Slashdot Mirror

← Back to Stories (view on slashdot.org)

Yahoo Ordered to Show How It Recovered 'Deleted' Emails (pcmag.com)

Posted by EditorDavid on from the gone-today,-here-tomorrow dept.

An anonymous reader quotes a report from PC Magazine: Just what kind of email retentions powers does Yahoo have? According to a policy guide from the company, Yahoo cannot recover emails that have been deleted from a user's account -- simple as that. If the email is in a user's account, it's fair game, and Yahoo can even give law enforcement the IP address of whatever computer is being used to send said email.

Or, at least, that's what Yahoo has said. A magistrate judge from the Northern District of California has ordered Yahoo to produce documents, as well as a witness for deposition, related to the company's ability to recover seemingly deleted emails in a UK drug case... a UK defendant was convicted -- and is currently serving an extra 20-year prison sentence -- as part of a conspiracy to import drugs into the United Kingdom. He's currently appealing the conviction, in part because the means by which Yahoo recovered the emails in question allegedly violate British law.
The drug smugglers apparently communicated by creating a draft of an email, which was then available to others who logged into that same account.

80 comments

  1. Using drafts by GerryGilmore · · Score: 4, Interesting

    " communicated by creating a draft of an email, which was then available to others who logged into that same account." Crikey! That trick is as old as they come!

    1. Re:Using drafts by Anonymous Coward · · Score: 2, Insightful

      And it never works. Just ask General Petraeus.

    2. Re:Using drafts by youngatheart · · Score: 2

      Which just goes to show kiddos, encrypt with something like Gpg4win even if you're keeping the message somewhere you think is "secret."

      c:\messages\>gpg --encrypt --recipient "Other Person" TextDocumentExample.txt

      c:\messages\>gpg --decrypt TextDocumentExample.txt.gpg > Decrypted.TextDocumentExample.txt

    3. Re: Using drafts by BarbaraHudson · · Score: 1
      Crooks are stupid. How much do you want to bet that he forgot to delete the drafts?

      it's pretty easy to "recover" something that was not deleted in the first place.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    4. Re:Using drafts by Anonymous Coward · · Score: 0

      Better for one party to write encrypted stuff to some popular forum and the other party to write encrypted stuff on a _different_ popular forum.

      For bonus points use steganography to put the encrypted messages in jpgs of attractive ladies (stick to legal pics).

      You'd look like one of those zillions posting and viewing such pics.

    5. Re: Using drafts by azrael29a · · Score: 1

      Crooks are stupid. How much do you want to bet that he forgot to delete the drafts?

      it's pretty easy to "recover" something that was not deleted in the first place.

      I guess that the emails the crook thought of as "deleted" were in fact just moved to the Recycle Bin/Trash folder.

    6. Re:Using drafts by Killall+-9+Bash · · Score: 1

      The clock strikes at midnight.

      I have no fear.

      --
      "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
    7. Re: Using drafts by BarbaraHudson · · Score: 1

      "Drafts" doesn't mean what you think it means. Drafts are not deleted unless you remember to - and they wouldn't delete the drafts, because others had to log in with the same credentials to read the drafts - they never sent them, hence no email trail.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
  2. Same trick David Petraeus used by Anonymous Coward · · Score: 3, Informative

    That's the same method David Petraeus used.

  3. You've got to appreciate the irony... by loftarasa · · Score: 3, Interesting

    in the fact that an international drug smuggler wants to appeal his conviction by arguing that Yahoo! "broke the law". I understand the legal reasoning behind it, but if it were Hollywood, not real life, his request would most likely be met with a punch to the face marking the end of the scene.

    1. Re:You've got to appreciate the irony... by ShanghaiBill · · Score: 2

      in the fact that an international drug smuggler wants to appeal his conviction by arguing that Yahoo! "broke the law".

      I don't know much about British law, but in the US that would not help him. Evidence in criminal trials is only thrown out if the police or prosecutors break the law, not a third party.

    2. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      It's not that Yahoo may have broken the law, it's that the NSA may have hoovered up the data. Intercept data is inadmissible in the UK whether lawful or not.

    3. Re:You've got to appreciate the irony... by Qzukk · · Score: 1

      Yahoo says this is impossible, then Yahoo does what they claimed was impossible. Thus, there are two options:

      1. Yahoo lied the first time
      2. Yahoo lied the second time

      I'd appeal too. Especially if I was innocent and Yahoo faked emails to appease some government entity who was sure I must have something incriminating.

