Former Microsoft Privacy Chief Doesn't Trust Company, Uses Open Source Software 199
MojoKid writes "Microsoft's onetime Chief Privacy Advisor, Caspar Bowden, has come out with a vote of no-confidence in the company's long-term privacy measures and ability or interest to secure user data in the wake of the NSA's PRISM program. From 2002 — 2011, Bowden was in charge of privacy at Microsoft, and oversaw the company's efforts in that area in more than 40 countries, but claims to have been unaware of the PRISM program's existence while he worked at the company. In the two years since leaving Microsoft, Bowden has ceased carrying a cell phone and become a staunch open source user, claiming that he no longer trusts a program unless he can see the source."
Now, also make it understandable (Score:5, Funny)
The next obvious step is to ... (Score:5, Insightful)
... use caution in everything we do.
There is no way we can understand everything. There are just too many things out there that we use daily - even software alone consist of so many layers ( from the spreadsheet software program that we use, to the device drivers, the OS, to the embedded firmwares residing inside the chips, to the myriad mix of software that keep the Net humming.
Yes, I know, it is no fun.
The paranoids have a point, after all --- BIG BROTHERS (plural) want to know everything about us.
Re:The next obvious step is to ... (Score:5, Insightful)
even software alone consist of so many layers ( from the spreadsheet software program that we use, to the device drivers, the OS, to the embedded firmwares residing inside the chips, to the myriad mix of software that keep the Net humming.
Don't forget the compilers and linkers that build the software. The source may look fine, but where did the compiler come from?
Re: (Score:2)
Re:The next obvious step is to ... (Score:5, Informative)
Re: (Score:3)
A trick that relies on the compiler recognizing its own code, which, as the code is edited over the years, would require truly amazing AI. Thompson had it fairly easy, because he was dealing with a relatively simple and fairly static compiler, and could use simple pattern matching to identify the places to insert his trojan. GCC, on the other hand, has undergone some major rewrites over the years.
Of course, if you really want to be sure, you can load the compiler source into something completely different.
Re: (Score:2)
Every Intel CPU since Sandy has a nice cellular link built in. You can't even trust your processor these days.
Sure you can. Just don't buy Intel.
Re: (Score:3)
...and what SIM card does it use? Because you don't get 3G without a SIM card, and 3G is not free to use. You get the bill for it, or does Intel have some form of international superserver?
It's true that paranoia turned out to be real, but come on.
Re:The next obvious step is to ... (Score:4, Interesting)
Re: (Score:2)
The 3g side can be seen as another security option for: power is connected, a computer of interest is networked: ~wake up and authorized administrator commands sent.
http://www.tomshardware.com/news/sandy-bridge-vpro-core-i7,12353.html [tomshardware.com]
Re: (Score:3)
I guess it's the entitlement culture... that insists that an infinite number of things be known by them without having to put an infinite amount of time into it.
Maxwell's Information Demon says: "Hi! It looks like you're trying to enumerate an infinite number of uncountably infinite sets in your head! Would you like me to read to you from the collected works of Kurt Godel and Georg Cantor while you're waiting to finish that? Aleph-1 Klein bottles of beer on the wall, Aleph-1 Klein bottles of beer, take one down, pass it around, Aleph-2 Klein bottles of beer, hey! Darn, I broke one. Now there's Koch snowflakes all over the Sierpinski carpet. Got a Menger sponge?"
Re: (Score:3)
Re: (Score:2)
That was Ken Thompson, co-developer of Unix, in "Reflections on trusting trust".
http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]
Re: (Score:2)
Unless all your CPU chips have the Ken Thompson Hack in the Microcode. Then they could all evaluate the same even if they were differently tailored to your specific system.
What you have to do is fabricate your own chips. Mine are the size of a garage wall perimeter, made out of contactor units, emulating MIPS at just under 0.01 cycles per second, and noisy enough to end three relationships.
Read this FA ... (Score:3, Informative)
http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/ [scienceblogs.com]
Both AC and disposable60 were trying to explain to you the concept outlined by Mr. Thompson.
Read, and ponder.
Re:The next obvious step is to ... (Score:5, Funny)
Open source compilers... that compile themselves.
It's compilers all the way down.
Re:The next obvious step is to ... (Score:5, Funny)
Open source compilers... that compile themselves.
It's compilers all the way down.
My god, it's even worse: Turtle Logo compilers!
Re: (Score:2)
Funny, but incorrect. Somewhere at the bottom is the assembler that the first compiler was written in, and the hand-assembled machine code the first assembler was written in... then you have to trust Intel and AMD to not install NSA back doors in their chips. Build your own computer out of discrete components and it will cost a fortune, take a large building to hold, and be very slow compared to chips.
We're screwed.
Re: (Score:2)
Depends which governments you trust the least...
There are various ARM cores designed by the british, and other implementations of the instruction set designed elsewhere...
Then you have some MIPS cores developed by the chinese...
Re: (Score:3, Insightful)
There is no way we can understand everything.
True, but one can understand everything about something, and enough of everything to get by. If you know how electricity and electronic components work, how logic gates and ALUs work, know assembly and higher level languages you can pretty much understand enough.
The secret is reading LOTS of books and then practicing. Unfortunately, 97% of the population are aliterate -- they can read, but don't. I don't understand those people! Probably never will.
Re: (Score:3, Funny)
The other 3% can't spell illiterate.
Re: (Score:2)
I suspect some small fraction of that 3% isn't actively illiterate, but simply unread enough to not recognize the difference between aliterate and illiterate... or to recognize that aliterate is a legitimate word [google.com] which is not merely another synonym for "illiterate".
Re: (Score:2)
aliterate
The other 3% can't spell illiterate. ;)
Irony?
Re: (Score:2)
Does slashdot count as reading?
Re: (Score:2)
Re: (Score:2)
If you know how electricity and electronic components work, how logic gates and ALUs work, know assembly and higher level languages you can pretty much understand enough
... to be really scared.
Like they say, if you want to sleep at night you don't actually want to know how sausages, laws or semiconductor devices [wikipedia.org] are made.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
The next obvious step is not to use it unless you can understand it.
So you're not going to use your car because you don't understand internal combustion engines or the chemical properties of gasoline?
Re: (Score:2)
Re: (Score:2)
Would certainly reduce congestion on the roads - I can just see Cpatain Slow and the hampster trying to coach Jeremy Clarkson through that part of the driving test :-)
Quick question--do you know how your mouse or trackpad works? :-)
Re: (Score:2)
Re: (Score:2)
The next obvious step is not to use it unless you can understand it.
So you're not going to use your car because you don't understand internal combustion engines or the chemical properties of gasoline?
That's easy to understand. What's hard to understand is why you fools let the car manufacturers convince you that they should be capable of getting 100 MPG standard by now, that's why I don't drive you. In the 70's my dad worked for Shell, and they demoed a car at a company picnick that got 70 MPG. What I don't understand is why they would put a remote kill switch in the onboard computer.... So I don't drive those kind of cars....
Re: (Score:2)
Right...
why don't you teach your grandma how to understand it? Do you even know what you're saying?
Re: (Score:2)
Re: (Score:3)
DIdn't mean that. Complexity is usually a sign of bad design. Actually, most of concepts in CS are pretty straightforward ...
Counterargument: the Rubik's Cube is a pretty snazzy, simple design. Try to solve it.
Re: (Score:2)
It's an incredibly simple design with an easy algorithm of simple steps for solving it. It's the person that complicates the process of solving the cube by over thinking it.
Simplicity is the sign of a genius while fools stay lost in complexity.
Re: (Score:2)
Actually solving a Rubics cube can be done the way most problems are solved, a piece at a time, and selecting a starting point to work from there.
1. Pick a side to start with and get all the squares of that side the same. (e.g. put all the blue sides on one face of the cube.)
2. Check the corners of each side and move them around until each corner is correct. (e.g. the blue side is put back intact, but now the two blue/red corners have red on the same side, the two blue/green corners have gr
Re: (Score:2)
Actually, gp is a little right, although most people misunderstand the Amish relationship with technology. They don't ban all technology; rather, they make a conscious decision about whether to adopt or not adopt a new technology, based upon their values. In the same way, instead of using every new technology that someone tries to sell to us, we should evaluate it using non-technical metrics to determine whether using it is really the right thing to do. Much of social media, cloud storage, and proprietary c
Good for him (Score:5, Insightful)
Without assigning any kind of reason to his shift in attitudes - it's refreshing to see a privacy officer come out like this. I can't think of a reason any CPOs should act differently.
Re: (Score:2)
C3PO can only act according to his program.
Re: (Score:2)
Unfortunately the write protect bit was set. Thank god that the Evil bit was not.
Re: (Score:3)
Re: (Score:2)
I think it says more about mobile networks than it does about him.
That said, once upon a time I worked at Microsoft, back in the just-after-9/11 days. Seeing how the place worked is one of the reasons that I haven't owned a system that ran Microsoft since 2001.
