It was revealed yesterday that Yahoo has been scanning people’s email for the federal government.
The company complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events. (Reuters)
This activity was, apparently, authorized by Yahoo CEO Marissa Meyer but not the former CSO Alex Stamos. Mr. Stamos left Yahoo in June 2015. He also publicly disagreed with the director of the NSA back in February 2015 about the NSA having access to encrypted data.
This is probably the part where I’m supposed to write something insightful, but honestly, I don’t have much. Like many people, I’m shocked and dismayed at Marissa Meyer’s decisions to allow this. I’m also somewhat heartened by the fact that, reportedly, Yahoo staff detected the malicious software within a few weeks of it being deployed. Apparently the deployed software was buggy and could have been compromised by third parties.
On the heels of a major compromise of email accounts by “unrelated 3rd parties” I have to wonder how much more bad news Yahoo can take. They’ve had their ups and downs, but most folks I know who worked there don’t any longer. It’s certainly not a place anyone I know considers when looking for new jobs.