Thursday, July 11, 2013
Microsoft capitulation to NSA spying is amazingly comprehensive
by Larry Geller
I think I’ve bought my last Windows computer.
From today’s Guardian article reporting on the latest leaked #Snowden documents:
The documents show that:
• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
• Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
• Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;
• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
[The Guardian (UK), Revealed: how Microsoft handed the NSA access to encrypted messages, 7/11/2013]
The earliest PRISM slides to come out from Edward Snowden’s leaked information featured an arrow pointed at VOIP. News accounts at the time claimed that phone conversations were not being recorded, but VOIP is a protocol for voice and video. This latest revelation confirms that audio (the phone conversation) is being collected and expands it to include any video as well. Skype uses a proprietary form of VOIP, but so do other services, including the many (generally unencrypted) personal and business services that are in common use these days.
What trust can we have for Microsoft at this point? More from the Guardian:
Since Prism's existence became public, Microsoft and the other companies listed on the NSA documents as providers have denied all knowledge of the program and insisted that the intelligence agencies do not have back doors into their systems.
Microsoft's latest marketing campaign, launched in April, emphasizes its commitment to privacy with the slogan: "Your privacy is our priority."
But internal NSA newsletters, marked top secret, suggest the co-operation between the intelligence community and the companies is deep and ongoing.
These snips from the Guardian article indicates a major sellout of Microsoft’s customer base. I don’t think they should be rewarded with any more of my business, anyway.
What alternative is there? Linux?
Can Linux replace Windows? Yes and no. The Linux Mint flavor of Linux is easy to learn for Windows users (I suggest the MATE version), but there is no assurance that the NSA has not infiltrated Linux code. The Linux community needs to weigh in on this.
Endorsement: Running Linux, you still have Firefox and other browsers. The “start” button works about the same way. Even trying it out by loading the DVD version (which does not install anything on your system) you still can access your Windows file system if you want to. Installing programs is something like the Android system. No reboots are necessary when installing, it’s really a pleasure to use, and very fast. Nor does it seem to get slower with age, as does Windows.
Linux Mint and many other flavors of Linux are free to use, easy to install, and (using Wine) can even run many (but not all) Windows programs.
Whether or not the NSA has written themselves into Linux, at least it’s not a Microsoft product.