Security

Better late than never: Microsoft rolls out a public preview of E2EE in Teams calls

Only for one-to-one voice and video, mind

Richard Speed Fri 22 Oct 2021 // 17:28 UTC

Microsoft has finally kicked off the rollout of end-to-end-encryption (E2EE) in its Teams collaboration platform with a public preview of E2EE for one-to-one calls.

It has been a while coming. The company made the promise of E2EE for some one-to-one Teams calls at its virtual Ignite shindig in March this year (https://www.theregister.com/2021/03/03/microsoft_ups_security/) and as 2021 nears its end appears to have delivered, in preview form at least.

The company's rival in the conference calling space, Zoom, added E2EE for all a year ago, making Microsoft rather late to the privacy party. COO at Matrix-based communications and collaboration app Element, Amandine Le Pape, told The Register that the preview, although welcome, was "long overdue."

"It's worth noting," she went on, "that even if the calls are encrypted, users will be completely dependent on a single supplier (Microsoft) to host and secure them - they are putting all their eggs in one basket. Meanwhile, text chat and voip/video conferences remain unencrypted."

Then again, as Element found to its embarrassment, everything in E2EE is not entirely straightforward after a whoopsie in the Matrix key sharing scheme could have resulted in the compromise of user keys.

As for Microsoft's implementation in Teams, only real-time media flow (voice and video) for one-to-one calls can be encrypted and the feature must first be enabled by an administrator before users can turn it on. It is not activated by default.

4 stories

The platforms are a bit limited too. The latest Teams desktop client for Windows or Mac is needed, or an up to date app on iOS and Android. Once a user turns on E2EE in one place, however, it will be turned on for all their other supported endpoints. Teams' Public Switched Telephone Network (PSTN) functionality does not support E2EE and chat in E2EE calls remains secured by Microsoft 365 encryption.

Other features – such as live captioning and transcription, call transfer and merging or adding another participant to turn a one-to-one call into a group call – are not supported, although Microsoft said: "We will work to bring end-to-end encryption capabilities to online meetings later."

In the meantime, customers will just have to put their faith in Microsoft 365 encryption where E2EE is not an option. ®

5 Comments

Other stories you might like

Facebook sues scraper who sold 178 million phone numbers and user IDs

Apparently The Social Network^TM is the only one allowed to do nasty things with users' data

Laura Dobberstein Mon 25 Oct 2021 // 08:01 UTC

Facebook has sued a Ukrainian national for allegedly harvesting and selling personal data describing 178 million of the Social Network^TM's users – actions it says violates the service's terms of service.

The suit alleges that Alexander Alexandrovich Solonchenko created millions of virtual Android devices, each with a different phone number, and used them to deliver automated requests to Facebook systems using the Messenger app.

Over 21 months between January 2018 and September 2019, Solonchenko purportedly took advantage of Facebook Messenger's now-defunct Contact Importer feature. The feature allowed users to synchronize their phone address books and see which contacts had an account with The Social Network^TM, presumably so they could contact them on Messenger rather than through other means.

Continue reading
Orders wrong, resellers receiving wrong items? Must be a programming error and certainly not a rushing techie

Some of those punch cards may still be lying at the bottom of a lift shaft

Richard Speed Mon 25 Oct 2021 // 07:33 UTC

Who, Me? Punch cards are the order of the day in a reader confession that takes us back to an unfortunate incident with a trolley. Welcome to Who, Me?

To be fair, punch cards were on the wane at the time of our story in the early 1980s, but our reader (Regomised as "Ivor") was gainfully employed at an international manufacturer still keen on the things.

After all, if a system wasn't broken, it didn't need fixing, right?

Continue reading
Asia's 'superapps' bundle ride-share, food delivery, even financial services – and they're beating big tech

China backed the concept of tools users perceive as an extension of the OS, not just an app

Laura Dobberstein Mon 25 Oct 2021 // 07:03 UTC

Catch a ride, pay your utility bills, order your dinner, top up your insurance, chat with friends – how many apps did you need to get that lot done? In much of the world North America and Europe your answer could involve a fistful of apps, but in Asia you could do it all in one, thanks to rise of the "superapp".

