|
|
|
|
|
|
by oelmekki
4712 days ago
|
|
|
I think the point here is that feds don't want to have to ask access to companies, or even getting noticed. Operating directly on the database means either : * requesting a dump that get quickly deprecated * having a direct access to database, which can be traced Using common interface, you can use it without rising any flags, except if companies specifically implement warning feature for known NSA/feds/whatever ips. The best of that is that many people use the same password for several websites. So, having one, you may access data on an other website without the company knowing it. As it becomes more and more clear big companies are fighting agencies here, decyphering passwords and using them abroad makes perfect sense. |
|
|
I mean, isn't the article about the gov't asking the companies for user passwords? How is asking for direct db access any different than this?