Happy Fourth of July Says Microsoft to Some Employees

July 8, 2024

dinosaur30a_thumb_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read “Microsoft Lays Off Employees in New Round of Cuts.” The write up reports:

Microsoft conducted another round of layoffs this week in the latest workforce reduction implemented by the Redmond tech giant this year… Posts on LinkedIn from impacted employees show the cuts affecting employees in product and program management roles.

I wonder if some of those Softies were working on security (the new Job One at Microsoft) or the brilliantly conceived and orchestrated Recall “solution.”

The write up explains or articulates an apologia too:

The cutbacks come as Microsoft tries to maintain its profit margins amid heavier capital spending, which is designed to provide the cloud infrastructure needed to train and deploy the models that power AI applications.

Several observations:

  1. A sure-fire way to solve personnel and some types of financial issues is identifying employees, whipping up some criteria-based dot points, and telling the folks, “Good news. You can find your future elsewhere.”
  2. Dumping people calls attention to management’s failure to keep staff and tasks aligned. Based on security and reliability issues Microsoft evidences, the company is too large to know what color sock is on each foot.
  3. Microsoft faces a challenge, and it is not AI. With more functions working in a browser, perhaps fed up individuals and organizations will re-visit Linux as an alternative to Microsoft’s products  and services?

Net net: Maybe firing the security professionals and those responsible for updates which kill Windows machines is a great idea?

Stephen E Arnold, July 8, 2024

Microsoft Recall Continues to Concern UK Regulators

July 4, 2024

A “feature” of the upcoming Microsoft Copilot+, dubbed Recall, looks like a giant, built-in security risk. Many devices already harbor software that can hunt through one’s files, photos, emails, and browsing history. Recall intrudes further by also taking and storing a screenshot every few seconds. Wait, what? That is what the British Information Commissioner’s Office (ICO) is asking. The BBC reports, “UK Watchdog Looking into Microsoft AI Taking Screenshots.”

Microsoft asserts users have control and that the data Recall snags is protected. But the company’s pretty words are not enough to convince the ICO. The agency is grilling Microsoft about the details and will presumably update us when it knows more. Meanwhile, journalist Imran Rahman-Jones asked experts about Recall’s ramifications. He writes:

“Jen Caltrider, who leads a privacy team at Mozilla, suggested the plans meant someone who knew your password could now access your history in more detail. ‘[This includes] law enforcement court orders, or even from Microsoft if they change their mind about keeping all this content local and not using it for targeted advertising or training their AIs down the line,’ she said. According to Microsoft, Recall will not moderate or remove information from screenshots which contain passwords or financial account information. ‘That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry,’ said Ms. Caltrider. ‘I wouldn’t want to use a computer running Recall to do anything I wouldn’t do in front of a busload of strangers. ‘That means no more logging into financial accounts, looking up sensitive health information, asking embarrassing questions, or even looking up information about a domestic violence shelter, reproductive health clinic, or immigration lawyer.’”

Calling Recall a privacy nightmare, AI and privacy adviser Dr Kris Shrishak notes just knowing one’s device is constantly taking screenshots will have a chilling effect on users. Microsoft appears to have “pulled” the service. But data and privacy expert Daniel Tozer made a couple more points: How will a company feel if a worker’s Copilot snaps a picture of their proprietary or confidential information? Will anyone whose likeness appears in video chat or a photo be asked for consent before the screenshot is taken? Our guess—not unless it is forced to.

Cynthia Murrell, July 4, 2024

The Check Is in the Mail and I Will Love You in the Morning. I Promise.

July 1, 2024

green-dino_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

Have you heard these phrases in a business context?

  • “I’ll get back to you on that”
  • “We should catch up sometime”
  • “I’ll see what I can do”
  • “I’m swamped right now”
  • “Let me check my schedule and get back to you”
  • “Sounds great, I’ll keep that in mind”

image

Thanks, MSFT Copilot. Good enough despite the mobile presented as a corded landline connected to a bank note. I understand and I will love you in the morning. No, really.

I read “It’s Safe to Update Your Windows 11 PC Again, Microsoft Reassures Millions after Dropping Software over Bug.” [If the linked article disappears, I would not be surprised.] The write up says:

Due to the severity of the glitch, Microsoft decided to ditch the roll-out of KB5039302 entirely last week. Since then, the Redmond-based company has spent time investigating the cause of the bug and determined that it only impacts those who use virtual machine tools, like CloudPC, DevBox, and Azure Virtual Desktop. Some reports suggest it affects VMware, but this hasn’t been confirmed by Microsoft.

