Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft's Windows Update mechanism.
The conflict between snooping governments seeking to defeat encryption and users demanding ever more robust privacy tools has turned into an arms race—and it’s time for arms control talks, Microsoft’s general counsel said on Tuesday.
Resolving that conflict requires a new consensus on how to balance public safety and personal privacy, Brad Smith said in a forum at Harvard Law School. “Ultimately there are only two ways to better protect peoples privacy: stronger technology or better laws,” he said.
Microsoft has released a Fix It to disable the feature which was the subject of the POODLE attack. The Fix It, a program which implements changes in the registry, makes the process simpler than the alternatives.
POODLE is the name given to a vulnerability in SSL version 3.0 found earlier this month by a Google researcher. SSL was supplanted by TLS and the current version is 1.2, but systems may fall back to older versions if the server does not support the newer ones.
Skype for Windows desktop has shed the beta tag in its latest version and is now available for download.
Earlier in the month, Microsoft made a preview version of Skype for Windows and Mac OS X available, which introduced a new user interface similar to that seen on Skype's mobile apps, closely following Microsoft's modern design language while making it look a bit like MSN/Windows Live Messenger.
The cuts of approximately 3,000 employees today are believed to be largely support staff in human resources, finance, sales and marketing and IT. They are part of the 18,000 employees Microsoft officials said back in July that they'd be laying off over the course of a year.