This page has been archived and commenting is disabled.
Microsoft Helped The NSA Bypass Its Own Encryption Software, Spy On Its Clients
A few days ago, when we reported that NSA code had been inserted in Google's Android open-sourced OS (much to the fury of open-source code advocates everywhere), we noted that it has been public information that over a decade ago, Microsoft had inadvertently left clear signs that it was providing backdoor access to its legacy Microsoft operating systems. It turns out that this was merely the beginning. According to another just released report by the Guardian citing Snowden files, "Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian."
From the Guardian:
The files provided by Edward Snowden illustrate the scale of co-operation between Silicon Valley and the intelligence agencies over the last three years. They also shed new light on the workings of the top-secret Prism program, which was disclosed by the Guardian and the Washington Post last month.
The documents show that:
- Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
- The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
- The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
- Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
- Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;
- Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
None of this is any surprise: that America's electronic communication sector is in bed with Uncle Bush and Uncle Obama was made abundantly clear in ""You Should Use Both" - How America's Internet Companies Are Handing Over Your Data To Uncle Sam." Still, prima facie proof that corporations systematically betray the privacy of their clients in order to curry favor with the government should be troubling if only to those who are not in the same state of completely symbiotic relationship with the government and whose sustinence depends on preserving Big Government at all costs, which as we will shows in a post shortly is just over 110 million Americans.
More from the Guardian explaining how anyone using MSFT products should be aware that the NSA logs every single keystroke:
The latest documents come from the NSA's Special Source Operations (SSO) division, described by Snowden as the "crown jewel" of the agency. It is responsible for all programs aimed at US communications systems through corporate partnerships such as Prism.
The files show that the NSA became concerned about the interception of encrypted chats on Microsoft's Outlook.com portal from the moment the company began testing the service in July last year.
Within five months, the documents explain, Microsoft and the FBI had come up with a solution that allowed the NSA to circumvent encryption on Outlook.com chats
A newsletter entry dated 26 December 2012 states: "MS [Microsoft], working with the FBI, developed a surveillance capability to deal" with the issue. "These solutions were successfully tested and went live 12 Dec 2012."
Two months later, in February this year, Microsoft officially launched the Outlook.com portal.
Another newsletter entry stated that NSA already had pre-encryption access to Outlook email. "For Prism collection against Hotmail, Live, and Outlook.com emails will be unaffected because Prism collects this data prior to encryption."
Microsoft's co-operation was not limited to Outlook.com. An entry dated 8 April 2013 describes how the company worked "for many months" with the FBI – which acts as the liaison between the intelligence agencies and Silicon Valley on Prism – to allow Prism access without separate authorization to its cloud storage service SkyDrive.
The document describes how this access "means that analysts will no longer have to make a special request to SSO for this – a process step that many analysts may not have known about".
The NSA explained that "this new capability will result in a much more complete and timely collection response". It continued: "This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established."
A separate entry identified another area for collaboration. "The FBI Data Intercept Technology Unit (DITU) team is working with Microsoft to understand an additional feature in Outlook.com which allows users to create email aliases, which may affect our tasking processes."
The NSA has devoted substantial efforts in the last two years to work with Microsoft to ensure increased access to Skype, which has an estimated 663 million global users.
One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. "The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete 'picture'," it says.
Actually make that the NSA, as well as the FBI and CIA.
The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.
The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that "enables our partners to see which selectors [search terms] the National Security Agency has tasked to Prism".
The document continues: "The FBI and CIA then can request a copy of Prism collection of any selector…" As a result, the author notes: "these two activities underscore the point that Prism is a team sport!"
Microsoft's statement to the Guardian:
We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues. First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.
Second, our compliance team examines all demands very closely, and we reject them if we believe they aren't valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.
Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues.
It also means that anyone who is reading this and has gotten this far into the post, has already triggered numerous NSA, FBI and CIA alarms and likely been branded by the NSA as a "reader" instead of a perfectly docile sheep who uses their spare time and negative savings to buy AMZN at #Ref! multiples and does the patriotic thing of buying the S&P at Bernankulous valuations.
»
- 24965 reads
- Printer-friendly version
- Send to friend
- advertisements -
Remember the BULLSHIT arguement by Gates himself on why the operating system needed a browser to work?
MS lies, the government lies.
What the fuck else is new?
I thought that the browser linked operating system was strange at the time. Your explanation makes sense. Now can you explain all the other incredibly stupid stuff MS does?
It is interesting that on WINXP you cannot install latest version(s) of Internet Explorer (going back to something like ver 8) but you can install and run latest Chrome.
It's so fucking ridiculous that it makes me laugh until I need to be slapped so that I don't suffocate.
The world owes tinfoil hat bloggers everywhere an apology.
And in their wisdom they'd broadcast it on TV, where the bloggers would never see it...
That's really funny but I'm not sure why. Cheers!
Even if this blows open widely enough to appear on MSNBC, CNN, etc for every hour of every day.. we will still never ever get an apology. The bullshit normalcy-bias excuse I hear from my friends that don't care about this?: We've always known about this.. Who cares! We've known about this since 2006. And what were they doing in 2006?: Getting really angry and off on how George Bush did his unconstitutional wars and unconstitutional illegal surveillance. Go fucking figure.
When clicking Tyler's #Ref! link above i was "shocked" by this message:
"The Twitter REST API v1 is no longer active. Please migrate to API v1.1."Did MSFT recently purchase Twitter? Eh, never mind, matter of fact it's all dark...
~~~
"Bows and flows of angel hair
And ice cream castles in the air
And feather canyons everywhere
I've looked at clouds that way
But now they only block the sun
They rain and snow on everyone
So many things I would have done
But clouds got in my way
I've looked at clouds from both sides now
From up and down, and still somehow
It's cloud illusions I recall
I really don't know clouds at all"
In Amerika, cloud knows YOU.
Not just Amerika buddy !.
My neighbor said 'just because I'm paranoid doesn't mean they're not downloading my hard drive everytime MS says they're doing an update.'
True story of my week; test machine was running in the office, I had a Youtube video running on it, playing at full volume so I could hear it in the kitchen. Paused the vid, put the machine in hibernation, and went to bed. At exactly 3am on Wednesday morning I hear Gordon Ramsey in my house talking about a chicken dish, then it cuts off and a minute later starts again. I get up going 'WTF?!', pissed, and tired, and find out the PC launched the 'critical updates' release from MS(unit still was on defaults), which started the YT vid, then it bluescreens, relaunches again(cue video), completes the updates and shuts back down. How fucking nice. Never did get back to sleep and had a 10am with a big client where I was totally frazzled...this is why you have to remember to turn off 'Automatic Updates'...pricks.
just one more out of millions of reasons to switch to Linux.
Clients are all Winblows. I've dabbled in it over the years but spend 90% of the time on Windows regardless...and all my regular systems are screwed down pretty tight...
Whenever I turn off auto updates it always manages to turn itself back on somehow.
I love his Kitchen Nightmares program where he helps folks who are in danger of losing their restaurants. It's downright Randian.
Don't know how I stumbled across this but I like the quick, no frills methods for making a good steak or fish or whatever: http://www.youtube.com/watch?v=N9iWedik8hw
Don't see much regular TV but the thing I most remember about KN was that I never wanted to eat out again. Now I grow my own and cook at home.
I get by on rabbit ears and only receive three channels but Gordon's all over one of them.
Forget the NSA, what about MSFT, and their "diverse" workforce, that means our national security is dependent on MSFT hires and their security-and their honesty, at least Snowden was an American, and they're a notorious whore for cheap immigrant labor, Chicoms, indians, Pakis whateva.
Frankly, you're more likely to have your life ruined by an American than a chicom, indian, or paki.
I at least hope the NSA has to click through all those fucking pop up errors I get too! Take that you fuckers!
Error: Windows cannot find the missing porn you are looking for.
Funny...my wife always seems to find it.
That's probably because you have it wallpapered. lulz
I had a girlfriend pull that shit on me once... I had this ["x-change" site bookmarked ~ which was a FOREX site]... So I nailed her for "spying" on me...
~~~
Long story short... I discovered she was a freak & could pretty much invent sex ideas from that point forward...
Not sure the same would work within marriages... Marriage is a financial agreement... Sex is optional after the papers are signed...
It's optional alright...for one of the parties involved.
you have to think of it in terms of harvesting, you plant the seed and six months later hope the idea grows into something useful, rinse and repeat. Usually works to coincide with xmas and birthday.
Also, Francis, what's that girl's number? I've always wanted to try this thing involving a tricycle, a midget, some water balloons, a three foot section of garden hose, and a two liter bottle of warm diet cherry cola....nothing weird, mind you. Can you hook me up?
Don't know if Francis can help with the hook up, but the SEC can definitely point you toward the video.
Guess I'll dust off my old Royal typewriter:
http://www.telegraph.co.uk/news/worldnews/europe/russia/10173645/Kremlin...
So cloud computing is just an easy way to spy on peoples data? WHO COULD HAVE POSSIBLY SEEN THAT COMING?
http://www.zdnet.com/yes-u-s-authorities-can-spy-on-eu-cloud-data-heres-how-7000010653/
The second I saw might grow soft start to push cloud storage I was suspicious. Anybody stupid enough to use the cloud deserves the royal screwing they will eventually get.
Noticed the google android OS. All os's will made vunerable in the end.
Seeing as I appear to have be the recipient recently of an action like a malicious payload that wiped out the anti virus and killed the internet connection whilst reading a plain text document. The ability to stream internet data in real time can be used in two ways that are no longer pasive.
1. To prevent a communciation being sent.
2. To inject a kill switch into a system.
This search engine stores no tracking data, or so they claim:
duckduckgo.com
Apparently they have seen a massive increase in traffic lately. I wonder why?
Same for this search engine:
https://startpage.com/
ixquick.com
ixquick.com
Just run your own search engine: http://yacy.net/
Surprise: MicroSerfs don't care.
Ever get the feeling that computer you bought and the internet connection you pay fo is yours.
Think again it's there's
Everyone who wrote that they use Linux, or that we should run to Linux is a moron. RTFA. The backdoor that MS gave to the NSA is for their SaaS applications, such as Hotmail.com, Outlook.com, etc. According to TFA, there's no mention of Windows operating system. Basically, if you don't want to have your communication examined on the Internet then you need to learn how to use the Internet. Take heed from the master nerd of paranoia, Richard Stallman. http://stallman.org/ Then read on how he uses the Internet newbies: http://stallman.org/stallman-computing.html Unless you compute the way Stallman does, don't even talk about privacy, or security.
Stallman is way hardcore.
Calling everyone a moron doesn't demonstrate much intelligence. The number of Linux users who would stoop to level of microshitty web services is debatable, but they would even have the option of the installing plugins and "helper" applications to help the NSA get access to data stored locally.
Stallman's solution works for his circumstance, but that is a VERY narrow slice of the computer user pie. Microsoft products pose serious issues to any company or government who use their products and services.
Bill Gates would hardly realize what it means to be truly rich for he needs to lobby extensively and surreptitiously sell out his client base to get his special privileged advantages from the Congress. No lobbying is required from the owners of the Federal Reserve, a.k.a. the owners of the Congress.
Today, National Public Radio’s Shanghai reporter was explaining how China’s new top leaders will be pressing for changes in the economic model to include more competition and greater emphasis on private commerce.
With his hopeful tone, the reporter seemed to be suggesting that the economy would be moving more toward a western model that the U.S. and other western nations would like. At one point, almost in passing, he mentioned that China is a “one-party system.”
Really? The Chinese Communists have a single party authority over everything that moves?
Ironically, with Snowden’s revelations and Bernanke’s despotism, the U.S. “one-party system” is becoming pretty identical to the Chinese target: namely, lots of big business enterprises doing well if they are connected to the central authority.
How long before these two models become exactly identical?
If you are inside the US, you're kinda screwed for internet privacy. Sad but true.
The average user lacks the IT skills to surf truly privately and securely. For most it's a matter of "degree". Of course, if they have you specifically in their cross-hair, chances are...
Time to take Windows PC offline. Still need it for a lot of locked in applications I neeed, but online use has to go. Well done Gates and Co, you and your corporation have sold us out to the fascists..
Put the bitch in a virtualbox and don't give her internet access (better than wine for a lot of reasons)...
fuck you microsoft
Microsoft was named after Bill Gates' penis. The original name was going to be Tinyflaccid but in the end they went with Microsoft.
Fuck you Bill Gates
No malefactor worth his salt is going to use a computer the internets or cell phones. Its over, NSA. You just don't know it yet.
Shocked! Shocked I tell you that a pro-Eugenics, Globalist D-Bag would let the NSA spy on his customers.
Hmmm.
Sent a message to a friend who has a cat. Cat ate my pigeon.
Smoke signals? Need a clear view, too many trees.
I've got it! Personal drone with a written message inserted, in code of course in case intercepted physically.
That could be a new start up business.
So when Microsoft has it's users update Outlook for "security patches" and "bugs" it's not actually doing that for the benefit of the customer but for the benefit of the NSA and other "Authorities". It would appear to me that a bit of false advertisement or bait and switch type situation exist and some remedy via class action be at hand.
Or maybe we are now finding out the real reason behind the record fines levied by the US and Europe concerning the antitrust fines of billions of dollars that the governments levied against Microsoft some years ago just to show them how easily they could be bankrupt if they don't play ball.
Or it could be all of the above.
Things that make you go Hmmm.... happening more and more as each day passes.
"Team Sport" more like Sport F_ck
I think rape might be an appropriate term.
Someone please get #fuckclippy trending on Twitter.
I feel better each day that I sold goog and msft in an act of protest since these scandals began to break. Fuck both treacherous companies.
