Yahoo Adapted Email-Scanning Spam Filter to Satisfy 'Secret Court Order' Related to Terrorist Hunt

by

Following a report yesterday that cited three former Yahoo employees who claimed the company built a program to scan every customer's email for specific information at the order of the United States government, new pieces of information have surfaced in a separate article from The New York Times. Specifically, anonymous sources close to the matter said that Yahoo built the program by adapting a filter meant to scan email inboxes for child pornography, malware, and basic spam content.

Yahoo was said to have done this in order to "satisfy a secret court order," created to require the company to search for content containing a specific computer signature related to online communications of an unspecified state-sponsored terrorist group. Two of the anonymous sources -- referred to as "government officials" -- mentioned the Justice Department received the order from a judge of the Foreign Intelligence Surveillance Court sometime last year, an order that Yahoo was "barred from disclosing" to the public.

yahoo
Through its modifications to the spam filter program, Yahoo complied with the Justice Department's order and made available any email that contained the signature, but as of now that collection method "is no longer taking place." The order was described as "unusual" because it required the scanning of individual emails instead of user accounts as a whole, and was allegedly only given to Yahoo as other tech companies, including Apple, have said they never encountered such a demand.

In response to a request for comment, an Apple spokesperson told BuzzFeed News, “We have never received a request of this type. If we were to receive one, we would oppose it in court.”

A Microsoft spokesperson said, “We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo.”

A Google spokesperson told BuzzFeed News, “We’ve never received such a request, but if we did, our response would be simple: no way.”

According to the sources, federal investigators learned last year that members of a foreign terrorist organization were communicating using Yahoo's email service, through a method that used a "highly unique" designator, or signature, in each communication. Although built to look for specific content, the modified program's far-reaching scanning of each user on the service brought about unrest in the user base when the original report came out yesterday. Yahoo's compliance is also being contrasted to Apple's obstinate response in its battle with the FBI earlier in the year.

After the news broke, Yahoo said that the Reuters story was "misleading" and that the email scanning outlined in the report "does not exist on our systems." Compounding the company's woes, last month Yahoo confirmed that "at least" 500 million user accounts were compromised during an attack in late 2014, leaking customer information like names, email addresses, telephone numbers, birthdates, hashed passwords, and both encrypted and unencrypted security questions and answers. In the midst of all of this, Yahoo’s pending acquisition by Verizon could potentially face negative effects.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tag: Yahoo

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article81 comments

Top Rated Comments

Sedulous Avatar
Sedulous
102 months ago
If the supposed filter works as well as Yahoo's spam filter then the terrorists have nothing to worry about.
Score: 14 Votes (Like | Disagree)
CrickettGrrrl Avatar
CrickettGrrrl
102 months ago
I have a hard time believing the efficacy of this secret email filter, as Yahoo has been notoriously bad at filtering malware & spam. :rolleyes: It must have been super porous.

I also have a hard time believing anybody who has their life or super secret plans on the line would even think of using Yahoo email in the first place. So wouldn't it be a really stupid terrorist gang?
Score: 10 Votes (Like | Disagree)
keysofanxiety Avatar
keysofanxiety
102 months ago
It goes from bad to worse. Both hacked and spying government shills.

It's over, Yahoo!
Score: 8 Votes (Like | Disagree)
ptb42 Avatar
ptb42
102 months ago
It's unlikely they just scanned "inboxes". That could have been accomplished by scanning incoming mail with a network sniffer, and Yahoo's cooperation wasn't needed for that.

This was most likely to look in folders OTHER than the inbox, particularly the Drafts folder.

A well-known circumvention of incoming email sniffing is to use the same account: composing a message and saving it in the Drafts folder. The recipient logs into the same account and reads the draft message, replying to it or deleting it.
Score: 7 Votes (Like | Disagree)
840quadra Avatar
840quadra
102 months ago
I have a hard time believing that the government hasn't approached Google, or Microsoft with such questions. I could see them not asking Apple, simply due to their overall lack of marketshare.
Score: 5 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
102 months ago
I have a hard time believing that the government hasn't approached Google, or Microsoft with such questions. I could see them not asking Apple, simply due to their overall lack of marketshare.
I don't understand the logic you're using. I hope you're not conflating phone marketshare with email client marketshare. There are several metrics showing the iPhone email client is the largest by a wide margin. To be fair, that could be a focus on mobile. To be even more fair, I didn't dig into how those metrics were obtained. Desktop and business client email may paint a different picture but I seriously doubt those would be the vector for terrorists. Regardless, you can't use phone marketshare as a reason for not asking Apple. It doesn't make sense.

Apple, Microsoft, and Google all state they haven't been approached with a request like this. Apple and Google were both pretty emphatic in their response. Hell no. Microsoft on the other hand, their response was a bit more vague and non-commital regarding their response if requested to do something similar.
"We have never engaged in the secret scanning of email traffic like what has been reported today about Yahoo." - Microsoft. If someone gave me a response like that, my first question would be "Well what kind of secret email scanning have you done?"
Score: 5 Votes (Like | Disagree)
Read All Comments