Forgot your password?
typodupeerror
Microsoft Open Source Privacy Your Rights Online

Former Microsoft Privacy Chief Doesn't Trust Company, Uses Open Source Software 199

Posted by timothy
from the takes-one-to-know-one dept.
MojoKid writes "Microsoft's onetime Chief Privacy Advisor, Caspar Bowden, has come out with a vote of no-confidence in the company's long-term privacy measures and ability or interest to secure user data in the wake of the NSA's PRISM program. From 2002 — 2011, Bowden was in charge of privacy at Microsoft, and oversaw the company's efforts in that area in more than 40 countries, but claims to have been unaware of the PRISM program's existence while he worked at the company. In the two years since leaving Microsoft, Bowden has ceased carrying a cell phone and become a staunch open source user, claiming that he no longer trusts a program unless he can see the source."
This discussion has been archived. No new comments can be posted.

Former Microsoft Privacy Chief Doesn't Trust Company, Uses Open Source Software

Comments Filter:
  • by d33tah (2722297) on Tuesday October 01, 2013 @09:50AM (#45002743)
    The next obvious step is not to use it unless you can understand it.
    • by Taco Cowboy (5327) on Tuesday October 01, 2013 @10:05AM (#45002925) Journal

      ... use caution in everything we do.

      There is no way we can understand everything. There are just too many things out there that we use daily - even software alone consist of so many layers ( from the spreadsheet software program that we use, to the device drivers, the OS, to the embedded firmwares residing inside the chips, to the myriad mix of software that keep the Net humming.

      Yes, I know, it is no fun.

      The paranoids have a point, after all --- BIG BROTHERS (plural) want to know everything about us.

      • by Fnord666 (889225) on Tuesday October 01, 2013 @10:21AM (#45003131) Journal

        even software alone consist of so many layers ( from the spreadsheet software program that we use, to the device drivers, the OS, to the embedded firmwares residing inside the chips, to the myriad mix of software that keep the Net humming.

        Don't forget the compilers and linkers that build the software. The source may look fine, but where did the compiler come from?

        • Open source compilers... that compile themselves.
          • by Anonymous Coward on Tuesday October 01, 2013 @10:31AM (#45003253)
            There's still the trick described by Ken Thompson which involves a compiler taking the source code of a compiler but also injecting a backdoor into the binary at the same time. This means that there can be a trojan replicating itself over multiple generations even though it never shows up in the source.
            • by Xtifr (1323)

              A trick that relies on the compiler recognizing its own code, which, as the code is edited over the years, would require truly amazing AI. Thompson had it fairly easy, because he was dealing with a relatively simple and fairly static compiler, and could use simple pattern matching to identify the places to insert his trojan. GCC, on the other hand, has undergone some major rewrites over the years.

              Of course, if you really want to be sure, you can load the compiler source into something completely different.

          • Someone around here mentioned an attack on this supposed haven. The upshot was that in the first set of source, compromizing code was inserted and compiled, instructing the compiler to compile that bit, then remove it from the source. In subsequent compiles of the compiler, if the compromizing source was not found, the code would still be inserted. Anything compiled by that compiler would then be compromized, but no review of the source would reveal it - you would have to walk the binary.
            • by sconeu (64226)

              That was Ken Thompson, co-developer of Unix, in "Reflections on trusting trust".

              http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]

          • Read this FA ... (Score:3, Informative)

            by Taco Cowboy (5327)

            http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/ [scienceblogs.com]

            Both AC and disposable60 were trying to explain to you the concept outlined by Mr. Thompson.

            Read, and ponder.

          • by Thanshin (1188877) on Tuesday October 01, 2013 @10:39AM (#45003353)

            Open source compilers... that compile themselves.

            It's compilers all the way down.

            • by Pope (17780) on Tuesday October 01, 2013 @11:10AM (#45003739)

              Open source compilers... that compile themselves.

              It's compilers all the way down.

              My god, it's even worse: Turtle Logo compilers!

            • by mcgrew (92797) *

              Funny, but incorrect. Somewhere at the bottom is the assembler that the first compiler was written in, and the hand-assembled machine code the first assembler was written in... then you have to trust Intel and AMD to not install NSA back doors in their chips. Build your own computer out of discrete components and it will cost a fortune, take a large building to hold, and be very slow compared to chips.

              We're screwed.

              • by Bert64 (520050)

                Depends which governments you trust the least...
                There are various ARM cores designed by the british, and other implementations of the instruction set designed elsewhere...
                Then you have some MIPS cores developed by the chinese...

      • Re: (Score:3, Insightful)

        by mcgrew (92797) *

        There is no way we can understand everything.

