back to article 'I don't trust Microsoft' after NSA disclosures says former privacy chief

Caspar Bowden, who was Microsoft's European chief privacy advisor from 2002 to 2011, has said that he no longer trusts his former employer after the disclosures about its involvement in NSA surveillance schemes. Speaking at the Congress on Privacy and Surveillance in Switzerland on Monday, Bowden said that he wasn't aware of …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

It amazes me that this is not being said much more often. Americans have believed the lie that this is to protect them from terrorists and business continues as usual in the United States of Paranoia.

"If Tyranny and Oppression come to this land, it will be in the guise of fighting a foreign enemy."

James Madison

21
1
Silver badge

@AC 19:39 - "Americans have believed the lie that this is to protect them from terrorists and business continues as usual"

I don't know any Americans who have believed that at any point since widespread domestic spying during the Vietnam war in the late 1960's. Those of us who weren't alert by that time were given a nasty wake-up call with the Watergate spying and the resignation of President Nixon.

Most of us were caught a bit off-guard recently by the sheer technical capabilities of the NSA though. Cracking/hacking/back-dooring through the entire system of international encryption standards and sifting through billions of communications in real-time is kind of mind-numbing in terms of its cold precision.

I don't know what alternatives are available for businesses. The NSA and GCHQ seem to have hacked right through the entire communication system, right down to the routers and switches. What would it cost to build out a new "secure" internet backbone and international phone system? Tens of trillions of dollars? And there's nothing really that would stop the NSA or GCHQ from hacking right through the new one.

And I don't think the British public are any better off than the Americans at this point, so I think your entire premise is a bit off-base.

9
3
Silver badge

Drip feed.

It has been the intentional drip feeding of the removal of the expectation of privacy over a number of years that has led the public to sleep walk into this situation.

Facebook, Google, Microsoft, Amazon and others all present an outwardly respectable face of a competent business, yet at the same time chipping away at our expectations of privacy. They claim our data is protected and the more they were trusted the more they were able to take. The public went along with it, well you had to if you wanted to be part of it.

Now of course, we have seen the other side of the coin, not only is out private information used to profile each an everyone of us but Governments caught on pretty quickly that information is power and control in this electronic data age. Instead of a product or commodity they use fear and the carrot of keeping us safe as an excuse.

The only way to fight back is to withdraw from society and disappear, which is pretty much impossible.

Governments will never stop, mainly because they can never be trusted because their whole sense of being is to stay in power and to do this they need leverage. They will legislate to the very ends of the earth to keep the little people in check. They will bury the secrets even deeper than before, so deep that even whistleblowers will think that there is nothing to blow the whistle on.

Nothing to hide then you have nothing to fear?

Time to start wearing my tinfoil hat.

2
1

Very strange... There are so many that blame 'Americans'...

Yet, so many in media assure the most constant violators of the Constitution get elected...

And, in the middle of the aftermath of NSA backdoors...

Ignore the backdoor Eropeans seem to want to keep in the SSD cards...

Until the Pandora box was opened and the White Hat Hacker released the methodology.

I am a conservative American, watching the "far less than truthful media" here, lie us to this situation.

But, the big bucks were not from here... Ask Soros, China, Korea, et al, who sub-funds the dnc... and all their newly made millionaire politicos.

0
0
Silver badge

Latest newsflash

Caspar Bowden, ex-senior Microsoft executive, is in jail tonight after being found in bed with three under-aged girls, a Baptist minister and a goat.

Police say that they have also been provided with overwhelming evidence that he was financing a plot to detonate a terrorist bomb in an American city, sell nuclear material to the Iranians and rocket technology to North Korea.

22
2
Silver badge
Black Helicopters

Re: Latest newsflash

What'll you do when these things come to pass? Video of you eating your shorts?

1
0
Silver badge

Re: Latest newsflash

Thing is though, if he were guilty of anything untoward, would anyone now not belief that it was a stiff up?

0
0
Silver badge
Happy

Oops!

".....Bowden said he wasn't aware of PRISM....." It appears Mr Bowden simply wasn't very good at his job. Either that or he's telling porkies....

5
5
Anonymous Coward

Re: Oops!

Or, the much more likely: He is a foreigner (to the USA) working in a foreign country and so doesn't get the security clearance to be told about it.

Always look for the most obvious explanation before going for corruption, incompetence or conspiracy.

8
2
Silver badge

Re: Oops!

A guy who was head of *european* privacy is unlikely to be told anything by his *american* owners, especially if it would profoundly conflict with his core purpose (which if you think about it in those terms, is a catspaw for giving cozy feelings to the users of MS services; one more drone in the PR hive). His claim seems plausible to me.

5
1
Black Helicopters

Re: Oops!

Having seen Caspar in action on the conference circuit several times whilst he was at the FIPR, I have to say that I was amazed when he took the Microsoft shilling. But maybe better to be working inside than attacking from outside...

Anyway, it wouldn't surprise me if there had been an ongoing and ubiquitous "Don't tell Caspar" activity in Microsoft.

Documentation was probably marked "TOP SECRET NOFORN & ESPECIALLY NOT CASPAR".

3
0

Anyone ever notice how similar the NSA eagle is to the NAZI eagle? Even the initials. Coincidence?

8
2
Silver badge

We have ways to make you talk

You have a problem with the FatherHomeland, citizen?

8
1
ACx

When I hear Americans chanting "USA, USA, USA", it reminds me of: "seig heil, seig heil, seig heil".

Do any other nations have a national chant?

10
1
Bronze badge

Australia does

Aussie, Aussie, Aussie. OI! OI! OI!

Although you wont hear it outside of sporting events. We're not a bunch of ultra-patriotic morons who chant our country's name at every opportunity.

Hell, 75% of us arent even aware our national anthem has a second verse, let alone be arsed to learn it.

8
0

Re: Australia does

'Thirrrddd verse - Same as the first!'

1
0

Re: Australia does

"Hell, 75% of us arent even aware our national anthem has a second verse, let alone be arsed to learn it."

Not to mention the fact that it goes so high it would tax a castrato.

0
0
Silver badge

UK unaware

"There's been a grinding down of people's privacy expectations in a systematic way as part of the corporate strategy, which I saw in Microsoft," he said. "As for the secret surveillance agenda, most people in the UK do not seem to care about it, because they lack accurate information in the media about what exactly is happening." ®

I went to the UK last week to visit my father who is 90 but a keen news watcher and always interested in politics.

When I spoke to him and one of his neighbours about the the NSA and GCHQ intrusion of privacy neither of them had heard anything about it on the news channels they watch. I don't get to see British TV so have no idea of what if any coverage is given to this. Is the whole of British TV under a D notice?

I do maintain contact with a couple of Express and Mail readers in the UK who are generally unbothered by anything like this as they are of the 'If your not doing anything wrong........................ ' camp.

Spanish friends here know absolutely nothing about anybody at all spying on them or anyone else and couldn't care less anyway.

Hell in a hand basket comes to mind!

6
1
Silver badge

Re: UK unaware

"UK unaware "

There has been plenty of news coverage here, not with any great technical detail though. Coverage has also included other countries' reactions.

3
0
Unhappy

Re: UK unaware

The only ongoing coverage is in the Guardian newspaper.

BBC covered it when it was first news, but soon dropped it.

Other TV news channels are aimed squarely at Express and Mail readers, who, as you point out, trust the Government. Unless it's led by a bloke whose father was a Marxist.

1
0

Re: UK unaware

>Unless it's led by a bloke whose father was a Marxist.

Yes, I've been struggling to figure out what the problem is here. My father & my father in law both hated the Germans so much that they joined lots of other Brits (and latterly Americans) shooting them (with guns and everything) around 70 years ago.

Now, they're not that bothered and personally I've always got on well with Germans (and Austrians) that I've met.

I'm not saying the views and actions of our parents have no influence on our outlook, but if we only ever mimicked them then we would never progress as a society.

2
0
Bronze badge

"..the immense benefits the new regime is already bestowing upon Germany"

Quite, a 17 year old Jewish refugee discovering just prior to WWII that many Brits don't like foreigners in general? 'Job done', Lord Rothermere would have said, before going off to write another article about why fascism is a Good Thing.

My grand-fathers and some of my uncles went to the rest of Europe to shoot Germans. My generation goes there to shag them. I think we have the better deal to be honest, and it's no thanks to the Mail.

2
1
Silver badge

Just remember

Being able to inspect the code all but counts for nothing if you can't trust a binary's source code. You'll have to trust someone's binary, and just cause you have the source does not mean that the source is for that exact binary.

Unless you feel like getting out pencil and paper and figuring out your own op-codes, you're always going to have this problem.

I trust the Gentoo portage tree at present, the sources I get from Gentoo mirrors, and the initial stage3 tarballs I downloaded — since 2010 I've been using Catalyst to build my own stage 3's for x86 and amd64. I might download the odd ISO image for installation purposes, but not much else.

I put limited trust in services that other people host. My preference is always to do it myself unless this proves infeasible for some technical or practical reason.

Sure, I'll make use of things like Google Docs and Office 365: on the condition that I can install it from source onto my Gentoo-based web server. Why? Because if either Google or Microsoft gets bored with hosting it, my data suddenly evaporates. It also requires me to use Internet resources to access the data.

There's always a risk of third-party access: but if you host it, that's your problem and you can implement any measures you see fit to protect yourself. If you're a guest in someone else's house however, you play by their rules.

3
0

Re: Just remember

Great idea..except - what percentage of the 'average consumer' population do you expect to be technically savvy enough to do things like this, all/most of the times?

1
0
Silver badge

Re: Just remember

Vanishingly close to 0% … My point is an inability to obtain code should not be a reason to completely shun a platform.

2
1
Silver badge
Go

Re: Just remember

./configure

make

make install

there, solved it for you... if you have the source you can have the binary

3
1
Silver badge

Re: Just remember @Stuart Longland

This 'reflections on trust' business is getting silly. I'm confident that with some time and effort I could write a c compiler[*] from scratch. Perhaps I'd write it in elisp. I doubt [insert your favourite baddie] has backdoored emacs to check for particular c source. It's just not a huge problem (AFAICS).

