MS Removes HTTPS From Hotmail For Troubled Nations 147
An anonymous reader writes "Microsoft has removed HTTPS from Hotmail for many US-embargoed or otherwise troubled countries. The current list of countries for which they no longer enable HTTPS is known to include Bahrain, Morocco, Algeria, Syria, Sudan, Iran, Lebanon, Jordan, Congo, Myanmar, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan. Journalists and others whose lives may be in danger due oppressive net monitoring in those countries may wish to use HTTPS everywhere and are also encouraged to migrate to non-Microsoft email providers, like Yahoo and Google." Update: 03/26 17:08 GMT by T : Reader Steve Gula adds the caveat that "Yahoo! only does HTTPS for authentication unless you're a paying member."
Re:The Point? (Score:4, Insightful)
Re:The Point? (Score:5, Insightful)
Hotmail users who browse the web with Firefox may force the use of HTTPS by default—while using any Hotmail location setting—by installing the HTTPS Everywhere Firefox plug-in.
Yahoo??? (Score:5, Insightful)
Re:Easy to remedy (Score:5, Insightful)
On the other hand, the oppressive governments over there will LOVE that. It's probably even better than insecure FB or Twitter since everything ultimately goes to the people's emails.
As someone from one the mentioned countries, I'd like to ask Microsoft, do you realize now you might be very well putting many people at a greater risk of being arrested or killed. People are being KILLED for expressing some of their opinions in some of these places these days.
SHAME ON YOU MICROSOFT
Re:Cool it. (Score:5, Insightful)
Ah, those silly Microsoft programmers with their "bugs." [nytimes.com]
Re:Obsolete info (Score:3, Insightful)
Wow, that's a lot less sensational than Microsoft depriving troubled nations of privacy. What are the chances that the story will be amended to reflect this?
Strange Bug (Score:2, Insightful)
Why would it only affect those countries? Testing showed that it only affected people with their location set to certain countries and that merely changing the country would allow it to work again.
There may be an innocent explanation for that, but it's DAMN strange and really makes it appear that there's spying going on, somewhere.
Re:Easy to remedy (Score:3, Insightful)
Dude its a fricking bug. It isn't even a fricking bug that blocks HTTPS, it just doesn't set it as default. Big fricking whoop, you just have to go in and set it. And anybody who is in a repressive country and sending shit that may get them in trouble to their email account without even using Tor or some other obfuscation is seriously asking for it anyway.
Their "bug" (if that is really what it is) has just exposed a lot of people to arrest, abuse, and murder. Just because you're laying your life on the line every day with what you say in your email because it reflects opposition to your local mass murdering tyrant doesn't mean you should also know a lot about Web technologies. Until today it was sufficiently responsible to use Hotmail with HTTPS. Suddenly it's not, and lots of people at risk will be at much greater risk than they can be expected to realize. And some of them might get killed, beaten or kidnapped for it.
But it's so easy for you to say "ZOMG" safely from your Web terminal while you do nothing remotely as risky as these people are doing every day.