Slashdot Mirror

← Back to Stories (view on slashdot.org)

News of the World Investigation Expanded to 9/11 Victims

Posted by samzenpus on from the got-to-tap-them-all dept.

DMandPenfold writes "Police are questioning whether a change in News International's email retention policy was part of an effort to conceal widespread phone hacking by the News of the World, a scandal which is threatening Rupert Murdoch's planned takeover of BSkyB. The trawl for emails and the questioning of changes in News International's email retention policy has important implications for IT security and corporate governance professionals, and is likely to see organizations examining their own policies and reminding their staff on acceptable usage and best practice for email."

31 of 135 comments (clear)

  1. for the wrong reasons by Trepidity · · Score: 5, Insightful

    is likely to see organizations examining their own policies and reminding their staff on acceptable usage and best practice for email

    It'd be pretty sad if the lesson people take from the News Corp fiasco is: man, their IT staff should've really been more on the ball about making sure no evidence of the crimes they committed was accidentally retained.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    1. Re:for the wrong reasons by Jah-Wren+Ryel · · Score: 5, Insightful

      It'd be pretty sad if the lesson people take from the News Corp fiasco is: man, their IT staff should've really been more on the ball about making sure no evidence of the crimes they committed was accidentally retained.

      It's been an open secret for well over a decade now that email retention policies are purely legal dodges. There is no other reason to automatically delete such massive stores of institutional memory except for the possible legal threat they may pose. It isn't like email storage requirements are a practical limitation - any company with terabytes of email is going to have an IT budget so large that those costs will be lost in the noise.

      And, while I don't have a link at hand, I recall a case a couple years ago where the government was pursuing charges that a large corp's email retention practices were a deliberate form of destruction of evidence - despite all of the lawyerly sign-offs and standardised corporate practices verbiage. I wish I did have a link because I'd like to know how that case turned out.

      --
      When information is power, privacy is freedom.
    2. Re:for the wrong reasons by vlm · · Score: 3, Funny

      It isn't like email storage requirements are a practical limitation

      Talk like that is going to result in the lawyers requiring all emails to be hidef videos with 5.1 sound, no more plain text. Keep quiet lest a lawyer hear us, unless you look forward to supporting that kind of a monstrosity...

      --
      "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
    3. Re:for the wrong reasons by ray-auch · · Score: 2

      It's been an open secret for well over a decade now that email retention policies are purely legal dodges. There is no other reason to automatically delete such massive stores of institutional memory except for the possible legal threat they may pose

      Not true.

      Emails often contain personal information, at the very least contact information, and keeping such information indefiintely risks breaching data protection laws in various jurisdictions.

    4. Re:for the wrong reasons by tpholland · · Score: 2

      Yes, but according to the Guardian who have been doggedly pursuing this story, there was an external company involved, Essential Computing, who were the ones who blew the whistle and recovered the incriminating messages. In other news, it sounds like the Bangalore operation they outsourced most of their IT to have had no problems disappearing vast amounts of information.

    5. Re:for the wrong reasons by Runaway1956 · · Score: 2

      Maybe you aren't aware that corporations also destroy physical dead tree documents, religiously. Papers are retained for as long as the law requires, then they are destroyed. Electronic documents of a similar nature should be dealt with in the same manner. There is no reason to archive stuff for decades, just because you consider the cost to be trivial.

      The more records being retained, the more records are available to be stolen, whether they be stolen by industrial espionage agents, the courts, or whoever.

      Ditch those records, at the earliest opportunity.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    6. Re:for the wrong reasons by jimicus · · Score: 2

      It's been an open secret for well over a decade now that email retention policies are purely legal dodges. There is no other reason to automatically delete such massive stores of institutional memory except for the possible legal threat they may pose. It isn't like email storage requirements are a practical limitation - any company with terabytes of email is going to have an IT budget so large that those costs will be lost in the noise.

