Microsoft helped NSA get around its encryption
Posted on 12 July 2013.
It has been a bad month for US Internet giants, but things got even worse for Microsoft as the latest batch of NSA documents leaked by Edward Snowden revealed that the company has helped US intelligence agencies circumvent the company's own encryption.

The aforementioned encryption is that which supposedly protected web chats on Outlook.com and emails on Hotmail, and the company didn't stop there.

It also apparently collaborated with the FBI and the NSA to make its cloud storage service SkyDrive and the Skype VoIP service - and the data stored in and exchanged through them - more easily accessible through the PRISM program.

Finally, the documents leaked to The Guardian revealed that the data collected via this program was not only accessible to the NSA, but to the FBI and CIA as well.

Microsoft has reacted to the revelations with the following statement:

We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues. First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.

Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.

Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues.

In a joint statement by the NSA and the Office of the Director of National Intelligence, the US intelligence establishment pointed out that "the articles describe court-ordered surveillance – and a US company's efforts to comply with these legally mandated requirements," and added that "the US operates its programs under a strict oversight regime, with careful monitoring by the courts, Congress and the Director of National Intelligence."

While this latest scandal unravels, Edward Snowden, the man that made it all happen, is still stuck in the transit zone of the Moscow Sheremetyevo International Airport. He has received an offer of asylum from Venezuela, but has yet to accept it.

According to The Guardian, he has invited human rights groups in Russia in for a meeting scheduled for later today.

Amnesty International has already confirmed their attendance, and a press event is apparently scheduled after it.









Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //