- dotTech - https://dottech.org -

Microsoft says NSA spying is “advanced persistent threat”, launches aggressive campaign to protect consumer privacy

microsoft [1]

Tired of government snooping? Apparently, so is Microsoft. The software giant has announced a plan to cut down on government intrusion. The plan is aggressive and Microsoft plans on having all its new security measures in place by the end of 2014.

In a blog post [2], General counsel for Microsoft, Brad Smith, compared the government’s continued intrusion to that of a coordinated attack from foreign governments by hackers — dubbing NSA & co spying an “advanced persistent threat”, a description typically reserved for more malicious groups.

Microsoft plans to strengthen their data encryption process across their services with 2048-bit encryption for data moving between their own data centers. In addition to encryption between their servers, Microsoft plans on adding encryption to data that is traveling between their servers and their customers’ computers. Customers that use Outlook.com and Office 365 already have this protection in place, Microsoft is extending the encryption to their other services such as SkyDrive and Windows Azure.

The company doesn’t plan on stopping at just heavier encryption tactics to protect their customers. They also plan on legal protection to help combat intrusion from the NSA.

According to Smith, Microsoft is “committed to notifying business and government customers if we receive orders related to their data.” They plan to continue battling gag orders that would prevent them from notifying the customers of these governmental requests. Eventually, with enough push from Microsoft and other companies, Microsoft hopes that the government will obtain the information they seek from the customers themselves instead of attacking the cloud storage companies customers use.

“We want to ensure that important questions about government access is decided by the courts not by technological might.” Smith explained.

In an effort to make their users feel even more secure, Microsoft is opening “transparency centers” in the Americas, Asia, and Europe. These centers will allow governments and third parties to verify there is no secret back door into Microsoft servers.

I don’t know about you, but I’m a bit skeptical. This sounds good on paper but if Microsoft cared so much about user privacy, why weren’t many of these protections in place already — notably the encryption ones. After all, Microsoft was literally in bed with the NSA (forcefully or otherwise), so I’m sure they have known for years the kind of reach NSA has. However, let’s give Microsoft the benefit of the doubt for now. Only the future will tell how genuine they are in their actions to protect user privacy.

[via The Verge [3]]