backtop


Print 38 comment(s) - last by Danger D.. on Mar 5 at 11:38 AM

Microsoft demands a take-down of the manual, which it says was illegally leaked and posted

Microsoft landed in hot water earlier this week when its "Global Criminal Compliance Handbook" was published by whistleblower site Cryptome.  

The guide details much of the wealth of information that the company retains on its internet users and Xbox owners.  Now Microsoft is demanding that the site remove the posted guide, which its legal team claims was illegally obtained and posted.

The guide, dated March 2008, details Microsoft's surveillance services of Hotmail, Live Messenger and Xbox LIVE users that it offers the government.

For Hotmail, Microsoft offers IP address disclosure, e-mail account registration records, stored e-mail records, account access records.  For Windows Live Spaces, it offers the previous information, plus owner (creator) information.  For Xbox Live it offers users' Gamertags, their credit card number, phone number, first/last name, zip code, the serial number of their Xbox console if it has been used on Xbox LIVE, their email account address, and the lifetime IP history of the Gamertag.

Microsoft officials have not publicly commented on the leak, though they are actively pursuing trying to silence it online.

Cryptome's host -- Network Solutions -- has responded to a Digital Millennium Copyright Act (DMCA) takedown notice from Microsoft and Cryptome is now offline.  The manual can easily be found as a 1.7 MB file on numerous torrents, though, such as this one at Torrent Reactor.  Fellow whistleblower site Wikileaks has agreed to host the site outside the U.S. to protect it from the powerful DMCA.  Describes a spokesperson for Wikileaks, "We will host Cryptome on our multi-jurisdictional network-outside the US-if required."

The incident was similar to the previous leak of Microsoft's secret Computer Online Forensic Evidence Extractor (COFEE).  Microsoft gives COFEE on USB sticks to law enforcement agencies, allowing them to extract "volatile" files from offenders with Windows computers.

The incident also raises questions in the ongoing debate over just how much personal information web service providers, OS makers, and game console makers should retain.  Google, Yahoo, and Microsoft all came under fire in recent months for retaining users' search records.  They have all since agreed to scale back the time of data retention.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

How does this help MS?
By Smilin on 2/25/2010 10:03:23 AM , Rating: 5
Don't go pointing the finger in the wrong direction folks. None of this information does anything to make Microsoft money yet it is a hassle to collect. Not exactly something they would do by choice.

Blame your freaked out, rights-stripping, patriot-act passing, terror-threat-leavel raising, retarded govornment.




RE: How does this help MS?
By Danger D on 2/25/10, Rating: -1
RE: How does this help MS?
By Smilin on 2/25/2010 10:55:48 AM , Rating: 3
quote:
They can force them to turn over data, but they can't force them to go through costly procedures to collect data that serves no purpose to their business.


They can force them to turn over data but not force them to collect it? Uh, whut?


RE: How does this help MS?
By Modeverything on 2/25/2010 12:04:37 PM , Rating: 3
quote:
They can force them to turn over data but not force them to collect it? Uh, whut?


I know there is some level of truth to this, but I don't know all of the legal details. I work in the IT dept at a company that has commercial and government contracts. Sometimes we get a Federal Grand Jury subpoena from a requesting all data associated with individuals and/or events. Our lawyers have advised us to only keep a limited amount of data for a short amount of time. When we get the subpoena, we give them what we have, but we often don't have all of the data they request, and there's nothing they can do about it.

I have had to do this multiple times over the years and it's always the same. As long as you don't destroy data that is requested after the subpoena and you give them everything you do have, you're ok. They can't force us to keep specific data. We only keep what is beneficial to the operation of our business.

As I mentioned in the beginning though, I only know there is some level of truth to this, because I'm not a lawyer, and I don't know what some other company's obligations may be.


RE: How does this help MS?
By Mitch101 on 2/26/2010 11:10:41 AM , Rating: 2
quote:
Microsoft gives COFEE on USB sticks to law enforcement agencies, allowing them to extract "volatile" files from offenders with Windows computers.


My only complaint is that it should have been called DOUGHNUT. ;)


RE: How does this help MS?
By Danger D on 2/25/2010 1:14:38 PM , Rating: 2
Why is that hard to understand? They don’t force you to collect or record most data, but once you do, they can subpoena it or otherwise force you to hand it over.

Put it this way: Microsoft decides to keep a database of the gender, ethnicity, age, etc. of certain customers. It asks a series of questions to Xbox Live users, for instance, when they register and then tracks what games they play. Microsoft uses that data to target its TV and print advertising campaigns for similar games. If 10-year-old white girls at median income generally like to play “Ice Age: The Video Game,” then they run an ad for similar games during “Hannah Montana.”

If the FBI comes up with some compelling reason to need that data, and a judge agrees, they can force Microsoft to hand it over. However, the FBI can’t just go to Microsoft and say “You need to collect and make a database because we think it will be useful.”


RE: How does this help MS?
By Smilin on 2/25/2010 2:07:38 PM , Rating: 3
MS collects tons of data for marketting purposes (all of which you must opt-in) but only some of that would be of value to law enforcement.

Most of the data outlined here is stuff that only law enforcement would be interested in and has no marketting value. It costs a LOT of money to collect this data, house it, and most importantly keep it secure. Why would MS do this? One reason: they are forced to.

quote:
However, the FBI can’t just go to Microsoft and say “You need to collect and make a database because we think it will be useful.”


You're right. The FBI can't just go to Microsoft. They have to stop by the courthouse on the way to pick up a subpoena/warrant first.


RE: How does this help MS?
By Danger D on 2/25/2010 3:22:49 PM , Rating: 2
No, actually, they can’t go to the courthouse and get a subpoena for that. This isn’t China. The government can’t get some blanket "subpoena" forcing a private company to create and implement a system to track people for the purpose of government spying. Do you know what a "subpoena" is?

You can get a subpoena to compel testimony or provide information that a company has already gathered for its own purposes and have them turn it over, provided you have enough support to convince a judge that it’s necessary.

Post 9/11, it has become much easier for government agencies to get the rights to such data (too easy, in my opinion), but what you’re proposing is just extreme paranoia.


RE: How does this help MS?
By Smilin on 2/25/2010 5:30:22 PM , Rating: 2
quote:
The government can’t get some blanket "subpoena" forcing a private company to create and implement a system to track people for the purpose of government spying.


Nice theory but in practice things are different. Here:

http://tinyurl.com/y8dv9fx


RE: How does this help MS?
By Danger D on 2/25/2010 5:51:47 PM , Rating: 2
Clearly you don't understand a subpoena.


RE: How does this help MS?
By Smilin on 2/26/2010 10:24:00 AM , Rating: 2
First of all I said subpoena/warrant. You were the one that went down that road.

Furthermore the link I just sent shows much activity by the govornment to force companies (like AT&T) to do activities without a subpoena, warrant, or court order.

But really this is a stupid argument that strays from the point: MS has plenty of data they collect for marketting and other internal purposes (ALL of which users opt-in to) but the rest of what is mentioned in the document is crap that is of no benefit to MS. With no benefit to MS the ONLY logical reason they would collect it is if they were FORCED to.


RE: How does this help MS?
By Smilin on 2/26/2010 3:19:47 PM , Rating: 2
And to an even bigger point:

There is really very little data that's being collected at all and what data is collected will not shock anyone.


RE: How does this help MS?
By Danger D on 3/1/2010 2:20:13 PM , Rating: 1
Wild, unsubstantiated speculation. You aren't able to come up with a reason for them to gather it, so it must be that the "government made them do it!" Genius.

They gather it for their own purposes. The government takes it. Period. Show me any law that would allow an investigative agency to come in and force a business to gather information. It doesn't exist. You're being intentionally vague, because it's the only way your argument holds up.


