Feds: Google stops challenging most US warrants for data on overseas servers

Enlarge (credit: Harold Cunningham/Getty Images)

Google has quietly stopped challenging most search warrants from US judges in which the data requested is stored on oversees servers, according to the Justice Department.

The revelation, contained in a new court filing to the Supreme Court, comes as the administration of President Donald Trump is pressing the justices to declare that US search warrants served on the US tech sector extend to data stored on foreign servers.

Google and other services began challenging US warrants for overseas data after a federal appeals court sided with Microsoft last year in a first-of-its-kind challenge. Microsoft convinced the New York-based 2nd US Circuit Court of Appeals—which has jurisdiction over Connecticut, New York, and Vermont—that US search-and-seizure law does not require compliance with a warrant to turn over e-mail stored on its servers in Ireland. Federal prosecutors were demanding the data as part of a US drug investigation.

Read 8 remaining paragraphs | Comments


Microsoft unveils Project Honolulu, a new GUI for server administration

Enlarge (credit: Microsoft)

While Microsoft continues to invest and expand its PowerShell scripting environment—and pushes new GUI-less Windows environments such as the Nano Server configuration—the graphical user interface isn’t going away. GUI tools retain advantages for certain tasks, such as visualizing data and comparing multiple systems. They also tend to be much easier to use for ad hoc configuration and troubleshooting tasks that depend more on exploration and investigation rather than automation.

Most of Windows’ GUI management tools are built around MMC, first introduced in Windows 2000 all those years ago. MMC is clumsy in a number of ways; for example, different MMC plug-ins handle remote system administration in different ways. MMC also does not provide any easy bridge to task automation. It’s often useful to use the GUI to configure one system and then replicate those settings against other systems.

To that end, the company announced Thursday “Project Honolulu,” a new browser-based graphical management tool that’ll be available as a preview for Windows Server 2016 version 1709, along with certain (currently unspecified) other versions of Windows Server. Microsoft also promises that it will require no additional cost beyond that of Windows Server.

Read 1 remaining paragraphs | Comments

Azure Confidential Computing will keep data secret, even from Microsoft

Enlarge / The Trusted Execution Environment means that even if the application and operating system are compromised, the green code and data can’t be accessed. (credit: Microsoft)

Microsoft announced Thursday a new feature coming to its Azure cloud platform named “Confidential Compute.” The feature will allow applications running on Azure to keep data encrypted not only when it’s at rest (in storage) or in transit (over a network) but when it’s being computed on in-memory. This ability to encrypt data when it’s in use means that it can be kept secure even from Microsoft’s administrators, government warrants, and hackers.

Confidential Computing will have two modes: one is built on virtual machines while the other uses the SGX (“Software Guard Extensions”) feature found in Intel’s recently introduced Skylake-SP Xeon processors. Both modes will allow applications to ringfence certain parts of their code and data so that they operate in a “trusted execution environment” (TEE). Code and data that are inside a TEE cannot be inspected from outside the TEE.

The virtual machine mode uses the Virtual Secure Mode (VSM) functionality of Hyper-V that was introduced in Windows 10 and Windows Server 2016. With VSM, most parts of an application will run in a regular virtual machine atop a regular operating system. The protected, TEE parts will run in a separate virtual machine containing only a basic stub operating system (enough that it can communicate with the regular VM) and only those parts of the application code that need to handle the sensitive data.

Read 4 remaining paragraphs | Comments

Windows 10 Fall Creators Update shaking up privacy settings some more

Microsoft is continuing to tinker with the privacy configuration and options in Windows 10, with the Fall Creators Update, due for release on October 17, including yet more changes to the privacy controls above and beyond those made in the previous update.

The biggest change surrounds not Windows itself, but third-party applications. Similar to applications on mobile platforms, Windows Store applications require permission to access things that might have privacy sensitivity—the camera, microphone, calendar, contacts, and so on. Currently, that permission has been provided implicitly; except for access to location information, which requires an explicit user grant, applications get access to these sensitive things by default. Access can be revoked after the fact, from the Privacy section of the Settings app, so users still have control, but the model is one of opting out of giving applications access, rather than opting in.

With the Fall Creators Update, Microsoft is switching things around to make Windows behave more like mobile platforms: all access to these sensitive things will now require an explicit per-application opt-in, with an on-screen prompt to allow access to, for example, access to the camera. On installing the update, existing applications will retain their permissions, but any new apps installed from the Windows Store will require their access to be enabled.

Read 2 remaining paragraphs | Comments

Windows 0-day is exploited to install creepy Finspy malware (again)

Enlarge / The WSDL parser, where the zero-day was located. (credit: FireEye)

On Tuesday, Microsoft patched a previously unknown vulnerability that researchers say was actively exploited by an undisclosed nation to install surveillance malware on one or more vulnerable computers.

The exploit, according to a blog post published Tuesday by security firm FireEye, was embedded in a Microsoft Word document. Once opened, the document exploited a zero-day vulnerability in Microsoft’s .Net framework. The exploit caused the targeted computer to install Finspy (sometimes “FinSpy”), a family of surveillance software that its controversial developer, UK-based Gamma Group, sells to governments throughout the world. Tuesday’s blog post said the document might have been used to infect an unnamed “Russian speaker.” The vulnerability, indexed as CVE-2017-8759, comes five months after FireEye disclosed a different zero-day being used to distribute Finspy.

“These exposures demonstrate the significant resources available to ‘lawful intercept’ companies and their customers,” FireEye researchers wrote. “Furthermore, Finspy has been sold to multiple clients, suggesting the vulnerability was being used against other targets.”

Read 4 remaining paragraphs | Comments

Teams adds guest access, Microsoft claims 125K orgs use it monthly

Enlarge / Teams looks good, but it’s unfortunate that its chat is quite bulky in a vertical direction. (credit: Microsoft)

Teams, Microsoft’s Slack-like, IRC-like, collaboration tool, picked up an important new feature today: guest access. While announcing the new feature, Redmond also revealed that in the six months since launch, the product has grown to be used by over 125,000 organizations each month.

We asked how many individual users there are, but Microsoft said it had nothing to share on that front.

When it debuted, Teams had a big flaw when compared to Slack—it was only for Office 365 users. Each organization’s Teams chatrooms could only be accessed by people who were part of the organization, essentially individuals with an account in the organization’s Active Directory. This left these chats off-limits to, for example, contract workers—people outside the organization who were nonetheless collaborating on projects.

Read 2 remaining paragraphs | Comments

New Surfaces rumored for late October reveal in London

Enlarge / Surface Pro with a Cobalt Blue Type Cover.

Microsoft is holding a two-day event in London at the end of October called “Future Decoded.” A range of speakers, including Azure CTO Mark Russinovich and Canonical CEO Mark Shuttleworth, will be speaking. Included among their number is Panos Panay, corporate vice president of Microsoft Devices. Panay’s presence, according to sources speaking to The Verge, is because Microsoft will be releasing at least one new Surface-branded device at the event.

What that device may be isn’t known. We know, because the company has told us, that a LTE version of the 2017 Surface Pro is planned, so Microsoft may use the unusual venue—most Surface events have been held in New York City—for a relatively minor release. Alternatively, the company may be moving away from using NYC for its Surface events; the 2017 Surface Pro itself was announced at an event in China.

Beyond the LTE Surface Pro, an updated Surface Book and a new generation of ARM-powered Windows devices are also possible candidates for the event. According to Mary Jo Foley, Microsoft is not yet ready to release updated versions of the Surface Hub whiteboard/conferencing system or the Surface Studio all-in-one PC, though both would be good candidates for a refresh once Intel’s Coffee Lake processors are on the market.

Read on Ars Technica | Comments