Yahoo’s Email Spying Nightmare

Hits: 871

Just when you’re thinking that the situation couldn’t get worse for once venerable Yahoo — the company has been sold at fire sale prices, they’ve announced historically enormous user account security breaches, and so on — comes word that Yahoo may have permitted mass scanning of users’ email contents by unnamed federal intelligence agencies. 

Unattributed, unsourced stories — particularly dramatic ones like this — must be viewed with extreme skepticism. Very often these days some nobody throws out a baseless rumor, it’s mirrored around the Web in minutes, and sometimes is even picked up by mainstream news sources without any sort of realistic fact checking. If every individual or firm subjected to this sort of abuse responded formally to every such unfounded attack, they often wouldn’t have time to do much else.

This Yahoo story is notably different however.

First, it actually originated with a reputable wire service — Reuters — and a reporter — Joseph Menn — who also is highly respected.

And Yahoo actually responded to these accusations by calling the story “misleading” in a very carefully worded, rather strange press release that leaves even more questions unanswered, including with the statement that: “the mail scanning described in the article does not exist on our systems.”

Hmm. Not precisely described? Not on their current systems at this time? 

What about closely described? What about on their systems in the past? What about data provided to some other entity for scanning?

Who (other than Yahoo) knows what they meant?

What they clearly didn’t do was issue a straightforward denial that such mass content scanning ever took place.

Google, Microsoft, and other firms quickly issued statements saying that they they had not received similar requests for scanning. Google said specifically that if they ever received such a request their response would be “No way.” (Indeed, knowing Googlers as I do, there’s no way in hell that they’d assent to such a request.)

This is a very big deal. Because if the accusations regarding Yahoo are true, this would be the first mass scanning incident of this kind, at least that we’ve ever learned about.

And it’s very important to keep in mind how this would differ from other surveillance situations here in the USA.

It’s one thing when a court gives permission to an agency to demand the records and other materials associated with specific users. While this kind of authority can be and has been abused, there are times when it can be justified.

The situation gets more problematic when we move into the realm of mass (as opposed to targeted to specific persons) collection of metadata — like phone numbers or message headers. Courts have ruled in different ways regarding the privacy protections due these classes of data, leading to the controversies over the NSA’s mass phone number collection efforts, for example.

But there’s no such confusion over the actual contents of communications, like what’s actually said in phone calls or written in the body of email messages.  

Communications contents are at the highest level of privacy protections, and mass, untargeted scanning of email messages’ contents would represent an egregious and (again, as far as we know) unprecedented violation of the individual privacy rights of innocent persons.

Frankly, I’m sincerely hoping that Reuters got this story wrong somehow, that the actual facts are not as dire as their report suggests.

But this is definitely not the time for Yahoo to be playing word games in their press releases, using language that leaves gaping holes obvious to all observers.

It’s possible that Yahoo is still under some sort of government order that prevents them from explaining precisely what went on — yet Yahoo’s current “non-denial” denial does not well serve Yahoo, its users, or the community at large.

We need to know the truth about what did or did not happen to users’ emails at Yahoo.

And we need to know now.

– – –

UPDATE

= = =

:

“Yahoo was ordered last year to search incoming emails for the digital “signature” of a communications method used by a state-sponsored, foreign terrorist organization, according to a government official familiar with the matter.

The Justice Department obtained the order from a judge of the Foreign Intelligence Surveillance Court.

To comply, Yahoo used a modified version of its existing systems that were scanning all incoming email traffic for spam, malware and images of child pornography. The system stored and made available to the Federal Bureau of Investigation a copy of any messages it found that contained the digital signature.

Yahoo was forbidden from disclosing the order and the collection is no longer taking place, the official said Wednesday.”

 = = =

If this additional information is correct, it represents an enormously dangerous slippery slope. The inclusion of arbitrary signatures” at the behest of the government into malware/spam/cporn (“PhotoDNA”) scanning systems is a dramatic departure from firms cooperating with each other, into the realm of secret government mandates.

