Feeds

Microsoft to Australian government: our kit has no back doors

PRISM, SCHMISM, Redmond and Oz spooks say to Parliamentary Committee

Secure remote control for conventional and virtual desktops

Microsoft has told an Australian Parliamentary Committee its cloud services and software contain no back doors.

The issue arose last year in a committee of Australia's Senate, which like the US body of the same name is a house of review for legislation initiated in the House of Representatives. During a November 2013 meeting of the Senate Finance and Public Administration Legislation Committee, Greens Senator Scott Ludlum asked the chief Information officer of Australia's department of parliamentary services whether Microsoft software contains back doors that would allow the USA to surveil parliamentarians' activities. The question was asked after Edward Snowden's allegations about the NSA's PRISM tool, which Senator Ludlum took at face value, and in the knowledge that Australia's Parliament uses Microsoft products on the desktop and server.

The department's CIO was unable to answer that question, but went away and did her homework.

That effort is now recorded here (PDF) and records Microsoft's response to the question of whether or not its kit includes back doors that could be exploited by US spooks. Or at least back doors Microsoft knows about.

The response starts by noting the department “... has not been provided with any specific advice that Microsoft products or any other products have been backdoored by foreign intelligence services.”

It goes on to offer this report on Microsoft's answer to questions about whether or not its kit includes backdoors:

“Microsoft has advised DPS that there is no backdoor within the Microsoft suite of products nor have they made any attempt to source information from the parliamentary network or provide information to any other entity. Microsoft has advised that they comply with all jurisdictional laws in relation to these matters”.

The CIO's response also suggests that PRISM operates on Microsoft's cloud and that the department does not store parliamentarians' data in the cloud.

The response goes on to say that Australia's Signals Directorate (ASD), the nation's signals intelligence agency, has advised of no actions that need to or could be taken to counter PRISM's possible effects on Australia's Parliament.

Microsoft would know that its response to the Department's inquiries would end up before the Senate Committee, and as the Department's officers swear an oath before appearing there's a big incentive to tell the truth. So let's assume that Microsoft has told the truth: there are no back doors in the software?

What does that mean for Snowden's allegations? Probably not an awful lot. The leaker alleged PRISM touches on cloud services, not on-premises software.

It's therefore nice to know Microsoft is willing to go on the record as saying its products are proudly back-door free, although it's hardly likely to say anything else to a colossal customer. Remember, too, that Australia is a member of the five eyes alliance that benefits from PRISM output, which may not make the ASD the best source of answers on PRISM.

Throw in the fact that the questions asked by Senator Ludlum leave lots of wriggle room. Ludlum's opener - “What can you tell the committee about the network-level security threats posed by using Microsoft software given that it has been backdoored by foreign intelligence agencies? - allow answers to focus on the “network-level” threats and ignore other issues. ®

Intelligent flash storage arrays

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
DVLA website GOES TITSUP on day paper car tax discs retire
Welcome to GOV.UK - digital by de ... FAULT
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.