Office 365..? how Microsoft handed the NSA access to encrypted messages
Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data Sent from my Mobile Device.
Office 365..? how Microsoft handed the NSA access to encrypted messages
On Fri, Jul 12, 2013 at 2:51 PM, Barry Shein > wrote: > > What I find particularly troubling is this image of the govt paying > for these surveillances. The price seemed to be from around $325 for > an install plus $10 to $750 install and $500/mo. > > Now, let's not drop right into the easy and trite "don't they deserve > to be reimbursed" right off. Sure, they/we do. > > But was this reimbursement, or profitable? > IMHO surveillance is not a profit center. Most don't get enough requests for critical mass and the efficiency to allow for that. The costs referenced in the article are not entirely unreasonable either if you think about the process from service to execution, end/end. The fact that there are associated fees at all is a positive in terms of a deterrent to "some" abuses and act as one level of accountability. Expenses require justification even in the government. The actual cost for the government to operate a surveillance end to end and depending upon where in the ladder it is can be significant, to the tune of tens of thousands of dollars a week. That usually translates into what matters e.g. surveillance of parking offenders vs. terrorists. >From the capex perspective, it can be high and complex for most based on the lack of significant volume. That's where the surveillance managed services come into play, to help to cut the expense. Standard offering: http://www.verisign.com/static/001927.pdf Shaping the expense picture: http://www.neustar.biz/carrier-services/operational-solutions/how-comply-with-regulations-solutions-work#.UeU6kVNqLC0 > > The troubling image that goes like this: > > >ISP VP #1: Any revenue ideas? > [ clip ] > > Accurate? Plausible? Nonsense? I'd go with the latter. You'd need volume and that kind critical mass, at least last I knew, was limited. Here's the last askCALEA congressional report(s) I can find that contain some numbers around that: http://askcalea.fbi.gov/reports/docs/2009wiretap.pdf [ Anyone know if there is anything later or newer? This transparency is important ] I'm not quitting my online collaboration tools just yet. YMMV, and Best, -M< [ clip ]
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
--- wbai...@satelliteintelligencegroup.com wrote: From: Warren Bailey Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data -- Bail on M$ period. If they give the data willingly this way, I'm sure they also do it in other currently unknown ways. Company culture and all that... scott
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
Trying my best here to bail. Between this and the fact they are pulling Technet, along with lots of other little things, I am working my way out. Robert From: Scott Weeks Sent: Thursday, July 11, 2013 15:26 To: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages --- wbai...@satelliteintelligencegroup.com wrote: From: Warren Bailey Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data -- Bail on M$ period. If they give the data willingly this way, I'm sure they also do it in other currently unknown ways. Company culture and all that... scott
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I really hope that this doesn't surprise anyone on this list On Thu, Jul 11, 2013 at 2:15 PM, Robert Webb wrote: > Trying my best here to bail. Between this and the fact they are pulling > Technet, along with lots of other little things, I am working my way out. > > Robert > > > From: Scott Weeks > Sent: Thursday, July 11, 2013 15:26 > To: nanog@nanog.org > Subject: Re: Office 365..? how Microsoft handed the NSA access to > encrypted messages > > --- wbai...@satelliteintelligencegroup.com wrote: > From: Warren Bailey > > Anyone else planning on bailing from office365? > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data > -- > > > Bail on M$ period. If they give the data willingly this > way, I'm sure they also do it in other currently unknown > ways. Company culture and all that... > > scott > > >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
: off topic rant : Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey wrote: > Anyone else planning on bailing from office365? > > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data > > > > Sent from my Mobile Device.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown wrote: > : off topic rant : > > Just assume no data you store and or traverses any public cloud > service is private or secure this is just silly. > > I can't believe people are so naive to believe messages sent over the > public Internet isn't intercepted stored and analyzed by the same > government bodies who gave it to us in the first place. > > I've always heard rumors as a kid that the NSA had systems long in > place that could record all voice calls based on certain key phrases > ever since the Nixon era so please tell me why are most people shocked > with all the spying by governments? > > Sent from my iPhone > > On Jul 11, 2013, at 2:39 PM, Warren Bailey > wrote: > > > Anyone else planning on bailing from office365? > > > > > > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data > > > > > > > > Sent from my Mobile Device. > >
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
Certainly NOT shocked. Just get more and more appalled as to how cooperative some of these companies have become just for the profit margin. At least there are some that try and take a stand for their customer and not just hand over the keys to the palace when the good ole boys ask. Robert From: Rodrick Brown Sent: Thursday, July 11, 2013 21:27 To: Warren Bailey Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages : off topic rant : Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey wrote: > Anyone else planning on bailing from office365? > > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data > > > > Sent from my Mobile Device.
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
--- rw...@ropeguru.com wrote: From: Robert Webb At least there are some that try and take a stand for their customer and not just hand over the keys to the palace when the good ole boys ask. --- Like web search engine startpage.com scott
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It's not a shock. What is shocking, is the blatant disregard for general privacy. Because it exists on a medium other than something I own, it does not somehow become property of another. If this isn't a big deal, I imagine a search of your home isn't an issue either? The point is, these companies have the power (they, after all, pay for elections) to tell these people.. It's not your call. You cannot simply say we are collecting everything, to avert an attack. The Boston guys were both from out of the country, with foreign names, and foreign governments had warned us before. How effective is a machine that scans data for terrorist machines, if a FLAGGED person can still cause us harm? This jihad against America has accomplished one thing, we are going broke trying to fend off an invisible enemy. A kid from Nigeria hopped on a plane with a bomb in his shorts and MADE IT TO AMERICAN SOIL. If I am giving up privacy, I expect a tangible return. A couple of bedroom bombers slipping through the cracks and killing people is not a tangible return, in my opinion. The NSA needs to be spying on OTHER people, we are apparently innocent until proven guilty.. Ymmv Sent from my Mobile Device. Original message From: Rodrick Brown Date: 07/11/2013 6:27 PM (GMT-08:00) To: Warren Bailey Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages : off topic rant : Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey wrote: > Anyone else planning on bailing from office365? > > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data > > > > Sent from my Mobile Device.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Whos doing the spyiing, anyway?, sounds like a colaboration betwen Microsoft and the NSA. Sounds to me like Microsoft, and the NSA,are doing the spyiing.If some judge declare this actions illegal, a crime, Microsoft will be co-perpetrators. Even if no judge declare this a crime, what about the customer position? a) Microsoft lied to you. b) Microsoft conspired with others to break your privacy. c) They did more than the law forced them, to break your privacy. d) You are the product that Microsoft sells to the NSA. Somebody, somewhere on the USA governement, trought that after the 9/11, normal laws not-apply, including the constitution. New laws where made to give free reign, and people like Microsoft happyly jumped to make some money out of it. This is wrong. -- -- ℱin del ℳensaje.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
The US federal government may have funded some initial research into the Internet, but they certainly didn't "[give] it to us in the first place." I know it was probably not the intention, but the phrasing of that statement implies that we are using a government provided communications infrastructure, and as a result we should expect the government to intercept, store, and analyze any information sent over "their" network. Other than that, I completely agree with your statement; it should be a shock to no one that the US federal government is attempting to intercept, store, and analyze as much information from as many sources as possible. As other stated, the somewhat shocking news is that companies have been blatantly lying to the public as to their involvement in this activity. If they are barred from discussing it publicly by applicable laws, which may be unconstitutional and which they refuse the fight in court, then at a minimum they could have said something to the effect of "no comment." Again, this is only somewhat shocking, because I believe everyone expected they were lying, but to see them try and cover up now is both somewhat comical and disappointing. Fred Reimer On 7/11/13 9:27 PM, "Rodrick Brown" wrote: >: off topic rant : > >Just assume no data you store and or traverses any public cloud >service is private or secure this is just silly. > >I can't believe people are so naive to believe messages sent over the >public Internet isn't intercepted stored and analyzed by the same >government bodies who gave it to us in the first place. > >I've always heard rumors as a kid that the NSA had systems long in >place that could record all voice calls based on certain key phrases >ever since the Nixon era so please tell me why are most people shocked >with all the spying by governments? > >Sent from my iPhone > >On Jul 11, 2013, at 2:39 PM, Warren Bailey > wrote: > >> Anyone else planning on bailing from office365? >> >> >> >>http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-use >>r-data >> >> >> >> Sent from my Mobile Device. >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Fri, 12 Jul 2013 09:26:32 -, Warren Bailey said: > The NSA needs to be spying on OTHER people, we are apparently innocent until > proven guilty.. Ymmv Be careful what you wish for - bad things happen when there's an organizational push to find somebody who's guilty of something, when there's not enough actual somebodys to be found... http://www.alternet.org/civil-liberties/fbis-terror-scam I have to agree - if the FBI has to supply both the explosive device and the idea for the target, there probably wasn't much actual threat there. But they need to show some "results" to justify their $3B anti-terrorism budget... I'll shut up now... pgpHm6n4EOCdD.pgp Description: PGP signature
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
Suspecting your spouse of cheating is much different than coming home and finding them in bed with someone. -Original Message- From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: Thursday, July 11, 2013 9:40 PM To: Rodrick Brown Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown wrote: > : off topic rant : > > Just assume no data you store and or traverses any public cloud > service is private or secure this is just silly. > > I can't believe people are so naive to believe messages sent over the > public Internet isn't intercepted stored and analyzed by the same > government bodies who gave it to us in the first place. > > I've always heard rumors as a kid that the NSA had systems long in > place that could record all voice calls based on certain key phrases > ever since the Nixon era so please tell me why are most people shocked > with all the spying by governments? > > Sent from my iPhone > > On Jul 11, 2013, at 2:39 PM, Warren Bailey > wrote: > > > Anyone else planning on bailing from office365? > > > > > > > http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- > user-data > > > > > > > > Sent from my Mobile Device. > >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Touché Sent from my iPhone On Jul 12, 2013, at 8:56 AM, Eric Wieling wrote: > Suspecting your spouse of cheating is much different than coming home and > finding them in bed with someone. > > -Original Message- > From: Grant Ridder [mailto:shortdudey...@gmail.com] > Sent: Thursday, July 11, 2013 9:40 PM > To: Rodrick Brown > Cc: nanog@nanog.org > Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted > messages > > I 2nd Rodrick's statement of "so please tell me why are most people shocked > with all the spying by governments?". All this leak does is confirm what > most people already suspected or assumed. > > -Grant > > On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown wrote: > >> : off topic rant : >> >> Just assume no data you store and or traverses any public cloud >> service is private or secure this is just silly. >> >> I can't believe people are so naive to believe messages sent over the >> public Internet isn't intercepted stored and analyzed by the same >> government bodies who gave it to us in the first place. >> >> I've always heard rumors as a kid that the NSA had systems long in >> place that could record all voice calls based on certain key phrases >> ever since the Nixon era so please tell me why are most people shocked >> with all the spying by governments? >> >> Sent from my iPhone >> >> On Jul 11, 2013, at 2:39 PM, Warren Bailey >> wrote: >> >>> Anyone else planning on bailing from office365? >>> >>> >>> >> http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- >> user-data >>> >>> >>> >>> Sent from my Mobile Device. >> >>
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
We use Office 365 here at work, but I'd definitely be interested in looking into alternate solutions --- at the very least I am going to be sure to inform our staff that there is to be no expectation of privacy when using your Office365 account. Gross. On Fri, Jul 12, 2013 at 1:04 PM, Grant Ridder wrote: > Touché > > Sent from my iPhone > > On Jul 12, 2013, at 8:56 AM, Eric Wieling wrote: > > > Suspecting your spouse of cheating is much different than coming home > and finding them in bed with someone. > > > > -Original Message- > > From: Grant Ridder [mailto:shortdudey...@gmail.com] > > Sent: Thursday, July 11, 2013 9:40 PM > > To: Rodrick Brown > > Cc: nanog@nanog.org > > Subject: Re: Office 365..? how Microsoft handed the NSA access to > encrypted messages > > > > I 2nd Rodrick's statement of "so please tell me why are most people > shocked with all the spying by governments?". All this leak does is > confirm what most people already suspected or assumed. > > > > -Grant > > > > On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown >wrote: > > > >> : off topic rant : > >> > >> Just assume no data you store and or traverses any public cloud > >> service is private or secure this is just silly. > >> > >> I can't believe people are so naive to believe messages sent over the > >> public Internet isn't intercepted stored and analyzed by the same > >> government bodies who gave it to us in the first place. > >> > >> I've always heard rumors as a kid that the NSA had systems long in > >> place that could record all voice calls based on certain key phrases > >> ever since the Nixon era so please tell me why are most people shocked > >> with all the spying by governments? > >> > >> Sent from my iPhone > >> > >> On Jul 11, 2013, at 2:39 PM, Warren Bailey > >> wrote: > >> > >>> Anyone else planning on bailing from office365? > >>> > >>> > >>> > >> http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- > >> user-data > >>> > >>> > >>> > >>> Sent from my Mobile Device. > >> > >> > > -- -- Tom Morris, KG4CYX Mad Scientist and Operations Manager, WDNA-FM 88.9 Miami - Serious Jazz! Engineer, WRGP Radiate FM, Florida International University 786-228-7087 151.820 Megacycles
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
What I find particularly troubling is this image of the govt paying for these surveillances. The price seemed to be from around $325 for an install plus $10 to $750 install and $500/mo. Now, let's not drop right into the easy and trite "don't they deserve to be reimbursed" right off. Sure, they/we do. But was this reimbursement, or profitable? The troubling image that goes like this: ISP VP #1: Any revenue ideas? ISP VP #2: I hear XYZ is being paid pretty good money for surveillances. ISP VP #1: How much? #2: Word is Verizon is getting $775/install and $500/mo. #1: How many of these are they handling? #2: I don't know, maybe millions of them? #1: Millions? You're talking half a bilion a month? #2: Well, that's VZ. #1: Still...what's the COGS? #2: Not much, sunk cost mostly, some netadmin labor, might need a few extra hands to form a team if it scales up, billing, sales, some PR and contract management. #1: Wow, how do we get a piece of this? #2: Let me make a few calls and get back to you... Accurate? Plausible? Nonsense? http://hosted.ap.org/dynamic/stories/U/US_PRICE_OF_SURVEILLANCE?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2013-07-10-06-07-53 or http://tinyurl.com/kj2pelb -- -Barry Shein The World | b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Fri, 12 Jul 2013, Tom Morris wrote: We use Office 365 here at work, but I'd definitely be interested in looking into alternate solutions --- at the very least I am going to be sure to inform our staff that there is to be no expectation of privacy when using your Office365 account. Gross. There should probably never be that expectation with a cloud-based office platform. GPG, TrueCrypt, and SSH are your friends. jms
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports this type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge. If anyone has any questions on Exchange they, too, can contact me off list. Just my 2-cents. -matt On Fri, Jul 12, 2013 at 1:04 PM, Nick Khamis wrote: > We are currently working on something right now where all connections > are doing over an encrypted vpn. We are bringing SIP, email, search, > and cloud to the tunnel. > > You can contact me off list if you would like to know more. > > Nick Khamis > >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I should also note that even if the stores are on an encrypted LUN you are still exposed to impersonation and journaling. -matt On Fri, Jul 12, 2013 at 1:25 PM, Matt Baldwin wrote: > While that would secure the connections from snooping if you're mailboxes > are on Office 365 and those mailbox stores do not exits on an encrypted LUN > then a service can easily read the Exchange database; anyone with server > access can read mail across all mailboxes. In fact, Microsoft supports this > type of setup with impersonation, e.g. a global user that can query any > mailbox it has permissions to within Exchange. This is how some EWS > integrated applications work. It wouldn't be that far fetched for the NSA > to incorporate the same type of query to monitor the mailboxes -- even > subscribing to change notifications so it only queries and collects when a > new mail item has arrived. Additionally, Office 365 can simply create a > journal rule and have all inbound / outbound mail journal to a location > that makes it easier for snoops to look through the messages, e.g. an > external SMTP endpoint, all without the end customers' knowledge. > > If anyone has any questions on Exchange they, too, can contact me off > list. > > Just my 2-cents. > > -matt > > > On Fri, Jul 12, 2013 at 1:04 PM, Nick Khamis wrote: > >> We are currently working on something right now where all connections >> are doing over an encrypted vpn. We are bringing SIP, email, search, >> and cloud to the tunnel. >> >> You can contact me off list if you would like to know more. >> >> Nick Khamis >> >> >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
>> I should also note that even if the stores are on an encrypted LUN you are >> still exposed to >> impersonation and journaling. >> -matt I would hate to assume. Please do elaborate. N.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Matt Baldwin wrote: > While that would secure the connections from snooping if you're mailboxes > are on Office 365 and those mailbox stores do not exits on an encrypted LUN > then a service can easily read the Exchange database; anyone with server > access can read mail across all mailboxes. In fact, Microsoft supports this > type of setup with impersonation, e.g. a global user that can query any > mailbox it has permissions to within Exchange. This is how some EWS > integrated applications work. It wouldn't be that far fetched for the NSA > to incorporate the same type of query to monitor the mailboxes -- even > subscribing to change notifications so it only queries and collects when a > new mail item has arrived. Additionally, Office 365 can simply create a > journal rule and have all inbound / outbound mail journal to a location > that makes it easier for snoops to look through the messages, e.g. an > external SMTP endpoint, all without the end customers' knowledge. > > If anyone has any questions on Exchange they, too, can contact me off list. > > Just my 2-cents. Any what's to say that email addresses at Office 365 aren't just mailing lists where you get a copy and so does $FEDAGENCY. That's how my kids' email addresses work at home :-) - -- = bep -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH =LDSL -END PGP SIGNATURE-
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Fri, Jul 12, 2013 at 5:23 PM, Bruce Pinsky wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Matt Baldwin wrote: > > While that would secure the connections from snooping if you're mailboxes > > are on Office 365 and those mailbox stores do not exits on an encrypted > LUN > > then a service can easily read the Exchange database; anyone with server > > access can read mail across all mailboxes. In fact, Microsoft supports > this > > type of setup with impersonation, e.g. a global user that can query any > > mailbox it has permissions to within Exchange. This is how some EWS > > integrated applications work. It wouldn't be that far fetched for the NSA > > to incorporate the same type of query to monitor the mailboxes -- even > > subscribing to change notifications so it only queries and collects when > a > > new mail item has arrived. Additionally, Office 365 can simply create a > > journal rule and have all inbound / outbound mail journal to a location > > that makes it easier for snoops to look through the messages, e.g. an > > external SMTP endpoint, all without the end customers' knowledge. > > > > If anyone has any questions on Exchange they, too, can contact me off > list. > > > > Just my 2-cents. > > Any what's to say that email addresses at Office 365 aren't just mailing > lists where you get a copy and so does $FEDAGENCY. That's how my kids' > email addresses work at home :-) > > > - -- > = > bep > > -BEGIN PGP SIGNATURE- > Version: GnuPG v2.0.17 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf > VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH > =LDSL > -END PGP SIGNATURE- > You spy on your kids? I thought not being able to put a lock on my door was bad... N.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. Original message From: Nick Khamis Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry -Original Message- From: Warren Bailey Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis; Justin M. Streiner Reply-To: Warren Bailey Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. Original message From: Nick Khamis Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Sat, 13 Jul 2013 03:50:19 -, ryang...@gmail.com said: > Only thing you can do is change to a solution that you have more control over. > Sent on the TELUS Mobility network with BlackBerry Best. Juxtaposition. Ever. pgpx44eXt4RGv.pgp Description: PGP signature
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
The entire idea of prism is hitting tier 1 providers and mass communications providers. If they haven't rooted your exchange gear, they don't need to - your upstream providers entire stream is being copied. I can't think of many providers that couldn't be intercepted. When new transportation mediums arrive, who cares.. You already have a copy from their provider or peer. Sent from my Mobile Device. Original message From: ryang...@gmail.com Date: 07/12/2013 8:52 PM (GMT-08:00) To: Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry -Original Message- From: Warren Bailey Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis; Justin M. Streiner Reply-To: Warren Bailey Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. Original message From: Nick Khamis Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Maybe people will now start turning on their encryption functions on any device capable of doing it :) On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < wbai...@satelliteintelligencegroup.com> wrote: > The entire idea of prism is hitting tier 1 providers and mass > communications providers. If they haven't rooted your exchange gear, they > don't need to - your upstream providers entire stream is being copied. I > can't think of many providers that couldn't be intercepted. When new > transportation mediums arrive, who cares.. You already have a copy from > their provider or peer. > > > Sent from my Mobile Device. > > > Original message > From: ryang...@gmail.com > Date: 07/12/2013 8:52 PM (GMT-08:00) > To: > Cc: nanog@nanog.org > Subject: Re: Office 365..? how Microsoft handed the NSA access to > encrypted messages > > > It wouldn't be. When the endpoint in question is compromised, there isn't > any amount of tunneling or obscurity between point a and point b that will > resolve it. Only thing you can do is change to a solution that you have > more control over. > Sent on the TELUS Mobility network with BlackBerry > > -Original Message- > From: Warren Bailey > Date: Sat, 13 Jul 2013 00:12:37 > To: Nick Khamis; Justin M. Streiner< > strei...@cluebyfour.org> > Reply-To: Warren Bailey > Cc: nanog@nanog.org > Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted > messages > > That doesn't sound like it would be effective in this instance? > > > Sent from my Mobile Device. > > > ---- Original message ---- > From: Nick Khamis > Date: 07/12/2013 1:06 PM (GMT-08:00) > To: "Justin M. Streiner" > Cc: nanog@nanog.org > Subject: Re: Office 365..? how Microsoft handed the NSA access to > encrypted messages > > > We are currently working on something right now where all connections > are doing over an encrypted vpn. We are bringing SIP, email, search, > and cloud to the tunnel. > > You can contact me off list if you would like to know more. > > Nick Khamis > >
RE: Office 365..? how Microsoft handed the NSA access to encrypted messages
> Maybe people will now start turning on their encryption functions on > any device capable of doing it :) Those that care did that many moons ago. The rest don't care. Of course, if you do not have control of the endpoints doing the encryption (ie, the untrustworthy sucker is in the middle somewhere) then it does not matter. Those who care maintain their own endpoints. Those that do not care use gmail, office365, yahoo, and their carriers e-mail outsourced to one of the previously listed. Given that this (spying and massive interception) has been common knowledge since the inception of the Internet, and that it has particularly been known that the United States became particularly despotic and corrupt, in the last decade and a bit when it started hoovering up everything they could get their suckers on (by creating massive cable cuts all of the US so they could install their taps), those that are still sending traffic through the United States or using hosting services in the United States, without very strong encryption simple do not care. Folks who use Office 365 simply do not care in the least about privacy, confidentiality or security. If they did they would not be using Office 365. Or gmail. Or Yahoo. Or whatever they are using. Since these people do not care, and they continue to use these services, and this has been a known circumstance for decades, what makes you think that "many people" will suddenly start to be concerned and migrate to more private/secure/confidential systems that have been available all along but that they deliberately chose not to use?
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Seems Kim was right all along... Rumors have it MegaEmail is in the works. Sent from my iPhone On Jul 14, 2013, at 3:45 AM, Eugeniu Patrascu wrote: > Maybe people will now start turning on their encryption functions on any > device capable of doing it :) > > > On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < > wbai...@satelliteintelligencegroup.com> wrote: > >> The entire idea of prism is hitting tier 1 providers and mass >> communications providers. If they haven't rooted your exchange gear, they >> don't need to - your upstream providers entire stream is being copied. I >> can't think of many providers that couldn't be intercepted. When new >> transportation mediums arrive, who cares.. You already have a copy from >> their provider or peer. >> >> >> Sent from my Mobile Device. >> >> >> Original message >> From: ryang...@gmail.com >> Date: 07/12/2013 8:52 PM (GMT-08:00) >> To: >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to >> encrypted messages >> >> >> It wouldn't be. When the endpoint in question is compromised, there isn't >> any amount of tunneling or obscurity between point a and point b that will >> resolve it. Only thing you can do is change to a solution that you have >> more control over. >> Sent on the TELUS Mobility network with BlackBerry >> >> -----Original Message- >> From: Warren Bailey >> Date: Sat, 13 Jul 2013 00:12:37 >> To: Nick Khamis; Justin M. Streiner< >> strei...@cluebyfour.org> >> Reply-To: Warren Bailey >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted >> messages >> >> That doesn't sound like it would be effective in this instance? >> >> >> Sent from my Mobile Device. >> >> >> Original message >> From: Nick Khamis >> Date: 07/12/2013 1:06 PM (GMT-08:00) >> To: "Justin M. Streiner" >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to >> encrypted messages >> >> >> We are currently working on something right now where all connections >> are doing over an encrypted vpn. We are bringing SIP, email, search, >> and cloud to the tunnel. >> >> You can contact me off list if you would like to know more. >> >> Nick Khamis >> >>
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Kim was never right all along. I worked for them/him in Munich in 2000 just before tuv buyout. I'm actually really surprised journalists haven't googled his back story.. The real one. Sent from my Mobile Device. Original message From: Rodrick Brown Date: 07/14/2013 9:16 AM (GMT-08:00) To: Eugeniu Patrascu Cc: Warren Bailey ,nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Seems Kim was right all along... Rumors have it MegaEmail is in the works. Sent from my iPhone On Jul 14, 2013, at 3:45 AM, Eugeniu Patrascu wrote: > Maybe people will now start turning on their encryption functions on any > device capable of doing it :) > > > On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < > wbai...@satelliteintelligencegroup.com> wrote: > >> The entire idea of prism is hitting tier 1 providers and mass >> communications providers. If they haven't rooted your exchange gear, they >> don't need to - your upstream providers entire stream is being copied. I >> can't think of many providers that couldn't be intercepted. When new >> transportation mediums arrive, who cares.. You already have a copy from >> their provider or peer. >> >> >> Sent from my Mobile Device. >> >> >> Original message ---- >> From: ryang...@gmail.com >> Date: 07/12/2013 8:52 PM (GMT-08:00) >> To: >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to >> encrypted messages >> >> >> It wouldn't be. When the endpoint in question is compromised, there isn't >> any amount of tunneling or obscurity between point a and point b that will >> resolve it. Only thing you can do is change to a solution that you have >> more control over. >> Sent on the TELUS Mobility network with BlackBerry >> >> -----Original Message- >> From: Warren Bailey >> Date: Sat, 13 Jul 2013 00:12:37 >> To: Nick Khamis; Justin M. Streiner< >> strei...@cluebyfour.org> >> Reply-To: Warren Bailey >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted >> messages >> >> That doesn't sound like it would be effective in this instance? >> >> >> Sent from my Mobile Device. >> >> >> Original message >> From: Nick Khamis >> Date: 07/12/2013 1:06 PM (GMT-08:00) >> To: "Justin M. Streiner" >> Cc: nanog@nanog.org >> Subject: Re: Office 365..? how Microsoft handed the NSA access to >> encrypted messages >> >> >> We are currently working on something right now where all connections >> are doing over an encrypted vpn. We are bringing SIP, email, search, >> and cloud to the tunnel. >> >> You can contact me off list if you would like to know more. >> >> Nick Khamis >> >>
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
my guess is that microsoft was probably more honest than gobble, appeal, etc. so ms looks as if they gave more to the nsa traitors when, in fact, they were all likely in the same rotten boat. randy
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote: > in > fact, they were all likely in the same rotten boat. Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On 7/14/2013 3:37 PM, Richard Golodner wrote: On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote: in fact, they were all likely in the same rotten boat. Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Sun, 14 Jul 2013, Aaron Wendel wrote: We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it. It sounds like many of them were 'compelled' to 'volunteer'. Probably not much, because they really don't have to offer much. I could see Uncle Sam strong-arming carriers who are beholden to the [local/state/ federal] government in some fashion for their ability to operate their businesses (wireless spectrum auctions, state utility commission approvals for XYZ, getting on the approved bidder list for government contracts, etc). I'm also pretty sure the CxOs and legal counsels who reviewed and signed off on whatever agreements the NSA put in front of them won't be talking about the fine print any time soon. jms
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said: > We (ISPs) are all compelled to provide information from time to time > under a court order. The PRISM program is voluntary. Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is. pgpyp3UhrUiFO.pgp Description: PGP signature
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Mon, Jul 15, 2013 at 10:11 AM, wrote: > On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said: > >> We (ISPs) are all compelled to provide information from time to time >> under a court order. The PRISM program is voluntary. > > Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is. it REALLY depends on what 'prisim' is... seen in one light, the program is 'just' isp/asp people who agree to permit FISA requests to be satisfied via: "scp files from fisa.isp.net with key fingerprint 0xasdasdasd" of course, the other way to read it (as the news would like us to believe) is as: "plug nsa ethernet into eth1 of all servers and routers, kthxbi!" more details would certainly make this whole conversation less alamist and more rational. -chris
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I don't think the conversation is based around the method by which information is intercepted. I hope the conversation is aligned with its reasoning for disclosure - the American people stopping a government who is known for abusing it's power. Obviously this does not mean physically stopping them, but I imagine most people know what motivates their state and national political officials. I still wonder why Mr. Snowden hasn't dropped more damaging information, it would seem his sworn enemy has made their feelings somewhat clear. Sent from my Mobile Device. Original message From: Christopher Morrow Date: 07/15/2013 7:34 AM (GMT-08:00) To: Valdis Kletnieks Cc: nanog list Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages On Mon, Jul 15, 2013 at 10:11 AM, wrote: > On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said: > >> We (ISPs) are all compelled to provide information from time to time >> under a court order. The PRISM program is voluntary. > > Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is. it REALLY depends on what 'prisim' is... seen in one light, the program is 'just' isp/asp people who agree to permit FISA requests to be satisfied via: "scp files from fisa.isp.net with key fingerprint 0xasdasdasd" of course, the other way to read it (as the news would like us to believe) is as: "plug nsa ethernet into eth1 of all servers and routers, kthxbi!" more details would certainly make this whole conversation less alamist and more rational. -chris
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Dropping everything at once may dilute the debate as I am sure your government and every other government that may be proved to be involved will try to focus the discussion on small and less damaging issues until the bigger ones are forgotten. Reveal something, wait a few weeks/months, reveal something else may keep the debate open for longer time and at some point maybe enough critical mass is attained where something can be achieved. On Mon, Jul 15, 2013 at 7:17 PM, Warren Bailey < wbai...@satelliteintelligencegroup.com> wrote: > I don't think the conversation is based around the method by which > information is intercepted. I hope the conversation is aligned with its > reasoning for disclosure - the American people stopping a government who is > known for abusing it's power. Obviously this does not mean physically > stopping them, but I imagine most people know what motivates their state > and national political officials. I still wonder why Mr. Snowden hasn't > dropped more damaging information, it would seem his sworn enemy has made > their feelings somewhat clear. > > > Sent from my Mobile Device. > > > Original message > From: Christopher Morrow > Date: 07/15/2013 7:34 AM (GMT-08:00) > To: Valdis Kletnieks > Cc: nanog list > Subject: Re: Office 365..? how Microsoft handed the NSA access to > encrypted messages > > > On Mon, Jul 15, 2013 at 10:11 AM, wrote: > > On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said: > > > >> We (ISPs) are all compelled to provide information from time to time > >> under a court order. The PRISM program is voluntary. > > > > Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is. > > it REALLY depends on what 'prisim' is... seen in one light, the > program is 'just' isp/asp people who agree to permit FISA requests to > be satisfied via: "scp files from fisa.isp.net with key fingerprint > 0xasdasdasd" > > of course, the other way to read it (as the news would like us to > believe) is as: "plug nsa ethernet into eth1 of all servers and > routers, kthxbi!" > > more details would certainly make this whole conversation less alamist > and more rational. > -chris > >
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing. That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation. -- -- ℱin del ℳensaje.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
Or you could send emails that people cannot reply to, that would stop them dead in their tracks.. ;) Sent from my Mobile Device. Original message From: Date: 07/16/2013 1:20 AM (GMT-08:00) To: Cc: nanog list Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing. That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation. -- -- ℱin del ℳensaje.