RE: How does this help MS?
By Smilin on 3/2/2010 12:39:02 PM , Rating: 2
quote:
Show me any law that would allow an investigative agency to come in and force a business to gather information. It doesn't exist.


Sure it does...
http://thomas.loc.gov/cgi-bin/bdquery/z?d110:H.R.6...


RE: How does this help MS?
By Danger D on 3/5/2010 11:36:18 AM , Rating: 1
What does this have to do with FORCING someone to GATHER intelligence? Quote the section of this law that confirms anything you say. Or didn't you think I'd actually read it? You're grasping for straws now.


RE: How does this help MS?
By Danger D on 3/5/10, Rating: 0
RE: How does this help MS?
By drycrust3 on 2/25/2010 2:07:37 PM , Rating: 2
quote:
They can force them ...


You forgot one important fact: most of the people who use those services don't live in the USA and aren't American citizens (like myself). The CIA and the FBI and pretty well any other US Government agency could just ring up Microsoft and just ask what information they have on someone (me) and then ask them to fax it over. No "Warrent" is required because they (I) reside outside the national borders.
It is only by the policies, financial limitations, and staffing limitations of those agencies and companies involved that protects them (me).
Really, the question then isn't "Can they spy on me?", but "Where would I rather leave my information?". If I really wanted to I could, with a bit of difficulty (or arguably a lot of difficulty), completely avoid American based email, search engines, websites, instant messengers, etc, but then I would either have to get those services from somewhere else or more likely just not use the internet.
At least if I use American based services the companies involved have to understand English and that they are afraid of bad publicity. If I went to, say, European base services, then it is likely the official language they use isn't English, so it is up to the individual staff member to decide whether they can communicate with me or not. In addition, any bad publicity generated probably won't even get a mention in their local paper, so again the need to worry is up to the individual staff member, not the company's senior management.
And while I don't know for certain, it wouldn't surprise me if there are countries around where the companies will be "encouraged" to collect my information (especially credit card numbers) and hand it over to whoever without even being asked.


RE: How does this help MS?
By bhieb on 2/25/2010 10:27:28 AM , Rating: 4
To add to that does anyone here believe MS is the only one that keeps this kind of info. You'd have to be pretty naive if you think that Sony, Goggle, Yahoo, Facebook, or any big player did not keep this information.

I'm sure it is CYA if big brother comes asking. Not that they are told directly to keep it, rather that they just want to just in case.

Not really anything overly damning here IMHO. If you put your information into any online services, expect a trail to be left behind. You should expect they keep it private, but to assume it all just goes away after you hit submit is pretty dumb if you ask me. Kind of internet 101.


RE: How does this help MS?
By clovell on 2/25/2010 10:56:02 AM , Rating: 2
Maybe they aren't asked directly to collect the information, but I'm sure they're told somehow. Pissing off the government is exactly on Microsft's list of things to do - especially if the Justice Department is involved. Think 'Antitrust'.


RE: How does this help MS?
By postsrarely on 2/25/2010 4:12:17 PM , Rating: 2
CA$H:

Yahoo Issues Takedown Notice for Spying Price List

* By Kim Zetter Email Author
* December 4, 2009 |
* 5:00 pm |
* Categories: Surveillance
http://www.wired.com/threatlevel/2009/12/yahoo-spy...


Paranoia, Paranoia
By Octoberblue on 2/25/2010 12:46:55 PM , Rating: 2
Why does everyone freak out over stuff like this? If a truly tyrannical government ever takes over the US, they will force everyone to collect this kind of info anyway. Until that happens, this info being available to law enforcement can only help protect you against serious criminals. (Um, they do exist in the real world, outside of your narcissistic fantasy land where Big Brother is really only out to get you.)

Aside from that, it can hurt you... how? (Nobody's going to come after your weed stash or porno collection. Or even notice them for that matter.) Your freedom is only infringed if someone uses this information to harm you in some way. Which is illegal.

Or maybe if you tick off some powerful person they will abuse the justice system to get you. Please get over the silly delusion that anyone cares about your personal life or snarky political stances. They really don't.




