Author Topic: Microsoft: All your data are belong to us. (Read 8240 times)

xtabber · « **on:** March 27, 2014, 03:59 PM »

Last week, it was revealed that Microsoft had examined the Hotmail/Outlook.com emails of a blogger, who was NOT a Microsoft employee, in order to find who had leaked confidential information to that person.

It seems this is legal because, under Microsoft’s terms of use, the company has the right to examine any user’s data for any reason they see fit.

This is very different from data mining user data to sell advertising, and it makes me wonder why anyone in their right mind would consider using Office 365 for any reason at all.

superboyac · « **Reply #1 on:** March 27, 2014, 04:10 PM »

Last week, it was revealed that Microsoft had examined the Hotmail/Outlook.com emails of a blogger, who was NOT a Microsoft employee, in order to find who had leaked confidential information to that person.

It seems this is legal because, under Microsoft’s terms of use, the company has the right to examine any user’s data for any reason they see fit.

This is very different from data mining user data to sell advertising, and it makes me wonder why anyone in their right mind would consider using Office 365 for any reason at all.
-xtabber (March 27, 2014, 03:59 PM)

What's a good alternative? I am also looking for an email/calendar service with more privacy protection than what is available. I am not having any luck. If I don't find one, I am planning on using Microsoft's Exchange Online ($4/month per user) service.

wraith808 · « **Reply #2 on:** March 27, 2014, 04:32 PM »

Last week, it was revealed that Microsoft had examined the Hotmail/Outlook.com emails of a blogger, who was NOT a Microsoft employee, in order to find who had leaked confidential information to that person.

It seems this is legal because, under Microsoft’s terms of use, the company has the right to examine any user’s data for any reason they see fit.

This is very different from data mining user data to sell advertising, and it makes me wonder why anyone in their right mind would consider using Office 365 for any reason at all.
-xtabber (March 27, 2014, 03:59 PM)

Unless you're using your own server, you're deluding yourself if you think that unencrypted e-mail isn't subject to the same things. Even if you *are*, you're still subject to it from anyone that you've sent it to.

E-mail is an inherently insecure medium. And any expectations of privacy are just that- expectations that the services go along with... until it's not expedient to do so.

Vurbal · « **Reply #3 on:** March 27, 2014, 05:15 PM »

Unless you're using your own server, you're deluding yourself if you think that unencrypted e-mail isn't subject to the same things. Even if you *are*, you're still subject to it from anyone that you've sent it to.
-wraith808 (March 27, 2014, 04:32 PM)

Or at any point during the trip from your server to their client.

Stoic Joker · « **Reply #4 on:** March 27, 2014, 05:47 PM »

Last week, it was revealed that Microsoft had examined the Hotmail/Outlook.com emails of a blogger, who was NOT a Microsoft employee, in order to find who had leaked confidential information to that person.

It seems this is legal because, under Microsoft’s terms of use, the company has the right to examine any user’s data for any reason they see fit.

This is very different from data mining user data to sell advertising, and it makes me wonder why anyone in their right mind would consider using Office 365 for any reason at all.
-xtabber (March 27, 2014, 03:59 PM)

Unless you're using your own server, you're deluding yourself if you think that unencrypted e-mail isn't subject to the same things. Even if you *are*, you're still subject to it from anyone that you've sent it to.

E-mail is an inherently insecure medium. And any expectations of privacy are just that- expectations that the services go along with... until it's not expedient to do so.
-wraith808 (March 27, 2014, 04:32 PM)

+5 - Yepper, if you make the mistake of being interesting...you're hosed no matter what you do. Server to server transfers are - straight port 25 protocol default - never encrypted. So the last mile SSL connection placebo that sheeple keep flocking to is nothing more than a sick/sad joke. The ABCs (with ears to the backbone) know exactly what they're looking for long before anyone decides to sort though your knickers.

superboyac · « **Reply #5 on:** March 27, 2014, 05:49 PM »

My question is not with security. I've accepted the fact that email is insecure. I just want a company to say "we are not allowed to poke around without your consent". Not, "if we have to, we will poke around all we want, and remove stuff and do whatever we want." I have no problem with the technology itself, even if it sucks.

40hz · « **Reply #6 on:** March 27, 2014, 06:09 PM »

I just want a company to say "we are not allowed to poke around without your consent". Not, "if we have to, we will poke around all we want, and remove stuff and do whatever we want."
-superboyac (March 27, 2014, 05:49 PM)

The problem is, between the existing state of the law, and the "understandings" between industry and government - "your consent" doesn't factor into the equation any more.

Done deal. It's over.

About the only alternative is to encrypt befor sending - BUT - how secure is the encryption alogrithm - or the OS it's running on - or the app you composed your original message in? They all can (and many do) have backdoors, engineered weaknesses, and related sneaky gremlins lurking within their code. That's the problem with closed and proprietary code. You just can't ever be sure - even if (by now) we're all pretty damn sure, if ya know what I mean. $:-\$

Jibz · « **Reply #7 on:** March 28, 2014, 01:24 AM »

I think if it's "free", or the company obviously has a commercial interest in your data not only in selling you the service, then you can be pretty sure they will take a peek.

If you want something where this is less likely, perhaps a commercial provider which is not also a multi-billion dollar conglomerate might work.

I've been using fastmail for a couple of years, and since the break with Opera, I don't see them having much interest in the data.

Vurbal · « **Reply #8 on:** March 28, 2014, 11:48 AM »

I just want a company to say "we are not allowed to poke around without your consent". Not, "if we have to, we will poke around all we want, and remove stuff and do whatever we want."
-superboyac (March 27, 2014, 05:49 PM)

The problem is, between the existing state of the law, and the "understandings" between industry and government - "your consent" doesn't factor into the equation any more.

Done deal. It's over.

About the only alternative is to encrypt befor sending - BUT - how secure is the encryption alogrithm - or the OS it's running on - or the app you composed your original message in? They all can (and many do) have backdoors, engineered weaknesses, and related sneaky gremlins lurking within their code. That's the problem with closed and proprietary code. You just can't ever be sure - even if (by now) we're all pretty damn sure, if ya know what I mean. $:-\$
-40hz (March 27, 2014, 06:09 PM)

Exactly what I've been telling people for a long time now - especially business users. Any information you entrust with a third party for transit or especially storage is, inherently, not private. At best it may be private from the world at large but you should assume some government, or maybe several, can get access to it without notice - even after the fact.

Furthermore any encryption, even if it isn't built with intentional vulnerabilities and even if nobody every works out an exploit, can be cracked by brute force given enough time and computing power. The best you can hope for is to make it difficult enough that it's not worth the time and effort. Unfortunately you can never be 100% sure how much time and effort will be required, what resources a potential attacker has at their disposal, or how badly they want to learn your secrets.

dr_andus · « **Reply #9 on:** March 28, 2014, 07:29 PM »

News just in...

Microsoft: Let's be clear, WE won't read your email – but the cops will

Today Microsoft's general counsel Brad Smith has announced Microsoft has changed its policy again. From now on, Redmond staff won't probe the email inboxes of its customers, but will outsource the job to law enforcement.

xtabber · « **Reply #10 on:** March 28, 2014, 09:34 PM »

News just in...

Microsoft: Let's be clear, WE won't read your email – but the cops will

Today Microsoft's general counsel Brad Smith has announced Microsoft has changed its policy again. From now on, Redmond staff won't probe the email inboxes of its customers, but will outsource the job to law enforcement.
-dr_andus (March 28, 2014, 07:29 PM)

So they won't read your email themselves, but they still reserve the right to rummage through any documents you have stored in their cloud.

TaoPhoenix · « **Reply #11 on:** March 28, 2014, 11:05 PM »

News just in...

Microsoft: Let's be clear, WE won't read your email – but the cops will

Today Microsoft's general counsel Brad Smith has announced Microsoft has changed its policy again. From now on, Redmond staff won't probe the email inboxes of its customers, but will outsource the job to law enforcement.
-dr_andus (March 28, 2014, 07:29 PM)

So they won't read your email themselves, but they still reserve the right to rummage through any documents you have stored in their cloud.
-xtabber (March 28, 2014, 09:34 PM)

It's time to update a children's campfire classic:

"Microsoft read the emails from the email jar."
"Who us?" "Yes you!"
"Well okay, but now we we wont." "Then who?"
"The cops!" "Well the cops found something. Then they told you."
"Who us?" "Yes you!"
"Couldn't be." "Then who?"
"Yahoo!" "So Yahoo read the emails from the email jar?"
"Yes." "But you provide some of Yahoo's back end services."
"Uh, but not those!"

xtabber · « **Reply #12 on:** April 25, 2014, 09:59 AM »

Here's a new revelation about how Microsoft treats users' data: It seems that Microsoft OneDrive for Business modifies files as it syncs without notification and without changing the file modification time stamp.

Just what is going on is not clear, and might be completely harmless, but it certainly reinforces concerns about privacy in the Microsoft cloud.

tomos · « **Reply #13 on:** April 25, 2014, 10:25 AM »

Here's a new revelation about how Microsoft treats users' data: It seems that Microsoft OneDrive for Business modifies files as it syncs without notification and without changing the file modification time stamp.

Just what is going on is not clear, and might be completely harmless, but it certainly reinforces concerns about privacy in the Microsoft cloud.
-xtabber (April 25, 2014, 09:59 AM)

that's impressive

mwb1100 · « **Reply #14 on:** April 25, 2014, 12:48 PM »

it certainly reinforces concerns about privacy in the Microsoft cloud.
-xtabber (April 25, 2014, 09:59 AM)

Even more than concerns for privacy, it should be causing people to raise holy hell about file corruption.

Author Topic: Microsoft: All your data are belong to us. (Read 8240 times)

xtabber

Microsoft: All your data are belong to us.

superboyac

Re: Microsoft: All your data are belong to us.

wraith808

Re: Microsoft: All your data are belong to us.

Vurbal

Re: Microsoft: All your data are belong to us.

Stoic Joker

Re: Microsoft: All your data are belong to us.

superboyac

Re: Microsoft: All your data are belong to us.

40hz

Re: Microsoft: All your data are belong to us.

Jibz

Re: Microsoft: All your data are belong to us.

Vurbal

Re: Microsoft: All your data are belong to us.

dr_andus

Re: Microsoft: All your data are belong to us.

xtabber

Re: Microsoft: All your data are belong to us.

TaoPhoenix

Re: Microsoft: All your data are belong to us.

xtabber

Re: Microsoft: All your data are belong to us.

tomos

Re: Microsoft: All your data are belong to us.

mwb1100

Re: Microsoft: All your data are belong to us.