- This iPhone app says it will alert you if you’ve been hacked Today 2:43 PM
- ‘Marvel’s Hero Project’ is the wholesome content 2019 needs Today 2:40 PM
- Get more out of VSCO with VSCO search Today 2:09 PM
- Twitter carves out ‘cause-based’ advocacy exemption in political ads ban Today 2:06 PM
- Disney+ accounts are being hacked—here’s how to protect yourself Today 1:52 PM
- Instagram is hiding likes globally and searching for a ‘well-being’ product researcher Today 1:42 PM
- ‘The Mandalorian’ opens up its mythology even further in ‘Chapter 2’ Today 12:54 PM
- Want to buy a drone on a budget? We’ve got you covered Today 12:51 PM
- ‘Simpsons’ writer accuses Republicans of stealing Sideshow Bob’s defense Today 12:49 PM
- Keanu Reeves’ appearance in ‘SpongeBob Movie’ trailer quickly becomes a meme Today 12:35 PM
- Charli XCX makes the band in Netflix’s ‘Nasty Cherry’ Today 12:33 PM
- Taylor Swift’s distress call reignites fight with Scooter Braun and former label Today 12:16 PM
- How to disable autoplay for previews and trailers on Disney+ Today 12:10 PM
- College basketball stream: How to watch North Carolina vs. Gardner-Webb Today 12:00 PM
- Trump accused of witness intimidation for tweets during impeachment hearing Today 11:48 AM
When it comes to the tool that Yahoo used to scan its customers’ emails on behalf of U.S. intelligence, we have more questions than answers, at this point.
A growing pile of anonymous—and, therefore, unaccountable—sources has provided media with vague and conflicting stories about what the scanning tool actually did, what content was being scanned and for how long, under what authority, and how it was ultimately discovered.
The whole saga has left experts frustrated as they try to sort out fact from fiction.
The latest twist is a Motherboard report, which, citing two sources (at least one of whom once worked at Yahoo), says previous descriptions of the hacking tool is wrong, that the tool is actually much more powerful than other sources described. Motherboard writes:
The tool was actually more like a “rootkit,” a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.
The Yahoo security team was reportedly kept in the dark for much of the time the scanning took place, resulting in the contentious June 2015 departure of Chief Information Security Officer Alex Stamos, who now works at Facebook.
It’s unclear how closely ex-Yahoo anonymous sources would have been able to examine the software, what the process looked like, or what the immediate reaction of the team and leadership was.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.