back to article Microsoft, HURTING after NSA backdooring, vows to now harden its pipe

Microsoft is scrambling to encrypt its data centers' interlinks – after a fresh Snowden leak suggested the NSA and GCHQ tapped into the cables and intercepted sensitive network traffic. Documents obtained by the Washington Post from the whistleblower show that Microsoft's Hotmail, Windows Live Messenger services and Passport …

COMMENTS

This topic is closed for new posts.
  1. nexsphil

    Bullshit

    Microsoft will give the NSA access to any and all data it requires. This is yet another of their typically harebrained publicity stunts.

    1. Anonymous Coward
      Anonymous Coward

      Go Edgar Hoover!

      Definitely. They only reason they didn't do it sooner was they were too busy plumbing the new Kinect directly into the NSA's Utah facility for foreign intelligence gathering, er I mean commercial spying and blackmailing... Go Edgar Hoover!

    2. Suricou Raven

      Re: Bullshit

      Plus they get to charge for it now.

    3. Anonymous Coward
      Anonymous Coward

      Re: Bullshit

      There's complying with the law and there's ensuring that illegal tapping isn't possible.

      Much of what has been done in terms of spying has not been legal.

    4. Slawek

      Re: Bullshit

      Microsoft, like other companies, is supplying only what is ordered by a judge, according to laws of USA.

      1. Schultz
        FAIL

        Microsoft [...] is supplying only what is ordered by a judge, according to laws of USA.

        FALSE. NSA and co. explicitly intercept the data outside the US borders to circumvent US law and to avoid legal review of their actions.

        The NSA claims that interception occurs outside the US to maintain a superficial semblance of legality. But I wouldn't be surprised if that is another white lie. It would be a lot cheaper and easier to tap the cables right in front of the US telecom buildings as opposed to some elaborate underwater tapping or having some daily petabyte data-transfer from the friends in GB.

        1. Anonymous Coward
          Coat

          Re: Microsoft [...] is supplying only what is ordered by a judge, according to laws of USA.

          I think you'll find, that there are places in New York and Washington, where the fiber cables cross the border simply so that the traffic can be collected 'because it's crossing the U.S. border".

          I've got my tin-foil coat, now where's my hat.

        2. big_D Silver badge

          Re: FALSE. NSA and co. explicitly intercept the data outside the US borders

          There is a big difference between "Microsoft giving" the NSA data and the NSA illegally tapping the network, in that case, MS probably weren't even aware that the data was being taken.

      2. Anonymous Coward
        Anonymous Coward

        'Microsoft...is supplying only what is ordered by a judge, according to laws of USA.'

        Yeah, we heard that argument before last century with 'the Nazis made me do it'....

      3. Anonymous Coward
        Anonymous Coward

        Re: Bullshit

        "Microsoft, like other companies, is supplying only what is ordered by a judge, according to laws of USA."

        This is funny isn't he?

    5. Sporkinum

      Re: Bullshit

      And Google and Yahoo, etc, etc.

    6. Anonymous Coward
      Anonymous Coward

      Re: Bullshit

      Kinda. It will give any data for a price.

      So it probably is kind'a sore - it is called revenue assurance.

  2. AlbertH

    What did you expect?

    Windows users get all they deserve - closed source, deliberately vulnerable, obsfuscated code, bloated, overpriced and fundamentally broken. It's obvious that this almost ubiquitous mess will be targeted by every Nogoodnik, Government spook and script kiddie.

    Snowden has done the Open Source world a power of good!

    Remember - Microsoft have NEVER released a properly working product!

    1. Anonymous Coward
      Anonymous Coward

      Re: What did you expect?

      I want to quit my addiction to Microsoft products... Regarding OpenSUSE 13.1 reviewed today.. Can someone offer a quick list of Pros and Cons of switching? Can I keep legacy Office, is there a built in VM for that? cheers

    2. Anonymous Coward
      Anonymous Coward

      Re: What did you expect?

      If they hadn't then they wouldn't be in business.

    3. Anonymous Coward
      Anonymous Coward

      Re: What did you expect?

      And what part of the fact that all this snooping occurred on universal, internet-based services did your righteous ranting miss?

      If you used Linux to access any internet-based service - Google, Microsoft, Yahoo - then you were pwned. Your silly rant against Microsoft has no relevance here, the eavesdropping was system agnostic as it was directed to your internet usage practices, not your system per se.

      So go put your tinfoil hat back on, right underneath that dunce cap, and sit in the corner like a good little fool.

      1. Anonymous Coward
        Pint

        Re: What did you expect?

        @AC 22:49

        Damn shame you are anon. I would like to shake your hand and buy you a pint.

      2. Thunderbird 2

        Re: What did you expect?

        Quote "If you used Linux to access any internet-based service - Google, Microsoft, Yahoo - then you were pwned. Your silly rant against Microsoft has no relevance here, the eavesdropping was system agnostic as it was directed to your internet usage practices, not your system per se.

        So go put your tinfoil hat back on, right underneath that dunce cap, and sit in the corner like a good little fool."

        Much as I detest the idea of even seeming to be applauding macroshaft et al

        That definitely deserves an upvote :¬)

    4. Anonymous Coward
      Anonymous Coward

      Re: What did you expect?

      Microsoft have NEVER released a properly working product!

      Yes, but today they're allowed - the article headline makes up for it IMHO :)

      1. Dave 126 Silver badge

        Re: What did you expect?

        >Windows users get all they deserve

        WTF? So, users of software that is only available on Windows get all they deserve? Someone who makes components and has to use the CAD package their customer requires deserve all they deserve? People with a small business who use the accountancy software favoured by the revenue service get all they deserve?

        Grow up.

  3. ex1stence
    Trollface

    Your title

    I see what you did there.

    1. gollux

      The world needs more...

      hardened pipes...

      Free standing towers of data security.

      Hardened against backdoor penetration by the NSA et. al.

      May the Schwartz be with you!

  4. Anonymous Coward
    Anonymous Coward

    Umm...

    Horse? Stable?

  5. Anonymous Coward
    Anonymous Coward

    Sorry they got caught, sorry because it'll affect their business. The things real apologies are made of.

  6. btrower

    Who is really sore here?

    Microsoft supplied the air-conditioned pants, but it was us who got rear-ended.

    The fact that stuff continues to come out of the Snowden leaks and companies as large and complicit as Microsoft pretend to react shows the gravity of the situation.

    The fact they are attempting to apply butt-cream to this situation should have people screaming about both the initial penetration *and* the fact that the NSA still has its zipper down.

    At this point, the NSA is figuring that No somehow implies consent.

    Lube is an improvement, but in principle we are still being had against our will.

    1. Anonymous Coward
      Anonymous Coward

      Re: Who is really sore here?

      That's too funny!

  7. Bladeforce

    Whats the point?

    Microsoft will encrypt their traffic but keep the NSAkey so totally pointless exercise

    1. Sureo

      Re: Whats the point?

      What's to stop the NSA from going to its SECRET court and get a SECRET order to not encrypt private links and force MS to keep it all SECRET?

      1. Yet Another Anonymous coward Silver badge

        Re: Whats the point?

        Because it's a lot of paperwork.

        It's much easier to just ring up and say "You want to help us don't you? You aren't some sort of un-American pinko terrorist are you?"

  8. loneranger

    Snowden is a hero. If he hadn't done what he did, anyone who accused the government of these shenanigans would be accused of wearing a tinfoil hat and being a conspiracy nut. Thank you, sir!

    1. nexsphil

      Calling "tinfoil hat" or "conspiracy nut"

      What an intelligent and noble position that was.

      Looking back on these times with the benefit of 20/20 hindsight, our grandkids aren't going to be too forgiving of protestations that "it was different then" and "you don't know what it was like". The fact is: if you have *ever* called anyone a "tinfoil hat wearer" or a "wacky conspiracy theorist", you are a craven imbecile.

      Yes, I did it too once. And I'm going to do what we all are going to do. Lie.

    2. Slawek

      If he had only revealed extend of NSA activity in USA, then with a big dose of good will, you could say he did something defendable (although he sill violated terms of his employment). However, he is revealing foreign activities of NSA and other western intelligence agencies, and this is pure treason. I hope he will spend many years in jail.

      1. btrower

        Operationally, Snowden is a hero

        @Slawek:

        Snowden was bound by two promises. One was made to his employer, but the other was made to his country. The one to his country trumps the one to his employer.

        Frankly, I am not entirely comfortable with the fact that he broke faith, but he chose the best of two difficult paths. He took a really big bullet for all of us. He did the right thing.

        As a Canadian, I take a dim view of the notion that somehow my right to privacy is less than that of a U.S. citizen. To the extent that Snowden's activities acted against the U.S. state, they acted in the higher interests of the world at large. We established at Nuremberg that an individual state cannot command obedience to something fundamentally wrong.

        What Snowden did cannot be treason. To be that, he would have had to betray his country and he did anything but that. In fact, it would have been treasonous to take the other course. The state and the country are not the same thing. Certainly the employer and the country are not the same thing. He exposed ongoing treasonous activities of people violating the Constitution he pledged to defend against all enemies foreign or domestic. The fact that the enemies can argue they are domestic (I have my doubts about the nationality of the ultimate perpetrators) does not exempt them from exposure.

        The traitors are the ones exposed by Snowden and those traitors still hold the reigns of power largely because people like yourself defend them. The increasingly frantic damage control exercise is testament to the fact that at least in some of the corridors of power they realize they have royally fucked up and are on the verge of losing control entirely.

        If, as it seems it might, the world returns to sanity and the rule of law, the people exposed by Snowden will be imprisoned and Snowden will be given a hero's welcome for braving the wrath of a powerful, murderous outlaw state.

        Regardless of the unfortunate optics or what you think about his motivations, operationally, Snowden is a hero.

        1. Anonymous Coward
          Anonymous Coward

          Re: Operationally, Snowden is a hero

          There should be a matrix here.

          The Rows:

          People who think the government is spying on them

          People who don't think the government is spying on them

          The Columns:

          The Government is spying on them

          The Government isn't spying on them

          There will always be people in B1 who alas distract the people in A2 from hearing what people in A1 are saying.

          Actually, ignore that, I'm drunk and was following an idea.

        2. TopOnePercent Silver badge

          Re: Operationally, Snowden is a hero

          "Regardless of the unfortunate optics or what you think about his motivations, operationally, Snowden is a hero."

          Heroes don't run and hide fromt he law. Sorry, but they just don't.

          "What Snowden did cannot be treason."

          You'll find its a pretty textbook definition of treason.

          Regardless of what you think of the behaviour of intelligence services, the way Snowden acted was fundamentally wrong. When you have the heads of the 3 Brit intelligence agencies testifying publicly that Snowden has damaged their operational capability and that terrorists have learned & adapted from his leaks, the his actions cannot be considered justified.

          1. John Hughes

            Re: Operationally, Snowden is a hero

            "Heroes don't run and hide fromt he law. Sorry, but they just don't."

            You do know there were NSA whistleblowers before Snowden. Oh, you don't, do you, almost noone has heard of them.

            Snowden may or not be a "hero", but by running he made sure people would know what is going on. Staying in the States and trying to tell the world clearly didn't work.

            ":You'll find [Snowdens actions are] a pretty textbook definition of treason."

            Sorry? Treason is "waging war on the US". What "war" did he wage?

          2. Anonymous Coward
            Anonymous Coward

            Re: Operationally, Snowden is a hero@ TopOnePercent

            "When you have the heads of the 3 Brit intelligence agencies testifying publicly that Snowden has damaged their operational capability "

            The same people who allowed the government to lie about Iraq's supposed WMD, the same people who didn't stop the London bombings, the same people busy doing a good chunk of the NSA's dirty work in Europe and the Middle East, the same people who maintain one of their own people zipped himself up in a holdall and then locked it, and then passed away of natural causes, whilst they didn't think to ask why he hadn't turned in for work for a week....

            I'm British, I don't think the UK security services have covered themselves in glory. The UK government runs the same mass surveilllance as the NSA, damaging public confidence and privacy, yet unable to achieve much useful.

            If you want, go find another reason to pillory Snowden, but don't rely on the handwringing of British bureaucrats to justify the US government's utter contempt for its own constitution. The critical point of defending liberty is that the liberty needs to be there to be defended, not trampled all over in the latest edition of "The War On Something" (tm).

          3. Brian Morrison

            Re: Operationally, Snowden is a hero

            When I see people with such power laying it on thick in front of a committee that didn't so much as gently chew their socks let alone bite their ankles then I automatically get suspicious. I can work out where the weaknesses are in comms systems, so can the bad guys. Assuming that telling their techies what they already knew will affect things badly is just disingenuous.

            These people have too much power and can gain access to too much without sufficient oversight. I would rather take my chance of 0.00001% of being injured by terrorism in my lifetime than have a 100% chance of having my personal information hoovered up and stored and also face a worsening risk of my banking details becoming known to criminals because the spooks corrupted the crypto and crypto systems.

        3. PeteA
          Thumb Up

          Re: Operationally, Snowden is a hero

          Wish I could upvote twice - thank you sir.

  9. linicks

    The Arsonist

    Just like Gordan Brown did when he wrecked the pensions funds (causing millions to lose the lot) and then later caused a meltdown of the economy - come back and pretend to save it like the arsonist that goes back to put out the fire and become a hero.

    So MS let NSA in, and now we all know that, pretend they are the heroes to stop it.

    Phfffttt.

    1. Anonymous Coward
      Anonymous Coward

      Re: The Arsonist

      You forgot the selling off of the gold reserves. And the "Read my lips: No more boom and bust" soundbite. However, I wouldn't credit him with causing the (world wide) economic crisis all by himself.

