NSA spying |
If true, NSA spying could “seriously undermine confidence in the
security and privacy of online communications,” Microsoft’s general
counsel, Brad Smith, said in a blog post. “In light of these allegations, we’ve decided to take immediate and coordinated action.”
Smith pledged to “pursue a comprehensive engineering effort to
strengthen the encryption of customer data across our networks and
services.” That includes major communications, productivity, and
developer services such as Outlook.com, Office 365, SkyDrive, and
Windows Azure.
Content moving between customers and Microsoft’s servers will be
encrypted by default, as will communications moving between Redmond’s
data centers, using “best-in-class industry cryptography to protect
these channels, including Perfect Forward Secrecy and 2048-bit key
lengths,” Smith said. “All of this will be in place by the end of 2014,
and much of it is effective immediately.”
Smith said Office 365 and Outlook.com customer content is already
encrypted when traveling between customers and Microsoft, while most
Office 365 workloads as well as Windows Azure storage are now encrypted
in transit between data centers.
In addition to encryption, Microsoft also said it will “take new
steps to reinforce legal protections for our customers’ data,” – like
informing them when the feds request data. “Where a gag order attempts
to prohibit us from doing this, we will challenge it in court,” Smith
said.
The company will also open a “network of transparency centers” in
Europe, the Americas and Asia that will build on “our long-standing
program that provides government customers with an appropriate ability
to review our source code, reassure themselves of its integrity, and
confirm there are no back doors.”
“Ultimately, we’re sensitive to the balances that must be struck
when it comes to technology, security and the law, … but we also want to
live in a country that is protected by the Constitution,” Smith
concluded. “We believe these new steps strike the right balance,
advancing for all of us both the security we need and the privacy we
deserve.”
Reports that Microsoft would step up encryption emerged last month.
That came after The Washington Post, citing documents provided by
Edward Snowden, reported on MUSCULAR, an NSA program that operates in
conjunction with the U.K. version of the NSA, the Government
Communications Headquarters (GCHQ). Together, they “are copying entire
data flows across fiber-optic cables that carry information between the
data centers of the Silicon Valley giants” like Yahoo and Google, the
paper said.
Source : PCMag
Post a Comment