Did Microsoft Lie About NSA Skype Spying? Evidence Suggests They Did

rated by 0 users
This post has 6 Replies | 0 Followers

Top 10 Contributor
Posts 26,710
Points 1,208,220
Joined: Sep 2007
News Posted: Thu, Jun 13 2013 6:10 PM
In the week since word of the NSA's Boundless Informant and Prism programs leaked online, there's been a great deal of concern over to what degree various companies cooperated with the NSA's requests. Some companies, like Google, have pointed to their repeated requests for greater transparency. Twitter, of course, is the major social app that isn't on Prism's list at all. And then, there's Microsoft. It's been notably quiet since the Prism leak, and while the PR team has had its hands full dealing with the fallout over the Xbone E3 debacle, there's certainly been bandwidth for a situation as serious as the idea that MS is facilitating the NSA's access to its user databases. Worse, the company may have lied about it.

First, the facts:  Since acquiring Skype in 2011, Microsoft has moved away from the VoIP client's original distributed node method of organization in favor of a smaller number of 'supernodes.' The company justified these changes by claiming that the supernode architecture would improve software rollout speeds and efficient communication. They may well have done so, but a centralized system is intrinsically easier to spy on than a decentralized one. A year after buying Skype, Microsoft was granted a patent on "legal intercept" technology that's explicitly designed to allow a company to make a silent copy of a voIP stream. Is that patent proof that Microsoft deployed such a system for snooping on Skype? No. But Skype's terms of service explicitly allow for such a process.

In March of this year, after intense pressure, Microsoft finally agreed to reveal data on government requests for Skype information. The report revealed that the PC version of Skype is fully encrypted (the tablet/phone version isn't) and implied that the total amount of content released was quite small in relation to the amount of content requested. That's true -- but Microsoft's report claims that it never handed any content over to the United States government from Skype. The NSA report paints a different picture. According to it, Skype joined the program in early 2011, well before the Microsoft purchase. We've already discussed the fact that the gag letters from the FISA court could make it legally impossible for Microsoft to acknowledge that it had ever received such requests for data. As far as the system is concerned, those requests never happened.

If that's true, it means the company's tranparency and privacy report is a sham. Microsoft may have avoided disclosing the data its users were most interested in, out of fear that the NSA would react poorly to any public disclosure. Unlike other companies, like Google, which made it clear that there were directives in play that it couldn't talk about, Microsoft chose to perpetuate the myth that Skype remained beyond the reach of governments.

We're Back To Oversight

Does this reflect poorly on Microsoft? In a sense, yes. It's inconceivable to believe that the NSA successfully compelled Verizon, Google, and other companies to turn over data and yet has no visibility into Skype -- a program which has been identified as a major thorn in the side of organizations like the FBI. Instead, what's far more likely is that Microsoft simply ommitted those requests from its reporting.

Google has chosen to fight such requests head-on, a move that's laudable, but also opens the company up to the possibility of either indirect punishment or even a lawsuit from the federal government in the event that its efforts are defeated. Yes, Google gets points on this for being more willing to stand up to the government, but getting stuck on that point is like arguing over who filled sandbags more effectively during the middle of a Mississippi flood. The problem isn't the sand -- it's the river.

Ok, now, nobody's allowed to pee for at least a week

Microsoft took the safest path with NSA disclosures. In doing so, it perpetuated a false claim about Skype. But when the alternative is risking serious federal lawsuits and the courts have proven unwilling to take the government to task over expansive claims of national security. In a situation where the judiciary is giving full legal cover to the actions of the NSA and FBI and both major parties are loudly advocating such measures as necessary components of the War on Terror, it's difficult to argue that Microsoft should be the trailblazer. Redmond, perhaps adopting a 'better late than never' strategy, has joined Twitter in calling for greater transparency in disclosing when the government has asked for data and what information it's required to hand over.
  • | Post Points: 110
Not Ranked
Posts 17
Points 80
Joined: Jun 2013

I am done with Skype (and Twitter.) Soon to escape from Facebook. I don't trust ANY of them AT ALL. They will ALL lie to escape federal intrusion.

  • | Post Points: 5
Top 500 Contributor
Posts 191
Points 2,050
Joined: Apr 2013
Location: Fenton, Michigan
Johnny3D replied on Fri, Jun 14 2013 2:05 PM

Bruce: You'll have to essentially go "off the grid" if you want to ensure 100% that nobody would ever snoop in on your data.

I am 100% certain that my life is so uninteresting that it really doesn't matter at ALL if anyone is snooping in on my data... all that would happen is they would get really bored.

  • | Post Points: 5
Top 500 Contributor
Posts 187
Points 1,755
Joined: Nov 2010
lipe123 replied on Fri, Jun 14 2013 3:52 PM

I always thought Skype was properly encrypted, so does this mean that MS is required to decrypt the data for the NSA?

Makes you wonder what happens if someone starts up a completely encrypted VPN kinda like how torrents got out of hand and label it the new super blackhole backbone ^^

  • | Post Points: 5
Top 100 Contributor
Posts 1,081
Points 11,700
Joined: Jul 2009
Joel H replied on Fri, Jun 14 2013 9:00 PM

It means (or suggests) that there's a man-in-the-middle interception effort possibility.

  • | Post Points: 5
Top 150 Contributor
Posts 656
Points 5,955
Joined: May 2008
Location: Stockholm
mhenriday replied on Sat, Jun 15 2013 11:13 AM

What ?!! Microsoft lie about government surveillance ?!! Say it ain't so, Joe[l] !...


Top 150 Contributor
Posts 609
Points 4,990
Joined: Jun 2012
RiCoFrost replied on Sun, Jun 16 2013 7:07 PM

Again how can anyone not know this was already happening!!!!!!!!!!!!!!!

  • | Post Points: 5
Page 1 of 1 (7 items) | RSS