Archive

Posts Tagged ‘Microsoft’

Microsoft support scammer sent down — first ever successful prosecution in the UK

April 2, 2014 1 comment

We’ve all had those phone calls — some of us have had many of them — from Microsoft certified support engineers offering to fix our PCs over the phone. They can be very compelling.

“Your PC is running slow. I can fix it for you over the phone.”

“How much?”

“No fee. You can just pay me what you think it’s worth — maybe £30 — when it’s done. If I don’t improve things, you don’t need to pay anything.”

It’s a good bet. Who hasn’t got a PC that is running slower than it did when we bought it?

What happens next might vary. The scammer will talk you through a few things to gain your confidence. Then he will come a cross a problem too difficult to handle through conversation — but having gained your confidence, where is the problem in letting him fix it for you remotely? All you have to do is install this bit of software, which he’ll talk you through, and he’ll be able to fix it immediately — and even provide a very cheap anti-virus program to improve your security.

Suddenly, that £30 has become £80. He’s fixed nothing and sold you free software — and possibly left something nasty on your computer. Well, the e-crime team from Trading Standards has now successfully prosecuted one of these scammers: Mr Mohammed Khalid Jamil, was sentenced to 4 months imprisonment, suspended for 12 months, and fined £5000. Jamil was also ordered to pay £5665 in compensation to his victims and £13929 in prosecution costs.

Lord Toby Harris, chairman of the National Trading Standards Board, commented, “This is a landmark case, as we believe it may be the first ever successful prosecution of someone involved in the Microsoft scam in the UK. It’s an important turning point for UK consumers who have been plagued by this scam, or variants of it, for several years. Many have succumbed to it, parting with significant sums of money, their computers have been compromised and their personal details have been put at risk. Now that one of the many individuals who’ve been operating this scam has been brought to justice, it’s a stark warning to anyone else still doing it, that they can be caught and will be prosecuted.”

Categories: All, Security Issues

Don’t let the government or the tech giants fool you into thinking anything is changing

April 1, 2014 Leave a comment

When Bruce Schneier left the employ of BT, he finally got off the pot. His natural inclinations can now be seen. He still hasn’t criticised BT despite it being obvious that BT is no more innocent than any of the big American telecoms companies — but he told me (by email) at the time that he tried to avoid getting involved in foreign politics.

Bruce Schneier: photo by Doug Logan

Bruce Schneier — the ex-BT, anti-surveillance privacy guru

He hasn’t been 100% consistent in this. When Swedish journalists discovered Swedish involvement in the MITM NSA/GCHQ hacking program known as Quantum, he said, “Both Quantum and FoxAcid are NSA/GCHQ programs to attack computer users. The fact that Sweden is involved in these programs means that Sweden is involved in active attacks against internet users. It is not just passive monitoring. This is an active attack.”

One day we may yet hear what he knows about BT’s cooperation with GCHQ (Tempora et al).

In the meantime, he is now no longer backward in commenting on surveillance in general and the NSA in particular. An article in The Atlantic last week warns us not to listen uncritically to the protestations of either the NSA or the tech giants that now appear to be up in arms against this NSA hacking and surveillance.

The tech giants (Google, Facebook, Yahoo, Microsoft etcetera) all claim to be doing what they can to prevent further snooping. But they are not doing the one thing that would work — they are not encrypting user data on servers in a way that would be impossible for governments to demand the keys. And the reason they are not doing this is simply because the vendors and the governments both want the same thing — to be able to read our data.

The best we have are caveat-laden pseudo-assurances. At SXSW earlier this month, CEO Eric Schmidt tried to reassure the audience by saying that he was “pretty sure that information within Google is now safe from any government’s prying eyes.” A more accurate statement might be, “Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about. And, of course, we still have complete access to it all, and can sell it at will to whomever we want.”
Don’t Listen to Google and Facebook: The Public-Private Surveillance Partnership Is Still Going Strong

The reality is that for so long as the vendors want access to our data, the governments will be able to demand it. Neither of that is changing; although both sides are trying to pretend it is.

Categories: All, Politics, Security Issues

Microsoft’s new secret weapon: listening to its customers

March 29, 2014 Leave a comment

I am not Microsoft’s greatest fan. It is a dinosaur stuck on the beach while the fleeter of foot are soaring through the clouds. The reality is that it has no, and has never had, any visionaries. Even its domination of the desktop was more down to luck and sharp practices than genuine vision.

It was lucky that Gary Kildall rejected IBM’s overtures, else there would never have been an MS-DOS; and it was sharp practices that killed off Digital Research — its one serious and technically superior competitor. It was lucky that Apple demonstrated the value of Xerox Parc research and paved the way for Windows. It was lucky Jobs was so far ahead of his time he thought he could have a walled garden in the ’80s; and almost destroyed Apple in the process.

But it was sheer arrogant blindness that made Gates think he could ignore the internet. For the last two decades Microsoft has been forced into playing catch up; but catch up never works if you don’t have the vision to get ahead of the competition.

Now, in just one area, Microsoft is showing visionary signs that could differentiate it from all of its competitors. Microsoft has started listening to its customers rather than imposing its will on its customers.

While Facebook is telling everyone that they don’t want privacy, Microsoft is listening and saying, OK, we will give you privacy. While Google is fighting the European Union over privacy and cloud storage, Microsoft is listening to the EU and saying, OK, we can accommodate and store European data in European data centres.

Now, it’s not as simple as that. The US government can still demand customer data from Microsoft’s European data centres simply because Microsoft is a US company. But it’s making that data much more defensible, and telling the EU that it is willing to cooperate rather than fight.

Similar over privacy. When it became clear last week that Microsoft had, quite legally, searched the emails of one of its customers concerning the theft of Microsoft IP, it knew there would be privacy issues. It immediately said two things: firstly that it would in future get a pseudo warrant from an independent lawyer who had previously been a judge, and secondly that it would include its own searches in future ‘transparency reports’ (the ones that publish the number of law enforcement searches).

It wasn’t enough for the privacy advocates who pointed to the hypocrisy of criticising NSA warrantless surveillance and then doing its own.

To Microsoft’s great credit, within a week, it has listened, heard and understood. Brad Smith announced yesterday,

Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required.
We’re listening: Additional steps to protect your privacy

Is this a new Microsoft — the genuinely ‘listening’ company? It no longer dominates the world’s operating systems, and is losing ground on desktop office software. But it seems to be doing one thing that none of its competitors are doing. It is listening to its customers, and giving them what they want. That alone, over the next few years, could catapult Microsoft back into a leading position.

Categories: All, Security Issues

What ties Microsoft, surveillance, Syria and the Syrian Electronic Army together?

January 2, 2014 Leave a comment

The Syrian Electronic Army (SEA) yesterday hacked Skype’s WordPress and Twitter accounts. The likelihood is that the pro-Syrian group got hold of the password used by Skype’s media people, probably through its usual method of spear-phishing. My report on the incident for Infosecurity Magazine is here.

But this hack was a little different to SEA’s normal escapades. The group’s whole raison d’être is to deliver pro-Assad messages to counter what it believes is anti-Assad propaganda controlled and delivered by western governments. This is the reason that it has concentrated on attacking high-profile media companies.

Well, Skype is certainly high-profile — but the message is not ‘Syrian’. On both the Skype Twitter account and its WordPress blog the SEA message was this:

spacer

SEA's message via Skype's Twitter account

SEA’s message via Skype’s Twitter account

spacer

It’s a message you might more likely expect from Anonymous protesting against NSA surveillance and Microsoft complicity in that surveillance rather than a pro-Assad movement.

I asked SEA if it marked a change in its targets and tactics; and got this reply:

We can confirm that attack was done by us. and we gained access to important documents about monitoring accounts/emails by Microsoft.

It’s still about Syria. And we will detail that soon.

So that’s the big question now: what ties Microsoft, surveillance and Syria together?

Categories: All, Politics, Security Issues

Why the NSA is happy when Windows crashes

December 30, 2013 Leave a comment

The latest Snowden leaks via Der Spiegel contain an interesting snippet: the NSA intercepts Windows crash reports en route from the user to Microsoft. “An internal presentation suggests it is NSA’s powerful XKeyscore spying tool that is used to fish these crash reports out of the massive sea of Internet traffic.” The NSA presentation even makes a joke of it, adapting the Microsoft error message to say, “This information may be intercepted by a foreign SIGINT system…”

spacer

Frankly, I find the NSA sense of humour troubling rather than amusing.

