Judge Orders Yahoo to Explain How It Recovered ‘Deleted’ Emails in Drugs Case(motherboard.vice.com) |
Judge Orders Yahoo to Explain How It Recovered ‘Deleted’ Emails in Drugs Case(motherboard.vice.com) |
I cannot find the article, but I believe this method of sharing access to one e-mail account to many parties was one of the comms methods employed by the 9/11 terrorists, pioneered by Columbian drug lords.
In that movie, which I just check the date for, seems like one of the first pop references to the idea of sharing email drafts in a free email account without sending anything.
https://www.washingtonpost.com/news/worldviews/wp/2012/11/12...
Now, can someone prove me one better and find where this idea got traction? I honestly laughed watching that movie, wondering if Petraeus watched it years earlier, and thought to himself, I wonder if this will work in real life ...
UPDATE: I could, gee, also try RTFWPA! It refers 2005 reports of AQ using the same tactic, you know, where probably he got it from.
Or he got it from the movie, which would make me in a die a fit of laughter!
seems like it would have been a hassle to deal with for the last 15 years
That's a pretty serious firewall you have there. Assuming that s/he was not using encrypted smtp and imap or pop, then you still have a L7 filter that reads and logs email addresses and alarms on them. Now it is unlikely (to me) that you would have a whitelist of acceptable email addresses with which to alarm. I can think of a few other things you might have done to trigger alarms and all of them are pretty distasteful.
So I will conclude you simply violated her civil rights and spied on her.
I feel sorrow for you, genuinely, that you have had a relationship problem but I suspect that it would have been easier to find out what was going on in the various old fashioned ways, rather than farting around with IT and being a bit creepy.
What does that even mean?
"but my name's Jim...."
Please forgive my nosy question, but was she financially dependent on you or was there some other reason for her to maintain the marriage?
Or perhaps some immunity to any results.
I suspect that yahoo and other companies haven't yet taken the issue of failing to delete data that should be deleted as seriously as that of losing data that shouldn't be deleted, but this has the potential to become a significant privacy issue.
This is a solved problem in the real world, but some companies would have us think it's the Wild West, when in fact it isn't.
So while it's possible that backups mean you can never be entirely certain your deleted data will stay deleted, it's most certainly not guaranteed.
In Europe, the recently enacted General Data Protection Regulations "GDPR" which will come into force in 2018 will in theory require organisations to ensure that personal information is removed in an appropriate timeframe - this would include disposing of backups, or where data is comingled, ensuring at a granular level that data is blacklisted for restore.
It remains to be seen how practical that will be, so moving to retentions appropriate for operational restore may be the more sensible solution.
* my speculation
Note that that doesn't mean it's GOOD.
Oh crap, mission compromised! SIGABRT! Wait, is everyone in this room part of the hacker cell? Are we all hacking each other? Haha.
(Honestly, what disturbs me the most is that, yet another spoiler, he puts all these suicide bombers on a bus to detonate themselves. And they never mention the bus driver who dies as part of this ruse. Not even does Don Cheadle seem to care about this guy! I found that pretty disappointing. I think that is just the underappreciated IT guy talking.)
The fact they are actively trying to hide it could also be because they are trying not to hurt them.
It's hard to argue that they are getting thrills at the direct expense of an unknowing party, if they don't get caught. Of course, just putting the one you're supposed to be in love with at the risk of hurt is fairly horrible.
The cynic in me also just doesn't think it's sane to expect that an oath to love forever could be relied upon anyway, and the statistics do bear this out.
Eh, kind of doubt it. Most people would rather have their partner break up than cheat on them. It's considerably less hurtful to just leave someone than to carry on a hidden affair.
> The cynic in me also just doesn't think it's sane to expect that an oath to love forever could be relied upon anyway, and the statistics do bear this out.
I guess the optimist in me believes that if a partner is no longer in love and no longer interested in trying, they should break up rather than cheat. Similarly, I believe a business partner who no longer wants to be involved in the business should sell off their shares rather than purposely tanking the business.