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    4. Re:You've got to appreciate the irony... by Pseudonym · · Score: 3, Insightful

      A far more likely reason is that sometimes it's possible to recover a deleted email and sometimes it is not. By analogy, think of the circumstances under which it is possible to recover a deleted file on disk.

      Yahoo's policy says it can't recover deleted emails because if it said anything else, someone with an expensive lawyer would interpret that as a guarantee.

      --
      sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
    5. Re:You've got to appreciate the irony... by AK+Marc · · Score: 4, Insightful

      If the 3rd party breaks the law at the request of the government, it's treated as if the government broke the law themselves. Note, if Yahoo independently broke the law allowing them access to the emails, then provided those emails when requested, they didn't break the law at the request of the government, unless it can be shown that the initial law breaking was in response to a previous request by the government.

      --
      Learn to love Alaska
    6. Re:You've got to appreciate the irony... by Obfuscant · · Score: 1

      Yahoo says this is impossible, then Yahoo does what they claimed was impossible.

      It wasn't an email, it was a draft of what could have become an email. As such, it was just a file.

      One word: backup. I have tapes on the shelf of files from a decade or more ago. Long deleted from the computer. Still recoverable.

      Especially if I was innocent and Yahoo faked emails

      It wasn't an email. And there appears (at least in TFS) to be any claim it was faked. In fact, "the means by which Yahoo recovered the emails in question" wouldn't be "recovered email" if they simply faked a file.

      Once you hand your files, any files, over to a second party, you have to know that you have lost control of them. And if you expect them to be able to recover your files from a hardware or software failure, then you KNOW they have copies of them in safe places that you don't have direct access to.

    7. Re:You've got to appreciate the irony... by Megol · · Score: 2

      In other parts of the world evidence is always accepted even if someone broke laws to get it. IMHO that's the only logical way - if police illegally break into a house and find evidence a crime have been committed there the evidence is still real. Of course the police in question should get some time in prison too.

    8. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 3, Informative

      How about if the law they break is planting evidence?

    9. Re:You've got to appreciate the irony... by bjwest · · Score: 1

      In other parts of the world evidence is always accepted even if someone broke laws to get it. IMHO that's the only logical way - if police illegally break into a house and find evidence a crime have been committed there the evidence is still real. Of course the police in question should get some time in prison too.

      Yeah, good luck with that. The officers who violated your rights to get evidence will get, at most, a paid vacation while the "investigation" is on going. Hell, they may even be punished with an award of some type. Our forefathers lived in a world where this type of action was the norm, and saw fit to (try to) protect us from it.

      --

      --- Keep the choice with the user..
    10. Re:You've got to appreciate the irony... by ShaunC · · Score: 1

      It wasn't an email, it was a draft of what could have become an email.

      I'd say a draft is an email that just hasn't been sent yet. If I handwrite a letter to someone on paper, but I haven't placed it in the mailbox, would you argue that what I wrote isn't actually a letter because it's still sitting on my desk?

      As such, it was just a file.

      Every sent and received email is also "just a file," at least that's how they're stored on my systems.

      --
      Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
    11. Re:You've got to appreciate the irony... by Obfuscant · · Score: 4, Insightful

      I'd say a draft is an email that just hasn't been sent yet.

      Drafts do not need to meet any of the standards for Internet messaging, and therefore are not "email". They might contain enough header information to meet the standard, but they don't have to, and many of the drafts I've written certainly do not.

      would you argue that what I wrote isn't actually a letter because it's still sitting on my desk?

      Would you argue that the federal laws regarding US Mail attach to a piece of paper that you are thinking about maybe someday sending through the US Mail system? I.e., yes, I would say that your piece of paper is not yet mail because it has no stamp, has no address, and hasn't been deposited into a mailbox for sending.

      Every sent and received email is also "just a file,"

      No, it may be saved in a file, but it is also email. "Just" is an important word here. It conveys the concept of "only". How they are stored is irrelevant when determining "email" status. Your system may save all email as files, but that does not make all files email.

    12. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      Amercian Exceptionalism at it's best folks. There are additional checks and balances needed but illegally obtained evidence can be used routinely without leading to high dungeon.

      The problem isn't where the evidence came from. The problem is unaccountable police. Your omnipresent patriarchs didn't see fit to protect you from that, did they? They were too interested in unaccountably wielding power themselves.

    13. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      I can see why people might think that is the right way but it takes a real failure of perspective to think it's the only logical way. The issue with allowing evidence gathered via illegal means is that it encourages people to break the law to get evidence rather than using a legal mechanism; we've seen that in practice law breaking by government agencies rarely, if ever, leads to punishment. Do you think anyone involved in this case here is going to be punished if it did turn out the emails were recovered illegally, or that the recovery was legal but they emails were kept illegally in the first place?

    14. Re:You've got to appreciate the irony... by The+Grassy+Knoll · · Score: 3, Insightful

      if police illegally break into a house and find evidence a crime have been committed there the evidence is still real

      I wish there was a "-1 Too Young To Have Thought Things Through" mod...

      --
      They will never know the simple pleasure of a monkey knife fight
    15. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      Ideally you'd solve this issue by ensuring that government agencies breaking the law would lead to punishment.
      It would solve a lot of other issues.
      Throwing out the evidence is a "two wrongs make a right" approach, it might work as a band-aid, but doesn't really solve the problems.

    16. Re:You've got to appreciate the irony... by dave420 · · Score: 1

      And if you were operating in the EU and those tapes contain personal information (including drafts made and never 'sent'), you'd be in violation of EU law and liable for some rather strict punishment.

    17. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      The thing is that even if that was possible, and we had actually reached that point, then how often would we have the police in a position where they broke the law and happened to gather evidence on a crime at the same time? If there were real notable punishments for agencies and their employees for breaking the law when collecting evidence then you can bet your ass they'd be massively more careful about not breaking the law to collect evidence at which point you don't need to allow evidence obtained illegally because it wouldn't be happening.

      In short: Refusing to accept evidence collected illegally is only a barrier to effective law enforcement when breaking rules to collect evidence is remotely common. Stop law enforcement from breaking the law and there'd be no need to accept evidence obtained illegally anyway.

    18. Re:You've got to appreciate the irony... by Impy+the+Impiuos+Imp · · Score: 1

      If they deleted it from their drafts folder, I would expect it to be clobbered from the backup system after the expired time simply because it is only in backed up files of the entire email database.

      So...it is in a separate database just for drafts (or all non-sent, non-received data)? Or is the general email database backup sitting around existing when it shouldn't?

      This is the investigation that needs to happen.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    19. Re:You've got to appreciate the irony... by Impy+the+Impiuos+Imp · · Score: 1

      Except this isn't just about a company being sloppy (or outright lying) about a customer-friendly policy. There are laws about having to delete said things after a certain amount of time.

      So, for the lawyers:

      1. Does something in the drafts folder count as email?
      2. Regardless of 1, does this draft still existing imply the whole email system database backup still exists, or does Yahoo do extra work to just clobber old in and outboxes?

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    20. Re:You've got to appreciate the irony... by bagofbeans · · Score: 1

      Every house surely contains evidence of some crime or other, usually very minor.

    21. Re: You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      What is this 'handwrite' thing you refer to?

    22. Re:You've got to appreciate the irony... by pr0fessor · · Score: 1

      if police illegally break into a house and find evidence a crime have been committed there the evidence is still real.

      At the point that the officer has broken the law any evidence they find is suspect and not credible just like evidence that does not have an unbroken chain of custody it can no longer be validated as fact.

    23. Re:You've got to appreciate the irony... by Obfuscant · · Score: 1

      If they deleted it from their drafts folder, I would expect it to be clobbered from the backup system after the expired time

      What is the "expired time"? Is there an RFC that defines this term?

      simply because it is only in backed up files of the entire email database.

      Drafts are not email, and are not necessarily in the "email database". I've written plenty of drafts that really are "just files", imported to the email client later.

      So...it is in a separate database just for drafts (or all non-sent, non-received data)?

      You mean, like, "files"? I think people want their files backed up. Yes, I'm pretty sure that most people would be unhappy were the server to crash and their files are all lost.

    24. Re:You've got to appreciate the irony... by Cederic · · Score: 1

      Then the police didn't break the law to retrieve evidence, they manufactured it. There was and is no evidence.

    25. Re:You've got to appreciate the irony... by RockDoctor · · Score: 2

      In other parts of the world evidence is always

      Let me guess - you're an American?

      It's the way that you think there is a single place called "the rest of the world", and that it is a homogeneous, uniform place defined by it's not being America. Hint: there is human variation outside your experience of your home country. (Actually, there is probably more variation in your home country than you are aware. How many of your country's native languages can you at least read?)

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
    26. Re:You've got to appreciate the irony... by Anonymous Coward · · Score: 0

      Yea, I would like to believe too that people are generally honest, but let me tell you about a peculiar observation I have when I check out my mail from Yahoo using IMAP.

      It reports that I have more than 20 thousand e-mails.. not that I can access them, but that's the number the IMAP protocol reports. Try it yourself.

      That is my reason to believe that no e-mail is ever deleted on a Yahoo Mail account. It might even be possible to recover your own deleted e-mail with some IMAP trickery.

  4. Backups? by guruevi · · Score: 2

    In the best case, Yahoo recovered them from tape, in the worst case they actually keep stuff around for various nefarious purposes. My bet is that they're doing both for their customers and simply lying about it to their products.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
    1. Re:Backups? by GerryGilmore · · Score: 2

      Possibly. Drafts - by their nature - must be saved, even though sent emails are not.

    2. Re:Backups? by Anonymous Coward · · Score: 0

      Exactly. Drafts that are never sent don't really have an "expiry date" set some time in the future. They persist. That's probably why they could recover them versus the usual situation for e-mail that is sent.

    3. Re:Backups? by Anonymous Coward · · Score: 0

      This seems like by far the most likely reason. If you delete items retroactively from your backups as a matter of course, those back ups are probably not very good backups.

    4. Re:Backups? by Anonymous Coward · · Score: 0

      Every business on the books claims that it protects customer privacy. And every one of them is blatantly lying about it.

      To believe a reassuring statement about how someone else is protecting your privacy for you is to be naive (if not outright negligent).

    5. Re:Backups? by Anonymous Coward · · Score: 0

      You don't even need that. "Delete" means set a hide-this flag in the appropriate record(s). Nothing you delete on these services, whether it be mail, Facebook, Twatter, Linkedin, et al, is ever removed from the database. They're are merely excluded from retrieval APIs and queries. If you want proof of this, create something on one of your social media accounts, delete it, then using the data protection laws (assuming you're in the EU) request all pertinant details of your accounts. You will receive an ugly unformatted dump which will contain everything. You'll have to dig around, but your delete test will be present.

      In addition to your rights via data protection laws, the law enforcement agencies also have access to the same raw (but probably presented better) data.

    6. Re:Backups? by Agripa · · Score: 1

      In the worst case? How about Yahoo hands over all of their traffic to law enforcement for consideration. This would also provide email access to law enforcement from ISPs which outsource to Yahoo like AT&T.

  5. Seen it a hundred times at least. by Narcocide · · Score: 4, Informative

    Some exec says they can't recover anything deleted from the servers until one of the sysadmins points out that the server backup archives don't process these deletion requests retroactively.

    1. Re:Seen it a hundred times at least. by Todd+Knarr · · Score: 4, Insightful

      Or it may be related to the reliability of recovering from backups. Backups are intended to recover from catastrophic failures, not mere accidental deletion of messages, so recovery of any particular message can be problematic. Even if the message was stored long enough to be caught in a backup, incremental backups mean it may take searching a month's worth of backups to find the exact one that backed up that message. Fail to scan a large enough range and you won't find the message even if it's backed up. If the message was received and then deleted before the next backup run then it may not be on any backup, and there's no way to distinguish not finding it because it wasn't backed up from not finding it because you didn't search the right set of backups. Explaining all that to ordinary users is all but impossible, so from a service-level standpoint it makes more sense to not bring backups up at all and simply say "If you deleted it, we can't recover it.". That, users can comprehend even if they don't agree with it.

      A request from a court for discovery is a completely different matter not limited by the service level provided to users, so it makes sense that Yahoo may be able to produce a message in response to a discovery request that it won't recover in response to a user request simply because they don't want to argue with every user whose message never made it into a backup or who wants them to go back through 5 years worth of backups to find it.

