nanog mailing list archives

Re: Office 365..? how Microsoft handed the NSA access to encrypted messages

From: Bruce Pinsky <bep () whack org>
Date: Fri, 12 Jul 2013 14:23:43 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matt Baldwin wrote:

While that would secure the connections from snooping if you're mailboxes
are on Office 365 and those mailbox stores do not exits on an encrypted LUN
then a service can easily read the Exchange database; anyone with server
access can read mail across all mailboxes. In fact, Microsoft supports this
type of setup with impersonation, e.g. a global user that can query any
mailbox it has permissions to within Exchange. This is how some EWS
integrated applications work. It wouldn't be that far fetched for the NSA
to incorporate the same type of query to monitor the mailboxes -- even
subscribing to change notifications so it only queries and collects when a
new mail item has arrived. Additionally, Office 365 can simply create a
journal rule and have all inbound / outbound mail journal to a location
that makes it easier for snoops to look through the messages, e.g. an
external SMTP endpoint, all without the end customers' knowledge.

If anyone has any questions on Exchange they, too, can contact me off list.

Just my 2-cents.


Any what's to say that email addresses at Office 365 aren't just mailing
lists where you get a copy and so does $FEDAGENCY.  That's how my kids'
email addresses work at home :-)


- -- 
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf
VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH
=LDSL
-----END PGP SIGNATURE-----

Current thread:

Re: Office 365..? how Microsoft handed the NSA access to encrypted messages, (continued)
- Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Rodrick Brown (Jul 11)
  - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Grant Ridder (Jul 11)
    - RE: Office 365..? how Microsoft handed the NSA access to encrypted messages Eric Wieling (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Grant Ridder (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Tom Morris (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Justin M. Streiner (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Nick Khamis (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Matt Baldwin (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Matt Baldwin (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Nick Khamis (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Bruce Pinsky (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Nick Khamis (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Warren Bailey (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages ryangard (Jul 12)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Valdis . Kletnieks (Jul 13)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Warren Bailey (Jul 13)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Eugeniu Patrascu (Jul 14)
    - RE: Office 365..? how Microsoft handed the NSA access to encrypted messages Keith Medcalf (Jul 14)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Rodrick Brown (Jul 14)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Warren Bailey (Jul 14)
    - Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Randy Bush (Jul 14)

(Thread continues...)