Slashdot Mirror
Yahoo's Government Email Scanner Was Not A Modified Spam Filter, But a Secret Hacking Tool: Motherboard (vice.com)
The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.
In some sense, yes: the government really shouldn't have secrets, at least in the context of withholding information that is needed to maintain their accountability to the American public, who are in principle the source of the government's power. This is the essential meaning of the famous conclusion of Lincoln's Gettysburg Address: "...that government of the people, by the people, for the people, shall not perish from the earth."
The NSA is a good example of what happens when the government is entrusted to monitor the scope of its own secret-keeping. Their testimony to Congress after the Snowden revelations proves that they regard themselves as not accountable to the people, choosing to directly lie under oath to public officials, even if they believe that doing so ultimately serves the public interest.
To address your more specific case of "how do we catch terrorists or other enemies via their communications if we are obligated to announce how we are monitoring communications," one could just as easily turn the argument around and ask how police can catch criminals if they are obligated to have probable cause and obtain warrants. That is to say, the constraints imposed upon the enforcement of the law are not defined by what is technologically or physically possible or expedient, but from the rights and responsibilities guaranteed by the law itself, and that it is the duty of law enforcement to work within the legal framework they are sworn to uphold, rather than to define that framework and not only choose what tactics are permissible, but prevent anyone but themselves from knowing what is permissible or not. Otherwise, we have no rights, and the government can act with impunity (e.g., extrajudicial killings, summary executions, warrantless search and seizure, all in the name of rooting out crime and terrorism). And we can easily point to contemporaneous examples of the consequences of such policies and see how this is essentially tyranny of the state and the collapse of democratic governance.
How do we catch terrorists? To put it simply, good old fashioned detective work. Build and earn trust between the public and law enforcement. Rather than relying on the government to institute secret panopticon tactics, recognize that the public itself is a far better observer of illegal activities. There will be, of course, vehement criticism of such ideas as "naive" and "wildly idealistic." But it is actually eminently realistic because it begins with the recognition that not every threat can be stopped. What is unrealistic is the notion that a government can detect and respond to all threats through a sophisticated, secret, and pervasive surveillance network. That is the stuff of spy-thriller and dystopian sci-fi fantasy movies.