This page has been archived and commenting is disabled.

Microsoft Confesses

testosteronepit's picture




 

Wolf Richter   www.testosteronepit.com   www.amazon.com/author/wolfrichter

Google, Facebook, Microsoft, Apple, et al. get to know practically everything about us over time. But unlike humans, their servers never forget, and data mining tools only get better. Advertisers, ID thieves, insurance companies, employers, whoever, and of course law enforcement are trying to get their hands on this data. Each in its own way. But law enforcement—we use the term loosely because we’re talking about countries around the world—can simply bully its way to the data.

Now Microsoft has suddenly decided to “respect human rights and the principles of free expression and privacy” and display a “commitment to transparency,” as it wrote, under pressure from the Electronic Frontier Foundation and coalition partners (letter). And so it joined Google, Twitter, and others in disclosing not what kind of voluminous user data it collects or which companies and affiliates have access to it, but how many law enforcement requests for user data it received.

Hence its new—and all cynicism aside, laudable—2012 Law Enforcement Requests Report. But Microsoft obfuscates about how often it gives out cryptographic secrets that would open up even encrypted user content to governments around the world.

Microsoft has operations in more than 100 countries but only surrenders data in those 46 where it has “the ability to validate the lawfulness of the request.” Hmmm. So it received 70,665 law enforcement requests or court orders worldwide, potentially impacting 122,015 users of its Internet and cloud services, such as Hotmail/Outlook.com, SkyDrive, Xbox LIVE, Microsoft Account, Messenger, and Office 365. Of them 11,073 and 24,565 respectively in the US.

Its subsidiary Skype, which is headquartered in Luxembourg and operates “pursuant to Luxembourg law,” received 4,713 requests, impacting 15,409 accounts. Of them, 1,154 and 4,814 respectively in the US, processed through Luxembourg.

In 18% of the requests, Microsoft didn’t disclose any customer data. In 2.2% of the requests, it disclosed everything, texts of emails, photos, encrypted documents stored on SkyDrive, etc. In the US, that would involve a judge. And in 79.8% of the cases, Microsoft only disclosed “non-content” data, that is, e-mail address, name, gender, age, IP, and so on. Innocuous stuff. These requests don’t involve a judge. But....

Microsoft dove into its encrypted services, including Skype, with a warning, “no communication method is 100% secure,” followed by a list of ways in which the encryption of Skype and other services could be compromised. But Microsoft was skillfully vague about a crucial issue: what else was included in that innocuous category of “non-content” data? Crypto keys?

They would allow a government that obtained them to open the encryption and get whatever data was there or listen to the conversation on Skype, for example. Were they considered “content” and thus part of the 2.2% that would require a judge? Or were they considered “non-content,” like gender, and thus part of the 79.8% that would not require a judge?

Experts weighed int. As the EFF pointed out, Christopher Soghoian, Principal Technologist and a Senior Policy Analyst with the Speech, Privacy and Technology Project at the ACLU, is worried. “Microsoft’s response on Skype is very carefully worded,” he wrote. “Leakage of crypto keys would, as phrased, not be considered release of content.”

Hence, it would fall into the “non-content” category. Like gender. Yet whoever gets the crypto keys gets everything. So those among the 600 million Skype users who still have the illusory confidence that their conversations and messages are secure have another reason to doubt it ... in the 46 countries where Microsoft might routinely disclose crypto keys to “law enforcement.”

The transparency report also included information on the number of National Security Letters Microsoft received since 2009. These NSLs are the nasty product of a provision in the notorious and bi-partisan Patriot Act that President Obama signed instead of vetoing it. With an NSL, the FBI can force a company in secret and without any prior judicial review to disclose private communications, data, and Internet activity of regular Americans. At the same time, an NSL gags the company and prevents it from even mentioning the existence of the NSL.

Last week, a federal judge in San Francisco found them unconstitutional and ordered the FBI to stop issuing them—an Order now on hold, pending appeal.

These NSLs are so tricky that Microsoft had to tiptoe into disclosing how many it had issued: “Pursuant to approval from the government,” it was only allowed to say that it had received between 1,000 and 1,999 NSLs affecting 3,000 to 3,999 accounts in 2011, and 0 to 999 NSLs affecting 1,000 to 1,999 accounts in 2012. That’s how secretive they are.

Every company we interact with accumulates information on us and stores it to be used and abused, sold, traded, or stolen. We accept it because alternatives, if we want to lead a modern life, are limited. Yet, we get the willies knowing that governments, ours or a foreign one, can get access to some of this information as well. Of course there are differences. For example, a company is less likely to rain missiles down on us from the latest and greatest drone while we’re surfing some non-mainstream-media macro site.

Desperate to halt its stock’s dismal slide since going public, Facebook has increasingly sought new ways to make more money and prove its worth. And so, as the builder of the largest “Big Data” treasure trove in history, Facebook is selling marketers and shady characters veiled access to its users’ deepest secrets. Read.... Outed By Facebook For Profit

 

- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Sat, 03/23/2013 - 23:26 | 3367558 ThisIsBob
ThisIsBob's picture

Your local Luddite will observe that the securist form of communiucation today was first deployed around 3000 BC - snail mail.

Sat, 03/23/2013 - 22:01 | 3367452 Manipuflation
Manipuflation's picture

 I thought posting anything on the webs was to be done when you wanted EVERYONE to know.

Sat, 03/23/2013 - 21:47 | 3367423 honestann
honestann's picture

EVERY large corporation is run by predators in cahoots with predators-DBA-government.  Macroshaft is one of the worst, and has been for years.  Trust no one, especially anyone with extensive reach and grasp.  You know what they will grasp for.

Sun, 03/24/2013 - 00:07 | 3367571 monad
monad's picture

I usually find your views valid but you missed it this time. Your villain Microsoft just burned their HUGE INVESTMENT in the cloud. Maybe you knew this but most of the CTO imperialist lackey running dogs I've had to deal with since '07 definitely do not. They just think and worse do whatever CIO magazinaganda tells them. That's what you get when you hire 'quotas' after insiders and the quotas get a critical mass. MSFT just did The Right Thing. Now figure out why. (long *) insiders[].

Sun, 03/24/2013 - 00:30 | 3367649 honestann
honestann's picture

Do I misunderstand?  You advocate "the cloud"?  Ouch!

Mon, 03/25/2013 - 23:55 | 3375601 monad
monad's picture

You misunderstood me. MSFT has a huge investment in cloud offerings, and now to their own detriment they are announcing to anyone who missed it that Big Brother has assumed control. They have no motive to do this selfless good deed; it would be a first. Its not about evil, it's about what their objectives are. Like last month when the Waltons cried about their sales while trying to get congress to break more laws in their favor. I bet Putzmeister was sucked into the public cloud... oops

Sat, 03/23/2013 - 22:00 | 3367449 All Risk No Reward
All Risk No Reward's picture

Every major corporation and government in the West is owned and controlled by Biggest Finance Capital (BFC).  BFC is the Grand Chess Master and the governments and the mega corporations and mega societal establishments are their chess pieces on their Grand Chess Board.

On the opposite end, well, nobody is there as they don't even comprehend there is a Grand Chess Board at all.

BFC is the controlling sovereign, every other major entity is subject to their powers.

No sovereign nation, by definition, would borrow, at interest, money from a private cartel in order to fund the nation's money supply. 

Napoleon understood this well...

“When a government is dependent upon bankers for money, they and not the leaders of the government control the situation, since the hand that gives is above the hand that takes. Money has no motherland; financiers are without patriotism and without decency; their sole object is gain.”
? Napoleon Bonaparte

Napoleon didn't describe the math behind Debt Money Tyranny, though.  Let me fix that omission:

Debt Money Tyranny Exposed

http://www.keepandshare.com/doc/4768883/debtmoneytyranny-6-1-pdf-60k?tr=77

BTW, this con game has been going on since the days of Aristotle...

POL [1258a39] (Jowett) There are two sorts of wealth-getting, as I have said; one is a part of household management, the other is retail trade: the former necessary and honorable, while that which consists in exchange is justly censured; for it is unnatural, and a mode by which men gain from one another. The most hated sort, and with the greatest reason, is usury, which makes a gain out of money itself, and not from the natural object of it. For money was intended to be used in exchange, but not to increase at interest. And this term interest, which means the birth of money from money, is applied to the breeding of money because the offspring resembles the parent. Wherefore of all modes of getting wealth this is the most unnatural.

