Internet News

E-mail scanning at Yahoo done at fundamental level with a Linux kernel module

yahoo-logo
Share on Facebook
Tweet about this on TwitterShare on Google+Share on StumbleUponShare on LinkedInPin on PinterestShare on Reddit

Yahoo is in trouble. Technically speaking, the company has been in trouble for the last decade or so, however, things are now looking bleaker than ever. After the company agreed to sell itself to Verizon for a fraction of what it would have sold for a few years ago, reports bringing its modus operandi (and the way user privacy was handled) into question, surfaced.

While Verizon is now said to be looking for a $1 Billion discount on the original price, Reuters has cited three former employees, according to whom, the scanning was done through a module attached to a Linux Kernel. This is indeed a piece of news that has raised a lot of questions and now, we have various quarters asking to see the FISA order apparently authorizing the surveillance.

As per Senator Ron Wyden,

The USA Freedom Act requires the executive branch to declassify Foreign Intelligence Surveillance Court opinions that involve novel interpretations of laws or the Constitution and I certainly expect the Executive Branch to follow this law.

And he is not alone. Various civil rights groups have also come out in the open and are asking the government to reveal information about the secret court order that asked Yahoo to scan all its users’ incoming email. Apparently, the court order was looking for a particular piece of digital information.

Speaking to Reuters, a group of former Yahoo employees said that the company installed a scanning software to check for that particular piece of content in all the incoming e-mails. Any of the filters that Yahoo installed (including those installed to prevent Spam) were clearly visible within the company’s software stack.

However, acting after the court orders, Yahoo used a module attached to the Linux kernel to make the searches. Unlike other filters, this module was buried into the very core of Yahoo’s systems and was extremely difficult to detect, even for employees. The level of care that was taken to make sure that the system was untraceable, is certainly surprising. It also makes you wonder if Yahoo couldn’t have avoided it by appealing the court order.

Meanwhile, there is an outcry about what falls within the purview of the judiciary and until how far must private companies go in order to comply with their requests — particularly if it means compromising the security or privacy of their consumers.

A bibliophile and a business enthusiast.

[email protected]


Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *