Microsoft files lawsuit against the US Government over data searches

[universal4]

http://www.reuters.com/article/us-mi...-idUSKCN0XB22U

Microsoft filed a lawsuit against the US Government over customer data searches.

Now many will see this article and possibly think that it would make using Microsoft mail less secure.

In my opinion, this shows that it looks clear this happens with all the big providers, but Microsoft is fed up and has done this to show their users that they want to be on their side and that user's privacy is a big concern.

Will other providers do the same?

Rick
Universal4

[ocreditor]

...

Will other providers do the same?

Rick
Universal4

lawsuit against US government...mmm.. I'm very sceptic more will follow, depending on the outcome of this lawsuits which I think all will wait to see

[boczom1]

In my opinion, this shows that it looks clear this happens with all the big providers, but Microsoft is fed up and has done this to show their users that they want to be on their side and that user's privacy is a big concern.

Will other providers do the same?

Rick
Universal4

It's just so ironic that they all of a sudden just started seeing Apple's point of view around the same time. Initially they were against' Apple's firm position...on the whole encrypted phone battle... now, seeing how much public support they got...they wanna jump on the bandwagon.

[rouletteguru]

If you use bit locker, and don't have the windows professional version, the information required to unlock your entire drive of encrypted files is sent to Microsoft on their cloud.


Also privacy from the government with encryption is a fallacy, because in many countries, you can be put in jail for refusing to provide your encryption key.

[universal4]

Bit Locker should only ship with the following versions
Windows Vista and Windows 7: Enterprise and Ultimate editions Windows 8 and later: Pro and Enterprise editions Windows Server 2008 and later

Are you saying that Enterprise automatically sends the keys to the cloud?

Or did you mean "Bit Locker to Go", which is in all versions since Windows 7?

The way I understood it was

The new BitLocker To Go technology to protect removable media is available in all versions, but only the Ultimate and Enterprise editions can write to BitLocker-protected media. All other Windows 7 versions can only read from BitLocker-protected media.

Rick
Universal4

[rouletteguru]

I'm referring to bit locker which is included with the latest versions of Windows. But the standard commercial versions of it can only store the key on the cloud, which are in control of Microsoft. And thanks to Edward Snowden, we know how easy it is for the government to access information on the cloud, with a search warrant. Sometimes even without, but he depends on the company.


But basically only the professional versions of Windows, and above, allowing users to store the key privately without uploading it to third-party servers.

I'm not sure about the enterprise versions, but I assume keys can be stored locally for the professional version, so enterprise version would be the same. I'm pretty sure it's just the home versions for typical consumers that upload keys to the cloud.

Put it this way, even in the USA, you can store your key locally but if the government obtains a court order, they can force you to decrypt data on your hard drive. And if you apparently lose or forget your decryption key, this is still considered value to comply and will probably result in a jail term.

[universal4]

The keys would not do them any good unless they also had the machines or drives, (unless they are seeing a lot of data that is secured with encryption) which would mean they had also served warrants on the premises of those they are investigating, and this case is more about the snooping they are doing on the MS severs.

I wonder if they are finding a lot of encrypted data on those they are investigating, and if so, the practice of having the keys there would certainly factor into it. I also wonder if that is part of why they filed the case since they are being forced to also divulge the keys for some clients knowing that this creates a situation where they not only get the raw data but in a similar fashion to the Apple case are being forced to (in a sense) reverse engineer the security on that data.

As far as I know, in the enterprise versions I think their is a policy that dictates where the keys are stored so that admins can write and employ domain or machine policy to control that, and I would think that could be done on the pro versions also. (could probably even get away with it on the older home versions in the adm's were moved over but that could be tricky and obviously not supported or discussed).

I have never been a very big fan of encrypting hard drives, but the use of vpn's or end to end encryption when using phone apps can be a good thing, but if the data is that sensitive, it shouldn't be on a phone anyway.

This will be interesting as it plays out.

Rick
Universal4

[snaipera022]

Got to abendon , my hotmail ! )))))