"It is only bad if you get caught" is an absurd justification for anything. Is it okay for me to break in and stay in your home while you are away, if you don't find out?
Of course, I've configured my server to properly sign email, publish SPF records, and so on. My server may be small, but god damn it, it's top notch.
I agree that outgoing deliverability isn't really a problem for me either. I do have DKIM and SPF set up. I also am a fairly low-volume message source. I think self-hosting is more tricky if you're emitting large volumes of mail, like transactional emails for a business. But as a personal email server it's been fine for me.
Not if nobody finds out about the hidden affair. But yes, it's a douchey thing to do.
> I guess the optimist in me believes that if a partner is no longer in love and no longer interested in trying, they should break up rather than cheat.
That doesn't sound terribly optimistic to me, optimistic IMO would be believing that a vow for love forever might have a chance of working.
https://zapier.com/learn/ultimate-guide-to-email-marketing-a...
It's possible to configure DKIM and SPF and your server correctly, and hopefully stay off blacklists, but if inbox deliverability really matters to you, a [no-cost] plan with a Mandrill or MailGun service should do well for you. It's what I use to have home servers and IoT things send me email, to gmail, and I never have deliverability issues.
He described it as "her laptop", there's a clear demarcation of ownership. I just wonder if those ownership laws of the physical property would overshadow the unauthorised access to material parts of UK's CMA (and it's ilk depending on your jurisdiction). AFAIR it just says unauthorised access nothing about 'of a system not owned by the accused'; indeed there was a case (Court of Appeal case at bottom of http://www.computerevidence.co.uk/Cases/CMA.htm) specifying that it was unlawful access to data on any computer (ie including the one you're entitled to access).
It might serve to consider if your wife had secretly taken lewd pictures that wouldn't give you, as spouse, entitlement [eg because you owned the computer] to access them without her permission.
Just because one owns the computer system doesn't mean one owns, nor has a right of access to, the data. That's quite clear in many areas.
So, what happens if my husband decides that my laptop is also his laptop, and uses it to access to company servers, accounts, and databases? I signed an NDA, he hasn't. Now he has access to intellectual property and trade secrets, he decides to go to a competitor and sell them for the highest price.
Fortunately, the ECPA exists, so even if my security practices were as terrible as the above scenario implies, I'd still have some legal protections.
If I've told him "this is my computer, you're not allowed to access it" and he did, that would violate the ECPA. If I protected it with an easy-to-guess password and he guessed it, that would violate the ECPA. If I had an unprotected computer, and let him use it, but he installed a keylogger to get work passwords, that would violate the ECPA. If I let him access my machine and he uses auto-fill stored passwords in a browser to log into my work email, that's also an ECPA violation.
Not only does this apply to husbands and spouses, but also parents and children.
In addition, the separate/community property laws vary from state to state, and most states allow for common-sense separate property laws within marriage. In most states, my spouse can't use a computer given only to me, or a computer I had before we got married, or a computer I purchased with my own separate assets (what constitutes a "separate asset" is a huge discussion, but you get the idea). You can make a written agreement that "this is separate property" and even if you didn't do that, it would likely be a strong argument in court that an unwritten "separate property" agreement exists for a particular machine, in certain circumstances.
"Just because your wife buys it, it's still yours" is absolutely not an ironclad rule.
Many other states are de facto community property states. There is often some sort of "equitable" division of assets in a divorce. In practical terms this often appears quite similar to the de jure states.
One of my favorite quips was from Tom Arnold, during his second divorce. He said something like "she wants half of half of Roseanne's money".
Can the members of the marriage(spouses?) change that?
Here in Spain some autonomous communities (like the states in USA) have community property as default and some others have asset separation as default but when one gets married can decided which one to use
http://www.nytimes.com/2016/05/29/opinion/sunday/why-you-wil...