Now the glitch has been remediated. Yes, “I’ll get back to you on that.” Okay, I am back:

…on the first sign that your Windows PC has started — usually a manufacturer’s logo on a blank screen — hold down the power button for 10 seconds to turn-off the device, press and hold the power button to turn on your PC again, and then when Windows restarts for a second time hold down the power button for 10 seconds to turn off your device again. Power-cycling twice back-to-back should means that you’re launched into Automatic Repair mode on the third reboot. Then select Advanced options to enter winRE. Microsoft has in-depth instructions on how to best handle this damaging bug on its forum.

No problem, grandma.

I read this reassurance the simple steps needed to get the old Windows 11 gizmo working again. Then I noted this article in my newsfeed this morning (July 1, 2024):  “Microsoft Notifies More Customers Their Emails Were Accessed by Russian Hackers.” This write up reports as actual factual this Microsoft announcement:

Microsoft has told more customers that their emails were compromised during a late 2023 cyberattack carried out by the Russian hacking group Midnight Blizzard.

Yep, Russians… again. The write up explains:

The attack began in late November 2023. Despite the lengthy period the attackers were present in the system, Microsoft initially insisted that that only a “very small percentage” of corporate accounts were compromised. However, the attackers managed to steal emails and attached documents during the incident.

I can hear in the back of my mind this statement: “I’ll see what I can do.” Okay, thanks.

This somewhat interesting revelation about an event chugging along unfixed since late 2023 has annoyed some other people, not your favorite dinobaby. The article concluded with this passage:

In April [2023], a highly critical report [pdf] by the US Cyber Safety Review Board slammed the company’s response to a separate 2023 incident where Chinese hackers accessed emails of high-profile US government officials. The report criticized Microsoft’s “cascade of security failures” and a culture that downplayed security investments in favor of new products. “Microsoft had not sufficiently prioritized rearchitecting its legacy infrastructure to address the current threat landscape,” the report said. The urgency of the situation prompted US federal agencies to take action in April [2023]. An emergency directive was issued by the US Cybersecurity and Infrastructure Security Agency (CISA), mandating government agencies to analyze emails, reset compromised credentials, and tighten security measures for Microsoft cloud accounts, fearing potential access to sensitive communications by Midnight Blizzard hackers. CISA even said the Microsoft hack posed a “grave and unacceptable risk” to government agencies.

“Sounds great, I’ll keep that in mind.”

Stephen E Arnold, July 1, 2024

Microsoft: Not Deteriorating, Just Normal Behavior

June 26, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Gee, Microsoft, you are amazing. We just fired up a new Windows 11 Professional machine and guess what? Yep, the printers are not recognized. Nice work and consistent good enough quality.

Then I read “Microsoft Admits to Problems Upgrading Windows 11 Pro to Enterprise.” That write up says:

There are problems with Microsoft’s last few Windows 11 updates, leaving some users unable to make the move from Windows 11 Pro to Enterprise. Microsoft made the admission in an update to the "known issues" list for the June 11, 2024, update for Windows 11 22H2 and 23H2 – KB5039212. According to Microsoft, "After installing this update or later updates, you might face issues while upgrading from Windows Pro to a valid Windows Enterprise subscription."

Bad? Yes. But then I worked through this write up: “Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says.” Is the information in the article on the money? I don’t know. I do know that bad actors find Windows the equivalent of an unlocked candy store. Goodies are there for greedy teens to cart off the chocolate-covered peanuts and gummy worms.

image

Everyone interested in entering the Microsoft Windows Theme Park wants to enjoy the thrills of a potentially lucrative experience. Thanks, MSFT Copilot. Why is everyone in your illustration the same?

This remarkable story of willful ignorance explains:

U.S. officials confirmed reports that a state-sponsored team of Russian hackers had carried out SolarWinds, one of the largest cyberattacks in U.S. history.

How did this happen? The write up asserts:

The federal government was preparing to make a massive investment in cloud computing, and Microsoft wanted the business. Acknowledging this security flaw could jeopardize the company’s chances, Harris [a former Microsoft security expert and whistleblower] recalled one product leader telling him. The financial consequences were enormous. Not only could Microsoft lose a multibillion-dollar deal, but it could also lose the race to dominate the market for cloud computing.