Superapps are, for now, largely an Asian phenomenon, although the concept is more than a decade old. Blackberry founder Mike Lazaridis coined the term in 2010 to mean "a closed ecosystem of many apps that people would use every day because they offer such a seamless, integrated, contextualized and efficient experience".

Academic and researcher of digital business models and ecosystems at Singapore's ESSEC Business School Dr Jan Ondrus thinks a better definition for a superapp is essentially "an operating system".

Continue reading

Electronic Frontier Foundation ousts co-founder John Gilmore from its board

He's free of governance duties now, but still an emeritus member

Simon Sharwood, APAC Editor Mon 25 Oct 2021 // 05:58 UTC

Electronic Frontier Foundation (EFF) co-founder John Gilmore has been removed from any active role on the digital rights organisation's board but will continue to serve as emeritus member.

"Since he helped found EFF 31 years ago, John Gilmore has provided leadership and guidance on many of the most important digital rights issues we advocate for today," wrote EFF executive director Cindy Cohn.

If your instincts tell you that's the kind of prose that presages a "but", your instincts were correct.

Continue reading
Cleanup on aisle C: Tesco app back online after attack led to shopping app outages

With an average 1.27 million orders a week, many customers left hacked off

Laura Dobberstein Mon 25 Oct 2021 // 05:03 UTC

The UK's largest retailer, supermarket titan Tesco, has restored its online operations after an attack hack left its customers unable to order, amend, or cancel deliveries for two days.

A Tesco statement acknowledges disruption to the giant's grocery website and app, claiming "an attempt was made to interfere with our systems, which has caused problems with the search function on the site."

The gigantic grocer has also said there's no reason to believe customer data is or was at risk.

Continue reading
Here comes the blob: Asia's top 'net boffin thinks 'shapeless services' could replace the Internet

Common network services are less important when we've moved to apps hosted at the edge

Simon Sharwood, APAC Editor Mon 25 Oct 2021 // 03:58 UTC

What will the internet look like in the year 2071? Geoff Huston, chief scientist the regional internet registry the Asia Pacific Network Information Centre (APNIC), thinks there may not be an internet – or at least not as we know it today.

Huston's thinking is outlined in a presentation he made to a recent IBM Research event on the Future of Computer Communications Networks.

The talk opened by pondering what predictions one would have made in 1921 – a time when Huston reckoned forecasting huge growth in voice telephony would have been a logical conclusion, but faxes and digital technology would not. He then repeated the exercise with 1971 as his starting point, and concluded that predicting computers would become a consumer product would have been hard to do at a time when the dominant personal electronics product was a pocket calculator.

Continue reading
NASA sets a date to begin lunar tuning

First Artemis mission is stacked on a rocket – now for five punishing sets of tests before liftoff

Simon Sharwood, APAC Editor Mon 25 Oct 2021 // 00:18 UTC

NASA has set a date for the test of the technologies it hopes will see it return to the Moon and explore Mars: February 2022.

The agency on Saturday announced that its Orion spacecraft has been stacked atop the Space Launch System (SLS) rocket, and if all tests go well is expected to make an uncrewed test flight around the Moon.

The mission – the first in the Artemis program – is billed as "the first integrated test of NASA's deep space exploration systems". NASA's plan is to send the SLS into space, whereupon the Orion capsule will head for the Moon.

Continue reading
Japanese bloke collared after using AI software to uncensor smut and flogging it

Plus: Explore the limits of language models in bizarre research experiment, and more

Katyanna Quach Sat 23 Oct 2021 // 03:30 UTC

In brief A man was detained in Japan for selling uncensored pornographic content that he had, in a way, depixelated using machine-learning tools.

Masayuki Nakamoto, 43, was said to have made about 11 million yen ($96,000) from peddling over 10,000 processed porn clips, and was formally accused of selling ten hardcore photos for 2,300 yen ($20). He pleaded guilty to violating Japan's copyright and obscenity laws, NHK reported this month.

Explicit images of genitalia are forbidden in Japan, and as such its porn is partially pixelated. Don't pretend you don't know what we're talking about. Nakamato flouted these rules by downloading smutty photos and videos, and reportedly used deepfake technology to generate fake private parts in place of the pixelation.

Continue reading
Florida man accused of breaking Mastodon's open-source license with botched social network launch

Golf enthusiast given 30 days to cough up code

Chris Williams, Editor in Chief Sat 23 Oct 2021 // 00:38 UTC

A Florida man has been accused of breaking the copyleft license of Mastodon by running an online instance of the software without providing its source code as required.

And not only that, the real-estate baron and wannabe tech tycoon has been told he has a month to fall in line with the fine print or put himself potentially at risk of further action.

Mastodon is a Twitter-like microblogging service that you host yourself. Servers running this software can form a larger, decentralized social network.

Continue reading
Antitrust battle latest: Google, Facebook 'colluded' to smash Apple's privacy protections

Amended Texas complaint alleges backroom efforts to maintain ad dominance and more

Thomas Claburn in San Francisco Fri 22 Oct 2021 // 22:51 UTC

Several years ago, to deal with the competitive threat of header bidding – a way for multiple ad exchanges to get a fair shot at winning an automated auction for ad space – Google allegedly hatched a plan called "Jedi" to ensure that its ad exchange always won.

And in 2017, after Facebook announced plans to support header bidding, Google, it's claimed, struck a deal with Facebook – dubbed "Jedi Blue" – in which the two internet behemoths would "work together to identify users using Apple products," and set up "quotas for how often Facebook would win publishers’ auctions."

The Jedi project is described in an amended complaint, filed Friday, that expands the December 2020 antitrust claim against Google, brought by Texas, 14 other US states, and the Commonwealth of Puerto Rico.

Continue reading
Microsoft under fire again from open-source .NET devs: Hot Reload feature pulled for sake of Visual Studio sales

Windows giant has a funny way of 'loving' Free software

Tim Anderson Fri 22 Oct 2021 // 20:58 UTC

Updated Microsoft has enraged the open-source .NET community by removing flagship functionality from open-source .NET to bolster the appeal of Visual Studio, not least against its cross-platform cousin Visual Studio Code.

The two key pieces in this latest unrest are this pull request in the open-source .NET SDK repository on GitHub, in which 2,500 lines of code implementing a feature called Hot Reload are removed from a tool called dotnet watch; and this blog post in which Principal Program Manager Dmitry Lyalin revealed "we’ve decided that starting with the upcoming .NET 6 GA release, we will enable Hot Reload functionality only through Visual Studio 2022."

Hot Reload is a feature whereby developers can modify source code while an application is running, apply the changes, and see the results in the running application. It speeds the development process because it is quicker than rebuilding the code, stopping the application, applying the changes, and then firing it up again.

Continue reading

ABOUT US

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Your Consent Options Cookies Privacy Ts&Cs

Review and manage your consent

Manage Cookie Preferences

Topics

Resources

Situation Publishing

Get our Weekly newsletter

Security

Better late than never: Microsoft rolls out a public preview of E2EE in Teams calls

Only for one-to-one voice and video, mind

Similar topics

Other stories you might like

Facebook sues scraper who sold 178 million phone numbers and user IDs

Orders wrong, resellers receiving wrong items? Must be a programming error and certainly not a rushing techie

Asia's 'superapps' bundle ride-share, food delivery, even financial services – and they're beating big tech

Electronic Frontier Foundation ousts co-founder John Gilmore from its board

Cleanup on aisle C: Tesco app back online after attack led to shopping app outages

Here comes the blob: Asia's top 'net boffin thinks 'shapeless services' could replace the Internet

NASA sets a date to begin lunar tuning

Japanese bloke collared after using AI software to uncensor smut and flogging it

Florida man accused of breaking Mastodon's open-source license with botched social network launch

Antitrust battle latest: Google, Facebook 'colluded' to smash Apple's privacy protections

Microsoft under fire again from open-source .NET devs: Hot Reload feature pulled for sake of Visual Studio sales

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

SIGN UP TO OUR DAILY NEWSLETTER