Categories

ATMs Might Go Linux, MS DOS Source Released & More…

FOSS Week in Review

Is Microsoft reading your Hotmail?

Last week we learned of the arrest of Alex Kibkalo, a Microsoft employee who’s charged with leaking an unreleased version of Windows 8 to a French blogger. According to Wired, during the course of an internal investigation in Redmond, an unidentified source approached Steven Sinofsky, who was then president of Microsoft’s Windows Division.

“The source gave Sinofsky a Hotmail address that belonged to the French blogger (also not named) and said that the blogger was the person who had received the leaked software. Microsoft had already been interested in the blogger, but apparently, after the tip-off, the company’s security team did something that raised alarm bells with privacy advocates. Instead of taking their evidence to law enforcement, they decided to search through the blogger’s private messages themselves. Four days after Sinofsky’s tip-off, Microsoft lawyers ‘approved content pulls of the blogger’s Hotmail account,’ the court filings state.

“By trolling through the Hotmail email messages and MSN Messenger instant message logs, Microsoft learnt how Kibkalo and the blogger pulled off the leak, says Federal Bureau of Investigation special agent Armando Ramirez III, in an affidavit filed in connection with the case. Microsoft handed over the results of its investigation to the FBI in 2013, and Kibkalo was arrested on Wednesday.”

This, of course, created quite a stir among privacy advocates. So much so that the folks in Redmond on Thrusday announced a change of policy when it comes to riffling through people’s Hotmail accounts. They’re still going to do it, but in the future the company will publish stats regarding its breaking into people’s free Hotmail accounts. In other words, we’ll know just how much they do it.

Evidently Microsoft’s actions broke no laws. The EULA, which all users must click through in order to open an account, bans a host of activities, including uploading stolen software.

“It’s a ‘pretty broad’ list of prohibitions, all of which could result in a search, says Hanni Fakhoury, staff attorney with the Electronic Frontier Foundation.

“In an email interview, Fakhoury said that publishing data on Microsoft’s internal searches would be very useful. ‘Its hard to take Microsoft’s assurances that it respects user privacy and wants to stop government snooping when it does exactly what the it doesn’t want the government to do,’ he said.

Remember, Richard Stallman has been trying to warn us for years that when it come to “free” online services such as cloud hosted email accounts, we’re not customers. From the moment we signup we become inventory.

AT&T says net neutrality is ‘unfair’

We learned from Reuters last Friday that AT&T thinks Netflix is being something of a bully by calling for an open Internet.

“‘As we all know, there is no free lunch, and there’s also no cost-free delivery of streaming movies. Someone has to pay that cost,’ Jim Cicconi, AT&T’s senior executive vice president for external and legislative affairs wrote in a company blog post.

“‘Mr. Hastings’ arrogant proposition is that everyone else should pay but Netflix,’ he said.

This was in response to published comments made a day earlier by Netflix’s Chief Executive Reed Hastings calling for net neutrality.

In a related story, the BBC reported on Tuesday that former President Bill Clinton has said that current plans for the U.S. to relinquish some control of the Internet could damage online freedom.

“I understand in theory why we would like to have a multi-stakeholder process. I favour that,” Mr Clinton said.

“I just know that a lot of these so-called multi-stakeholders are really governments that want to gag people and restrict access to the internet. ”

Support for Mr Clinton’s fears was given by Wikimedia Foundation boss Jimmy Wales, who shared the platform with the former president.

He also said he was “worried” about net freedom when the US was no longer in charge.

The remarks were made during a debate sponsored by the Clinton Global Initiative.

ATM operators considering Linux

Computerworld is telling us that some financial services companies are considering moving their ATMs over to Linux now that Windows XP is at its end of life.

”‘The interest in a Windows alternative is presently from a small group of larger operators — which is what one might expect, as they are the most heavily impacted,’ he [David Tente, executive director of the ATM Industry Association] said.

“Windows XP currently powers nearly 95% of ATMs around the world. When Microsoft pulls the plug on support for the operating system on April 8, ATM operators who have not upgraded will essentially be running their systems on an obsolete operating system with no technical support from Microsoft

“More than 60% of the more than 400,000 ATMs in the U.S. are expected to be on Windows XP past the April 8 deadline.”

This will have to be good for open source business, as it’s doubtful that these companies are going to want to go it alone and do this migration themselves. We smell a lucrative support contract for Red Hat in the works — and that’s a good thing. It’ll put more open source guys and gals to work.

Microsoft Word ‘under attack’

On Monday we learned from Ars Technica that a recently discovered bug in Microsoft Word is being utilized for “targeted attacks.”

The in-the-wild attacks work by creating booby-trapped documents in the Rich Text Format (RTF) that exploit a vulnerability in the 2010 version of Microsoft Word, Microsoft warned in an advisory published Monday. Similar attacks work against other versions of Word, including 2003, 2007, and 2013 for Windows, Microsoft Office for Mac 2011, and multiple versions of Microsoft SharePoint Server. E-mails that are viewed or previewed using a default setting in Outlook allow the attacker to gain the same system privileges as the user who is currently logged in.

According to Dan Goodin, who wrote the article for Ars, the term “‘targeted attacks’ is typically used to describe hacks that are directed against a specific individual or group of individuals, often as part of espionage campaigns targeting corporations or government agencies.”

Brendan Eich Mozilla CEO

New Mozilla CEO Brendan Eich

The vulnerability was evidently discovered by Google security guys Drew Hintz, Shane Huntley, and Matty Pellegrino. Microsoft is suggesting that users of their products view email in plain text. They’ve also devised a temporary fix that will prevent Office from opening RTF files until a permanent solution is developed.

A better move would be to just get rid of Microsoft products and migrate to LibreOffice and Evolution — but of course we’d say that.

Brouhaha over new Mozilla boss

Also on Monday, we learned from PCWorld that there’s a new person sitting in the catbird seat. Brendan Eich, credited with being the creator of JavaScript, has taken the reins as CEO of Mozilla Corporation. Although some media pundits have said that Eich is a good fit for the job, Ars Technica reported on Tuesday that not everyone is singing praises about the new CEO.

“But much of the public reaction to his promotion skipped past that ‘can a coder run a company’ question, focusing squarely on another financial issue. In 2008, Eich donated $1,000 in support of California’s Proposition 8, the ballot initiative that sought to ban gay marriage in the state. So shortly after the announcement of Eich’s hiring, the reaction came swiftly. In particular, developers came forward with a mix of boycotts and reluctant acceptance.

“App developer Rarebit ignited the conversation by announcing that it pulled its apps from the Firefox Marketplace. In a statement, Rarebit CEO Hampton Catlin recalled the story of his own gay marriage experience in California, which allowed him to marry Rarebit co-founder Michael Catlin. Catlin called Eich out for both his Prop 8 donation and his choice not to apologize.

“‘We morally cannot support a foundation that would not only leave someone with hateful views in power but will give them a promotion and put them in charge of the entire organization,’ he wrote.

Is Eich a homophobe? Who knows? While this small political donation can and should raise some red flags, we should be mindful of the fact that it’s very possible for someone to be supportive of gay rights while being opposed to same sex marriage. Time will tell. Stay tuned.

Microsoft releases source code for MS DOS and Word for Windows

Maybe we should dust off all of the books on DOS that’ve spent the last fifteen years or so on the bottom shelf of a bookshelf, right next to the books on WordPerfect and WordStar. It seems that Microsoft has published the source code for MS DOS 1.1 and 2.0, as well as Microsoft Word for Windows 1.1a. According to PCWorld, both are being made available under a non-commercial license that bars publication on the web.

“Although Microsoft created the BASIC interpreter for the IBM PC, Microsoft used an OS licensed from Seattle Computer Products as the basic for its own OS. As the Computer History Museum notes, PC DOS version 1.0 was shipped when IBM first released its PC in August, 1981, and released version 2.0 with the IBM PC-XT in March of 1983. Microsoft later licensed the code to other OEMs under the name MS-DOS.

“In 1989, Microsoft released Word for Windows, leveraging its earlier work on Word for DOS, which shipped in 1983.”

The source code can be downloaded from the website for the Computer History Museum.

BSA infringes copyright

We had to laugh at this one. The Business Software Alliance (BSA), basically an enforcer for the proprietary interests of companies such as Microsoft, Adobe and Apple, is well known for its campaigns to get people to rat on folks using stolen proprietary software. Well, they’ve been caught in a copyright infringement, which we learned on Monday from Techdirt.

“The good folks over at TorrentFreak have now also found that the BSA also appears to be a bunch of hypocrites as well. Having launched a new “snitch” campaign on St. Patrick’s day, it appears that the organization failed to license the photo of the “pot of gold” it used on Facebook. Yes, that’s right, on the very campaign where the BSA is asking people to snitch on unlicensed software, it appears to have used an unlicensed photo. The image appears to have come from CakeCentral.”

The photo in question suddenly disappeared from BSA’s Facebook page after the organization was contacted by TorrentFreak.

Great Wide Open conference starts Wednesday in Atlanta

Those of you who live in or around Atlanta will want to remember that the Great Wide Open conference gets going this coming week. The open source conference is a two day event to be held this Wednesday and Thursday, April 2 and 3, at the 200 Peachtree Special Events & Conference Center in downtown Atlanta. Representatives from many of the most important companies in open source will be leading workshops and presentations — so you’re guaranteed to learn as well as have fun.

When you register online, don’t forget to use the promotional code “fossforce” (without the quotes) to receive a 50% discount on your tickets. With this code you’ll only pay $75 for a single day or $100 to attend both days.

**********

Well, that does it for another week. It looks like winter’s finally gone so we’re out the door to enjoy the spring temps. Until next time, may the FOSS be with you…

3 comments to ATMs Might Go Linux, MS DOS Source Released & More…

  • Mike

    Of course AT&T would say net neutrality is unfair.

    They’ve made a fortune by selling more bandwidth to customers than they actually own. In order to make up the shortfall naturally someone else should pay for it…like Netflix. Nevermind that Netflix already pays for their own connections to the net. Netflix (and by extnesion, any successful net based service) must pay to upgrade networks belonging to the poor abused ISP’s like AT&T who merely want to become the gatekeepers of all content on the ‘net, controlling everything you can and can’t access. Forget the fact they’ve already reduced the net to practically a one way pipe via lopsided up/down bandwidth speeds and restrictive EULA’s preventing home users from becoming equal participants on the net by running servers of any kind.

    Why oh why isn’t there a corporate death penalty? AT&T should be among the first on the chopping block, followed by Comcast, Time Warner, et al.

    Let net neutrality die and you’ll replace the internet with the next generation of Cable TV.

  • ???

    I hate to defend Microsoft as much as the next guy but there is a bit more to the “snooping on someones email” thing.

    Your email data for Outlook.com is stored on Microsoft’s property and that makes it legally impossible for them to do what people keep suggesting, have law enforcement issue Microsoft a subpoena for the data.

    You can’t issue a subpoena on your own “property” by law.

    Not saying Microsoft is in the right, but bashing Microsoft won’t fix the issue, the laws need to be updated or stuff like this will continue to happen.