[*] it would be totally non optimising but that's fine, its only purpose would be to bootstrap a decent compiler from source.

1
0
Silver badge

Re: Just remember @Stuart Longland

Indeed … my point is your trust has to start with someone.

If you have the technical know-how, then off you go, build your own computer with discrete transistors hand-made from lumps of germanium … see you in a few decades.

That's not practical for 99.9% of us. For me, it's impractical for me to run purely from source, I needed some binaries to get started. I did this 3 years ago -- at the time I had just upgraded my hardware and was still on a 512kbps Internet connection, it was faster for me to compile a Gentoo stage 3 image than to download a stage 3 tarball (let alone a full ISO for Ubuntu).

Others, this might be a bit much for them, so they might go with a vendor like Red Hat, Canonical, Microsoft, etc … to provide a precompiled OS.

As for services … I host myself, others might ask someone else to host things for them. This someone else might be someone they personally know, or it might be a company, such as Google, Microsoft or whoever.

The fellow whom triggered this article, seems to be suggesting we abandon Microsoft altogether and use all open-source stuff. While I agree to a point: I think there are bigger concerns than just the availability of source code, it doesn't make you immune to the sorts of problems he appears to be trying to escape from.

3
0

but you don't really make tgat point

with your argument.

The point you make is that even when one has the source code (including the source code for the compiler) one cannot absolutely trust the resulting binary.

You argue that therefore one should trust binaries for which source code us concealed. This is not logical.

Better to argue that the concealment of the source code is an easy marker for something to distrust, and if possible eschew, but that even those programs where source is provided are not absolutely to be trusted only because of that.

0
0
Silver badge
Facepalm

Bwahahahahahahah!

And why did you ever trust them in the first place?!

2
0
Paris Hilton

We didn't have a reason?

"I don't trust Microsoft."

You could have stopped there, Caspar.

4
0

1. Chapeau bas to Caspar Bowden.

2. Given that most people can't read the Guardian, how can UK awareness be raised?

"As for the secret surveillance agenda, most people in the UK do not seem to care about it, because they lack accurate information in the media about what exactly is happening."

One idea: -

Communications Data Bill

For years, the Home Office have been advocating the Communications Data Bill and the Interception Modernisation Plan before it on the basis that the security services must have the interception tools needed to defend us against terrorism.

The implication was that the security services didn't have these tools.

It now transpires that they do have them.

Which means that the Home Office were deceiving parliament, the media and the public.

That ought to be a story the media would consider running.

Even if they believe that interception is justified the media might at least ask why the Home office been wasting parliamentary time?

http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

1
0

Very strange... There are so many that blame 'Americans'...

Yet, so many in media assure the most constant violators of the Constitution get elected...

And, in the middle of the aftermath of NSA backdoors...

Ignore the backdoor Europeans seem to want to keep in the SSD cards...

Until the Pandora box was opened and the White Hat Hacker released the methodology.

I am a conservative American, watching the "far less than truthful media" here, lie us to this situation.

But, the big bucks were not from here... Ask Soros, China, Korea, et al, who sub-funds the dnc... and all their newly made millionaire politicos.

1
0
Anonymous Coward

'Ignore the backdoor Europeans seem to want to keep in the SSD cards...'

Have you got a link to that? (Got hit with pretty much garbage when I tried to search on that topic)

0
0
Anonymous Coward

"Very strange... There are so many that blame Americans"

There is awareness of the same thing going on in the UK, the 5-eyes and others at equivalent privacy crushing levels.... I think people are just venting at the US because its the biggest bully. Plus its the primary hoster of the larger social 'narcissistic' networking sites.

But the key problem for the US is- it always tries to justify its position by stating that its laws are legal and it won't spy on Americans only the rest of the world. But how can US law override the laws of the rest of the planet? The US offers little assurance to US citizens either, as everyone knows USNSA promises are just double-speak for ever-morphing Animal Farm laws....

The globe is beginning to learn how the US likes to spy on its allies for corporate advantage too (see BBC extract below).... All we can hope for is that over time US corporations lose enough bucks from companies shunning US clouds that congressmen are forced to listen...

"In a report commissioned by the European Parliament he produced evidence that the NSA snooped on phone calls from a French firm bidding for a contract in Brazil. They passed the information on to an American competitor, which won the contract. "There's no safeguards, no remedies, " he said, "There's nowhere you can go to say that they've been snooping on your international communications. Its a totally lawless world."

1
0
Anonymous Coward

Re: "Very strange... There are so many that blame Americans"

>The globe is beginning to learn how the US likes to spy on its allies for corporate advantage too.

Yeah, Airbus has also lost a few deals thanks to the this wiretapping ... when you consider the Brits are in with the yanks on this and you consider that airbus employs quite a "few" Brits around the globe, you would not really believe it, right ?

Then again, how is that donkey called that acts as the EU secretary on foreign affairs ? AFAIK, she has not yet resigned ...

1
0
This topic is closed for new posts.

Forums