Microsoft claimed it didn't turn off HTTPS in Hotmail

SOFTWARE OVERLORD Microsoft has denied responsibility for shutting off its "always on" HTTPS security feature in Hotmail affecting more than a dozen countries.

Over the weekend, people signing into their Hotmail account found that their account was blocked. They were hit with an automated response that said they couldn't use their Windows Live ID because the encrypted HTTPS feature was not available on their account.

The list of countries affected included Bahrain, Morocco, Algeria, Syria, Sudan, Iran, Lebanon, Jordan, Congo, Myanmar, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan. In other words, a lot of areas where citizens live under repressive regimes.

Initially fingers at the Electronic Frontier Foundation pointed to Microsoft for undermining the security of Hotmail but it seems that the Vole is dumbfounded and doesn't know what happened. Microsoft did however issue an odd denial that it was responsible for the HTTPS block.

"We are aware of an issue that impacted some Hotmail users trying to enable HTTPs. That issue has now been resolved," blogged a Volish forum moderator.

Up until November, Hotmail users had their data sent by unencrypted plaintext. The introduction of always on secure sockets layer (SSL) encryption was designed to protect users against potential malware and secure against data privacy breaches. The unexpected failure of HTTPS encryption affected users in countries where they need it most. µ