Feeds

Microsoft to Australian government: our kit has no back doors

PRISM, SCHMISM, Redmond and Oz spooks say to Parliamentary Committee

Choosing a cloud hosting partner with confidence

Microsoft has told an Australian Parliamentary Committee its cloud services and software contain no back doors.

The issue arose last year in a committee of Australia's Senate, which like the US body of the same name is a house of review for legislation initiated in the House of Representatives. During a November 2013 meeting of the Senate Finance and Public Administration Legislation Committee, Greens Senator Scott Ludlum asked the chief Information officer of Australia's department of parliamentary services whether Microsoft software contains back doors that would allow the USA to surveil parliamentarians' activities. The question was asked after Edward Snowden's allegations about the NSA's PRISM tool, which Senator Ludlum took at face value, and in the knowledge that Australia's Parliament uses Microsoft products on the desktop and server.

The department's CIO was unable to answer that question, but went away and did her homework.

That effort is now recorded here (PDF) and records Microsoft's response to the question of whether or not its kit includes back doors that could be exploited by US spooks. Or at least back doors Microsoft knows about.

The response starts by noting the department “... has not been provided with any specific advice that Microsoft products or any other products have been backdoored by foreign intelligence services.”

It goes on to offer this report on Microsoft's answer to questions about whether or not its kit includes backdoors:

“Microsoft has advised DPS that there is no backdoor within the Microsoft suite of products nor have they made any attempt to source information from the parliamentary network or provide information to any other entity. Microsoft has advised that they comply with all jurisdictional laws in relation to these matters”.

The CIO's response also suggests that PRISM operates on Microsoft's cloud and that the department does not store parliamentarians' data in the cloud.

The response goes on to say that Australia's Signals Directorate (ASD), the nation's signals intelligence agency, has advised of no actions that need to or could be taken to counter PRISM's possible effects on Australia's Parliament.

Microsoft would know that its response to the Department's inquiries would end up before the Senate Committee, and as the Department's officers swear an oath before appearing there's a big incentive to tell the truth. So let's assume that Microsoft has told the truth: there are no back doors in the software?

What does that mean for Snowden's allegations? Probably not an awful lot. The leaker alleged PRISM touches on cloud services, not on-premises software.

It's therefore nice to know Microsoft is willing to go on the record as saying its products are proudly back-door free, although it's hardly likely to say anything else to a colossal customer. Remember, too, that Australia is a member of the five eyes alliance that benefits from PRISM output, which may not make the ASD the best source of answers on PRISM.

Throw in the fact that the questions asked by Senator Ludlum leave lots of wriggle room. Ludlum's opener - “What can you tell the committee about the network-level security threats posed by using Microsoft software given that it has been backdoored by foreign intelligence agencies? - allow answers to focus on the “network-level” threats and ignore other issues. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Bono apologises for iTunes album dump
Megalomania, generosity and FEAR of irrelevance drove group to Apple deal
HBO shocks US pay TV world: We're down with OTT. Netflix says, 'Gee'
This affects every broadcaster, every cable guy
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
French 'terror law' declares WAR on the INTERNET itself, say digi-rights folks
Liberté, Égalité, Fraternité: Two out of three ain't bad
SCREW YOU, EU: BBC rolls out Right To Remember as Google deletes links
Not even Google can withstand the power of Auntie
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.