US Policy Would Allow Government Access to Any Email

An anonymous reader writes "National Intelligence Director Mike McConnell is currently helping to draft a new Cyber-Security Policy that could make the debate over warrantless wiretaps seem like a petty squabble. The new policy would allow the government to access to the content of any email, file transfer, or web search."

Sounds like FUD

[MobyDisk]

This article is entirely speculation. The only source it links to is an article that was not printed, and the link points to a 404 page.

PGP + Constitution

[Rinisari]

Gnu Privacy Guard (or other PGP) + Judge: Man can't be forced to divulge encryption passphrase = safety in communications.

It's in the New Yorker's print edition

As re-reported in Raw Story:

National Intelligence Director Mike McConnell is drawing up plans for cyberspace spying that would make the current debate on warrantless wiretaps look like a "walk in the park," according to an interview published in the New Yorker's print edition today. ...

McConnell is developing a Cyber-Security Policy, still in the draft stage, which will closely police Internet activity.

"Ed Giorgio, who is working with McConnell on the plan, said that would mean giving the government the autority to examine the content of any e-mail, file transfer or Web search," author Lawrence Wright pens.

"Google has records that could help in a cyber-investigation, he said," Wright adds. "Giorgio warned me, 'We have a saying in this business: 'Privacy and security are a zero-sum game.'"

Re:At least they won't be able to mass-scan...

[Bungie]

The main obstacle to mass encryption these days is Microsoft. I expect to be skating over Hell's frozen wasteland before Microsoft adopts encryption in Outlook/Hotmail.

I've been encrypting and signing mail in Outlook Express and Outlook for years. The certificates are installed via XENROLL.DLL or CERTENROLL.DLL. Windows actually has a really good encrytion API.

If you go here you can get a free e-mail certificate. Once you install it to the cryptography store you can sign and encrypt mail in any Microsoft email program. If you use the Windows Live Mail application you can encrypt messages in Hotmail too.

Re:Really?

[Shakrai]

I wonder if that gives me any true additional protection or not.

No, it doesn't. See sneak and peek warrants.

You can try encrypting all of your files but if they can gain physical access to the machine(s) in question without you knowing about it then it's a simple matter to install a keylogging device and obtain any passwords needed to decrypt your data.

Re:Really?

[Shining+Celebi]

That said, there are NO sources for this statement. The PDF link gives a 404 and they don't explain what they meant other than using broad terms. It sounds like a lot of FUD without a source to back it up. Does anybody have the PDF? If not then I'd like to see more sources than just an un-signed editorial on Raw Story.

If you RTFA, it's from The New Yorker. Or, at least it was in TFA when I read it earlier today before Slashdot posted it.

I'm too lazy to check to see about the link now, but fortunately, since I thought the article interesting, I saved it. So here it is. It's an 18 page PDF, The proposal is mentioned on page 11.

Re:At least they won't be able to mass-scan...

[cayenne8]

"Does GMail support encryption though it's web client? Does Yahoo?"

There is a firefox plugin Firegpg that you can use with gmail to encrypt, sign, and decrypt email.

I dunno if it works with yahoo....it might...