Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday June 07, @04:05PM   Printer-friendly [Skip to comment(s)]
from the so-they-say dept.

Microsoft Teams calls are getting end-to-end encryption in July:

Microsoft Teams is getting better security and privacy next month with the addition of end-to-end encrypted 1:1 voice calls.

While Microsoft Teams already encrypts data at rest and in transit, it allows administrators to configure automatic recording and transcription of voice calls.

Due to this, Microsoft Teams calls are not suitable for sharing very sensitive information that should remain private between two individuals.

Starting in July, Microsoft Teams is getting end-to-end encryption for 1:1 VoIP calls so that their discussions remain entirely private.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0, Funny) by Anonymous Coward on Monday June 07, @04:42PM

    by Anonymous Coward on Monday June 07, @04:42PM (#1142797)

    As soon as this launches, I'm going to call Nadella and have a private conversation about how much Microsoft Teams sucks.

  • (Score: 2, Insightful) by Anonymous Coward on Monday June 07, @04:44PM

    by Anonymous Coward on Monday June 07, @04:44PM (#1142799)

    Hey guys, look at me: I'm spinning a negative into a positive because I think my customers are dumb and have an attention span measured in the single-digit second range. They'll forget about the fact that these things /weren't/ encrypted in no time; and instead of chastising me for daring to deploy something so insecure and idiotic, they will laud me and tell others how "brave" it is of us to finally do the minimum possible in regards to security... In fact, they'll use this to recruit more idiots^Wcustomers for my product.

  • (Score: -1, Offtopic) by Anonymous Coward on Monday June 07, @04:48PM

    by Anonymous Coward on Monday June 07, @04:48PM (#1142802)

    Microsoft Teams calls are not suitable for sharing very sensitive information that should remain private between two individuals.

    If it should stay between two individuals, why do you inject Teams in there? Why do you inject a piece of software by a company that surveils you as if you are cattle?

    Maybe the sentence should instead read:

    Microsoft Teams is not suitable.

  • (Score: 1, Interesting) by Anonymous Coward on Monday June 07, @05:13PM (5 children)

    by Anonymous Coward on Monday June 07, @05:13PM (#1142810)

    Intel Corp just switched to this flaming turd of software. I just refuse to run it, and people can only contact me via email now.

    • (Score: 3, Informative) by Anonymous Coward on Monday June 07, @05:40PM (4 children)

      by Anonymous Coward on Monday June 07, @05:40PM (#1142819)

      My work decided to use this shite as well-- we have a moron in a high position.

      Teams is the worst most buggy crap I've ever used. In the middle of a call, it decided my microphone shouldn't work anymore. Then 5 minutes further into the same call, it decided the text messages I send would no longer be delivered leaving me to email my input, in real time, to the other call participants-- I could see/hear the other participants the entire time. My work is using it to distribute documents too now (dictate from that same high up moron), and it can take several minutes to retrieve a stupid phone list which took seconds to retrieve prior to Teams. Mostly, it is used as a severely bloated and buggy chat client.

      I added a couple rules that send me emails when folks try to message me / mention me or a few topics I am primary on, in a chat. And, whenever someone suggests a Teams call, I request that it be switched to Zoom (or just a damn phone call, if it is only two of us). Both have been acceptable to others so far, and I haven't been forced to battle MS Teams for, at least, a few weeks now.

      The only folks who are able to use MS Teams are the few windows users at work (a tiny minority), and they might just have very low expectations about software quality and accept the buggy shit as normal. One guy claims the electron app works OK for him, but I don't have enough free resources to devote a couple gigs of ram and multiple CPU cores to a chat client. I've only used the web version (in multiple browsers) and have pretty much given up on getting anything to work / work reliably.

      MS Teams == worst software / product ever.

      • (Score: 0) by Anonymous Coward on Monday June 07, @06:15PM

        by Anonymous Coward on Monday June 07, @06:15PM (#1142833)

        We've got an IRC server running that the pointy-hairs haven't shut down yet, so that works well for multi-person communication. The only niche I can come up with that Teams fills is it makes it easier for the lawyers to hand over conversations every time Intel gets sued.

      • (Score: 0) by Anonymous Coward on Monday June 07, @10:11PM (1 child)

        by Anonymous Coward on Monday June 07, @10:11PM (#1142925)

        It's funny you mentioned Zoom, browser client, and quality in the same message.
        Apparently I'm the only person on the whole Internet whose Zoom Web client stops the audio when I bring another full screen window in front of it.
        À slightly smaller window allowing some pixels of Zoom to be shown leaves the audio running. And yes, I've confirmed myself that the meetings are not configured to detect that people are paying attention.

        I mean, anybody who thinks this is quality software has some serious cognitive issues.

        • (Score: 0) by Anonymous Coward on Monday June 07, @10:24PM

          by Anonymous Coward on Monday June 07, @10:24PM (#1142929)

          Zoom maybe shit too, but in comparison it is good, in at least, it usually somewhat works.

          And, GP did not say Zoom was quality-- that was only the voice in your head. Try to read and respond to what is written instead of creating strawmen to slay.

      • (Score: 2) by Gaaark on Monday June 07, @10:49PM

        by Gaaark (41) on Monday June 07, @10:49PM (#1142940) Journal

        MS Teams == worst software / product ever.

        Windos == worst software / product ever.

        --
        --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 2) by turgid on Monday June 07, @06:02PM (2 children)

    by turgid (4318) Subscriber Badge on Monday June 07, @06:02PM (#1142827) Journal

    Don't worry, I'm sure the FBI, CIA, NSA and NRO will have no trouble at all.