My guess is Debt Money Tyranny was going along long before Aristotle - does anyone have any prior quotes?

Sun, 03/24/2013 - 14:37 | 3367596 Boxed Merlot
Boxed Merlot's picture

My guess is Debt Money Tyranny was going along long before Aristotle - does anyone have any prior quotes?...

 

 

Let’s see, Socrates taught Plato who taught Aristotle, (who taught Alexander the Great), during the 400 years between the Old and New Testaments of the Bible.  And several hundred years before the end of the Old Testament, examples regarding justice, gifts, taxes and usury, (or the collection of money from money) were recorded in books of law the church holds as sacred.  I’m sure there are those who can provide many more but here are few:

 

Genesis 14:17-24 

After Abram returned from defeating Kedorlaomer and the kings allied with him, the king of Sodom came out to meet him in the Valley of Shaveh (that is, the King’s Valley).  Then Melchizedek king of Salem brought out bread and wine. He was priest of God Most High, and he blessed Abram, saying,

“Blessed be Abram by God Most High,
Creator of heaven and earth.  And praise be to God Most High,
who delivered your enemies into your hand.”

Then Abram gave him a tenth of everything.

The king of Sodom said to Abram, “Give me the people and keep the goods for yourself.”

But Abram said to the king of Sodom, “With raised hand I have sworn an oath to the Lord, God Most High, Creator of heaven and earth, that I will accept nothing belonging to you, not even a thread or the strap of a sandal, so that you will never be able to say, ‘I made Abram rich.’ I will accept nothing…

 

Exodus 22:25-27

“If you lend money to one of my people among you who is needy, do not treat it like a business deal; charge no interest.  If you take your neighbor’s cloak as a pledge, return it by sunset, because that cloak is the only covering your neighbor has. What else can they sleep in? When they cry out to me, I will hear, for I am compassionate.

 

Exodus 23:1-9

“Do not spread false reports. Do not help a guilty person by being a malicious witness.

 “Do not follow the crowd in doing wrong. When you give testimony in a lawsuit, do not pervert justice by siding with the crowd, 3 and do not show favoritism to a poor person in a lawsuit.

 “If you come across your enemy’s ox or donkey wandering off, be sure to return it.   If you see the donkey of someone who hates you fallen down under its load, do not leave it there; be sure you help them with it.

 “Do not deny justice to your poor people in their lawsuits.  Have nothing to do with a false charge and do not put an innocent or honest person to death, for I will not acquit the guilty.

“Do not accept a bribe, for a bribe blinds those who see and twists the words of the innocent.

 “Do not oppress a foreigner; you yourselves know how it feels to be foreigners, because you were foreigners in Egypt.

 

Exodus 30:11-16

Then the Lord said to Moses, “When you take a census of the Israelites to count them, each one must pay the Lord a ransom for his life at the time he is counted. Then no plague will come on them when you number them.  Each one who crosses over to those already counted is to give a half shekel according to the sanctuary shekel, which weighs twenty gerahs. This half shekel is an offering to the Lord.   All who cross over, those twenty years old or more, are to give an offering to the Lord.  The rich are not to give more than a half shekel and the poor are not to give less when you make the offering to the Lord to atone for your lives.  Receive the atonement money from the Israelites and use it for the service of the tent of meeting. It will be a memorial for the Israelites before the Lord, making atonement for your lives.”

 

 

My understanding is debt money is nothing more than an indication of a society’s reliance on a system destined to fail.  Trusting on the gold in the temple to withstand the demands of the creditor is as preposterous as believing the gold arrived at the temple by virtue of one’s birth.  Gold's gravitational pull tends to gather where justice is valued, where it can be used for free trade and as verification of trust rather than a weapon of tyranny that accepts the death of miscreants jumping from windows of the buildings they use to oppress others.

 

Jmo.

 

Sun, 03/24/2013 - 14:55 | 3369074 All Risk No Reward
All Risk No Reward's picture

There are two very different applications of usury.  This distinction, while critical, is lost in the noise of history... perhaps even concealed therein.

1. The money supply itself lent at interest to the nation state.

2. Money issued by the state interest free and then lent out, at interest, by people who have accumulated money to lend to others - this is what all the economics and business text books imply about our monetary system.  The ramifications of the fatal flaw #1 brings to society (big win for money lenders, though) is hidden... even from the high level servants of the money defining and lending classes.

Aristotle didn't make the distinction between #1 and #2, at least as afar as I've been able to dig up.  Neither do those Biblical quotes.

While #2 will create societal problems, #1 is by far the larger problem as displayed in the following chart:

Debt Money Tyranny

http://www.keepandshare.com/doc/4768883/debtmoneytyranny-6-1-pdf-60k?tr=77

#1 is prima facia fraud from the get to - a systematic way for the money definers and controllers to loot their host society and seize near absolute control of their governments.

Let us not bankrupt our todays by paying interest on the regrets of yesterday and by borrowing in advance the troubles of tomorrow.
Ralph W. Sockman

When the money supply itself is debt, the citizen has no choice but to go down the road of debt and usury because that is what creates their money.  In this context, the absurdity of what Pete Stark is claiming is actually true!

The more debt America has, the more monetary wealth it has because monetary wealth **is** debt!

http://www.youtube.com/watch?v=UjbPZAMked0

It is all folly.

My people perish for lack of knowledge - the chumptocracy in all its glory.  I've talked to high level executives that are so ignorant they defend money as debt - Debt Money Tyranny and think they are some kind of sophisticate for doing so!

Talk about Stockholm Syndrome.

Sat, 03/23/2013 - 21:17 | 3367369 DarthVaderMentor
DarthVaderMentor's picture

I can't wait for Google's confession.........

Sat, 03/23/2013 - 20:12 | 3367186 NuYawkFrankie
NuYawkFrankie's picture

"You Say It, We'll Relay It"

- The Maggots from MicroSNITCH  ("Making DHS Work For You!" )

Sat, 03/23/2013 - 18:57 | 3367030 ChacoFunFact
ChacoFunFact's picture

I have been working with neighbors to build our own private network where we own and run our own landlines/physical connection to each other. It's a lot of digging but the concept of pure privacy and sharing amongst only ourselves is all too rewarding. One house at a time.

Sat, 03/23/2013 - 20:21 | 3367232 NuYawkFrankie
NuYawkFrankie's picture

Try leaning over the fence & talking - that also works.

Sat, 03/23/2013 - 17:46 | 3366785 Creepy Lurker
Creepy Lurker's picture

http://en.wikipedia.org/wiki/One-time_pad

When it absolutely, positively, has to be secret.

Sat, 03/23/2013 - 20:24 | 3367236 NuYawkFrankie
NuYawkFrankie's picture

... don't even think about telling a female.

Sat, 03/23/2013 - 19:00 | 3367035 GeezerGeek
GeezerGeek's picture

The trick, of course, is getting the decryption key to the recipient without its being intercepted. Delivering such is not 100% fail-proof. 

Sat, 03/23/2013 - 15:49 | 3366407 pine_marten
pine_marten's picture

Dump the "puter"............

Sat, 03/23/2013 - 16:58 | 3366620 Dugald
Dugald's picture

 

Bullish Carrier Pigeons

Sat, 03/23/2013 - 14:45 | 3366200 AnAnonymous
AnAnonymous's picture

Did they confess the Armstrong's way?

How much were they paid to confess? How many lawyers oversaw the process? Did they have director's cut right on the final declaration?

Sat, 03/23/2013 - 15:15 | 3366311 TheFourthStooge-ing
TheFourthStooge-ing's picture

.

Did they confess the Armstrong's way?

You dopey dingus. Martin Armstrong didn't confess, he copped a plea so that he wouldn't end up being indefinitely imprisoned for life for contempt of court.

Sat, 03/23/2013 - 15:26 | 3366345 the grateful un...
the grateful unemployed's picture

i think he means Lance Armstrong

Sat, 03/23/2013 - 14:44 | 3366193 Legolas
Legolas's picture

This is a two-edged sword if governments are also using technologies like Office 365.

