Posted by: Tony Bradley
Bahrain, email, encryption, HTTPS, Iran, Microsoft, Nigeria, Sudan, webmail
Yesterday, I wrote a post deriding Microsoft for disabling HTTPS on Hotmail accounts in regions where encrypted communications can literally be a matter of life and death. The EFF (Electronic Frontier Foundation) reported that Microsoft had turned off HTTPS encryption in a number of countries including Iran, Bahrain, Syria, Nigeria, and other nations across Africa and the Middle East.
In nations where political dissidents are commonly imprisoned, tortured, or even killed, the ability to keep communications secret from the prying eyes of the reigning tyrants is crucial. I had developed a subsequent theory that perhaps Microsoft was responding to a request from the US intelligence community. It just so happens that many of the nations where political unrest and rebellion are brewing are also the same nations where terrorist actions often originate.
I asked Microsoft for an explanation for why it chose to disable HTTPS in these specific nations, though, and found out that the reality is much less sinister or insidious. This is the statement I received from Microsoft:
We are aware of an issue that impacted some Hotmail users trying to enable HTTPs. That issue has now been resolved. Account security is a top priority for Hotmail and our support for HTTPS is worldwide – we do not intentionally limit support by region or geography and this issue was not restricted to any specific region of the world. We apologize for any inconvenience to our customers that this may have caused.