    • (Score: 0) by Anonymous Coward on Monday June 07, @06:51PM (1 child)

      by Anonymous Coward on Monday June 07, @06:51PM (#1142848)

      And your manager.
      And HR.
      And the corporate lawyers.

      After all, they paid for the enterprise support

  • (Score: 2) by DannyB on Monday June 07, @06:18PM (2 children)

    by DannyB (5839) Subscriber Badge on Monday June 07, @06:18PM (#1142835) Journal

    However bad you think Teams is, how bad it actually is is not equal != to how bad you think it is. It's not as bad as you think.

    Microsoft wants to assure you that Teams -- NOW WITH ENCRYPTION !!! -- will have all of the security that you have come to expect from the Microsoft brand name. So don't worry.

    --
    Never use a needlessly simple solution to a problem when a much more complex solution would suffice.
    • (Score: 2) by bzipitidoo on Monday June 07, @07:09PM

      by bzipitidoo (4388) Subscriber Badge on Monday June 07, @07:09PM (#1142854) Journal

      Ahh, security, MS style. Where the customer is seen as one of the threats. From that, it logically follows that MS is also a potential threat. MS's answer to that one is propaganda, not promises that they won't spy on people, nor accuse them of piracy. Indeed, part of "security" is being "secure" from accusations of piracy, by allowing these big corporations to scan everything, or just plain keep you locked in a walled garden, so that they can know you aren't a dirty rotten pirate.

    • (Score: 0) by Anonymous Coward on Tuesday June 08, @04:27PM

      by Anonymous Coward on Tuesday June 08, @04:27PM (#1143185)

      Encryption so good that absolutely nobody will be able to decrypt it. Not even the recipient.

  • (Score: 0) by Anonymous Coward on Monday June 07, @06:18PM (3 children)

    by Anonymous Coward on Monday June 07, @06:18PM (#1142836)

    I'm sorry, but this is mostly bullshit kind of like with Signal and the others.

    The connection may be encrypted but the initial handshake is not secure as it cannot be since the keys are on the devices and are not authenticated end-to-end. So first connection can always be intercepted and decoded. The only way to avoid this is to verify the keys of the other party out-of-band (if this is done with persistent keys). If the connection is always just ad-hock without persistent keys, then every connection can be intercepted.

    Encryption without authentication may be impossible to decipher after the fact, but it can always be MITM.

    The only thing they talk about is Microsoft will not record the sessions or have their AI transcribe them.

    • (Score: 0) by Anonymous Coward on Monday June 07, @09:37PM (2 children)

      by Anonymous Coward on Monday June 07, @09:37PM (#1142915)

      Proper DH key exchange allows for safe creation of a mutual shared key even if you don't know the other client's secret key but does not support authentication. That would require an account with some company you trust to vouch for the other client or some sort of prior public announcement (on a blockchain?) of the other client's credentials. You could also use public/private keys.

      • (Score: 0) by Anonymous Coward on Tuesday June 08, @12:32PM (1 child)

        by Anonymous Coward on Tuesday June 08, @12:32PM (#1143104)

        Proper DH key exchange .... You could also use public/private keys.

        Yeah, thanks for confusing the two.

        DH key exchange happens with help of public/private keys. The key is signed by the private key and verified by the public. Without this step, the entire DH exchange is totally vulnerable to MITM.

        Client #1 MITM Client #2

        If DH is via MITM, then MITM can just be between the two clients and see everything, modify, etc and just re-encrypt and forward. This is the only reason to have the CA system. The only reason why one needs to verify the keys if you don't trust the root or share the root.

        So yes, DH is used to exchange ephemeral keys, but you still need to verify them and this is where the public cryptography comes in.

        • (Score: 0) by Anonymous Coward on Wednesday June 09, @02:42AM

          by Anonymous Coward on Wednesday June 09, @02:42AM (#1143401)

          No confusion at all except at your end. You do need some sort of authentication when using DH to avoid mitm. The authentication could be via a trusted cental site using proprietary methods, or by public/private keys with all the CA infrastructure, or by using a distributed public announcement of appropriate info. Any secure authentication method can be used and should be used with DH.

  • (Score: 3, Informative) by bradley13 on Monday June 07, @07:20PM (1 child)

    by bradley13 (3053) Subscriber Badge on Monday June 07, @07:20PM (#1142857) Homepage Journal

    OK, I run the Linux client, which is way behind the Win/Mac client. That said, I have fewer problems with Teams than with just about any other conferencing software.

    Each one (and by now, I've used them all) has its quirks. Each one offers some nice feature, and is missing something else.

    It's a bit wild out there - company X uses Team's, company Y uses Zoom, company Z uses Webex. While it's frustrating, the huge positive: this is competition at its best, and is driving all solutions forwards.

    --
    Everyone is somebody else's weirdo.
    • (Score: 0) by Anonymous Coward on Monday June 07, @08:16PM

      by Anonymous Coward on Monday June 07, @08:16PM (#1142886)

      Teams is worse than you give it credit for being.

      The workflow of mashing together private conversations with every-single-meeting I'm invited to is awful. It's an endless struggle of muting and ignoring conversations so I can keep up with work I'm actually trying to focus on. Unlike a real chat application, I can't prioritize personal conversations to keep work going. I can't even group my "meetings" into a box I check less frequently. Teams is highly disruptive to my work and I don't plan to use it for anything but meetings.

      Lync was bad, but at least it was SIP based so you could use Pidgen.

(1)