Slashdot Mirror
Apple, Google, Microsoft: We Have No Government Email Scanning Program Like Yahoo's (vocativ.com)
Apple, Google and Microsoft -- three of the largest technology companies in the U.S. -- have each said they don't scan all incoming messages for the U.S. government, which is exactly what Yahoo does. According to Reuters, Yahoo secretly built a custom software program last year to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials. The company complied with a classified U.S. government directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI. Vocativ reports: In a statement, a Microsoft spokesperson told Vocativ that "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo." While Apple declined to give a statement on the record, a representative for the company did, in response to Vocativ's question, refer to CEO Tim Cook's official letter on consumer privacy, which reads in part: "I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will." The fact that both the companies declined further statement means it's not yet known if the NSA or FBI approached them to request they build a program like Yahoo's. Meanwhile, a spokesperson from Alphabet's Google issued a statement to CNBC: "We've never received such a request, but if we did, our response would be simple: 'no way.'" [The spokesperson later clarified that the company has not received a "directive" or "order" to that effect, either, according to The Intercept.] But the question is whether or not you believe them. With Yahoo's case, only a handful of employees knew about the program. The same could be true with Apple, Google, Microsoft or any other large tech company. Edward Snowden tweeted not too long after Reuters' report surfaced: "Heads up: Any major email service not clearly, categorically denying this tomorrow -- without careful phrasing -- is as guilty as Yahoo."
Everyone knows they read all your emails.
That's why I've gone off shore.
- jamesd@qq.com
This is exactly what they would have to say, legally speaking
Yahoo is done.
- Anonymous "Coward"
The NSA does it for them.
> Microsoft spokesperson told Vocativ that "We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo."
Bullshit.
Proof: Microsoft (R) Online Services Global Criminal Compliance Handbook
They just copy EVERY email and send it to them!
we can't trust any company, not large and not even small.
to 'play ball' in today's USA, you have to follow orders. and one of those orders is 'do not admit to following orders'.
so, all this is just talk. 100% unverifyable talk. maybe its true, but likely - based on what we now know (that we once just assumed but didn't know for sure) - the spooks own the internet and they are not showing any signs of giving it back.
look at the wordplay and parse it out. WE don't scan emails. ok, maybe the 'we' is not active, but does ANYONE scan them on your network? how about transit networks?
so many holes to exploit. and again, to stay in business, you can't say no to Pappa. not in the US, at least.
I don't believe apple, either, when they appeal to 'privacy' and that they don't disclose backdoors to gov orgs. totally unprovable, just 'take tims word for it'. yeah sure. right.
the only thing you can assume is that every network is bugged and every cpu has backdoors (think: intel ME).
--
"It is now safe to switch off your computer."
I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.
Yeah, that's reassuring. Except, what's being described here falls under neither of those categories. It's not a backdoor, and it doesn't require providing access to Apple's servers. So, Apple is blithely sidestepping the issue with careful phrasing, denying only activities about which they were not asked, while artfully ignoring those about which they were.
its worse than that. all major pipes to and from ANYWHERE are going thru US owned routers, core and otherwise.
no one is 'safe' anymore. once the spooks decided to own the network, with their money their power and their 'thou shalt not disclose under pain of prison' bullshit, there's no way to know; but its highly probable that every single transcontinental link is 'managed' and tappable.
this is why its a world problem. its not at all limited to the US.
--
"It is now safe to switch off your computer."
I believe them, mostly because they realize the value of the data, and they don't want competition on the spying.
"According to two of the former employees, Yahoo Chief Executive Marissa Mayer's decision to obey the directive roiled some senior executives and led to the June 2015 departure of Chief Information Security Officer Alex Stamos, who now holds the top security job at Facebook Inc."
"Yahoo is a law abiding company, and complies with the laws of the United States," the company said in a brief statement in response to Reuters questions about the demand. Yahoo declined any further comment.
A Marissa Mayer decision again.
Let's be clear about this.
They most certainly DO have a scanning program, it's just not "like Yahoo's".
It looks like it's twitching almost like a wink, when you say that.
its worse than that. all major pipes to and from ANYWHERE are going thru US owned routers, core and otherwise.
That is why any data in transit should be encrypted. "They" can still do traffic analysis, and see who is talking to whom, but that can be ameliorated by using proxies and sending dummy traffic.
Did everyone forget about PRISM? I feel like everyone forgot about PRISM.
The PRISM leak states that every one of this big companies, MS, Google, Facebook, have dedicated software hooks for searching any record, anytime.
Or is Edward Snowden is limited hangout, and everything he said coming straight from the CIA?
Apple never said that they haven't scanned E-Mails for any government. They carefully worded it to avoid answering, just as Google and Microsoft. As them to answer yes or no to the question.
They can't.
Publicly traded companies like these are required by law to do what is best for it's shareholders. Since they are not bound by law to tell the truth, they could simply be lying because not lying could hurt them financially.
Anons need not reply. Questions end with a question mark.
Doesn't M$ pwn r00t on all of their Windows installations world-wide?
Can't they add and remove software at any time?
Forget e-mail for a moment, we're talking your local computer(s).
Systems which supposedly host private data.
In 5 years time it won't be "Yahoo", it will be "Yeah...who?"
Yahoo has become poisonous, I would not any service they provide.
Apple, Google, Microsoft: We Have No Government Email Scanning Program Like Yahoo's
LOL LOL LOL and behold!
Hm... I had some letters there.
Believe none of it, and all of it.
Bin Laden is dancing in his watery grave.
The only asset Yahoo had left was it many email subscribers. Now they've proven they can't even be trusted to provide free email... so what business model is left for them? They should have sold the company a lot quicker, before the value of the company plumetted. Nothing to do but pick pieces of carrion of the dead body of Yahoo now.
Nope, never been approached. Yahoo was the ONLY one. Yup.
...we're much better than them. We've developed our own proprietary systems to streamline and automate the surveillance process and increase our productivity in keeping the American public, and their children, safe... blah... blah... blah...
Isn't it also Google (Alphabet?) that are vigorously promoting and selling their surveillance systems as a service to repressive regimes around the world?
My life won't be any different tomorrow knowing that some computer program scanned my e-mails. Just like it hasn't made a difference since the 90's when the same types of people were complaining.
The intercept gives a nice link to delete your Yahoo account https://theintercept.com/2016/10/04/delete-your-yahoo-account/ .. perhaps some 'gray-hat' hacker could write a bot using those 500M+ compromised Yahoo accounts to do everyone a favor and delete them all.
After this news, Yahoo will have much less accounts that can be hacked.
More seriously, how come (especially in Japan) so may people keep using Yahoo is a big mistery.
Slashdot, fix the reply notifications... You won't get away with it...
My Fam has emails with Hotmail/OutLook, Gmail, & Yahoo.
Every email is either scanned or scanned. (For a $Price).
I've also has someone go into my email(s). I don't know if they work for the Government or Contracted with the Government.
Some of my emails get bounced back. I don't know if my ISP also has a scanning service for the Government.
Some times the email I receive seems like it's from a different person due to the sentence & vocab structure.
its worse than that. all major pipes to and from ANYWHERE are going thru US owned routers, core and otherwise.
That is why any data in transit should be encrypted. "They" can still do traffic analysis, and see who is talking to whom, but that can be ameliorated by using proxies and sending dummy traffic.
Routers could add encryption layers muddling things further. Their cost would go up a lot, and the endpoint PCs would be very busy dealing with all the extra overhead and layers..... At any rate, short of that, traffic analysis is as you say pretty easy..
....HAHA HA HAHAHAAAHHHH.....oh my...oh...oh wow...HAHAHAAAHAAAAAA....
... like Yahoo's...
Ours are much more advance and stealthy
No need to do that. They scan them in flight (where encrypted tunnels or TLS is not in use).
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Google and Apple do not use YahooEmailScanner.exe.
And we never will.
The word "will" is not a binding word, legally. It is a "weasel word" that sits slightly above "might" or "may". The above translates legally as "We do not want to" or "We do not intend to".
The other interesting thing is that the statement stands on its own (there is no verb, let alone object, immediately after the modal verb), remaining unconnected to any of the previous statements - or any statement whatsoever. IOW, it would be ignored completely in any contractual arrangement or court of law, as it is an unfinished sentence. It's a way of indemnifying themselves against any future class action; leaving the possibility wide open whilst the listener thinks it is a concrete statement about the future. ("Will" doesn't mean future, BTW, it means "intention".)
The key word to look for in these kinds of statements is: "shall", which is a binding word for known or unknown future events.
Or, at a long stretch: "going to" which is semi-binding for planned future - it sits above "will" but lower than "shall". "Not going to" means "refuse to".
Source: me. I translate international contracts between English and Spanish. It has caught me (and my clients) out before.
It is more advanced.