      You'd be surprised.

      Data storage on one single desktop-class SATA disk is very cheap, you're right there.

      Data storage on a SAS disk is about three to six times the cost - that's before you factor in storage losses through RAID.

      If you want really fast access to data, it's common to buy lots of smaller drives and spread the data across more spindles. This increases your cost per gigabyte quite a bit further because smaller disks are never very cost-effecient.

      If you need the manageability you get from something like a SAN (and you actually want the manufacturer to support you), you need vendor-certified drives. Even if the only difference between them and a bog-standard drive is the label on the front (though customised firmware is by no means unknown), that bumps the price up quite a bit further - and you wouldn't buy something like that without a hardware maintenance contract.

      Next up you've got backup and retention. If you want the backup to be complete in a short space of time, you need something fast. There's a few options available, such as live mirroring with snapshots (Oh goodie! Now you need two SANs in two separate locations and a very fast link between them!), tape (fast sequential access but pretty dire random access), virtual tape (hard disk based systems that present themselves as tape, frequently for compatibility reasons).

    7. Re:for the wrong reasons by Jah-Wren+Ryel · · Score: 2

      Maybe you aren't aware that corporations also destroy physical dead tree documents, religiously.

      I'm quite aware. Just like I'm aware that librarians regularly cull their collections of dead tree books. But electronic documents are not the same as dead trees and treating them as such is to ignore everything that makes them superior. You can't grep dead trees and they take up serious amounts of physical space. Neither is the case with old email.

      There is no reason to archive stuff for decades, just because you consider the cost to be trivial.

      There is no reason NOT to archive stuff for decades precisely because all of the costs except for legal liability for wrong doing are trivial.

      --
      When information is power, privacy is freedom.
  2. Different email policies by mwvdlee · · Score: 2

    ...Because we all know the best solution to morally bankrupt business practices is to make sure there is no paper trail, analog or digital.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  3. There's blood in the water.... by darien.train · · Score: 3, Insightful

    And a lot of it too. Everyone can smell it and the revelations are only in their infancy. I always thought Murdoch was a blight on the news industry and a poster child for the evils of media consolidation but this scandal shocks even me. This is mafia-level shit.

    --
    I don't know how many years on this Earth I got left. I'm going to get real weird with it. - Frank Reynolds
    1. Re:There's blood in the water.... by Rogerborg · · Score: 4, Insightful

      Oh, pfft, Murdoch could eat an orphan live on Sky 1, and he'd still be feted and fawned over come the next general election. Keeping that harridan Rebekah Brooks on-board is a clear F-U to the peons (in which I include such non-entities as mere Prime Ministers).

      --
      If you were blocking sigs, you wouldn't have to read this.
    2. Re:There's blood in the water.... by MightyMartian · · Score: 3, Interesting

      It's getting actually downright scary. Apparently there's evidence that a member of the Queen's security team was taking bribes for information on the doings and whereabouts of members of the Royal Family. Let's keep in mind here that the Queen is the head of state of the UK and fifteen other Commonwealth Realms, and this is a massive breach of security.

      Imagine for a moment what would be happening right now to any newsroom that had managed to penetrate the Secret Service and was gaining information on the President's whereabouts, or that of his wife and children. The Secret Service would be tearing the newsroom to pieces, reporters and editors, Christ, even the bloody janitors and the guy that flips the water bottles, would be sweating it out under a bright light bulb in front of guys in suits and sunglasses.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re:There's blood in the water.... by Hope+Thelps · · Score: 3, Insightful

      Keeping that harridan Rebekah Brooks on-board is a clear F-U to the peons (in which I include such non-entities as mere Prime Ministers).

      Maybe.

      I'd pretty much assumed that she was just being kept ready as the scape goat of choice when things get really bad (and we don't know how much there is yet to come). "Oh, we don't want to lose Rebekah, we have complete confidence in Rebekah, no absolutely we won't fire Rebekah... well, okay, you win, Rebekah has been escorted out of the building - a big triumph for the will of the public. Massive embarassement for us but you beat us. Now let's move on."

