The Redmond company improves encryption for Outlook.com and OneDrive through TLS and PFS. It also opens a Centre Transparency on campus.
End of 2013, Microsoft announced a series of commitments to improve the security of users' data and in particular through measures at the level of encryption. It was then back to faster user confidence after Edward Snowden revelations and to provide "protection against espionage government" U.S. itself.
Over the past six months, many of these commitments have been formalized in products like Microsoft Azure, Office 365 and Skype. Today, Microsoft states activation of encryption protocol for Transport Layer Security for its webmail Outlook.com.
TLS is the promise of encryption for routing incoming and outgoing emails. It thus tends for encryption on end-to-end which makes it very complicated espionage communications by third parties.
Such protection is really effective for all transit email if the various suppliers involved play the game with an implementation of TLS for their servers. On this point, Microsoft said it had worked closely and conducted tests with providers such as Deutsche Telekom, Yandex and mail.ru.
Nevertheless, the chapter of Google transparency report devoted to the secure messaging shows that the generalization of TLS to all suppliers is still far from being achieved. This is particularly the case for French Internet access providers. Orange gets zero points for example in trade with Gmail for encryption during shipment.
Microsoft has also enabled the encryption protocol of Perfect Forward Secrecy to protect connections between Outlook.com server and other email providers. The principle is to use a different encryption key for each connection. Therefore, an attacker who manages to break a key cannot decrypt retrospectively previous connections.
PFS was also activated for OneDrive. OneDrive users are concerned automatically when accessed via onedrive.live.com, and the mobile application through the synchronization clients.
For it to step, one final issue mentioned by Microsoft is opening a Centre Transparency at its headquarters in Redmond United States. It can accommodate government clients of Microsoft so they examine the source code of software products and ensure it does not contain backdoors. By the end of the year, Microsoft has opened a Centre Transparency International in Brussels, Belgium.
Bookmarks