Feds tell Web firms to turn over user account passwords

Declan McCullagh, , Jul 30, 2013
Commentary by Stephen Downes

According to this report, the "secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form." The companies (for example, Microsoft) report that they are not turning over passwords, decryption algorithms, or salts. Of course, they are required by law to say that. "If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user.... , 'impersonating someone is legal' for police to do." The lesson: do not store personal student data in cloud services run by companies that would be forced to comply with U.S. authorities.

Views: 0 today, 113 total (since January 1, 2017).[Direct Link]