Slashdot Mirror
MS Settles With FTC Over Passport Privacy Complaints
There will be a number of stories out shortly (here's an early one) noting that Microsoft has settled with the FTC over privacy complaints relating to Microsoft Passport. Short summary: Microsoft made lots of false representations about the security of Passport, and collected more information than it disclosed in its privacy policy, and now must be penalized in the usual Microsoft fashion - they must promise not to do it again. The FTC's settlement page has the complaint and settlement documents. We've covered this extensively - All Your Bits Are Belong to Us, EPIC's complaints about the integration of Windows XP and Passport, Microsoft Defends Passport, EPIC pushing state attorneys general to act against Passport, etc. In fact EPIC has an entire page devoted to Passport. The FTC settlement requires two main things: that Microsoft adopt basic security practices (what were they doing before?), and that Microsoft be audited by a third-party to assure compliance - perhaps it will be TrustE, since Passport's privacy policy remains approved by TrustE.
I once thought as you did. I thought that getting into the politics of the situation would fix everything. The problem is that you have to be filthy rich to get not only into politics, but to get anything done in politics. Change is brought about historically by bloody revolutions by the poor or peaceful voting by the rich. Since the rich are rolling in it right now, I don't see that changing. And since you would be murdered if you were to raise a single finger in the name of revolution. You might as well do what I do... let it happen. If you really don't want to live with it. Kill yourself. I'm not trying to flame, seriously. If you have any control in of any aspect of your existance, it's when you die(given you choose to take your own life). The reason those in power are, is because the tides of life put them there. Millions of people strive to be in positions of power, however only a fraction of them get there. There is no coincidence. Just give up. You'll live a much happier life.
We need something basicly Win32 compatible, with NT driver support and alternative standard apis/apps such as mozilla, quicktime, opengl etc
I also think it should be commercial, and heavily funded. This is the only way of turning the windows monopoly into the windows STANDARD.
IBM?
Read the news. The Federal Government just made doing what the CEOs of Enron et al did a federal offense, meaning real jail time.
1 101020805-332031,00.html
I do read the news, and the measures which have been taken are laughable and incomplete. Ralph Nader, the guy who finally got the automotive industry to belatedly incorporate basic safety designs into automobiles in the United States decades after they knew better, and chose not to for financial reasons, offers a detailed analysis of just how widely Congress dodged the entire issue, and how profoundly superficial and ineffective the law you cite really is.
In short, its a superficial measure designed to smooth the ruffled feathers of those few who dare, or rather bother, to speak aloud their outrage.
http://www.time.com/time/magazine/article/0,9171,
You'll have to forgive us if we slack off a bit; after outlasting communism and dealing with a world that alternatly hates us and wants us to be their best friend, we as a counry have earned a little corruption and selfishness.
Or, to put your argument in a more individual light:
"You'll have to forgive me if I slack off a bit; after outlasting my competing coworkers and dealing with an office that alternately hates me and wants to be my best friend, I as a person have earned a little cancer and self-destructiveness."
Corruption isn't some self-indulgence you earn as a result of hard work, it is a cancerous, destructive force that tears a society apart and undermines basic, civil society and the social contract that holds it together, so unless you are arguing that America has earned the destruction it is bringing down upon itself, your argument falls to pieces.
As for the notion of 'needing something to fight against' as a justification for injustice or corruption, so that the next generation has something to occupy their time, I think the absurdity of your words stand upon their own. Indeed, your rhetoric is a perfect example of the kind of conditioning our culture has been subjected to for the last several decades which has resulted in the apathy and submissiveness of our populace which is allowing these sorts of destructive behavior to flourish, virtually unapposed.
The Future of Human Evolution: Autonomy
While I'm at it, I'm going to use some information that they used at their site in a slightly different order:
- First, the FTC said that [Microsoft] failed to implement and document procedures to prevent, detect, monitor or document unauthorized access.
-
Hence, [Microsoft knows] of no instance where a Passport user's information has ever been compromised, in hindsight we wish we had held ourselves to an even higher bar.
Now whack me on the back of the head with a two-by-four if I'm wrong, but given that they had been lax in monitoring for security violations, is it any shock that they don't know that we^w someone violated them seven ways from tuesday?Sometimes boldness is in fashion. Sometimes only the brave will be bold.
FTC
Office of the Secretary
600 Pennsylvania Ave., N.W.
Washington, D.C. 20580
RE: Microsoft Passport Settlement
To Whom It May Concern:
I am writing to inform you of my disappointment with the recent Microsoft Passport Settlement.
This settlement charged Microsoft with false representation on several parts, but my concern deals with the fact that the settlement lacks a penalty. Instead, it includes:
(I) ... shall not misrepresent in any manner ... its information practices ...
a. They should have been following this from the beginning, not waiting until after they get caught.
b. They should not have to sign an agreement to obey the law.
c. This is basically saying "Don't do it again."
(II) ... establish and maintain a comprehensive information security program ...
a. They must have had such a program, or one very similar, already in place if there was originally any security at all.
(III) ... obtain ... an assessment and report from a ... third-party professional ...
a. It should be further stated that the third party must not have done work with Microsoft prior to, during, or in between these assessments other than this specific series of assessments, thereby avoiding any potential bias in the assessments.
b. Furthermore, it should be added that the third party must not receive any payment, gift, or benefit from Microsoft other than the exact dollar amount, which should be stated clearly in the agreement, for payment of the assessment, which cannot be raised or lowered without the FTC's approval. This measure is necessary to assure that there will be no form of bribery or additional compensation between Microsoft and the third party.
(IV) ... upon request make available to the Federal Trade Commision ...
a. I currently have no complaints on this section.
(V) ... deliver a copy of this order to all current and future ...
a. I currently have no complaints on this section.
(VI) ... notify the commission ... of any change in the corporation ...
a. I currently have no complaints on this section.
(VII) ... file ... a report ... setting forth ... the manner and form in which they have complied with this order.
a. I currently have no complaints on this section.
(VIII) This order will terminate 20 years ...
a. I currently have no complaints on this section.
The measures set forth in this agreement are essentially those that prohibit the reoccurrence of such a violation that inspired this very agreement. Nowhere in the agreement is there any penalty for violation of a federal law, such a fine or prison term. If a fine is pursued, then it should be a set amount, relative to the gross profits of the company, so that future violations by any company, regardless of the size or nature of the company, could be treated similarly and on similar terms and without bias or discrimination.
Thank you for taking the time to give serious consideration to the issues I have presented. I hope that justice will prevail.
Signed,
[hand signed here]
--
TodayTM BillyJoelTM GoogleTMd for StitchTMes due to WindowsTM while RollerbladeTMing with an AppleTM and a PopsicleTM
It is definitely out of control and should be dismantled.
Microsoft is part of the legacy of the 80's mentality which is "looking out for #1." This translates to "increasing the bottom line at any cost." This makes them reckless and dangerous. Damage has already been done, is being done and will continue to be done until they are halted.
They cannot be taken for their word as they have shown to be very deceptive already and continue to be so.
If testimony under oath was true, that if revealed, the vulnerabilities of MS Windows could represent a threat to national security, then MS should be abandoned by all national and state government systems as soon as possible. It's not "if" these vulnerabilities are found, it's "when" and the code to exploit such vulnerabilities can be developed anywhere on the planet.
I think the value of money pales in the face of national security and privacy concerns. The economy is already in trouble and we're not going to save ourselves by keeping predatory corporations afloat long enough to destroy themselves abruptly as other large companies have already done. An orderly shutdown is a much better approach.
Bill Gates and all those in control of Microsoft should resign.