Sat, 03/23/2013 - 14:25 | 3366134 q99x2
q99x2's picture

I'm using Linux. It does what I need it to and if not I have a PC I can use for video editing and AutoCad. But Linux is my main computer OS.

The fools in the corporations and banks are driving everyone to rely on alternative goods and services. That is a good sign when the banks and corporations fail a whole new set of ideas and tech is waiting to bring about more sustainable, democratic and beneficial future.

Sat, 03/23/2013 - 21:50 | 3367426 honestann
honestann's picture

Linux is great!

Not perfect, but great.

Sat, 03/23/2013 - 18:17 | 3366879 seek
seek's picture

Year 12 of linux here. A lot of security scares, trojans, etc have come and gone in that time. You can easily set up a second system to shadow the first and watch network connections to identify any rogue network events as well. For the really secure stuff I have a air-gapped netbook (wireless card removed.)

In this environment the old X-Files tagline of "trust no one" applies double. I agree, the commercial entities have evolved into such draconian creatures -- either on their own, or at the behest of governments -- that they're driving customers away, and more and more people are waking up to downside of depending on big brother for their technology.

Sat, 03/23/2013 - 14:52 | 3366229 DoChenRollingBearing
DoChenRollingBearing's picture

+ 1

 

We will have to look out for ourselves, and the tools are becoming easier to use.

Sat, 03/23/2013 - 15:10 | 3366296 TheFourthStooge-ing
TheFourthStooge-ing's picture

I haven't done any video editing* in about 8 years, but even then avidemux worked pretty well. It can only have gotten better.

 

*as in cutting/splicing video/audio, not generating dazzling special effects.

Sat, 03/23/2013 - 14:18 | 3366108 ThirdWorldDude
ThirdWorldDude's picture

Crypto keys...? You mean like the hence-thought-to-be-uncompromisable Bitcoin security?

 

Holy rattlesnakes Batman, do you get it now why TPTB lets little sheep play with electronic quasi-currencies?

Sat, 03/23/2013 - 20:44 | 3367289 Money Squid
Money Squid's picture

Where is CH1 with all his crypto experience to describe how bitcoin can not be broken, tracked, and you can remain anonymous?

Sat, 03/23/2013 - 21:18 | 3367370 Perseid.Rocks
Perseid.Rocks's picture

They're more likely to get your password by tricking you, say with a little dialog box asking you to re-authenticate. If you're really interesting they can always break into your house and install hidden cameras or listening devices (or hardware keyloggers). Strong crypto is designed to be, well, hard to break (don't roll your own crypto.. let the math brains do it).

On the other hand there are those man-in-the-middle applications that make you think you're connected directly to a remote server, all the while they record everything you do. I suspect certain gov't contractors are perfecting those (or have already done so). I seem to recall an industry move toward software which writes the software. If they're not careful the thing will develop its own consciousness.. next thing you know terminator will show up at your doorstep.. security through obscurity will be the new buzz.

 

Sat, 03/23/2013 - 14:59 | 3366252 DosZap
DosZap's picture

ThirdWorldDude

Dudeski,the originator of Bitcoin was the CIA.(think your still hidden?.)

Sat, 03/23/2013 - 17:20 | 3366689 toys for tits
toys for tits's picture

The CIA's invention of Facebook has saved the government millions of dollars.

http://www.theonion.com/video/cias-facebook-program-dramatically-cut-age...

Sat, 03/23/2013 - 14:36 | 3366174 OpenThePodBayDoorHAL
OpenThePodBayDoorHAL's picture

Wrong. The only way a cryptokey would be compromised in this way (for Bitcoin or anything else) would be if you sent the unencrypted key to someone using Skype or Hotmail. Duh. The other way would be to combine the largest 50 supercomputers in the world and have them run for 33 years together trying to work out the problem. Go ahead.

There are other issues with Bitcoin security but this is not one of them.

