Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Government Yahoo! Communications Network Privacy Security The Internet United States News Technology

Yahoo Secretly Scanned Customer Emails For US Intelligence (reuters.com) 194

An anonymous reader shares with us an exclusive report from Reuters: Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said two former employees and a third person apprised of the events. Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to a spy agency's demand by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time. It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified. Reuters was unable to determine what data Yahoo may have handed over, if any, and if intelligence officials had approached other email providers besides Yahoo with this kind of request. The two former employees say that the decision Yahoo CEO Marissa Mayer made to obey the directive resulted in the June 2015 departure of CISO Alex Stamos, who left to work for Facebook. The company said in response to Reuters questions about the demand, "Yahoo is a law abiding company, and complies with the laws of the United States."
This discussion has been archived. No new comments can be posted.

Yahoo Secretly Scanned Customer Emails For US Intelligence

Comments Filter:
  • by Anonymous Coward

    ...was there anybody left who didn't know that?

    • by Anonymous Coward

      Ahhhhh the old "this isn't news cos it's the ravings of paranoid conspiracy nuts" to "this isn't news cos everyone knows about it" gambit.

    • by NatasRevol ( 731260 ) on Tuesday October 04, 2016 @03:30PM (#53013445) Journal

      The scale is what wasn't know. this is every email going through there servers. Which is unconstitutional. Oh, and their poor implementation led to back door access as well.

      Other questions still to be answered: Did google & microsoft do the same thing? So far, they've said 'no comment'. Which isn't good.

      • by NatasRevol ( 731260 ) on Tuesday October 04, 2016 @03:38PM (#53013503) Journal

        Also remember, this happened in the timeframe (mid 2015) that Apple was actively fighting the FBI to not build a software hack into iOS. So it can be fought. And won.

        • Also remember, this happened in the timeframe (mid 2015) that Apple was actively fighting the FBI to not build a software hack into iOS.

          No, the Apple case started in February 2016.

      • The scale is what wasn't know. this is every email going through there servers. Which is unconstitutional. Oh, and their poor implementation led to back door access as well.

        Other questions still to be answered: Did google & microsoft do the same thing? So far, they've said 'no comment'. Which isn't good.

        Why is that even a question. Of course the NSA have everything that they want to look at from any cloud provider. As long as they can legally use gag orders, there is no privacy. Period.

      • by clodney ( 778910 )

        Other questions still to be answered: Did google & microsoft do the same thing? So far, they've said 'no comment'. Which isn't good.

        According to an article at Ars Technica, they have both denied it:

        A spokeswoman for Microsoft, Kim Kurseman, e-mailed Ars this statement, and also declined further questions: “We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo.”

        For its part, Google was the most unequivocal. Spokesman Aaron Stein e-mailed: "We've never received such a request, but if we did, our response would be simple: 'no way.'"

    • Sure a lot of people assumed that they folded for the searching of accounts.

      How many knew it for a fact?
      Very few is my guess.

      How many know that they were running a search on all incoming mail?
      Not me.
    • by AHuxley ( 892839 )
      In the past people always expected some sort of domestic protection after the Church report https://en.wikipedia.org/wiki/... [wikipedia.org]
      Users would have expected domestic access to be court approved per account.
      In the past a lot of sock puppets would have attempted to distant efforts like this with suggestions of collection been too large, political protections, legal protections, lawyers, material found been of no use in a court, strong protections and respect for US data and accounts.
      Now all that is out in the
    • "...was there anybody left who didn't know that?"

      Yes, all the YAHOO users obviously.

  • Obama (Score:5, Insightful)

    by Anonymous Coward on Tuesday October 04, 2016 @03:03PM (#53013221)

    Obama had the most transparent administration in history. If you don't agree, you will be subject to double enhanced surveillance.

  • by Penguinisto ( 415985 ) on Tuesday October 04, 2016 @03:03PM (#53013227) Journal

    ...the only department of the US Government that actually listens to you.

    Oh, wait...

    • Cop:
      And why are you receiving phone calls from J. Edgar Hoover?

      Wadsworth:
      J. Edgar Hoover?

      Cop:
      That's right. The head of the Federal Bureau of Investigation.

      Colonel Mustard:
      Why is J. Edgar Hoover on your phone?

      Wadsworth:
      I don't know. He's on everyone else's, why shouldn't he be on mine?

  • by Bob_Who ( 926234 ) on Tuesday October 04, 2016 @03:05PM (#53013239) Journal

    THEY DIDN'T FIND ANY!

    "....Nobody here but yahoo customers...."

  • Leaving Yahoo! (Score:5, Interesting)

    by unixisc ( 2429386 ) on Tuesday October 04, 2016 @03:12PM (#53013297)

    I have a Yahoo! mail account, which was my main contact account for things like my bank, credit cards and so on. After 2 cases of password breaks, I've now migrated away from that and sent them all to gmail, which I was using for something else.

    Looks like once the remaining people on it leave, there won't be even a subscriber base to make Yahoo! even worth acquiring.

    • by Bob_Who ( 926234 )

      I regret to inform you that the entire internet is infected with code that is always exploited, all of the time, everywhere.

      Its the one thing we ALL share in common on the net: DELUSIONS OF PRIVACY, SAFETY AND CONTROL.

      Now take the blue pill.

    • I've now migrated away from that and sent them all to gmail, which I was using for something else.

      It's cool, just say "porn".

  • by Anonymous Coward

    I can't wait for the Democrats to take over and end this nonsense just like they promised.

    • by Bob_Who ( 926234 )

      I can't wait for the Democrats to take over and end this nonsense just like they promised.

      We'll NEVER end NONSENSE!!!

      What, are you nuts?

      We might be crazy, but we're not suicidal...yet.

  • ..and the rest (Score:5, Insightful)

    by JustNiz ( 692889 ) on Tuesday October 04, 2016 @03:12PM (#53013311)

    I'll bet a whole dollar that Microsoft, Google and Apple have been secretly doing this for ages too.

    • Just one dollar? Why so stingy?
    • by barakn ( 641218 )

      Have they secretly released your password to hackers too?

    • See Snowden's chart on video below. Google has been in bed with the NSA for at least 3 years. Apple for 2. Microsoft was one of the first way before Google as far back as 1999 I believe. See this video:

      https://www.youtube.com/watch?... [youtube.com] Again, see how Microsoft is at the bottom left of this chart, meaning they were in "bed" the longest. And notice how MS got more and more aggressive since the WGA was introduced, and people didn't understand what it truly represented and didn't raise any objections. That
      • by JustNiz ( 692889 )

        Thanks this is really informative. If I had mod points you'd have gotten them.

      • by rtb61 ( 674572 )

        Make no mistake they all did fight to protect the privacy of users, which they consider they owned and thus the fight was not to keep that privacy, just not to give it away for free. The fight was for how much they could charge for selling your privacy, just like the sell it to everyone else, they own it, your privacy is their property and they demand that if government wants it, they will have to pay for it, just like everyone else. Now, that's the reality.

    • just one word:

      calea

      'nuff said?

  • by JoeyRox ( 2711699 ) on Tuesday October 04, 2016 @03:26PM (#53013403)
    She ignored employees who wanted to continue the company practice of working from home, executives who wanted to take the site in a different direction, and shareholders who wanted her to be competent in her job and actually increase shareholder value in ways other than just ridding her inheritance of the Alibaba position.
    • I wonder if, retrospectively, people will consider her the worst CEO ever, taking the crown from Ballmer?

      She has merely fiddled while Rome burns. Upsetting the employees, making small acquisitions that did not add anything of value to the company's portfolio, took no bold moves, nothing.

      As I have said before, the board could have put a monkey in her office and been hundreds of millions of dollars better off at this point.

      But, she is set for life, financially.

      • IMO she'll not only be remembered as one of the worst CEOs ever, they're going to rename the Peter Principle to the Marissa Principle.
      • Hasn't Ballmer already lost the crown for his own company's worst CEO to his successor? I think it's worth seeing whether Meyer will wrest the crown from Carly, who now want to run the GOP. Hopefully, Trump denies her that pleasure if he wins.
      • by sconeu ( 64226 )

        She has a hell of a long way to go before she catches up to Carly.

        Carly wrecked TWO companies.

