Yahoo 'secretly scanned emails for US authorities'

[DaBees-Knees]

http://www.bbc.co.uk/news/technology-37551415

Yahoo secretly scanned millions of its users' email accounts on behalf of the US government, according to a report. Reuters news agency says the firm built special software last year to comply with a classified request.

"Yahoo is a law abiding company, and complies with the laws of the United States," the tech firm said in a statement provided to the BBC. The allegation comes less than a fortnight after Yahoo said hackers had stolen data about many of its users. Yahoo is in the process of being taken over by Verizon Communications in a $4.8bn (£3.8bn) deal. The telecoms provider declined to comment on the report.

'Upset workers'

Reuters reports that the scans were requested by either the National Security Agency (NSA) or the FBI, according to three sources - two of whom it says were ex-Yahoo employees. The news agency says that the software scanned for a string of characters within all incoming emails, but adds that it was unable to determine what information was handed over or if other internet companies had received a similar demand.

US law allows the country's intelligence agencies to order the release of customer data that they believe could prevent a terrorist attack, among other reasons. Companies can challenge such orders behind closed doors in the Foreign Intelligence Surveillance Court. But Reuters reports that Yahoo decided not to fight the matter because it thought it would lose. It adds that some Yahoo employees were upset by that decision.

The whistleblower Edward Snowden, who previously revealed details about the US's cyber-spying efforts, has tweeted in response to the unverified allegations: "Use @Yahoo? They secretly scanned everything you ever wrote... close your account today."

[White Stripes]

well this steaming pile just keeps getting bigger....

[GhostShip]

I suspectthis was an FBI request simply because the NSA would have scanned all of the traffic already and so would not need to search older emails stored on yahoos servers.

I am still puzzled why anyone uses email.

[GhostShip]

It looks like this event has further ramifications in the US/EU data protection arena.

https://www.techdirt.com/articles/20161006/12072035730/yahoo-email-scanning-may-sink-eu-privacy-shield-agreement.shtml

After the US/EU "safe harbor" on data protection was tossed out thanks to NSA spying being incompatible with EU rights, everyone had tried to patch things up with the so-called "Privacy Shield." As we noted at the time, as long as the NSA's mass surveillance remained in place, the Privacy Shield agreement would fail as well. This wasn't that difficult to predict.

And there are already some challenges to the Privacy Shield underway, including by Max Schrems, who brought the original challenge that invalidated the old safe harbor. But things may have accelerated a bit this week with the story of Yahoo scanning all emails. This news has woken up a bunch of EU politicians and data protection officials, leading to some serious questions about whether it violates the Privacy Shield agreement.

We either live in a free society or one led precariously from the shadows by unelected position holders whom answer to nobody it seems, terrorists are pretty wise now to the benefits of using throwaway mobile phones, utilising encrypted messenger apps and other such accessible services, the real targets of all this end up being the  "Joe Public's" whom foot the bill for what is in reality a lot of time wasting but expensive effort, your privacy simply constitutes low hanging fruit and thus is worth snooping amongst just because the authorities can, the numbers of this effort are clear its about 8 million to one, that's how many folks they spy on to target one individual of interest, this really seems a case of overkill and poor-but-bordering-on-dumb targetting methods.

One has to ask just why it is that whenever there is a banking scandal not a drop of all this "valuable" data ever appears from the shadow world to stop these other types of criminals whom wield enormous power, influence civil wars and fund terror groups but are left alone because they are too wealthy to annoy, it does make folks wonder.

[Ace]

https://it.slashdot.org/story/16/10/07/1810228/yahoos-government-email-scanner-was-not-a-modified-spam-filter-but-a-secret-hacking-tool-motherboard

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article:
Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.

why i never used yahoo ....

[White Stripes]

ok..... so just how deep does this rabbit hole go?