Analytics // Security Monitoring

NSA Fallout: Microsoft Rethinks Customer Data Controls

Fallout over NSA surveillance drives Microsoft to promise widespread security and privacy improvements. But do they go far enough?
2 of 2

2 of 2
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
pjmjr
50%
50%
pjmjr,
User Rank: Apprentice
12/6/2013 | 1:52:14 PM
Re: NSA Proof Communication
This shows the hyprocacy of Microsoft's"scruggoled" campaign. Not only do they use user data to make Bing work, they have worked hand in glove with NSA to provide access to private communications and data. Now they try to tell us they are rethinking issues of data privacy. I remember all their promices about how wonderful Windows 7, Vista, and 8 were going to be.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Ninja
12/5/2013 | 6:43:11 PM
Re: I can smell the pile
The problem with any pronouncement about encryption is that is has to be taken on trust, something that has already been violated. How does anyone know the encryption Microsoft (or Google or Apple) provides will function as desired? Very few computer users are technically savvy enough to really understand and evaluate encryption. Unless there are specific laws preventing the NSA (not to mention Russia and China) from accessing data, expect it to try and ulitmately succeed. It has billions in funding and skilled experts. You have assurances but no real proof.
TwistOneUp
50%
50%
TwistOneUp,
User Rank: Apprentice
12/5/2013 | 4:18:14 PM
Re: I can smell the pile
not all services give it up to the NSA.

social networking org Glom.com does not comply with any NSA, PRISM, or other government demands for people's data, no do they sell people's data, track searches, chats, messaging, etc.

i find it the height of hypocrisy that Microsoft, who at one time allegedly worked with the government to help them read outlook emails, now decides to work on "better privacy".  good luck with that.

can you say, "did a 180"?

TOU
KevinO442
50%
50%
KevinO442,
User Rank: Apprentice
12/5/2013 | 3:05:40 PM
meaningless
Legally required by US Law to submit all data to NSA , and then legally required not to reveil that they're doing it , or they all get thrown in jail.


This is just shuffling deck chairs on the titanic.

The FBI kicked the door in of the email provider Edward Snowden was using and took what they wanted by force , and anyone who resisted was threatenned with jail time. You think promises of encryption mean anything ?

 

The only thing left is to wait for them to release the code to "prove" there are no back doors, and then find out it doesn't match up with the code that's actually out there.

 

 
danielcawrey
50%
50%
danielcawrey,
User Rank: Apprentice
12/5/2013 | 1:06:02 PM
Re: I can smell the pile
The fact that Microsoft has to fight our own government for privacy seems so ridiculous. This technological arms war almost seems like a waste of money.

But then again, who knows what kinds of new privacy tech may come out of efforts like this?
anon4701114258
100%
0%
anon4701114258,
User Rank: Apprentice
12/5/2013 | 11:54:25 AM
I can smell the pile
BS. MS is in bed with the NSA. Same with Google, Twitter, Facebook, Yahoo, and the list goes on.
DSusan2013
100%
0%
DSusan2013,
User Rank: Apprentice
12/5/2013 | 11:45:30 AM
NSA Proof Communication
It is important that more and more software companies protect our data. I am glad to see microsoft try and help protect there useres. It is also nice to see the new apps coming out that are NSA proof for communication. The one I have been using is Jolt, fee free to check it out if you wish. More security and privacy is always a good thing :)

https://play.google.com/store/apps/details?id=com.abmapp.jolt
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.