Home Business IT Open Source FSF dismisses Microsoft security pledge as 'meaningless'

The Free Software Foundation has dismissed Microsoft's announcement of a new offer to protect its customer data from government snooping, calling it "meaningless".

In a statement, FSF executive director John Sullivan said the company had made renewed security promises in the past as well.

He was referring to a Microsoft announcement last week that it would be expanding encryption for its products in the wake of the revelations that America's National Security Agency has been conducting blanket surveillance of many countries. Microsoft and several other big technology outfits have also been exposed as co-operating with the NSA.

Sullivan pointed out that proprietary software like Windows was fundamentally insecure, not because of Microsoft's privacy policies but because the code was hidden from users whose interests it was supposed to secure.

"A lock on your own house to which you do not have the master key is not a security system, it is a jail," he said.

Even on proprietary operating systems like Windows, Sullivan said it was advisable to use free software encryption programs such as GNU Privacy Guard.

"When no-one except Microsoft can see the operating system code underneath, or fix it when problems are discovered, it is impossible to have a true chain of trust," he said.

"If the NSA revelations have taught us anything, it is that journalists, governments, schools, advocacy organisations, companies, and individuals, must be using operating systems whose code can be reviewed and modified without Microsoft or any other third party's blessing. When we don't have that, back-doors and privacy violations are inevitable.

"While the Microsoft announcement does promise 'transparency' to reassure people that there are no back-doors in Windows, this is no solution. Transparency in the Windows world normally means self-reports commissioned by Microsoft, or access granted to outsiders covering very limited portions of source code under strict agreements that limit sharing that information."

Sullivan emphasised that freedom and security could not be guaranteed by just being allowed a peek at the code. "Microsoft has demonstrated time and time again that its definition of a 'back-door' will not be the same as yours. Noticing that the back-door is wide open will do you no good if you are forbidden from shutting it," he said.

"The solution after Microsoft's announcement is the same as it was before its announcement. Just like Microsoft's former chief privacy adviser, switch to a free software operating system like GNU/Linux, and don't look back," he said.

FREE - SYDNEY & MELBOURNE BUSINESS INTELLIGENCE EVENTS

The Holy Grail of the Business Intelligence (BI) industry – pervasive deployments and widespread end-user adoption – has remained an illusive dream for years. Until now!

REGISTER & SECURE YOU PLACE / BRING A FRIEND

Melbourne - venue Captain Melville’s CBD 2:30 – 6:00pm, Tuesday 28th April

Sydney - venue Redoak CBD 2:30 – 6:00pm, Thursday 30th April

DON'T MISS OUT - MELBOURNE REGISTER NOW!

DON'T MISS OUT - SYDNEY REGISTER NOW!

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect