Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United Kingdom Yahoo! Crime Privacy The Courts

Yahoo Ordered to Show How It Recovered 'Deleted' Emails (pcmag.com) 80

An anonymous reader quotes a report from PC Magazine: Just what kind of email retentions powers does Yahoo have? According to a policy guide from the company, Yahoo cannot recover emails that have been deleted from a user's account -- simple as that. If the email is in a user's account, it's fair game, and Yahoo can even give law enforcement the IP address of whatever computer is being used to send said email.

Or, at least, that's what Yahoo has said. A magistrate judge from the Northern District of California has ordered Yahoo to produce documents, as well as a witness for deposition, related to the company's ability to recover seemingly deleted emails in a UK drug case... a UK defendant was convicted -- and is currently serving an extra 20-year prison sentence -- as part of a conspiracy to import drugs into the United Kingdom. He's currently appealing the conviction, in part because the means by which Yahoo recovered the emails in question allegedly violate British law.

The drug smugglers apparently communicated by creating a draft of an email, which was then available to others who logged into that same account.
This discussion has been archived. No new comments can be posted.

Yahoo Ordered to Show How It Recovered 'Deleted' Emails

Comments Filter:
  • Using drafts (Score:5, Interesting)

    by GerryGilmore ( 663905 ) on Sunday July 24, 2016 @03:40PM (#52571739)
    " communicated by creating a draft of an email, which was then available to others who logged into that same account." Crikey! That trick is as old as they come!
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      And it never works. Just ask General Petraeus [wikipedia.org].

    • Which just goes to show kiddos, encrypt with something like Gpg4win even if you're keeping the message somewhere you think is "secret."

      c:\messages\>gpg --encrypt --recipient "Other Person" TextDocumentExample.txt

      c:\messages\>gpg --decrypt TextDocumentExample.txt.gpg > Decrypted.TextDocumentExample.txt

    • Crooks are stupid. How much do you want to bet that he forgot to delete the drafts?

      it's pretty easy to "recover" something that was not deleted in the first place.

      • Crooks are stupid. How much do you want to bet that he forgot to delete the drafts?

        it's pretty easy to "recover" something that was not deleted in the first place.

        I guess that the emails the crook thought of as "deleted" were in fact just moved to the Recycle Bin/Trash folder.

        • "Drafts" doesn't mean what you think it means. Drafts are not deleted unless you remember to - and they wouldn't delete the drafts, because others had to log in with the same credentials to read the drafts - they never sent them, hence no email trail.
  • by Anonymous Coward on Sunday July 24, 2016 @03:43PM (#52571751)
  • by loftarasa ( 1066016 ) on Sunday July 24, 2016 @03:43PM (#52571753)
    in the fact that an international drug smuggler wants to appeal his conviction by arguing that Yahoo! "broke the law". I understand the legal reasoning behind it, but if it were Hollywood, not real life, his request would most likely be met with a punch to the face marking the end of the scene.
    • in the fact that an international drug smuggler wants to appeal his conviction by arguing that Yahoo! "broke the law".

      I don't know much about British law, but in the US that would not help him. Evidence in criminal trials is only thrown out if the police or prosecutors break the law, not a third party.

      • by AK Marc ( 707885 ) on Sunday July 24, 2016 @04:58PM (#52571991)
        If the 3rd party breaks the law at the request of the government, it's treated as if the government broke the law themselves. Note, if Yahoo independently broke the law allowing them access to the emails, then provided those emails when requested, they didn't break the law at the request of the government, unless it can be shown that the initial law breaking was in response to a previous request by the government.
      • by Megol ( 3135005 )

        In other parts of the world evidence is always accepted even if someone broke laws to get it. IMHO that's the only logical way - if police illegally break into a house and find evidence a crime have been committed there the evidence is still real. Of course the police in question should get some time in prison too.

        • Re: (Score:3, Informative)

          by Anonymous Coward

          How about if the law they break is planting evidence?

          • by Cederic ( 9623 )

            Then the police didn't break the law to retrieve evidence, they manufactured it. There was and is no evidence.

