Agency contractor Edward Snowden known as Prism, which gathers messaging data from Alphabet Inc's Google, Facebook Inc, Microsoft Corp, Apple Inc and other major tech companies that involves a foreign target under surveillance. Another type of spying the authority allowed under Section 702 is known as "upstream," and allows the NSA to copy web traffic flowing along the internet backbone located inside the United States and search for certain terms associated with a target. "The NSA has said that it only targets individuals under Section 702 by searching for email addresses and similar identifiers," Senator Ron Wyden (OR-D) said in a statement to Reuters on Monday. "If that has changed, the executive branch has an obligation to notify the public."
Government

NSA Contractor Arrested in Possible New Theft of Secrets (nytimes.com) 101

The New York Times, citing senior law enforcement and intelligence officials, reports today that the FBI secretly arrested a National Security Agency contractor in recent weeks (Editor's note: the link could be paywalled; alternate source). The newspaper adds that the FBI is currently investigating whether the contractor (identified as male) stole and disclosed highly classified computer codes developed to "hack into the networks of foreign governments." From the report: The theft raises the embarrassing prospect that for the second time in three years an insider has managed to steal highly damaging secret information from the N.S.A. In 2013, Edward J. Snowden, who was also a contractor for the agency, took a vast trove of documents that were later passed to journalists, exposing N.S.A. surveillance programs in the United States and abroad. The information believed stolen by this contractor -- who like Mr. Snowden worked for the consulting firm Booz Allen Hamilton, which is responsible for building and operating many of the agency's most sensitive cyberoperations -- appears to be different in nature from Mr. Snowden's theft.
Yahoo!

Yahoo Offers Non-Denial Denial of Bombshell Spy Report (theintercept.com) 103

Reuters reported on Tuesday that Yahoo last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials. When The Intercept reached out to Yahoo for an official comment and explanation, the company offered a non-denial response after 20 hours since Reuters's report, a report said. (If a report is inaccurate, the company says so explicitly. Non-denial is something you give when you are caught off guard and things reported are true.) From the report: From Yahoo's PR firm, "The article is misleading. We narrowly interpret every government request for user data to minimize disclosure. The mail scanning described in the article does not exist on our systems." This is an extremely carefully worded statement, arriving roughly 20 hours after the Reuters story first broke. That's a long time to craft 29 words. It's unclear as well why Yahoo wouldn't have put this statement out on Tuesday, rather than responding, cryptically, that they are "a law abiding company, [that] complies with the laws of the United States." But this day-after denial isn't even really a denial: The statement says only that the article is misleading, not false. It denies only that such an email scanning program "does not" exist -- perhaps it did exist at some point between its reported inception in 2015 and today. It also pins quite a bit on the word "described" -- perhaps the Reuters report was overall accurate, but missed a few details. And it would mean a lot more for this denial to come straight from the keyboard of a named executive at Yahoo -- perhaps Ron Bell, the company's general counsel -- rather than a "strategic communications firm."Reuters reported that Yahoo's decision has prompted questions in Europe whether EU citizens' data had been compromised, and this could result in derailing a new trans-Atlantic data sharing deal.
Businesses

Apple, Google, Microsoft: We Have No Government Email Scanning Program Like Yahoo's (vocativ.com) 139

Apple, Google and Microsoft -- three of the largest technology companies in the U.S. -- have each said they don't scan all incoming messages for the U.S. government, which is exactly what Yahoo does. According to Reuters, Yahoo secretly built a custom software program last year to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI. Vocativ reports: In a statement, a Microsoft spokesperson told Vocativ that "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo." While Apple declined to give a statement on the record, a representative for the company did, in response to Vocativ's question, refer to CEO Tim Cook's official letter on consumer privacy, which reads in part: "I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will." The fact that both the companies declined further statement means it's not yet known if the NSA or FBI approached them to request they build a program like Yahoo's. Meanwhile, a spokesperson from Alphabet's Google issued a statement to CNBC: "We've never received such a request, but if we did, our response would be simple: 'no way.'" [The spokesperson later clarified that the company has not received a "directive" or "order" to that effect, either, according to The Intercept.] But the question is whether or not you believe them. With Yahoo's case, only a handful of employees knew about the program. The same could be true with Apple, Google, Microsoft or any other large tech company. Edward Snowden tweeted not too long after Reuters' report surfaced: "Heads up: Any major email service not clearly, categorically denying this tomorrow -- without careful phrasing -- is as guilty as Yahoo."
Government

Yahoo Secretly Scanned Customer Emails For US Intelligence (reuters.com) 194

An anonymous reader shares with us an exclusive report from Reuters: Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events. Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency's demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time. It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified. Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request. The two former employees say that the decision Yahoo CEO Marissa Mayer made to obey the directive resulted in the June 2015 departure of CISO Alex Stamos, who left to work for Facebook. The company said in response to Reuters questions about the demand, "Yahoo is a law abiding company, and complies with the laws of the United States."

Slashdot Top Deals