
FSF responds to Microsoft's privacy and encryption announcement - eltondegeneres
https://www.fsf.org/news/fsf-responds-to-microsofts-privacy-and-encryption-announcement
======
jevinskie
It seems like the response glosses over what Microsoft is actually doing and
instead just attacks them for something unrelated (Widows is closed source).
In the FSF eyes, Microsoft can do nothing to improve security until Windows is
open sourced.

~~~
obituary_latte
No, I think in the FSF's eyes -- rightfully -- it can't be proven that
security has improved.

I also can't agree that it isn't related. If I tell you I'm wearing a green
shirt, how can you know for sure if you or someone you trust hasn't verified
it? You can't. It's the same with MSFT. But in the case of MSFT, it _has_ been
proven that they wear a lot of Hypercolor[1] stuff.

Is it good that MSFT is doing stuff to make things more secure? Sure. Do we
still have to take it on faith that they are doing _everything_ they can to
protect their users? Yup.

[1][http://en.wikipedia.org/wiki/Hypercolor](http://en.wikipedia.org/wiki/Hypercolor)

~~~
criley2
So, Microsoft and its Windows product adheres to no industry standards, has no
external audit process, has never been verified by a private or Government
contract agency through audit or other verification process?

I work in a small programming company and we do internal and external audits
while maintaining compliancy with federal and state regulators as well as
groups like ISO.

Sure, our work is closed source, but that doesn't automatically mean it hasn't
been externally verified for a number of different things by a number of
different organizations...

~~~
obituary_latte
No, I did not say those things. That aside, if you wanted to, after an
audit/review concluded, could you put a backdoor in your software? Since it's
closed source, would anyone know about it?

~~~
venomsnake
In deterministic build? It will be very hard. I doubt that any audit signs on
anything other than specific versions.

~~~
throwaway2048
does microsoft use deterministic builds?

------
nivla
huh? I know this isn't going to be the popular opinion but I have to get this
off. As much as I respect FSF, this mentality is one of the things I dislike
about them. Statements that imply either you are with us or you are evil,
trying to crash at opening events of MS/Apple "saving" people from closed
source etc.

Not everything has to be open source and not everyone has to choose open
source. Microsoft/Apple/Google may never make their core products open but it
doesn't mean they can't try to make it secure or privacy conscious. The beauty
of freedom is that YOU get to choose and trust what you want, good or bad,
open or closed.

As a developer, I find GPL to be against the "spirit of open source", but it
would be extremely wrong for me to demand you license your code differently or
to even suggest to your clients to choose a liberal license. Its yours and
their choice not mine.

~~~
davexunit
>As a developer, I find GPL to be against the "spirit of open source".

It's not about open source. It's about free software.

[https://www.gnu.org/philosophy/open-source-misses-the-
point....](https://www.gnu.org/philosophy/open-source-misses-the-point.html)

~~~
TylerE
Which is, urm, rather the point.

Some of us care more about open source than free software.

~~~
pessimizer
Not the FSF. Have they ever given the impression that they care _at all_ about
open source except as a characteristic of Free software? I'm sure they didn't
intend to.

------
Sanddancer
I just love how the FSF ignores, and has ignored for a considerable amount of
time that governments, and organizations can and have gotten the Windows
source code, and that their actions today restate that they do provide the
windows source code for governments to audit. Given that such programs have
been available for a considerable amount of time, one has to wonder when the
FSF is going to change their tactic away from their current one of outright
lying about the situation.

~~~
davexunit
"Freedom and security necessitate not just being allowed a peek at the code."

"Transparency in the Windows world normally means self-reports commissioned by
Microsoft, or access granted to outsiders covering very limited portions of
source code under strict agreements that limit sharing that information."

Yup, John Sullivan really ignored that.

You can disagree with the FSF's mission, but they are certainly not spreading
lies on purpose.

~~~
Sanddancer
The source agreements are far more than just a "peek" at the code. I would
still argue that Mr Sullivan is at the very least distorting the truth, if not
outright lying. The FSF has its agenda, and has proven it will try to distort
the motives of any entity that doesn't completely agree with it.

~~~
pessimizer
>I would still argue that Mr Sullivan is at the very least distorting the
truth, if not outright lying.

And I would listen to that argument, but you haven't made it.

------
salient
As long as Microsoft tells NSA about the bugs they have in Windows before they
start fixing them [1], that just constitutes the same thing as "backdoors",
since with many of those bugs NSA can take full control of a machine.

So Microsoft doesn't need to "give NSA a backdoor". They just need to tell
them about certain bugs before they fix them - and that's _just as bad_ as
giving them backdoors, since NSA _can_ and _will_ use them as such.

[1] - [http://www.bloomberg.com/news/2013-06-14/u-s-agencies-
said-t...](http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-
data-with-thousands-of-firms.html)

~~~
astrange
You're describing a security disclosure program. Since anyone else could have
(and often has) already found the attack, the point of this is to put the
defenses up as early as possible.

Surely real valuable attacks would be ones there's no planned security update
for.

~~~
pessimizer
>You're describing a security disclosure program.

No, a security _non-_ disclosure program. Disclosure is when you tell people.
Telling a spy agency in no more "disclosure" than telling a Russian trojan
dev.

------
danbruc
Open/closed source software and secure/unsecure software are orthogonal
concepts. Yes, it may be easier to assess open source software with regard to
security and privacy issues, but it is absolutely not necessary. And even with
open source software the overwhelming majority of users still has to trust
some third party because it is absolutely unrealistic that every user or
organization audits their complete software (and hardware) stack. The only
thing you really gain is that you are free to choose which third party or
parties you have to trust.

~~~
rbanffy
> Open/closed source software and secure/unsecure software are orthogonal
> concepts

No, they are not. It's fundamentally impossible to secure proprietary software
because you have to trust its provider the software does what it says it does
whereas with open-source you can always check for yourself. Any backdoor in
open-source software is there to be exposed and corrected.

With proprietary software only one party can disclose vulnerabilities and in
open-source anyone with the knowledge can do it. You can choose to trust a
single party or choose to trust a myriad of different parties any one of which
can blow the whistle if they find something fishy.

I find it highly unlikely a backdoor to a popular open-source application
could remain there for long. I don't think it's unlikely at all with
proprietary software where there is no incentive to fix a problem until
someone outside the company learns about it.

~~~
danbruc
It is not impossible. There is no reason why closed source software can not be
secure. Yes, you can not convince yourself in the same way you can with open
source software but again secure software and the ability to convince yourself
that a software is secure are different things.

~~~
rbanffy
> There is no reason why closed source software can not be secure

True, but there is no way to _prove_ it's secure. It's not about convincing
myself or anyone else - it's about proof.

~~~
danbruc
You get no proof for open source software either unless you perform a formal
verification. And even then your proof may be wrong.

But maybe we can agree on the following. Closed source software can be secure
but there is a broad spectrum of needs for convincing someone that a software
is secure and this need may be better served with open source software in some
circumstances. For some it is sufficient to trust a vendor. Some want to audit
the source code (and this does not exclude closed source software). Some even
need formal verification maybe even of the underlying hardware.

------
zvrba
> A lock on your own house to which you do not have the master key is not a
> security system, it is a jail.

This is completely bogus. The owner of the master key may have the access
(understandably undesirable), but that does not keep you from getting out. If
anything, it's like having no lock at all.

~~~
sb057
True, but their point that "these promises are meaningless" remains valid.

~~~
zvrba
Replace "Microsoft" with manufacturers of food, cars, medicines, personal
hygiene products, etc. They are regulated, inspected, but all under the same /
similar conditions:

> or access granted to outsiders covering very limited portions of source code
> under strict agreements that limit sharing that information

You are trusting the manufacturer's promises. Are they essentially meaningless
just because the general public doesn't have insight into manufacturing
details?

------
dmfdmf
I think FSF has an open-source axe to grind here and this happens to be an
issue they can use to bash MS. I do think MS should be praised for improving
security. However, don't forget Snowden's warning -- encryption does not help
you if you don't have secure endpoints. Moreover, encryption does not help you
if you have rogue agencies with secret courts, secret rulings, no due process
and no legal rights in a police or dragnet surveillance state.

I hope the big tech companies are serious about protecting their users, even
foreign users, since their business model depends on it.

------
logn
I don't think people should be so dismissive of the FSF's argument here. It's
central to the issues with security these days. P2P Affero GPL licensed
software is about the only way to be secure anymore. Even then, we have issues
with unknown code and hardware at the lowest levels of the stacks.

------
pippy
You've got to read between the lines with a corporate statement. There are two
major issues this one:

1) They're giving no indication that they _can 't_ decrypt their customers
data. This won't protect customers from the thousands of information requests
that they're not allowed to publicly acknowledge, and will only hamper vectors
such as MITM fibre splitting. This is concerning given the fact the US
intelligence agencies share their data with private companies, and that
Microsoft didn't even attempt resist previous requests. They have no incentive
to inform customers and fight expensive legal battles, so as soon as the whole
privacy thing blows over it will be back to old habits.

2) Allowing companies to review their source code is only useful for their
desktop products. Most data is going into the cloud now, plus it's possible to
use cross library exploits and obfuscated code. I don't actually think that
they'll do this now, hover they've done it in the past with their famous
NSAKEY in the 4.0 kernel.

Office 2008 with a firewall will keep your data safe. Office365 is a company
risk. I wouldn't put anything more confidential than a CV or short story on
it.

------
tigerweeds
Microsoft's effort to protect customer data from government snooping? sounds
legit. I'll just leave this here
[https://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_...](https://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html)