        • by bjwest ( 14070 )

          In other parts of the world evidence is always accepted even if someone broke laws to get it. IMHO that's the only logical way - if police illegally break into a house and find evidence a crime have been committed there the evidence is still real. Of course the police in question should get some time in prison too.

          Yeah, good luck with that. The officers who violated your rights to get evidence will get, at most, a paid vacation while the "investigation" is on going. Hell, they may even be punished with an award of some type. Our forefathers lived in a world where this type of action was the norm, and saw fit to (try to) protect us from it.

        • by The Grassy Knoll ( 112931 ) on Monday July 25, 2016 @03:28AM (#52573741)

          if police illegally break into a house and find evidence a crime have been committed there the evidence is still real

          I wish there was a "-1 Too Young To Have Thought Things Through" mod...

        • if police illegally break into a house and find evidence a crime have been committed there the evidence is still real.

          At the point that the officer has broken the law any evidence they find is suspect and not credible just like evidence that does not have an unbroken chain of custody it can no longer be validated as fact.

        • In other parts of the world evidence is always

          Let me guess - you're an American?

          It's the way that you think there is a single place called "the rest of the world", and that it is a homogeneous, uniform place defined by it's not being America. Hint: there is human variation outside your experience of your home country. (Actually, there is probably more variation in your home country than you are aware. How many of your country's native languages can you at least read?)

    • by Qzukk ( 229616 )

      Yahoo says this is impossible, then Yahoo does what they claimed was impossible. Thus, there are two options:

      1. Yahoo lied the first time
      2. Yahoo lied the second time

      I'd appeal too. Especially if I was innocent and Yahoo faked emails to appease some government entity who was sure I must have something incriminating.

      • by Pseudonym ( 62607 ) on Sunday July 24, 2016 @04:54PM (#52571971)

        A far more likely reason is that sometimes it's possible to recover a deleted email and sometimes it is not. By analogy, think of the circumstances under which it is possible to recover a deleted file on disk.

        Yahoo's policy says it can't recover deleted emails because if it said anything else, someone with an expensive lawyer would interpret that as a guarantee.

        • Except this isn't just about a company being sloppy (or outright lying) about a customer-friendly policy. There are laws about having to delete said things after a certain amount of time.

          So, for the lawyers:

          1. Does something in the drafts folder count as email?
          2. Regardless of 1, does this draft still existing imply the whole email system database backup still exists, or does Yahoo do extra work to just clobber old in and outboxes?

      • Yahoo says this is impossible, then Yahoo does what they claimed was impossible.

        It wasn't an email, it was a draft of what could have become an email. As such, it was just a file.

        One word: backup. I have tapes on the shelf of files from a decade or more ago. Long deleted from the computer. Still recoverable.

        Especially if I was innocent and Yahoo faked emails

        It wasn't an email. And there appears (at least in TFS) to be any claim it was faked. In fact, "the means by which Yahoo recovered the emails in question" wouldn't be "recovered email" if they simply faked a file.

        Once you hand your files, any files, over to a second party, you ha

        • by ShaunC ( 203807 )

          It wasn't an email, it was a draft of what could have become an email.

          I'd say a draft is an email that just hasn't been sent yet. If I handwrite a letter to someone on paper, but I haven't placed it in the mailbox, would you argue that what I wrote isn't actually a letter because it's still sitting on my desk?

          As such, it was just a file.

          Every sent and received email is also "just a file," at least that's how they're stored on my systems.

          • by Obfuscant ( 592200 ) on Sunday July 24, 2016 @08:10PM (#52572713)

            I'd say a draft is an email that just hasn't been sent yet.

            Drafts do not need to meet any of the standards for Internet messaging, and therefore are not "email". They might contain enough header information to meet the standard, but they don't have to, and many of the drafts I've written certainly do not.

            would you argue that what I wrote isn't actually a letter because it's still sitting on my desk?

            Would you argue that the federal laws regarding US Mail attach to a piece of paper that you are thinking about maybe someday sending through the US Mail system? I.e., yes, I would say that your piece of paper is not yet mail because it has no stamp, has no address, and hasn't been deposited into a mailbox for sending.

            Every sent and received email is also "just a file,"

            No, it may be saved in a file, but it is also email. "Just" is an important word here. It conveys the concept of "only". How they are stored is irrelevant when determining "email" status. Your system may save all email as files, but that does not make all files email.

            • If they deleted it from their drafts folder, I would expect it to be clobbered from the backup system after the expired time simply because it is only in backed up files of the entire email database.

              So...it is in a separate database just for drafts (or all non-sent, non-received data)? Or is the general email database backup sitting around existing when it shouldn't?

              This is the investigation that needs to happen.

              • If they deleted it from their drafts folder, I would expect it to be clobbered from the backup system after the expired time

                What is the "expired time"? Is there an RFC that defines this term?

                simply because it is only in backed up files of the entire email database.

                Drafts are not email, and are not necessarily in the "email database". I've written plenty of drafts that really are "just files", imported to the email client later.

                So...it is in a separate database just for drafts (or all non-sent, non-received data)?

                You mean, like, "files"? I think people want their files backed up. Yes, I'm pretty sure that most people would be unhappy were the server to crash and their files are all lost.

        • by dave420 ( 699308 )

          And if you were operating in the EU and those tapes contain personal information (including drafts made and never 'sent'), you'd be in violation of EU law and liable for some rather strict punishment.

  • by guruevi ( 827432 ) on Sunday July 24, 2016 @03:45PM (#52571759)

    In the best case, Yahoo recovered them from tape, in the worst case they actually keep stuff around for various nefarious purposes. My bet is that they're doing both for their customers and simply lying about it to their products.

    • Possibly. Drafts - by their nature - must be saved, even though sent emails are not.
    • by Agripa ( 139780 )

      In the worst case? How about Yahoo hands over all of their traffic to law enforcement for consideration. This would also provide email access to law enforcement from ISPs which outsource to Yahoo like AT&T.

  • by Narcocide ( 102829 ) on Sunday July 24, 2016 @03:49PM (#52571787) Homepage

    Some exec says they can't recover anything deleted from the servers until one of the sysadmins points out that the server backup archives don't process these deletion requests retroactively.

    • by Todd Knarr ( 15451 ) on Sunday July 24, 2016 @04:02PM (#52571843) Homepage

      Or it may be related to the reliability of recovering from backups. Backups are intended to recover from catastrophic failures, not mere accidental deletion of messages, so recovery of any particular message can be problematic. Even if the message was stored long enough to be caught in a backup, incremental backups mean it may take searching a month's worth of backups to find the exact one that backed up that message. Fail to scan a large enough range and you won't find the message even if it's backed up. If the message was received and then deleted before the next backup run then it may not be on any backup, and there's no way to distinguish not finding it because it wasn't backed up from not finding it because you didn't search the right set of backups. Explaining all that to ordinary users is all but impossible, so from a service-level standpoint it makes more sense to not bring backups up at all and simply say "If you deleted it, we can't recover it.". That, users can comprehend even if they don't agree with it.

      A request from a court for discovery is a completely different matter not limited by the service level provided to users, so it makes sense that Yahoo may be able to produce a message in response to a discovery request that it won't recover in response to a user request simply because they don't want to argue with every user whose message never made it into a backup or who wants them to go back through 5 years worth of backups to find it.

      • "Backups are intended to recover from catastrophic failures, not mere accidental deletion of messages" HAHAHAHAHA. That might be the original intention, but end users send in tickets every day in all major corps requesting recovery. "I deleted a sheet in our marketing spreadsheet" "I 'optimized' our HR access file, and now half the data is missing" "Word recovered a file and I saved it immediately but it was from last week so..."...I could go on forever, on average it's a request per week per 25 end users.
        • by jabuzz ( 182671 )

          There are ways around that so you don't have to actually deal with lusers when they delete stuff. The down side is that your tape drives might be busier than they would otherwise have been.

          The latest version of TSM or Spectrum Protect as IBM now like to call it has a web GUI designed for end users to recover files for example.

      • by AmiMoJo ( 196126 )

        This claim is from their guide for law enforcement [eff.org], page 8, 5th paragraph. They claim that once deleted they cannot produce messages for law enforcement, even if presented with a valid warrant.

        It seems that is inaccurate. So either they were lying to law enforcement, or they fabricated the messages, or they tried extra hard and found a way to do it which will now be subjected to rigorous scrutiny by the defence.

        It's not a get-out-of-jail-free card but someone from Yahoo will have to explain what happened he

        • by AmiMoJo ( 196126 )

          Actually there is another possibility. Yahoo was requested by the government to keep those messages. The process for doing that should be scrutinised.

          • by dave420 ( 699308 )

            And yet another possibility: The person used a draft message and not a sent message, rendering that document's content irrelevant.

    • It really depends on how often the backups are done, and how long they are kept. I remember for an old mainframe system they were done hourly, but with only 7 days kept. Other will have a lower frequency. But usually they are not kept forever, are usually overwritten as a sort of rolling backup. Now I could be wrong and yahoo could be saving a few terrabyte forever on regular basis but it sounds dubious as there is no commercial interest for this, this is why most ISP and firms fought plans to be forced to
  • by Anonymous Coward

    If you give your email to a data broker company such as Yahoo, Google, Microsoft, LinkedIn, or whoever... then they have it. What happens to it is now out of your hands. They don't have to delete it, and in fact probably they will not because it holds commercial value for them. They will just flag it so it doesn't show up for you.

    if you don't want these companies to have your data, do not give it to them. Really, this is not a complicated concept. End to end encrypt with PGP or whatever and send your d

    • If you give your email to a data broker company such as Yahoo, Google, Microsoft, LinkedIn, or whoever... then they have it.

      Or even your local Mom and Pop ISP. My ISP decided to outsource email to Google. The day they did that, email I had deleted THREE YEARS PRIOR showed up again.

      There is simply no more excuse for not having even the most basic comprehension of how it works.

      Of course there is. Because of Eternal September there is a huge number of people who are using at tool without the need or desire to know how it works under the hood. And that analogy is deliberate, both because of the slashdot car meme and the fact that the vast majority of people who use automobiles have no clue how they work under the hood.

    • by dave420 ( 699308 )

      You should get some decent data protection laws and then you'd have a chance.

  • It seems really clear that they can get out of this one easy. It was not deleted, it was never sent, thus it was just a discarded draft, and not in violation of any rule they set about deleted emails. An email has been sent, whereas a draft is not an email.
  • It's technically not an email until you hit the send button.
    • And therefore, your honor, my client should be let off the hook because he used the old "save draft" trickaroo.

  • If you forecast that it's going to be sunny, and it rains, everyone is mad at you. If you forecast it'll rain, but it turns out sunny, people might be bothered, but aren't angry. So you over forecast rain predictions.

    And then if you're running a free email service, and can recover some deleted items, but don't want to make promises about whatever internal garbage collection process you're using (and want the freedom to change it whenever you want), you say that you can never recover deleted items. That way

  • The IT Gods of our company have implemented some really serious backup and security measures. Something called Bit9 randomly kills my compilation process, the Mozy backup locks the file right in the middle of a git pull --rebase origin master resolving merge conflicts. The damned backup system takes two cores out of my 32 core machine 24/7 constantly. It backsup debug logs and regression suite temp files every 30 minutes. My unit testing script churns through 10 GB of scratch files every night. All I care a
    • Ugh, Bit9 is pure evil, from a programmer POV.

      It hashes every file you read and write and denies you access to them.

      We had that configured on a whitelist basis. The programmers had the option of overriding it, but as you can imagine, clicking through a dialog every time you make a 1-char change to every script file can be quite frustrating.

      It also took a file-heavy process that used to run in 90 seconds and made it consume 14 minutes.

  • by Anonymous Coward

    Yahoo said they cannot recover deleted emails. They say nothing about recovering deleted drafts.

    An email is the act of sending information from one account to another. It is nothing more than a set of transactions between servers along with a payload.

    A draft, however, is a document or file stored on a server that is waiting to be sent as a payload. It is not in itself an email. So, when Yahoo says they cannot recover deleted emails, it says nothing to their ability to recover other deleted information that

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...