RE: Paranoia, Paranoia
By wompirebat on 2/25/2010 2:20:21 PM , Rating: 2
No kidding, why get your dander up over preparation for tyranny. If something is likely to happen, why fight it? It's not like the jackboots that have access to this information are lazy and would manufacture evidence just so it appears they're doing their job. You people should trust your government. When has a corporate-government partnership ever been bad for anyone? Seriously?! (your ears should be burning from the sarcasm)
If this information is so innocuous, why is Microsoft fighting to suppress it? I hope no 'serious criminals' are ever able to gain access to such a wealth of cataloged personal information about so many Microsoft customers. It's not like such a storage bank could ever be targeted for illegal use. (again, the ears)
If we're all so insignificant, and nobody cares about us, why are they compiling all this information?
Since when, in this country, is government entitled to such personal information. Is Habeas Corpus a violation of the rights of the ruling class? Maybe some people are lazy enough to have their lives managed from cradle to grave, but I am certainly not one of them.


RE: Paranoia, Paranoia
By Octoberblue on 2/25/2010 3:33:46 PM , Rating: 2
My ears are not burning because the sarcasm is ineffectual and uninformed.

There's no violation of Habeas Corpus. For one thing you're not being physically detained, which is kind of what the "Corpus" part means. But even using the broadest interpretation of that concept, the government is still assumed to have no authority to get this information unless they can prove to the court that they have probable cause and obtain a subpoena.

If you're worried about preparations for tyranny I would be far more concerned about a radical administration selling your grandchildren into indentured servitude to China, then using the money to buy up the automotive industry, take over the banking industry, and initiate a mad power grab of 1/6th of the US economy in the health care system. Talk about managing your life from the cradle to the grave.

I would be far less worried about law enforcement being able to subpoena information when they have probable cause to believe some kid is about to shoot everyone at his school, or that a known terrorist organization is sending instructions to a cell group in the US.

How many times does this sort of thing have to happen before you realize that these concerns are real and not just some made-up pretense to spy on ordinary citizens?


RE: Paranoia, Paranoia
By smut on 2/25/2010 11:01:00 PM , Rating: 3
You talk about paranoia then type up a paranoid fantasy that somehow the current administration is evil LOL. Why do people think China JUST now started buying up our debt? That has been going on way before you ever heard of Obama! I thought conservatives loved the FREE MARKET? China bought bonds on the open market.

The public option has been dead for a long time, get over it and they were not the first administration to suggest it. Are you also forgetting Obama did not sign the bank bailout? TARP (the bank bailout) was initiated and signed by Bush. But don't let facts get in the way of rhetoric. You are one to talk about paranoia and fear mongering LOL. Sound like a Fox parrot to the core.


RE: Paranoia, Paranoia
By wiz220 on 2/25/2010 2:20:07 PM , Rating: 2
I think you have missed the point that so many have made about letting liberties slowly slip away. Once they're gone they are next to impossible to get back (without revolution) and history has taught us that once losses of liberty begin to occur they typically procede down a slippery slope. Many people concerned about privacy aren't worried about the government coming for THEM because of a silly political view or affiliation, they worry about what is coming further down the road for the country as a whole.


RE: Paranoia, Paranoia
By Smilin on 2/25/2010 2:54:16 PM , Rating: 2
This.

When was the last time you read a news article that said a small liberty that was once removed has now been added back?

Never. It doesn't happen.

You fight tooth and nail for this stuff now because once it's gone you never get it back.

I do not feel there is any imminent threat to me from the govornment but I do worry about my children. After all they are walking around with a camera, microphone, GPS, and transmitter (aka Orwellian telescreen) in their pocket. If abuse begins they are screwed.


RE: Paranoia, Paranoia
By JediJeb on 2/26/2010 6:23:03 PM , Rating: 2
On the Orwellian note, people should read "Animal Farm" which to me is more frightening. It also seems to be coming true even faster than 1984. It tell how government can make slow subtle changes that you never notice until it is too late. And most people in this country right now are not watching out for those changes. As long as the government doesn't cutoff the people's entertainment they will never notice, since more people know who is on American Idol this week than know the name of their congressman, councilman, or even vice president.