      Maybe I'm just naive.

      --
      To summarise the summary of the summary: people are a problem. ~ h2g2
    4. Re:There's blood in the water.... by MightyMartian · · Score: 2

      In the case where there is no clear winner of a general election, the British Sovereign (and their Vice-regal representatives in the other Commonwealth Realms) can decide who forms a government. Since the previous government no longer is in a position to advise the Sovereign on who forms a new government, other than the Sovereign's advisers, this is entirely up to the Sovereign.

      Beyond that, the Sovereign still holds wide reserve powers. Under normal circumstances these are only used on the advice of the Government of the day, but never the less, the fact that the Sovereign holds them means the Government does not. This is the underlying concept of "negative power".

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    5. Re:There's blood in the water.... by That+Guy+From+Mrktng · · Score: 2

      As Mighty Martian said, that is pretty much PR 101, good insight sir.

      After her you only have Rupert's son, now thats when it would get interesting. We all know Rupert can't smack his own son for the good of the empire, right?

  4. Ok, ok. by fuzzyfuzzyfungus · · Score: 4, Insightful

    Can we finish locking the News of the World staff in their headquarters and burning it to the ground, along with anybody found to have aided or abetted them(given that their contacts with the Met and right up to the PM are well known, this probably includes a few people in addition to their shady PIs...) and get on to an important matter:

    Why are phones, particularly the VM box that is more or less an automatic part of today's cell phone, so damn vulnerable? The Telcoes seem to have no trouble tracking our activities in great detail if those activities are something for which we can be billed, and they also seem eminently willing to cooperate with law enforcement. Why, then, do I have absolutely no way of knowing when, and from where, my VM box was called into, and why would the VM box of a phone that is subject to police investigation be accessible from the outside at all?

    I certainly wouldn't mind seeing a bunch of tabloid flacks roasted in their own slime; but if voicemail hacking and phone intercepts by random PIs are that easy, we have a problem that needs to be solved by better security, not just crushing malefactors after the fact...

    1. Re:Ok, ok. by Herkum01 · · Score: 4, Insightful

      I know VM is not very secure, but what I don't understand is why everyone is not screaming about this being a hacking crime. If an individual does this they want to throw the book at them and lock them up for years.

      Just because it is a newspaper out to make money does not entitle them to escape criminal charges. They should be out there pressing charges and fining Murdoch for this behavior.

    2. Re:Ok, ok. by khr · · Score: 2

      Why are phones, particularly the VM box that is more or less an automatic part of today's cell phone, so damn vulnerable?

      Probably the trade-off between security and convenience... Not enough paying customers have yet to demand increased security on it, or canceled their accounts because of the lack of it...

    3. Re:Ok, ok. by wolrahnaes · · Score: 2

      Why are phones, particularly the VM box that is more or less an automatic part of today's cell phone, so damn vulnerable?

      In most cases, because the users are stupid. In some cases, because the telco is stupid.

      The majority of the time, the user will have a stupidly weak password like 1234, 123456, 111111, etc. I do VoIP for a living and one of the platforms I support, Broadworks, can not block a user from having a password like 123456. 111111 is banned, but easy sequences can't be yet. Due to this, I have on average 3-5 cases a month of people getting their accounts hacked and someone trying to forward calls to some other country. We block this system-wide, so it just results in the user's incoming calls breaking until it's noticed, but it happens with reasonable regularity.

      In a few cases, the telco is retarded and allows the user to set that calls from their phone be allowed directly in to the voicemail system. Unfortunately they do not sanity-check this to verify that the call is actually coming from that phone and instead depend entirely on caller ID. Anyone with a VoIP or PRI system and a trusting upstream carrier can send whatever caller ID they want, making it trivial to get in to the voicemail. I think T-Mobile was in that category last time I checked, no idea on the others.

      The Telcoes seem to have no trouble tracking our activities in great detail if those activities are something for which we can be billed, and they also seem eminently willing to cooperate with law enforcement. Why, then, do I have absolutely no way of knowing when, and from where, my VM box was called into, and why would the VM box of a phone that is subject to police investigation be accessible from the outside at all?

      When, they should easily be able to give you and if they don't its only policy. From where, that's a lot tougher, given the ease of spoofing caller ID. Also, a lot of attacks are routed through multiple systems to disguise the source(s). Most attacks I see seem to come from other PBXes, likely hacked in similar ways.

      Agreed on the box being open to remote access. It's trivial on my systems to allow incoming messages but break phone access to any given box, and investigators could just access the e-mail server that stores the messages directly via IMAP.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
    4. Re:Ok, ok. by canajin56 · · Score: 2

      It's kind of clever, actually. I can only speak for my provider (Bell Mobility Canada) but it only asks for your PIN if you are calling from an outside line. And (apparently, I've never tried) it tells if it's an outside line by caller ID, not some tower signal voodoo. So even if you change from the default password, you can still be hacked if your provider works that way. (Bell doesn't for landline VM, it prompts even from your own line). But on the other hand, I think the default voicemail password was randomly assigned. When I got my new phone, I received a text that said "Your default voicemail password is 8231, please dial #whatever to set up your inbox" (or whatever, like I remember). So, that's good. It's just too bad about the caller ID trick ;)

      --
      ASCII stupid question, get a stupid ANSI
    5. Re:Ok, ok. by bmo · · Score: 3, Interesting

      >The majority of the time, the user will have a stupidly weak password like 1234, 123456, 111111, etc. I do VoIP for a living and one of the platforms I support, Broadworks, can not block a user from having a password like 123456. 111111 is banned, but easy sequences can't be yet.

      The next time you go to the ATM take a look at the number pad, where people put in their PINs.

      You will see that numbers 1 through 5 have the most wear.

      It's like this everywhere.

      --
      BMO

  5. Re:Are they just the ones that got caught? by clickclickdrone · · Score: 4, Funny

    >The Daily Mail has been noticeably reluctant to comment on the subject, for example.
    They just haven't found an angle yet to blame it on immigrants. Luckily, Murdoch has just arrived...

    --
    I want a list of atrocities done in your name - Recoil
  6. Press charges against Murdoch and Brooks by G3ckoG33k · · Score: 5, Interesting

    Published: September 1, 2010
    http://www.nytimes.com/2010/09/05/magazine/05hacking-t.html

    IN NOVEMBER 2005, three senior aides to Britain’s royal family noticed odd things happening on their mobile phones. Messages they had never listened to were somehow appearing in their mailboxes as if heard and saved. Equally peculiar were stories that began appearing about Prince William in one of the country’s biggest tabloids, News of the World.

      As Scotland Yard tracked Goodman and Mulcaire, the two men hacked into Prince Harry’s mobile-phone messages. On April 9, 2006, Goodman produced a follow-up article in News of the World about the apparent distress of Prince Harry’s girlfriend over the matter. Headlined “Chelsy Tears Strip Off Harry!” the piece quoted, verbatim, a voice mail Prince Harry had received from his brother teasing him about his predicament.

    The palace was in an uproar, especially when it suspected that the two men were also listening to the voice mail of Prince William, the second in line to the throne

    The ones in charge, Rupert Murdoch and Rebekah Brooks, have known about this for years and approved of it. They are the ones who should be charged, not the pianists, i.e. the reporters. They did what they were told to do.

    Read more at http://www.observer.com/2010/media/new-york-times-goes-after-murdoch-and-news-world-phone-hacking-scandal

    "When The Times reporters asked one veteran News of the World reporter how many people in the offices knew about the hacks, the reporter said “Everyone knew The office cat knew."

    and

    http://www.nytimes.com/2011/07/12/world/europe/12hacking.html?_r=1&ref=world
    http://www.nytimes.com/2011/07/11/world/europe/11britain.html?ref=world

    The evidence is there, and everywhere, Murdoch and Brooks are scum.

    1. Re:Press charges against Murdoch and Brooks by Zelos · · Score: 3, Insightful

      What about the morons who kept buying the paper every Sunday to read those kind of idiotic stories?

      Perhaps it's a case of getting the newspapers we deserve?

  7. Re:When do the investigations here start? by HangingChad · · Score: 4, Insightful

    See, I don't buy that. You may want it to be true because it excuses Fox. False equivalence lets one side keep moving the goal post. The other side does it, therefore it's okay if our guys do it.

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  8. /. would be supporting it by Wyatt+Earp · · Score: 2

    If Wikileaks had done it.

    If Wikileaks was accused of going after Dick Cheney or George W. Bush's email and telephone records there would be overwhelming support for the actions. But News Corp asshats did it so it's a bad thing.

    It's actually a bad thing no matter who did it, wikileaks, the FBI, FBS, News International, etc.

    1. Re:/. would be supporting it by Nick+Ives · · Score: 2

      This is so ridiculous. The NotW does have a proud history of investigative journalism, the most famous example being Jeffrey Archer. The editor at the time ended up resigning over that though as Murdoch didn't want his papers going after Torys. In any case, that was a clear case of public interest.

      The same argument can be made about Wikileaks. Leaking things that could embarrass the government in order to expose hypocrisy or lies is fine. Digging up dirt on someone just because they happen to be on TV and having an affair, hacking into dead girls voicemails or doing the same for stories about how a politicians baby girl is dying are not the same thing.

      --
      Nick
    2. Re:/. would be supporting it by Wyatt+Earp · · Score: 2

      Wikileaks spokespeople are completely unrepentant about people killed from Wikileaks dumps, so if death is the metric, Wikileaks is much worse.

      http://www.guardian.co.uk/media/2010/aug/01/julian-assange-wikileaks-afghanistan

      "The leak exposed massive corruption by Daniel Arap Moi, and the Kenyan people sat up and took notice. In the ensuing elections, in which corruption became a major issue, violence swept the country. "1,300 people were eventually killed, and 350,000 were displaced. That was a result of our leak," says Assange. It's a chilling statistic, but then he states: "On the other hand, the Kenyan people had a right to that information and 40,000 children a year die of malaria in Kenya. And many more die of money being pulled out of Kenya, and as a result of the Kenyan shilling being debased."

      What a wonderful attitude, they are poor and they'd die anyway, so who the fuck cares that more died and were displaced? It's for the greater good!

      Or something.

    3. Re:/. would be supporting it by Nick+Ives · · Score: 3, Insightful

      Wait a second, you're seriously arguing that it would have been better for the Kenyan people to not know about the corruption? That the fixing of an election and the ensuing violence was Wikileaks fault?

      Wikileaks didn't kill those people, cabinet ministers in the Kenyan government planned and promoted the violence in order to crush the opposition! Sure, if the opposition hadn't found out about the corruption there would have been no reason to kill them. If you want to follow that logic though, we should just burn all newspapers and do whatever the people in power tell us to do.

      --
      Nick
  9. Re:You've got the narrative wrong by Wyatt+Earp · · Score: 2

    No, no one misses Dan Rather, he didn't try to show anyone the truth about President Bush, he tried to swing the election with forged documents.

    http://en.wikipedia.org/wiki/Killian_documents#Review_panel_established

  10. Re:When do the investigations here start? by rednip · · Score: 2

    Have you even seen an FNC broadcast? It's talking points and wire reports all day with commentary all night. No 'room' for investigative reports.

    --
    The force that blew the Big Bang continues to accelerate.