      1. Vic

        Re: The Arsonist

        > No more boom and bust

        Credit where credit is due: he delivered on that promise.

        How may booms have we had since he made that speech?

        Vic.

  10. Someone Else Silver badge
    Devil

    Oh, the indignation!

    "These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution." Brad Smith, Microsoft's general counsel, said in an email to The Register.

    Ooooh! Puff those feathers out good, there, Brad.

    Although I don't seem to recall such indignation when Microsoft software was found phoning home with all manner of details about the user's machine when they did it.

    1. Anonymous Coward
      Anonymous Coward

      Re: Oh, the indignation!

      I'm happy to tell you all about my machine - in fact I often do, sorry - but more personal stuff I keep more to myself!

    2. Jess

      Re: Although I don't seem to recall such indignation when Microsoft software was found phoning home

      I'm pretty sure everything they did themselves was buried away in the EULA somewhere.

    3. Field Marshal Von Krakenfart
      FAIL

      Re: Oh, the indignation!

      No No, Mickysoft thought the NSA would only spy on other peoples privare communications, not Mickysofts as well.....

      According to attrition.org/misc/keywords.html, these are some of the phrases that the NSA like to snoop on. I'm not sure why Leitrim (a county in Ireland), Elvis, 15kg quiche or Bubba the Love Sponge would be of interest to the NSA, but there's no accounting for peoples curiosity.

