Sunday, July 28, 2013

Feds tell Web firms to turn over user account passwords

The U.S. government has demanded that major Internet companies divulge users' stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.

"I've certainly seen them ask for passwords," said one Internet industry source who spoke on condition of anonymity. "We push back."

A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies "really heavily scrutinize" these requests, the person said. "There's a lot of 'over my dead body.'"

A Microsoft spokesperson would not say whether the company has received such requests from the government. But when asked whether Microsoft would divulge passwords, salts, or algorithms, the spokesperson replied: "No, we don't, and we can't see a circumstance in which we would provide it."

Apple, Facebook, AOL, Verizon, AT&T, Time Warner Cable, and Comcast did not respond to queries about whether they have received requests for users' passwords and how they would respond to them.

Some details remain unclear, including when the requests began and whether the government demands are always targeted at individuals or seek entire password database dumps. The Patriot Act has been used to demand entire database dumps of phone call logs, and critics have suggested its use is broader. "The authority of the government is essentially limitless" under that law, Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence committee, said at a Washington event this week.


If the government can read what you say even in a private email, that would have an immensely chilling effect on speech.  Orwellian.


Anonymous said...

So you're worried about the govt? If you are one of the fools who still believes we have any degree of privacy left, understand that the govt. should be the least of your concerns. The insatiable greed of private companies is the bigger threat.

Anonymous said...

Nearly as chilling as the label "Anti-Semite"

Anonymous said...

change ur passwords daily to keep the Nazi's from finding them. The bastards need to be in a deathcamp.

Anonymous said...

Apparently, we are seeing the re-birth of the Gestapo. You can bet the notoriously weak, gullible, and mindless sheeple of the US will tolerate this abuse as well.

Bird of Paradise said...

Tell BIG BROTHER to GO TO HELL and especialy that wretched Obama

Anonymous said...

When it was discovered that the Bush Admin was listening in on suspected terrorist phone calls, the public was outraged attacking Bush? Where is the outrage against the Obama admn?

Anonymous said...

Big Government, not big Business has been responsible for over 99pct of all great human caused tragedies and death. See the last century for example.

Anonymous said...

When people are free to do as they wish you get woodstock.

When governments free to do as IT wishes, you get Auschwitz!

Anonymous said...

Anon 2:59: Or to put it another way:

More harm was done in the 20th century by faceless bureaucrats than tyrant and dictators.

Anonymous said...

with or without your passwords you emails can be read at any point enroute. you just have to use public key encryption if you want it hard to read. No one can decipher a message to you,and the person encrypting it does not need to know your decrytpion key. only you need to have that key.