Microsoft switches off privacy for Hotmail users in war-torn and repressive states

For reasons unknown, Microsoft has changed the settings on Hotmail to disable HTTPS for users in several countries including Bahrain, Morocco, Algeria, Syria, Sudan, Iran, Lebanon, Jordan, Congo, Myanmar, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan. Hotmail users in those countries can now be readily spied upon by ISPs and their governments. The Electronic Frontier Foundation has some good perspective:

Microsoft debuted the always-use-HTTPS feature for Hotmail in December of 2010, in order to give users the option of always encrypting their webmail traffic and protecting their sensitive communications from malicious hackers using tools such as Firesheep, and hostile governments eavesdropping on journalists and activists. For Microsoft to take such an enormous step backwards-- undermining the security of Hotmail users in countries where freedom of expression is under attack and secure communication is especially important--is deeply disturbing. We hope that this counterproductive and potentially dangerous move is merely an error that Microsoft will swiftly correct.
The good news is that the fix is very easy. Hotmail users in the affected countries can turn the always-use-HTTPS feature back on by changing the country in their profile to any of the countries in which this feature has not been disabled, such as the United States, Germany, France, Israel, or Turkey. Hotmail users who browse the web with Firefox may force the use of HTTPS by default--while using any Hotmail location setting--by installing the HTTPS Everywhere Firefox plug-in.

Microsoft Shuts off HTTPS in Hotmail for Over a Dozen Countries

EFF's latest HTTPS Everywhere plugin helps protect against ...

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE: Action • ssl • Technology

More at Boing Boing

The technology that links taxonomy and Star Trek

Hackers prepare for first "national holiday" in their honor

holtt

Can we tone down the FUD and panic here? Here is an update from the original article…

UPDATE (3/26/11): HTTPS is again available for those in the countries discussed below. Microsoft denies deliberately blocking access to HTTPS, blaming the problem on a bug:

We are aware of an issue that impacted some Hotmail users trying to enable HTTPS. That issue has now been resolved. Account security is a top priority for Hotmail and our support for HTTPS is worldwide â€“ we do not intentionally limit support by region or geography and this issue was not restricted to any specific region of the world.
- chawke
  
  holtt wrote: Can we tone down the FUD and panic here?
  
  We say:
  
  ‘Hungry…Must Eat…’
  
  But seriously, in this case, even if it is looking more like an unfortunate bug instead of deliberate aiding of oppressive regimes, we were more likely to believe it to be a deliberate action because of previous & proven sleazy actions on the part of Microsoft.
Deidzoeb

Haters gonna hate, Libyans gonna lib, capitalists gonna capitalize. Also hot coffee is hot.
Jack

Is this somehow connected to this?
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=229400228&cid=RSSfeed_IWK_All
imron

Export restrictions on cryptography perhaps?
- Jack
  
  Horrible time to get legal when the whole region is falling apart. Twitter gets messages from the White House asking them to delay scheduled upgrades, but this happens?
Anonymous

Facts like this are one of the reason why I would really like to see some ISP start offering things like the Virtual Personal Email Server that I described last year in this post: http://freesoftware.zona-m.net/wanted-virtual-personal-email-servers/
danby

Apparently it was just a bug and other random countries were affected too. It’s been fixed now. Doesn’t look like there’s a conspiracy here.

http://www.theregister.co.uk/2011/03/26/microsoft_https_hotmail_syria/
- Sapa
  
  haha I looked at the link and also saw this one
  
  http://www.theregister.co.uk/2011/03/21/mod_gaddafi/
ledfloyd

Microsoft Wins ‘Most Ethical’ Award [ http://www.huffingtonpost.com/2011/03/17/microsoft-most-ethical-company_n_837003.html ]
Showing Ethics doesn’t parallel Morality.
Anonymous

Correction: http://www.theregister.co.uk/2011/03/26/microsoft_https_hotmail_syria/

It’s a bug which has now been fixed.

- Pedro
notatoad

“Hotmail users who browse the web with Firefox may force the use of HTTPS by default–while using any Hotmail location setting–by installing the HTTPS Everywhere Firefox plug-in.”

and chrome users can use the KB SSL enforcer.
Sapa

“For Microsoft to take such an enormous step backwards– undermining the security of Hotmail users in countries where freedom of expression is under attack and secure communication is especially important–is deeply disturbing.”

I second that
Anonymous

This is horrifying in its implications.
Oshkosh John

It obviously has to said be over and over, until everyone gets it.

Dammit, everything you ever put onto the Internet is visible to somebody whom you might not want to be made privy to your thoughts. If you are doing illegal or possibly not-quite-proper activities, discuss them face-to-face, in the flesh!

You can arrange your meetings on the Internet using cryptic phrasing. If someone really cares about your comings and goings, you’ll be caught anyway.
Anonymous

It is really simple, don’t use Hotmail.

Why would anyone think that Microsoft cares about their privacy?

Microsoft is one of the world’s biggest corporations and has always valued the bottom line over needs of individual customers.

Also treat all e-mail like a postcard. Don’t put anything in an e-mail your wouldn’t put on a postcard.
Nasicournus

This would be a lot more shOc
Nasicournus

This would be a lot more upsetting if anyone used hotmail anymore.
chawke

Not a surprise.

Just Google ‘gates foundation monsanto’. Here’s a link to an example of what appears:

http://www.techdirt.com/articles/20100830/12233610823.shtml

Also, Bill Gates has spoken in favor of using vaccines on poor populations, with or without their consent, to control population. He is on the population bomb bandwagon- a popular hobby of the American Upper-class. (Another hobby of the upper-class is complaining about the wages of man-servants and restroom attendants.)

The population-bomb theory _is_ complete bullshit, often times racist, and always classist.

People like Gates see the human population’s worth and right to exist in terms of one’s perceived utility to the ultra-elite. They see themselves as the ‘real’ humanity – those who will be in the history books. After all, to use one of their examples, whom do we find more interesting – the Pharaohs, or the coolies who built their pyramids?

(FWIW – I find the coolies more interesting.)
- zeh
  
  Agreed. And isn’t it funny that the ultra-elite that gets portrayed in the history books are the very same that (re)write history through said books?
- Rob
  
  You are aware that the effects of vaccines INCREASE the population?
  - chawke
    
    Rob…braaaah…I’ll try reeaal hard not to be pissy here.
    
    I am not railing against vaccines. Vaccines are good – save a lot of lives. Please read the article attached to my comment. And I believe the supposed autism-vaccine link to be bad, f.k’d up science at best and blatant fraud at worst…
    
    It is about vaccine and vaccine-like technology specifically meant to sterilize people – with or with-out their consent. This is probably why Gates et al want to develop a sterilization vaccine – so the vaccines against disease will not result in any unproductive increase in the population of their inferiors.
    
    Please…please…try to use whichever critical thinking skills you have when replying to comments! Ooopsies – I just got pissy there. Sorry ;)
    - randomly directed
      
      It is about vaccine and vaccine-like technology specifically meant to sterilize people – with or with-out their consent. This is probably why Gates et al want to develop a sterilization vaccine – so the vaccines against disease will not result in any unproductive increase in the population of their inferiors.
      
      Would you care to provide citations for your claims, or should we pretend that your hackneyed framing of this as class-warfare by the bourgeoisie supplemented by shameless usage of the race card is proof enough? Never mind the fact that your rants collectively comprise nothing more than a diversion from the topic at hand. Bill Gates is not Microsoft, nor do his purported evils taint the company by some bizarre form of guilt-by-association. Deliberately rescinding privacy from groups that need it the most is a dick move in and of itself, although there seems to be some evidence that it wasn’t malice as much as incompetence.
      - chawke
        
        Dear Lucy,
        
        Y U MAD?
        
        Love,
        
        Ricky
    - Anonymous
      
      Chawke said:
      
      “It is about vaccine and vaccine-like technology specifically meant to sterilize people – with or with-out their consent. This is probably why Gates et al want to develop a sterilization vaccine – so the vaccines against disease will not result in any unproductive increase in the population of their inferiors.”
      
      Gates had the shocking notion that, if people’s kids don’t die, they won’t have as many of them. This was predictably distorted by the antivax scum. Yes, scum. My dad’s a polio survivor, which makes me feel strongly about them.
      
      Did you realize that polio was near being wiped out in Africa when someone started a rumor that the vaccine was actually a plot to sterilize Muslim girls? This kind of FUD is recurrent, and it kills and maims.
      
      —Beryl MacLachlan
chawke

Beryl MacLachlan: Yes – antivax people are mislead. Please re-read my comments. I NEVER said anything that could be interpreted by a reasonable person as being anti-vaccine. Instead I receive shrill comments calling me ‘antivax scum’ and another implying that I am a communist.

Beryl – vaccines are a tool which an be used for good or not-so-good purposes, and in case you’re wondering, I’ve had all of mine and try to keep up-to-date with them. The people who don’t vaccinate their kids are being stupid and worse.

Why don’t you re-read my comments and perhaps do a simple Google search yourself before calling me an ‘antivax scum.’
- Anonymous
  
  If you re-read Beryl’s comments he didn’t call you “antivax scum,” he just said those were the people who disseminated a distorted view of Gates’ opinions.
  
  Also, not providing any citation or evidence for your claims dies not make a very convincing argument. Gates has already distributed an unfathomable amount of his own money to the poor and needy, and has pledged to give them the rest by the time he dies. Does that really sound like the kind of person who would complain about the wages of “man-servants and restroom attendants?” Would someone that valued human life as little as you claim he does dedicate his life and fortune to making sure it thrives?
  
  The extent to which Gates is committed to charity really just doesn’t jibe with all of your bizarre opinions of him IMHO.
  - chawke
    
    In Reply to Anon #27:
    
    And now a word from our sponsor – Buffalo Bob:
    
    Say kids, what time is it?
    Kids: It’s Howdy Doody Time!
    
    It’s Howdy Doody Time.
    It’s Howdy Doody Time.
    Bob Smith and Howdy Do
    Say Howdy Do to you.
    Let’s give a rousing cheer,
    Cause Howdy Doody’s here,
    It’s time to start the show,
    So kids let’s go!