      ---------------------------------------------------------------------

      Waihopai, INFOSEC, Information Security, Information Warfare, IW, IS, Priavacy, Information Terrorism, Terrorism Defensive Information, Defense Information Warfare, Offensive Information, Offensive Information Warfare, National Information Infrastructure, InfoSec, Reno, Compsec, Computer Terrorism, Firewalls, Secure Internet Connections, ISS, Passwords, DefCon V, Hackers, Encryption, Espionage, USDOJ, NSA, CIA, S/Key, SSL, FBI, Secert Service, USSS, Defcon, Military, White House, Undercover, NCCS, Mayfly, PGP, PEM, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, COSMOS, DATTA, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, BZ, CANSLO, CBNRC, CIDA, JAVA, Active X, Compsec 97, LLC, DERA, Mavricks, Meta-hackers, ^?, Steve Case, Tools, Telex, Military Intelligence, Scully, Flame, Infowar, Bubba, Freeh, Archives, Sundevil, jack, Investigation, ISACA, NCSA, spook words, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, Lacrosse, Flashbangs, HRT, DIA, USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDO, NAVWAN, NRL, RL, NAVWCWPNS, NSWC, USAFA, AHPCRC, ARPA, LABLINK, USACIL, USCG, NRC, ~, CDC, DOE, FMS, HPCC, NTIS, SEL, USCODE, CISE, SIRC, CIM, ISN, DJC, SGC, UNCPCJ, CFC, DREO, CDA, DRA, SHAPE, SACLANT, BECCA, DCJFTF, HALO, HAHO, FKS, 868, GCHQ, DITSA, SORT, AMEMB, NSG, HIC, EDI, SAS, SBS, UDT, GOE, DOE, GEO, Masuda, Forte, AT, GIGN, Exon Shell, CQB, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, MYK, 747,777, 767, MI5, 737, MI6, 757, Kh-11, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, Duress, RAID, Psyops, grom, D-11, SERT, VIP, ARC, S.E.T. Team, MP5k, DREC, DEVGRP, DF, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, PSAC, PTT, RFI, SIGDASYS, TDM. SUKLO, SUSLO, TELINT, TEXTA. ELF, LF, MF, VHF, UHF, SHF, SASP, WANK, Colonel, domestic disruption, smuggle, 15kg, nitrate, Pretoria, M-14, enigma, Bletchley Park, Clandestine, nkvd, argus, afsatcom, CQB, NVD, Counter Terrorism Security, Rapid Reaction, Corporate Security, Police, sniper, PPS, ASIS, ASLET, TSCM, Security Consulting, High Security, Security Evaluation, Electronic Surveillance, MI-17, Counterterrorism, spies, eavesdropping, debugging, interception, COCOT, rhost, rhosts, SETA, Amherst, Broadside, Capricorn, Gamma, Gorizont, Guppy, Ionosphere, Mole, Keyhole, Kilderkin, Artichoke, Badger, Cornflower, Daisy, Egret, Iris, Hollyhock, Jasmine, Juile, Vinnell, B.D.M.,Sphinx, Stephanie, Reflection, Spoke, Talent, Trump, FX, FXR, IMF, POCSAG, Covert Video, Intiso, r00t, lock picking, Beyond Hope, csystems, passwd, 2600 Magazine, Competitor, EO, Chan, Alouette,executive, Event Security, Mace, Cap-Stun, stakeout, ninja, ASIS, ISA, EOD, Oscor, Merlin, NTT, SL-1, Rolm, TIE, Tie-fighter, PBX, SLI, NTT, MSCJ, MIT, 69, RIT, Time, MSEE, Cable & Wireless, CSE, Embassy, ETA, Porno, Fax, finks, Fax encryption, white noise, pink noise, CRA, M.P.R.I., top secret, Mossberg, 50BMG, Macintosh Security, Macintosh Internet Security, Macintosh Firewalls, Unix Security, VIP Protection, SIG, sweep, Medco, TRD, TDR, sweeping, TELINT, Audiotel, Harvard, 1080H, SWS, Asset, Satellite imagery, force, Cypherpunks, Coderpunks, TRW, remailers, replay, redheads, RX-7, explicit, FLAME, Pornstars, AVN, Playboy, Anonymous, Sex, chaining, codes, Nuclear, 20, subversives, SLIP, toad, fish, data havens, unix, c, a, b, d, the, Elvis, quiche, DES, 1*, NATIA, NATOA, sneakers, counterintelligence, industrial espionage, PI, TSCI, industrial intelligence, H.N.P., Juiliett Class Submarine, Locks, loch, Ingram Mac-10, sigvoice, ssa, E.O.D., SEMTEX, penrep, racal, OTP, OSS, Blowpipe, CCS, GSA, Kilo Class, squib, primacord, RSP, Becker, Nerd, fangs, Austin, Comirex, GPMG, Speakeasy, humint, GEODSS, SORO, M5, ANC, zone, SBI, DSS, S.A.I.C., Minox, Keyhole, SAR, Rand Corporation, Wackenhutt, EO, Wackendude, mol, Hillal, GGL, CTU, botux, Virii, CCC, Blacklisted 411, Internet Underground, XS4ALL, Retinal Fetish, Fetish, Yobie, CTP, CATO, Phon-e, Chicago Posse, l0ck, spook keywords, PLA, TDYC, W3, CUD, CdC, Weekly World News, Zen, World Domination, Dead, GRU, M72750, Salsa, 7, Blowfish, Gorelick, Glock, Ft. Meade, press-release, Indigo, wire transfer, e-cash, Bubba the Love Sponge, Digicash, zip, SWAT, Ortega, PPP, crypto-anarchy, AT&T, SGI, SUN, MCI, Blacknet, Middleman, KLM, Blackbird, plutonium, Texas, jihad, SDI, Uzi, Fort Meade, supercomputer, bullion, 3, Blackmednet, Propaganda, ABC, Satellite phones, Planet-1, cryptanalysis, nuclear, FBI, Panama, fissionable, Sears Tower, NORAD, Delta Force, SEAL, virtual, Dolch, secure shell, screws, Black-Ops, Area51, SABC, basement, data-haven, black-bag, TEMPSET, Goodwin, rebels, ID, MD5, IDEA, garbage, market, beef, Stego, unclassified, utopia, orthodox, Alica, SHA, Global, gorilla, Bob, Pseudonyms, MITM, Gray Data, VLSI, mega, Leitrim, Yakima, Sugar Grove, Cowboy, Gist, 8182, Gatt, Platform, 1911, Geraldton, UKUSA, veggie, 3848, Morwenstow, Consul, Oratory, Pine Gap, Menwith, Mantis, DSD, BVD, 1984, Flintlock, cybercash, government, hate, speedbump, illuminati, president, freedom, cocaine, $, Roswell, ESN, COS, E.T., credit card, b9, fraud, assasinate, virus, anarchy, rogue, mailbomb, 888, Chelsea, 1997, Whitewater, MOD, York, plutonium, William Gates, clone, BATF, SGDN, Nike, Atlas, Delta, TWA, Kiwi, PGP 2.6.2., PGP 5.0i, PGP 5.1, siliconpimp, Lynch, 414, Face, Pixar, IRIDF, eternity server, Skytel, Yukon, Templeton, LUK, Cohiba, Soros, Standford, niche, 51, H&K, USP, ^, sardine, bank, EUB, USP, PCS, NRO, Red Cell, Glock 26, snuffle, Patel, package, ISI, INR, INS, IRS, GRU, RUOP, GSS, NSP, SRI, Ronco, Armani, BOSS, Chobetsu, FBIS, BND, SISDE, FSB, BfV, IB, froglegs, JITEM, SADF, advise, TUSA, HoHoCon, SISMI, FIS, MSW, Spyderco, UOP, SSCI, NIMA, MOIS, SVR, SIN, advisors, SAP, OAU, PFS, Aladdin, chameleon man, Hutsul, CESID, Bess, rail gun, Peering, 17, 312, NB, CBM, CTP, Sardine, SBIRS, SGDN, ADIU, DEADBEEF, IDP, IDF, Halibut, SONANGOL, Flu, &, Loin, PGP 5.53, EG&G, AIEWS, AMW, WORM, MP5K-SD, 1071, WINGS, cdi, DynCorp, UXO, Ti, THAAD, package, chosen, PRIME, SURVIAC,

    4. big_D Silver badge

      Re: Oh, the indignation!