RE: Paranoia, Paranoia
By Smilin on 3/2/2010 12:51:13 PM , Rating: 2
The stuff that scares me today is "deleting information".

The ministry of truth used huge manhours to delete information when now all it takes is removing it from the search engine. there is so much information now that if software doesn't find it for you then it essentially doesn't exist.

And what about the 11th edition of the newspeak dictionary? Same thing...you don't need to delete words to make them disappear from the collective human conciousness. Just instead flood our vocabulary until unwanted thoughts become obsolete. ROFLLMFAO WTFBBQ isn't too far from "duckspeak" in the 11th edition.

check this.. http://www.thesaurus.com/browse/freedom

Note how many synonyms have become obsolete. Note how many have definitions that are not even hyperlinked.

It's kinda fun to indulge in some of this paranoia but sometimes I read or think things that makes my smile go away.

the most terrifying aspect of Orwell is that his characters didn't know it had happened. Neither would we. We always worry about "1984" in the future but never consider that it might already be here.


Yea
By Breathless on 2/25/10, Rating: 0
RE: Yea
By Spivonious on 2/25/2010 10:00:59 AM , Rating: 3
Really, Jason, would it kill you to proofread your articles?


RE: Yea
By Smilin on 2/25/2010 10:06:03 AM , Rating: 2
...but...but...it's just a blog when I make mistakes...it's news when I don't...


RE: Yea
By Drag0nFire on 2/25/10, Rating: -1
RE: Yea
By mfed3 on 2/25/2010 11:00:48 AM , Rating: 2
Seriously, Jason Mick should be fired from DailyTech. Whenever I see an article with his name at the top I cringe at how the information ahead of me will be incorrect and how there will be numerous grammar and spelling errors. Very amateur and taints the high level of quality the rest of the site retains.


freedoms...
By croc on 2/25/2010 7:58:50 PM , Rating: 1
First they came for the Communists,
and I didn’t speak up,
because I wasn’t a Communist.
Then they came for the Jews,
and I didn’t speak up,
because I wasn’t a Jew.
Then they came for the Catholics,
and I didn’t speak up,
because I was a Protestant.
Then they came for me,
and by that time there was no one
left to speak up for me.

by Rev. Martin Niemoller, 1945




RE: freedoms...
By Smilin on 2/26/2010 3:22:00 PM , Rating: 2
A favorite to be sure but not entirely appropriate here.

Did you read the document in question? MS isn't exactly hauling anyone off to the gas chamber.


Reading The Manual...
By greylica on 2/25/2010 2:00:32 PM , Rating: 2
I take good advices on how to always try to avoid Microsoft products at least for now...
But then, they will turn to Apple, ISPs, or anything, (Free software at least isn't that sick) that leads to Echelon I, II, III, and IV, and finnaly, to Icarus/Deadalus, and the Aquinas protocol.

Mwahahaha.




DMCA is for copyright only!
By dardas on 2/25/2010 7:53:51 PM , Rating: 2
the fact that MS retains all this data and is willing to pass it on to law enforcement is hardly new or surprising. just so you'll know, all WiMAX and LTE equipment comes with a "lawful intercept" feature.

My beef is with the fact that in order to remove this document from public scrutiny, MS used a DMCA takedown! a procedure used ONLY for copyright violations. since when is a document, distributed to law enforcement officers, considered copyrighted material? it's not even a considered a trade secret!

the LAWFUL way to act would've been to get a court to issue an injunction, giving the "offending" party the ability to respond. ABUSING the DMCA is actually ILLEGAL! it's only used because it's even cheaper and more effective than a SLAPP suit for the same purpose (also illegal).




By sapiens74 on 2/26/2010 6:25:49 AM , Rating: 2
Sorry,

What was the subject matter again?




"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki