Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Releases Mobile Data Collection Source Code

Posted by timothy on from the but-the-secret-room-isn't-in-the-blueprints dept.

mikejuk writes "To avoid the problems that Google and Apple have had with collecting WiFi data and privacy issues Microsoft has just released [some of] the source code used in its mobile data collection system. The code shows how the phones that it drives around don't collect any personal data — just WiFi and cell tower identification so that they can be used in geolocation. The source code is a great educational resouce but as to proving that Microsoft is doing the right thing it just doesn't work. First off, it isn't complete. Second, who is to say that it is the code used in the phones? That's the point of software — it's easy to change. Now if only we can provoke them to release large chunks of Windows or Windows Phone 7...."

69 comments

  1. Microsoft? by Anonymous Coward · · Score: -1

    Releasing source code? Huh. That's odd. Do us Slashdotters still have good old fakepassword3? Sorry I came to the garbage of this place and realized it.

  2. apple!=google by cheeks5965 · · Score: -1, Troll

    just WiFi and cell tower identification so that they can be used in geolocation.

    The iphone locationgate was way overblown. Apple's approach was way less intrusive than Google. All they were doing was storing the location of nearby cell towers on the phone, to speed up the phone's geolocation. the data was never sent back to apple. this is the difference between the phone tracking your location and apple tracking your location.

    Google, on the other hand, monitors you like the optomicon. one database to rule them all.

    --
    -- Flame me and I will happily flame you back. Bring it!
    1. Re:apple!=google by errandum · · Score: 1

      The problem with most people was never that it was gathering info, but that everyone could access it. If someone stole your phone they'd have a footprint of your life in their hands. They encrypt it now and it's fixed.

      Google's data is only accessible if you root the phone... And it'll only send info back and forth if you consent (Basically, if you want to use the geolocation boost you are forced to share your info too).

      The issue is not a non issue. there is nothing wrong, in my opinion, in gathering information (remember, we are using some pretty neat services for "free", like gps), but you have to do it right.

  3. Partial release rings alarm bells by Chris+Down · · Score: -1, Troll

    Partial release is more dangerous than no release at all. Without the ability to compile the entire thing for yourself and check the checksums, there is no real way to know that this is the genuine source.

    Just because you open the door a crack, doesn't mean the user can see the massive spike pit hiding behind the hinge.

    1. Re:Partial release rings alarm bells by Normal+Dan · · Score: 4, Insightful

      Somehow I get the feeling a full release of the source code still wouldn't be enough to satiate the nerdy masses.

      --
      A unique way to learn a language: http://languageloom.com
    2. Re:Partial release rings alarm bells by Anonymous Coward · · Score: 2, Insightful

      Nothing ever will be. If we get full source they will whine that it's in the wrong license or it needs visual studio/windows to compile. Or they will call it useless and whine about that.

    3. Re:Partial release rings alarm bells by Anonymous Coward · · Score: 0

      Without the ability to compile the entire thing for yourself and check the checksums, there is no real way to know that this is the genuine source.

      It's never enough for some people. "Check the checksums"??? Come on.

      Who's to say that the phone isn't showing you a fake checksum, to lull you into a false sense of security? You'd say: I'd have to be able to compile it myself, of course.
      But who's to say that the phone actually runs your compiled version, rather than its own?

      Tell us what would satisfy you.

    4. Re:Partial release rings alarm bells by gabebear · · Score: 3, Interesting

      It's very likely Microsoft will never release anything that will satiate people who understand licenses and value freedom. Microsoft likes you to sign crazy NDAs for access to specs and source and ties their own developers and evangelists hands. I was at a WP7 presentation a month ago given by MS's WP7 evangelist for my region. He couldn't hook the WP7 phone he had to the projector like he normally does because Microsoft's legal department took away the cable he had been using for presentations...

    5. Re:Partial release rings alarm bells by godrik · · Score: 1

      It's better than nothing but does not prove much. MS could release the compilation script that build that piece of the code to be able to verify that the binary version of these function is present in WP7

      But once again, that code could not be activated at all. Once again, you could offer to recompile that part of the code to insert some profiling. But then, you would know the code is gone trough but maybe discarded.

      Soon we will have the discussion about trusting trust again (if you don't know, what it is, it is the prolem of "how to trust your compiler")

    6. Re:Partial release rings alarm bells by Altus · · Score: 1

      Never mind that you would have to use visual studio to compile it and we all know that secretly inserts backdoors in all software made with it.

      --

      "In America, first you get the sugar, then you get the power, then you get the women..." -H. Simpson

    7. Re:Partial release rings alarm bells by Penguinisto · · Score: 0

      Somehow I get the feeling a full release of the source code still wouldn't be enough to satiate the nerdy masses.

      I disagree. If it can be fully compiled and tested, then there would be no rational place for the "OAMG they have something they're hiding!" argument. OTOH, Microsoft is kind of notorious for only doing their PR stunts half-assed, and this latest one kind of proves it. Even SCO did a better job of convincing Joe Reporter that they truly showed off code/evidence (and let's face it - their attempts were hella laughable at best).

      'course, you can still check things WP7-wise as it is now... that is, if you can capture every packet coming out, decrypt the payloads accurately, then assemble and analyze the results.

      IMHO, releasing only part of the source code is indeed, like GP said, more dangerous than no release at all. Just that he forgot to mention that it's potentially dangerous in both directions - both to the world at large ("oh look, stuff to test for exploits!"), and to Microsoft ("OAMG they're hiding something! You can't even test what's there without violating a license!").

      It'd be better off if they didn't even bother, considering that the bits they did release are worthless in and of themselves.

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    8. Re:Partial release rings alarm bells by larry+bagina · · Score: 1

      The full source code should ring alarm bells, too. It runs on their phones, in their vans. You don't have access to the hardware to verify it's running the source code they provided (and only the source code they provided). You don't have access to their compilers to verify it's not inserting other code.

      --
      Do you even lift?

      These aren't the 'roids you're looking for.

    9. Re:Partial release rings alarm bells by im_thatoneguy · · Score: 2

      You don't even have to use your "feelings", he says it in the next sentence:

      Second, who is to say that it is the code used in the phones? That's the point of software â" it's easy to change.

      "Please give us all your source code! And proof that it's exactly the source code on my phone! And that you didn't push an OTA update! And that you are verifying the MD5 checksum of the source code to the build on my phone! And a UN panel to supervise the foundry in which the hardware md5 check was being performed! And a background check on all the people supervising the foundry to make sure nobody changes the hardware to mis-report the checksum! And...."

      There is no way to please them. At least they were up front about it.

    10. Re:Partial release rings alarm bells by Score+Whore · · Score: 1

      Somehow I don't think you realize that this is about Microsoft's equivalent of the Google StreetView car and nothing at all to do with the phone. You're not intended to run this code, ever. It's for them to run. What they are doing is, is showing that they're doing it "right" as compared to Google's way of doing it "wrong."

      And the funny thing is that in the Google threads there are tons of people who do all sorts of speculation in order to absolve Google, and in the summary of this story they go to all sorts of speculation to incriminate microsoft. Way to go people.

    11. Re:Partial release rings alarm bells by Anonymous Coward · · Score: 2, Informative

      Not with comments like "Second, who is to say that it is the code used in the phones?" coming from the person who wrote the summary. You could ship that jackball straight to Redmond, sit him down in front of a workstation at Microsoft, let him review the code himself and press the build button himself, and he'd still think it was a clever ruse on Microsoft's part.

    12. Re:Partial release rings alarm bells by exomondo · · Score: 1

      Without the ability to compile the entire thing for yourself and check the checksums, there is no real way to know that this is the genuine source.

      Check the checksums against what?

    13. Re:Partial release rings alarm bells by Gadget_Guy · · Score: 1

      It's very likely Microsoft will never release anything that will satiate people who understand licenses and value freedom. Microsoft likes you to sign crazy NDAs for access to specs and source and ties their own developers and evangelists hands.

      And yet here they are releasing the code without requiring crazy NDAs. That is not to say that they haven't required NDAs in the past (like when they have released the full code for Windows for specialised uses), but that doesn't mean that everytime they release some code that it get tied up in paperwork.

      He couldn't hook the WP7 phone he had to the projector like he normally does because Microsoft's legal department took away the cable he had been using for presentations...

      Why? Was there an actual legal reason behind this, or did someone just pinch his cable? It seems pretty unlikely that the legal department would prevent them from advertising a released product.

    14. Re:Partial release rings alarm bells by Gadget_Guy · · Score: 2

      IMHO, releasing only part of the source code is indeed, like GP said, more dangerous than no release at all. Just that he forgot to mention that it's potentially dangerous in both directions - both to the world at large ("oh look, stuff to test for exploits!"), and to Microsoft ("OAMG they're hiding something! You can't even test what's there without violating a license!").

      That is not correct in this case. The problem is that everyone believed the article when they said that this was the code from Windows Phone 7. This is actually the code from Microsoft's vans that collected geolocation data. (similar to Google's vans that logged everyone's WiFi packets that got them into strife). The fact that they didn't release the entire code is irrelevant because none of us have the binaries with which to compare the source code. Therefore there are also no security problems with them releasing this code either.

    15. Re:Partial release rings alarm bells by Penguinisto · · Score: 1

      Interesting info, but I'm glad you cleared that up a bit. :)

      --
      Quo usque tandem abutere, Nimbus, patientia nostra?
    16. Re:Partial release rings alarm bells by camperslo · · Score: 1

      Somehow I get the feeling a full release of the source code still wouldn't be enough to satiate the nerdy masses.

      Satiate?? Really?? Does anything even suggest that we find the phone relevant enough to care? If one had to pick a group most likely to avoid the phone, wouldn't "the nerdy masses" be a good first pick? The phone seems to be targeted at people that perceive Apple and other offerings as too scary and complicated... That's the opposite of the "nerdy" demographic.

    17. Re:Partial release rings alarm bells by Anonymous Coward · · Score: 0

      Most likely, Microsoft would have a custom version of Visual Studio running that would simply inject nefarious bits at the right point.

      Amusingly, the CAPTCHA for this is "merges."

    18. Re:Partial release rings alarm bells by Aydsman · · Score: 2

      He couldn't hook the WP7 phone he had to the projector like he normally does because Microsoft's legal department took away the cable he had been using for presentations...

      Why? Was there an actual legal reason behind this, or did someone just pinch his cable? It seems pretty unlikely that the legal department would prevent them from advertising a released product.

      I believe Windows Phone uses a protected graphics path, similar to the one in Windows Vista & 7, in order to provide DRM so services like Netflix feel all warm & fuzzy that their video content can't be intercepted. Because of this, all phones which are used in demos require a special build of the OS to display on a projector and, no doubt, a special cable recognised by that OS build.

      Having said the above, I'm not sure what reason Microsoft would have to reclaim the cable apart from controlling the number of them that exist outside the company. This control would be part of keeping the integrity of the DRM path.

    19. Re:Partial release rings alarm bells by Anonymous Coward · · Score: 0

      And showing you the compiler wouldn't help; what if they implemented ken's hack?

    20. Re:Partial release rings alarm bells by rbrausse · · Score: 1

      And that you are verifying the MD5 checksum of the source code to the build on my phone! And a UN panel to supervise the foundry in which the hardware md5 check was being performed!

      nah, not enough. md5 is COMPLETELY BROKEN!!!11!

  4. How much proof do you need? by goldspider · · Score: 4, Insightful

    First off, it isn't complete. Second, who is to say that it is the code used in the phones? That's the point of software — it's easy to change.

    Blah blah blah. And where's the "REAL" birth certificate??

    No amount of proof is enough for some people.

    --
    "Ask not what your country can do for you." --John F. Kennedy
    1. Re:How much proof do you need? by Charliemopps · · Score: 1

      I'll believe Microsoft before I believe politicians... and that's saying something.

    2. Re:How much proof do you need? by h4rr4r · · Score: 0

      Those are quite different. Heck, just giving out source and let users compile it and place it on their own phones would solve this complaint. Sure you have to trust the compiler and the hardware, but that is pretty normal.

    3. Re:How much proof do you need? by iluvcapra · · Score: 2

      For any non-trivial function its basically impossible to prove exactly what a computer will do, and once the data leaves the phone to someone's server you can't prove anything. All you have is the company's good word.

      --
      Don't blame me, I voted for Baltar.
    4. Re:How much proof do you need? by Bacon+Bits · · Score: 3, Insightful

      For any non-trivial function its basically impossible to prove exactly what a computer will do

      Bullshit.

      If this were remotely true then closed-source applications couldn't be hacked. How exactly do you think you crack and application which requires a software key or has a DRM requirement? How do you think they jailbreak game consoles with saved games? The magic of coincidence? Of course not. The look at the binary code, see what it's doing, disassemble/decompile what they can, and trap all network I/O and file I/O. If you really want to know what WP7 is doing, you can reverse engineer it. If DRM -- which is specifically designed to be difficult to reverse engineer or circumvent -- if DRM can be understood with just binary access, the behavior of an OS on a phone which lacks this design focus should not be that difficult.

      Other than being a goodwill gesture (and arguably opening MS up to fraud lawsuits if they are found to be lying), this release doesn't do much at all. However, given what would happen to MS if the code they release here is found to be anything other than what is actually running, I don't believe that they would risk being so stupid as to release anything but the actual source code. MS is in no position in the mobile marketplace to suffer such a gaffe.

      --
      The road to tyranny has always been paved with claims of necessity.
    5. Re:How much proof do you need? by Rockoon · · Score: 0

      In short, you are a complete idiot on this subject of proof, and you have just proven it.

      --
      "His name was James Damore."
    6. Re:How much proof do you need? by rastoboy29 · · Score: 1

      You mean you can compile and run this code on your Windows phone?

      You, sir or madam, are missing the point.  Source code alone is meaningless if you can't actually *use* it.

      --
      expandfairuse.org
    7. Re:How much proof do you need? by afabbro · · Score: 2

      You, sir or madam, are missing the point. Source code alone is meaningless if you can't actually *use* it.

      You made Donald Knuth cry, you big bully.

      --
      Advice: on VPS providers
    8. Re:How much proof do you need? by weicco · · Score: 1, Offtopic

      I don't have time to compile fricking source codes! I have better things to do, like actually use the software. Besides, Microsoft already compiled it for me.

      --
      You don't know what you don't know.
    9. Re:How much proof do you need? by Anonymous Coward · · Score: 0

      Reality check PROTIP: That's the damn basis of all science!

      Do you realize that you're doing the exact same thing, those birthers you hate so much do?
      Massive ignorance, prejudice, delusion and dumb generalizations.
      Let me explain:

      No amount of "proof" is ever enough. That's why it's called the relativity theory. Because we never ever can prove that something is like we think it is. All we can do, is prove that it isn't. (Through observation that conflicts with the theory.)
      So if there is a absolute reality, we can never prove or see it. Ever. We can only rely on our (until now) experience, that the laws of physics will be the same in our current and future position in space-time.

      And that's the real reason why birthers are idiots: Because they think it would be possible to get "proof" at all.
      Which is, what you also think.
      And that's why you're so much the same.

      You're like those Wikipedia admins, who can't tell personally observed evidence from something they got told by a "source". Very dangerous behavior, because then that "source" can alter your perception of reality it will. Which is why social engineering works so well on such idiots.

      Since I can not ever prove if Obama was born in Hawaii, I have to choose whose information to trust. And since I can also possibly not ever prove if that source code is the one really used, I also will have to trust Slashdot trusting MS.

      That is a personal thing, based on experience on what choice of trust results in a better life. And while I trust Obama being born in Hawaii (Really, I don't give a fuck where he's born, as it doesn't mean shit to me. It changes nothing. But it feels more useful to do trust it, since the alternative feels "conflicty".), I have learned not to trust MS at all. They committed crimes so often, if they were a person, they would have tattoos from at least 3 different prisons, a ass so lose, it would make Goatse jealous, and even their mother wouldn't talk to them anymore.

      And, sorry dude, that's just way too much.

    10. Re:How much proof do you need? by The+Moof · · Score: 1

      Source code alone is meaningless if you can't actually *use* it.

      Assuming the code provided is exactly what's used, you can use the source code to do your own code audit. You can see where there might be security problems, see if there's any shady stuff going on, etc.

      Of course, this usefulness relies on those first 8 words of my comment.

  5. What a biased piece of garbage article. by spd_rcr · · Score: 5, Insightful

    I don't know how this one made it through the slashdot filters to be published. Mikejuk's posting sounds like conspiracy drivel. What Microsoft did was clearly a good effort to try and show the worry-warts what they're doing, but to expect them to give away the source code to their operating systems is just crazy.. their whole business model is based on traditional closed source software.

    --
    - tensions in our lives that are attacking our minds, unite themselves together to make our consciousness blind - op'ivy
    1. Re:What a biased piece of garbage article. by eln · · Score: 3, Funny

      I don't know how this one made it through the slashdot filters to be published.

      You must be new here.

    2. Re:What a biased piece of garbage article. by girlintraining · · Score: 1

      their whole business model is based on traditional closed source software.

      No, their business model is based on vendor lock-in and pricey support contracts. They could publish the source code and it would not harm their business model because the moment someone created a compatible product, they'd be sued for copying the "look and feel". Our patent and copyright system pretty much ensure there will never be competition against Microsoft (or any large business) from this country, european countries, australia, or most anywhere else they've managed to sucker the government into enacting intellectual property regulations. The only place Microsoft's source code could be useful would be in places like China that don't have restrictive IP laws, and in either event don't pay for software licensing anyway, so it's hardly a loss.

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:What a biased piece of garbage article. by Pigskin-Referee · · Score: 0

      I don't know how this one made it through the slashdot filters to be published.

      Are you serious? If there is any way any article can be slanted against Microsoft, it will be heralded on Slashdot.

      --
      Pigskin-Referee
      Linux: Yesterday's technology, tomorrow ...
    4. Re:What a biased piece of garbage article. by cavreader · · Score: 2

      "there will never be competition against Microsoft " Please tell me you are joking. On the off chance you are not trolling please consider this, at a bare minimum MS is up against strong competition in the OS space, Game systems, Database systems, Phone systems, Mail systems, and productivity applications.

    5. Re:What a biased piece of garbage article. by rbrausse · · Score: 1

      If there is any way any article can be slanted against Microsoft, it will be heralded on Slashdot.

      some time ago it was proposed to move slashdot.org to microsoftsuck.com. So far this goal is only partly met...

  6. Oh please! I know the TRUTH! by Anonymous Coward · · Score: 0, Funny

    Somehow I get the feeling a full release of the source code still wouldn't be enough to satiate the nerdy masses.

    The source code is a great educational resouce but as to proving that Microsoft is doing the right thing it just doesn't work. First off, it isn't complete. Second, who is to say that it is the code used in the phones? That's the point of software — it's easy to change.

    It explains it right there! You see Microsoft, with their history of deceit, lies and downright badliness are obviously hiding something. And I know what it is.

    The real software gets passwords, IP, MAC addresses, of everyone connected and people's names and SSNs - that's how devious they are.

    And on authority that I can't name right now, Microsoft has in fact bought the Illuminati and is planning on calling it "Microsoft Illuminati"! Really it's true.

    But there's more and here's the really scary part: they bought the NSA. Yep! That's where they got the software from!

    I can't go into more because the Microsoft Brain Scanner is running, but they also are behind Al-Qaeda!

    Microsoft is spying on everyone and be careful!

  7. Scumbag slashdot by Anonymous Coward · · Score: 0

    Likes open source, goes ballistic when MS throws them a bone.

  8. The Point by BradleyUffner · · Score: 2

    "That's the point of software — it's easy to change."

    And here I thought it was about letting the user accomplish something they consider useful. I didn't realize the point of software was to allow you to change it. Silly me.

  9. I work for Microsoft... by beamsplitter · · Score: 5, Informative

    ... and while I don't work with this team, I can tell you that it will have been released in good faith, and that the code in the phones will not be any different. I've seen nothing but honesty and integrity in the two years that I've worked for the company.

    1. Re:I work for Microsoft... by Bacon+Bits · · Score: 1

      Yeah, but you're probably a designer or an engineer. Generally, I trust what those people say. It's the executives, lawyers, and (to a somewhat lesser degree) sales and marketing reps I expect to lie through their teeth. That said, I expect the same of any corporate entity. Caveat emptor, indeed.

      --
      The road to tyranny has always been paved with claims of necessity.
  10. How DO you know? by Sasayaki · · Score: 4, Insightful

    Good question. Very insightful. But how far do you go?

    How would you know that if they released the code that this code is what's really running on your phone? How do you know there isn't a backdoor inserted post compilation?

    How do you know that Linux isn't just a shell around an obscenely stenographed copy of Windows? Do you inspect every single line of code that goes into your machine personally? How do you know the code's not kept in a tiny hardware ROM on all modern chipsets and injected into Linux during boot? Do to read them all, personally? Well you should!

    The sheeple must know! It's a plot by the Skull and Bones society, the Illuminati and the masons, IE9 has links to stuff they put in our water and Windows mobile uses fillings in your teeth as an antenna so the greys can track you from space. Soylent Windows 7 is people! Oh God in heaven it's PEOPLE! ...

    More seriously, yes, it is possible they wouldn't use that actual code in their phones... but Occom suggests they probably do, while Hanlon agrees but clarifies if they aren't it's probably a slightly different version due to that idiot new developer in section 8 that ran the wrong script.

    Eventually, at some point, you just have to either accept what someone's saying or accept there's no trust there and move on. Keep in mind it's practically impossible to avoid cell-tower based snooping and tracking, making this whole point useless because the NSA etc don't need your phone to cooperate for them to get what they want.

    --
    Check out my sci-fi book "Lacuna" at http://goo.gl/MVxX8
    1. Re:How DO you know? by exomondo · · Score: 1

      How would you know that if they released the code that this code is what's really running on your phone?

      RTFA, it's code running on phones they are using for data collection.

  11. who is to say that it is the code used in the phon by microbee · · Score: 1

    When they are sued by privacy groups or federal regulators, they will be able to show to the court that this is the code being used in their phones.

    Yeah, sorry, they are not going to prove it to some random joes on the slashdot.

  12. so Microsoft releases source to show secure? by Anonymous Coward · · Score: -1

    isn't this an admission that their current method of security, security by obscurity(closed source), isn't as secure as opening up the source?

    Wasn't Google's WiFi sniffing code already open source and it was the fact that too much data from open access points was getting stored so it turned out they caught all the email logins and other logins happening in the clear? Opening the source would not have prevented Google from inadvertently collecting that information and it won't do anything to help Microsoft not get caught in the same problem. IMO

    LoB

    1. Re:so Microsoft releases source to show secure? by exomondo · · Score: 1

      isn't this an admission that their current method of security, security by obscurity(closed source), isn't as secure as opening up the source?

      No, this isn't even about security. It's about saying 'yes we are collecting data, this is the code we are using to collect that data' so people can see what data they are collecting. Had google done the same thing people would have seen that their code was collecting more information than they said it was.

    2. Re:so Microsoft releases source to show secure? by Gadget_Guy · · Score: 1

      Opening the source would not have prevented Google from inadvertently collecting that information and it won't do anything to help Microsoft not get caught in the same problem.

      The difference is that Google used someone else's code whereas Microsoft wrote their own. Neither company actually wants to log everyone's WiFi packets, but it would be far easier for Google to accidentally click a checkbox in a third party app to enable this feature than for Microsoft to accidentally write code to do the same thing.

      Both companies had access to their respective source code, and I would argue that in this case it was the closed source code that received more scrutiny. Microsoft would have actually looked closer at their source (because they wrote it themselves), while Google could easily use their package without giving the code a glance.

    3. Re:so Microsoft releases source to show secure? by spongman · · Score: 1

      here's the WiFi info the code captures:

      ObservationGenerator.cs, line 795
      - mac address
      - signal strength
      - infrastructure mode (ad-hoc/infrastructure, etc..)
      - 802.11 network type (frequency-hopping/direct-sequencing, etc...)

      wifidriverwrapper.cpp, line 339 would seem to imply that they're also only logging visible infrastructure APs.

      they could easily have also captured:
      - SSID (alphanumeric ID)
      - encryption status (WEP/WPA2 enabled/keyed, etc...)
      - frequency band/channel #

      this is all high-level information from the driver via the Windows ZeroConfig API. there doesn't seem to be any support in the code for capturing raw packets from the radio.

    4. Re:so Microsoft releases source to show secure? by TemporalBeing · · Score: 1

      isn't this an admission that their current method of security, security by obscurity(closed source), isn't as secure as opening up the source?

      No, this isn't even about security. It's about saying 'yes we are collecting data, this is the code we are using to collect that data' so people can see what data they are collecting. Had google done the same thing people would have seen that their code was collecting more information than they said it was.

      So, then it's showing the Open Source has better PRIVACY provability than Closed Source, no?

      --
      Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
    5. Re:so Microsoft releases source to show secure? by exomondo · · Score: 1

      isn't this an admission that their current method of security, security by obscurity(closed source), isn't as secure as opening up the source?

      No, this isn't even about security. It's about saying 'yes we are collecting data, this is the code we are using to collect that data' so people can see what data they are collecting. Had google done the same thing people would have seen that their code was collecting more information than they said it was.

      So, then it's showing the Open Source has better PRIVACY provability than Closed Source, no?

      Perhaps, but that's pointless anyway since you still have to trust that the code the company releases is indeed the code it is running.

  13. Google Wifi by Nerdfest · · Score: 1

    I was under the impression that the Wifi sniffing software that Google used was at least based on open source code as well. I'm not sure if that's the case, but I remember hearing something about it when it originally happened.

    1. Re:Google Wifi by Anonymous Coward · · Score: 0

      Indeed it was - but it was based on a configurable application which was designed to be able to capture all that data. It wasn't an issue with the Open Source software, it was the configuration used software not matching up to the task.

      I haven't reviewed the Microsoft code, but if they're publishing it to dissuade doubts then one would assume that either the application has been purpose-built to avoid capturing that information or alternatively any pertinent configuration options will be visible in what they've published.

  14. Conspiracies..... by Anonymous Coward · · Score: 0

    Now ... if they give all the source code then ...Oh wait!... those hardware manufacturers are very suspicious too!!.... and I truly believe that "that" compiler is embedding fingerprints and call home code.

    Now if we can provoke them to release the hardware specs, software (complete dev chain) and manufacture all the pieces of hardware in front of me... then I'd be sure that ... oh wait ... then I would have to use wifi with that shady router that is probably sniffing my very important personal information!!!

    Yeah dude, the world is doomed with your point of view. We'd have to build everything from source after reviewing each file one by one.
    Nonsensical article getting to front page by bashing microsoft. At least there are no ads in his page.
     

  15. Binaries then? by Anonymous Coward · · Score: 0

    I guess this guy repositories are only source and he has inspected each bit of code by himself ... after all you can trust no one.

  16. Our spyware is open source loook! by Anonymous Coward · · Score: 0

    who gives a shit if its open source, they shouldnt be using me and my resources to collect "my" data for them in the first place, shit like this stops me from ever getting a "smart phone" at least my s40 nokia aint logging every fucking thing i do with it and then selling it to any shitty business that comes along with a pile of cash

    keep your open source spyware, until i can rip that shit out entirely or invoice you for my data, i aint interested.

  17. Hyporcrisy by Anonymous Coward · · Score: 0

    Wow. They finally open source something and the Slashdot can only post an article that is pure backlash?

    Really teach them to open things up. How do you know the pieces of WebKit that Apple releases really is what runs under Safari? Stock, precompiled Android? Probably both filled with backdoors!

    This is so stupid. This crap is killing Slashdot.

  18. The voyeurs dilemma... by mevets · · Score: 1

    Are you really sure you want to see more? It might harm you in ways you can't imagine.

  19. +1 Funny by mevets · · Score: -1, Flamebait

    what a time to have no mod points....

  20. Re:Big difference. by Anonymous Coward · · Score: 1

    Do you not see the difference between a potentially but very unlikely faked birth certificate, and a piece of meaningless code which won't compile, is by their own admission incomplete, and can't be tested on working hardware?

    How is this insightful? The article was right on the money. This doesn't prove anything.

  21. Blah, blah, blah, windows on smartphones. by Anonymous Coward · · Score: 0

    Dead topic,

    Android rules, and Apple owns the elitists....

    Microsoft and Research in Motion are on life support in the mobile market.

  22. WAR by Anonymous Coward · · Score: 0

    It is extrodinary that M$ would release such source code!

    Apple on the other hand has released Mac OS 10.6.8 which has destroyed and Gimped 100s of millions of Mac Desktop and Laptop (Mac Book Pro) world wide!

    Google's latest "update" to Chrome and Gmail Gimps both for Mac OS (any version)!

    Given the apparent hatrad of Apple and Google toward their customers I MUST re-evaluate my thoughts toward Microsoft!

    --

    PS I live and breathe UNIX.

  23. Not really...no. by theBully · · Score: 2

    I work in an environment where super paranoid measures are imposed to avoid issues. Every piece of software is isolated on a network with a sniffer that will check the nature and content of any data going out or in, while the software is taken through all of it's use cases. Some of these tests are time consuming because the tested software is complex and involves running very many use cases. Compared to some of these, a phone is in fact very simplistic. In many cases we test closed-source appliances but I can guarantee we do know everything the device transmits. No need for code or much reverse engineering. In conclusion, if someone wanted to prove they are doing something mischievous one could have done it without any source code. Microsoft just showed good will here.
    It's funny how people react to news about Microsoft and their technology. Take UAC for example. Everyone started complaining that they have to click an OK button every time they performed a task that involved the system. The same people thought that writing your password in Linux every time you perform an administrative task was an excellent idea. I sense a contradiction here. (For the record, I think requesting specific permissions on administrative tasks is a must so I will be happy to have that feature in any OS).

  24. This just in... by chemosh6969 · · Score: 1

    Microsoft does something...slashdotters complain. More news at 11.

  25. MS thinks open source is useful? by Anonymous Coward · · Score: 0

    So MS thinks that open source is useful... Very interesting.