Sat, 03/23/2013 - 18:54 | 3367010 GeoffreyT
GeoffreyT's picture

Actually, 33 years underestimates the mean time to bruteforce a good security cascade by a bajillion gajillion years. (I can used made-up "illions" because the actual number of years is 3x10^51, i.e., more than 30 orders of magnitude larger than the largest SI unit ["yotta"]).

The amount of electricity required to brute-force just one layer of AES256 exceeds the generating capacity of the entire planet, in perpetuity. This should not be confused with the Von Neumann-Landauer limit - the theoretical minimum amount of electricity needed just to switch through the keys - which would 'only' take 1% of global energy production (but add the computing required to check each key and the amount of energy escalates hyperbolically).

AES256 - properly implemented and using a password that is not amenable to dictionary hacks - is secure. An AES256/Twofish/Serpent cascade with several keyfiles (of which one stored airgapped) can effectively be said to be non-brute-forceable. Add in deniable hidden partitions and steganography (hiding files within files) and the bad guys (.gov, in case you're wondering) dont' have a chance.

If your operating system is closed-source, all bets are off and you deserve whatever happens to you. If your OS is made by a US firm (i.e., Microsoft, Sun or Apple) and is closed source, you should behave as if every keystroke you hit is sent to an NSA server. Or change OSes to something more secure.

 

Sat, 03/23/2013 - 20:55 | 3367317 Perseid.Rocks
Perseid.Rocks's picture

I can hear the gov't contractors now.. "how many terabytes per minute? we're gonna need faster computers".

I recall a recent article by Taleb where he observes that so much information leads to less reliable conclusions. I imagine that super-ginormous amounts of data would lead to almost completely useless results.

http://www.wired.com/opinion/2013/02/big-data-means-big-errors-people/

So not only are they running around like stuck chickens replacing their computers 800 times per year, but their algos are spewing out zillions of false positives (must be why they're treating us all like terrorists), and the poor analysts forced to actually look at some of the data streams are rapidly going blind from all the porn flying past them.

 

Sat, 03/23/2013 - 17:54 | 3366815 ThirdWorldDude
ThirdWorldDude's picture

Sure thing, just don't blame me when Uncle Sam (is that short for Samael?) asks you nicely to pay taxes, calculated to the very cent, on your capital gains from investing in Bitcoin...

 

IRS has an app for that in Utah!

Sat, 03/23/2013 - 14:07 | 3366074 jonjon831983
jonjon831983's picture

That's the crazy thing the modern conveniences has concentrated and made access easier for those of us who partake... but the jewel is tempting and easy for others to pluck...

Sat, 03/23/2013 - 13:48 | 3365995 disabledvet
disabledvet's picture

"the original and still the best": http://en.wikipedia.org/wiki/Alexander_Graham_Bell

Sat, 03/23/2013 - 13:43 | 3365968 SamAdams1234
SamAdams1234's picture

There is no such thing as privacy, just different sized thongs.

Sat, 03/23/2013 - 17:08 | 3366642 toys for tits
Sat, 03/23/2013 - 13:19 | 3365847 fourchan
fourchan's picture

another proof freedom, the constitution, and the republic is dead.  buy gold.

Sat, 03/23/2013 - 13:28 | 3365866 CH1
CH1's picture

Law enforcement—we use the term loosely because we’re talking about countries around the world

I have a real problem with this line. American Cop Worship TV is a lie, and the reality is moving in this direction: http://sanantoniolightning.com/national/schlosser.html

On top of that, the cop bureaus are now servants of DHS, which is utterly fascist and out of control.
Sat, 03/23/2013 - 21:01 | 3367331 kchrisc
kchrisc's picture

One of the very big reasons that we turned off the TV in our home. Practically every "show" had some LEO and/or "justice" plot or angle. All the while I couldn't keep up with the latest cop brutality incidents or suspect railroaded reveals. The Duke case was a bellwether in that regard. Sickening.

And if you are a cop, "justice" official, judge, etc. reading this, mind your oath, because the guillotine is minding you.             hujel

Sat, 03/23/2013 - 19:23 | 3367083 Urban Redneck
Urban Redneck's picture

At least the cop bureaus are local, so the little piglets are local, and the driver of the MRAP crew is taking known routes between known points in unarmored vehicles each day

Do NOT follow this link or you will be banned from the site!