      Fourth Amendment? Surely, in the UK, what the GCHQ and NSA have done falls under the Governments much hated RIPA Act?

  11. Chris G Silver badge

    Way beyond the ointment stage

    I had a conversation in the early 2000s with an IT whiz who used to work with various spooky people,

    with a nod and a wink he said that he would not be at all surprised if it was found one day that Windows had an FBI back door built in.

    If the Federal Investigation Bureau had a back door then it is almost certain the NSA would have access too.

    An economy sized case of Preparation H please!

    1. Anonymous Coward
      Anonymous Coward

      Re: not be at all surprised if it was found one day that Windows had an FBI back door built in.

      Of course it has, or at least a very simple way to install one on a target.

      Windows update.

      I think it has been established the MS can force updates, they just don't usually.

      We know they have to do what they are told.

      Therefore if an agency wants access to a machine, at the very worst they just need to identify the machine and order MS to update it with a backdoor.

      (And this assumes of course, that there isn't already a backdoor installed on every windows machine installed since the anti-trust case mysteriously vanished).

      This would also apply to all American controlled OSes. Apple's OS X and iOS, and Android.

      Although, because those companies haven't had such a huge legal case vanish, I would expect a slightly more conservative attitude of their legal obligations.

      Funny what happened to all the non US controlled OSes. (Billion dollar bung to extinguish one.)

  12. DougS Silver badge

    The US claimed Snowden's revelations damaged its ability to fight terrorism

    It is probably this type of loss of access that the NSA was whining about. Previously no one really thought about encrypting data traversing their intranet, now everyone will be doing it. Sorry NSA, but I don't feel sorry for you!

    Now if we can just stop the US government from having "secret" laws. If you can't know the law, how are you supposed to know if someone telling you to comply with something is lying about there being such a law in the first place? Maybe there are no secret laws, and the NSA just lies and tells companies there are.

    At least we'd know who to blame if Congress had to pass such a law openly and Obama had to sign it. The PATRIOT Act may suck, and I don't agree with it, but at least it was passed openly (only the "interpretations" were done secretly)

    1. Pet Peeve
      Flame

      Re: The US claimed Snowden's revelations damaged its ability to fight terrorism

      In the first few days of the Snowden business, I really WAS pissed at what he did (or at least what was first released), because the early stuff was mostly legal, and there's no question that disclosing it hurt intelligence gathering.

      Now I find I'm not anymore. The wholesale slurping of incoming or intra-cloud communications, so they don't have to ask for a FISA warrant, puts the NSA solidly behind the 8-ball. They are bad guys, using flat-out-illegal methods because following the law was inconvenient for them. Merely making this possible puts us all at risk from boneheaded mistakes, and the US intelligence apparatus is all ABOUT bonehead mistakes.

      Google has it right, FUCK THESE GUYS. If they want data, they can bloody well ask for it legally. Another good thing about this case, it finally got the movement started to use perfect forward security in SSL. I was disgusted to find out how often this simple-to-configure option wasn't used. If PFS was used at lavabit, there would have been no point in demanding their SSL key - recorded sessions would be useless.

      Install the Calomel browser addon and scream at noncompliant site operators until they all pass the "128 bit PFS and better only" test. And yell at your congresscritter to put the final stake in the heart of National Security Letters, too.

    2. John Hughes

      Re: The US claimed Snowden's revelations damaged its ability to fight terrorism

      "It is probably this type of loss of access that the NSA was whining about. Previously no one really thought about encrypting data traversing their intranet, now everyone will be doing it. "

      Speak for yourself. I've been encrypting everything between our sites for years.

      1. Anonymous Coward
        Anonymous Coward

        Re: The US claimed Snowden's revelations damaged its ability to fight terrorism

        If the US is serious about fighting terrorism learn from the Brits.

        Introduce internment, ban juries, put the army on the streets, shoot protesters, have paid informers murder lawyers acting for the opposition,

  13. smiths121

    New years resolution

    The more leaks - the more GCHQ keeps coming up - sucke being British or US citizen.

    It seems I have a choice between being on-line, or reserving my privacy (I have not issue giving it up as part of an investigation). Being in my 40s I grew up with films such as Brazi - a horror story of what we could become. I still believe spying on your own population is a commie thing.

    Originally, my new years reolution was to give up the (personaly) use of any US (sorry US) software product - including Windows (Rome Total War II and Elite Dangerous are a huge hinderance to this - where is my will power?). I have made good progress, but my gmail account of a decade is going to take longer.

    I think I will change my resolution to "move to" private cloud infrastructure on my own hardware protected by VPN with heavy encryption. This way I can feel my privacy is protected, but give us keys for a rightful investigation (hopefully very unlikely) and fight (politically and intellctually) for a more civilised society) - back to where I think we were, and we should be.

    Simon

    1. DryBones

      Re: New years resolution

      Sir,

      I think with relation to your Gmail account, you have 3 choices:

      1) Stop using it. Also, stop sending email to addresses in any country that might in any way be able to obtain said mail, in addition to its intended recipient. I think you'll find that to be most all of them.

      2) Start using pre-encryption such as PGP for all email traffic.

      3) Take a breath and relax.

      In short, you have the same issue that Google and Microsoft have. Your traffic goes everywhere, you'll have to either wrap it up end to end, or accept it can be had.

      1. Nicole D.

        Re: New years resolution

        "In short, you have the same issue that Google and Microsoft have. Your traffic goes everywhere, you'll have to either wrap it up end to end, or accept it can be had."

        Indeed. That's where meaningful analysis of modern privacy must start.

        It's not like we're going to go back in time to a way of life before surveillance on this scale was both possible and practical. No one WANTS to.

        So then what?

        The line that "if you got nothing to hide you got nothing to fear" is wrong on all kinds of levels in all kinds of ways. But the rejection of that as a matter of principle doesn't mean it isn't one of the terms we will live under. And it's a deal we make with ourselves.

        When Eric Schmidt sings the no hide/no fear song, it's not because he likes things that way and sees nothing wrong with it, it's because he knows it to be true. He's not making an ethical statement but stating a technological fact. And how many are in a better position to know? I'd rather he be candid than coy.

        When Google and Microsoft and Yahoo and Facebook play the righteous victims, they deflect attention from themselves in hopes of hiding the fact that what the NSA has been doing in secret, they've been doing in broad daylight. With our enthusiastic cooperation and consent to the terms of service.

        It would be easier and less inconvenient to renounce your citizenship, move to a different continent, and adopt a new identify, than to give up Google and never again have your bitstreams intersect.

        OK, so what are you going do about it?

    2. Nicole D.

      Re: New years resolution

      Speaking of New years resolutions...

      Watch Time Magazine name Edward Snowdon Man of the Year.

  14. dan1980

    Why 'hold off'?

    My question is - given the prior 'revelations' that the NSA tapped into both Google and Yahoo, why would Microsoft wait until they were specifically mentioned to start this action?

    Given the nature of the revelations and the clear indication of intent, if not actual conduct, it seems odd that MS would believe they were fine until otherwise informed.

    1. Don Jefe

      Re: Why 'hold off'?

      Because it's a violation of FISA and National Security Letter directives to disclose the Feds activities, even if it's being done to you.

      I'm not defending MS overall, but in this case they would have been up shit creek if they skirted the national security rules. Someone else had to do it for them.

    2. DryBones

      Re: Why 'hold off'?

      Bad legal advice, is my guess.

  15. Mikel

    Missed opportunity

    "promises to close gaping ports."

  16. lansalot

    ha!

    MS: "Look! Due to NSA snooping, we've encrypted all our traffic! Confidence restored!!"

    NSA: "Here's a court order - give us the keys to your encryption. According to said court order, you are prevented from revealing this request"

    MS: "shit."

  17. Anonymous Coward
    FAIL

    Too Late! I already moved all my sh1t to Ubuntu, FirefoxOS & gandi.net.

    1. dogged

      So you disconnected yourself utterly from the Internet too?

      Apparently not.

  18. Paul Smith

    Who are they voting for?

    Has anyone asked who google, microsoft, etc. will be supporting in the next presedential race, and what they will demand in return?

  19. Ramon Zarat

    Still think Snowden is a traitor? Of the people, by the people for the people? NSA boss is the people, but the people can't sue NSA for abusing its power because it is above and beyond the constitution or any kind of laws...because of "national security". Isn't that nice?

    National security = The only reason we need at NSA to justify we can do anything and everything to control every aspects of everyone life in the US, or anywhere else on this planet. We own this fucking planet, for your own good....

    You know what NSA? Fuck this false sense of security for the price of slowly but surely eroding all my liberties and invade my privacy with insane stuff like the Patriot act. Selling the pitch that by doing this, "you ensure safety" is the biggest scam since religions were invented. Like you can stop every drop of rain from reaching the ground...with your bare hands. Man, this is not the 1950s anymore. We are not that gullible.

    1. cybervigilante

      Auto accidents kill a hundred times the Americans that "tera-ists" do, but we don't blow trillions and shred the Constitution from fear of cars. It's all nuts. Fear is being used to control us and blow our money on drones and crap instead of creating jobs and feeding Americans. This government Totally Sucks.

      1. Anonymous Coward
        Anonymous Coward

        Talking of drones

        I saw this article in a print edition of the Florida Weekly news (I brought it home with me in case I could not find it online), just found it online :

        http://charlotte.floridaweekly.com/news/2013-11-07/Opinion/The_rising_resistance_to_Obamas_drone_wars.html

        Very thought provoking and interesting article. I did not know that was how they operate - bomb a place, wait for rescuers then bomb them as well, according to the article.

  20. cybervigilante

    Snowden is a global hero but is being persecuted by the Obama Administration, which in the same breath, has told Banksters they will Never be prosecuted for massive crimes that nearly destroyed the global financial network, and put millions out of homes and jobs. And oh, they do after pot smokers with a vengeance since they are also such a big danger. Let's call it what it is - the Injustice Department.

    Now if the NSA stopped the Banksters from colluding to destroy the economy again, so they could profit from their illegal reposessions as property values went up again, I'd day they might actually be doing something useful. But you'll never see that happening.

  21. Philip - Los Gatos

    Forgot about Howard Schmidt already?

    Maybe people have forgotten Howard Schmidt. An early Microsoft CISO. Before then he was a supervisory special agent and director of the Air Force Office of Special Investigations Computer Forensic Lab and Computer Crime and Information Warfare Division. Before then, he was with the FBI.

    How much would anyone want to bet that backdoors into Microsoft OS were put in place then? The guy was a government agent working at Microsoft. He then went to work at eBay. Then he went back to government work, being called back by Pres. Bush and served as the vice chair of the President's Critical Infrastructure Protection Board and a special advisor for cyberspace security for the White House.

    Microsoft and the NSA & FBI have had ties lasting for that long.

    But now that Snowden revealed for a fact what was before only (highly) suspected, Microsoft acts indignant. Sure. Whatever...

  22. jmward

    Microsoft Hypocrisy?

    This is a cosmetic PR exercise by Microsoft. James Bamford's well-documented book about the NSA, "The Shadow Factory", recounts how the NSA decided it had to move its data centre from the NSA's Maryland HQ to a location where the electricity supplies were cheaper and able to meet the NSA's huge power demand. The NSA chose a location in San Antonio, near NSA Texas, in 2005, but did not finally commit to moving there until 2007, when Microsoft formally announced its decision to build a large data centre about 7 miles from the proposed NSA site.

    No great leap of the imagination is required to envisage a fibre-optic pipe between the two, which of course Microsoft would connect either voluntarily or under coercion from the government. It is also difficult to believe that that pipe would be one of the connections that Microsoft proposes to encrypt.

  23. Chairo

    "software called Monkey Puzzle"

    I love these code names nearly as much as I hate the spying.

    Was that a reference to Ballmer's famous dance?

    1. Brian Morrison

      I don't think so, it's a type of tree that is called a Monkey Puzzle tree colloqially in the UK. The name refers to the sharp needles on the branches that are thought to make it difficult for even a monkey to climb.

      It's actually a Chilean pine, and part of its scientific name Araucaria araucana was also used by the recently-deceased Guardian crossword setter Araucaria.

  24. Bladeforce

    Listen to all the Americans saying..

    "They need an order from a judge to have a look"

    ISnt it great they look at the smaller picture.

    America creates a worldwide economy then in the next breath cares nothing about the privacy of their companies customers.

    THEY DO NOT NEED A COURT ORDER TO SNOOP ON THE REST OF THE WORLD

    what part of shitty do they not understand? Blinded by xenophobia most probably

  25. PaulTheCabDriver

    how MS could win on this

    You know, if Microsoft cared one shred for its customers, rather than being the money grubbing whore that it is, the solution would be very simple: First, build a patch or encryption that would prevent the Nosy Snooping A**holes from tapping into their customer's private communications. Next, offer the encryption to every customer EXCEPT government agencies. Next, alert the Russians to the back door.

    Microsoft and these other major IT players should immediately disown the US government and refuse to do business with them. Let's see the government function with no support, and no ability to upgrade any of their software ever again.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019