        True, but one can understand everything about something, and enough of everything to get by. If you know how electricity and electronic components work, how logic gates and ALUs work, know assembly and higher level languages you can pretty much understand enough.

        The secret is reading LOTS of books and then practicing. Unfortunately, 97% of the population are aliterate -- they can read, but don't. I don't understand those people! Probably never will.

        • Re: (Score:3, Funny)

          by dead_user (1989356)
          aliterate

          The other 3% can't spell illiterate. ;)
          • by idontgno (624372)

            I suspect some small fraction of that 3% isn't actively illiterate, but simply unread enough to not recognize the difference between aliterate and illiterate... or to recognize that aliterate is a legitimate word [google.com] which is not merely another synonym for "illiterate".

          • by gmhowell (26755)

            aliterate

            The other 3% can't spell illiterate. ;)

            Irony?

        • by Khashishi (775369)

          Does slashdot count as reading?

        • by lennier (44736)

          If you know how electricity and electronic components work, how logic gates and ALUs work, know assembly and higher level languages you can pretty much understand enough

          ... to be really scared.

          Like they say, if you want to sleep at night you don't actually want to know how sausages, laws or semiconductor devices [wikipedia.org] are made.

    • I understand it perfectly. It sounds like a matter of education on your part.
    • by stanlyb (1839382)
      Nope, the next obvious step is to use only compiler which you compiled by yourself.
    • by egamma (572162)

      The next obvious step is not to use it unless you can understand it.

      So you're not going to use your car because you don't understand internal combustion engines or the chemical properties of gasoline?

      • by mjwalshe (1680392)
        Would certainly reduce congestion on the roads - I can just see Cpatain Slow and the hampster trying to coach Jeremy Clarkson through that part of the driving test :-)
        • by egamma (572162)

          Would certainly reduce congestion on the roads - I can just see Cpatain Slow and the hampster trying to coach Jeremy Clarkson through that part of the driving test :-)

          Quick question--do you know how your mouse or trackpad works? :-)

      • The next obvious step is not to use it unless you can understand it.

        So you're not going to use your car because you don't understand internal combustion engines or the chemical properties of gasoline?

        That's easy to understand. What's hard to understand is why you fools let the car manufacturers convince you that they should be capable of getting 100 MPG standard by now, that's why I don't drive you. In the 70's my dad worked for Shell, and they demoed a car at a company picnick that got 70 MPG. What I don't understand is why they would put a remote kill switch in the onboard computer.... So I don't drive those kind of cars....

    • by Synerg1y (2169962)

      Right...

      why don't you teach your grandma how to understand it? Do you even know what you're saying?

  • Good for him (Score:5, Insightful)

    by techsoldaten (309296) on Tuesday October 01, 2013 @09:57AM (#45002813) Journal

    Without assigning any kind of reason to his shift in attitudes - it's refreshing to see a privacy officer come out like this. I can't think of a reason any CPOs should act differently.

    • C3PO can only act according to his program.

    • by CastrTroy (595695)
      He seems to have gone a little too "tinfoil-hat" for my tastes. He doesn't carry a cell phone anymore. I think that says a lot more than becoming an open source user.
      • I think it says more about mobile networks than it does about him.

        That said, once upon a time I worked at Microsoft, back in the just-after-9/11 days. Seeing how the place worked is one of the reasons that I haven't owned a system that ran Microsoft since 2001.

      • It does indeed say more, but it doesn't say that he's crazy.

      • Re:Good for him (Score:5, Insightful)

        by bill_mcgonigle (4333) * on Tuesday October 01, 2013 @01:50PM (#45005657) Homepage Journal

        He seems to have gone a little too "tinfoil-hat" for my tastes. He doesn't carry a cell phone anymore. I think that says a lot more than becoming an open source user.

        If the government mandated that everybody carry a tracking device, keep it on at all times, and that they'd be storing the tracking data in perpetuity, there'd be a goddamn revolution.

        But when they do so voluntarily, and the NSA steals all that data - leading to the exact same end point - people are all like, "oh, look, Walter White is twerking again."

        At least this guy is being true to his privacy milieu.

        • If the government mandated that everybody carry a tracking device, keep it on at all times, and that they'd be storing the tracking data in perpetuity, there'd be a goddamn revolution.

          Yes, because the primary, explicitly stated purpose of the device is to take away your privacy. Cell phones are primarily intended to facilitate communication independent of physical location. Cell phones do need to have an idea of your location, but that data doesn't NEED to be stored. Storing the data is done for corporate/government convenience, and it is indeed done in poor taste and generally against the wishes of the user...but no one owns a cell phone for the intent of getting tracked by the governme

    • Last week, Caspar Bowden testified at a hearing in the European Parliament, and presented a report on the NSA surveillance to the European Parliament's Committee for Fundamental Rights LIBE.

      Link to the report: http://www.europarl.europa.eu/meetdocs/2009_2014/documents/libe/dv/briefingnote_/briefingnote_en.pdf [europa.eu]

      Link to the Youtube-video with Bowden's statement and the following Q&A (63 min): http://youtu.be/qa83l2_ZzEo [youtu.be]

  • by jiadran (1198763) on Tuesday October 01, 2013 @10:05AM (#45002923)

    The article mentions that a connection from one point to anohter within Europe would likely stay within Europe. Maybe technically... On a recent trip to Paris I did a traceroute to an e-mail server in Switzerland, and essentially what I saw was: Paris (F) -> London (UK) -> Paris (F) -> London (UK) -> Paris (F) -> Lyon (F) -> Geneva (CH). There might be good reasons why the connection would go through London, but twice, and then come back? Considering that the UK is closely collaborating with the US in its data gathering, I have a feeling that this routing was not entirely by accident.

    • by StripedCow (776465) on Tuesday October 01, 2013 @10:21AM (#45003135)

      There might be good reasons why the connection would go through London, but twice, and then come back?

      Perhaps the packet forgot its toothbrush?
      Never attribute to malice what can be adequately explained by stupidity.

    • by SSpade (549608) on Tuesday October 01, 2013 @11:10AM (#45003747) Homepage

      I'm pretty sure that you don't really know where the physical hardware using the intermediate IP addresses shown in the traceroute actually was. Reverse DNS tends to show who owns it, *not* which country it's in. And geoip services are doing well if they can identify the right country in Europe, let alone anything more accurate than that.

      Even if you did see routing like that, and it really did go to the cities you claim, it still wouldn't be that odd - when routing is optimized at all it's optimized for cost, rather than distance. For long-haul the two tend to go together, but for relatively short distances in the well-connected first world they don't.

      • by heypete (60671)

        I'm pretty sure that you don't really know where the physical hardware using the intermediate IP addresses shown in the traceroute actually was. Reverse DNS tends to show who owns it, *not* which country it's in. And geoip services are doing well if they can identify the right country in Europe, let alone anything more accurate than that.

        Even if you did see routing like that, and it really did go to the cities you claim, it still wouldn't be that odd - when routing is optimized at all it's optimized for cost, rather than distance. For long-haul the two tend to go together, but for relatively short distances in the well-connected first world they don't.

        Not all network providers provide useful rDNS, but many (like Level3, Hurricane Electric, etc.) do -- their reverse DNS clearly indicates the location of that particular node (HE uses three letter abbreviations of city names, like "sjc" for "San Jose, California" or "ash" for "Ashburn, Virginia". Level3 includes the full name of the city.).

        I've also seen odd routing paths. Usually they're transient and clear up at some later point.

      • by smash (1351)
        Even figuring out where the IP block was allocated to doesn't necessarily show where it is geographically. If it's a global corporation, they could be routing their public address space anywhere on the internet.
    • by smash (1351)
      Could be a million different reasons, for example it is entirely possible that ISP A's link was congested or down, and the packet was routed via a suboptimal path via a peering arrangement with ISP B to get off-continent via an alternative route.
    • There's worse than that. Traceroute packages are special packages with some options set so that you can check which way they go through. Who guarantees you that *all the other* packages are not taking a different path? Who guarantees you that your packages do not take one or two more hops through modified routers whose IP stack does not decrease the TTL variable as it should?
    • by citizenr (871508)

      You might of saw packets still inside LINX.

  • Message received (Score:5, Insightful)

    by Tokolosh (1256448) on Tuesday October 01, 2013 @10:07AM (#45002949)

    Recent history teaches us that he knows things that he is not allowed to talk about. This is his way of legally signalling that all is not well.

    We have congresscritters trying to send the same message, without being labeled "traitors". See http://www.wyden.senate.gov/news/press-releases/wyden-udall-statement-on-reports-of-compliance-violations-made-under-nsa-collection-programs [senate.gov]

    • by turgid (580780) on Tuesday October 01, 2013 @10:33AM (#45003283) Journal

      You're not thinking cynically enough.

      With my Slashdot ubiquitous Microsoft Shill hat on consider the following.

      If you don't like/trust/use Microsoft, you are immature and stupid and a stinking long-haired communist FOSS hippy.

      Someone from the company you HATE leaves the company and announces that they don't trust their former employer which also happens to be the company you HATE, and that they have converted to the FOSS way.

      That means what you suspected all along is true! Right?

      Ah but, it's a trap! You see, the FOSS is back-doored to high heaven as well and all this is a psychological trick to make you feel secure and validated in your own mind.

      Muhahahhahahhahah! Elop will soon rule the galaxy.

      • by smash (1351)
        They're in the firmware/hardware anyway. That 87 megabyte NVIDIA blob you're running? HAHA! That intel microcode update? Guess what!
      • Ah but, it's a trap! You see, the FOSS is back-doored to high heaven as well and all this is a psychological trick to make you feel secure and validated in your own mind.

        That's exactly what they want you to think! /turtles

    • by Walterk (124748)

      Sounds like the Congress could use something like Parliamentary privilege [wikipedia.org] principle:

      it allows members of the House of Lords and House of Commons to speak freely during ordinary parliamentary proceedings without fear of legal action on the grounds of slander, contempt of court or breaching the Official Secrets Act.[1][2] It also means that members of Parliament cannot be arrested on civil matters for statements made or acts undertaken as an MP within the grounds of the Palace of Westminster, on the condition

  • by jkrise (535370) on Tuesday October 01, 2013 @10:07AM (#45002953) Journal

    that itself is more newsworthy. At first glance I thought Piracy Advisor; who suggests making things difficult to pirate.

    Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?

    • If you read the headline carefully, you will see that he is the former privacy chief. Management at MS realized that his salary could go into stacks of more surface units and quickly canned him.
    • by Gibgezr (2025238)

      They are a mega-corporation whose main business involves selling software that interoperates with both their own and other software, and there is a lot of data exchange involved, covering the scale from OS's to apps to large networked DBs. Practically everything they do either directly impacts user data or has the potential to do so, so of course they are concerned about user privacy issues. Whether they are concerned enough to say no the NSA is...well, it seems in light of recent news that we can say they

      • by Thanshin (1188877)

        Practically everything they do either directly impacts user data or has the potential to do so, so of course they are concerned about user privacy issues.

        Facebook?

        • by Gibgezr (2025238)

          Hehe, Facebook is concerned as well, but their concern is more along the lines of "private data is valuable, so sell all we can without getting sued or driving away all the product (users)". I'm sure they have lawyers who spend all day talking about privacy, 24/7.

    • by SirGarlon (845873)

      Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?

      Vaguely, by maintaining customers' loyalty and trust. Specifically, by keeping Microsoft out of the court battles that some [wired.com] other [bloomberg.com] companies [cmo.com.au] are fighting [wired.com].

    • Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?

      It helps people trust them and buy their software. Probably while they should do neither.

  • by rodrigoandrade (713371) on Tuesday October 01, 2013 @10:12AM (#45002991)
    News at 11.
  • Now that he's opened his mouth he's on their radar for sure.

  • #define P(X)j=write(1,X,1)
    #define C 39
    int M[5000]={2},*u=M,N[5000],R=22,a[4],l[]={0,-1,C-1,-1},m[]={1,-C,-1,C},*b=N,
    *d=N,c,e,f,g,i,j,k,s;main(){for(M[i=C*R-1]=24;f|d>=b;){c=M[g=i];i=e;for(s=f=0;
    s=0&&k=16!=M[k]>=16))a[f++
    ]=s;if(f){f=M[e=m[s=a[rand()/(1+2147483647/f)]]+g];j=jb++?b[-1]:e;}P(" ");for(s=C;--s;P("_")
    )P(" ");for(;P("\n"),R--;P("|"))for(e=C;e--;P("_ "+(*u++/8)%2))P("| "+(*u/4)%2
    );}

    shapiro.c [ioccc.org] from IOCC [ioccc.org] 1985

  • Recall Ubuntu's Mark Shuttleworth (http://www.markshuttleworth.com/archives/1182):

    "Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already. You trust us not to screw up on your machine with every update. You trust Debian, and you trust a large swathe of the open source community."

    I trust Debian, even if the server breaches from ten years ago had me "worried" (http://www.internetnews.com/dev-news/article.php/31125

  • So, Microsoft's been scroogling us all along. Funny how these things work out.

  • This ought to lay everyone's concerns to rest:

    Azure certified by DOD [slashdot.org]

    Obviously, this guy is just disgruntled. Nothing to see here..

  • citizen or no (Score:4, Insightful)

    by sacrilicious (316896) on Tuesday October 01, 2013 @01:00PM (#45005015) Homepage

    As Bowden goes on to point out, if you aren't a US citizen, you have no protection whatsoever from PRISM.

    Um, and if I'm a citizen, I'm protected from prism? Nuh uh.

  • I am not, and never will be, a programmer or one that is able to go through the source code and assure myself that all is well. I do have to depend on the Thousands of people out there that have this ability, to get my peace of mind with my chosen OS and the Software that runs on it! This is a lot more assurance than anyone using a closed source OS can say! Not perfect for me, but way better than the alternatives!

There are never any bugs you haven't found yet.

Working...