Ex-Microsoft Privacy Gaffer Warns, “Don’t Trust Microsoft”

Eadon here. This week, geeky news items

The French national police sensibly switched 37,000 desktop PCs to Linux. Linux is an alternative operating system to Windows and Mac operating systems. Why Linux? It is free and open (open source). Linux is more secure and can be verified, via source code inspection, to be free of USA (or anyone else’s) spying “back doors”. So Linux is ideal for use in just about all government systems. The French cops made the correct choice. The UK government should also be migrating away from Windows kit and Apple kit to Linux ASAP. The Devil knows what surveillance tendrils the US Government / NSA have in Windows and Mac phone-home features and Windows “Update” features and other potential spying mechanisms. The same might not be true for Google’s Android IF you check and compile the source code yourself (that is the beauty of open source, a government can check it for back-door security holes). For desktops and laptop computers Linux is by far the safest system to use. Linux has an extremely low Total Cost Of Ownership (TCO) also, especially once switching, a one-off cost, has been completed.

A former Microsoft privacy gaffer says He No Longer Trusts Microsoft (Microsoft sells Windows / Office / Windows Phone / Surface / etc). In actual fact, you cannot trust ANY US-based company – see below.

No Data is Safe if Bourne to the USA. Lavabit, a USA based encrypted email provider, one of whose users was Edward Snowden as won a court appeal that allowed them to confirm what we geeks already strongly suspected. The US government ordered Lavabit to hand over an encryption “key” that allows the US government to read all encrypted emails as plain text. Concomitantly, Lavabit were not allowed to warn its customers – an ethical catastrophe.

Lavabit did the honourable thing and, to their great credit, they put themselves out of business and shut down. Shame on the US Government.

Note that if Lavabit were told to hand over the email encryption “key” to the US government, then obviously the same is true of ALL US-based encrypted email providers and, indeed, “cloud”, providers. The US Government has compromised its country’s IT industry. All corporations and governments worldwide know that when they store any data on US servers that is encrypted then it must be assumed that the US government will bypass the encryption and have access to your data. The world is twigging on and migrating their data away from US companies. The Indian government, for example, has banned the use of GMail. This spying débâcle is costing Silicon Valley alone dozens of $billions in lost profits. Even if you are a geek and encrypt your own data, various crypto techniques are now looking somewhat compromised due to US Government involvement in the specification of certain crypto standards. Fox in charge of hen house and all that.

Security boffin Bruce Schneier says that the US government has betrayed the internet. You can say that again. It has also betrayed the US-based IT Industry.

Groklaw, a beneficent electronic rights activist site, also announced it may have to shut down because there was no way it could protect it’s contributor’s emails privacy. “The owner of Lavabit tells us that he’s stopped using email and if we knew what he knew, we’d stop too.”

Here’s a cute spying story. Your smart phone has the potential to tell what you are typing on your computer keyboard from the vibrations created. The power behind the iniquitous technology is AI software called a Neural Network, which works rather like a massively simplified brain. The neural net learns by way of virtual “neurons” interconnected by virtual “synapses”. So if you’re typing something secret ensure your treacherous phone is not resting innocently on your desk. It’s bad enough that your smart phone continually reports your position to the authorities and possibly has the mic switched on for surveillance too. All of this sounds paranoid, yet Edward Snowden’s revelations show that what seems like even extreme paranoia is actually rational.

Talking of phones, the new iPhone has a finger print verification system. Despite assurances that this data stays on your phone, be not tempted by this trap! With all the spying going on, you really do not want your fingerprints in the wrong hands (pun intended in a half-assed way). Talking of iPhones, the wacky zooms, parallax and sliding animations of the latest Apple iOS phone operating system have been reported to give certain users headaches and worse, so try before you buy or your phone could make you even more miserable than it does now.

There is a looming nightmare of our web browsers not being able to show us the source code of what they are “browsing”. Does this matter? Absolutely YES. This will inevitably make the web “closed” instead of its current open status. The nightmare scenario is currently being built into actual web standards. This is a terrible idea, Digital Rights Management (DRM), which takes away our digital rights, should be restricted to optional browser plug-ins to prevent, to mangle metaphors, the unfettered tsunami of the DRM disease.

Tim Bernes-Lee, invetor of the web, do you really want to close-source the web? Are you losing the plot? One thing is for sure, this idea is a horrific plot.

More GI (Geek Insanity) will be served up next week.

2 comments on “Ex-Microsoft Privacy Gaffer Warns, “Don’t Trust Microsoft”

  1. Simon Roberts
    October 6, 2013 at 9:03 am #

    Things evolve.

    Society, technology, politics, law etc. Things change.

    All we are seeing now is the demise of systems and web sites which were set up in the days when we believed that the internet was free.

    It’s easy to look back now and say that we were naïve, but we didn’t envisage a police state – at least not in the West, which had championed freedom against the Marxist Monster for decades. Now we know different.

    The next evolutionary step in this field will be the creation of new web-based technologies that are built from the ground up to resist interception. Not enhancements of existing systems, but new ones. New minds, fresh ideas. New threats, new solutions.

    Don’t make the mistake of thinking (like someone I recently discussed this with) that there is no solution or we would already have thought of it. Before we had electricity we used gas lights.

    I suspect that the answers will lie in a combination of dispersed computing and factorisation of impossibly large numbers but who knows what great discoveries lie waiting for us?

    We’re just in a transitional phase at the moment. In a few years time the internet will be dark to the spies once again.

    When our ability to evolve requires not great wealth or power, but clever minds with cheap PCs, anything is possible.

    It’s quite exciting really 🙂

  2. James Eadon
    October 6, 2013 at 2:26 pm #

    @Simon, quite! Security guys are saying that Engineers invented the Internet without mass surveillance in mind. Now engineers need to invent a new Internet that is resistant to surveillance. As you say, virtually uncrackable security and decentralisation needs to be at the heart of it. At the moment there is a half-way house, Tor. The NSA is putting a lot of effort at analysing Tor traffic and more people are using Tor after the NSA spying revelations. So we are seeing a security arms race.
    One feature of a new web would be that encrypted nonsense data gets transmitted a lot so it’s harder to identify genuine encrypted data. That strategy would Bayesian Poison the surveillance systems. Such schemes could be done with the existing internet too. It’s getting enough people to do it, that’s the problem.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: