Wowza. I would ask a sort of rhetorical question about how could Microsoft let t... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

ThaDood on Oct 14, 2022 | parent | context | favorite | on: Microsoft Office 365 Message Encryption Insecure M...

Wowza. I would ask a sort of rhetorical question about how could Microsoft let this happen. Then quickly realize that is Microsoft and I'm not all that surprised.

The icing on the cake? "The report was not considered meeting the bar for security servicing, nor is it considered a breach. No code change was made and so no CVE was issued for this report."

So basically, they know about it and don't seem to give a shit.

gw99 on Oct 14, 2022 | [–]

Your last line is the current operating position for Microsoft.

They hide this under marketing blogs.

hbn on Oct 14, 2022 | | [–]

Didn't you hear?

They <3 open source!!!

ealexhudson on Oct 14, 2022 | [–]

OME is also accepted/compatible with Gmail, Yahoo!, etc.

Would be interesting to know whether they suffer the same issue, or those implementations chose a proper encryption mode..

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact