July 30, 2013
Feds tell Web firms to turn over user account passwords
Declan McCullagh,
CNet News.com,
July 30, 2013
According to this report, the "secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form." The companies (for example, Microsoft) report that they are not turning over passwords, decryption algorithms, or salts. Of course, they are required by law to say that. "If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user.... , 'impersonating someone is legal' for police to do." The lesson: do not store personal student data in cloud services run by companies that would be forced to comply with U.S. authorities.
This newsletter is sent only at the request of subscribers. If you would like to unsubscribe, Click here.
Know a friend who might enjoy this newsletter? Feel free to forward OLDaily to your colleagues. If you received this issue from a friend and would like a free subscription of your own, you can join our mailing list. Click here to subscribe.