  • It is not known what information intelligence officials were looking for, only that they wanted Yahoo to search for a set of characters. That could mean a phrase in an email or an attachment, said the sources, who did not want to be identified.

    That is a request that is so obviously unconstitutional.

    But, perhaps, we should consider why Yahoo acquiesced. Perhaps when the NSA was wiretapping those connections between datacenters, they discovered something that could be used to blackmail Yahoo, or its CEO,

    • Comment removed based on user account deletion
      • No. It might be unconstitutional if it were a demand or order, but a request, with no pressure on Yahoo to submit to it?

        You ever deal with law enforcement, like, ever? Its all pressure, all the time. You don't think there was some coercion involved? Some quid pro quo? Some something as carrot or stick, or both? A little of the old good cop/bad cop?

        You think they just sent a letter to the CEO of Yahoo, said pretty please, and ended the email with "if you wouldn't mind too much violating the trust of your entire customer base?"

        There was coercion. There were heavy-handed tactics. There was quid pro quo. There were conve

  • I can understand that. Who needs is more than them.

  • by TheHawke ( 237817 ) <rchapin@NOSPam.stx.rr.com> on Tuesday October 04, 2016 @04:11PM (#53013717)

    AT&T had cut a plum deal with Yahoo to provide e-mail services for the telecom giant way back in the early 2000's, which is still in effect to this day.

    Chew that over and get back with me.

  • Okay, I listed this before and I'll do it again, because...this is important. There are alternatives to yahoo, MS and Google and we need to hold the to a higher standard. Checkout these web mail alternatives

    https://www.vmail.me/en/ [vmail.me]
    https://countermail.com/ [countermail.com]
    http://www.neomailbox.com/ [neomailbox.com]
    http://www.e-mail-made-in-germ... [e-mail-mad...germany.de]
    /


    http://techpp.com/2013/08/28/n... [techpp.com]

    (not encrypted but smaller country + company appeals to me ;-) ) there are others listed in this article:


    http://techpp.com/2013/08/28/n... [techpp.com]

    we n
  • This is precisely why I host my own email, web, ftp, and name servers. I don't trust the integrity, or lack of for the matter, of any of the free services. This just reinforces the fact that my mistrust is not incorrect. It is not terribly difficult to do and you can find howtos. I even have a backup mail exchange and name servers.
  • Comment removed based on user account deletion
  • Usually, by "customer" we mean the people who pay for something.
    AFAIK the Yahoo e-mail service is free, so its users aren't customers.
    Yahoo customers are advertisers, or people who make transactions on its e-commerce platform. And Yahoo don't control their e-mails unless they are also using Yahoo mail. So Yahoo cannot really monitor their incoming messages.

  • by account_deleted ( 4530225 ) on Tuesday October 04, 2016 @07:30PM (#53014687)
    Comment removed based on user account deletion
    • Are there any gopher servers left?
      Also do any modern browsers support the gopher protocol anymore?

      Yes those are somewhat serious questions as it has been ages since I accessed a gopher server, probably since the mid to late 90s and the last time I did was probably when I was at the University of Minnesota.
  • Did they find any?

  • From now on, sensitive writings from me will be on paper and encoded with Enigma with a codebook unique to me and the recipient.

    I bet they forgot how to work Enigma out, since it seems they've spent the last 20 years slurping our email.

    I'm only half joking.

  • I'd be willing to bet they were paid for their services. If so, that would be only reason other major email providers haven't done this yet. They're haven't been as desperate for revenue like Yahoo. It's very likely there will come a time when they will be. That's one of those facets of this problem not getting enough attention. Everyone's much more "trustworthy" when they're stable financially, even corporations. Can you still continue to trust them with your valuable personal data when their luck be
  • Is this news to anyone? If you are willing use a "free email" that mines your mail for "value" (marketing, etc.) to be sold off are you really surprised when they are using the same platform to get paid by the govt. to search that same data? If you don't physically control the server and manage the software then you don't control the data stored there. Period, this is why you manage your own data. You can ask secretary Clinton about the privacy benefits of a directly owned and managed email server.

    Th

You know you've landed gear-up when it takes full power to taxi.

Working...