Microsoft joins move to encrypt Web traffic

Dec 05, 2013
Microsoft's move follows similar actions by Google and Yahoo

Microsoft is joining the movement to encrypt traffic that flows across its networks, citing "serious concerns" about government surveillance.

The move by Microsoft follows similar actions by Google and Yahoo in the wake of revelations of vast online surveillance programs led by the US National Security Agency.

"Like many others, we are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures - and in our view, legal processes and protections - in order to surreptitiously collect private customer data," Microsoft general counsel Brad Smith said in a blog post late Wednesday.

"If true, these efforts threaten to seriously undermine confidence in the security and privacy of online communications.

"Indeed, government snooping potentially now constitutes an 'advanced persistent threat,' alongside sophisticated malware and cyber attacks."

Smith said Microsoft said decided to "take immediate and coordinated action" to expand encryption across its services.

It is also stepping up efforts to reinforce legal protections of customer data and is "enhancing the transparency of our software code, making it easier for customers to reassure themselves that our products do not contain back doors."

"For many years, we've used encryption in our products and services to protect our customers from online criminals and hackers," Smith wrote.

"While we have no direct evidence that customer data has been breached by unauthorized government access, we don't want to take any chances and are addressing this issue head on.

"Therefore, we will pursue a comprehensive engineering effort to strengthen the encryption of across our networks and services."

Major tech companies have been seeking to disclose more details about in an effort to reassure customers, but have complained that the US will not allow certain details to be released.

Explore further: Microsoft presses US on data request disclosures

add to favorites email to friend print save as pdf

Related Stories

Microsoft presses US on data request disclosures

Jul 16, 2013

Microsoft said Tuesday it had asked the US government for permission to disclose details of how it handles national security data requests, citing "inaccuracies" in recent media reports.

Microsoft joins Google in US spying suit

Aug 31, 2013

Microsoft says that a battle to shed light on secret US government requests for Internet user data will play out in court after failed peace talks.

US government to declassify parts of secret order

Sep 13, 2013

(AP)—The U.S. government says it will declassify parts of a 2008 secret court order that required Yahoo to turn over customer data under the National Security Agency's PRISM data-gathering program.

Recommended for you

LinkedIn membership hits 300 million

Apr 18, 2014

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Researchers uncover likely creator of Bitcoin

Apr 18, 2014

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

White House updating online privacy policy

Apr 18, 2014

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to, mobile apps and social media sites. It also clarifies that ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Dec 05, 2013
Good thing we can trust corporations.

Next year I'm voting for Microsoft.
not rated yet Dec 05, 2013
Don't they have a port in their systems labelled "NSA"?
not rated yet Dec 05, 2013
Hmmm. So what type and level of encryption are they using - there are some algorithms and key lengths that aren't worth the registers they're written into because they are either so easy to crack or are already cracked.

And are they using PKI or private keys - if PKI then how can we be assured that the NSA have not demanded (and presumably got under threat of sanctions) a copy of the master key material; or if shared private keys how do they handle sending data to non-Microsoft servers?

While potentially a good start, and not wishing to deride efforts to protect public data, there are lots of details missing from this PR and lots of information that should be made public about the encryption methods to reassure that this is not just a sop to public opinion while the data are read behind the scenes by spooks, regardless. The same applies to the efforts by Google, Yahoo! and others.

More news stories

Growing app industry has developers racing to keep up

Smartphone application developers say they are challenged by the glut of apps as well as the need to update their software to keep up with evolving phone technology, making creative pricing strategies essential to finding ...

Easter morning delivery for space station

Space station astronauts got a special Easter treat: a cargo ship full of supplies. The shipment arrived Sunday morning via the SpaceX company's Dragon cargo capsule.