undefined | Better HN

0 pointsgreenyoda9y ago0 comments

I'm not a fan of Mayer's, but sounds like she didn't want to fight the order since that hadn't worked in the past:

"Yahoo in 2007 had fought a FISA demand that it conduct searches on specific email accounts without a court-approved warrant. Details of the case remain sealed, but a partially redacted published opinion showed Yahoo's challenge was unsuccessful."

Her real mistake was going directly to the e-mail team to implement the backdoor without telling the security chief about it:

"They were also upset that Mayer and Yahoo General Counsel Ron Bell did not involve the company's security team in the process, instead asking Yahoo's email engineers to write a program to siphon off messages containing the character string the spies sought and store them for remote retrieval, according to the sources.

The sources said the program was discovered by Yahoo's security team in May 2015, within weeks of its installation. The security team initially thought hackers had broken in.

When Stamos found out that Mayer had authorized the program, he resigned as chief information security officer and told his subordinates that he had been left out of a decision that hurt users' security, the sources said. Due to a programming flaw, he told them hackers could have accessed the stored emails.

0 comments

2 comments · 2 top-level

jonknee9y ago

Not winning on specific account searches is very different than not even fighting global access. Orders of magnitude different.

rudolf09y ago

Good on Stamos for leaving.

j / k navigate · click thread line to collapse