back to article Microsoft charges the FBI $50 for a copy of your private data, claim 'Redmond hackers'

Hacktivists apparently loyal to Syrian President Bashar al-Assad have bragged they hacked into Microsoft's internal system that bills US cops and feds for access to citizens' private data. And the hackers have apparently spilled the beans on how much Redmond is paid for servicing those American wiretap requests. The documents …

COMMENTS

This topic is closed for new posts.
  1. Dieter Haussmann

    If they've got nothing to hide, then they've got nothing to fear.

    1. Anonymous Coward
      Anonymous Coward

      Microsoft may make charges for the data but the money is used for lobbying the Capitol.

      So it still ends up in brown envelopes stuffed in back pockets.

  2. Don Jefe

    That's actually mighty nice of MS to give the Feds such a great rate. I charge them more than $200 just to verify the invoices I've sent them are correct. I guess they've got a volume rate though.

    But they're correct, not only can you bill them for fulfilling a court ordered request for information, you have to bill them for it. Well, you do if they want the evidence to withstand a challenge by defense attorneys. Not billing them, or billing at an unusually low rate, is a treacherous road that has been travelled many times. Providing the (service/product) free has been used to illustrate the Feds leverage and evidence obtained by undue pressure isn't admissible in court unless you are a Muslim of Semitic heritage.

    None of that matters to my point though. My point is that these Syrian hacker people need some operational guidance and they need it very badly. Forget all the MS hate for a minute, this has nothing to do with their software or business practices. This is strictly about proven practices for 'underground' groups to maintain operating capacity and efficiency.

    The first rule in that game is to never act against any powerful 3rd party that has not acted directly against you or your interests. Going out and intentionally making enemies of neutral 3rd parties isn't bold or courageous or clever. It's just fucking stupid.

    To go making enemies of a giant global powerhouse of a company (in)famous for its ultra aggressive defense, psychotic management and massive leverage with every government on Earth is just extra fucking stupid. You can reasonably defend just about any action as long as the reasons for that action are clear. If they aren't clear you're doing nothing but opening new avenues for attack. All MS is going to see are people screwing with their money and they aren't going to give any shits about your cause.

    This is not the first time I've wondered if this was all the work of Syrian rebels trying to draw the US into the conflict by blaming pro-Assad forces for the attacks.

  3. Anonymous Coward
    Anonymous Coward

    The Adventures Of Trying To Close Your MS Email Account...

    I've been trying for months but I'm caught in the infinite loop below. Does anyone know a workaround?

    MS' own solution is this... You email them all of your personal info all over again and maybe they'll look into it. That's not very attractive for those actively trying to erase themselves. I closed all Google and Yahoo accounts and had no similar probs. Its a nano sized protest, but I hope others follow and put a dent in the privacy universe. Account Settings -> Close Account:

    1. "You need to deactivate your Outlook.com or Hotmail account. Once you've done that, your Microsoft account will be closed automatically after a period of inactivity"

    2. "Deactivate your Outlook account - This option isn't available for your account"

    1. Gene Cash Silver badge

      Re: The Adventures Of Trying To Close Your MS Email Account...

      Have your lawyer send them lawsuit letter? That's what I had to do when XBOX Live kept charging my credit card despite having closed my account and the credit card being expired.

      Then I filed a complaint with the state financial services board about Washington Mutual allowing charges on an expired card. I got an apology letter from Washington Mutual, so I know they were dinged for it.

    2. Don Jefe

      Re: The Adventures Of Trying To Close Your MS Email Account...

      Good luck with killing your account. I wish you all the best. It took over a year to kill my account and the solution was, difficult, to find.

      Years earlier I had used my email address for the Admin account of my employers Great Plains deployment. Anyway, many years go by and, as part of a different employers lawsuit against MS, all the senior management was told to disconnect ourselves from anything in the company that was remotely MS related. Ok, fine, except I can't delete one of my MS accounts and nobody knows why.

      In one of the traditional MS internal fuckups they had migrated old Great Plains account information to reflect the 'new and exciting ways to give developers high blood pressure' but had failed to tell their software not to look in the old place for account info. Since the system wouldn't allow you to delete any MS accounts tied to product Admin accounts I was stuck. Trapped in a hell hole nobody wanted to revisit.

      The lawsuit was within days of wrapping up when everything got resolved. So the whole mess just ended up with Great Plains shortening my life a little more. It's possible you're trapped somewhere as well. MS isn't exactly known for learning from their mistakes you know :)

  4. Anonymous Coward
    Anonymous Coward

    Revenues down, sell more customer data will be the new norm.

  5. Frank N. Stein

    How does Microsoft "attempt to recover some of the costs associated with any such orders"? of customer data from the NSA? By overcharging for Windows RT and Surface Tablets that aren't moving in large enough quantities to matter? Does Microsoft include this in it's quarterly revenue reports? Do they get a tax break from revenue generated from paid customer information sharing requests from the NSA?

    1. Don Jefe

      Rates for services are negotiated on a regular basis between commercial entities and the GSA. Basically you create a menu of services and the Feds just pick what they want and send you a PO with each request.

      The revenue is reflected as part of whatever MS calls their government services division these days. The revenue won't be shown as a line item in regulatory filings, just as part of the category total. If regulatory filings required line item data we would see a huge spike in suicides as the general public was driven mad by seeing how fucking loony the companies underwriting their retirement funds are run :)

  6. joed

    so this is what windows 8 accounts are about

    50$ a head, pure profit

    sync early, sync often (so says M$)

  7. Anonymous Coward
    Anonymous Coward

    cheap at half the price

    I will sell my private data directly to the FBI for $100, and eliminate the MS middle man. I am still waiting for my share of the FaceBook IPO. I figure $100 billlion / 1 billlion users = $100 per user. I guess Zuckerburg lost my address.

  8. fearnothing

    $50 for a user's data being profitable? Unlikely.

    Given the admin involved, even if the actual work of copying the data only takes 5 minutes, Microsoft won't be making much of a profit on that. At $200 maybe, but I still doubt they're making much and definitely not hand over fist. I know every opportunity to bash on Redmond can't be passed up but at least choose situations where doing so is reasonable. There are plenty of them out there.

    1. Don Jefe

      Re: $50 for a user's data being profitable? Unlikely.

      Yeah, MS making $50 per head hasn't worked too well for OEM Windows installs has it? If they had shot for $65-70 Bill Gates probably wouldn't have been bumped out of the #1 spot on the wealthy people list :)

      Seriously though, what you are doing with your calculations is a fairly common error when assessing margin potential of any particular service inside large companies. That crap in SEC filings is worthless for business operations purposes. Companies aren't managed like that. Inside big companies each department will have scads of sub-departments, each run, electively, like its own stand alone business.

      Doing it that way allows you to move revenue, costs and profits around at a fairly granular level which allows you to position higher, departmental level, finances in the most advantageous way. So a sub-department that, by itself may not be a huge profit center, to add its all powerful revenue to that of the parent department. Same with losses, you can move those around so that they have title to no effect on the parent department, but on its own that sub-department would be crushed by the losses.

      What I'm getting at is that you can't calculate profits and losses for any service or product as a standalone variable. Those things must be calculated as they relate to the whole, so flat P/L performance assessments will always give you false results.

      How those profits, loses, costs and revenues are calculated is part of operational bookkeeping which no company provides access to. The SEC filings are calculated from those operational bookkeeping processes, but you don't get to see the details.

    2. Herb LeBurger

      Re: $50 for a user's data being profitable? Unlikely.

      "Receipts filed under FBI Contract JFB108289 regularly exceeded hundreds of thousands of dollars a month"

      Surely hundreds of thousands of dollars a month should cover the overhead of providing this data. If doing so were affecting their bottom line, corporations would be a lot more upset about it than the after the fact "we're outraged!" press releases that we've seen. I'd like to think that they would automate most of the process of transferring the data to law enforcement so each request becomes more of a button click than a manual process, but who knows. I understand that automation isn't free, but since they can basically name their price I don't see how they could fail to profit from this.

      I'm sure all the corporations involved in the PRISM data transfers were also well compensated for the infrastructure they had to set up to support it. Not just repaid for their expense, but with profit - think government contract.

      1. Don Jefe

        Re: $50 for a user's data being profitable? Unlikely.

        That's just it. The government & it's various agencies cannot, absolutely cannot under any circumstances, require, or request, that any US company provide any products or services at a price less than the market average for comparable products or services. The market averages are recalculated on an ongoing basis by the GSA with some things being recalculated monthly, some annually, some every two years, etc...

        The prices reflect only the exact (thing) requested. If you want the request expedited, formatted in a manner other than that specified in the contract or distributed differently, and tons of other 'options' then the costs go up quickly.

        It's all rather interesting really. So very, very many of the ideals and concepts our country was founded on have been raped, shat on and tossed into a muddy ditch, but provisions put in place specifically to reflect the fact that government had no 'default' right to the property of its citizens hast really changed. No change at all really. There's a big 'eminent domain' fight going on here in DC right now and the tyrannies of our Colonial Oppressors who stole from our ancestors in the name of a foreign crown and a Jewish God have already been recounted, printed and distributed in the most dramatic way possible :)

        Why that has survived I'll never really know. I'm glad it has survived, it just seems strange that it has.

  9. Fruit and Nutcase Silver badge
    Thumb Up

    New revenue stream

    to replace Office cash cow

  10. Vociferous

    "Hacktivists apparently loyal to Syrian President Bashar Assad"

    They're Russian, almost certainly state-sponsored, hackers.

  11. Bladeforce

    The sad thing is..

    even if this is a bogus story you could be forgiven for thinking that Microsoft would do this. I heard a story that their new wireless mouse comes with a subscription. Now the story was utter crap but you could see them doing this they are that desperate to break away into new areas instead of relying on their cash cows (Server/Office)

  12. AndricD

    doesn't even prove they hacked MS - as I understand it you can pretty much work out that all the companies will charge for access so probably is just a going rate. Advertises that US companies are supposedly in danger from Syria .. nothing to do with war mongering surely...

This topic is closed for new posts.

Other stories you might like