Frankly, I find the NSA sense of humour troubling rather than amusing

spacer

These error messages, says Spiegel, provide “valuable insights into problems with a targeted person’s computer and, thus, information on security holes that might be exploitable for planting malware or spyware on the unwitting victim’s computer.”

Really? Yes really. Websense coincidentally (?) published a report on this very problem yesterday, and will be presenting further findings at RSA 2014 in San Francisco (assuming anybody is still going). It says,

One troubling thing we observed is Windows Error Reporting (a.k.a. Dr. Watson) predominantly sends out its crash logs in the clear. These error logs could ultimately allow eavesdroppers to map out vulnerable endpoints and gain a foothold within the network for more advanced penetration. Here’s more on why that’s a concern:

  • 80 percent of all network connected PCs use it – that’s more than one billion endpoints worldwide
  • Dr. Watson reports information that hackers commonly use to find and exploit weak systems such as OS, service pack and update versions
  • Crashes are especially useful for attackers as they may pinpoint a new exploitable code flaw for a zero-day attack
  • Information is also sent for common system events like plugging in a USB device

Let’s see how long it takes for Microsoft to respond and start encrypting its error messages. Then the only problem will be in persuading us that it hasn’t simultaneously given NSA the key…

Categories: All, Politics, Security Issues

Is Windows 8 an NSA trojan?

August 23, 2013 Leave a comment

That really does sound a bit extreme even for a cynic – but it’s a question that is being seriously asked and needs a serious answer. It came to a head earlier this week when Zeit Online published a story suggesting that various federal German agencies had come to the conclusion that Windows 8 is not safe for use by government.

We need to put this into context with two technologies: UEFI and TPM. The Unified Extensible Firmware Interface (UEFI) is a specification that is meant to replace the Basic Input/Output System (BIOS) firmware interface on PCs. It provides many advantages over the original BIOS, but more pertinently here, it can be used to provide ‘secure boot’. Microsoft has come in for some serious criticism over implementing UEFI secure boot on Windows 8 – sufficient criticism for a Spanish open source group, Hispalinux, to level a complaint against Microsoft with the European Union for anti-competitive behaviour. Much of that criticism has died down as it has become clear that serious power users can get round it. However, implemented to its full potential it could enforce an Apple-like walled garden around non-Microsoft manufactured PCs.

TPM – trusted platform module – is a separate issue. This is a chip that controls what can and what cannot run on your computer. It can indeed provide additional security, since if only known good software is allowed to run, then any bad software (viruses and trojans and worms and so on) cannot easily run (never say never!). And there isn’t really an issue, since if you don’t want it, you can just turn it off.

Enter TPM version 2; which is what has upset the German government agencies. Microsoft intends to employ it with Windows 8. Windows 8 will be delivered with TPM 2.0 turned on, and no way to turn it off. But for new versions of Office or completely new Microsoft software, Microsoft clearly needs to be able to bypass TPM – and it has its own key to do so. The user does not have a key to do so.

And this is where the NSA comes in. Given everything we have learned about the NSA over the last few months, does anyone really believe that Microsoft will not willingly or at best under secret coercion be forced to give those same keys to the NSA and probably the FBI as well?

Some of us may even remember the NSAKey discovered in Windows NT by Andrew Fernandes in 1999. At the time, Microsoft denied the key had anything to do with the NSA, but frankly only the gullible believed them, and most people accept that it has been present in every version of Windows ever since. Anybody who believes that Microsoft and the NSA don’t go hand in hand is living in cloud cuckoo land under heavy surveillance.

The problem is that with access to a TPM 2 key that is always on, the NSA or the FBI or both could come and go at will with no-one being any the wiser. Which is exactly how they like to operate.

Ross Anderson, Professor of Security Engineering at the Computer Laboratory, Cambridge University

Ross Anderson, Professor of Security Engineering at the Computer Laboratory, Cambridge University.

So how likely is all this? Professor Ross Anderson from Cambridge University wrote back in October 2011,

We’ve also been starting to think about the issues of law enforcement access that arose during the crypto wars and that came to light again with CAs. These issues are even more wicked with trusted boot. If the Turkish government compelled Microsoft to include the Tubitak key in Windows so their intelligence services could do man-in-the-middle attacks on Kurdish MPs’ gmail, then I expect they’ll also tell Microsoft to issue them a UEFI key to authenticate their keylogger malware.

And if the Turkish government can do that, what could the US government do?

I asked him what he thought now, and whether Windows 8 really is dangerous for governments. He said,

Non-US governments had better think carefully about their policy on all this. Until now you could grab the Linux source, go through it, tweak it till you were happy, recompile it and issue it to officials in your ministry of defence. Serious players like China even sent engineers to Redmond to inspect the copy of Windows that would be sold in their country. But most states don’t have enough competent engineers to do that.

Microsoft’s demand that the industry configure all Windows-branded machines so they’ll only boot signed operating systems will make life significantly harder for medium-sized non-aligned governments. And now that Microsoft’s admitted making NSA access easier, the idea of using COTS Windows is not emotionally compatible with the existence of large pampered signals intelligence bureaucracies, even if there isn’t a reasonable engineering alternative.

And so we return to the original question: is Windows 8 an NSA trojan? Yes. Microsoft and the NSA and the Obama administration will, of course, deny it. And the NSA — post Snowden — may never even use it. But that doesn’t alter the fact that the capability exists and could be used. A nuclear weapon is no less a nuclear weapon just because it hasn’t been used. And Windows 8 is an NSA trojan.

Categories: All, Politics, Security Issues

Microsoft Surface RT – an unmitigated disaster

August 20, 2013 Leave a comment

Nobody likes to admit to any enjoyment in “I told you so.” It is therefore with huge regret and personal pain that I now say, “I told you so.”

On August 7, 2012 – just over a year ago, this blog said: A Microsoft-made tablet? Big mistake. More specifically I added

But Microsoft’s solution is just plain wrong. It is planning to build its own tablet, to compete with the iPad and Android.

This would be a mistake…

Almost exactly one year later, on August 12, 2013, ‘Gail Fialkov, individually and on behalf of all others similarly situated’ filed suit against ‘Microsoft Corporation, Steven A Ballmer, Peter S Klein, Frank H Brod and Tami Reller’ in the US District Court, Massachusetts. The suit claims

What Defendants knew, but failed to disclose to investors, however, was that Microsoft’s foray into the tablet market was an unmitigated disaster, which left it with a large accumulation of excess, over-valued Surface RT inventory.

Despite costly attempts to spur the Surface market (such as a free $100 dollar magnetic cover/keyboard and a 30% discount on the price), ‘nothing generated meaningful sales of Surface RT.’

Then, on July 18, 2013, Microsoft issued a press release announcing that its financial results for the quarter ended June 30, 2013 had been adversely impacted by a $900 million charge related to a write-down in the value of its Surface RT inventory. In truth, however, the value of such inventory was materially impaired by March 31, 2013.

On this news, Microsoft common stock suffered its biggest price decline in more than four years, plunging $4.04 per share, or 11.4%, on very heavy trading volume to close at $31.40 per share. The magnitude of the decline in the price of Microsoft’s stock eviscerated about $34 billion of the company’s market value.

The action is claiming that anyone who purchased Microsoft stock between April 18 2013 (that is, just after the date at which it claims Microsoft was aware of the excess stock) and 18 July 2013 (that is, the date of its announcement of excess stock) suffered a material and unnecessary hit on their investment.

Whether Microsoft will issue a defence based on the public availability of this blog that had earlier warned all and sundry that the Surface was a big mistake and that they therefore had prior knowledge of the inevitability of the unmitigated disaster remains to be seen. But it could be, “Well, he told you so.”

Categories: All

A lament on the passing of independent news – not quite dead, but certainly dying

February 7, 2013 Leave a comment

Before I say anything else, let me just say that I really, really like Sophos; and I really, really like NakedSecurity; and I really, really like Graham Cluley. This is really, really just a comment on how the internet has upset the status quo rather than a criticism of any of the above.

But…

Purely coincidentally I was talking to a fellow freelancer who, like me, is old enough to remember the golden, halcyon days of freelancing back in the mists of the last century. The internet has destroyed all that, along with the majority of magazines I used to write for for whom I used to write.

“Today,” I said, “company blogs have replaced independent magazines. Just take NakedSecurity, which competes head on with the security magazines in terms of content.”

I stand by that. It’s a great blog and a great read written by experts in their subject. But the one thing it isn’t is ‘independent’.

Consider one of today’s news items: Microsoft and Symantec jointly took down the Bamital botnet (my news story is on Infosecurity Mag here). The problem is that Symantec, a direct competitor of Sophos, gets hardly a look-in on the Sophos blog – which is headlined: Bamital botnet dismantled, as Microsoft seizes control of malware servers.

spacer

sophos

spacer

In fact, you wouldn’t think that Symantec was involved in the actual takedown at all judging from the Sophos account – despite the fact that it published an excellent and detailed analysis of Bamital today.

Coincidence? Possibly; but I doubt it. The problem is that NakedSecurity is so good and so popular that it is often taken as news. It isn’t. It’s a marketing machine for Sophos – and readers should always bear in mind (not just for NakedSecurity, but for all of the company blogs that are replacing the magazines) that the one thing you cannot get from a company blog is independent news.

Microsoft: if it needs to be said, it’s said here first

January 23, 2013 Leave a comment

Ahem… I refer my honourable friends to my earlier post last year.

In which, I said,

So Microsoft’s new strategy could be to own both hardware and software – starting with its own tablet but moving into phones (perhaps by buying Nokia?) and desktops (perhaps by buying Dell or Acer, or even building new from scratch?)…
Toward a new strategy for Microsoft

Yesterday, Reuters reported,

Microsoft Corp is in discussions to invest between $1 billion and $3 billion of mezzanine financing in a buyout of Dell Inc, CNBC cited unidentified sources as saying on Tuesday.
Microsoft in talks to invest up to $3 billion in Dell

Keep up, chaps.

Categories: All, Security News, Vendor News

Toward a new strategy for Microsoft

December 2, 2012 Leave a comment

Back on 7 August I suggested that Microsoft’s plan for its own tablet was a big mistake (A Microsoft-made tablet? Big mistake). I may have been wrong – but only if it is part of a completely new and wider strategy.

Let’s look at the Big 4: Apple, Google, Microsoft and The User.

Microsoft’s strategy is built on the predominance and continued dominance of the PC. Without the PC there is only a small Microsoft – and the PC is in decline, and possibly a terminal decline. Microsoft’s strategy is in decline.

Apple’s strategy is built around owning everything, both hardware and software – and charging an obscene price for that monopoly. So far it has worked very successfully; but if you listen to the undercurrents from The User there is growing User dismay over both the price of that monopoly, and the frequency with which loyal subjects are asked to dump existing product and buy new product. Apple’s strategy is at the apex, and the only way is down (with a slight delay when it dumps OS/X in favour of desktop iOS).

Google’s strategy is to base everything in the cloud, and to own the cloud. This makes distribution very, very cheap, and upgrades cheap, seamless and invisible to the User. Google is proving very, very successful in this strategy.

But what about The User? The User’s strategy is to demand everything now, preferably free (but at least very cheap), anywhere and anytime. Microsoft provides none of this. Apple provides some, but not much, of this. Google provides it all.

So on current strategies, Microsoft is doomed, Apple will decline while Google will grow and thrive. (Incidentally, Amazon seems to have seen the writing, and I rather suspect that all three will have to watch out for Amazon in a few years time.)

But what if Microsoft has also finally come to its senses? What if the Microsoft tablet is not just a one-off foray into hardware, but part of a completely new strategy aimed at combining Apple’s hardware/software monopoly approach with Google’s cloud efficiency?

There are growing rumours that Microsoft is about to switch from, say, 3-yearly Windows releases to yearly releases. This makes no sense whatsoever under the current strategy. Expecting users to buy a new operating system every year won’t wash. Unless…

Let’s say that the MS plan is not new operating systems delivered in box or on disk, but new downloads delivered from the cloud just as its current patches are delivered every second Tuesday of the month. This model would require something like an annual license for the OS rather than a fixed price for the box. If that license were around £25 per year (preferably less), few users could say that use of Windows for just £2 per month is excessive. Let’s now take that to the logical conclusion: Windows and Office both migrate to the cloud and are both upgraded or patched on a continuous basis, as and when required, and paid for on a low-cost rolling license.

So Microsoft’s new strategy could be to own both hardware and software – starting with its own tablet but moving into phones (perhaps by buying Nokia?) and desktops (perhaps by buying Dell or Acer, or even building new from scratch?) – in mimicry of Apple; and then maintaining its software in and distributing from the cloud in mimicry of Google. Such a strategy would combine the best of all possible worlds; and while it is by no means certain that Microsoft could do it, if successful it could reverse the decline of Microsoft.

Categories: All
Follow

Get every new post delivered to your Inbox.

Join 127 other followers