Re: (Score:3)
It does indeed say more, but it doesn't say that he's crazy.
Re:Good for him (Score:5, Insightful)
He seems to have gone a little too "tinfoil-hat" for my tastes. He doesn't carry a cell phone anymore. I think that says a lot more than becoming an open source user.
If the government mandated that everybody carry a tracking device, keep it on at all times, and that they'd be storing the tracking data in perpetuity, there'd be a goddamn revolution.
But when they do so voluntarily, and the NSA steals all that data - leading to the exact same end point - people are all like, "oh, look, Walter White is twerking again."
At least this guy is being true to his privacy milieu.
Re: (Score:2)
If the government mandated that everybody carry a tracking device, keep it on at all times, and that they'd be storing the tracking data in perpetuity, there'd be a goddamn revolution.
Yes, because the primary, explicitly stated purpose of the device is to take away your privacy. Cell phones are primarily intended to facilitate communication independent of physical location. Cell phones do need to have an idea of your location, but that data doesn't NEED to be stored. Storing the data is done for corporate/government convenience, and it is indeed done in poor taste and generally against the wishes of the user...but no one owns a cell phone for the intent of getting tracked by the governme
Re: (Score:2)
Re: (Score:2)
More tinfoil than me... I at least carry a phone. I do use open source when possible (which is almost always when I'm not at work). A landline can be tapped, too, so unless he has no land line he hasn't thought it through. If the feds want in, they'll get in.
Except not today! The tea party shut the whole damned government down (which is always their #1 priority anyway).
Re: (Score:2)
The tea party shut the whole damned government down (which is always their #1 priority anyway).
If only ... all the Tea Partiers I know want to Pledge their Allegiance to a strong constitutional republic.
As if that experiment hasn't already been run...
Re: (Score:3)
Neither does RMS...is he a bit tinfoil-hat too?
I think he's the next level up: toe cheese canapes.
Re: (Score:2)
Caspar Bowdens testimony in the EU Parliament (Score:5, Informative)
Last week, Caspar Bowden testified at a hearing in the European Parliament, and presented a report on the NSA surveillance to the European Parliament's Committee for Fundamental Rights LIBE.
Link to the report: http://www.europarl.europa.eu/meetdocs/2009_2014/documents/libe/dv/briefingnote_/briefingnote_en.pdf [europa.eu]
Link to the Youtube-video with Bowden's statement and the following Q&A (63 min): http://youtu.be/qa83l2_ZzEo [youtu.be]
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Routing Connections from Point A to Point B (Score:5, Interesting)
The article mentions that a connection from one point to anohter within Europe would likely stay within Europe. Maybe technically... On a recent trip to Paris I did a traceroute to an e-mail server in Switzerland, and essentially what I saw was: Paris (F) -> London (UK) -> Paris (F) -> London (UK) -> Paris (F) -> Lyon (F) -> Geneva (CH). There might be good reasons why the connection would go through London, but twice, and then come back? Considering that the UK is closely collaborating with the US in its data gathering, I have a feeling that this routing was not entirely by accident.
Re:Routing Connections from Point A to Point B (Score:5, Funny)
There might be good reasons why the connection would go through London, but twice, and then come back?
Perhaps the packet forgot its toothbrush?
Never attribute to malice what can be adequately explained by stupidity.
Re:Routing Connections from Point A to Point B (Score:5, Informative)
I'm pretty sure that you don't really know where the physical hardware using the intermediate IP addresses shown in the traceroute actually was. Reverse DNS tends to show who owns it, *not* which country it's in. And geoip services are doing well if they can identify the right country in Europe, let alone anything more accurate than that.
Even if you did see routing like that, and it really did go to the cities you claim, it still wouldn't be that odd - when routing is optimized at all it's optimized for cost, rather than distance. For long-haul the two tend to go together, but for relatively short distances in the well-connected first world they don't.
Re: (Score:2)
I'm pretty sure that you don't really know where the physical hardware using the intermediate IP addresses shown in the traceroute actually was. Reverse DNS tends to show who owns it, *not* which country it's in. And geoip services are doing well if they can identify the right country in Europe, let alone anything more accurate than that.
Even if you did see routing like that, and it really did go to the cities you claim, it still wouldn't be that odd - when routing is optimized at all it's optimized for cost, rather than distance. For long-haul the two tend to go together, but for relatively short distances in the well-connected first world they don't.
