Summary: Microsoft is lying about privacy of its customers and the Free Software Foundation (FSF) responds

Here in the UK, Microsoft has just been sued for selling its customers out to the NSA, very knowingly and actively (Microsoft seems to have started PRISM).

Here are the latest bits of news, the first two being from the British press:

• UK citizen sues Microsoft over Prism private data leak to NSA

• Briton sues Microsoft over NSA data spying

• Microsoft’s Defense Against NSA’s Dark Arts: As Much Fantasy As Fact

  Microsoft put on a brave face and asked the NSA to keep its hands off its customer data without due cause. But the company's actual changes lack real technical and political punch, and don't really live up to its ostensibly bold rhetoric.
  
  NSA snooping into corporate databases, Internet traffic, and cellphone locations have put the technology industry on the defensive. Google, Mozilla, Twitter, Facebook and Yahoo have staged public efforts to shield their customer data against spying eyes without search warrants or legal subpoenas.

That last item seems to be some kind of proactive legal defence from Microsoft, coming from its top lawyer. Fortunately, the FSF has responded with facts, sparing the need for our rebuttal. This essay was licensed under a Creative Commons Attribution-No Derivative Works 3.0 license (or later version), so let's repeat it in full:

Yesterday, Microsoft announced a new effort to "[protect] customer data from government snooping." FSF executive director John Sullivan issued the following statement on Thursday, December 5th: "Microsoft has made renewed security promises before. In the end, these promises are meaningless. Proprietary software like Windows is fundamentally insecure not because of Microsoft's privacy policies but because its code is hidden from the very users whose interests it is supposed to secure. A lock on your own house to which you do not have the master key is not a security system, it is a jail.

Even on proprietary operating systems like Windows, it is advisable to use free software encryption programs such as GNU Privacy Guard. But when no one except Microsoft can see the operating system code underneath, or fix it when problems are discovered, it is impossible to have a true chain of trust.

If the NSA revelations have taught us anything, it is that journalists, governments, schools, advocacy organizations, companies, and individuals, must be using operating systems whose code can be reviewed and modified without Microsoft or any other third party's blessing. When we don't have that, back doors and privacy violations are inevitable.

While the Microsoft announcement does promise "transparency" to reassure people that there are no back doors in Windows, this is no solution. Transparency in the Windows world normally means self-reports commissioned by Microsoft, or access granted to outsiders covering very limited portions of source code under strict agreements that limit sharing that information.

Freedom and security necessitate not just being allowed a peek at the code. Microsoft has demonstrated time and time again that its definition of a "back door" will not be the same as yours. Noticing that the back door is wide open will do you no good if you are forbidden from shutting it.

The solution after Microsoft's announcement is the same as it was before its announcement. Just like Microsoft's former chief privacy adviser, switch to a free software operating system like GNU/Linux, and don't look back."

Microsoft is a bunch of liars and they not only violate the rights of customers, they also lie to them. Fortunately there are some other responses to Microsoft's Orwellian stance. ⬆