Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Feds tell Web firms to turn over user account passwords
Cnet ^ | 25 July, 2013 | Declan McCullagh

Posted on 07/25/2013 3:49:38 PM PDT by Errant

The U.S. government has demanded that major Internet companies divulge users' stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.

"I've certainly seen them ask for passwords," said one Internet industry source who spoke on condition of anonymity. "We push back."

(Excerpt) Read more at news.cnet.com ...


TOPICS: Constitution/Conservatism; Crime/Corruption; Extended News; Government
KEYWORDS: benghazi; computers; cyber; fastandfurious; impeachnow; irs; loadurgunsboys; nsa; passwords; security
Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100 ... 181-184 next last
To: Jet Jaguar; NorwegianViking; ExTexasRedhead; HollyB; FromLori; EricTheRed_VocalMinority; ...

The list, Ping

Let me know if you would like to be on or off the ping list

http://www.nachumlist.com/


61 posted on 07/25/2013 5:12:55 PM PDT by Nachum (The Obama "List" at www.nachumlist.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

This is what quantum computing research is for. It’s a lot less expensive to encrypt something than it is to decrypt it, and there is only just so much computing power available and it costs, and the relationship between power and cost is somewhat linear...quantum computing could theoretically change that.


62 posted on 07/25/2013 5:13:56 PM PDT by The Antiyuppie ("When small men cast long shadows, then it is very late in the day.")
[ Post Reply | Private Reply | To 57 | View Replies]

To: Errant

This is CNET and as far as I know they are non-partisan and even-keeled. Hence, I think their report here is accurate. And the report is scarier than Hell.


63 posted on 07/25/2013 5:17:03 PM PDT by Hostage (Be Breitbart!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: DoughtyOne
Yes, annoying, but not as bad as mitigating damage done when your email accounts are used for nefarious purposes, your bank accounts accessed, or your ID stolen.

It's information security 101. Still, it will not prevent a state entity from accessing your personal devices or your online information.

Then there is the physical world with its roadbed sensors, video recorders, license plate readers, facial recognition, voice recognition, and cell phone tracking to name those methods better known.

64 posted on 07/25/2013 5:17:27 PM PDT by Errant
[ Post Reply | Private Reply | To 53 | View Replies]

To: molson209
ya , people going to be setup big time

Who needs the IRS to harass conservative groups? Thats petty and ineffective.

Just put the kiddy porn into the conservative's account.

65 posted on 07/25/2013 5:18:11 PM PDT by ClaytonP
[ Post Reply | Private Reply | To 10 | View Replies]

To: Errant

They have accumulated too much power. They are corrupt. The power didn’t corrupt them. They were already corrupt.

“Sweet land of liberty” is bull$h!t.


66 posted on 07/25/2013 5:20:08 PM PDT by I want the USA back
[ Post Reply | Private Reply | To 1 | View Replies]

To: The Antiyuppie

What I’m taking away from your comment is that they can bypass my password any time they like.

Is that what you were trying to convey?


67 posted on 07/25/2013 5:21:58 PM PDT by DoughtyOne (Kill the bill... Begin enforcing our current laws, signed by President Ronald Reagan.)
[ Post Reply | Private Reply | To 60 | View Replies]

To: Errant

Yep, that’s about my take on it also.


68 posted on 07/25/2013 5:22:53 PM PDT by DoughtyOne (Kill the bill... Begin enforcing our current laws, signed by President Ronald Reagan.)
[ Post Reply | Private Reply | To 64 | View Replies]

To: The Antiyuppie

It has undoubtedly been tested.

Testing involves transmitting interesting but false data across it that if intercepted would have to be acted upon....I guess you can call it the honeypot test.

The same methods are used to test what encryption can be broken by nation states...TIP: Trust the algorithms used by Russia or China...they have been tested against the best the NSA can muster.

All that said, not every terminal TOR server can be trusted...this is why you must never make a mistake that lets that last server identify you...something foolish like logging onto your Gmail account.


69 posted on 07/25/2013 5:24:28 PM PDT by Bobalu (It is not obama we are fighting, it is the media.)
[ Post Reply | Private Reply | To 52 | View Replies]

To: I want the USA back
Give me control of a nations money supply information, and I care not who makes it’s laws...
70 posted on 07/25/2013 5:28:58 PM PDT by Errant
[ Post Reply | Private Reply | To 66 | View Replies]

To: null and void
Are you absolutely certain that some clever Ph.D. hasn't come up with a method of breaking a hash code?

Yes, these hash codes are ONE WAY. They do not go back. Comp Sci 101.

71 posted on 07/25/2013 5:29:09 PM PDT by COBOL2Java (I'm a Christian, pro-life, pro-gun, Reaganite. The GOP hates me. Why should I vote for them?)
[ Post Reply | Private Reply | To 57 | View Replies]

To: Errant

Since they now have joint custody of my account, they should pay half the bill!


72 posted on 07/25/2013 5:29:14 PM PDT by rawcatslyentist (Jeremiah 50:32 "The arrogant one will stumble and fall With no one to raise him up; And I will set)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Errant

First they will get passwords for social media. They HATE it when someone thinks they have freedom of speech. After enough sheep have willingly allowed themselves to be [crude word for coitus] they will move up to banks and credit card accounts.

To the fellatio-performing illegitimate offspring of female dogs I say “go [crude word for coitus] yourself, eat [crude word for end product of digestion] and stare at a picture of helen thomas for 15 minutes.


73 posted on 07/25/2013 5:30:29 PM PDT by I want the USA back (Freedom of speech - a myth about a long-gone country.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rawcatslyentist

lol


74 posted on 07/25/2013 5:33:10 PM PDT by Errant
[ Post Reply | Private Reply | To 72 | View Replies]

To: I want the USA back
>"they will move up to banks and credit card accounts."

revelation/13-17
And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

75 posted on 07/25/2013 5:39:29 PM PDT by rawcatslyentist (Jeremiah 50:32 "The arrogant one will stumble and fall With no one to raise him up; And I will set)
[ Post Reply | Private Reply | To 73 | View Replies]

To: Errant

a little security overview from my buddy spartacus but what he/she tells me is:

https://www.torproject.org/

download and install the latest “tor-browser” bundle. there are set ups you have to do with firefox browser.

disable java, java script, cookies in Firefox and more. Read the directions

the latest version checks anonymity at the tor site. Spartacus verifies with this other site:

www.stilllistener.com/checkpoint1 (and checkpoint2, java) to verify anonymity. Access with regular IE and with TOR. Difference in IP and anon rating? you can change servers at will. Don’t run IE and tor at the same time.

If some gov’t wants you maybe they can find you, very hard to do with this.

Spartacus likes to send email thru various anon emails, using PGP. http://www.openpgp.org Very few are really anon, especially if based in US. ixquick and duckduckgo bring some up. Hook up to them with firefox and TOR running.

receiving anon email, spartacus recommends http://www.safe-mail.net

Many sites do not work with cookies disabled. (FR included)

Your choice on risk.

to send anonymous email, go to this site with the Tor program

http://sendanonymousemail.net (haven’t checked lately, goes to spam filter usually)


76 posted on 07/25/2013 5:42:10 PM PDT by dynachrome (Vertrou in God en die Mauser)
[ Post Reply | Private Reply | To 1 | View Replies]

To: COBOL2Java; null and void
https://en.wikipedia.org/wiki/Hash_function

When you can demand the keys to the backdoor, you don't have to worry about going in the front. You can even have a side door built just for you.

77 posted on 07/25/2013 5:42:15 PM PDT by Errant
[ Post Reply | Private Reply | To 71 | View Replies]

To: Errant

Well, of course.


78 posted on 07/25/2013 5:45:35 PM PDT by COBOL2Java (I'm a Christian, pro-life, pro-gun, Reaganite. The GOP hates me. Why should I vote for them?)
[ Post Reply | Private Reply | To 77 | View Replies]

To: taxcontrol
I see that you haven't been introduced to rainbow tables. The typical hash used is md5. If you can get the shadow password file off a Linux system, you then take the md5 associated with the user you want (usually root) and run that through the rainbow table. It will hand you an ascii string that produces the md5 sum. The advent of cloud computing means there are many rainbow table servers sitting on the web to provide the lookup service.

If you want to know more details about system security, sign up for SANS classes. They are worth the time and money.

79 posted on 07/25/2013 5:46:05 PM PDT by Myrddin
[ Post Reply | Private Reply | To 8 | View Replies]

To: dynachrome
Check out tormail.org as well.

But, if you ever plan to move to China and call a Falun Gong meeting at your home, I suggest having additional levels of information security in place, the last being one you've invented yourself. ;)

80 posted on 07/25/2013 5:46:47 PM PDT by Errant
[ Post Reply | Private Reply | To 76 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100 ... 181-184 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson