Slashdot Mirror
Microsoft Blasts Google For False Claims In Court Documents
recoiledsnake writes "Microsoft writes in a blog post that Google knowingly lied to the court while suing the US government over its consideration of only Microsoft implementations. We previously discussed Google winning an injunction against the Department of the Interior over this. According to Microsoft Deputy General Counsel David Howard, 'Google filed a motion for a preliminary injunction telling the court three times in a single document that Google Apps for Government is certified under FISMA. Google has repeated this statement in many other places as well. Indeed, for several months and as recently as this morning, Google's website states, "Google Apps for Government – now with FISMA certification." ... So imagine my surprise on Friday afternoon when, after some delay, some of the court papers were unsealed, at least in part. There for all to see was a statement by the Department of Justice contradicting Google on one of its basic FISMA claims.' Howard goes on to quote the DoJ brief (PDF), which says, '... it appears that Google's Google Apps for Government does not have FISMA certification.'"
I think the title says it all. What's the old phrase? "If you can't blind them with science, then baffle them with bullshit."
goatse warning.
In Liberty, Rene
Don't click.
This space for rent.
Link is goatse
"However, the government is a customer too and is free to choose a product that happens to be in the unique position of having competitors who think their products are better."
The government isn't free to choose. Government have to follow strict regulations in purchasing to insure it gets the best value for money, doesn't show any favoritism and prevent corruption. One can debate the effectiveness of the regulations, but they are there for a reason.
Google does this, it's "Nothing to see here, you shouldn't be surprised, move on, move on"
Microsoft does this, "omg .. did you see what they did! remember this day, and USE IT IN COMMENTS FOR THE NEXT SEVEN YEARS"
Link is goat se
You're a fucking douchbag.
Yes, and Google's App Platform for Government wasn't FISMA certified and thus wasn't qualified to be bought. Then Google sues and lies about having that certification. I'm seeing no reason why Google's lawsuit should be entertained at all. Especially since if this were Microsoft doing exactly what Google is doing the S
Sort of.
The government is a customer, but it's not any customer. It has a legal obligation to pay the least amount of money for whatever solution they need, and therefor there are only three possible reasons a department should choose Company A over Company B: 1) Company B's product does not meet the requirements; 2) Company B's product would cost more than Company A's; 3) Company B has previously operated in bad faith or incompetently with the government, meaning that even though theirs was the cheapest and technically meets the requirements, there is good and documented reason to go with another provider.
In that sense, "criticiz[ing] that software and tout[ing] their own" is actually a necessary step of the process. Either Google's offering was more expensive and they want to argue that Microsoft's does not properly meet the requirements, or (probably more likely) Google's was cheaper and they're trying to show that they do. If Microsoft's doesn't, that's fine too -- it's another path to the same victory.
While I don't doubt that this story is worth mentioning if Google didn't have the certification and claimed it did, is it worth mentioning yet?
While this may be what happened, even the author is vague about it. This seems like a Glenn Beck style story of "I'm not absolutely sure, but I heard "
That is the most accurate comment yet
I don't think Google actually responded with a goatse.
GSA certified and accredited Google Apps (FISMA certification)
GSA is the lead agency for acquisition for the US Govt
GSA met several the NIST standards at the moderate level
DOI claims that the GSA certification doesn't meet their specific standards and they have to have a govt only cloud in the continental US.
DOI security has been the laughingstock of the US govt for as long as I can remember*
DOI disconnected from the internet by a federal judge for complete failure in IT security
Reading the summary makes gave me the imrpession that microsoft really has decleared open season on Google internally. As MS can't compete by product quality, they do what they do best: Spin, FUD and judicial assault.
Legalese. The court makes findings of fact. The lawyers make claims about what they believe the facts to be, and supply evidence to support their claims.
To a lawyer, "it appears that Google lacks FISMA certification." In a court's findings, they will uphold or deny this claim, based on the evidence presented. If they find that Google does not have that certification, and that claim of certification is a key component of Google's case, their entire case could well be thrown out.
Taken from the pdf
According to the GSA,
Googles Google Apps Premier received FISMA certification on July 21, 2010. However,
Google intends to offer Google Apps for Government as a more restrictive version of its product
and, Google is currently in the process of finishing its application for FISMA certification for its
Google Apps for Government.
So the original was certified, but the repackaged version for the government was not.
Government agencies are required to place most purchases out for bid (and this is one that must be placed out for bid). What would you think of a government agency that put its need for vehicles out to bid in the following manner, "We are requesting competitive bids to replace our fleet of vehicles. All vendors are encouraged to submit bids. We are looking for 10,000 vehicles. Here are the specifications: GMC Yukon."
Except of course that it is worse than that. They put out a list of specifications that included things that MS Office does not have (FISMA certification). Now while according to this article Google Apps for Government does not yet have FISMA certification, Google Apps Premier (upon which Google Apps for Government is based) does. On the other hand, according to earlier postings here, no version of MS Office has FISMA certification. If this latter is not true, then Google's lawsuit is dumb. If on the other hand, it is true, then Google has a valid point.
On the other hand, Google appears much more savvy at greasing the wheels of government than Microsoft was at a similar stage of corporate development, which is cause for concern.
The truth is that all men having power ought to be mistrusted. James Madison
If you read the brief, it's actually not quite as simple as Google "does not have FISMA certification." FISMA certification is per-agency, and Google *has* FISMA certification for GSA. Google *does not* have FISMA certification for any other agency. Each agency makes its own determination. It also appears that FISMA is a minimum for information security, so agencies can require more than FISMA if they want to. (Refer to brief pages 37-39 for the details on FISMA.)
here
you fucker
you sucker. :)
Being wrong is not the same as lieing. Furthermore, I would imagine it is very difficult to prove someone deliberately lied.
Max.
also. Best value and lowest price are two different things.
I am sick and tired of that crap on /.
can we start banning people who post that hiding it behind a url shortening link like goo.gl?
GSA, the lead government agency for acquisition, certified and accredited Google according to FISMA.
The question is really whether or not GSA can do that (Certify and accredit for the entire US govt), and whether or not any agency can arbitrarily add their own unique security requirements(DOI excluding)
here
you fucker
Why can't people post this instead?
Now there's an unbiased source of news.
This may be true, Google might have lied (on purpose or by accident), but can't we at least come up with a source that isn't so obviously biased?
I hope this truly is anonymous.
You are correct in saying "Government have to follow strict regulations in purchasing to insure it gets the best value for money, doesn't show any favoritism and prevent corruption" but let me precede that by saying that I'm a government employee and that I work in a position that is part of the procurement process.
Here's how it works: You go to company A, who develops an awesome product and one you really wish to purchase. It's more expensive than you'd like, but it's been tested and it works. But, since you need to get the government the best deal it possibly can you also need to get competing quotes against said product. The easiest way to get around that liability is to simply "game" the system. You go to vendor B & C (which produce vastly inferior products, or products that are similar but flat out won't work for whatever reason) and ask for comparable quotes. You *know* vendor B's products are 10x the markup on vendor A's, so immediately they don't have a shot. Vendor B's prices are actually MUCH cheaper, but you know they make a killing on their vendor supported contracts, which are 3x as expensive as vendor A's contracts. So you include contract support in both quotes and suddenly vendor A is tens-of-thousands of dollars less.
It happens _all_ the time. Better yet, you can simply request a form letter that allows you to bypass any competitive bidding completely and just purchase from the vendor as single-source.
Does it happen because we're getting our palms greased with easy money and kickbacks? Not at all, we're not politicians. It happens because of the bureaucratic process we're all required to go through just to get the items we need. Would you buy a house built by the lowest bidder? Sure it'll meet the basic requirements (shelter, protection, stability) but it's built out of asbestos and the floor is made of tar & straw. Or, would you look around and find something that *works*, fits your needs and is competitive to the price you're willing to pay without feeling like you've just been ripped off? If we all took the government motto of "get the best value for the money" we'd all be living in mobile homes. It may be the cheapest thing out there, but I wouldn't recommend it.
That's government purchasing in a nutshell.
take Microsoft serious, pay
.. and believe
No the bigger question is what exactly Google said in the filings. Google Apps Premier was certified, Google Apps for Government isn't yet.
If Google said they have an offering that is FISMA certified they are fine, if they said Google Apps for Government is FISMA then they will have a complicated court fight.
It's just in Beta still.
So pulling back a bit and looking at the big picture: has there been a significant increase in the number of petty corporate lawsuits or is it just my observational bias, IE reading too much Slashdot?
Microsoft Chief Council says Google Lied in Court...
Pot, meet kettle...
As usual, the headline is a bit misleading, and certainly leaves out a large part of the story. Google Apps Permier has been FISMA certified by the GSA, so when you go to the Google website and look, and it says "Now FISMA certified", they aren't lying. They really are FISMA certified. However, FISMA is not a blanket certification. The DoI does not have to accept the FISMA certification of the GSA, it can decide to do its own testing if it wishes. This doesn't change the fact that Google Apps Permier has in fact attained FISMA certification.
The second tricky bit is Google Apps for Government, a product that didn't exist at the time the court case started. The law says (and the brief points out) that FISMA certification cannot be attained until after implementation of the product, and thorough testing. So, in that case, Neither Microsoft's offering, nor Google Apps for Government, is FISMA certified, nor could they have been at the time. Now, Google Apps Premiere was certified, and Apps for Government was going to be done under a more restrictive set of security constraints, so it would have likely passed too. What I have to wonder though, is did Google lie, and say Google Apps for Government had the FISMA cert, or did they say "Google Apps is FISMA certified", which is true?
I have to come down on the side of the Microsoft lawyer playing this up for far more than it should be.
What I meant to write is "Governments have".
I don't think adding "to" is correct. The list follows on "ensure that it" and "ensure that it to prevent corruption" doesn't make sense. I guess I should have said "prevents corruption".
Then, again I'm terrible at grammar. I have a whole blog full of errors like this.
Oh My Gawd! It's full of SHIT!
In Liberty, Rene
The question is really whether or not GSA can do that (Certify and accredit for the entire US govt)
Ultimately, it boils down to whether or not an Agency authorizing official will sign an authorization to operate (ATO) for their agency to use the system. Google isn't asking Agencies to just use it willy nilly; while GSA has provided an ATO, the ATO is limited in scope, and only covers specific controls (albeit most of them). There are, however, still specific controls that an agency must implement (like HSPD-12 compliant authentication for its users). Thus there is a unique specific implementation for each agency, and each agency issues an ATO for the combined mess. It's the concept of "accountability cannot be outsourced." The value in the GSA ATO is that those controls can largely be assumed operational, as they've already been assessed and are being monitored by GSA. Thus, it makes the agency's assessment, ATO, and continuous monitoring much simpler.
If you aren't familiar, you might find this interesting:
http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP
Of course, this is the present, that is the past.
All those corporate lawyers, and you don't think they have a loophole since Premier IS FISMA certified, and is basically the same service with a different label on it? Besides, who says they haven't already won? With the kick about cutting costs, Google positioned itself to make a government agency look wasteful. It doesn't matter who was certified, this was a purely political move. They set out with one message, Microsoft = Wasteful Spending.
They've already won, even if their court case goes nowhere.
And how do I know Microsoft is full of shit? "Microsoft writes in a blog post that..." End of story. If they had a real legal argument, this story would lead with 7 different words "Microsoft lawyers seek perjury Charge against Google..."
I8-D
FISMA is a guideline. You hire someone to certify you in it. Much like you can get a fire inspector to come to your business and rate the place as "Safe" and then some other inspector could find fault. Per googles site, "Google Apps has received an authority to operate at the FISMA-Moderate level; an independent auditor assessed the level of operational risk as Low."
Also, you can request their documentation:
"Google's FISMA documentation is available for review by interested agencies.This enables agencies to compare the security of Google Apps to that of existing systems."
This is just more evidence that the Government and Microsoft were in collusion to exclude Google. Google has interdependent certification that they are FISMA compliant and the government says they are not. How many times does Google need to get certified?
First, Google Apps was FISMA certified in July of last year. This is about a subset of Google Apps (because the gov't. doesn't want everyone using the whole shebang). It would be like Microsoft getting Microsoft Office.Net (or whatever they call it this week) certified, then someone complaining that Microsoft Word.Net isn't.
Second, Microsoft doesn't have ANY FISMA certification, so if certification were a requirement, Microsoft cannot bid.
More here
Already disabled by Google:
Google URL Shortener
http://goo.gl/zjJOI – this URL has been disabled.
Note that goo.gl short URLs may be disabled for spam, security or legal reasons.
Suggestions:
* Return to the previous page.
* Try searching to find what you're looking for.
I searched for "goatse" to find out what this was all about and I found the answer !
Everything I write is lies, read between the lines.
Here's the link to Google's claim and a link to request the documentation if anyone wants to follow up:
http://www.google.com/apps/intl/en/government/trust.html
I'm betting they can back it up.
[-- Trust the Monkey --]
Google's App Platform for Government wasn't FISMA certified and thus wasn't qualified to be bought.
Neither is Microsoft's.
"I've got more toys than Teruhisa Kitahara."
First, Google Apps was FISMA certified in July of last year. This is about a subset of Google Apps (because the gov't. doesn't want everyone using the whole shebang). It would be like Microsoft getting Microsoft Office.Net (or whatever they call it this week) certified, then someone complaining that Microsoft Word.Net isn't.
Second, Microsoft doesn't have ANY FISMA certification, so if certification were a requirement, Microsoft cannot bid.
More here
It's not a subset, it's substantially different, your analogy is completely broken. Apps for Govt has a completely different separate cloud for security.
And it was certified for a limited scope anyway.
The issue is not about whether certification is a requirement or not or whether microsoft can bid or not, it is about Google blatantly lying on its websites and in documents submitted to the court about the certification. Did Microsoft lie about having certification?
