Microsoft Training May Have Helped Tunisian Regime To Spy On Citizens

An anonymous reader writes "A document released in the recent Cablegate leak reveals that Microsoft provided training to the Tunisian Ministries of Justice and the Interior in exchange for exemption from the country's open software policy. These Ministries would soon put the training to use by phishing for the social networking credentials of bloggers, reporters, political activists and protesters. Microsoft's assistance resulted in the sale of 12,000 software licenses to the Tunisian government." The cable itself details the effort Microsoft put into negotiating a deal. Their clear intent was simply expanding into a new market, but the author of the cable was skeptical of the Tunisian government's adherence to its stated goals. Quoting: "In theory, increasing GOT law enforcement capability through IT training is positive, but given heavy-handed GOT interference in the internet, Post questions whether this will expand GOT capacity to monitor its own citizens."

Re:In other news

[Anonymous Coward]

GE makes missiles and other weapons of mass destruction.

Caterpillar sells bulldozers to Israel that are used to run over and kill people, as well as illegal home demolitions.

In other news, blissfully ignorant American is ignorant.

how about a scanned contract?

[decora]

http://www.fhimt.com/leaks/contrat-entre-microsoft-et-le-gouvernement-tunisien/ [fhimt.com]

Support de l'autorité de certification électronique reconnue au niveau de Microsoft IE

Microsoft inclura dans son cycle de mise à jour des autorités de certificats au niveau d'Internet Explorer, le support de l'autorité de certification nationale. De son coté, le Gouvernement Tunisien procédera à une demande écrite dans ce sense auprès de Microsoft pour la mise en place de cette procédure

google translation:

Support for electronic certification authority recognized at Microsoft IE

Microsoft will include in its cycle of updating the certificate authorities in Internet Explorer, support for the national certification authority. For its part, the Tunisian Government will make a written request in this sense to
Microsoft's implementation of this procedure.

English translation:

Tunisia's certificate authority allows it to release it's own SSL certificates. Microsoft agrees to include Tunisia's CA certificates in Internet Explorer updates.

Thats fine. But it also allows the dictator to spoof https sites and thus snoop on people even if they are using SSL. There is evidence that exactly this has happened in Tunisia with sites like gmail. See

http://advocacy.globalvoicesonline.org/2010/07/05/mass-gmail-phishing-in-tunisia/ [globalvoicesonline.org]

I know there is a lot of bullshit assumptions in some of the articles on this issue, but there is definitely some fire at the heart of the smoke.

Re:Wow

[ozmanjusri]

Your're batshit insane.

And you're intentionally blind to reality.

offering general computer training--that was Microsoft's only intent,

1. 1. The cable specifically mentions Microsoft knew the Tunisian government would misuse the training.
2. 2. Microsoft knowingly provided CA certs so the Tunisian government could use spoofed https sites to spy on, and persecute their own citizens.

Microsoft did these things because they are a deeply unethical company that is so obsessed with eliminating competitors they are prepared to trample civil rights if it forwards their goals.

It's interesting that you share the same ability to ignore ethics and evidence in your determination to evangelise for Microsoft.