Microsoft Blasts Google For False Claims In Court Documents

← Back to Stories (view on slashdot.org)

Microsoft Blasts Google For False Claims In Court Documents

Posted by Soulskill on Monday April 11, 2011 @07:58AM from the a-case-of-he-filed-she-filed dept.

recoiledsnake writes "Microsoft writes in a blog post that Google knowingly lied to the court while suing the US government over its consideration of only Microsoft implementations. We previously discussed Google winning an injunction against the Department of the Interior over this. According to Microsoft Deputy General Counsel David Howard, 'Google filed a motion for a preliminary injunction telling the court three times in a single document that Google Apps for Government is certified under FISMA. Google has repeated this statement in many other places as well. Indeed, for several months and as recently as this morning, Google's website states, "Google Apps for Government – now with FISMA certification." ... So imagine my surprise on Friday afternoon when, after some delay, some of the court papers were unsealed, at least in part. There for all to see was a statement by the Department of Justice contradicting Google on one of its basic FISMA claims.' Howard goes on to quote the DoJ brief (PDF), which says, '... it appears that Google's Google Apps for Government does not have FISMA certification.'"

39 of 213 comments (clear)

Min score:

Reason:

Sort:

Shock - Big Business Lies by Tigger's+Pet · 2011-04-11 08:01 · Score: 2

I think the title says it all. What's the old phrase? "If you can't blind them with science, then baffle them with bullshit."
1. Re:Shock - Big Business Lies by DavidR1991 · 2011-04-11 08:06 · Score: 3, Interesting
  
  Same as what they were doing against Apple. They accused Apple of using the wrong font size in their court documents (hence claiming they were invalid) rather than actually fighting the case. They really are at the pinnacle of the BSing
2. Re:Shock - Big Business Lies by StuartHankins · 2011-04-11 08:06 · Score: 4, Insightful
  
  Yes.
3. Re:Shock - Big Business Lies by Overly+Critical+Guy · 2011-04-11 08:07 · Score: 3, Interesting
  
  According to the court papers, Microsoft is not lying here. Google Apps for Government really doesn't have FISMA certification, even though Google said it did.
  
  --
  "Sufferin' succotash."
4. Re:Shock - Big Business Lies by meerling · 2011-04-11 08:40 · Score: 2
  
  "They really are at the pinnacle of the BSing" - Of course, they are both using lawyers.
5. Re:Shock - Big Business Lies by jdgeorge · 2011-04-11 08:44 · Score: 2
  
  It's not a meme. It's a correct answer to a question which was written ambiguously, allowing multiple interpretations.
  It's an annoying and eccentric behavior, perhaps, but it has been done for centuries, or longer.
6. Re:Shock - Big Business Lies by Anonymous Coward · 2011-04-11 08:47 · Score: 4, Informative
  
  So, for those of you who didn't RTFA, here's what actually happened:
  Google Apps Premier HAS a certification.
  The even more secure Google Apps for Government has applied for the same certification but hasn't gotten it yet.
  It is unclear whether or not there is even a need for the additional certification given the massive similarities between the two platforms. Microsoft is claiming that there must be because Google applied for a new certification for Google Apps For Government. Given that the two platforms vary by not much more code than would be involved in a typical Patch Tuesday, it is highly unlikely that this is material to the conversation.
  Just to go back to the original problem: A government entity approved a massively more expensive Microsoft solution over an equivalent Google solution that would have saved the taxpayers significant amounts of cash. Microsoft is now saying that this is all because of the difference in title between "Premier" and "For Government." Call me skeptical, but this smells rotten to me.
7. Re:Shock - Big Business Lies by Overly+Critical+Guy · 2011-04-11 08:53 · Score: 2, Interesting
  
  According to the court papers, filed in opposition to Google, Microsoft is not lying here.
  FTFY.
  Hello, anonymous Google supporter who shows up in every article. The information is in a statement from the Department of Justice in the court briefing. It's not an allegation or statement of opinion; Google really doesn't have the FISMA certification they claimed they did. Microsoft further made the point in the linked article that if the FISMA certification for Google Apps Premier applied to Google Apps for Government, Google wouldn't be applying for another certification specifically for Google Apps for Government.
  
