Microsoft contractors had woeful security when reviewing Cortana and Skype recordings, report claims

Not only did Microsoft outsource the reviewing of Cortana and Skype audio recordings to contractors, but a fresh report now claims that the company did so in China with pitiful security measures in place.

This follows on from the revelation last August that Microsoft employees and third-party contractors were listening to Cortana and Skype interactions, analyzing recordings with the goal of improving the services.

This raised predictably big question marks over privacy and security – particularly because the audio data sometimes involved quite personal details and information, by all accounts, being sent for processing outside of Microsoft.

But at the time, the report from Vice’s Motherboard noted that Microsoft insisted the audio data analyzed was only available to these external contractors via a secure online portal, but the new report in The Guardian claims otherwise, having spoken to a former contractor.

That contractor says that this program ran for years with literally “no security measures”, and over in China, he reviewed thousands of such Cortana and Skype audio recordings on his personal laptop in his home in Beijing – for two years. (Initially, he did work from an office, but apparently was soon allowed to work from home).

The worker claims that contractors could access the recordings simply using a web app in Google Chrome, and they all had a Microsoft account freshly set up using the same password, no less. Login details (just a simple username and password) were emailed to contractors in plain text.

Security nightmare

The contractor further claims that there was practically no vetting of the staff doing these recording evaluations, and the whole setup sounds like a security nightmare, frankly.

If all these details of the lax security are on the money, the fact that the operation was based in China also raises the prospect of the Chinese government having had access to these Cortana and Skype recordings. That’s particularly worrying in terms of Skype, of course, where full conversations were carried out.

At the time of the original report, Microsoft revised its privacy policy to clarify that such (anonymized) audio recording analysis is carried out not just on an automated basis, but also by humans.

Since then, The Guardian report notes, Microsoft has ceased such grading programs for Skype and Cortana for Xbox, and the rest of its human evaluation of recordings is now done in “secure facilities”. These are located in a small number of countries, and not China.

As we pointed out last year, Microsoft does also have a tool for deleting your voice recordings from its servers.

Source: TechRadar - All the latest technology news

By: Darren Allan

SumUp launches Mastercard-powered ‘SumUp Card’ for business payments
SumUp launches Mastercard-powered SumUp Card ...
Nokia julkisti yhtiön ensimmäisen 5G-puhelimen
Nokia julkisti yhtin ensimmisen 5G-puhelimen ...
Google closes $2.6B Looker acquisition
Google closes $2.6B Looker acquisition ...
NEXT LEVEL PROTECTION THAT WILL BLOW YOUR MIND ... 2.0 workflow platform lets companies build custom apps 2.0 workflow platform lets companies bu ...
Best portable monitor 2020: the top USB-connected screens
Best portable monitor 2020: the top USB-connected ...