Microsoft: More Security Excitement

April 15, 2019

I read “Microsoft Informs Hackers Had Accessed Some Outlook Account Emails for Months.” The write up reports:

Microsoft has revealed that a hacker had access to the email addresses, folder names, and subject lines of emails, but not the content of emails or attachments of the Outlook users for three months.

That’s 90 days. Windows Defender was, I assume, on the job. The good news is that the bad actor was not able to read emails. The hacker wasn’t able “to steal login details of other personal information.” That’s good news too. Plus, Microsoft has “disabled the credentials used in the hack.”

Whoa, Nellie.

Windows Defender and presumably one or more of the companies offering super smart, super capable security services were protecting the company. I am besieged each week with requests to read white papers, participate in webinars, and get demonstrations of one of the hundreds of cyber security systems available today. These range from outfits which have former NSA, FBI, and CIA specialists monitoring their clients’ systems to companies that offer systems based on tireless artificially intelligence, proactive, predictive technology. Humans get involved only when the super system sends an alert. The idea is that every possible approach to security is available.

Microsoft can probably afford several systems and can use its own crack programmers to keep the company safe. Well, one caveat is that the programmers working on Windows 10 updates are probably not likely to be given responsibility for mission critical Microsoft security. Windows 10 updates are often of questionable quality.

A handful of questions occur to me:

  1. Perhaps Microsoft’s security expertise is not particularly good. Maybe on a par with the Windows 10 October 2018 update?
  2. Maybe Windows Defender cannot defend?
  3. Perhaps the over hyped, super capable cyber security systems do not work either?

Net net: With many well funded companies offering cyber security and big outfits entrusted by their customers with their data, are the emperors going to their yoga classes naked? Ugh. Horrible thought, but it may be accurate. At least put on some stretchy pants, please.

Stephen E Arnold, April 15, 2019

MSFT Harbors Crypto Mining in Third Party Apps

March 11, 2019

For those people not deep in the weeds, crypto currency mines are these shadowy pockets of servers that are out of our grasp, literally and figuratively. However, it was recently discovered this type of operation is a lot closer to home than most of us assume, and that’s a problem for security and intelligence professionals. We learned more from a recent TechRadar story, “Microsoft Store Apps Caught Illegally Mining Crypto Currency.”

According to the story:

“[U]nbeknownst to the users that download these apps, they secretly use the processors of the PC they are installed on to mine for crypto currency. According to Symantec, these apps come from three developers: DigiDream, 1clean and Findoo, and it is likely they were developed by the same person or group due to the malicious code Symantec found.”

A more meaningful review of apps in the Microsoft Store seems to be needed. Expensive? Yes. Likely to happen? Maybe.

Patrick Roland, March 11, 2019

Microsoft in China: Bing Back

January 25, 2019

Gone. Now back. For now.

I read “Microsoft’s Bing Accessible in China after Hours of Outages.” The source is the ever reliable, real news outfit Bloomberg. Yep, the group which runs the hardware compromise stories without sources.

Anyway I learned:

Posting on one of China’s biggest social networks, Weibo, multiple users commented that “Bing is back” and “Bing returns to normal.” Bloomberg was able to independently verify that access to the search engine in the country was once again possible.

Is the Bing system comprehensive?

Yeah, about that.

Stephen E Arnold, January 25, 2019

China Is the Winner: Bing Go

January 24, 2019

I read “China Appears to Block Microsoft’s Bing as Censorship Intensifies.” The write up explains that Bing has gone. Perhaps the Avis search system will return, but I think that some work may be required.

What’s interesting is that I understood Microsoft to be filtering certain results from the index used by those users firing queries from the Middle Kingdom.

The write up explains:

If the block proves to be permanent, it would suggest that Western companies can do little to persuade China to give them access to what has become the world’s largest Internet market by users, especially at a time of increased trade and economic tensions with the United States.

There may be some interesting implications; for example:

  • Chinese nationals who are working for Microsoft may find themselves subject scrutiny. That could bring bad tidings to the individuals and possibly their families.
  • The Redmond giant has big plans for its cloud services. In China, the weather forecast could turn grim. I suppose one can think of the possible prohibitions against Microsoft technology as a form of raining on a parade.
  • Google’s floundering in China and the more recent dust up about as special China style search system may suggest that the online ad giant is not on the same wave length as the government of China.

To sum up, this is significant if less interesting than having one’s mobile phone alert a user when a person of “low social credit score” is near.

Stephen E Arnold, January 24, 2019

Amazon Fear: A New Marketing Hook for Google and the Softies

January 14, 2019

With the Amazon AWS bulldozer grinding away, some animals are fleeing the crushing power of the machine. Others are adopting a different tactic. “At NRF 2019, Microsoft Azure and Google Cloud Platform Court Retailers Wary of Amazon” explains that their services offer a quiet place in the jungle.

The write up explains:

Retail is one of the few industries where AWS isn’t likely to have a huge lead. That reality means Google and Microsoft can pitch their AI and cloud wares to a receptive audience.

Will Google and Microsoft adopt the IBM FUD approach? Will retailers who want to sell to the federal government become more flexible when Amazon’s GovCloud becomes more dense?

DarkCyber anticipates changes which will pose considerable hurdles to Google and Microsoft as places to sell and relax in the Amazon rain forest.

Stephen E Arnold, January 14, 2019

Microsoft and Kroger: Have These Outfits Actually Shopped at a Kroger Store in Kentucky?

January 8, 2019

The answer is, “Of course not.”

Kroger’s technological capability is modest, even by the low standards which define the Commonwealth of Kentucky. Home of the corrupt sports programs, bourbon, horse racing, river boat gambling, and other intellectual high water marks.

I read “Microsoft and Kroger to Create Data-Driven Connected Grocery Stores.” What this means is that Kroger wants to get rid of humans, keep the lights at mortuary levels, and not have to fool around with pesky customers who spend actual bank notes.

The write up takes a slightly different approach, stating:

The first fruit of the partnership is a digital shelving system, which was actually announced last year and is in the process of rolling out to dozens of Kroger stores across the U.S. Called EDGE (Enhanced Display for Grocery Environment), it bypasses paper price tags for digital shelf displays that can be changed in real time from anywhere, and it also can display promotions, dietary information, and more.

Yep, that’s an idea. But the flaw is that Kroger’s in Kentucky struggle to complete these tasks in an orderly, coherent way:

  1. Restock. Aisles are choked with people trying to cram products on shelves in aisles clogged with free standing cardboard promotions, mothers wrangling toddlers, and clueless males struggling to locate milk and bread.
  2. Functioning check outs. At the Louisville Westport Kroger, the store has a dozen next generation self check out machines. At 1225 pm Eastern exactly three of the machines were working. The hapless attendant was clueless and an even more confused “manager” was trying to calm down impatient shoppers. How many human check outs were open at this fine retail outlet? Exactly one. Yeah, Windows 10 will fix this puppy.
  3. Accurate data. I routinely locate products on shelves with prices different from what the Kroger check out systems display. The error rate seems to chug along at somewhere between 10 and 15 percent. The solution? Hide the prices so the hapless shopper will not be able to compare what one tag says with what the invisible database says. I suppose one could ask Cortana.

But the kicker is the idea that a shelf will illuminate only when a person is interfacing. It is pretty tough to buy a frozen burrito when the automatic illumination systems does not function. That assumes, of course, that one can actually locate frozen burritos which are in the frozen snack freezer two aisles away from frozen Mexican food.

Should I talk about the crazy Kroger app for wireless shopping and payment. Nope, I am heading to Whole Foods.

Stephen E Arnold, January 8, 2019

Ethical Compass Update: Truth, Fiction?

December 20, 2018

I read “Google Sabotaged Edge, Hints Former Microsoft Intern.”

The question is:

Who is telling the truth?

Let’s run down the possibilities about the spin on this doctored ball.

First, Google fiddled some code to make Edge look even less appealing than Microsoft’s LinkedIn integration? Definitely possible.

Second, the “intern” is blowing smoke. Fifteen minutes of fame stuff. The inability to craft some bulletproof code maybe?

Third, the publications reporting the story are going with zippy stuff that attracts clicks.

When I read, statements like this, I wonder what’s real and what’s fake:

For all his hints about duplicitousness, Bakita doesn’t outright accuse the firm of being Machiavellian. “Now I’m not sure I’m convinced that YouTube was changed intentionally to slow Edge,” he writes. That wasn’t the case for everyone on his team, with the former Microsoft intern disclosing that “many” of his co-workers do believe this to be the case, so much so that they “looked into it personally.”

From my vantage point in Harrod’s Creek, nothing surprises me about tech giants. High school science club management methods aside, truth is difficult to discern.

Now about that 1809 update?

Stephen E Arnold, December 20, 2018

Gunning for Google AI

December 19, 2018

With DeepMind teaching itself, can other vendors of smart software catch up to the online advertising giant?

Google is on top of many tech mountains, that’s for certain. However, none may be as big as its far-reaching artificial intelligence sector. That future doesn’t look as solid as it once did, thought, because of some hard charging competition, as we discovered in a recent Eyerys article, “With Google Dominating AI, Microsoft and Facebook Want to ‘Defrag Some of the Complexity.’”

According to the story:

“Microsoft is showing that it would rather help others rather than purely focusing on its own projects. There are reasons behind the partnership…. First of all, Microsoft’s AI has its own strengths. For example, it’s particularly great for building speech recognition systems. Second, Facebook’s PyTorch has gained popularity and has some interesting technical capabilities on its own.”

This is intriguing news, considering a three-horse race between these giants would likely result in some incredible advances. Beyond Search wonders if a closer relationship with Facebook will help or hurt Microsoft’s brand image and AI progress?

But, if you ask Google, you shouldn’t expect the world to change overnight. In fact, the leader in AI actually says artificial intelligence is “very stupid” compared to humans. Is this for real or a misdirection? It’s hard to say, but there’s no doubt that this rivalry is heating up, we predict AI will not be dumb for much longer.

Artificial intelligence appears to be the “go to” buzzword for 2019. Beyond Search thinks it would be helpful if Microsoft could tighten the nuts and bolts on here and now technology like Windows Updates before delivering the future with the likes of Facebook.

Patrick Roland, December 19, 2018

Microsoft Cortana and Search: About Face, Go in Circles, At Ease

December 16, 2018

Tom’s Hardware reports that Microsoft may be divorcing the odd couple, Cortana and search. “Microsoft May Split Cortana From Search in Windows 10” reports the supposed move this way:

Some Insiders testing the new build observe that Search and Cortana actions, once intertwined to enable search with voice activation, are now separated on the taskbar. This is being interpreted as a signal away from Cortana as an integral part of Windows 10.

Here in Harrod’s Creek, we type to our computers. When we ride in our mule drawn wagon to go to the big city, we don’t talk to our mobile phone. We text and scan headlines.

Is it possible that Microsoft has realized that voice as the interface of the future may be going in different directions. Can Cortana say, “Alexa, what’s Microsoft doing?”

Stephen E Arnold, December 16, 2018

Microsoft and Its Alleged Dark Patterns Aiding User Data Collection

December 15, 2018

We have a couple of Windows 10 machines. One is in the factory default mode, which means, “Take me, your lovable beast you.” The other computer is locked down reasonably well.

If you have not looked into the wild and crazy services and functions of Windows 10, you may want to read “Microsoft Accused of Collecting Data Even When You Opt Out in Windows 10.” We are not sure if the information is accurate. The source appears to be a potato, but we try to keep an open mind.

The argument is that certain privacy controls do not turn off the phone home mechanism for Timeline, for example.

We noted this statement:

On the one hand, one shouldn’t confuse incompetence with malice, and UI design has never been Microsoft’s forte. Given the fact that Windows 10’s basic control systems are still stretched between the XP-era Control Panel and the Fluent Settings panel, with some controls overlapping in both areas and some unique to one menu or the other, it’s not exactly surprising that the company would struggle to refine and centralize its UI. On the other hand, Microsoft is no stranger to the use of so-called dark patterns — patterns of behavior that mislead the user by implying that they are taking one kind of action when they actually aren’t. The wording under AH1 implies that disabling this stops such information from flowing to Microsoft. It doesn’t.

Microsoft cares about its customer experience. I am not sure I buy this particular line of fuzzy speak sophistry, but to each his or her own.

Stephen E Arnold, December 15, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta