Microsoft Blocks FSF Donation Website As a 'Gambling Site' 301
An anonymous reader writes "The FSF slammed Microsoft for categorizing donate.fsf.org website as a 'Gambling Site.' Corporate systems that use a Microsoft 'network security' program cannot access FSF donation website because of this and as a result, many people were unable to make donations. FSF has submitted a correction to Microsoft and they are now waiting for a response. However, John Sullivan warned corporate about Microsoft's proprietary network security programs."
Stay grounded (Score:5, Insightful)
Hysterics and hyperbole do not serve us well.
IF MS ignores the correction, sure. But that hasn't happened, has it?
Re: (Score:2, Interesting)
Frankly, the idea that this could be accidental in the first place is ludicrous.
Antivirus vendors classifying the competition as malware is an easy mistake due to antivirus software employing similar methods to viruses in examining memory. Classifying a non-profit organization as a gambling site? Not an easy mistake. Doing it to a site belonging to a rival organization? Yeah, no.
Re:Stay grounded (Score:5, Insightful)
Frankly, the idea that this could be accidental in the first place is ludicrous.
Frankly, the idea that it wasn't accidental is ludicrous, I would doubt very highly that MS has humans categorising sites, instead it's probably all automated based on roughly the same tech as email spam filters.
Agreed (Score:2)
I'd agree that fsf.org was almost surely miss-categorized by a filtering algorithm.
In particular, Microsoft has surely added filters that reduce the possibility that Windows users happen upon software that directly competes with Microsoft's offerings.
In principle, they'd avoid blocking important sites like fsf.org, but presumably they block less important stuff. It's simply that fsf.org fell through the cracks.
Re: (Score:3)
FSF.org doesn't offer software. You'd have a point if they had blocked Gnu.org.
Re: (Score:2)
FUD, as I'm sure you know(I can't tell if you're being sarcastic, so I'll assume not). Worst thing that can happen is you'll not be able to sell your product again and you may be open to a copyright-related lawsuit resulting in some money lost, but noone can force you to open your code.
Re: (Score:3)
All it takes is a simple whitelist to prevent this kind of idiotic mistake.
A simple white list that has to be built somehow... The traditional way of building this white list, is wait and see what gets blocked that shouldn't, and white list it when someone complains. Someone has complained now, so I'd expect a white listing within the next day or two >.
Re: (Score:3, Informative)
Frankly, the idea that it wasn't accidental is ludicrous, I would doubt very highly that MS has humans categorising sites, instead it's probably all automated based on roughly the same tech as email spam filters.
Here's an idea: Then don't filter our shit! Let me decide where I want to visit.
-Mac user, so I don't really care
That is funny, the single largest malware infection in modern times, as percentage of user base infected, was the Mac Flashback malware infecting 1% of OSX user base. The biggest Windows epidemic, Conficker, infected 0.7% of Windows machines. (http://www.pcworld.com/businesscenter/article/253403/mac_malware_outbreak_is_bigger_than_conficker.html)
Re: (Score:3, Insightful)
Re: (Score:2)
So you're saying that I should care? What do you suggest I do? Vote with my dollars? I've already done that.
Maybe write a strongly worded letter to Redmond? Maybe rage on forums about it until Microsoft folds?
I'm open to ideas.
Re:Stay grounded (Score:4, Insightful)
You could start by leaving little comments like "I don't care, I use a mac" out of your post, because while you might have intended it to have no harm, that transforms the rest of your post into flamebait. Don't bitch when your kindling catches fire.
Re:Stay grounded (Score:5, Interesting)
Frankly, the idea that this could be accidental in the first place is ludicrous.
No, MS aren't stupid. They would know such a block could not stand for long and would generate much bad publicity for them. They'd much rather just ignore the FSF. Now they'll probably have to apologise to them. Never ascribe to malice what can be explained by stupidity.
More likely the FSF home page, with all of its talk about "free software" was classified by MS's filters as a warez site.
Re:Stay grounded (Score:5, Insightful)
No, MS aren't stupid.
Citation needed. Bringing obviously-faked evidence into a courtroom seems like a strong counter-example to this claim.
Never ascribe to malice what can be explained by stupidity.
Wait, now you're saying they are stupid? :)
More likely the FSF home page, with all of its talk about "free software" was classified by MS's filters as a warez site.
That might make sense if it had been classified as a warez site. But it wasn't. If I had to make an honest guess, mine would be an in-house joke used during testing that got left in when they went live.
That's assuming they do fix it and apologize. Otherwise, I think we're back to malice. ;)
Re: (Score:3)
So, you wrote a self modifying .exe that writtes on the hosts file, and you didn't imagine it would be tagged as a trojan?
I'd advice you to not compress the next version of your software, or if you really must, use a normal zip algorithm, using mainstream lib.
Re: (Score:2)
Go away, APK, and stop shilling your software.
Re: (Score:2)
of course, from experience here? Anyone posting AC is usually a troll also!
There, fixed that for ya
Re:Stay grounded (Score:5, Funny)
You must be new here. What have you done with 30651? Is he ok? What are your demands?
Re: (Score:2)
You, sir, win the internet today.
Re: (Score:2)
donate.fsf.org is just a redirect (Score:5, Informative)
Re:donate.fsf.org is just a redirect (Score:5, Informative)
You can also use Tor to bypass blocks like these.
Eh....
It is not impossible to block Tor. A standard approach is to have the firewall block all Tor entry nodes, which forces people to use bridge nodes instead. Increasingly, though, there is an approach that is much harder to evade: blocking of connections that match Tor's "fingerprint" i.e. because Tor uses OpenSSL in a way that can be distinguished from Firefox+NSS etc.
Of course, there is a bright side if you are dealing with a school or corporate firewall: you can always set up a system at your house that you SSH to, and use as a proxy server. That was something friends of mine used to do in high school.
Re: (Score:2)
Evidently one can also try connecting to the suspected Tor node in question and seeing if it "speaks Tor" -- this utility [dan.me.uk] appears to use that method.
My understanding is that's what the Chinese are doing to detect bridge nodes, though I very well could be wrong.
Re: (Score:3)
So they're blocking Tor, but allowing SSH connections?
Re: (Score:2)
malice or incompetence? (Score:4, Insightful)
what's that old saying "never attribute to malice what can be attributed to incompetence" or whatever? I mean this is MS we're talking about...
Re:malice or incompetence? (Score:5, Insightful)
what's that old saying "never attribute to malice what can be attributed to incompetence" or whatever? I mean this is MS we're talking about...
Which makes malice in the guise of incompetence particularly insidious and effective.
In the absence of clear evidence one way or the other, it's best to reserve judgment regarding malice vs incompetence where a recidivist [wikipedia.org] company notorious [wikipedia.org] for its dirty tricks [catb.org] is concerned. The aphorism you quoted (especially the "never" bit) is overridden in this case by Microsoft's track record of cunning malice, mind-boggling incompetence, incompetent malice, and malicious incompetence. It could be any of them.
Re: (Score:2)
Especially since the number of people who want to donate to the FSF while using Microsoft's software is approximately zero.
Re:malice or incompetence? (Score:5, Informative)
Re: (Score:2)
Re: (Score:2)
yeah, they should sue microsoft for defamation and ... effectively get a large donation.
Re: (Score:2)
In any case, the damage done is the same. Saying "I didn't mean to!" is not an acceptable defence for a bug.
Re:malice or incompetence? (Score:4, Insightful)
The most obvious answer is that a handful of Microsoft fanboy admins submitted the site just to mess with FSF fanboys. These things have all been crowd sourced for years.
Most of these tools us a proprietary list that takes an unknown number of input votes to block something. Then you have to ask very nicely to get off the list that gets published to the masses. It's censorship by the noisiest submitters. It's much like how big websites like yahoo or Engadget keep getting their emails "automatically" blocked by spam filters. A few high influence admins just keep hitting the Spam button on work accounts and 1000 users have to unblock to get it off the spam list.
There IS a process at most of these filter agencies if you grease the right palms, you will get on the mythical "white" list. Whether you are big name sites like Amazon that can bully to keep your name off, or the list runner has a sweet spot for Equestria Daily... But that's a "private list decision"
Re: (Score:2)
The 21st century version: Never attribute to malice what can be attributed to automation.
It would be extremely tempting to attribute stupidity and incompetence on Microsoft's part. Stupider than that however is not knowing up to what point you should trust a system. Example: GPS. If your GPS shows there's supposed to be a bridge in front of you, but all you see is a ditch, do you drive on, confident that the GPS is never wrong, or do you trust the evidence of your eyes?
Re: (Score:3)
Automation is supposed to be smart enough to detect edge cases. If not it's just buggy software. Saying that something is automated, is not an excuse for it to make wrong decisions.
Re: (Score:2)
I am sorry, but using a bitcoins as a single factor to rule out a site as legitimate is a bug in the design of the filtering machine. There needs to be different levels of severity based on a set of features. It is not 100% effective, but if MS labels it as being "not a bug but a feature", it just means they are being lazy (which is okay, maybe they don't have time to make it better).
Re: (Score:2)
Agreed. Norton just started blocking my mom's blog site because Google made a minor change (blogspot.com). Stuff happens.
Re: (Score:2)
I would struggle to even call it incompetence, I would bet the lists are made up by web crawlers applying roughly the same algorithm as email filtering... Quite frankly, it's not incompetence if your bot hits the occasional false positive.
Non-proprietary options? (Score:2)
John Sullivan warned corporate about Microsoft's proprietary network security programs.
Are there any non-proprietary corporate network security options?
Re:Non-proprietary options? (Score:4, Insightful)
http://www.csoonline.com/article/597063/network-security-three-open-source-options [csoonline.com]
Re: (Score:2)
Re: (Score:2)
99.999% of the users out there don't know jack shit about how to create a security application. Myself included. (Not the same as at least trying to write an application to prevent security leaks like buffer overflow etc). That said, if the user is fundamentally in control of the software, they are pretty much guaranteed to have no security. I would much rather pay money for
Legal Response (Score:4, Insightful)
The FSF should sue Microsoft for loss of donations and ask for punitive damages for monopolistic anti-competitive behavior.
Rocky's Response (Score:3, Funny)
Ah, Bullwinkle, that trick never works.
Re: (Score:2)
Yet I wouldn't be surprised if the FSF saw a small increase in donations due to this story bringing the FSF to the front of people's minds. How many readers here are thinking right now, "Oh yeah, I haven't donated to the FSF in a while, maybe I should go do that"?
Re: (Score:2)
The FSF should sue Microsoft for loss of donations and ask for punitive damages for monopolistic anti-competitive behavior.
Because the ever-paranoid geek couldn't wait to make his charitable donation from home after working hours?
But was more than willing to risk a donation to the EFF being exposed to his employer?
Re:Legal Response (Score:5, Informative)
Or...
The FSF should realize that twdx.net, their provider, also hosts gambling sites such as http://www.poker-tester.com/ [poker-tester.com] etc, and that their IP may have either been previously used by a gambling site, or was blacklisted in a block along with other gambling sites hosted at that provider.
It's nice out today and doesn't look like rain. You can take off the tin-foil hat.
BS Legal Response (Score:4, Informative)
FSF has no grounds to sue Microsoft, even if this is deliberate. Microsoft has no monopoly or close to it in the webfilter arena. Microsoft isn't secretly mucking with dns or some other blatantly illegal action. Client corporations voluntarily elect to use Microsoft's security software to control their own traffic. MS makes no claims that it is 100% accurate. Additionally, MS has procedures in place to correct a misclassification [microsoft.com]. And even if they didn't, there's no standard by which third-party private web filters are actionable, other than say, breach of warranty of fitness for a particular purpose. But in that case, the proper plaintiff would be Microsoft's customer, not FSF.
Oh, FSF might lose some donations? How is that MS's problem? FSF's suing Microsoft is like advertisers suing the makers of NoScript and Adblock for depriving them of eyeballs.
Re: (Score:2)
Re: (Score:2)
The point isn't work vs. home but that Microsoft is using it's power to block competition. They're not leaving it up to their customer to decide if they want to block access, but instead are miis-classifying that competitors site as a gambling site so that the customer is likely to block it as most customers are going to block gambling sites.
Are they using IE ? (Score:2)
All's fine until you try that. Like this guy, he can browse smoothly, usi .. see ... right pages using cleartype ...
oh, wait... http://www.youtube.com/watch?v=N1zxDa3t0fg
Never attribute to malice... (Score:2)
breast cancer web sites some times get flagged (Score:2)
breast cancer web sites some times get flagged as sex / pron sites.
maybe some thing on the site trigger a bot to flag it.
Abusing their monopoly??? (Score:2)
Corporate structure = cover for the perfect crime (Score:2)
Some employee could be acting alone to do such things; but then the lack of documentation allows for the perfect cover. Unless required to keep emails and memos for every action and a policy or law to retain those in a secure fashion you can't be sure of WHO is behind many actions performed.
Obviously, SOMEBODY does it but with a chain of command it is so much easier to spread, dilute, and HIDE blame.
Shocked?? (Score:2)
Re: (Score:2)
anyone ever try to use hotmail in non-IE browsers or chat on msn via trillian?
Er, yes. It works fine.
I don't think I've ever had problems with Hotmail and non-IE browsers since the service was founded. Of course, I usually just use Hotmail for throwaway junk accounts but I've never had any issues.
I don't use Trillian, but Pidgin works fine with MSN chat.
Microsoft has done some shady things in the past, but it'd seem rather foolish for them to screw around with their major services like Hotmail and MSN Chat...
Re: (Score:2)
I've never once had any trouble running any 3rd-party software on Windows. Apple's walled garden worries me WAY more than anything MS has ever done.
Microsoft network security tools (Score:2)
Microsoft have a terrifying security history, who is using their network security tools?
Can someone give me a list of those companies so I can make sure I don't deal with them?
Re: (Score:2)
Here are some:
Not network security but built on .NET.
StackOverflow.
Newegg.
Plentyoffish.
Geico.
Re: (Score:3)
Here are some:
Not network security but built on .NET.
Here is a list of fish:
cod
salmon
place
haddock
What was your point again?
Windows users are gamblers in themselves (Score:2)
MS Artificial Unintelligence (Score:3)
Re: (Score:2, Informative)
How do you explain that a "mistake" was made when the site is so "obviously not a gambling website", eh?
Someone put that "gambling" tag on that site, eh? Is it likely that the person who put that tag on donate.fsf.org did it purely by mistake when it is so obviously not a gambling site?
Re:MS (Score:4, Insightful)
You think there is a person in Microsoft who tags every web page out there?
The list is made by a computer to try to catagorize them based on words in the page and other links. Sometimes software makes odd mistakes.
Oh there is an exception then they fixed it.
Re: (Score:2)
At least if you're paying Microsoft for the service, they're obliged to fix it.
Can you show me where they guarantee to fix bugs? All I've ever seen is a denial of liability. They'll say it performs "substantially as advertised" for 90 days, but no more than that.
On the other hand, most open source software explicitly denies all warranty, but is still more responsive to bug reports.
Re: (Score:2)
How do you explain that a "mistake" was made when the site is so "obviously not a gambling website", eh?
Someone put that "gambling" tag on that site, eh? Is it likely that the person who put that tag on donate.fsf.org did it purely by mistake when it is so obviously not a gambling site?
Oh, so you're one of these people who think malware, spam and virus filters are edited exclusively by humans?
Re:MS (Score:4, Interesting)
Yes, that's pretty likely.
If Norton can mark critical system files as collections of viruses and delete them, I believe that someone at MS can mark a website incorrectly. This doesn't seem deliberate at all, given the gambling tag. It might have even been an automatic move, if MS is too cheap to hire someone to do the work.
Re: (Score:2)
Anyone is "too cheap" to hire people to do the work. You just write the bot and have a small team or two go over the reported false-positives and such
Re: (Score:3)
How do you explain that a "mistake" was made when the site is so "obviously not a gambling website", eh?
Because it's using an IP address (or is within a range) that is/was also used by a gambling site?
Re: (Score:2)
Re: (Score:2)
What a load of anti microsoft tripe.
Pretty much sums it up.
Re:Microsoft is the bad guy, how exactly? (Score:5, Informative)
Why is everyone so paranoid
https://en.wikipedia.org/wiki/Halloween_documents [wikipedia.org]
Even if they don't allow it, maybe they would rather their employees donated in their own free time and not on their network?
You could at least read and understand the summary (RAUTFS?). It is not just Microsoft's own network; this is something a Microsoft product that is used on numerous corporate networks is doing.
Re: (Score:2)
And that being said I doubt MS did this out of malice. I had seen in websense false positives because one ip address shared multiple named vhosts, with one being porn or something else unsavory. There is probably an equally mundane explanation here. Hell maybe they got their hands on a bl
Re: (Score:2)
Re: (Score:3)
They didn't submit a correction of a faulty website. They submitted a correction of a faulty website classification. FSF has done nothing wrong; the only problem here is Microsofts amazingly self-serving mistake.
Re: (Score:2)
Because if I labeled every Microsoft email "spam" in my Gmail would they get blocked for EVERYBODY on Gmail? Obviously each filter list has a SECRET way of keeping high profile organizations from being put on Filter lists no matter how many Slashdot admins try to get Microsoft.com blocked.
So WHO decides to put the Big Guys on that "untouchable" list that are known honest sites? This is the "secret censorship" of the modern corporate-run world. Just find a label like "Gambling" and you shame people from even
Re: (Score:2)
Your argument is invalid. There is no spoon.
Re:Why is this news? (Score:5, Interesting)
There's speculation that their accepting of Bitcoin inadvertantly categorised them as a gambling website. Bitcoin is popular for gambling sites now because of the lack of restrictions for such sites to exist compared with normal gambling sites which can take days to deposit and many hoops to jump through. It does not seem malicious or incompetent that this mistake happened.
Re:Why is this news? (Score:5, Funny)
Hi, I'm on the Microsoft firewall team. I'll explain what's going on.
First off I should say that the Free Software Foundation is in fact a type of gambling site seeing as how it can cause people to lose their sense of free market capitalism. Having free software means that for-profit software industries are losing money that would otherwise be spent on expensive and high quality software systems like Microsoft Windows. So yes the economy is losing money to free software just like gambler's lose money to the casino.
Microsoft also endeavors to protect children from obscene and immoral ideas that are related to socialism, like the free software movement. So yes, "free software" is among the words on our block list. Other dangerous words that we will protect children from are:
gun control
global warming
evolution
Noam Chomsky
Canada
medical marijuana
Green Peace
Al Jazeera
Julian Assange
Israeli Apartheid
corporate welfare
union
taxation
Digital Restrictions Management
public school teacher
anal probe
Re:Why is this news? (Score:5, Funny)
I concur that we should do everything in our power to protect our children from anal probe.
Re:Why is this news? (Score:5, Funny)
Yes! Don't let children near priests!
Re: (Score:2)
I'm Canadian, and upon reading that part I burst into laughter loud enough that people are now asking me what was so funny.
Re:Why is this news? (Score:5, Funny)
"Whatcha ya laughin' aboot, eh?"
"You'll love this, someone mentioned Canada, eh."
"Ooh, ya, that's a good one, eh!"
Re:Why is this news? (Score:5, Funny)
Re: (Score:2, Insightful)
While I think that both sides in this debate/war are behaving like asshats, I do believe that you are tarring a whole nation with a rather broad brush here. The fact that a certain number of stupid people from either side wish to keep on killing doesn't justify the current Israeli policy (quietly supported by the US) of starving the population out of existence. And if you're looking for citations & quotes, fuck off, I really cannot be bothered today.
Comment removed (Score:4, Insightful)
Re: (Score:2)
Your parent is agreeing that it's a mistake. But probably a mistake due to a slightly overzealous filter as opposed to gross incompetence. Even highly competent individuals/organizations make mistakes.
Re:Why is this news? (Score:5, Insightful)
Of course the panel front and center which reads:
Stand up for your freedom to install free software
!
Join 30,000 people in opposing Microsoft's Restricted Boot by signing this statement [fsf.org]
Has nothing to do with it.
Re: (Score:2)
Re: (Score:2)
Bitcoin is popular for gambling sites now because of the lack of restrictions for such sites to exist compared with normal gambling sites which can take days to deposit and many hoops to jump through.
Bitcoin is getting more popular with everyone as PayPal continues to strive for new levels of asshatery. Unfortunately, I see this happening more. I also see myself looking more into bitcoin...
Re: (Score:2)
There's speculation that a security program that ends up classifying sites featuring bitcoin as gambling, sucks.
What is the reason behind this mistake/sabotage/whatever? who cares.
Re:Why is this news? (Score:5, Insightful)
That looks pretty incompetent to me.
Re:Why is this news? (Score:5, Funny)
Re:Why is this news? (Score:5, Funny)
I don't know who makes the ban list that my company uses, but fedora's site is blocked, classified in the category "Tasteless". Other Linux distros' sites are fine.
I think someone has a sense of humor ;)
Re: (Score:2)
I think someone has a sense of humor ;)
Maybe they don't like systemd...
Re: (Score:3)
Besides, have you ever tried to eat a fedora hat? Well then.
Re: (Score:3, Funny)
Re: (Score:2)
Summer Slashdotter, or what? (Score:2)
Where have you been? Sullivan's been with the FSF [fsf.org] for about a decade.
Re: (Score:2)
What if trying to donate on behalf of your company, which still uses MS on the desktop, but has a server room filled with FSF software (in other words, if you're a typical modern company).