Apple, Google and Microsoft -- three of the largest technology companies in the U.S
While all three do something with technology on the side, they are primarily software and services companies.
No one can be held accountable for for naughty things that might have been said in their Yahoo email because their password was compromised.
Yeah right.
In respect of the NSA Prism program, you can figure out in general how it works by looking at the NSA slides slides designated "Top Secret" released by The Guardian newspaper and Le Monde, from the material Edward Snowden provided to them. Note: It is these newspapers, together with the Washington Post,that have made these documents public. Edward Snowden, so far as I know, has not made any documents public.
imho
1. Every "Prism provider" - NSA designation (P1-Microsoft, P2-Yahoo, P3-Google, P4-Facebook, P5-PalTalk, P6-YouTube [now Google], P7-Skype [now MS], P8-AOL, PA-Apple - maybe others we don't know about), has, directly connected to their company servers and databases, in one or more private locations on their company premises, a "Data Intercept Technology Unit - DITU", property of the US government, controlled and operated by FBI personnel.
2. Each FBI DITU has a direct connection with the NSA, and CIA, and FBI.
3. There are two types of situations at the DITU.
a) "surveillance" the individual Prism provider client is "under surveillance". This means that every action in which they participate, login, e-mail, voice, videoconference, file transfer, image transfer, etc. is automatically provided to the DITU and transferred to NSA (and, optionally, "dual routing", to the CIA and/or FBI) in real time.
I think it takes a FISA court order to put someone "under surveillance", but I don't know that. Seems to me the statistics about government requests that some of the Prism providers supply are about "surveillance"
.
b) "Stored Comms" the NSA analyst sends a request to "poke around" in the information (about anyone "Target") that the Prism provider has in their stored database with an association to the targeted client. (e-mails, web pages, uploads, voice, videos, "friends", etc.). In routing the NSA request to the DITU for "Stored Comms", the NSA request is first filtered through an FBI "Electronic Communications Surveillance Unit - ECSU", which filters out the requests pertaining to individuals (presumably only those not "under surveilllance") known by the FBI to be "US Persons", before the request is sent to the DITU. This is done, presumably, to adhere to the 4th Amendment, though I don't think it does very well. For instance, If I "friend" or send an e-mail to a targeted non -"US person", the NSA would get that...
Also, the FBI and CIA have direct access to the DITU. If an NSA agent makes a "Stored Comms" request it goes through the ECSU. What about FBI and CIA requests? Can't tell.
You can look at the slides and see if you agree with my thoughts about this. Incidentally, the Wikipedia site says these slides were released by Edward Snowden, though, of course, Snowden has not released them, to my knowledge, at least.
So, some Prism providers' statements, to the effect that they provide no information directly to the NSA are technically correct, though such statements seem to me to be deliberately misleading.
For instance, Tim Cook says in the Charlie Rose interview,
"There were things written in the press about people having back door access to our servers. None of that is true, zero. We would never allow that to happen, they would have to cart us out in a box before we would do that."
Look at "PRISM surveillance program" on Wikipedia
Maybe they don't tell him.
To say they don't do it in the same way as Yahoo is not the same as completely denying cooperation. I've never heard a a denial from these companies, for example, that they might feed all information sources to either an on-site or off-site cluster that government entities have access to. I've always watched the wording on statements and they seem to be carefully crafted to not lie, and to only deny very specific suspicions.
Snowden of all people should know what a categorical denial in the context of government surveillance is worth.
He used Lavabit himself exactly because they were not big enough to fail and would close doors rather than betray their customers' rights and privacy to a U.S. government acting outside its constitutional boundaries. And close doors they did eventually.
Large companies don't have the luxury of closing shop altogether just because the government turned one of their side dishes into a mockery. They are all compromised, and all of them probably have bargained for an individual and particular level of pretense the government is willing to go along with as long as stuff does not get into the open. Of course, this necessitates keeping the people in the know to the bare minimum, and so some company speakers might indeed honestly claim they believe their company not to be involved.
We have n e-mail scanning program like Yahoo. Our program works...
They could have just said "We have never engaged in the secret scanning of email traffic." Period. End of statement. But they decided to qualify it further. Draw your own conclusions.
>but its highly probable that every single transcontinental link is 'managed' and tappable.
I think that was already disclosed in the 1990's, with AT&T's secret room for the NSA at their facilities, wasn't it?
Or at least that's what they call it here in DC.
Best Slashdot Co
In this case encryption out side of the server is worthless if the host can simply access all email. Do I think Apple, Microsoft, Google carefully word their response? Absolutely. Because the NSA has always been able to access all information and while the companies may not have helped. It's clear the information is obtainable.
The only instance is the iPhone when a pass code had to be broken to access the information. I assume any information on a server encrypted or not could be accessed.
June 19, 2003. Outrage or Crickets? Well, the media can't be expected to stop doing opposition research on every trivial and imagined slight Trump may have ever made just to cover a lying President that violated all of American's Constitutional Right to Privacy. Don't be sill. What difference, at this point, does it make? MOVE ON. Right? After all, they took down and demonize Squeaky Clean Boy-scout Mitt Romney with the monumental scandal of moving a dog safely in a cage on a car roof - there just isn't time and room to cover tiny stuff like this or selling State Department favors for Clinton Foundation Donations.
I got a list of all the emails for the U.S. government and tack it on to .cc in all my emails. I don't want anybody in U.S. government to be left out.
Are you referring to 'MaeWest'? that was the west coast aggregate fiber tap. Their was an East coast atlantic fiber run aggregate tap as well, can't recall its name.
It's the Aquinas hub in Area 51. Don't worry though, a man with augmented vision will shut it down in 2052.
Are you referring to 'MaeWest'? that was the west coast aggregate fiber tap. Their was an East coast atlantic fiber run aggregate tap as well, can't recall its name.
MAE East, Duhr! But those facilities weren't particularly set up to allow government interception.
https://en.wikipedia.org/wiki/...
Re: Traffic Analysis
That by itself is extremely useful.
During WWII there were periods when the Allies were unable to deduce the key(s) used by the Axis in encoding a days message.
But by careful study of which units were sending to other units and back again, the Allies were able to derive actionable intelligence.
With the pattern discerning skills of 'Big Data' and 'Machine Learning' the bad guys - and us - likely have no real secrets.
I just assume that whatever I send, encrypted or not, is going to be read. A post, like this one, is probably hilarious to the NSA which no doubt has abilities we can't even think of.
Read "The Hut Six Story" by Gordon Welchman to find out what was possible 70 years ago.
Yes, Theirs are much better!
Ifou nda as impl er wa yof getti ng ar oundit.
Ise nd allm y su icidebom bingor der sth isw ay, tomak eitm ore di fficu ltto pi cko utindi vidu alwords.
Al lah u Ac kba r!! Dea th tothei nfid els!!
Anything you post on the net should be considered public domain. In this post '911 era do you really think we have privacy ? Google searches are all scanned..
everyting is scanned.. emails, phone calls, etc. I don't care I don't have anything to hide. What do you think IBM's WATSON 's main objective really is ?
I use the internet for research and such but I can assure you that everything we do on the internet is monitored.
There are applications that harvest data from applications like Facebook and Google+ Cell Phones.. even if a phones GPS is disabled if it's got a signal it's not too difficult to triangulate an locate the phone.
If you are on the internet and think you have privacy.. think again.
If you encrypt communications you are just flagging yourself to be monitored closely.
Wait, does this imply that there are people who use yahoo mail as anything other than a spam trap?
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
The clueless (and mostly co-opted) Fourth Estate will dutifully parrot the statements from all the various spokespersons and maybe even the CEOs... who intentionally don't know shit.
The CTOs and their senior staffs on the other hand...
Here:
https://en.wikipedia.org/wiki/...
Here:
https://en.wikipedia.org/wiki/...
(Not sure if both of you posting as A/C are the same person, or if you'll even make it back here. Guess it wasn't the 1990's, but the 2000's, just seemed so long ago, I lost track of time).
..from overpaid Yahoo CEO Marissa Mayer, net worth approximately $300m.
Organization? You must be joking..
The faster competitors team up to answer concerns of those that feed their profit, the more of a lie their answer is.
PRISM showed that they lie.
its highly probable that every single transcontinental link is 'managed' and tappable.
Heck, the undersea cables of hostile powers were tapped from the early 70s (presumably friendly powers followed). The US built a special-purpose nuclear submarine, capable of very deep dives and of "installation and maintenance of underwater equipment" just for the purpose of stealthily locating and tapping undersea cables.
Socialism: a lie told by totalitarians and believed by fools.
All the companies denying internal programs have NSA taps just outside there server farms that monitor all traffic in and out of there corner of the net.
They who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
Here:
https://en.wikipedia.org/wiki/...
Yes, that was NOT MAE West.