SHARING AMERICA'S TECH NEWS FROM THE VALLEY TO THE ALLEY
by Nicholas Carlson (courtesy BusinessInsider)
Earlier today, we spoke to a former Microsoft cloud systems engineer who seriously doubts a report published last night that alleges a partnership between tech companies and the NSA.
The Washington Post reported last night that the NSA has a secret program for spying on foreigners on the Internet.
It’s called PRISM.
According to documents obtained by the Post, PRISM allows the NSA to tap directly into the central servers of 9 big Internet companies: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.
The documents obtained by the Post say this is access is provided voluntarily by these tech firms.
With that access, the NSA is able to look at terabytes of private user photos, videos, private messages, and metadata.
The US government, which has since admitted that PRISM exists in some form, says it does not use the technology to spy on Americans, and that it is legal and court-supervised.
A source told the Post that with PRISM, the NSA can “quite literally can watch your ideas form as you type.”
Since the Post story broke last night, all of the tech companies have denied any affiliation with PRISM. Several said they have no idea what it is.
Earlier today, we spoke to a former Microsoft engineer.
This engineer worked in cloud storage – “the place where a lot of Microsoft services and third-party services stored data.”
In other words, he worked with the servers that PRISM supposedly has “back door” access to.
This source tells us he finds it “improbable” that PRISM can do all that the NSA documents obtained by the Post say it can do.
He says that while Microsoft regularly complies with government requests for data, “the only systems that exist are for legit law enforcement requests backed by the right court order.”
Furthermore, when the proper court order comes through, it is not as if the government is then given free access into Microsoft servers. What happens is: the government asks Microsoft for data from the server, and then a Microsoft employee retrieves it.
This former Microsoft employee said there are four basic reasons he finds it “improbable” that PRISM can do all that the NSA documents obtained by the Post say it can.
“Any data access is logged, monitored, audited.”
“Any such tool would need the involvement of a lot of people which grows over time. It would be hard to do this in secrecy.”
“Culturally, Microsoft places a lot of focus on safely handling data and only handing data to outsiders through strict process.”
“I’ve worked in some of the systems that would have been touched and so have some friends. None of them have heard of this.”
This source cautions that he believes PRISM to be “improbable” but not “impossible.”
“Maybe the NSA files fake court orders. Maybe they have malware that has access to the Microsoft network. Maybe they have secret Microsoft employees that carry out access for them and are smart enough to cover their tracks.”
“But those are all improbable.”
Thank you. TiA.