homepage Welcome to WebmasterWorld Guest from 54.226.136.179
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Microsoft / Microsoft Corporate
Forum Library, Charter, Moderators: bill

Microsoft Corporate Forum

    
Microsoft Steps Up Data Encyption
engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4628027 posted 11:00 am on Dec 5, 2013 (gmt 0)

Microsoft is alarmed over the allegations of governments circumventing security and says it is taking further steps to expand encryption.

In light of these allegations, we’ve decided to take immediate and coordinated action in three areas:

· We are expanding encryption across our services.
· We are reinforcing legal protections for our customers’ data.
· We are enhancing the transparency of our software code, making it easier for customers to reassure themselves that our products do not contain back doors.Microsoft Steps Up Data Encyption [blogs.technet.com]
Customer content moving between our customers and Microsoft will be encrypted by default.
Although this is a significant engineering effort given the large number of services we offer and the hundreds of millions of customers we serve, we’re committed to moving quickly. In fact, many of our services already benefit from strong encryption in all or part of the lifecycle. For example, Office 365 and Outlook.com customer content is already encrypted when traveling between customers and Microsoft, and most Office 365 workloads as well as Windows Azure storage are now encrypted in transit between our data centers. In other areas we’re accelerating plans to provide encryption.

 

swa66

WebmasterWorld Senior Member swa66 us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4628027 posted 12:17 am on Dec 6, 2013 (gmt 0)

Funny that they state
For example, Office 365 and Outlook.com customer content is already encrypted when traveling between customers and Microsoft,
as it contradicts common knowledge and various reports that 365, outlook.com etc. refuse to use STARTTLS (and hence email in SMTP is going to them unencrypted.

If the email user A sends off securely to let's say Google's mail servers, and Google has to drop down to unencrypted to get it to Microsoft's servers , it doen't matter anymore if the protocols using between MSFT and the recipient are encrypted or not, the likes of the NSA will already have what they wanted: unencrypted easy to parse traffic.

Marketing spin at work IMHO ...

bill

WebmasterWorld Administrator bill us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4628027 posted 2:28 am on Dec 6, 2013 (gmt 0)

Microsoft specifically mentions that they will improve encryption settings on those products, so although now they are not using STARTTLS, it is assumed that will no longer be the case after the upgrade. They have given themselves until the end of 2014 to carry this out, so it probably wouldn't be fair to judge things just yet.

swa66

WebmasterWorld Senior Member swa66 us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4628027 posted 10:43 pm on Dec 6, 2013 (gmt 0)

Bill, sorry but the quote clearly states the opposite of what you're claiming.

[...] Office 365 and Outlook.com customer content is already encrypted when traveling between customers and Microsoft, [...]. In other areas we’re accelerating plans to provide encryption.

[my bold]
While we know it's simply not true, unless you've specific conditions in place that by far aren't the most common ones to start with. No mention at all of upgrades there: upgrades are mentioned in "other areas".

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Microsoft / Microsoft Corporate
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved