Slashdot Mirror

← Back to Stories (view on slashdot.org)

Planning the Future of Privacy at Microsoft

Posted by ryuzaki0 on from the genuine-disadvantage dept.

Tony writes "Peter Cullen, Microsoft's chief privacy strategist, found himself in the front line in the wake of the software giant's recent antipiracy controversy. He talks about his role at the company, and what's in store for the future." From the interview: "Cullen, Microsoft's chief privacy strategist, has been very involved with the issue and readily admits that the software maker dropped the ball on WGA Notifications. The flap puts him on the front line, rather than his usual role behind the scenes. For the most part, Cullen, who joined Microsoft three years ago from the Royal Bank of Canada in Toronto, is happy with his role at the software giant. He works on things such as guidelines for developers and privacy policies."

28 of 138 comments (clear)

  1. Comment removed by account_deleted · · Score: 4, Interesting

    Comment removed based on user account deletion

  2. Microsoft seems to do this alot by Anonymous Coward · · Score: 5, Interesting
    and by "this" I mean rewarding people who help them kill competitors.

    Remember when SGI was a Unix company and a leader in 64-bit computing with their high end MIPS chips and then they switched to become a Wintel reseller and drop their chips and started selling Windows and practically stopped devloping their Unix? Well, if you look at who made that decision (Belluzzo), Microsoft hired the guy and made him a company president

    Remember when HP was a Unix company and a leader in 64-bit computing with their high end PA-Risk chips and then they switched to become a Wintel reseller and drop their chips and started selling Windows and practically stopped devloping their Unix? Well Microsoft hired that guy and made him a company President too (oh yeah, it was the same guy).

    This is what I expected to happen long ago, and posted on Groklaw (as an AC, of course) -- I bet Darl and friends get executive positions at Microsoft or a Microsoft backed company as rewards for their service too.

    1. Re:Microsoft seems to do this alot by Anonymous Coward · · Score: 4, Interesting

      More speculation of MSFT hiring people who betray other companies for rewards here and here and here

  3. Planning.. by doubtless · · Score: 5, Funny

    I thought I had read Planning the future of piracy at Microsoft..

    --
    geek page at KY speaks
  4. Re:its for you own good thing by bcat24 · · Score: 4, Insightful

    But people are going to believe it. They don't know any better and they don't care. Most people just want a computer that works and if they have to sell their soul to get it, they will. Especially if Microsoft says it's "for their protection".

  5. new policy: "don't get caught so easily" by EllynGeek · · Score: 5, Funny

    They have the finest coders in the world, surely they can spy on users and invade their systems without being caught so easily. Why, they look like amateurs when Zone Alarm finks them off on the first try.

    --

    we will end no whine before its time

  6. Off topic, but... by sillysnipes · · Score: 5, Interesting
    Windows Error Reporting, for example, has privacy built into it. When there is a problem with the system we want to know about that, because it is perhaps the only way that we can fix it. But we also understand that you need to have the choice about whether the information is sent. So, before it gets sent, you have to affirmatively say "please send".

    ...I hate that "Send/Don't Send" screen with a passion. Why not just tell us the error message instead so we can try and fix it?

    1. Re:Off topic, but... by Anonymous Coward · · Score: 5, Insightful

      ... because you can't fix it. It's closed source, remember?

    2. Re:Off topic, but... by Phraghg · · Score: 5, Funny

      Because getting a detailed error report for most users is scarier than the fact that an error occured at all. Hence the spinning beachball of doom on Mac OSX :).

    3. Re:Off topic, but... by Nkwe · · Score: 4, Informative
      Why not just tell us the error message instead so we can try and fix it?

      If you have memory dumps turned on (My Computer, Properties, Advanced, Startup and Recovery Settings, Write debugging information, Small Memory Dump (or better)), you do get to see the error message. That error message is embedded in the created dump file. In order to see what process or driver faulted the system (the error message), you take that dump file and run it through WinDbg. WinDbg is part of the "Debugging Tools for Windows" package, a free download from Microsoft.

      When you say "Send it" to Microsoft, what happens is that the equivalent of a small dump file is sent to Microsoft for automated analysis. WinDbg uses basically the same analysis engine. Assuming whatever crashed your system didn't totally corrupt memory and your stack, WinDbg will tell you what process, processor, and what thread caused the fault. It will also take a good stab at what module (dll, sys file, etc.) was responsible for the fault. If you have enough symbolic information available you may even get a function or stack frame name that is of use.

      Mark Russinovich has a book Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000 that has useful information about all this.

  7. Privacy at Microsoft by rolyatknarf · · Score: 4, Funny

    I feel so safe now - I'm getting all wet and squishy.

  8. Ah, the humility by symbolic · · Score: 4, Insightful

    Cullen, Microsoft's chief privacy strategist, has been very involved with the issue and readily admits that the software maker dropped the ball on WGA Notifications.

    When I see stuff like this, I don't know what to think. Come on! A chimp could figure out that someone will eventually discover anything you try to get away with, especially when it involves unauthorized communication with unknown servers. They didn't drop the ball, they tried something stupid and got caught. Fess up.

    1. Re:Ah, the humility by sm62704 · · Score: 4, Insightful

      They didn't drop the ball, they tried something stupid and got caught. Fess up.

      Is it only me, or does anybody else see a paralell between this gaffe and Sony's rootkit?

      It's not Linux. It isn't your computer. When you buy a computer with Windows on it, or install Windows on your machine, it isn't your computer any more. It belongs to Microsoft.

      How do we know they didn't make a deal with the DOJ to open a few backdoors? Do you know what's in Microsoft's code? I don't.

      Do you trust a company who has been known for evil business practices for twenty years? I don't.

      Microsoft doesn't need a rootkit. That's the only real difference between MS and Sony.

      --
      mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
  9. Why is it by Alien54 · · Score: 4, Funny
    that the discussion of priovacy and Microsoft in the paracgh, never mind the same sentce, strikes me as some sort of oxymoron?

    It's not like we're going to see, any time soon, Steve Ballmer, or some other sedate Microsoft exec, dancing around the stage, shouting at the top of their lungs

    "Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! Privacy! "

    but stranger things have happened.

    --
    "It is a greater offense to steal men's labor, than their clothes"
  10. Privacy... Microsoft? Hah. by Rendo · · Score: 3, Funny

    Come on, Microsoft and privacy DO NOT belong in the same sentence. Just like NSA and phone.

    1. Re:Privacy... Microsoft? Hah. by Xuranova · · Score: 3, Funny

      NSA and phone do belong in the same sentence. They are synomous with each other. MS and privacy are not. I give you a C+ for effort though. :)

      --
      "There is no real right or wrong, just what the majority accepts at the time."
  11. Planning the future of Piracy at Microsoft by Proudrooster · · Score: 4, Funny

    I think a story title, "Planning the future of Piracy at Microsoft" would be far more interesting. Don't we all want to know how many illegal MP3's Ballmer has on his IPOD.

  12. Can we say self serving BS? by ciellarg · · Score: 4, Insightful
    It's important to go back to the fundamental goal of Windows Genuine Advantage and the risk of pirated software. A lot of people believe that it might be about the revenue... ...but in actual fact, it is about the security and privacy of the users. Some research that we've done finds that the incidence of malware (malicious software) is a lot higher on pirated software, so we really are trying to make sure that users really have the opportunity to protect themselves.
    So... WGA is malware designed to help people with pirated software protect themselves? Microsoft doesn't care about the revenue?
  13. Sure it is... by Anonymous Coward · · Score: 3, Insightful

    "...but in actual fact, it is about the security and privacy of the users. Some research that we've done finds that the incidence of malware (malicious software) is a lot higher on pirated software, so we really are trying to make sure that users really have the opportunity to protect themselves."

    Riiiiiiight. I'm so sure that Microsoft is trying to help protect all the people that it finds stealing from them. If that was the case, then why force authentication of your software on me? If you were really concerned that my pirated copy of Windows has malware installed, why not use your ineptly disquised spyware to install a scanner and remove your crap, as well as everyone elses, so the users system is clean? Since it's not about the revenue, but about protecting ALL users of your software, legit or not, then you shouldn't have a problem helping thieves clean their pirated install of your crappy software, and making sure that everyone has the current updates. Limiting updates to legit users is ridiculous anyway. How many pirates do you think have a workaround, or at the least, a clandestine WUS server setup for their peers? If it was truly about the privacy and security of the user then they'd actually fix the holes in their code instead of trying to prevent lawsuits with bubblegum and bailing wire fixes.

  14. Re:Put some elbow into it! by Ohreally_factor · · Score: 4, Interesting

    Wasn't RBC one of the big PIPE investors or a front for an investor that bankrolled the SCO v. IBM case? There are already threads from that leading back to MS*. Is this another?

    *MS execs "advised" RBC to invest in SCO.

    --
    It's not offtopic, dumbass. It's orthogonal.
  15. RBC != SCO investor by gravyface · · Score: 3, Informative

    Informative? Please read at least some of the comments you're citing before spreading the FUD.

    --
    body massage!
  16. Stop phoning home for starters by StreamCipher · · Score: 3, Insightful

    Do not provide us with software/OS that phones home unless the user explicitely opts in during setup.

    And make it so that the user has to specify what information is shared, for example by clicking on a checkbox next to each description of data sent from their PC.

    [ ] IP address?
    [ ] GUID?
    [ ] MAC?
    [ ] Email Address?
    [ ] CD Info?
    [ ] DVD Info?
    [ ] List of installed software?
    [ ] ...

  17. Malicious Software = Pirated Software by thunderpaws · · Score: 4, Insightful

    Microsfot is again changing the english language.

  18. Here's what I don't get . . . by pembo13 · · Score: 4, Insightful

    they have a guy whose sole job, whose 8-5 is to check up on things like applications phoning home, yet he didn't notice this till recetly? What operating system does he use at home and at his office? Wouldn't an individual in such a position forever have a packet sniffer running, and be running netstat?

    Some people say that it doesn't make sense to personify a company and attribute concepts such as 'evil' to it. But I find this diffcult to attribute such lack of sign to simple ignorance.

    --
    "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
  19. Re:its for you own good thing by killjoe · · Score: 4, Insightful

    "Most people just want a computer that works and if they have to sell their soul to get it, they will."

    This is the most often repeated meme on slashdot and it could not be more wrong. If what you say is true then Apple would be ruling the world today not MS. Every year for the last three decades apple products have been better at "just working" then MS products. They have always been easier, they have always been more cohesive. So why is MS ruling supreme and not the mac?

    1) People want their computers cheap as possible.
    2) People want their computers to run the same software they use at work so they can take work home.
    3) People want their computers to be able to worked on by the neigbors kid or the guy across the street.
    4) People want to be able their computers on impulse at the local best buy.
    5) People want their computers to run the games they like.

    That's it. "just works" doesn't come in to it. It never has, it never will. People do and have put up with crappy, unstable, unsecure, crash happy MS operating systems for years because of the five factors I have listed.

    Time to put that meme to bed.

    --
    evil is as evil does
  20. Oops. Our bad. Sorry. by Opportunist · · Score: 3, Insightful

    But read the fine print. He didn't say MS is sorry for sniffing around your computers, or spying on you and installing a spy tool on your PC. All he says is that you should've been told that there's gonna be a spyware tool from MS on your machine.

    Makes sense. If you knew there is, there would be no grounds for a lawsuit now.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  21. Untrusted Computing by Prototerm · · Score: 3, Insightful

    If I was wary of Microsoft's actions and intentions before, after the WGA Notifications fiasco, I am doubly so now. In fact, I have lost all faith that Microsoft will do anything to protect the privacy of its customers. I am now treating updates from Microsoft as if they were *all* malware! About the only thing I have not done to date is to firewall the entire Microsoft domain, which I still might do, depending on their future actions. It was bad enough to put a privacy/security risk like WGA Notifications on my machine under false pretenses (it was not, and shall never be a critical update), without sufficient warning or permission, but to put an experimental/pre-release version of that software on my machine is inexcusable!

    To put it bluntly, Microsoft no longer has my trust! They have become worse than the pirates they are fighting.

    To put it even more bluntly: I will not upgrade Microsoft Office, because I do not trust it. I will not upgrade Internet Explorer to version 7, because I do not trust it. I will not upgrade to Vista because I do not trust it. If this later decision means I can't play the latest and greatest video games, then so be it.

    I also refuse to change the way I work because of this, however. A lot of what I do is not handled by Linux to my satisfaction, so I need Windows. That means I will continue to run Windows 2000 or Windows XP, but in a virtual machine in Linux, cut off from the internet. That should protect me from the malware writers -- including the ones at Microsoft!

    Microsoft needs to learn that a company's most valuable asset is the goodwill of its customers. Well, they just lost mine.

    --
    "My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
  22. WGN Frisks Users by HermMunster · · Score: 3, Insightful

    WGN is like being frisked every time you leave the store. Once Microsoft does this then every single software vendor will do it. Expect to see 15-30 different notification programs running on your computer checking back with their servers.

    If I was frisked yesterday and found to be legit and frisked two weeks ago and found to be legit, why do I need to be frisked again? My system doesn't change that much daily, weekly, or monthly. This is a given, it is no brainer. It doesn't take a rocket scientist to understand this. 90% of us have legit licenses. 100% of us will be frisked even though 90% of us have already proven our reputation.

    Bill Gates and Paul Allen stole computer time from Harvard to write an emulator for the processor used in the MITS Altair computer. Then they stole more time to write the basic programming language for the processor. They then licensed it to MITS and used that to fund the growth of Microsoft. Bill Gates openly wrote a nasty letter to the computer club accusing them of stealing their software. Bill Gates flaunted his willingess to violate the laws by speeding, and getting caught so many times he was hauled in and arrested.

    When I was found legit yesterday, last week, two weeks ago, etc., there's no reason to believe that I am not going to remain legit. Any attempt to monitor me is an invasion of my privacy at that point. Any continued monitoring is an accusation that I will give my code to others to use and hence am aiding them in their theft, thus making me a theif.

    Bottom line, this form of monitoring is akin to calling me a thief even though I have been proven to not be a thief. To put this software on my computers when I do not wish it is bad. To monitor me without my consent is bad. To do is is to become a malware program.

    A decade ago we told Microsoft and the others that we did NOT want this stuff on our computers. If anything they are certainly persistent.

    Vista has this built into it. But XP is allegedly going out and Vista coming in. Why so much effort in protecting XP when it is allegedly to die in a couple of years? The reason is that Vista is XP with a different interface and heirarchy. Underlying it is the same OS as XP with that change and some security that prompts you upon every change to your system. Oddly enough this is how Linux and OSX do it. Because they are basically the same OS there's really NO need to update to Vista.

    Off topic: if you look at the trash can in Vista you'll note that the icon is taken almost directly from the linux community. Pretty sad.

    --
    You can lead a man with reason but you can't make him think.