Feds tell Web firms to turn over user account passwords

Secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form.

Declan McCullagh
CNET 
July 25, 2013

The U.S. government has demanded that major Internet companies divulge users’ stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person’s password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.

“I’ve certainly seen them ask for passwords,” said one Internet industry source who spoke on condition of anonymity. “We push back.”

A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies “really heavily scrutinize” these requests, the person said. “There’s a lot of ‘over my dead body.'”

Some of the government orders demand not only a user’s password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts.

A Microsoft spokesperson would not say whether the company has received such requests from the government. But when asked whether Microsoft would divulge passwords, salts, or algorithms, the spokesperson replied: “No, we don’t, and we can’t see a circumstance in which we would provide it.”

Google also declined to disclose whether it had received requests for those types of data. But a spokesperson said the company has “never” turned over a user’s encrypted password, and that it has a legal team that frequently pushes back against requests that are fishing expeditions or are otherwise problematic. “We take the privacy and security of our users very seriously,” the spokesperson said.

Apple, Yahoo, Facebook, AOL, Verizon, AT&T, Time Warner Cable, and Comcast did not respond to queries about whether they have received requests for users’ passwords and how they would respond to them.

Richard Lovejoy, a director of the Opera Software subsidiary that operates FastMail, said he doesn’t recall receiving any such requests but that the company still has a relatively small number of users compared with its larger rivals. Because of that, he said, “we don’t get a high volume” of U.S. government demands.

The FBI declined to comment.

Read more…

*****

Google declined to comment. Microsoft declined to comment. Apple declined to comment. Yahoo! declined to comment. Facebook declined to comment. AOL declined to comment. Verizon declined to comment. AT&T declined to comment. Time Warner declined to comment. Comcast declined to comment. The FBI declined to comment. And the American people decline to do absolutely anything in response to the continued assault on their rights. This is a match made in heaven – you’re average asleep-at-the-wheel Amerikan, pacified by watching grown men throw around balls and watching television, and the usual suspects [the same assholes we see involved in PRISM]. 

At this point I feel like I’m simply a captive spectator; I think I’m on the wrong planet.

Why would Google and the others be so dodgy? Well, to be honest, asking whether or not these companies would be complicit with requests that invaded the privacy of millions of American citizens is stupid; most of these companies were actively involved in the NSA’s PRISM program.
So what is it going to take for you to begin to punish these companies? Are you going to run out next week and buy Google’s new Nexus tablet? Are you going to keep logging into Facebook? What is it going to take for you to no longer keep voting in the same people and falling for the same old lines???
War on terror? No, the war is on you. Welcome to Amerika.
*****
Similar posts:

Obama, PRISM Class-Action Lawsuit Filed
China Destroys US GMO Corn Shipments – What does that say about us?
[Snowden] I Have No Regrets

Advertisements

One comment

  1. ML · July 29, 2013

    the terrorists hate us for our freedom :p

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s