  --
  "Sufferin' succotash."
8. Re:Shock - Big Business Lies by Locutus · 2011-04-11 09:24 · Score: 4, Insightful
  
  you must be too young to have watched the Microsoft vs DOJ case where Microsoft showed a video of how easy it was to download netscape and install it(or something like that) and repeatedly was asked if this was an unedited unscripted video and repeatedly they said yes Your Honor. So out comes the prosecution with scenes showing icons mysteriously moving and even disappearing on the desktops in the video and to that the Microsoft lawyers confessed it was mocked up. So what is lying to the Judge and perjury really mean in todays courts? zip, zero, nada, nothing.
  
  BTW, I still have seen no dates for when Google got that cert and when they said they "had" it.
  
  LoB
  
  --
  "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
9. Re:Shock - Big Business Lies by UnknowingFool · 2011-04-11 09:32 · Score: 2
  
  That's not how I read the DOJ's brief. The problem is people think that FISMA certified = secure. It doesn't. FISMA certified means that security planning has been documented. The DOJ objected to the overall security of Google Apps and never said Google was lying. Another issue is that Google Apps was certified by the GSA which has different security needs than the DOJ. If I understand FISMA correctly each agency willhave to go through their own certification process.
  
  --
  Well, there's spam egg sausage and spam, that's not got much spam in it.
10. Re:Shock - Big Business Lies by IICV · 2011-04-11 09:55 · Score: 5, Informative
  
  Just to go back to the original problem: A government entity approved a massively more expensive Microsoft solution over an equivalent Google solution that would have saved the taxpayers significant amounts of cash. Microsoft is now saying that this is all because of the difference in title between "Premier" and "For Government." Call me skeptical, but this smells rotten to me.
  While keeping in mind that (IIRC) the Microsoft solution currently does not have FISMA certification, and part of the reason why it was going to be so expensive is because they were going to get it certified in the process.
11. Re:Shock - Big Business Lies by RobertM1968 · 2011-04-11 10:42 · Score: 5, Informative
  
  According to the court papers, Microsoft is not lying here. Google Apps for Government really doesn't have FISMA certification, even though Google said it did.
  According to the papers just filed, neither is Google:
  A portion of Google's response: Even so, we did not mislead the court or our customers. Google Apps received a FISMA security authorization from the General Services Administration in July 2010. Google Apps for Government is the same system with enhanced security controls that go beyond FISMA requirements. As planned we’re working with GSA to continuously update our documentation with these and other additional enhancements.
  And the confusion stems from this:
  The Justice Department acknowledges that the General Services Administration (GSA) had certified a different Google offering, Google Apps Premier, for its own particular use under FISMA last July. As the DOJ's brief explains, "However, Google intends to offer Google Apps for Government as a more restrictive version of its product and Google is currently in the process of finishing its application for FISMA certification for its Google Apps for Government." Lest there be any doubt about the situation, the brief adds, "To be clear, in the view of the GSA, the agency that certified Google's Google Apps Premier, Google does not have FISMA certification for Google Apps for Government."
  And finally, to clarify, GAfG is a subset of GAP (which does have FISMA certification).
  
  --
  StarTrekPhase2 - The Five Year Mission Continues!
12. Re:Shock - Big Business Lies by msauve · 2011-04-11 10:45 · Score: 2
  
  By "not the same," do you mean physically, or logically? ISTM, they'd use an identical "information system," but possibly consisting of physically separate servers. Again, by my reading on what FISMA is all about, that wouldn't matter - it seems to be concerned with architecture and procedures, not specific apps or physical devices.
  
  --
  "National Security is the chief cause of national insecurity." - Celine's First Law
13. Re:Shock - Big Business Lies by iserlohn · 2011-04-11 12:18 · Score: 2
  
  You're not familiar with government certification are you? If you're talking about stuff like EAL4+ compliance under common criteria, technically, every deployment need to be certified. However, you can certify a product as "the next best thing", but that certification is only valid for that particular version of software and it's tested environment, and most vendors use a special locked down mode to ensure compliance. Most people don't deploy EAL4+ devices in the real world under this mode as there are built in security controls such as the lack of remote management.
  I expect the FISMA regulations to be just a anal retentive and arcane.
  
  --
  :. Ultimate Control Dedicated/VM Servers
14. Re:Shock - Big Business Lies by Runaway1956 · 2011-04-11 13:10 · Score: 2
  
  Alright, read page 13. It doesn't look good for Google, but GSA falls short of calling Google liars. It's rather ambiguous. Premier was certified, and Government was even more restrictive and secure than Premier - perhaps Google believed that Government was automatically certified?
  And, I'm mindful that the entire PDF is a motion filed by people hostile to Google - the PDF is not a definitive source of what is true or not true.
  In short, I'm not convinced either way.
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
15. Re:Shock - Big Business Lies by cbhacking · 2011-04-11 14:25 · Score: 2
  
  That's interesting. It also has absolutely nothing to do with the subject, except for the very last sentence you quoted. When something is certified, neither a subset nor a superset of that thing also receive certification. If Google did in fact claim that GAfG had FISMA certification before FISMA certification was granted to GAfG, then they were lying.
  
  --
  There's no place I could be, since I've found Serenity...
Re:A link to google statement on this by Rene+S.+Hollan · 2011-04-11 08:04 · Score: 3, Informative

goatse warning.

--
In Liberty, Rene
Goatse link by recoiledsnake · 2011-04-11 08:05 · Score: 2, Informative

Don't click.

--
This space for rent.
Re:Google's lawsuit is dumb by doconnor · 2011-04-11 08:07 · Score: 5, Insightful

"However, the government is a customer too and is free to choose a product that happens to be in the unique position of having competitors who think their products are better."
The government isn't free to choose. Government have to follow strict regulations in purchasing to insure it gets the best value for money, doesn't show any favoritism and prevent corruption. One can debate the effectiveness of the regulations, but they are there for a reason.
Double-standards by Anonymous Coward · 2011-04-11 08:08 · Score: 3, Insightful

Google does this, it's "Nothing to see here, you shouldn't be surprised, move on, move on"
Microsoft does this, "omg .. did you see what they did! remember this day, and USE IT IN COMMENTS FOR THE NEXT SEVEN YEARS"
1. Re:Double-standards by future+assassin · 2011-04-11 08:26 · Score: 2
  
  Not quite. I don't like MS and do prefer Google as a company BUT if they out right lied then they should be punished accordingly. If they keep on doing it then its time to support someone else who can do business with out lying or borderline breaking laws.
  
  --
  by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
2. Re:Double-standards by brennz · 2011-04-11 08:35 · Score: 5, Interesting
  
  The truth of the matter is more simple.
  Google went through the agonizing process of FISMA that is very stringent compared to jokes like a SAS 70 type 2. Microsoft did nothing. DOI does not have a FISMA certified private or govt cloud.
  DOI determined they would add in their own unique security requirements for a yet-unbuilt cloud solution that had never been certified for FISMA. Basically a joke of a to-be solution.
  Google cried foul, claiming they had already passed the FISMA qualification, something no other cloud vendor had done at the same time period. Google claimed a certified solution like their cloud could not be compared against a non-existent pipedream cloud.
3. Re:Double-standards by Anonymous Coward · 2011-04-11 08:49 · Score: 5, Informative
  
  Well, it's a bit more specific. Google sued the government because they did not look at Google Apps for Government. The government claimed that they didn't because Google Apps for Government lacked FISMA certification. In their lawsuit Google claimed that they did. In that context, whether or not Google Apps for Government was certified or Google Apps Premier was certified it becomes an issue of credibility for their entire lawsuit.
4. Re:Double-standards by aztektum · 2011-04-11 10:07 · Score: 2
  
  MS's BPOS were not FISMA certified back when they were awarded the contract (they still aren't).
  If that was really a requirement by DOI, neither should have gotten the nod.
  
  --
  :: aztek ::
  No sig for you!!
5. Re:Double-standards by 517714 · 2011-04-11 17:58 · Score: 2
  
  The suit is about being "considered", not about being "chosen". Google was not considered, only Microsoft offerings were considered. The DOI should have issued the RFQ with whatever restrictions they wanted short of a specified product and chosen from the bids. They did it wrong. http://www.scribd.com/doc/40513712/Google-v-US-Complaint
  
  --
  The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
Re:Google's lawsuit is dumb by Desler · 2011-04-11 08:15 · Score: 4, Informative

Yes, and Google's App Platform for Government wasn't FISMA certified and thus wasn't qualified to be bought. Then Google sues and lies about having that certification. I'm seeing no reason why Google's lawsuit should be entertained at all. Especially since if this were Microsoft doing exactly what Google is doing the S
Fine print & commentary by brennz · 2011-04-11 08:22 · Score: 2

GSA certified and accredited Google Apps (FISMA certification)
GSA is the lead agency for acquisition for the US Govt
GSA met several the NIST standards at the moderate level
DOI claims that the GSA certification doesn't meet their specific standards and they have to have a govt only cloud in the continental US.
DOI security has been the laughingstock of the US govt for as long as I can remember*
DOI disconnected from the internet by a federal judge for complete failure in IT security
Not entirely accurate by insidious777 · 2011-04-11 08:29 · Score: 2

If you read the brief, it's actually not quite as simple as Google "does not have FISMA certification." FISMA certification is per-agency, and Google *has* FISMA certification for GSA. Google *does not* have FISMA certification for any other agency. Each agency makes its own determination. It also appears that FISMA is a minimum for information security, so agencies can require more than FISMA if they want to. (Refer to brief pages 37-39 for the details on FISMA.)
proof? by dwater · 2011-04-11 08:33 · Score: 4, Insightful

Being wrong is not the same as lieing. Furthermore, I would imagine it is very difficult to prove someone deliberately lied.

--
Max.
Re:Google's lawsuit is dumb by Anonymous Coward · 2011-04-11 08:47 · Score: 2, Interesting

I hope this truly is anonymous.
You are correct in saying "Government have to follow strict regulations in purchasing to insure it gets the best value for money, doesn't show any favoritism and prevent corruption" but let me precede that by saying that I'm a government employee and that I work in a position that is part of the procurement process.
Here's how it works: You go to company A, who develops an awesome product and one you really wish to purchase. It's more expensive than you'd like, but it's been tested and it works. But, since you need to get the government the best deal it possibly can you also need to get competing quotes against said product. The easiest way to get around that liability is to simply "game" the system. You go to vendor B & C (which produce vastly inferior products, or products that are similar but flat out won't work for whatever reason) and ask for comparable quotes. You *know* vendor B's products are 10x the markup on vendor A's, so immediately they don't have a shot. Vendor B's prices are actually MUCH cheaper, but you know they make a killing on their vendor supported contracts, which are 3x as expensive as vendor A's contracts. So you include contract support in both quotes and suddenly vendor A is tens-of-thousands of dollars less.
It happens _all_ the time. Better yet, you can simply request a form letter that allows you to bypass any competitive bidding completely and just purchase from the vendor as single-source.
Does it happen because we're getting our palms greased with easy money and kickbacks? Not at all, we're not politicians. It happens because of the bureaucratic process we're all required to go through just to get the items we need. Would you buy a house built by the lowest bidder? Sure it'll meet the basic requirements (shelter, protection, stability) but it's built out of asbestos and the floor is made of tar & straw. Or, would you look around and find something that *works*, fits your needs and is competitive to the price you're willing to pay without feeling like you've just been ripped off? If we all took the government motto of "get the best value for the money" we'd all be living in mobile homes. It may be the cheapest thing out there, but I wouldn't recommend it.
That's government purchasing in a nutshell.
Re:Grasping at straws by Raffaello · 2011-04-11 08:49 · Score: 2

Except Google was not caught lying. We have Microsoft claiming that Google lied, nothing more.
Pot and Kettle by madmark1 · 2011-04-11 09:04 · Score: 5, Informative

Microsoft Chief Council says Google Lied in Court...
Pot, meet kettle...
As usual, the headline is a bit misleading, and certainly leaves out a large part of the story. Google Apps Permier has been FISMA certified by the GSA, so when you go to the Google website and look, and it says "Now FISMA certified", they aren't lying. They really are FISMA certified. However, FISMA is not a blanket certification. The DoI does not have to accept the FISMA certification of the GSA, it can decide to do its own testing if it wishes. This doesn't change the fact that Google Apps Permier has in fact attained FISMA certification.
The second tricky bit is Google Apps for Government, a product that didn't exist at the time the court case started. The law says (and the brief points out) that FISMA certification cannot be attained until after implementation of the product, and thorough testing. So, in that case, Neither Microsoft's offering, nor Google Apps for Government, is FISMA certified, nor could they have been at the time. Now, Google Apps Premiere was certified, and Apps for Government was going to be done under a more restrictive set of security constraints, so it would have likely passed too. What I have to wonder though, is did Google lie, and say Google Apps for Government had the FISMA cert, or did they say "Google Apps is FISMA certified", which is true?
I have to come down on the side of the Microsoft lawyer playing this up for far more than it should be.
1. Re:Pot and Kettle by sangreal66 · 2011-04-11 09:24 · Score: 2
  
  What I have to wonder though, is did Google lie, and say Google Apps for Government had the FISMA cert, or did they say "Google Apps is FISMA certified", which is true?
  Why wonder? It is demonstrated in the attachments. Example:
  
  Google Apps for Government, now with FISMA certification
  The representative from the GSA who granted the certification also clearly states in emails that Google Apps for Government is not certified by their department (as you mentioned, it could not be).
Re:Google's lawsuit is dumb by tomhudson · 2011-04-11 10:16 · Score: 2

Yes, and Google's App Platform for Government wasn't FISMA certified and thus wasn't qualified to be bought. Then Google sues and lies about having that certification. I'm seeing no reason why Google's lawsuit should be entertained at all. Especially since if this were Microsoft doing exactly what Google is doing the S

First, Google Apps was FISMA certified in July of last year. This is about a subset of Google Apps (because the gov't. doesn't want everyone using the whole shebang). It would be like Microsoft getting Microsoft Office.Net (or whatever they call it this week) certified, then someone complaining that Microsoft Word.Net isn't.
Second, Microsoft doesn't have ANY FISMA certification, so if certification were a requirement, Microsoft cannot bid.
More here
Re:Google's lawsuit is dumb by ozmanjusri · 2011-04-11 10:30 · Score: 2

Google's App Platform for Government wasn't FISMA certified and thus wasn't qualified to be bought.

Neither is Microsoft's.

--
"I've got more toys than Teruhisa Kitahara."
Re:Google's FISMA Certification by recoiledsnake · 2011-04-11 11:53 · Score: 2

You need to RTFA.

--
This space for rent.
Big G begins to look nasty here.... by mysidia · 2011-04-11 12:49 · Score: 2

Google really begins to look nasty here.... the government is trying to do something that is the right thing by sane security standards (there is no such thing as 'secure multitenancy'.... that is an Oxymoron.)... and Google's insisting they sacrifice security requirements they have specified, just so that Google can provide service to them using a non-dedicated cloud?
I understand Google fearing they pick M$ due to hegemony... but if Google verifiably hasn't provided a product yet that will meet their stated security requirements, then Google should stop with this nonsense, interfering with government, and instead take it as a lesson about what they need to revise in regards to their product.
PAGE 38

DOI is fully entitled to constrain the cloud model it will accept even if FISMA does not dictate a particular model. FISMA establishes a bare minimum level of security for information systems. .... The law permits and encourages agencies to impose additional requirements to account for their own unique security needs.

...

Yet DOI has also determined that its security requirements exceed the bare minimum mandated by FISMA; thus it also requires that the cloud be dedicated to either DOI or Federal agencies on a physically and logically server that in at least two data centers located within the continental United States. See AR168. Contrary to Googles contention, the FISMA certification process is not meant to override an individual agencys security needs. AR784-785. DOI was wholly justified in insisting that Google offer a DOI-only or Federal-only cloud.

Moreover, DOI had good reason to require additional safeguards beyond those commanded by FISMA.
Re:Grasping at straws by 517714 · 2011-04-11 18:28 · Score: 2

They didn't lose, they weren't allowed in the competition - that is the real story. Microsoft is trying to get people believe that there is some other issue/story, they even managed to distract you from the real story. DOI issued a RFQ that specified Microsoft product only rather than stating the requirements and accepting one on its merits, Google believed DOI was not acting properly.

--
The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
Re:Google's lawsuit is dumb by tomhudson · 2011-04-11 18:33 · Score: 2

And the servers, etc., are just duplicating an existing instance. As another article makes clear, this is mostly a paperwork issue.
Microsoft knows that it's lost the war to maintain its' monopoly. Now it's a question of fighting individual holding actions, to preserve as much as possible, for as long as possible.
By next year, not only will there be more devices shipping with linux than Windows, but when HP makes all their line dual-boot between their webOS linux variant and windows, linux will become the #2 shipping desktop OS, surpassing Apple.
After that, in 2013 you can be sure that the other manufacturers will follow suit. What that means is that on April 8th, 2014, when Microsoft finally kills off XP, most of those corporate users won't be switching to Windows. They'll have replaced those devices with a combination of tablets, smartphones, and desktops that run linux. Already, 12% of all iPad users are in corporations, and 1/3 of them are using their tablets as replacements, abandoning their desktops and laptops. It turns out that most managers don't need a desktop. It's not like they write long emails ...