Feeds

Microsoft to Australian government: our kit has no back doors

PRISM, SCHMISM, Redmond and Oz spooks say to Parliamentary Committee

Boost IT visibility and business value

Microsoft has told an Australian Parliamentary Committee its cloud services and software contain no back doors.

The issue arose last year in a committee of Australia's Senate, which like the US body of the same name is a house of review for legislation initiated in the House of Representatives. During a November 2013 meeting of the Senate Finance and Public Administration Legislation Committee, Greens Senator Scott Ludlum asked the chief Information officer of Australia's department of parliamentary services whether Microsoft software contains back doors that would allow the USA to surveil parliamentarians' activities. The question was asked after Edward Snowden's allegations about the NSA's PRISM tool, which Senator Ludlum took at face value, and in the knowledge that Australia's Parliament uses Microsoft products on the desktop and server.

The department's CIO was unable to answer that question, but went away and did her homework.

That effort is now recorded here (PDF) and records Microsoft's response to the question of whether or not its kit includes back doors that could be exploited by US spooks. Or at least back doors Microsoft knows about.

The response starts by noting the department “... has not been provided with any specific advice that Microsoft products or any other products have been backdoored by foreign intelligence services.”

It goes on to offer this report on Microsoft's answer to questions about whether or not its kit includes backdoors:

“Microsoft has advised DPS that there is no backdoor within the Microsoft suite of products nor have they made any attempt to source information from the parliamentary network or provide information to any other entity. Microsoft has advised that they comply with all jurisdictional laws in relation to these matters”.

The CIO's response also suggests that PRISM operates on Microsoft's cloud and that the department does not store parliamentarians' data in the cloud.

The response goes on to say that Australia's Signals Directorate (ASD), the nation's signals intelligence agency, has advised of no actions that need to or could be taken to counter PRISM's possible effects on Australia's Parliament.

Microsoft would know that its response to the Department's inquiries would end up before the Senate Committee, and as the Department's officers swear an oath before appearing there's a big incentive to tell the truth. So let's assume that Microsoft has told the truth: there are no back doors in the software?

What does that mean for Snowden's allegations? Probably not an awful lot. The leaker alleged PRISM touches on cloud services, not on-premises software.

It's therefore nice to know Microsoft is willing to go on the record as saying its products are proudly back-door free, although it's hardly likely to say anything else to a colossal customer. Remember, too, that Australia is a member of the five eyes alliance that benefits from PRISM output, which may not make the ASD the best source of answers on PRISM.

Throw in the fact that the questions asked by Senator Ludlum leave lots of wriggle room. Ludlum's opener - “What can you tell the committee about the network-level security threats posed by using Microsoft software given that it has been backdoored by foreign intelligence agencies? - allow answers to focus on the “network-level” threats and ignore other issues. ®

Build a business case: developing custom apps

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
Govt control? Hah! It's IMPOSSIBLE to have a successful command economy
Even Moore's Law can't help the architects of statism now
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
This'll end well: US govt says car-to-car jibber-jabber will SAVE lives
Department of Transportation starts cogs turning for another wireless comms standard
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.