Not all network providers provide useful rDNS, but many (like Level3, Hurricane Electric, etc.) do -- their reverse DNS clearly indicates the location of that particular node (HE uses three letter abbreviations of city names, like "sjc" for "San Jose, California" or "ash" for "Ashburn, Virginia". Level3 includes the full name of the city.).
I've also seen odd routing paths. Usually they're transient and clear up at some later point.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Who guarantees you that *all the other* packages are not taking a different path?
http://linux.die.net/man/1/tcptraceroute [die.net]
http://manpages.ubuntu.com/manpages/gutsy/man1/paratrace.1.html [ubuntu.com]
Re: (Score:2)
You might of saw packets still inside LINX.
Re: (Score:3, Funny)
If you didn't tell me I would have assumed:
Paris (Maine) -> London (Ohio) -> Paris (Pennsylvania) -> London (Minnesota) -> Paris (Texas) -> Lyon (Mississippi) -> Geneva (New York).
Message received (Score:5, Insightful)
Recent history teaches us that he knows things that he is not allowed to talk about. This is his way of legally signalling that all is not well.
We have congresscritters trying to send the same message, without being labeled "traitors". See http://www.wyden.senate.gov/news/press-releases/wyden-udall-statement-on-reports-of-compliance-violations-made-under-nsa-collection-programs [senate.gov]
Re:Message received (Score:5, Insightful)
You're not thinking cynically enough.
With my Slashdot ubiquitous Microsoft Shill hat on consider the following.
If you don't like/trust/use Microsoft, you are immature and stupid and a stinking long-haired communist FOSS hippy.
Someone from the company you HATE leaves the company and announces that they don't trust their former employer which also happens to be the company you HATE, and that they have converted to the FOSS way.
That means what you suspected all along is true! Right?
Ah but, it's a trap! You see, the FOSS is back-doored to high heaven as well and all this is a psychological trick to make you feel secure and validated in your own mind.
Muhahahhahahhahah! Elop will soon rule the galaxy.
Re: (Score:3)
Re: (Score:2)
I don't remember the exact string of characters, but I think your reply should include in part 'NO CARRIER' :)
+++
ATH0
Re: (Score:2)
Ah but, it's a trap! You see, the FOSS is back-doored to high heaven as well and all this is a psychological trick to make you feel secure and validated in your own mind.
That's exactly what they want you to think! /turtles
Re: (Score:2)
Sounds like the Congress could use something like Parliamentary privilege [wikipedia.org] principle:
I'm surprised MS had a Chief Privacy Advisor... (Score:5, Funny)
that itself is more newsworthy. At first glance I thought Piracy Advisor; who suggests making things difficult to pirate.
Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?
Re: (Score:2)
Re: (Score:2)
They are a mega-corporation whose main business involves selling software that interoperates with both their own and other software, and there is a lot of data exchange involved, covering the scale from OS's to apps to large networked DBs. Practically everything they do either directly impacts user data or has the potential to do so, so of course they are concerned about user privacy issues. Whether they are concerned enough to say no the NSA is...well, it seems in light of recent news that we can say they
Re: (Score:2)
Practically everything they do either directly impacts user data or has the potential to do so, so of course they are concerned about user privacy issues.
Facebook?
Re: (Score:2)
Hehe, Facebook is concerned as well, but their concern is more along the lines of "private data is valuable, so sell all we can without getting sued or driving away all the product (users)". I'm sure they have lawyers who spend all day talking about privacy, 24/7.
Re: (Score:2)
Vaguely, by maintaining customers' loyalty and trust. Specifically, by keeping Microsoft out of the court battles that some [wired.com] other [bloomberg.com] companies [cmo.com.au] are fighting [wired.com].
Re: (Score:2)
Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?
It helps people trust them and buy their software. Probably while they should do neither.
Former Employee Uses Competing Product (Score:4, Funny)
Should have just kept quiet (Score:2)
Now that he's opened his mouth he's on their radar for sure.
Re: (Score:2)
They can't put everybody on their radar!
C The Source (Score:2)
#define P(X)j=write(1,X,1)
#define C 39
int M[5000]={2},*u=M,N[5000],R=22,a[4],l[]={0,-1,C-1,-1},m[]={1,-C,-1,C},*b=N,
*d=N,c,e,f,g,i,j,k,s;main(){for(M[i=C*R-1]=24;f|d>=b;){c=M[g=i];i=e;for(s=f=0;
s=0&&k=16!=M[k]>=16))a[f++
]=s;if(f){f=M[e=m[s=a[rand()/(1+2147483647/f)]]+g];j=jb++?b[-1]:e;}P(" ");for(s=C;--s;P("_")
)P(" ");for(;P("\n"),R--;P("|"))for(e=C;e--;P("_ "+(*u++/8)%2))P("| "+(*u/4)%2
);}
shapiro.c [ioccc.org] from IOCC [ioccc.org] 1985
Recall Ubuntu/Shuttleworth: "You trust us already" (Score:2)
Recall Ubuntu's Mark Shuttleworth (http://www.markshuttleworth.com/archives/1182):
"Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already. You trust us not to screw up on your machine with every update. You trust Debian, and you trust a large swathe of the open source community."
I trust Debian, even if the server breaches from ten years ago had me "worried" (http://www.internetnews.com/dev-news/article.php/31125
Re: (Score:2)
Re: (Score:2)
Yeah 2 years is ok between vulnerability introduction by the maintainer and the fix, right? It's not like openSSL is used for anything important?
Open source is peer reviewed and secure, right?
Scroogled by Microsoft! (Score:2)
So, Microsoft's been scroogling us all along. Funny how these things work out.
Not to worry... (Score:2)
This ought to lay everyone's concerns to rest:
Azure certified by DOD [slashdot.org]
Obviously, this guy is just disgruntled. Nothing to see here..
citizen or no (Score:4, Insightful)
Um, and if I'm a citizen, I'm protected from prism? Nuh uh.
I don't need to be able to understand the source c (Score:2)
Re:Worthless (Score:5, Informative)
He doesn't have too, it appears that the Key exchange protocols were weakened and it's not necessary to break AES but extract the keys during KEP negoitiation. http://www.zdnet.com/has-the-nsa-broken-ssl-tls-aes-7000020312/ [zdnet.com]
You also have to remember that it's a negotiation and unless you set your browsers up and websites to use more secure protocols you could default to say RC4-RSA under SSLv2.0. There's acknowledged flaws in TLS 1.0 (SSLv3.0) but it wasn't until a couple of months ago that Firefox supported TLS 1.1 and it still doesn't support TLS 1.2. Chrome (Version 30+) and IE (9+) support TLS 1.1 and TLS 1.2. So you should see more and more websites turning on TLS 1.2 support and turning off TLS 1.0 and 1.1 if they can. http://en.wikipedia.org/wiki/Transport_Layer_Security [wikipedia.org]
I've already had change requests come in from customers to get away from AES and to push more TLS 1.2 out there and you're already seeing companies and other government agencies distancing themselves from NIST blessed standards and that's lamentable but the credibility of the organization has been irreparably compromised by NSA influence. As a result, may see more ChaCha [wikipedia.org] or more TwoFish implementations start to come into the mix over this, which is a good thing because it means that we have diversity in ciphers and less reliance on NIST and its standards processes.
Re: (Score:2)
The ENIGMA system is so complicated that no-one will be able to break it.
Re: (Score:2)
Re: (Score:2)
I know that word, and I do not think it means what you think it means.
Re: (Score:2)
Being as there is a deterministic hardware state machine that successfully executes the instruction sequence that you're interested in disassembling, I'd have to disagree with your assertion that "not all programs can be successfully dis-assembled.". If the processor can execute it, the code can be disassembled.
Re: (Score:2)
Being as there is a deterministic hardware state machine that successfully executes the instruction sequence
There's a Mr Shroedinger and a Mr Bohr here to see you about that statement. Oh - sorry. A single Mr Shroedinger-and/or-Bohr.
And a Mr Murphy, who just set both their beards afire to, and I quote, "see what would be the worst that could happen."
Re: (Score:2)
Is it that if something requires more effort than merely wishing on a star that not only will you not do it, you will refuse to believe anyone will?
The technology may some day exist to decompile a binary into a set of comprehensible source files that elicidates the architecture of an arbitrarily complex code base, but today that does not exist.
Re: (Score:2)
Re: (Score:2)
Do need to get rid of your speedpass, Just randomly steal a neighbors unit off their dash every morning.
TPMS is a joke anyways.
Same for the plates, snag the car's plate at the same time. Bonus points of you attach them magnetically and swap with your own so they never know and your data is used to create noise in the system.
Bank accounts and CC is also easy to spoof/ use non attached if you know where to look.
And you can easily communicate safely via the internet if you have an IQ over 100. I assume he
Re: (Score:2)
It's utopian, and silly, to think that 1. everyone can so carefully inspect all software they use that you can keep snoopers out and 2.
True, but the risk is still greater if no one can inspect it.