Laser Blog

Articles tagged "news"

85 Vista sends data about users to MS

Monday 2nd July, 2007

You have to wonder how much of this sort of thing is down to the NSA.
Rob. April 2015.

Well, no surprise. Microsoft uses Vista to gather information about you. I've made many posts about this, just type "Vista" in the Quicksearch text field and press enter. So what? What can they tell?

... in excess of 20 Windows Vista features and services are hard at work collecting and transmitting your personal data to the Redmond company.

Geez, 20? That seems rather a lot. Those twenty features and services all use CPU and RAM on your PC, to snoop on you. You'll have to read the full article to find out exactly what those 20+ data mining techniques are (plus how you can bypass some of them). But surely Microsoft are a responsible company. (Actually, I couldn't type that last sentence without grinning.) Well, the Vista license agreement clearly states:

"By using these features, you consent to the transmission of this information. Microsoft does not use the information to identify or contact you."

And they say they're not going to identify you. All they say they want is your:

"Internet protocol address, the type of operating system, browser and name and version of the software you are using, and the language code of the device where you installed the software."

Heh, if they have your IP address, they have you. But they clearly stated that they won't identify you, so, problem over? Not quite.

"Microsoft may disclose personal information about you if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with the law or legal process served on Microsoft; (b) protect and defend the rights of Microsoft (including enforcement of our agreements); or (c) act in urgent circumstances to protect the personal safety of Microsoft employees, users of Microsoft software or services, or members of the public,"

The good faith belief? Microsoft? Come on.


83 Ubuntu rejects Microsoft deal

Tuesday 19th June, 2007

Canonical, the corporate sponsor of Ubuntu Linux, has rejected an intellectual property deal with Microsoft because it refuses to reveal details of the patents that it claims are being violated in open source software. To quote Mark Shuttleworth, founder of Canonical:

"A promise by Microsoft not to sue for infringement of unspecified patents has no value at all and is not worth paying for."

This makes previous signees Novell, Xandros and (more recently) Linspire appear to be a little hasty, and it must be said, somewhat lacking in courage and foresight.


81 Microsoft, Linux, and patent questions

Friday 8th June, 2007

Microsoft, after having struck a deal with Novell, have also been busy making Linux/patent-related deals with Samsung, Fuji Xerox, Xandros, and most recently LG Electronics.

The Novell deal has been in the news for months now, and has been commented on to death. I'm not quite sure what Xandros thinks it's going to gain from this. Perhaps some extra corporate business? Certainly, it's lost a lot of face in the Linux/FLOSS community. For a company with such a community-driven base product, can it afford to do that, long-term? Time will tell.

The other three, Samsung, Fuji Xerox, and LG Electronics, have rather more transparent motives. They were bullied. They spend lots of money on Microsoft products, and probably get huge discounts. If they agree to simply sign a bit paper which indemnifies them from being sued by Microsoft for something which Microsoft could never sue them for anyway, then the big discounts continue. Some Open Source enthusiasts might boycott their products, but it's small change compared to what they would lose.

A comment on the Computer Business Review Open Source Weblog seems to hit the nail on the head:

The suggestion is that Microsoft is not so much protecting its intellectual property as it is its business model. By creating a group of ‘patent-approved’ Linux vendors and discouraging enterprise adoption of alternatives via the threat of litigation the company would be able to stifle disruptive business models and innovation – all without ever proving any intellectual property infringement.

I think we can expect a lot more of these types of deals to appear.


72 MS Word 2007 crash "is a feature"

Saturday 14th April, 2007

This is amazing. When warned of three new flaws in Word 2007, Microsoft were unimpressed.

a company spokeswoman ... "found that none of these claims demonstrate a vulnerability in Microsoft's Word 2007 or any part of the Microsoft Office System."

Nope, no vulnerability at all. In fact, how Word reacts to these previously unknown problems is part of a cunning plan ...

"In fact, the behavior observed in Microsoft Word 2007 in this instance is a by-design behavior that improves security and stability by exiting Microsoft Word when it has run out of options to try and reliably display a malformed Word document," the spokeswoman said.

So, how does Word 2007 improve "security and stability"? It crashes of course! How much more stable can you get? Well, how about just displaying a message which says: "I can't open this document." But let's put that aside for a moment and discuss what the customer is supposed to do next ... simple, just restart Word!

She went on to suggest that it is no big deal if Word 2007 did crash under those circumstances, a scenario that could lead to the loss of any unsaved data. "The sample code in [Aharoni's] postings cause Microsoft Word to crash, and users can restart the application to resume normal operations."

(Emphasis added.)

But what about that unsaved data? Well, you just typed it. Type it again!

Use You won't have to pay for the privilege.


71 Who's in charge of your PC? - Part 2

Friday 13th April, 2007

Last year, I posted a link to an article about proposals by the Swiss government to surreptitiously install trojans onto people's PCs.

Now it seems that the German government has similar ideas.

German Interior Minister Wolfgang Schaeuble has confirmed plans to seek a change to the constitution to allow the state secret access to the computers of private individuals, in an interview published Thursday.

"Under certain conditions it must be possible for the Federal Criminal Police Office to search computers in secret," Schaeuble told the Handelsblatt newspaper.

To be honest I felt I was somewhat restrained in my analysis of the previous article. This sort of thing (surreptitious searching of a PC) can happen in two ways:

  • The government secretly installs a trojan
  • The vendor installs a backdoor

The problem with the first option is getting the anti-virus people on board. Only one of them has to step out of line (and proudly boast about it) to stop this from working. So this leaves the second option. With the second option (and with the first option, to be honest), only one or two possible candidate OSes spring to mind. Windows and MacOS. It simply isn't going to happen with Free/Open Source operating systems, because anyone can see the source and adjust it as they see fit. Furthermore, vendors who need to please their shareholders, and desperately want sales would love to have a "government approved" sticker on their product.

Either way, tech-savvy people will find ways around it. It's too risky not to, since crackers will find ways to use these loopholes for their own purposes - if there's a door, there will be a way to open it. By referring to the "tech-savvy", I also mean the people that the German government are supposedly targetting, so ultimately only the "innocent" will be running infected PCs. But as many of these types like to say when civil rights get eroded for political ends, "if you've got nothing to hide ..."

What the article really demonstrates is how stupid politicians and civil servants are when discussing anything other than their own field of expertise, which is politics, not IT. I wonder if the plans allow for police officers' and politicians' PCs to also be compromised in this way.