Microsoft blasts "government snooping," pledges to enhance encryption

Xbox maker says it is "alarmed" by recent allegations of government's attempts to collect private customer data, vows to expand encryption for products and services.

by

Recent reports of "government snooping," including unauthorized Internet surveillance, has drawn an indignant response from Microsoft. Writing on the company's blog, Microsoft corporate affairs executive Brad Smith said he is "alarmed" by these revelations and pledged that Microsoft will enhance encryption efforts for its products and services.

A report from this summer, based on documents provided by Edward Snowden, pegged Microsoft as having closely collaborated with United States intelligence services to allow its users' communications data to be intercepted.

"Many of our customers have serious concerns about government surveillance of the Internet. We share their concerns. That's why we are taking steps to ensure governments use legal process rather than technological brute force to access customer data," Smith said.

"Like many others, we are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures--and in our view, legal processes and protections--in order to surreptitiously collect private customer data," he added.

In particular, Smith called out the reports of governmental interception and collection of customer data as it travels between users and servers.

"If true, these efforts threaten to seriously undermine confidence in the security and privacy of online communications," he said. "Indeed, government snooping potentially now constitutes an 'advanced persistent threat,' alongside sophisticated malware and cyber attacks."

As a result of these allegations, Smith said Microsoft will take "immediate and coordinated action" by expanding encryption efforts, reinforcing legal protection for customer data, and enhancing transparency of software code to make it obvious that products do not have back doors.

Any specific implications for the Xbox platform were not specified. A company representative was not immediately available to comment. Microsoft previously attempted to quell privacy concerns for the Xbox One by outlining in a privacy document that data captured through the system does not leave the console.

Smith made it clear that Microsoft has no direct evidence that its customer data has been breached by unauthorized government access, but will still pursue a "comprehensive engineering effort to strengthen the encryption of customer data across our networks and services." This includes major portals like Outlook, Office 365, SkyDrive, and Windows Azure, Microsoft's cloud network that powers some Xbox Live cloud services.

All of Microsoft's new encryption efforts, including expanding current encryption to use 2,048-bit keys, will be in place by the end of 2014, though much of it is effective immediately, Smith said.

"Ultimately, we're sensitive to the balances that must be struck when it comes to technology, security, and the law," Smith said. "We all want to live in a world that is safe and secure, but we also want to live in a country that is protected by the Constitution. We want to ensure that important questions about government access are decided by courts rather than dictated by technological might. And we're focused on applying new safeguards worldwide, recognizing the global nature of these issues and challenges. We believe these new steps strike the right balance, advancing for all of us both the security we need and the privacy we deserve."

For more details on Microsoft's plan to protect consumer data from "government snooping," check out Smith's post on Microsoft's website.

Discussion

645 comments
PHOENIXZERO
PHOENIXZERO

While also slipping the NSA the keys to said encryption.

gatsbythepig
gatsbythepig

BULLSHIT-


M$, the company that takes all of our information, compiles it, and sells it off to the highest bidder is concerned about users privacy?


I think it has more to do with the government attempting to gather information for another antitrust lawsuit.  M$ is just covering its greedy ass


nurnberg
nurnberg

Microsoft : "We will make sure nobody can crack or intercept anything on our products.  But we will give the decoding programs to the NSA so they can spy on people."

crazyintheface
crazyintheface

The first step is getting rid of that living turd known as obama

randomkidlol
randomkidlol

More encryption doesnt help when you hand the NSA all of the private keys anyways.

Neo_OnionKnight
Neo_OnionKnight

Microsoft: "How dare the government take information from US! When they should have bought it from us like EVERYONE ELSE!!!! GGRRRRRR!"

Kinguard73
Kinguard73

It's not like people have anything to hide but man I am so glad I never bought one of those. Prob make half the men jealous seeing me choke my...umm... hamster.... er.. *cough* =) Might be able to get a few numbers from women then though...hmmm gonna have to think about ALLOWING to be spied on for awhile...

emperiox
emperiox

"Microsoft has no direct evidence that its customer data has been breached by unauthorized government access..."


No DIRECT evidence, but you believe that it's happened? Well, I feel safer already!

emperiox
emperiox

Kinect, nuff said. Microsoft is always watching...

Merseyak
Merseyak

ive got the best encryption ever i just wont buy one :)

TheWatcher000
TheWatcher000

So after practically having sex with the PRISM program, being in bed with the NSA, NOW they care about Privacy issues, and are "looking out for the little guy."


Seems legit.


Sorry, Microsoft, I'll take Snowden over your lying asses ANY DAY.

INF1DEL
INF1DEL

You can tell this issue is important to them because of their timely response. Wait, when was this PRISM thing? Oh...

Martyr77
Martyr77

MS "We are alarmed that people know about us spying on them and giving  the information out. We only share data through 'legal process'. We are working on our encryption."

Interviewer "Encryption is great but are you giving away people's information and spying on them through Kinect?"

MS "Next question!!!"

FallenOneX
FallenOneX

I remember over the summer when Xbots (no, I don't mean all fans of MS's consoles) and MS said that the idea of the NSA spying on people through the XB1 was ridiculous.

Did something change, or did they finally remember Mike Tyson's quote about everyone having a plan until they get punched in the face?

X-RS
X-RS

lol

You have a device with face recognition in a living room. You use the device to watch movies/sruf net/play games.

That could offer a WEALTH of information for marketers, specifically if it can actually read peoples faces while they're identified.


Wont be long for a device to be tallying your reactions timestamped during weekly movie night...

shadowkratos774
shadowkratos774

Hey if people want to pay $100 for a camera that until recently HAD to be always on, I say they're asking for it.

Fanible
Fanible

Shouldn't they be wanting to enhance encryptions for their products to begin with?

Faye_Tallity
Faye_Tallity

HA! Good thing I never wanted to buy The X-box2013 Ultra Hi-Tech Spy system 

jhcho2
jhcho2

I thought MS had some kind of pact with the NSA? Now they are dissing it instead?

lostmyaccount
lostmyaccount

People who trip out about this kind of stuff, have stuff to hide. 

ZeroFallout1
ZeroFallout1

Coming from the company who has a back door built into all windows since Win 98 for said agency. 

RainIsMyDrug
RainIsMyDrug

M$ is the type of best friend that shake your hand with one hand and hold a knife to your back with another.   I find these privacy statement funny coming from the same company that say they have the right to give your info away to 3rd party just cause you sign on with xbox live. 

Zloth2
Zloth2

So how about setting up a more robust interface between Windows Live Mail and something like PGP?

Cowboy-Bebop
Cowboy-Bebop

Why waste all the encryption when Microsoft feeling gives that info the the Government?

deth420
deth420

well the good news is, the way the govment is carrying on, there is no way in hell it can keep running. the just keep digging that ditch.

abcdefgabcdefgz
abcdefgabcdefgz

The entire internet is almost completely based around encryption. I think the NSA spying stuff is a little overblown, but the clowns in congress are really the root of almost every problem we battle everyday. Certainly no longer do they represent we the people.

Thanatos2k
Thanatos2k

Microsoft had a plan, but they got punched in the face at E3.  They've been stumbling around with a concussion ever since.

Grenadeh
Grenadeh

@X-RS Yea how nefarious and evil of a thing to be able to do. Meanwhile in reality, there are actual problems and actual infringements of rights.

TheWatcher000
TheWatcher000

But they are ALARMED You think they would ever do anything with the information they collect, because the would NEVER do that, and PRISM is a conspiracy theory.

Murazor
Murazor

You are such an idiot. It's because of people like you that modern America is practically a secret police state. Thanks a lot, asshole, for being too stupid to see the danger in this rampant abuse of power. People like you enabled the Nazis, and you seem hellbent on watching history repeat itself.

TheWatcher000
TheWatcher000

People like you deserve neither freedom, nor security.


Now, kindly move to North Korea, where you can masturbate to tyranny in peace.


Fuck Off.


Apologist Ass.

canuckbiker
canuckbiker

Probably their junk during personal time.

Brine-
Brine-

@lostmyaccount Nobody wants the gov't to watch them have a shit, Mr. Cheney...

Seriously though... you know people have the right to privacy right? Whether they have anything to hide or not?

TheWatcher000
TheWatcher000

But that's a conspiracy theory. 


I'm reporting you to lostaccount.


Do you have something to hide?

Grenadeh
Grenadeh

@RainIsMyDrug A) No. That's actually not what the Live EULA says. Go read it. It says the exact same thing PSN and Steam say and none of them are authorized to willingly give all of your info to whoever they want. B) No.

vi_et_armis
vi_et_armis

@RainIsMyDrug  Finally someone in agreement with me.  M$ suck now.  Force feeding every customer that piece of crap kinect and all it really is in my eyes is a physical piece of spyware, like you get on your computer but tangible lol  They say it was included for gamers and  whatever else..blah blah blah.  I bet they wanted it included to sell those rights immediately after launch to make them more money.  The biggest single thing that is total BullS*iT is M$ using the internet that I pay for and the Netflix account that I also pay for and using their crap console to put a block wall up between my internet and Netflix unless I spend more money paying for their stupid live gold.  How utterly insane is it when you can get a cheap crappy android phone from the Dollar General and use it to watch all the Netflix I want..  Xbone shouldn't be in the center of anyone's home entertainment, but instead it should be in the center of the landfill

TheWatcher000
TheWatcher000

The Germans thought they were free, too.


History teaches some people nothing, others, very little.


At least you are awake to the fact that you no longer have Representative government.


It's a start.

X-RS
X-RS

@TheWatcher000 @Dresden05 @Grenadeh

O_o?

I was just posting in case others hadn't thought that it has immense marketing power, with data you'll want to encrypt...

Dunno where Grenadeh going with the actual infringement rights...