Yahoo Adapted Email-Scanning Spam Filter to Satisfy 'Secret Court Order' Related to Terrorist Hunt

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Oct 6, 2016.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Following a report yesterday that cited three former Yahoo employees who claimed the company built a program to scan every customer's email for specific information at the order of the United States government, new pieces of information have surfaced in a separate article from The New York Times. Specifically, anonymous sources close to the matter said that Yahoo built the program by adapting a filter meant to scan email inboxes for child pornography, malware, and basic spam content.

    Yahoo was said to have done this in order to "satisfy a secret court order," created to require the company to search for content containing a specific computer signature related to online communications of an unspecified state-sponsored terrorist group. Two of the anonymous sources -- referred to as "government officials" -- mentioned the Justice Department received the order from a judge of the Foreign Intelligence Surveillance Court sometime last year, an order that Yahoo was "barred from disclosing" to the public.

    [​IMG]

    Through its modifications to the spam filter program, Yahoo complied with the Justice Department's order and made available any email that contained the signature, but as of now that collection method "is no longer taking place." The order was described as "unusual" because it required the scanning of individual emails instead of user accounts as a whole, and was allegedly only given to Yahoo as other tech companies, including Apple, have said they never encountered such a demand.
    According to the sources, federal investigators learned last year that members of a foreign terrorist organization were communicating using Yahoo's email service, through a method that used a "highly unique" designator, or signature, in each communication. Although built to look for specific content, the modified program's far-reaching scanning of each user on the service brought about unrest in the user base when the original report came out yesterday. Yahoo's compliance is also being contrasted to Apple's obstinate response in its battle with the FBI earlier in the year.

    After the news broke, Yahoo said that the Reuters story was "misleading" and that the email scanning outlined in the report "does not exist on our systems." Compounding the company's woes, last month Yahoo confirmed that "at least" 500 million user accounts were compromised during an attack in late 2014, leaking customer information like names, email addresses, telephone numbers, birthdates, hashed passwords, and both encrypted and unencrypted security questions and answers. In the midst of all of this, Yahoo's pending acquisition by Verizon could potentially face negative effects.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Yahoo Adapted Email-Scanning Spam Filter to Satisfy 'Secret Court Order' Related to Terrorist Hunt
     
  2. thasan macrumors 6502a

    Joined:
    Oct 19, 2007
    Location:
    Germany
    #2
    surely google, fb etc are doing the same then... since they cant 'discuss' it?
     
  3. Black Belt macrumors 6502a

    Black Belt

    Joined:
    Jun 15, 2007
    Location:
    California
  4. merkinmuffley macrumors 6502a

    Joined:
    Dec 3, 2010
    #4
    Keeping the Homeland strong, one email at a time.
     
  5. 840quadra Moderator

    840quadra

    Staff Member

    Joined:
    Feb 1, 2005
    Location:
    Twin Cities Minnesota
    #5
    I have a hard time believing that the government hasn't approached Google, or Microsoft with such questions. I could see them not asking Apple, simply due to their overall lack of marketshare.
     
  6. ptb42, Oct 6, 2016
    Last edited: Oct 6, 2016

    ptb42 macrumors 6502a

    Joined:
    Oct 14, 2011
    #6
    It's unlikely they just scanned "inboxes". That could have been accomplished by scanning incoming mail with a network sniffer, and Yahoo's cooperation wasn't needed for that.

    This was most likely to look in folders OTHER than the inbox, particularly the Drafts folder.

    A well-known circumvention of incoming email sniffing is to use the same account: composing a message and saving it in the Drafts folder. The recipient logs into the same account and reads the draft message, replying to it or deleting it.
     
  7. Nunyabinez macrumors 68000

    Nunyabinez

    Joined:
    Apr 27, 2010
    Location:
    Provo, UT
    #7
    I actually believe that this was only directed at Yahoo!. Could you imagine the backlash that would come if it now came to light that Google had done this after they just said they have never been asked? Better to say nothing than be caught in a lie. If one of these companies had been approached the smart thing would be to say nothing.
     
  8. keysofanxiety macrumors G3

    keysofanxiety

    Joined:
    Nov 23, 2011
    #8
    It goes from bad to worse. Both hacked and spying government shills.

    It's over, Yahoo!
     
  9. unlinked macrumors 6502a

    Joined:
    Jul 12, 2010
    Location:
    Ireland
    #9
    Not sure secret court orders are the best idea unless they have a fixed term limiting how long they are secret for.
     
  10. CrickettGrrrl macrumors 6502a

    CrickettGrrrl

    Joined:
    Feb 10, 2012
    Location:
    B'more or Less
    #10
    I have a hard time believing the efficacy of this secret email filter, as Yahoo has been notoriously bad at filtering malware & spam. :rolleyes: It must have been super porous.

    I also have a hard time believing anybody who has their life or super secret plans on the line would even think of using Yahoo email in the first place. So wouldn't it be a really stupid terrorist gang?
     
  11. Sedulous macrumors 68020

    Sedulous

    Joined:
    Dec 10, 2002
    #11
    If the supposed filter works as well as Yahoo's spam filter then the terrorists have nothing to worry about.
     