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Tue, Jul 16, 2013 at 1:42 AM, Eugeniu Patrascu wrote: > Dropping everything at once may dilute the debate as I am sure your > government and every other government that may be proved to be involved will it seems likely that every gov't with sense is doing this sort of thing... there's no reason for them NOT to, and many many countries intentionally setup their telecoms infrastructure in a way that supports this behaviour. -chris (yes, over broad collection and analysis and leaving it to the analyst(s) to decide what is 'overbroad' - "my girlfriend/wife/horse WAS talking to a foreign person...honest!" isn't cool, I'm not debating that point)
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I still believe the initial disclosure should have included a matter of great international importance.. If it were me, I would have dropped info along with the fact that facebook is going to a pay model. There would have been riots in the streets. ;) Sent from my Mobile Device. Original message From: Christopher Morrow Date: 07/16/2013 9:48 AM (GMT-08:00) To: Eugeniu Patrascu Cc: Warren Bailey ,Valdis Kletnieks ,nanog list Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages On Tue, Jul 16, 2013 at 1:42 AM, Eugeniu Patrascu wrote: > Dropping everything at once may dilute the debate as I am sure your > government and every other government that may be proved to be involved will it seems likely that every gov't with sense is doing this sort of thing... there's no reason for them NOT to, and many many countries intentionally setup their telecoms infrastructure in a way that supports this behaviour. -chris (yes, over broad collection and analysis and leaving it to the analyst(s) to decide what is 'overbroad' - "my girlfriend/wife/horse WAS talking to a foreign person...honest!" isn't cool, I'm not debating that point)
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Tue, 16 Jul 2013 10:17:46 +0200, "<<\"tei''>>>" said: > It would be fun to make a encryptation keyboard. A keyboard that add > the text you write to a buffer, and wen the buffer is full, output it > to the computer encrypted. Maybe with pgp. Such machine would > probably need a led with the text you are writing. > > That way, you coud be using Google Docs or Office 365. And the > computer OS can have a keylogger and a backdoor. And you will still > be somewhat safe if pgp provide you with strong enough level of > encryptation. Congrats. You just re-invented the TPM chip. (And how do you actually guarante that your keyboard doesn't have a keylogger or a backdoor? Such things *have* been installed inside keyboards before...) pgpDWVV3MWbX8.pgp Description: PGP signature
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Sun, Jul 14, 2013 at 1:45 PM, Aaron Wendel wrote: > On 7/14/2013 3:37 PM, Richard Golodner wrote: > >> On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote: >> >>> in >>> fact, they were all likely in the same rotten boat. >>> >> >> Why I love open source. Look at my mail, track my web site >> visits. None >> of this should come as any surprise, especially to the members of this >> list. Now for the guy down the street that is working on his 69 Camaro >> at two in the morning it may have come as a shock. >> Richard >> >> >> > We (ISPs) are all compelled to provide information from time to time under > a court order. The PRISM program is voluntary. These companies gave the > NSA access to their systems voluntarily. To me there is a big difference. > I would be interested to know what they got out of it. > > It was far from voluntary, and it apparently didn't happen without a lot of resistance. At least some details of the long, hard fight that started five years ago are finally being allowed to be declassified now: http://money.cnn.com/2013/07/16/technology/security/yahoo-fisa-court/index.html http://mashable.com/2013/07/16/yahoo-fisa-court-2008-prism/ It will be interesting to see how much of the court documents will be visible and unredacted when they are released on Monday. Matt