    2. Re:Seen it a hundred times at least. by l0n3s0m3phr34k · · Score: 2

      "Backups are intended to recover from catastrophic failures, not mere accidental deletion of messages" HAHAHAHAHA. That might be the original intention, but end users send in tickets every day in all major corps requesting recovery. "I deleted a sheet in our marketing spreadsheet" "I 'optimized' our HR access file, and now half the data is missing" "Word recovered a file and I saved it immediately but it was from last week so..."...I could go on forever, on average it's a request per week per 25 end users.

    3. Re:Seen it a hundred times at least. by jabuzz · · Score: 1

      There are ways around that so you don't have to actually deal with lusers when they delete stuff. The down side is that your tape drives might be busier than they would otherwise have been.

      The latest version of TSM or Spectrum Protect as IBM now like to call it has a web GUI designed for end users to recover files for example.

    4. Re:Seen it a hundred times at least. by Anonymous Coward · · Score: 0

      That is an excellent explanation. But if it is true, it might still call into question whether Yahoo broke the established contract with the end user, because in that case the legal department should have been more careful in the wording of agreement so it correctly reflected that "there is no assurance that any e-mail can be recovered, and we won't even try at the request of any end user" rather than what it did say, which could be reasonably interpreted as an assurance that absolutely no e-mail deleted can be recovered (in order to, presumably, protect end user privacy).

    5. Re:Seen it a hundred times at least. by Anonymous Coward · · Score: 0

      "Backups are intended to recover from catastrophic failures, not mere accidental deletion of messages" HAHAHAHAHA. That might be the original intention, but end users send in tickets every day in all major corps requesting recovery. "I deleted a sheet in our marketing spreadsheet" "I 'optimized' our HR access file, and now half the data is missing" "Word recovered a file and I saved it immediately but it was from last week so..."...I could go on forever, on average it's a request per week per 25 end users.

      Corporate file servers absolutely SHOULD be backed up in a manner that makes retrieving individual files fast and easy, exactly to handle those types of requests.

      Backups are a policy and a service, not a checkbox.

    6. Re:Seen it a hundred times at least. by AmiMoJo · · Score: 1

      This claim is from their guide for law enforcement, page 8, 5th paragraph. They claim that once deleted they cannot produce messages for law enforcement, even if presented with a valid warrant.

      It seems that is inaccurate. So either they were lying to law enforcement, or they fabricated the messages, or they tried extra hard and found a way to do it which will now be subjected to rigorous scrutiny by the defence.

      It's not a get-out-of-jail-free card but someone from Yahoo will have to explain what happened here and why these recovered messages should be taken at face value.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    7. Re:Seen it a hundred times at least. by AmiMoJo · · Score: 1

      Actually there is another possibility. Yahoo was requested by the government to keep those messages. The process for doing that should be scrutinised.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    8. Re:Seen it a hundred times at least. by dave420 · · Score: 1

      And yet another possibility: The person used a draft message and not a sent message, rendering that document's content irrelevant.

    9. Re:Seen it a hundred times at least. by l0n3s0m3phr34k · · Score: 1

      I'll look into our product to see if it has anything like that...

  6. data mining miners mine my mined data by Anonymous Coward · · Score: 1

    If you give your email to a data broker company such as Yahoo, Google, Microsoft, LinkedIn, or whoever... then they have it. What happens to it is now out of your hands. They don't have to delete it, and in fact probably they will not because it holds commercial value for them. They will just flag it so it doesn't show up for you.

    if you don't want these companies to have your data, do not give it to them. Really, this is not a complicated concept. End to end encrypt with PGP or whatever and send your data from your own computer to the recipient's own computer. No one in the middle will be able to read it that way. If you give it to people in the middle unencrypted, then they can read it.

    Really people. The internet is 47 years old. Email is 45 years old. That's longer than the lifetime of most people now using it. There is simply no more excuse for not having even the most basic comprehension of how it works. You don't have to be a programmer. You don't have to design bloody CPUs. It isn't rocket science to have a tiny little glimmer of knowledge about what happens to your data, and how you can keep it private if that's what you want.

    1. Re:data mining miners mine my mined data by Obfuscant · · Score: 2

      If you give your email to a data broker company such as Yahoo, Google, Microsoft, LinkedIn, or whoever... then they have it.

      Or even your local Mom and Pop ISP. My ISP decided to outsource email to Google. The day they did that, email I had deleted THREE YEARS PRIOR showed up again.

      There is simply no more excuse for not having even the most basic comprehension of how it works.

      Of course there is. Because of Eternal September there is a huge number of people who are using at tool without the need or desire to know how it works under the hood. And that analogy is deliberate, both because of the slashdot car meme and the fact that the vast majority of people who use automobiles have no clue how they work under the hood.

    2. Re:data mining miners mine my mined data by dave420 · · Score: 1

      You should get some decent data protection laws and then you'd have a chance.

  7. Yahoo, ahem Verizon by Anonymous Coward · · Score: 0

    Can you hear me now?

  8. It was a draft, so it was never deleted by ArtemaOne · · Score: 2

    It seems really clear that they can get out of this one easy. It was not deleted, it was never sent, thus it was just a discarded draft, and not in violation of any rule they set about deleted emails. An email has been sent, whereas a draft is not an email.

  9. Uh, Your honor, by carld · · Score: 2

    It's technically not an email until you hit the send button.

    1. Re:Uh, Your honor, by Wrath0fb0b · · Score: 1

      And therefore, your honor, my client should be let off the hook because he used the old "save draft" trickaroo.

    2. Re:Uh, Your honor, by Anonymous Coward · · Score: 0

      ...this is Chewbacca. Chewbacca is a Wookiee from the planet Kashyyyk. But Chewbacca lives on the planet Endor.

  10. Perhaps this is a re-constructed evidence trail by Anonymous Coward · · Score: 0

    I do not know the technical term, but perhaps this is a case where evidence illegally obtained was used to find some criminal, and later a new plausible evidence trail was magically created.

    1. Re:Perhaps this is a re-constructed evidence trail by Anonymous Coward · · Score: 0

      I found the term. Parallel construction. https://en.wikipedia.org/wiki/Parallel_construction

  11. It's why you over forecast rain by jader3rd · · Score: 1

    If you forecast that it's going to be sunny, and it rains, everyone is mad at you. If you forecast it'll rain, but it turns out sunny, people might be bothered, but aren't angry. So you over forecast rain predictions.

    And then if you're running a free email service, and can recover some deleted items, but don't want to make promises about whatever internal garbage collection process you're using (and want the freedom to change it whenever you want), you say that you can never recover deleted items. That way if you legitimately can't recover it you can say that you never promised that you could. But then when one is recoverable, you can claim it good luck.

    For all we know, a regression was introduced at just the right time, and items weren't getting garbage collected like they were supposed to, and Yahoo! was able to take advantage of that accident in this case.

  12. Re:I doubt it will work for shillary by tsqr · · Score: 0

    Portmanteau doesn't mean what you appear to think it means. Well, maybe for 'left-tards'.

  13. Re:I doubt it will work for shillary by Anonymous Coward · · Score: 0

    I am always amazed at how low we have come down in terms of demonizing opponents. At least with racist remarks about Obama were accurate, in that he is in fact African American. But Hillary a shill? compared to a businessman known for lying to get a deal? are you really that much of a retard?

  14. Backups are really painful in fishing expeditions by 140Mandak262Jamuna · · Score: 1
    The IT Gods of our company have implemented some really serious backup and security measures. Something called Bit9 randomly kills my compilation process, the Mozy backup locks the file right in the middle of a git pull --rebase origin master resolving merge conflicts. The damned backup system takes two cores out of my 32 core machine 24/7 constantly. It backsup debug logs and regression suite temp files every 30 minutes. My unit testing script churns through 10 GB of scratch files every night. All I care about it is the the line "Unit test run: 12474, passed 12474, 100%". But all night long Mozy has been backing up the scratch files dutifully. Where it is storing it, how much it is charging our company .... god only knows.

    It is so bad that no developer in our company has used Mozy to recovery anything successfully. You launch the recovery dialog, wait for it to populate the file tree and recovery sets. It spins and spins and spins. We give up. It seems to be some tool meant for office application, some spreadsheets and documents all manually created. How many documents can you physically type up every day? It works at that load. Deployed on a development work station, that downloads some 45 GB of source code in some 20 repos, with daily pulls and rebases, developers maintaining multiple views, running regression suites and unit tests, we easily generate 10 GB of data per day per developer spanning easily 20000 machine generated files. All I touched were three source files, and approved one pull request, boom 10GB!

    Yahoo emails are all manually typed. It does not have to contend with this level of machine generated derived objects and data files. But it is not dealing with a 200 developers, it is dealing with several million users. They could be churning through this much of data in their image files and video/audio clips. It will take significant effort and cost to recover anything from backups.

    There is however, one developer who actually found something very interesting. We don't have wait for the recovery sets dialog to populate. If you know precisely the entire absolute path name to a file that was deleted you could type it as the wheel it spinning and it can be found relatively easily, he said. So yeah, if you know precisely the name of the blob that want to recovery, may be you can. But to go on a fishing expedition finding all files that existed on a particular day it well nigh impossible.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  15. It depends on the number of backups by aepervius · · Score: 1

    It really depends on how often the backups are done, and how long they are kept. I remember for an old mainframe system they were done hourly, but with only 7 days kept. Other will have a lower frequency. But usually they are not kept forever, are usually overwritten as a sort of rolling backup. Now I could be wrong and yahoo could be saving a few terrabyte forever on regular basis but it sounds dubious as there is no commercial interest for this, this is why most ISP and firms fought plans to be forced to keep backups of some data , including logs, for a long time. It cost a lot of money. So yes delete are not committed retroactively, but after a while they become a de facto reality.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  16. Yahoo is not alone, Google does it too by Anonymous Coward · · Score: 0

    This happened to me a few years ago.

    Internally Google uses a version of Gmail. When someone subpoenas emails Google performs keyword search on employees' accounts. The found emails are labeled "litigation hold". G does not tell employees when it happens. One day an employee just sees a new label and a bunch of emails archived under that label. When it happened to me I saw not just the emails that I mailed but also ****every draft of every email***. Every autosaved draft was filed in that folder. Not just the final mailed version or the final draft. EVERY EFFING DRAFT of every email. When I asked I was told it was a bug.

  17. Drafts, may contain multiple versions by Anonymous Coward · · Score: 0

    Anyone who has seen a DB dump from wordpress can immediately identify how this was done. Yahoo keeps "drafts" until the email is sent. Every time that draft is opened, a new version is made in case the user decides to "cancel"

    As a few commentators will likely mention, "cloud services" are not secure, nor will they ever be secure. If you want to make sure that you are communicating securely, you use the SSL POP3/SMTP service directly from your computer, and delete the message afterwards.

  18. Re: I doubt it will work for shillary by Anonymous Coward · · Score: 0

    That's completely different, a shill is someone who secretly works for a company (eg. Monsanto). Trump might be an asshole, but he's not a shill

  19. Re:Backups are really painful in fishing expeditio by Dr_Barnowl · · Score: 1

    Ugh, Bit9 is pure evil, from a programmer POV.

    It hashes every file you read and write and denies you access to them.

    We had that configured on a whitelist basis. The programmers had the option of overriding it, but as you can imagine, clicking through a dialog every time you make a 1-char change to every script file can be quite frustrating.

    It also took a file-heavy process that used to run in 90 seconds and made it consume 14 minutes.

  20. Drafts are not Emails by Anonymous Coward · · Score: 1

    Yahoo said they cannot recover deleted emails. They say nothing about recovering deleted drafts.

    An email is the act of sending information from one account to another. It is nothing more than a set of transactions between servers along with a payload.

    A draft, however, is a document or file stored on a server that is waiting to be sent as a payload. It is not in itself an email. So, when Yahoo says they cannot recover deleted emails, it says nothing to their ability to recover other deleted information that is NOT email, such as a draft.

    When you're conducting a criminal enterprise, it is important to know that words mean things, and that you should not assume something is what it isn't, or isn't what it is, just because you would like it to be that way. When involved in such activity, you should think more like a lawyer, because they're the ones that are going to garnish you with minced words, chew you up, and spit you out, when you make silly assumptions.

    Remember, the law is designed for one purpose and one purpose only: to assist the state in removing you from your freedom at its whimsy. It is virtually impossible to live a day in a 1st World nation without breaking several laws that could results in you losing your freedom.

    One great book that discusses this is Harvey Silverglate's "Three Felonies a Day." It comes highly recommended for anyone concerned about the rise of seemingly infinite and unchecked State power and how it is used against ordinary citizens as a means of control.

  21. Steganography by Anonymous Coward · · Score: 0

    Stego man, stego.

  22. then it is no longer an email after it is opened by Anonymous Coward · · Score: 0

    But does opened always mean read?
    How does one prove a person actually READ an email even if it was opened?
    I've not read many emails even though they were opened!