  12. sofila macrumors 6502a

    sofila

    Joined:
    Jan 19, 2006
    Location:
    Ramtop Mountains
    #12
    "Yahoo Adapted Email-Scanning Spam Filter to Satisfy 'Secret Court Order' Related to Terrorist Hunt"

    Yes, and Santa Claus is my father
     
  13. DrewDaHilp1 macrumors 6502a

    DrewDaHilp1

    Joined:
    Mar 29, 2009
    Location:
    All Your Memes Are Belong to US
    #13
    Ever hear of this guy named Edward Snowden and a little thing called PRISM?
     
  14. i5pro macrumors regular

    Joined:
    Jun 17, 2010
    Location:
    NNJ
    #14
    Everyone should just assume that they(google, apple, msft, etc) are all doing the same thing, just not actually disclosing they are all cooperating for better or worse.
     
  15. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #15
    But most people won't care. Brand loyalty, or can't be bothered to change the email account.
     
  16. keysofanxiety macrumors G3

    keysofanxiety

    Joined:
    Nov 23, 2011
    #16
    Probably the latter. Even when Yahoo was at its peak, I don't think anybody ever respected them. It was crap then too — it was just crap that everybody used. :D
     
  17. Robert.Walter macrumors 65816

    Joined:
    Jul 10, 2012
    #17
    So after rifling through everyon's private Communications, did they catch their suspect terrorist(s)?

    Or did they, as in all the surveillance to date, get bupkis?
     
  18. 69Mustang macrumors 603

    69Mustang

    Joined:
    Jan 7, 2014
    Location:
    In between a rock and a hard place
    #18
    I don't understand the logic you're using. I hope you're not conflating phone marketshare with email client marketshare. There are several metrics showing the iPhone email client is the largest by a wide margin. To be fair, that could be a focus on mobile. To be even more fair, I didn't dig into how those metrics were obtained. Desktop and business client email may paint a different picture but I seriously doubt those would be the vector for terrorists. Regardless, you can't use phone marketshare as a reason for not asking Apple. It doesn't make sense.

    Apple, Microsoft, and Google all state they haven't been approached with a request like this. Apple and Google were both pretty emphatic in their response. Hell no. Microsoft on the other hand, their response was a bit more vague and non-commital regarding their response if requested to do something similar.
    "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo." - Microsoft. If someone gave me a response like that, my first question would be "Well what kind of secret email scanning have you done?"
     
  19. usarioclave macrumors 65816

    Joined:
    Sep 26, 2003
    #19
  20. citysnaps macrumors 601

    Joined:
    Oct 10, 2011
    Location:
    San Francisco
    #20
    Up until 2014 they didn't have to ask Google as gmail traffic between its data centers was transmitted without encryption and subject to easy bulk interception. For many many years. Astonishing Google was so lax.
     
  21. now i see it macrumors 68030

    Joined:
    Jan 2, 2002
    #21
    Actually I think it's better this way. Let's everyone know that email is not private at all and everything you type can be used against you.

    That being the case.... Just use email accordingly.
     
  22. 840quadra, Oct 6, 2016
    Last edited: Oct 6, 2016

    840quadra Moderator

    840quadra

    Staff Member

    Joined:
    Feb 1, 2005
    Location:
    Twin Cities Minnesota
    #22
    Installed versus used?

    I doubt that the quantity of people using Apples services come close to being a rival for the big 3. I have no definitive metrics to give, so I will Yield to whatever metrics people care to look up. I agree that the Apple email client is used widely, however most people ( in my experience in it / marketing / personal life) retain their pre-existing email, being Yahoo!, Microsoft, aol, or google, and link mail to those.

    Edit:::

    I maybe understand it incorrectly, but the topic is email data which despite .me, .icloud, .mac, etc, I would imagine apple is much smaller than the others.
     
  23. Swift macrumors 68000

    Swift

    Joined:
    Feb 18, 2003
    Location:
    Los Angeles
    #23
    I guess I must be an enemy of freedom. The secrecy isn't great, but look. What was the greatest risk involved with Yahoo Mail? You were going to a very low-rent neighborhood of the Internet. The equivalent of a truck stop. Crummy design, intrusive ads eating up your bandwidth, crazy people trying to convince you of nonsense. Think of it as a neighborhood. How would you feel if some militants are being organized for violence in that neighborhood? If they develop evidence that they MIGHT be hiding child porn, cash for weapons, directions for bombs, and yes, child porn, such that a judge would grant a warrant. When did the Internet get to be outside of the real world? Not talking intrusive, but if the guy next door was torturing kids, what are his privacy rights worth in the scheme of things? How about a native ISIS cell? Neo-Nazis? Our police, in a democracy, do have a real job. I'm not saying I've worked out all these questions, but the Internet giveth and the Internet taketh away. If you're on the web you can see the world. And the world sees you.
     
  24. 840quadra Moderator

    840quadra

    Staff Member

    Joined:
    Feb 1, 2005
    Location:
    Twin Cities Minnesota
    #24
    Email itself is Sticky, many people with Yahoo addresses come from a time before Google's popularity. I try not to make character judgments based on whatever domain they email me from.

    Child porn? That has commonly been the trump card used to take away, or limit the privacy of people who have absolute detest, and nothing to do with such a vile activity. Fear mongering of terroristic activity is slowly replacing it as the new ultimate argument against privacy.
     
  25. Shaun, UK, Oct 6, 2016
    Last edited: Oct 6, 2016

    Shaun, UK Suspended

    Shaun, UK

    Joined:
    Mar 23, 2006
    Location:
    England
    #25
    Yes they probably are. Yahoo is not at fault here, the US government should not be allowed to make such outrageous requests in the first place.
     

Share This Page