Slashdot Mirror
MS Settles With FTC Over Passport Privacy Complaints
There will be a number of stories out shortly (here's an early one) noting that Microsoft has settled with the FTC over privacy complaints relating to Microsoft Passport. Short summary: Microsoft made lots of false representations about the security of Passport, and collected more information than it disclosed in its privacy policy, and now must be penalized in the usual Microsoft fashion - they must promise not to do it again. The FTC's settlement page has the complaint and settlement documents. We've covered this extensively - All Your Bits Are Belong to Us, EPIC's complaints about the integration of Windows XP and Passport, Microsoft Defends Passport, EPIC pushing state attorneys general to act against Passport, etc. In fact EPIC has an entire page devoted to Passport. The FTC settlement requires two main things: that Microsoft adopt basic security practices (what were they doing before?), and that Microsoft be audited by a third-party to assure compliance - perhaps it will be TrustE, since Passport's privacy policy remains approved by TrustE.
that makes me want to give up. I mean, over, and over, and over, and over again big companies (esp. Microsoft) do Bad Things(tm), get caught, and essentially get lightly scolded.
Now if I pulled shit like this I'd be up on fraud charges so fast that the whiplash would likely kill me. Assuming the lawyers hadn't eaten me alive first. But as it turns out that's only true because I'm not completely filthy stinking right.
*sigh*
I mean, I know it's nothing new, and I realize that I probably shouldn't be surprised, but c'mon.... it's just bloody depressing. How can things possibly get better if there's effectively no incentive for companies to behave? Clearly relying on a sense of honor or ethics just isn't working.
I'm going to go kick my cube wall for a while... at least then I'll feel like I'm accomplishing something.
Behold the Power of Cheese!
As we've seen lately, 3rd party auditing of *anything* only means that *2* companies are covering information up. Sorry, I still don't trust Passport.
See, the thing is this: knowledgable people who care about security don't use passport, sure. But when the first thing that an XP install asks you for after you boot it for the first time is to get a passport account then plenty of people who care about security but aren't in the know about information security sign up (after all, Passport sounds so... official) and the common consumer gets screwed.
That's the audience. And once enough of them are on board then the rest of us start being faced with choices like: "If I want to use cool service X I'll need to sign up for a passport because there's no other way to get it". That's the plan.
Behold the Power of Cheese!
The target audience is everyone. Whether you care about security or not, if Microsoft can create a demand by legislation (such as the Hollings bill) that would mandate DRM and thus some sort of identity verification scheme, or by convincing the majority of hardware/software makers to use their scheme, then you'll be stuck with it whether you like it or not. I think the former option is a lot more likely really. I seriously doubt they could get a majority to agree on anything. Congress, however, is open for business.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
... and the life savings of the entire middle class, with hardly a peep of protest from those affected, this sort of anti-consumer protection, or better said, government wink-wink-nudge-nudge "don't get caught doing that again" tactics for allowing this sort of atrocious behavior to slide relatively unaffected and unchanged, again and again, is unlikely itself to change in any measurable way.
At least, not until things become so intolerable that the masses overcome their conditioned apathy and subservience, and actually rise up in anger and demand real accountability and real reform. Unfortunately, by then I suspect things will have gone so far the non-violent reform will be difficult, if not impossible, and I sure don't want to be anywhere near the United States when that time comes.
Every great power in history was brought to its knees, and ultimately destroyed, by its own internal, unchecked, and uncorrected corruption. It is extraordinarilly unlikely that the United States will be any different, or somehow immune to this kind of historical tide, and with every such expose it becomes ever more clear that we in the United States have nearly reached that threshhold already.
I mean, hell, the upper crust just got done pilfering the life savings and retirement of the entire middle class, and yet no signficant reform or change has taken place, and the very people so affected can't be bothered to protest or be caught dead carrying a plackard in a public place demanding change, much less actually get involved in the political process and work for peaceful change. Unless this changes, and soon, this trend will not be corrected until it is far too late.
This despicable behavior with regards to Microsoft is appalling and extreme, but it is only a symptom of a much greater, more fundamental, and much more deeply entrenched malaise that affects our entire political culture, and likely spells the beginning of the end of American society as we know it.
It isn't going to be any foreign enemy, or "terrorists" who bring down our country, it is going to be our own inaction in the face of ever wider, ever more flagrant, and ever more destructive corruption. It saddens me greatly to have lived to see such a day.
The Future of Human Evolution: Autonomy
Its sometimes very difficult to fathom just how big the United States is, and how many different people live here. And its also hard to fathom that the general population of /. sits in a much higher caste than the average American. Its real easy for us to sit in an ivory tower and deride the rich, attack big companies, belittle the technology have-nots and laugh at the unintelligent. We all have 401(k) accounts, and we feel the sting of losing a couple of thousand dollars in the stock market because of some greedy CEO. And its real easy for us to extend that to the entire country, and assume that becuase the dot-com bubble burst, and the economy isn't doing as well as it used to, and your average HTML writer can't go out and get $100,000 that our country is doomed to failure.
The problem with that thinking is that there are lots more people out there without 401(k) accounts, and that didn't lose a single penny in the stock market, because they don't have any money to invest. They don't care about Microsoft, and they don't care about Enron, because neither of those companies have anything to do with them working two shifts and feeding their kids, or harvesting their crops. They're not calling for reform, because they haven't been wronged. What you call apathy is what they call ignoring things that are not important.
As for the downfall of American society - The downturn of an economy, and the corruption of CEOs and the back scratching of companies - these are not new concepts in US history. There is nothing new under the sun - just new generations, and new scams. Far greater evils have beset corporate America in the past 226 years, and if nothing else, the country has shown a tendancy for survival.
But when you've got your food on the table,and your surround sound stereo with the Simpsons Season 2 DVD playing at full blast, its nice to look out and have something to rally against. Because it is my belief that human beings are always at feeling their best when they are on the defensive - something hard wired into our instincts, I guess.
In this case, Microsoft was unethical and sneaky. And its good to cast a watchful eye toward the corporations lest they wrong us. But to rant and rave and call this the end of American society - well... if you were wronged then please do all you can to reform the system. But don't play the victim and blame all of society's ills on the lack of interest of the American public - its quite possible that they have more important things to worry about.
Do you have Linux and a DotPal? Click here now!
Arbogast's integrity, or even that of Microsoft as a whole, is irrelevant. Despite the high feelings of a lot of the posters in this topic, the problem with Passport isn't that we can't trust Microsoft: the problem with Passport is the scheme itself. Nobody should be trusted with that kind of personal data in a central repository, and nobody should ever be able to suck that kind of data out of a repository (central or not) without the active participation of the user. Automatic authentication and personal data mining is in and of itself a bad thing: one breach, one moment of carelessness by any party to any of the transactions and you're hosed. The very idea is the antithesis of security and privacy, and the only thing that having a person of integrity in that position can do is make it worse by lulling some people into trusting it.