User: Password:
Subscribe / Log in / New account


Wiretapping and email

August 17, 2005

This article was contributed by Joe 'Zonker' Brockmeier.

The legal protection for email has been expanded, just slightly. The full First Circuit Court of Appeals has overturned a First Circuit panel decision that allowed Bradford Councilman to monitor the content of his users' incoming email.

Councilman was vice president of Interloc, a company that ran an online service that listed rare and out-of-print books, and offered its customers an email at "" (Interloc has become Albris.) In January 1998, Councilman directed employees to copy incoming email from to subscribers. A procmail script was used to copy those messages, without any notice to Interloc's users, into a mailbox that Councilman could read in an attempt to gain a commercial advantage.

In 2001, a grand jury charged Councilman with conspiracy to violate the Wiretap Act. This count was dismissed by district court, and the dismissal was affirmed by a panel hearing of the First Circuit Court last year, but the full court granted an en banc hearing which overturned the panel decision. The judgment has been vacated and the case has been remanded to the district court.

The case centers on whether email is an "electronic communication," or whether Congress meant to -- by exclusion -- exempt "communications in transient storage" from the Wiretap Act. The Electronic Communications Privacy Act (ECPA) of 1986 updated title 18 of the United States Code (the Wiretap Act), making it an offense to "intentionally intercept, endeavor to intercept, or procure any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication."

If email is considered an electronic communication, then it is considered protected under the ECPA. However, Councilman argued that email was not "electronic communication" when it was copied because it was "in storage" at the time.

The court has decided that Councilman's interpretation "is inconsistent with Congress's intent."

The statute contains no explicit indication that Congress intended to exclude communications in transient storage from the definition of "electronic communication," and, hence, from the scope of the Wiretap Act. Councilman, without acknowledging it, looks beyond the face of the statute and makes an inferential leap. He infers that Congress intended to exclude communications in transient storage from the definition of "electronic communication," regardless of whether they are in the process of being delivered, simply because it did not include the term "electronic storage" in that definition. This inferential leap is not a plain text reading of the statute.

It's also worthwhile to note the court's comments on the Stored Communications Act, saying that "Councilman's conduct may appear to fall under the Stored Communications Act's main criminal provision," but that he would also fall under the provider exception, which says the Act "does not apply with respect to conduct authorized by the person or entity providing a wire or electronic communications service." The Stored Communications Act, according to the Court's decision, appears to establish "virtually complete immunity" for service providers in handling email on their systems.

However, the Stored Communications Act does not provide a "safe harbor" for Councilman, since the Wiretap Act has a much narrower service provider exception, which only allows interception as "necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service." Obviously, Councilman's actions do not fall within this definition.

The court concluded that "electronic communication" includes "transient electronic storage that is intrinsic to the communication process for such communications" and that "interception of an email message in such storage is an offense under the Wiretap Act."

Assuming this decision holds, the Councilman decision is a victory for users and protects email in transit -- whether that is "on the wire" or in temporary storage on a server awaiting delivery to its final destination -- granting email the same protection from interception and monitoring that is given to phone calls.

Comments (2 posted)

Brief items

An overview of multilevel security

One of the many features added to the 2.6.12 kernel is multilevel security support for SELinux. The only problem is that few people actually understand what MLS is. James Morris has posted a multilevel security overview which makes a good starting point. "The reason why we have categories as well as sensitivities is so that sensitivities can be further compartmented on a need to know basis. For example, while a user may be cleared to Secret, they may not need to know anything about project WarpDrive (which could be the name of a category)."

Comments (14 posted)

The Hidden Boot Code of the Xbox

The Xbox Linux Project site has posted a detailed article on how the Xbox was designed to prevent the booting of "unauthorized" software, and how that scheme was defeated. It is an interesting look at the design of non-free hardware. (By way of Bruce Schneier).

Comments (5 posted)

New vulnerabilities

Adobe Acrobat Reader: arbitrary code execution

Package(s):Adobe Acrobat Reader CVE #(s):CAN-2005-2470
Created:August 16, 2005 Updated:August 22, 2005
Description: A buffer overflow bug has been found in Adobe Acrobat Reader. It is possible to execute arbitrary code on a victim's machine if the victim opens a malicious PDF file.
SuSE SUSE-SA:2005:047 acroread 2005-08-22
Gentoo 200508-11 acroread 2005-08-19
Red Hat RHSA-2005:750-01 acroread 2005-08-16

Comments (none posted)

awstats: command injection vulnerability

Package(s):awstats CVE #(s):CAN-2005-1527
Created:August 11, 2005 Updated:November 10, 2005
Description: AWStats has a command injection vulnerability that can be exploited by specially crafting referrer URLs that contain Perl code. The code can then be executed with the privileges of the web server.
Debian DSA-892-1 awstats 2005-11-10
Gentoo 200508-07 awstats 2005-08-16
Ubuntu USN-167-1 awstats 2005-08-11

Comments (2 posted)

bluez: command execution

Package(s):bluez-utils CVE #(s):CAN-2005-2547
Created:August 17, 2005 Updated:August 26, 2005
Description: The bluez-utils package (through version 2.19) fails to properly validate device names. As a result, pairing the system with a device containing a maliciously-crafted name could result in the execution of arbitrary commands as root.
Mandriva MDKSA-2005:150 bluez-utils 2005-08-25
Debian DSA-782-1 bluez-utils 2005-08-23
Gentoo 200508-09 bluez-utils 2005-08-17

Comments (none posted)

evolution: format string issues

Package(s):evolution CVE #(s):CAN-2005-2549 CAN-2005-2550
Created:August 15, 2005 Updated:March 23, 2006
Description: Evolution has format string issues. SITIC advisory SA05-001 contains more information.
Debian DSA-1016-1 evolution 2006-03-23
SuSE SUSE-SA:2005:054 evolution 2005-09-16
Red Hat RHSA-2005:267-01 evolution 2005-08-29
Gentoo 200508-12 evolution 2005-08-23
Mandriva MDKSA-2005:141 evolution 2005-08-17
Fedora FEDORA-2005-742 evolution 2005-08-11
Fedora FEDORA-2005-743 evolution 2005-08-11

Comments (2 posted)

kdeedu: tempfile handling vulnerabilities

Package(s):kdeedu CVE #(s):CAN-2005-2101
Created:August 15, 2005 Updated:September 22, 2005
Description: Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked. The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user invoking the conversion script.
Debian DSA-818-1 kdeedu 2005-09-22
Mandriva MDKSA-2005:159 kdeedu 2005-09-06
Fedora FEDORA-2005-744 kdeedu 2005-08-16
Fedora FEDORA-2005-745 kdeedu 2005-08-15

Comments (none posted)

Mozilla: frame injection spoofing

Package(s):mozilla firefox CVE #(s):CAN-2004-0718 CAN-2005-1937
Created:August 15, 2005 Updated:September 19, 2005
Description: A vulnerability has been discovered in Mozilla and Mozilla Firefox that allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. Thunderbird is not affected by this.
Debian-Testing DTSA-14-1 mozilla 2005-09-13
Fedora-Legacy FLSA:160202 mozilla 2005-09-14
Debian DSA-810-1 mozilla 2005-09-13
Debian DSA-777-1 mozilla 2005-08-17
Debian DSA-775-1 mozilla 2005-08-15

Comments (none posted)


(IN)SECURE Magazine issue 3

The third issue of (IN)SECURE magazine is out; covered topics include PDA attacks, adding signatures to nmap, SQL injection, and an interview with Michal Zalewski.

Full Story (comments: none)

Page editor: Jonathan Corbet
Next page: Kernel development>>

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds