Slashdot Mirror
Planning the Future of Privacy at Microsoft
Tony writes "Peter Cullen, Microsoft's chief privacy strategist, found himself in the front line in the wake of the software giant's recent antipiracy controversy. He talks about his role at the company, and what's in store for the future." From the interview: "Cullen, Microsoft's chief privacy strategist, has been very involved with the issue and readily admits that the software maker dropped the ball on WGA Notifications. The flap puts him on the front line, rather than his usual role behind the scenes. For the most part, Cullen, who joined Microsoft three years ago from the Royal Bank of Canada in Toronto, is happy with his role at the software giant. He works on things such as guidelines for developers and privacy policies."
Comment removed based on user account deletion
Remember when SGI was a Unix company and a leader in 64-bit computing with their high end MIPS chips and then they switched to become a Wintel reseller and drop their chips and started selling Windows and practically stopped devloping their Unix? Well, if you look at who made that decision (Belluzzo), Microsoft hired the guy and made him a company president
Remember when HP was a Unix company and a leader in 64-bit computing with their high end PA-Risk chips and then they switched to become a Wintel reseller and drop their chips and started selling Windows and practically stopped devloping their Unix? Well Microsoft hired that guy and made him a company President too (oh yeah, it was the same guy).
This is what I expected to happen long ago, and posted on Groklaw (as an AC, of course) -- I bet Darl and friends get executive positions at Microsoft or a Microsoft backed company as rewards for their service too.
"..but in actual fact, it is about the security and privacy of the users. Some research that we've done finds that the incidence of malware (malicious software) is a lot higher on pirated software, so we really are trying to make sure that users really have the opportunity to protect themselves. " I really hope no one believes this whole its for you own good thing I mean come on its about the oldest pr trick in the world.
TheADDkid.com
I thought I had read Planning the future of piracy at Microsoft..
geek page at KY speaks
Dang, this is the first I've heard of it. I wonder if the Matrix has ever gotten the BSOD.
Royal Bank is particularly incompetent in the IT department, I wonder how Microsoft came to hire somebody from such a famously inept organization. Birds of a feather perhaps?
When all you have is a hammer, every problem starts to look like a thumb.
If Microsoft has someone with that title then it means that they are already compromizing privacy.
They have the finest coders in the world, surely they can spy on users and invade their systems without being caught so easily. Why, they look like amateurs when Zone Alarm finks them off on the first try.
we will end no whine before its time
"But people are going to believe it. They don't know any better and they don't care. Most people just want a computer that works and if they have to sell their soul to get it, they will. Especially if Microsoft says it's "for their protection"."
*Blah!* *Blah!* I'm better than everyone else. *Blah!* *Blah!* Typical slashdot.
I feel so safe now - I'm getting all wet and squishy.
Doesn't dropping the ball usually imply that it was there to be dropped? The total lack of notifications is more like not bringing the ball to the game, intentionally. Oh, we just forgot to inform you that we're Sure, it's for my own good that you're spying on me and my family and reporting everything to big brother.
Cullen, Microsoft's chief privacy strategist, has been very involved with the issue and readily admits that the software maker dropped the ball on WGA Notifications.
When I see stuff like this, I don't know what to think. Come on! A chimp could figure out that someone will eventually discover anything you try to get away with, especially when it involves unauthorized communication with unknown servers. They didn't drop the ball, they tried something stupid and got caught. Fess up.
"You could make an argument that, for the good of the user and even the good of the ecosystem, Automatic Updates should be turned on by default. People should have patched machines. But that would be contrary to our belief about user control; users need to have a choice."
"In other words," continued Peter Cullen, "freedom is the right of all sentient beings."
I know it is a holiday, but is this type of word usage necessary...?
...found himself in the front line in the wake of...
'front line' means just that...front...way out in front...
'wake', in the context seemingly indicated here, means 'behind'...'following'...'trailing'...the activity resulting from some other activity.
At least try "..in the wake of the recent xyz, JimBob finds himself on the front lines of having to deal with..."
It's not like we're going to see, any time soon, Steve Ballmer, or some other sedate Microsoft exec, dancing around the stage, shouting at the top of their lungs
"Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! "
but stranger things have happened.
"It is a greater offense to steal men's labor, than their clothes"
Best of luck, Peter. Welcome to the spotlight!
*** Don't be dull.***
Come on, Microsoft and privacy DO NOT belong in the same sentence. Just like NSA and phone.
"I feel so safe now - I'm getting all wet and squishy."
If I had known it was going to be this easy? I would have done this years ago.
I just love the your ad here placeholder....
The one day this website sees traffic like this and they havent arranged any ads!
I bet the marketing manager will be crying himself to sleep tonight over all of the 'lost' ad dollars..
All your privacy are belong to us!
How are sites slashdotted when nobody reads TFAs?
...a boot, stomping on their customers' rights, forever.
An oh yeah, the vast majority of them will just roll over and take it.
I think a story title, "Planning the future of Piracy at Microsoft" would be far more interesting. Don't we all want to know how many illegal MP3's Ballmer has on his IPOD.
Microsoft's (lack of) privacy controls just needs to suck less than Apple, AT&T, Sony and the NSA -- you'll beat all expectations, and slide in under the constant headlines from the others.
What garbage. Why cant we just jail people who lie like this?
---- Booth was a patriot ----
"...but in actual fact, it is about the security and privacy of the users. Some research that we've done finds that the incidence of malware (malicious software) is a lot higher on pirated software, so we really are trying to make sure that users really have the opportunity to protect themselves."
Riiiiiiight. I'm so sure that Microsoft is trying to help protect all the people that it finds stealing from them. If that was the case, then why force authentication of your software on me? If you were really concerned that my pirated copy of Windows has malware installed, why not use your ineptly disquised spyware to install a scanner and remove your crap, as well as everyone elses, so the users system is clean? Since it's not about the revenue, but about protecting ALL users of your software, legit or not, then you shouldn't have a problem helping thieves clean their pirated install of your crappy software, and making sure that everyone has the current updates. Limiting updates to legit users is ridiculous anyway. How many pirates do you think have a workaround, or at the least, a clandestine WUS server setup for their peers? If it was truly about the privacy and security of the user then they'd actually fix the holes in their code instead of trying to prevent lawsuits with bubblegum and bailing wire fixes.
One of the most gratifying things about Microsoft is that privacy is a core tenet of the company. It's part of the Trustworthy Computing Initiative, which was proclaimed by Bill Gates four-and-a-half years ago.
Yeah TCI is to protect users privacy, not stop piracy and enforce DRM.
US Democracy:The best person for the job (among These pre-selected choices...)
Wasn't RBC one of the big PIPE investors or a front for an investor that bankrolled the SCO v. IBM case? There are already threads from that leading back to MS*. Is this another?
*MS execs "advised" RBC to invest in SCO.
It's not offtopic, dumbass. It's orthogonal.
This is the usual apology after the fact. Americans love this stuff.
/. the more concerned I am it's a big distraction.
Meanwhile plans are afoot for something like WGA. (looks, smells, maybe doesn't quack like wga)
The more minor stories like this get press on
There's no action. Linux on the desktop. Now.
I converted two desktop users last week. How many did you convert?
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Informative? Please read at least some of the comments you're citing before spreading the FUD.
body massage!
Do not provide us with software/OS that phones home unless the user explicitely opts in during setup.
...
And make it so that the user has to specify what information is shared, for example by clicking on a checkbox next to each description of data sent from their PC.
[ ] IP address?
[ ] GUID?
[ ] MAC?
[ ] Email Address?
[ ] CD Info?
[ ] DVD Info?
[ ] List of installed software?
[ ]
Microsoft is for Privacy? Black is white and good is evil. Welcome to 1984.
George Orwell was right about everything except the date and the nature of big brother.
He thought it would be the gummit. Turns out it's the gummit in cahoots with Big Bu$ine$$.
Microsfot is again changing the english language.
they have a guy whose sole job, whose 8-5 is to check up on things like applications phoning home, yet he didn't notice this till recetly? What operating system does he use at home and at his office? Wouldn't an individual in such a position forever have a packet sniffer running, and be running netstat?
Some people say that it doesn't make sense to personify a company and attribute concepts such as 'evil' to it. But I find this diffcult to attribute such lack of sign to simple ignorance.
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
...but in actual fact, it is about the security and privacy of the users. Some research that we've done finds that the incidence of malware (malicious software) is a lot higher on pirated software, so we really are trying to make sure that users really have the opportunity to protect themselves.
That's the most BS comment I've heard in a while. Is he trying to say that MS is really worried about those people that pirate Windows? If so, then what the hell is Windows Genuine Advantage (WGA). The last I heard was that if WGA detects that your copy of Windows is pirated, it locks you out of the MS download center(or something like that).
How is that supposed to work? Company M pays person C to do things company M doesn't like or pays person C to prevent company M doing things it wants to do. It's not going to work, because person C depends on the pay from company M. It's like asking the frogs to dry their own swamp.
Company M owns person C and person C has to put up a dog and pony show for company M. Having a role like chief privacy whatever is a PR stunt, nothing else. I am sure it is well paid.
"Royal Bank of Canada, where do I know that name? Oh right, incompetence and SCO investments a plenty. Microsoft is in good hands, no really!"
It gets even better for the conspiracy nut
||three years ago from the Royal Bank of Canada||
3 years ago?
Which would put that, what, at the beginning of the SCO/Caldera scam^W lawsuit?
RBC, Baystar, Microsoft - thick as thieves.
--
BMO
Peter Cullen, you suck at your job. This is a dumb pr move and you know it. Peter Cullen doesnt care about privacy and until microsoft starts caring... We shall blame Peter Cullen. Peter Cullen sucks at his job. Step up to the plate, Peter Cullen.
microsoft is using your name as damage control, I'm using it until you own up to your horrible doings. Peter Cullen, your name will be assosiated with "liar" until you prove other wise...
Peter Cullen.
10:00am - Alarm goes off, hit snooze a few times.
10:40am - Wake up with a start. Shit! Call the office to let them know that I'm going to be slightly delayed this morning due to an ongoing alien attack. I tell them I'm as keen as hell to be safeguarding users' privacy and all that, but they cut me off at this point and say that I shouldn't worry, take my time getting in, maybe take the day off until the invasion's been repelled? It's really tempting, but there's been too many days like that just lately. I tell them I'll be sure to lock the car doors, keep the windows wound up and take the back routes. "Whatever" they reply...
11:30am - Arrive at the office. Still haven't got a working network socket in my office and no phone either. Last week I tracked down a comms tech and told him about the network socket, he said he had special instructions about my connection and he just hit the wall socket with a big hammer and left. The phone guy saw me approaching and I swear he sprinted into a building and when I tried to follow , my swipecard wouldn't work for that area. How the hell am I supposed to get anything done. Not much point starting anything just yet - it's almost time for lunch.
11:45 - Damn! How was that supposed to be a mine, I mean right there?
12:30 - Lunch. I do hate eating alone, but to date I've attended precisely zero meetings, met my immediate report only once (on the day I arrived) and thus far I haven't met a single other person in the area I work. Every time I step out of my office and wander the halls, all the office doors are closed, usually with a "Do Not Disturb" sign too. There must be a mighty crunch under way.
14:00 - Return to the office. I'm still slightly worried by the lack of direction I'm being given regarding my role and responsibilities. I know MS have some offbeat management practises, so maybe they're creating a situation where I've got to define the role myself. A sort of initiative test, if you will?
15:00 - I've only got a black and white monitor, so how am I supposed to know that I was trying to put a red queen on a black king for half an hour?
15:15 - A guy from maintenance shows up and tells me that my office needs to be treated for cockroaches with some sort of bug-bomb. Apparently it's harmful to humans, so I'm to work from home for the next two weeks while the residues evaporate. Sweet!
16:00 - Home sweet home, and a couple of weeks where I can kick back a little and give some really hard thought about a strategy to safeguard user's privacy. Check the fridge and as usual the two cases of beer have been delivered courtesy of MS. I tell you it's not the easiest company to work for, but the perks are phenomenal! All this booze is ok for me, as my role is agile and flexible, but I sometimes wonder how all the programming dudes manage to stay on track with all this free beer? Pop, fizz, ahhhhh!
16:30 - "What do we mean by *privacy*?" Pop, fizz.
17:15 - "There must be a strategy.." pop, fizz.
19:00 - Damn, I'm tired.
22:00 - My God! The room is spinning, whirling, lurching from side to side! I told you it was a goddam mistake to stand, but would you listen?
22:07 - Bed. Better keep that bucket there again.
I guess this is asymetric privacy we're talking about here.
Microsoft didn't drop any balls. They DESIGNED wga to send info to their server and they made installation of wga MANDATORY if you wanted to download critical security updates. The only thing Microsoft has done is to slightly modify wga and post crap like this 'dropped the ball on privacy' stuff to make themselves sound more warm and cuddly. Microsoft is still installing wga and they can (and will) have it do whatever they need it to do in the near future.
But read the fine print. He didn't say MS is sorry for sniffing around your computers, or spying on you and installing a spy tool on your PC. All he says is that you should've been told that there's gonna be a spyware tool from MS on your machine.
Makes sense. If you knew there is, there would be no grounds for a lawsuit now.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
It's early and I'm not used to being able to see without glasses yet. I thought the blurb read "Peter Cullen, Microsoft's chief privacy strategist, found himself in the front line in the wake of the software giant's recent antiprivacy controversy."
On second thought, maybe "antiprivacy" was more accurate?
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
If I was wary of Microsoft's actions and intentions before, after the WGA Notifications fiasco, I am doubly so now. In fact, I have lost all faith that Microsoft will do anything to protect the privacy of its customers. I am now treating updates from Microsoft as if they were *all* malware! About the only thing I have not done to date is to firewall the entire Microsoft domain, which I still might do, depending on their future actions. It was bad enough to put a privacy/security risk like WGA Notifications on my machine under false pretenses (it was not, and shall never be a critical update), without sufficient warning or permission, but to put an experimental/pre-release version of that software on my machine is inexcusable!
To put it bluntly, Microsoft no longer has my trust! They have become worse than the pirates they are fighting.
To put it even more bluntly: I will not upgrade Microsoft Office, because I do not trust it. I will not upgrade Internet Explorer to version 7, because I do not trust it. I will not upgrade to Vista because I do not trust it. If this later decision means I can't play the latest and greatest video games, then so be it.
I also refuse to change the way I work because of this, however. A lot of what I do is not handled by Linux to my satisfaction, so I need Windows. That means I will continue to run Windows 2000 or Windows XP, but in a virtual machine in Linux, cut off from the internet. That should protect me from the malware writers -- including the ones at Microsoft!
Microsoft needs to learn that a company's most valuable asset is the goodwill of its customers. Well, they just lost mine.
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
> Especially if Microsoft says it's "for their protection".
http://en.wikipedia.org/wiki/Protection_racket
Microsfot is again trying to change the english language.
The above correction is small. Their intent is the same but it won't work.
Most people never will buy into their definition of malice. Despite all sorts of effort, users refuse to see their freedoms as "communist" or a "cancer". Very few people see copyright violation as the moral equivalent of "piracy", which is deception, theft and murder on the high seas. While individual software packages may be malicious, Microsoft is going to have hard time convincing people that using them on more than one system at a time or sharing with a friend are the real problems when the Kill Switch is invoked. People know what they wan their computers to do. Microsoft can spend billions more, but they can't change people's basic motivations.
Friends don't help friends install M$ junk.
so much so that no one ever sees it.
Power to the Penguin!
"1) This is the major problem. People don't think it's worth it to spend twice as much for a Mac. This is the only problem that has ever existed with Macs. "
Presistent little buggers, aren't you? If you can't slay them with the first meme, then bring out the "Mac's are too expensive" meme.
i couldn't resist...
"A: The dilemmas -- think of Windows Automatic Updates, as one. You could make an argument that, for the good of the user and even the good of the ecosystem, Automatic Updates should be turned on by default. People should have patched machines. But that would be contrary to our belief about user control; users need to have a choice."
Fine - yesss - lots of folks want it automatic - they wouldn't know enough to evaluate what they are being offered and they DO need to be protected (and continually encouraged to update anti-virus and use a firewall).
However, there are a significant number of us who DO know something and take the time and effort to dig through your updates to be informed. These are your best friends. They help you correct what your staff has missed.
So it is no dilemma. It is a duality. One which Microsoft should value highly. Providing extensive information and being open to useful feedback may have a cost - but it certainly has value.
Lost in space at an early age. Survived the vacuum. Now rebuilding castle in air.
WGN is like being frisked every time you leave the store. Once Microsoft does this then every single software vendor will do it. Expect to see 15-30 different notification programs running on your computer checking back with their servers.
If I was frisked yesterday and found to be legit and frisked two weeks ago and found to be legit, why do I need to be frisked again? My system doesn't change that much daily, weekly, or monthly. This is a given, it is no brainer. It doesn't take a rocket scientist to understand this. 90% of us have legit licenses. 100% of us will be frisked even though 90% of us have already proven our reputation.
Bill Gates and Paul Allen stole computer time from Harvard to write an emulator for the processor used in the MITS Altair computer. Then they stole more time to write the basic programming language for the processor. They then licensed it to MITS and used that to fund the growth of Microsoft. Bill Gates openly wrote a nasty letter to the computer club accusing them of stealing their software. Bill Gates flaunted his willingess to violate the laws by speeding, and getting caught so many times he was hauled in and arrested.
When I was found legit yesterday, last week, two weeks ago, etc., there's no reason to believe that I am not going to remain legit. Any attempt to monitor me is an invasion of my privacy at that point. Any continued monitoring is an accusation that I will give my code to others to use and hence am aiding them in their theft, thus making me a theif.
Bottom line, this form of monitoring is akin to calling me a thief even though I have been proven to not be a thief. To put this software on my computers when I do not wish it is bad. To monitor me without my consent is bad. To do is is to become a malware program.
A decade ago we told Microsoft and the others that we did NOT want this stuff on our computers. If anything they are certainly persistent.
Vista has this built into it. But XP is allegedly going out and Vista coming in. Why so much effort in protecting XP when it is allegedly to die in a couple of years? The reason is that Vista is XP with a different interface and heirarchy. Underlying it is the same OS as XP with that change and some security that prompts you upon every change to your system. Oddly enough this is how Linux and OSX do it. Because they are basically the same OS there's really NO need to update to Vista.
Off topic: if you look at the trash can in Vista you'll note that the icon is taken almost directly from the linux community. Pretty sad.
You can lead a man with reason but you can't make him think.
With technology readily available that lets anyone have their own private Echelon, and adware and spyware companies ruling the industry (I had an undetectable adware product on my system for five years for example), isn't the idea that a major player with a major product existing without its own spyware tools on your computer completely outdated? (along with any kind of personal privacy outside, in the bedroom, or your brain)
What, exactly, about "you ain't got none" requires planning?
Fortunately for us all, Microsoft knows that users need to be protected against the consequences that might arise if their legitimately-purchased copies of Windows mysteriously changed, overnight, into illegal "pirate" copies. This could happen at any moment, which is why WGA needs to give your PC a thorough checkout every time you download a Microsoft patch - which, at the rate things are going, could soon be every day.
Perhaps, a century after the Curies' groundbreaking work in physics, the big brains at Redmond have discovered the process of "software decay", whereby legimimately-purchased software - even if bought bundled with a new PC from one of Microsoft's own business partners such as Dell - spontaneously "decays" and becomes illegitimate. Of course, when that happens the user of the software becomes liable for some eye-watering fines, and possibly a stiff prison sentence; so it is very much in their interest that Microsoft solicitously verifies the software's provenance at every possible opportunity.
It's sort of like a big lottery, only in reverse.
I am sure that there are many other solipsists out there.
Microsoft and privacy go together like Fascists and paeds....
--
http://absolutelynothingunified.blogspot.com/ - beyond the hysteria
"To the future or to the past, to a time when thought is free" ~ Nineteen Eighty-Four
So this means there's a grand conspiracy at the Royal Bank? I doubt it.
The Royal is the largest bank in Canada, tens of thousands of employees (direct and indirect.) The investment division alone has thousands -- if you think there was a memo from upper management to investment managers saying "Screw Linux -- let's help SCO!" you're sadly mistaken.
Investment guys do what investment guys do. They invest in what they think will make money.
It's all about the capital.
Skot Nelson music is my saviour / i was maimed by rock and roll
Except RBC handles a lot of MS money in various investments. So, they might be willing to take a long shot high risk investment if it will keep their biggest customer happy. What's 30 million when you want a bigger piece of your customer's 40 billion?
And it's already been established that RBC invested because of a "tip" from certain MS executives. Have you heard about the Halloween Papers?
It's not offtopic, dumbass. It's orthogonal.