12 comments

[ 2.7 ms ] story [ 36.1 ms ] thread
We call for Microsoft to implement end to end encryption/intuitive client side encryption for their services if "our privacy (really) is their priority" - and maybe even turn Skype back to P2P. Otherwise this just seems like a "Whoops, we got caught for allowing NSA to spy on our users since 2007 [1] - now let's do something quick to improve our PR" type of thing.

[1] http://www.washingtonpost.com/wp-srv/special/politics/prism-...

Also, the calls for boycotting US companies over this seems to have worked pretty well so far [2], just as I expected, and the companies are now starting to use their money and influence to fight against the spying, in our name - which as I've said before it may just be the only thing to change the US government's mind over the mass spying apparatus, because I don't think having just us complaining about it will work - short of a million-man protest in front of the White House or a nation-wide revolution.

[2] http://www.guardian.co.uk/world/2013/jul/17/nsa-court-challe...

But I think this is merely the beginning, and it's not nearly enough [2] to convince the US government that it needs to stop, so we need to push more with the boycotting.

[3] http://blogs.hbr.org/cs/2013/07/a_call_to_boycott_us_tech_pl...

It has been written down many times that p2p messaging on mobile devices does not really work (in Skype's case, the original p2p architecture used online devices as temporary supernodes, draining their battery, increasing their data usage).
I was under the belief that it looked for nodes with things like high bandwidth, low latency and no problems with firewalls and such. And even then, it's not like they didn't have a clump of machines 'always on' as supernodes anyway.

Because of all of that, I find it hard to believe that Skype would choose mobile devices as supernodes...

Because P2P is terrible for audio and video? The quality of call I'd get on skype would be random because you never know if the system will route you through some kid's oversaturated DSL line or 1gbs fiber.

On top of it, p2p apps like the old skype and spotify aren't very nice. I've seen them make 3-5mbps DSL borderline unusable. This is unacceptable in a business setting and home users may not be aware that they are hitting a cap with their ISP when running these apps.

This is all straw man PR at this point.

If companies were REALLY concerned with this, there would have been stories years before Snowden came forward with titles such as "Microsoft Demands US Government Allow More Transparency on Security Concerns with 'Potential' Constitutional Implications"

Instead the cat is out of the bag and now all of a sudden these companies want to talk about how the gag order is something they all hate.

Better to ask forgiveness, I guess.

I believe this is really going to hurt their effort to sell Azure more than anything else.
What's the record on the other major cloud providers?

Not snarky, serious question - my impression is that none of them have been particularly defensive when it comes to resisting warrantless or secret-warrant searches.

Exactly the press seems to be overly happy to bash MS for this when pretty much every online property has complied with such requests.
I used to claim that I want all these companies to give me functioning end-to-end encryption. At this point, I can't even be sure that end-to-end would be sufficient with a Microsoft product, since it seems they hand over data gathered at my end.

I find it hard to see how they could recover from this PR nightmare. Well, they at least have to try, I suppose.

This seems to be a PR nightmare only in the tech circles. Most likely, nothing will change. Bunch of techies will stop using MS products, which wouldn't make any difference to MS. Bulk of the population will continue using MS products (because either they don't understand, or just don't care - most likely the latter)
Yes, this is PR. But what else were this companies supposed to do?

If they disclosed any information, then they would get into a lot of trouble with the government and possible get arrested.

So what happens if these companies release this data without the AGs explicit permission? Why not just ban together with Google et. al. and publish it?