The linked Google's response is pretty weak and does not address why Google applied for a new FISMA certification for Apps for Govt when it now claims it's just a more restrictive form of Apps Premier. Looks like it's sidestepping the issue and the anti-MS folks like you are lapping it regardless of the truth.
This space for rent.
But Microsoft didn't falsely claim their's was certified, which Google did.
This space for rent.
Google really begins to look nasty here.... the government is trying to do something that is the right thing by sane security standards (there is no such thing as 'secure multitenancy'.... that is an Oxymoron.)... and Google's insisting they sacrifice security requirements they have specified, just so that Google can provide service to them using a non-dedicated cloud?
I understand Google fearing they pick M$ due to hegemony... but if Google verifiably hasn't provided a product yet that will meet their stated security requirements, then Google should stop with this nonsense, interfering with government, and instead take it as a lesson about what they need to revise in regards to their product.
PAGE 38
It's the same code base, just running on a different set of servers.and with some functionality removed.
Microsoft originally developed (but never released) a hosted cut-down version of office a decade ago. So stop being an ignoramus.
Microsoft's offering, Business Productivity Online Standard, was not FISMA certified either. The suit seems legitimate, regardless of their claim about their own certification.
The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
Google does no evil!
FISMA looks at servers, physical security and infrastructure too, not just code.
This space for rent.
Microsoft knows that it's lost the war to maintain its' monopoly. Now it's a question of fighting individual holding actions, to preserve as much as possible, for as long as possible.
By next year, not only will there be more devices shipping with linux than Windows, but when HP makes all their line dual-boot between their webOS linux variant and windows, linux will become the #2 shipping desktop OS, surpassing Apple.
After that, in 2013 you can be sure that the other manufacturers will follow suit. What that means is that on April 8th, 2014, when Microsoft finally kills off XP, most of those corporate users won't be switching to Windows. They'll have replaced those devices with a combination of tablets, smartphones, and desktops that run linux. Already, 12% of all iPad users are in corporations, and 1/3 of them are using their tablets as replacements, abandoning their desktops and laptops. It turns out that most managers don't need a desktop. It's not like they write long emails ...
"On December 16, 2010, counsel for the Government learned that, notwithstanding Googles representations to the public at large, its counsel, the GAO, and this Court, it appears that Googles Google Apps for Government does not have FISMA certification. See Attachments 1-5 to this motion. We immediately contacted counsel for Google, shared this information and advised counsel that we would bring this to the Courts attention".
"According to the GSA, Googles Google Apps Premier received FISMA certification on July 21, 2010. However, Google intends to offer Google Apps for Government as a more restrictive version of its product and, Google is currently in the process of finishing its application for FISMA certification for its Google Apps for Government. See Attachment 3. To be clear, in the view of GSA, the agency that certified Googles Google Apps Premier, Google does not have FISMA certification for Google Apps for Government." link
a) The basic app does have FISMA certification, b) The more "restrictive version" is the more secure version for government, no attempt at deceit here .. link
Neither player has taken the time, nor cared, to attempt to understand the reasoning behind FISMA, for two different reasons. Google is too immature as a company to realize that GSA FISMA certification doesn't cut any ice with other U.S. Government agencies and their Designated Approving Authorities. OTOH, Microsoft is too arrogant as a company to admit its cloud offerings even need to comply with FISMA.
I'm betting on MS to win this uberpisching contest because they're a hoary and bloated bureaucracy and U.S. Government customers will understand where they are coming from. Google is a bunch of children.
> As another article makes clear, this is mostly a paperwork issue.
That doesn't give Google the right to make false claims to the public and court. If this was MS, people here would be running over each other to call it blatant lying and manipulation.
>Already, 12% of all iPad users are in corporations, and 1/3 of them are using their tablets as replacements, abandoning their desktops and laptops. It turns out that most managers don't need a desktop. It's not like they write long emails ...
I don't know why Linux types support things like iPad just because of their irrational hate of MS. Things like iPad are much more worse than Windows. Anyway do you have a reference for ' 1/3 of them are using their tablets as replacements, abandoning their desktops and laptops' ?
This space for rent.
Also, for the stats, google is your friend. Just like it's predicted that linux=based tablets will eventually surpass apple-based (just like linux-based smartphones have surpassed the iiphone).
Yeah a suit based on lying and deception clearly seems legit. Oh wait, it's because it's Google and anything they do can be spun to be okay.
You implied that lack of FISMA certification meant the product was not qualified to be bought. The FISMA certification was, according to the DOI documents, to be achieved after the contract was made. It is not really a relevant issue in the suit. The DOI sole-sourced Microsoft's product rather than issuing a competitive bid request. Both sides are spinning the side issues, but if you pay more attention to the side issues than the main issue you have been suckered.
The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
Office XP? O RITE !! office 2002 ...