I never more than dabbled in the market but I got out entirely the day the war started in 2003. That was a low and things moved up sharply from there but that's exactly why I sold. I don't need no blood money.
Bill Gates - slightly ironic name that.
Bill Gatesgate is a mouthful but I'm afraid it will be necessary for the average Joe to catch on.
Microsoft's "clear principles" are that the Federal government is it's biggest customer. When you get in bed with Uncle Sam don't be suprised if you feel more than the tip.
Go fuck yourselves MSFT and USSA
Hi...this is your Kommader, B. Snoops Obummer. You can't run and you can't hide...I see you and I know more about you than I know about myself...
It's not spying, it's marketing.
Where is Bill Gates going to be located once the revolution starts.
Check out the BBC for a video of a drone landing and taking off from an aircraft carrier. Outstanding! Pilots should be worrried.
Its funny how so many paranormal podcasts always complained about problems encountered with skype when they talked about sensitive topics over skype lines. They half joked about alphabet soup agencies messing with the lines. I guess they won't be joking anymore.
So it's now confirmed: the ghost in the machine is, in fact, a spook.
It's the Jew World Order, and the 99% (or 98% if you believe their own numbers) are Goyim.
Bill Gates, Zuckerboig, Sergei Brin, Madoff, Chertoff, and on and on.....check mate Goy!
Microsoft. Sounds like the pet name of Bill's dick.
It would seem there is no escaping this crap.
It would seem that they want us to think this is the new normal and that we are to accept this ala 1984.
Yeah, fuck NSA, Microsoft dick, and all of it.
I think I will start a courier service, bitches. Photograph, intercept or decrypt that, assholes.
The Who See Me Feel Me Woodstock 1969 (Director's cut)
http://www.youtube.com/watch?v=m7AHblQ3_oM
Your only real hope of not having the government know everything you do online is to not go online.
Looks like the Kremlin have this sussed:
The Kremlin is returning to typewriters in an attempt to avoid damaging leaks from computer hardware, it has been claimed.
http://www.telegraph.co.uk/news/worldnews/europe/russia/10173645/Kremlin...
But maybe just pulling the Ethernet cards out of some old 486's would be a better option...at least Ctrl-P would still be an option on a parallel-port rigged printer, (still keeping these new-fangled-Ctrl-P options available).
What, nothing on Motorola, Tyler?!
They're even worse than Microshit!
All your Moto-Droids, are belong to NSA!!!!
I commented to the previous ZH article that "Gates should be hung, drawn and quartered".
I will now add disembowelment to that.
I am reminded of very recent Microsoft TV ads in the UK where MS claim to be protecting our privacy.
I sincerely hope this fiasco marks the eventual downfall of Microsoft.
Any foreign business that decides to use skydrive deserves to get corporate espionaged on.
One should reveal any piece of information about these fucking NSA stalkers. Every dirty pics and ugly secrects about YOU NSA BASTARDS.
Time for a new email alias again.....fuckyoubernanqeandnsaandbillgatesandmicrosofandfuckfuckfuckallyou@hotmail.com
Microscum.
The iconic Intel "Big Brother Inside" logo has been around for how long? A decade? None of this should be remotely surprising. These corporate WHORES will jump in BED with ANYONE.
This is what is behind my Windows 7 backdoor:
Removed by the NSA.
First MSNBC. Now, MSNSA.
Hope Gates has his wealth in Cash and not MSFT Stock as Shylock has seen blood in the water.
Kremlin returns to typewriters to avoid computer leaks - Telegraph
Liar Gates is a muppet, and I look forward to his demise. Bye bye muppet, two faced lying daddy's boy. Traitor, fake 'philanthropist' for tax evasion purposes. RICO Gates, and his bored room minions.
What this requires is some special software that inserts certain keywords in every e-mail header and comment field, footer, et cetera - to trigger NSA responses. The inserted triggers should be localised for the language used by the user, to minimise the amount of "pollution" that can be cleaned up by automated means.
When almost every mail sent contains a trigger, searching for them will be useless. Sure, they will still be logged - but it will require humans to go through petabytes of data to make sense of it, which should start to slow them down a bit. :)
Bill Hicks - What you reading for? http://www.youtube.com/watch?v=Uvs2g5Nj0NI
Using your own encyrption will not help. Where do you get random numbers from? The friendly pseudo Random Number Generator provided by your OS?
A friend of mine worked in special ops for the air force in cryptology. When he got out he talked to me regularly about creating real encryption and selling it. Now he is dead.
I do not talk to people about workable encryption any more.
But before they get me I will give you a clue: The Romans had unbreakable encryption.
Any OS is inherently a root kit. If it's not open source, assume it has one.