Feeds

Microsoft to Australian government: our kit has no back doors

PRISM, SCHMISM, Redmond and Oz spooks say to Parliamentary Committee

Choosing a cloud hosting partner with confidence

Microsoft has told an Australian Parliamentary Committee its cloud services and software contain no back doors.

The issue arose last year in a committee of Australia's Senate, which like the US body of the same name is a house of review for legislation initiated in the House of Representatives. During a November 2013 meeting of the Senate Finance and Public Administration Legislation Committee, Greens Senator Scott Ludlum asked the chief Information officer of Australia's department of parliamentary services whether Microsoft software contains back doors that would allow the USA to surveil parliamentarians' activities. The question was asked after Edward Snowden's allegations about the NSA's PRISM tool, which Senator Ludlum took at face value, and in the knowledge that Australia's Parliament uses Microsoft products on the desktop and server.

The department's CIO was unable to answer that question, but went away and did her homework.

That effort is now recorded here (PDF) and records Microsoft's response to the question of whether or not its kit includes back doors that could be exploited by US spooks. Or at least back doors Microsoft knows about.

The response starts by noting the department “... has not been provided with any specific advice that Microsoft products or any other products have been backdoored by foreign intelligence services.”

It goes on to offer this report on Microsoft's answer to questions about whether or not its kit includes backdoors:

“Microsoft has advised DPS that there is no backdoor within the Microsoft suite of products nor have they made any attempt to source information from the parliamentary network or provide information to any other entity. Microsoft has advised that they comply with all jurisdictional laws in relation to these matters”.

The CIO's response also suggests that PRISM operates on Microsoft's cloud and that the department does not store parliamentarians' data in the cloud.

The response goes on to say that Australia's Signals Directorate (ASD), the nation's signals intelligence agency, has advised of no actions that need to or could be taken to counter PRISM's possible effects on Australia's Parliament.

Microsoft would know that its response to the Department's inquiries would end up before the Senate Committee, and as the Department's officers swear an oath before appearing there's a big incentive to tell the truth. So let's assume that Microsoft has told the truth: there are no back doors in the software?

What does that mean for Snowden's allegations? Probably not an awful lot. The leaker alleged PRISM touches on cloud services, not on-premises software.

It's therefore nice to know Microsoft is willing to go on the record as saying its products are proudly back-door free, although it's hardly likely to say anything else to a colossal customer. Remember, too, that Australia is a member of the five eyes alliance that benefits from PRISM output, which may not make the ASD the best source of answers on PRISM.

Throw in the fact that the questions asked by Senator Ludlum leave lots of wriggle room. Ludlum's opener - “What can you tell the committee about the network-level security threats posed by using Microsoft software given that it has been backdoored by foreign intelligence agencies? - allow answers to focus on the “network-level” threats and ignore other issues. ®

Security for virtualized datacentres

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.