436
submitted 7 months ago by testeronious@lemmy.world to c/privacy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] TWeaK@lemm.ee 84 points 7 months ago

You cannot use the new Outlook app without syncing these data with Microsoft's servers, i.e. your usernames and passwords are sent to the company's cloud servers. While the data is sent using TLS, the IMAP and SMTP username and password are sent to Microsoft in plain text. This could allow the company to access your emails, and share the data with third-parties.

Not only that, but sending usernames and passwords in plaintext allows for MITM attacks.

[-] cm0002@lemmy.world 17 points 7 months ago

Isn't MS on the government shit list right now over security missteps that led to the breach of gov officials?

[-] Echo5@lemmy.world 2 points 7 months ago

Not sure what difference that makes since the military uses the MS office suite for everything

[-] lazynooblet@lazysoci.al 9 points 7 months ago

I expect what they mean is that the credentials are encrypted only in transit

[-] shadycomposer@lemmy.world 3 points 7 months ago

I think outlook iOS has been storing credentials on server since day one, even before it was acquired by Microsoft. I’m not sure what the new outlook app means.

this post was submitted on 05 Apr 2024
436 points (98.2% liked)

Privacy

32177 readers
639 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS