Slashdot Mirror
MS Handed NSA Access To Encrypted Chat & Email
kaptink writes with the latest revelation from Edward Snowden: "Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal. The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail. The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide. Microsoft also worked with the FBI's Data Intercept Unit to 'understand' potential issues with a feature in Outlook.com that allows users to create email aliases. Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio. Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a 'team sport.'"
All this and now they want to put an always (or nearly) on mic and camera in my home?
Paying taxes to buy civilization is like paying a hooker to buy love.
At what point do we call it a corporate-fascist police state?
campaign against Google, attacking Google for "reading your email" for putting ads on the screen.
http://www.theverge.com/2013/2/7/3962794/microsoft-revives-anti-google-scroogled-campaign-to-attack-gmail
I'm getting a bit tired of news like this.
That's the danger in fighting a bureaucracy that's overstepped its bounds: Bureaucracies don't get tired. Outraged private citizens do.
!#@%*)anks for hanging up the phone, dear.
Companies cant design truly secure communications because government thinks that should not be legal. This is a fundamental problem.
Good-bye
The vendors say they obey the law, respond only to direct requests for information, review those carefully, and then decided what data to release.
But how is that possible if the data is being hoovered? Would the "direct request" be something on the order of, "gives me all your data -- all of it, on everyone", in which case, that thoughtful review and careful decision is a MEANINGLESS exercise.
When the state has ultimate power, it drains the normal meanings of words. Even saying something like, "we are a nation of laws, not men" is meaningless in the face of such categorical activity. When the government is that intrusive, what's legal is whatever it wants it to be.
That's the problem. If I were a plucky startup, I would be busy getting together a technical response to this. Clearly, everyone needs to be able to encrypt everything BEFORE it gets into the hands of any information provider.
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
What utter horseshit. M$ and others are private companies, trusted by the public with their personal data. If the NSA or other government agency has a specific need to look at a communication, they are supposed to go to a judge, obtain a warrant, and go to M$ with that authority. That is NOT what has been happening. It's unconstitutional, immoral, and unethical.
With all respect, I don't want to stop hearing these news. Because I want *confirmation* of every single thing that the US has done against people's freedom. I don't want to be considered a tinfoil hat paranoid anymore. I want proof, so no one can neglect later, about how fascist he US has become. And just because it was suspected, it doesn't mean that it is ok and we can just keep going with our lives as if nothing had happened. I want to see people resign, and I want to see people get spit at publicly, and ideally --even if it's never gonna happen-- I'd like to see people going to jail not only for having violated the most basic human rights, but for trying to brainwash the uneducated into believing that this is the correct approach to protect US's national security.
Written communication by an American cannot possibly be distinguished from written communication by a foreigner. Grammar? 2nd languages? How are they able to tell who's who?
If they accidentally targeted even one American, they've just breached the constitution and are in violation of US laws that came before their grandfathers making them criminals. Why has nobody in the government been arrested over this?
Because they think they can get away with anything. Scary stuff.
I would view this action from them as illegal anyways.
It doesn't matter if the server is in USA or where.. MS is here, in Finland, selling and marketing this service to me. so they should adhere to our laws about our data. They don't(shouldn't) get out of the data protection and privacy responsibilities by outsourcing some of their work to USA - and if they do that is a dangerous precedent because then you could just dump all our laws about it while they go and put a proxy in some Zimbanaomiland - on principal level that's what they're doing.
world was created 5 seconds before this post as it is.
In the modern world, "secure in their papers" doesn't mean anything, almost all communication is not via "papers", but rather are digital substitutes (sic) for paper. We are no longer secure in our papers, when we cannot trust that our effects are ours, if we happen to store them in an online vault.
What is worse, is that while we are unable to keep secrets from government, government feels perfectly fine trying to keep secrets from "we the people" that supposedly form it.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
What's this obsession with American citizens? Someone talked a lot about morale recently here, does the morality suddenly lose its meaning when applied to somebody else than Americans?
The bottom line is they've still collected information on US citizens that they can't constitutionally posses without a warrant. Whatever their intent is is irrelevant as they cannot constitutionally have the information in the first place.
I doubt that they have breached the Constitution since it is bigger than you probably think
You doubt that they have breached the constitution because you are a pro-government stooge. You're literally just an object to be ridiculed here. You might as well go somewhere where people are on the fence about issues such as these and try to brainwash them, because most people on Slashdot likely think you're just a joke.
otherwise they wouldn't bother going to the courts, and ignore the FISA courts orders.
They don't even need to ignore the FISA court orders; the court will give them practically anything they want, and have rubberstamped sweeping warrants in the past.
Why? How many people do you think are going to care enough to switch to another chat client? Chances are if they're using Skype in the first place, they don't care about that kind of thing.
Once there is solid evidence that the NSA has worked with US Government agencies to install and exploit backdoors, and this looks like pretty good evidence, there is no direction but down. It's common knowledge that the NSA is very open and communicative with the corporate sector.
If you're a foreign corporation out of Taiwan or Brazil or Wherever, passing even day-to-day information using Microsoft products becomes risky. How can you be sure that your data isn't getting dumped into some NSA system and then made available to co-conspirators?
The NSA isn't getting this access for free. If they're coercing corporations like Yahoo to comply with broad destruction of civil liberties, some of those corporations have sold out and traded for the stolen R&D of other companies, or huge tax breaks. That's where the real story is, and one we probably won't ever get to read.
In any case, if you're a foreign corporation or government, using ANY Microsoft product just become a giant liability. Given that was already practically the case after Stuxnet, but now you'd have to be a complete fool to trust Microsoft with any of your data and expect it to remain private.