– – –

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

The Importance of “Google Assistant” and “Google Home”

Hits: 1233

There was a lot of fascinating stuff in the Google presentation this morning, but for me the section of most immediate interest — and that may perhaps be the most important going forward for many persons — related to Google Assistant and in particular the Google Home device for accessing Google Assistant.

True, Amazon has had a similar looking pedestal device around for awhile, but the access device is only the gateway — it’s the cloud/AI/connectivity resources behind it that really matter. And on those scores, Google’s far ahead of everyone else, and is likely to continue evolving much faster as well.

This class of “full room” connectivity isn’t just important for the slick “Star Trek Computer” factor, but for the critical accessibility aids that it could provide for a vast number of people — visually impaired, mobility impaired, on and on.

And this is only the very beginning of this path. Incredibly important.

One last thing for now. A number of people have asked me if the Home device is sending everything they say in a room up to Google. I don’t have specific information regarding this device, but I’d very strongly assume that the same operational model is being used as for other Google speech recognition products, where the attention phrase “OK Google” is recognized locally on the device, and only then is audio sent up to the cloud for full analysis (and you have control over what happens to that voice data once it reaches Google as well).

Great work!

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

Google Launches a New Consolidated Blog [GOOD], with a New Unreadable Font [AWFUL]

Hits: 2505

Google has launched a new consolidated central blog called The Keyword to make it easier to track Google products, research, and other activities. It will reportedly ultimately replace many other Google blogs.

Because Google has long had a multiplicity of blogs to follow, this could well be a very positive move, depending on the details.

This assumes, however, that you can actually read their new blog.

As you can see in the comparison below, Google has once again failed users with aging or otherwise less than perfect vision.

With fonts sized approximately the same, on the left I have a shot from a very recent traditional Google blog posting, and on the right the new “Who needs contrast?” version from their new blog.

The difference in contrast is obvious, with the new version on the right positively painful for vast numbers of users to view.

This is unfortunately not the first time Google that has gone this route with various of their products, effectively devaluing significant segments of their user population.

If you talk to Google about this — and I have — they will assure you that their new designs meet visual accessibility standards and pass the associated test suites. The problem of course is that those standards are widely viewed (no pun intended) as inadequate, counterproductive, and worse.

Typical human vision begins to degrade in our early 20s. A rapidly growing segment of the Google user community is being directly disadvantaged by this trend toward low contrast fonts that are impossible for these persons to comfortably read, or in some cases even read at all.

Google can do far better.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

selection_257

When Hell Freezes Over: AT&T preparing to pull “GigaPower” fiber down my street

Hits: 864

I figured that hell would freeze over before I saw gigabit fiber here, but sometimes there’s a surprise.

The photo below shows AT&T preparing to pull gigabit fiber to the home (“GigaPower”) down my street.

This will be a trunk line since actual drops and demarcation points for where I am in my corner of L.A. are behind the houses, so feed lines will be run behind the houses as subscribers request installs.

It’s a bit difficult to see due to the lighting, but the left arrow points at a yellow “pull cord” that AT&T brought by in front of my house yesterday and is continuing to run today down the street.

The right arrow points to a pulley assembly hanging from the Time Warner Cable (now aka Charter/Spectrum) trunk cable above, with the pull cord threaded through it. The GigaPower fiber run will be fed from a large truck spool that will be parked nearby and then pulled down the street over the pulleys via the pull cord. The spool feeding the pull cord itself is visible near the AT&T trucks at the lower right.

AT&T’s pricing for their GigaPower offering varies widely depending on whether or not they have fiber competition (e.g., from Google Fiber — which isn’t here currently). AT&T also usually charges considerably more for GigaPower if you don’t want them snooping on your web browsing activities. 

That all said, it’s likely to be a damned sight faster than the comparatively crawling (especially upstream) speeds from TWC currently! 

I’d still much rather have Google Fiber, though.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

selection_252

Phony Trump and His Phony Debate Polls

Hits: 850

Anybody with half a brain knows that Donald Trump was trounced by Hillary Clinton at the first presidential debate two days ago. Outside of his unhinged, confused, rambling, impolite world-class-jerk performance and self-defeating answers, his own reactions afterwards (not to mention those of Republican leaders in general) tell the story.

Trump said that the moderator was unfair, while at the same moment his own campaign manager was proclaiming that the moderator did a great job.

Trump blamed his microphone (perhaps a conspiracy, he suggested).

His mic was fine — it picked up every one of his bizarre sniffles with perfect clarity.

Here’s a handy rule of thumb: Debate winners never complain afterwards about conditions at a debate — hasn’t happened in the history of debating reaching back at least to ancient Greece.

His own people (at least off the record) now are saying that they really want him to be prepared for the next debate (implicitly admitting what was obvious, that he was woefully unprepared for the first one), but express concerns about whether he has the patience, attention span, and willingness to do so. They’re not just whistling Dixie.

Near the end of the debate, Trump said that he has the best temperament (to laughter from the audience). Trump claiming that he has the best temperament in this context is like a drowning man screaming “I have the best swimming!”

We already know that Trump’s knowledge of and interest in actual science and technology is somewhere pretty much south of downtown nil, but he doesn’t mind touting fake statistics if they seem to be in his favor.

That’s why we’ve been treated now to his rants — and various postings from his moronic, thuggish minions — claiming that after-debate polls say he won, he won big, he won huge over Hillary.

He won nothing that means anything. And that’s even if we ignore the supposed CBS poll he claimed that he won, that CBS has proclaimed never even existed!

Because not a single scientific, statistically valid poll of which I’m aware showed Trump as the winner. Every one showed Hillary the winner to varying degrees — often by a dramatically large win.

Scientifically valid polls are carefully designed to reach statistically valid samples of voters from whom it’s possible to derive meaningful data that can be used to accurately extrapolate to the population at large. This is getting more difficult in an age of call blocking and cellphones, but when we look at the averages of multiple modern scientific polls over time the results are typically quite accurate.

The kinds of polls that Trump is touting are the fake polls that appear on websites around the Net as clickbait on various stories. They have pretty much the same scientific validity as extracting polling data from a Ouija board — likely far less. They drive real pollsters crazy, since they confuse people about how valid, scientific polls actually work.

These fake polls’ participants are “self-selected” — that is, only people who happen to be on those pages and then choose to participate are counted in the polls. If a story is more likely to attract Trump supporters, those are who you’ll find mostly voting in any polls on that page.

Such fake polls are easily manipulated. Many make no serious effort (or sometimes any effort at all) to prevent repeat voting. They are obvious targets for mass social media action — “Hey fellow Nazis, let’s all get over to that page and vote for our man Donald!”

And they’re also trivial targets for automated, robotic voting as another simple means to skew the counts.

Even the execs over at right-wing FOX News realize this. In the wake of the debate and several of their on-air personalities announcing those fake poll results as if they were scientific, statistically valid polls, a memo was sent around internally reminding everyone there that those polls do not meet FOX New’s editorial standards (try to restrain your chuckling now, please!) and that such polls are “just for fun” — with no validity of any kind beyond that. Notably, even in the wake of this admonition, various FOX News personalities apparently have ignored the memo and are continuing to join Trump in promoting these fantasy polls and their non-data. Shameful all around.

All that said, it does occur to me though that Trump might have one legit gripe about the debate microphone. After all, it was working perfectly. That was indeed a problem for him.

Because if the 84 million or so people who were watching the debate hadn’t been able to actually hear his bizarre performance, he probably would have come out looking better even in the scientific polls.

My advice: Skip the mic check next time, Donald.

You can thank me later.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!