Tag: microsoft

French Windows privacy slammed

c3f9850de05b9d4e64c50e5353a17117The French government is furious that Windows 10 appears to collect rather too much user data.

France’s National Data Protection Commission (CNIL) has order Microsoft to comply with the French Data Protection Act within three months. and “stop collecting excessive data and tracking browsing by users without their consent.”

In addition to this, the chair of CNIL has notified Microsoft that it needs to take “satisfactory measures to ensure the security and confidentiality of user data”. The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft’s part.

Microsoft is accused of not only gathering excessive data about users, but also irrelevant data. The CNIL points to Windows 10’s telemetry service which gathers information about the apps users have installed and how long each is used for. The complaint is that “these data are not necessary for the operation of the service”.

The company is also criticised for its lack of sufficient security — such as the four-digit PIN used to protect payment information which does not have a limit on the number of guesses that can be made. The CNIL’s list of complaints does not end there. It also took exception to the activation of an advertising ID for tailored advertising without user consent, the lack of cookie blocking options, and the fact that data is being transferred out of Europe to the US.

In a statement, the CNIL said:

Given the above, the Chair of the CNIL has decided to issue a formal notice to Microsoft Corporation to comply with the Act within three months. This proceedings only commits French Data protection authority. The other data protection authorities belonging to the WP29 Contact group are continuing their investigations within their respective national procedures.

The purpose of the notice is not to prohibit any advertising on the company’s services but, rather, to enable users to make their choice freely, having been properly informed of their rights.

It has been decided to make the formal notice public due to, among other reasons, the seriousness of the breaches and the number of individuals concerned (more than ten million Windows users on French territory).

Vole is probably not too concerned. It fully expects the cheese munching surrender monkeys to back down when the three month deadline it is up, but if France’s objection is heard by the Germans, who are a lot more earnest about privacy then it might have a fight on its hands.

Microsoft blocks Linux installations

dead linuxSoftware king of the world Microsoft has blocked a flaw in Windows RT which  allowed the users to install non-Redmond approved operating systems on Windows RT tablets.

Microsoft has closed a backdoor left open in Windows RT even though the OS is pretty much dead in the water as Vole can’t be bothered with it any more.

This vulnerability in ARM-powered locked down Windows devices was left by Redmond programmers during the development process. Exploiting this flaw, a hacker could boot operating systems of his/her choice, including Android or GNU/Linux.

In fact the use of Linux on the tablets was pretty popular as Vole is killing the support for Surface RT tablets in 2017 and Windows RT 8.1 in 2018.  This means that if the tablet is going to be any use, users will have to run something different on them.

A spokesVole described the backdoor as a security vulnerablity and fixed it accordingly.  If you are planning to install some other operating system on your Windows RT tablet, avoid the lastest update. Of course chances are you are too late.


Microsoft 365 users exposed to ransomware attack

Microsoft campusMillions of Microsoft Office 365 users were exposed to a massive zero-day Cerber ransomware attack last week.

Steven Toole, a researcher for the cloud-security firm Avanan, blogged that his company saw the first attack roll in at 6:44 a.m. on June 22 and that at least 57 percent of all Office 365 customers received at least one phishing attempt that contained the infected attachment.

The files included a ransom note and an audio warning informing victims that their files were encrypted.

Toole said it took Microsoft more than 24 hours to detect the attack and start blocking the attachment. The attacker asked for a ransom totalling 1.4 bitcoin, or about $US500, for the decryption key.

He added that the attack was a variation of a virus originally detected on network mail servers in early March of this year.

This time Cerber was widely distributed after its originator was apparently able to confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”






Microsoft pays out over Windows 10 update fiasco

live_tv_windows_10Software giant Microsoft has paid out $10,000 to a woman for its aggressive Windows 10 update campaign.

Teri Goldstein’s computer started trying to download and install the new operating system when she didn’t want it and it crashed. She said it caused her travel-agency business to slow to a crawl. It would crash, she says, and be unusable for days at a time.

When outreach to Microsoft’s customer support didn’t fix the issue, Goldstein took the software giant to court, seeking compensation for lost wages and the cost of a new computer.

She won. Last month, Microsoft dropped an appeal and Goldstein collected a $10,000 judgment from the company.

Vole denies wrongdoing, and a spokeswoman said Microsoft halted its appeal to avoid the expense of further litigation. However, the case shows the level of anger users have about the forced update programme.

Forced update screens were seen on bill-boards and television news, driving users to despair and making Microsoft appear like an autocratic paternalist father who insists on getting his own way.

“We’re continuing to listen to customer feedback and evolve the upgrade experience based on their feedback,” Microsoft said in a statement. But clearly it didn’t.

The outfit was slammed for not offering users a transparent or easy choice in the matter. Absent from Microsoft’s series of upgrade prompts was a basic “no thanks” or “never update” button.

It is pretty clear that Microsoft’s game plan was to centralise users onto one operating system so it did not have to waste time patching old versions systems. Vole wanted to have a  billion devices running the software by mid-2018. There were 300 million at last count. All that Microsoft seems to have done with its campaign is hack off the other 700 million.


How Intel killed Microsoft’s Surface

microsoft-surface-3-02The dark satanic rumour mill has been noting how Microsoft’s popular Surface 3 is starting to disappear from the shelves.  All this suggests that Vole is planning to kill off the tablet.

However, it would appear that the Surface 3, which is a cheaper cut down version of the Surface Pro, might be a casualty of Intel’s Atexit earlier this year and its decision to cull Atom development.

The Surface Pro arrived last Spring with a Cherry Trail Atom under the bonnet. It was a serviceable, if not rather dull mobile chip.  Microsoft would normally be thinking of replacing it with something better about now and Intel would normally have complied by replacing it with something from the the “Broxton” family with a new Goldmont core.

Intel however gave up on most of its planned Broxton processors as it scaled back its investment in phone and tablet components. Some Airmont parts have been announced, but they have all been aimed at low-end desktops and laptops with processors in the 4-6 watt space, not tablets with 2W processors such as the Surface 3.

Intel could offer Vole its Core M parts, which would have given the Surface a substantial performance upgrade. However, that would represent price hike from $37 for the Atom to about $250 for a core M.  AMD does not have a chip in this range, and an ARM chip would break most of the Surface’s Windows software.

Microsoft gets into the payments racket

Microsoft campusSoftware king of the world Microsoft is getting into the mobile payments racket just as soon as it gets out a few phones with its mobile OS on board.

Microsoft has introduced an NFC payment feature for users of Windows 10 Mobile devices in the US through its Microsoft Wallet app. Vole claims the move comes “in response to feedback” from its customers and with support from both MasterCard and Visa.

It is up and running on Microsoft Insiders, a group of early adopter customers who volunteer to preview new features, and general availability of NFC payments is promised for later this summer.

Vole has got the Bank of America, BECU, Chase, First Tech, Fifth Third Bank, People’s United Bank, US Bank and Virginia Credit Union . The launch date for each bank will be “posted when available,” according to Microsoft.

“Microsoft Wallet is a cloud-based payment technology that will make mobile payments simple and more secure for Windows 10 Mobile devices, starting in the US with our Lumia 950, 950 XL and 650,” the company says. “With Microsoft Wallet, you simply tap your phone on a contactless payment terminal and your default credit or debit card is charged.

“Store as many credit and debit cards as you want in your Microsoft Wallet so it’s easy to make purchases with the card of your choice. Switching takes just a tap of your finger. When you tap to pay, Microsoft Wallet sends a single-use transaction number and an encrypted security code that won’t work for any other purchase, person or device. This, plus the device PIN you use to unlock your phone, makes paying with Microsoft Wallet more secure than using the actual card alone.”


Paul Allen goes all Howard Hughes and spruces up his goose

sprucyHistory appears to be repeating itself as Microsoft founder Paul Allen has started to mimic the millionaire Howard Hughes and started constructing a huge airliner to get rockets into space.

For those who came in late, the eccentric mega-rich Hughes enthusiastically spent a fortune on a huge plane called the Spruce Goose. It did get off the ground, but has sat in a hanger ever since.

Now the mega-rich Allen has suddenly woken up in the dead of night with the cunning plan to strap two 747s together and is assembling one in the Mojave Desert.

According to the Seattle Times, which has seen it, the plane has twin fuselages, 95 feet apart that are joined across the top by a massive wing, 385 feet from tip to tip — longer than a football field including the end zones. It has the lastest wingspan than any aircraft ever built and the six-engines.

Officially called Stratolaunch, it has been nicknamed the Roc, after a mythical Middle Eastern bird so big it could carry an elephant in its claws.

In this case the idea is that the plane will carry a rocket weighing up to 275 tons slung beneath the central part of the wing — between the two fuselages — and release it at 35,000 feet. The rocket will then launch into space and deliver satellites into orbit.

The Roc will be able to land, load up and take off again, making space access easier and cheaper.

The forward end of each fuselage is round, because it’s pressurized, and a long drooping neck tapers to a Boeing 747 cockpit. It has three crew.

Allen bought two used jumbo jets formerly flown by United Airlines and cannibalized them for parts that account for about half the empty weight of the Roc.

With a rocket attached, the aircraft will weigh 1.3 million pounds, equal to the fully loaded weight of an Airbus A380 double-decker jet. The theory is that it will fly, what people are wondering about is if you can launch rockets off it and if the business model will make it worthwhile.

Allen first announced his project in Seattle in 2011, the business plan has changed several times and he has lost a few key partners along the way.

spruce goose

Microsoft creates its own FreeBSD image

microsoft-open-sourceSoftware giant Microsoft has made its own version FreeBSD 10.3 image so that the Open Saucy OS is available and supported in Azure.

Jason Anderson, principal PM manager at Microsoft’s Open Source Technology Centre says Redmond “took on the work of building, testing, releasing and maintaining the image” so it could “ensure our customers have an enterprise SLA for their FreeBSD VMs running in Azure”.

Vole said that it did it to remove that burden from the FreeBSD Foundation, which relies on community contributions.

Microsoft said that its work on FreeBSD will be shared.

“The majority of the investments we make at the kernel level to enable network and storage performance were up-streamed into the FreeBSD 10.3 release, so anyone who downloads a FreeBSD 10.3 image from the FreeBSD Foundation will get those investments from Microsoft built in to the OS,” he said.

Anderson added that Vole would stay current and make the latest releases available shortly after the FreeBSD Release Engineering team releases them.

“We are continuing to make investments to further tune performance on storage, as well as adding new Hyper-V features.”

It will also support its distribution when it is run in Azure.

Apparently, Microsoft has worked out that software vendors use FreeBSD as the OS for software appliances. This was Microsoft’s 2012 decision to ensure FreeBSD could run as a guest OS under Hyper-V.  However, Vole thought it was better to have something more predictable for Azure.

This is not the same Microsoft from the 1980s and things have improved greatly. Unless you don’t want to download Windows 10 of course. Then it really is evil as it ever was.



Microsoft sells 1,500 patents to Xiaomi

Microsoft campusSoftware king of the world Microsoft is flogging off 1,500 of its patents to Chinese smartphone maker Xiaomi in what the two companies say is the start of a long-term partnership.

The deal includes a patent cross-licensing arrangement and a commitment by Xiaomi to install copies of Microsoft software, including Office and Skype, on its phones and tablets.

Wang Xiang, senior vice president at Xiaomi said that this is a big collaboration agreement between the two. It means that Xiaomi can be a major player outside China where it is hampered by weak patent protection and a fear of a prolonged patent battle.

Wang said the acquisition of Microsoft patents, which included voice communications, multimedia and cloud computing, on top of some 3,700 patents the Chinese company filed last year, were “an important step forwards to support our expansion internationally.”

Xiaomi launched its first US device earlier this month, a TV set-top box it developed in cooperation with Google, which owns the Android operating system it and most Xiaomi devices run on. Xiaomi has also launched a tablet which runs a version of Microsoft’s Windows operating system.

Jonathan Tinter, corporate vice president at Microsoft, said the company was keen to tap into Xiaomi’s young, affluent and educated users by having its products pre-installed on their devices. He declined to go into detail about the patent deals, but said the overall deal was something “we do only with a few strategic partners.”

Florian Mueller, a patents expert who consulted for Microsoft in the past, said it was rare for Microsoft to actually sell its patents, adding “it’s possible Microsoft found it easier to impose its Android patent tax on Xiaomi as part of a broader deal that also involved a transfer of patents.”

Social notworking giants sign hate speech pact

Chamberlain_MunichFacebook, Twitter, Google, YouTube and Microsoft have signed a pact agreeing with an EU code of conduct to tackle online hate speech within 24 hours in Europe.

You will still be allowed hate speech in the US so the central platform of the Trump campaign is still safe but those who try to copy his strategy in the EU might become a little unstuck.

EU governments have been trying in recent months to get social platforms to crack down on rising online racism following the refugee crisis and terror attacks, with some even threatening action against the companies.

As part of the pledge agreed with the European Commission, the web giants will review the majority of valid requests for removal of illegal hate speech in less than 24 hours and remove or disable access to the content if necessary.

They will also strengthen their cooperation with civil society organizations who help flag hateful content when it goes online and promote “counter-narratives” to hate speech.

EU Justice Commissioner Vera Jourova said: “The recent terror attacks have reminded us of the urgent need to address illegal online hate speech. Social media is unfortunately one of the tools that terrorist groups use to radicalise young people.”

Germany got Google, Facebook and Twitter to agree to delete hate speech from their websites within 24 hours last year and even launched an investigation into the European head of Facebook over its alleged failure to remove racist hate speech.

The code of conduct is largely a continuation of efforts that the companies already take to counter hate speech on their websites, such as developing tools for people to report hateful content and training staff to handle such requests.
Twitter has suspended over 125,000 accounts since the middle of 2015 for threatening or promoting terror acts, primarily related to Islamic State.
EU ministers had called for cooperation with tech companies to be stepped up after the Brussels attacks in March.