As part of Edward Snowden’s leak about NSA’s massive surveillance program PRISM, it has been revealed that many tech companies cooperate with US national security agencies. To what extent do they cooperate is debatable, with some leaks alleging NSA and FBI have direct access to the servers of major tech companies while said tech companies denying the allegations. What is the real truth, we don’t really know and probably never will. However, we do know that Microsoft helps the US government hack computers in foreign countries.
According to a report by Bloomberg, Microsoft gives advance notice to US agencies of bugs and security loopholes in Microsoft’s popular software — such as Windows, Office, etc. — before patches are released for these vulnerabilities. This advance notice is not only used to help protect US government computers from the related vulnerabilities but also assists in the penetration of computers in foreign countries. Essentially, Microsoft helps the US government hack into computers in other countries.
It is said that the target computers may belong to people deemed terrorists by the US government or “military foes”; however, it is unknown if computers belonging to others are also targeted, like the computers of legitimate governments or computers belonging to residents of the United States (with a warrant from a secret court, presumably).
According to two unnamed US officials, Microsoft follows a “don’t-ask-don’t-tell” type policy when it comes to telling the US government about software vulnerabilities ahead of patches: Microsoft knows the vulnerabilities are used by the US government to hack foreign computers but Microsoft does not ask any questions as to what the vulnerabilities are used for.
Microsoft spokesman Frank Shaw has more or less confirmed that Microsoft does this, telling Bloomberg the idea behind giving the US government advanced notices of vulnerabilities is “to give government ‘an early start’ on risk assessment and mitigation”. Shaw also told Bloomberg there are “several programs” that Microsoft participates in with the US government, programs that are “run by Microsoft and for defensive purposes”.
To add salt to the wound, Microsoft isn’t the only major tech company that is in bed with the US government. For example, Bloomberg talks about how Intel’s McAfee “regularly cooperates with the NSA, FBI and the CIA”. And I’m sure there are many more, too.
So… how does everyone feel about this? Let us know in the comments below!
[via Bloomberg]