Bad things happened. The article includes this interesting item:

From the moment the hack surfaced, Microsoft insisted it was blameless. Microsoft President Brad Smith assured Congress in 2021 that “there was no vulnerability in any Microsoft product or service that was exploited” in SolarWinds.

Okay, that’s the main idea: Money.

Several observations are warranted:

  1. There seems to be an issue with procurement. The US government creates an incentive for Microsoft to go after big contracts and then does not require Microsoft products to work or be secure. I know generals love PowerPoint, but it seems that national security is at risk.
  2. Microsoft itself operates with a policy of doing what’s necessary to make as much money as possible and avoiding the cost of engineering products that deliver what the customer wants: Stable, secure software and services.
  3. Individual users have to figure out how to make the most basic functions work without stopping business operations. Printers should print; an operating system should be able to handle what my first personal computer could do in the early 1980s. After 25 years, printing is not a new thing.

Net net: In a consequence-filled business environment, I am concerned that Microsoft will not improve its security and the most basic computer operations. I am not sure the company knows how to remediate what I think of as a Disneyland for bad actors. And I wanted the new Windows 11 Professional to work. How stupid of me?

Stephen E Arnold, June 26, 2024

There Must Be a Fix? Sorry. Nope.

June 20, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I enjoy stories like “Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says.” It combines a number of fascinating elements; for example, corporate green, Russia, a whistleblower, and the security of the United States. Figuring out who did what to whom when and under what circumstances is not something a dinobaby at my pay grade of zero can do. However, I can highlight some of the moving parts asserted in the write up and pose a handful of questions. Will these make you feel warm and fuzzy? I hope not. I get a thrill capturing the ideas as they manifest in my very aged brain.

image

The capture officer proudly explains to the giant corporation, “You have won the money?” Can money buy security happiness? Answer: Nope. Thanks, MSFT Copilot. Good enough, the new standard of excellence.

First, what is the primum movens for this exposé? I think that for this story, one candidate is Microsoft. The company has to decide to do what slays the evil competitors, remains the leader in all things smart, and generates what Wall Street and most stakeholders crave: Money. Security is neither sexy nor a massive revenue producer when measured in terms of fixing up the vulnerabilities in legacy code, the previous fixes, and the new vulnerabilities cranked out with gay abandon. Recall any recent MSFT service which may create a small security risk or two? Despite this somewhat questionable approach to security, Microsoft has convinced the US government that core software like PowerPoint definitely requires the full panoply of MSFT software, services, features, and apps. Unfortunately articles like “Microsoft Chose Profit Over Security” converts the drudgery of cyber security into a snazzy story. A hard worker finds the MSFT flaw, reports it, and departs for a more salubrious work life. The write up says:

U.S. officials confirmed reports that a state-sponsored team of Russian hackers had carried out SolarWinds, one of the largest cyberattacks in U.S. history. They used the flaw Harris had identified to vacuum up sensitive data from a number of federal agencies, including, ProPublica has learned, the National Nuclear Security Administration, which maintains the United States’ nuclear weapons stockpile, and the National Institutes of Health, which at the time was engaged in COVID-19 research and vaccine distribution. The Russians also used the weakness to compromise dozens of email accounts in the Treasury Department, including those of its highest-ranking officials. One federal official described the breach as “an espionage campaign designed for long-term intelligence collection.”

Cute. SolarWinds, big-money deals, and hand-waving about security. What has changed? Nothing. A report criticized MSFT; the company issued appropriate slick-talking, lawyer-vetted, PR-crafted assurances that security is Job One. What has changed? Nothing.

The write up asserts about MSFT’s priorities:

the race to dominate the market for new and high-growth areas like the cloud drove the decisions of Microsoft’s product teams. “That is always like, ‘Do whatever it frickin’ takes to win because you have to win.’ Because if you don’t win, it’s much harder to win it back in the future. Customers tend to buy that product forever.”

I understand. I am not sure corporations and government agencies do. That PowerPoint software is the go-to tool for many agencies. One high-ranking military professional told me: “The PowerPoints have to be slick.” Yep, slick. But reports are written in PowerPoints. Congress is briefed with PowerPoints. Secret operations are mapped out in PowerPoints. Therefore, buy whatever it takes to make, save, and distribute the PowerPoints.

The appropriate response is, “Yes, sir.”

So what’s the fix? There is no fix. The Microsoft legacy security, cloud, AI “conglomeration” is entrenched. The Certified Partners will do patch ups. The whistleblowers will toot, but their tune will be downed out in the post-contract-capture party at the Old Ebbitt Grill.

Observations:

  1. Third-party solutions are going to have to step up. Microsoft does not fix; it creates.
  2. More serious breaches are coming. Too many nation-states view the US as a problem and want to take it down and put it out.
  3. Existing staff in the government and at third-party specialist firms are in “knee jerk mode.” The idea of pro-actively getting ahead of the numerous bad actors is an interesting thought experiment. But like most thought experiments, it can morph into becoming a BFF of Don Quixote and going after those windmills.

Net net: Folks, we have some cyber challenges on our hands, in our systems, and in the cloud. I wish reality were different, but it is what it is. (Didn’t President Clinton define “is”?)

Stephen E Arnold, June 20, 2024

Google and Microsoft: The Twinning Is Evident

June 10, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Google and Microsoft have some interesting similarities. Both companies wish they could emulate one another’s most successful products. Microsoft wants search and advertising revenue. Google wants a chokehold on the corporate market for software and services. The senior executives have similar high school academic training. Both companies have oodles of legal processes with more on the horizo9n. Both companies are terminating with extreme prejudice employees. Both companies seem to have some trust issues. You get the idea.

image

Some neural malfunctions occur when one get too big and enjoys the finer things in life like not working on management tasks with diligence. Thanks, MSFT Copilot. Good enough

Google and Microsoft are essentially morphing into mirrors of one another. Is that a positive? From an MBA / bean counter point of view, absolutely. There are some disadvantages, but they are minor ones; for example, interesting quasi-monopoly pricing options, sucking the air from the room for certain types of start ups, and having the power of a couple of nation-states. What could go wrong? (Just check out everyday life. Clues are abundant.)

How about management methods which do not work very well. I want to cite two examples.

Google is scaling back its AI search plans after the summary feature told people to eat glue. How do I, recently dubbed scary grandpa cyber by an officer at the TechnoSecurity & Digital Forensics Conference in Wilmington, North Carolina, last week? The answer is that I read “Google Is Scaling Back Its AI Search Plans after the Summary Feature Told People to Eat Glue.” This is a good example of the minimum viable product not be minimal enough and certainly not viable. The write up says:

Reid [a Google wizard] wrote that the company already had systems in place to not show AI-generated news or health-related results. She said harmful results that encouraged people to smoke while pregnant or leave their dogs in cars were “faked screenshots.” The list of changes is the latest example of the Big Tech giant launching an AI product and circling back with restrictions after things get messy.

What a remarkable tactic. Blame the “users” and reducing the exposure of the online ad giant’s technological prowess. I think these two tactics illustrate the growing gulf between “leadership” and the poorly managed lower level geniuses who toil at Googzilla’s side.

I noted a weird parallel with Microsoft illustrating a similar disconnect between the Microsoft’s carpetland dwellers and those working in the weird disconnected buildings on the Campus. This disaster of a minimum viable product or MVP was rolled out with much fanfare at one of Microsoft’s many, hard-to-differentiate conferences. The idea was one I heard about decades ago. The individual with whom I associate the idea once worked at Bellcore (one of the spin offs of Bell Labs after Judge Green created the telecommunications wonderland we enjoy today. The idea is a surveillance dream come true — at least for law enforcement and intelligence professionals. MSFT software captures images of a users screen, converts the bitmap to text, and helpfully makes it searchable. The brilliant Softie allegedly suggested in “When Asked about Windows Recall Privacy Concerns, Microsoft Researcher Gives Non-Answer

Microsoft’s Recall feature is being universally slammed for the privacy implications that come from screenshotting everything you do on a computer. However, at least one person seems to think the concerns are overblown. Unsurprisingly, it’s Microsoft Research’s chief scientist, who didn’t really give an answer when asked about Recall’s negative points.

Then what did a senior super manager do? Answer: Back track like crazy. Here’s the passage:

Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.

The decision could have been made by a member of the Google leadership team. Heck, may the two companies’ senior leadership are on a mystical brain wave and think the same thoughts. Which is the evil twin? I will leave that to you to ponder.

Several observations are warranted:

  • For large, world-affecting companies, senior managers are simply out of touch with [a] their product development teams and [b] their “users.”
  • The outfits may be Wall Street darlings, but are their other considerations to weigh?The companies have been sufficiently large their communication neurons are no longer reliable. The messages they emit are double speak at best and PR speak at their worst.
  • The management controls are not working. One can delegate when one knows those in other parts of the organization make good decisions. What’s evident is that a lack of control, commitment to on point research, and good judgment illustrate a breakdown of the nervous system of these companies.

Net net: What’s ahead? More of the same dysfunction perhaps?

Stephen E Arnold, June 14, 2024

Telegram: No Longer Just Mailing It In

May 29, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Allegedly about 900 million people “use” Telegram. More are going to learn about the platform as the company comes under more European Union scrutiny, kicks the tires for next-generation obfuscation technology, and become a best friend of Microsoft… for now. “Telegram Gets an In-App Copilot Bot” reports:

Microsoft has added an official Copilot bot within the messaging app Telegram, which lets users search, ask questions, and converse with the AI chatbot. Copilot for Telegram is currently in beta but is free for Telegram users on mobile or desktop. People can chat with Copilot for Telegram like a regular conversation on the messaging app. Copilot for Telegram is an official Microsoft bot (make sure it’s the one with the checkmark and the username @CopilotOfficialBot).

You can “try it now.” Just navigate to Microsoft “Copilot for Telegram.” At this location, you can:

Meet your new everyday AI companion: Copilot, powered by GPT, now on Telegram. Engage in seamless conversations, access information, and enjoy a smarter chat experience, all within Telegram.

image

A dinobaby lecturer explains the Telegram APIs and its bot function for automating certain operations within the Telegram platform. Some in the class are looking at TikTok, scrolling Instagram, or reading about a breakthrough in counting large numbers of objects using a unique numerical recipe. But Telegram? WhatsApp and Signal are where the action is, right? Thanks, MSFT Copilot. You are into security and now Telegram. Keep your focus, please.

Next week, I will deliver a talk about Telegram and some related information about obfuscated messaging at the TechnoSecurity & Digital Forensics Conference. I no longer do too many lectures because I am an 80 year old dinobaby, and I hate flying and standing around talking to people 50 years younger than I. However, my team’s research into end-to-end encrypted messaging yielded some interesting findings. At the 2024 US National Cyber Crime Conference about 260 investigators listened to my 75 minute talk, and a number of them said, “We did not know that.” I will also do a Telegram-centric lecture at another US government event in September. But in this short post, I want to cover what the “deal” with Microsoft suggests.

Let’s get to it.

Telegram operates out of Dubai. The distributed team of engineers has been adding features and functions to what began as a messaging app in Russia. The “legend” of Telegram is an interesting story, but I remain skeptical about the company, its links with a certain country, and the direction in which the firm is headed. If you are not familiar with the service, it has morphed into a platform with numerous interesting capabilities. For some actors, Telegram can and has replaced the Dark Web with Telegram’s services. Note: Messages on Telegram are not encrypted by default as they are on some other E2EE messaging applications. Examples include contraband, “personal” services, and streaming video to thousands of people. Some Telegram users pay to get “special” programs. (Please, use your imagination.)

Why is Telegram undergoing this shift from humble messaging app to a platform? Our research suggests that there are three reasons. I want to point out that Pavel Durov does not have a public profile on the scale of a luminary like Elon Musk or Sam AI-Man, but he is out an about. He conducted an “exclusive” and possibly red-herring discussion with Tucker Carlson in April 2024. After the interview, Mr. Pavlov took direct action to block certain message flows from Ukraine into Russia. That may be one reason: Telegram is actively steering information about Ukraine’s view of Mr. Putin’s special operation. Yep, freedom.

Are there others? Let me highlight three:

  1. Mr. Pavlov and his brother who allegedly is like a person with two PhDs see an opportunity to make money. The Pavlovs, however, are not hurting for cash.
  2. American messaging apps have been fat and lazy. Mr. Pavlov is an innovator, and he wants to make darned sure that he rungs rings around Signal, WhatsApp, and a number of other outfits. Ego? My team thinks that is part of Mr. Pavlov’s motivation.
  3. Telegram is expanding because it may not be an independent, free-wheeling outfit. Several on my team think that Mr. Pavlov answers to a higher authority. Is that authority aligned with the US? Probably not.

Now the Microsoft deal?

Several questions may get you synapses in gear:

  1. Where are the data flowing through Telegram located / stored geographically? The service can regenerate some useful information for a user with a new device.
  2. Why tout freedom and free speech in April 2024 and several weeks later apply restrictions on data flow? Does this suggest a capability to monitor by user, by content type, and by other metadata?
  3. Why is Telegram exploring additional network enhancements? My team thinks that Mr. Pavlov has some innovations in obfuscation planned. If the company does implement certain technologies freely disclosed in US patents, what will that mean for analysts and investigators?
  4. Why a tie up with Microsoft? Whose idea was this? Who benefits from the metadata? What happens if Telegram has some clever ideas about smart software and the Telegram bot function?

Net net: Not too many people in Europe’s regulatory entities have paid much attention to Telegram. The entities of interest have been bigger fish. Now Telegram is growing faster than a Chernobyl boar stuffed on radioactive mushrooms. The EU is recalibrating for Telegram at this time. In the US, the “I did not know” reaction provides some insight into general knowledge about Telegram’s more interesting functions. Think pay-to-view streaming video about certain controversial subjects. Free storage and data transfer is provided by Telegram, a company which does not embrace the Netflix approach to entertainment. Telegram is, as I explain in my lectures, interesting, very interesting.

Stephen E Arnold, May 29, 2024

Copilot: I Have Control Now, Captain. Relax, Chill

May 29, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Appearing unbidden on Windows devices, Copilot is spreading its tendrils through businesses around the world. Like a network of fungal mycorrhizae, the AI integrates itself with the roots of Windows computing systems. The longer it is allowed to intrude, the more any attempt to dislodge it will harm the entire ecosystem. VentureBeat warns, “Ceding Control: How Copilot+ and PCs Could Make Enterprises Beholden to Microsoft.”

Writer James Thomason traces a gradual transition: The wide-open potential of the early Internet gave way to walled gardens, the loss of repair rights, and a shift to outside servers controlled by cloud providers. We have gradually ceded control of both software and hardware as well as governance of our data. All while tech companies make it harder to explore alternative products and even filter our news, information, and Web exploration.

Where does that put us now? AI has ushered in a whole new level of dominion for Microsoft in particular. Thomason writes:

“Microsoft’s recently announced ‘Copilot+ PCs’ represent the company’s most aggressive push yet towards an AI-driven, cloud-dependent computing model. These machines feature dedicated AI processors, or ‘NPUs’ (neural processing units), capable of over 40 trillion operations per second. This hardware, Microsoft claims, will enable ‘the fastest, most intelligent Windows PC ever built.’ But there’s a catch: the advanced capabilities of these NPUs are tightly tethered to Microsoft’s cloud ecosystem. Features like ‘Recall,’ which continuously monitors your activity to allow you to quickly retrieve any piece of information you’ve seen on your PC, and ‘Cocreator,’ which uses the NPU to aid with creative tasks like image editing and generation, are deeply integrated with Microsoft’s servers. Even the new ‘Copilot’ key on the keyboard, which summons the AI assistant, requires an active internet connection. In effect, these PCs are designed from the ground up to funnel users into Microsoft’s walled garden, where the company can monitor, influence and ultimately control the user experience to an unprecedented degree. This split-brain model, with core functionality divided between local hardware and remote servers, means you never truly own your PC. Purchasing one of these AI-driven machines equals irrevocable subjugation to Microsoft’s digital fiefdom. The competition, user choice and ability to opt out that defined the PC era are disappearing before our eyes.”

So what does this mean for the majority businesses that rely on Microsoft products? Productivity gains, yes, but at the price of a vendor stranglehold, security and compliance risks, and opaque AI decision-making. See the article for details on each of these.

For anyone who doubts Microsoft would be so unethical, the write-up reminds us of the company’s monopolistic tendencies. Thomason insists we cannot count on the government to intervene again, considering Big Tech’s herculean lobbying efforts. So if the regulators are not coming to save us, how can we defy Microsoft dominance? One can expend the effort to find and utilize open hardware and software alternatives, of course. Linux is a good example. But a real difference will only be made with action on a larger scale. There is an organization for that: FUTO (the Fund for Universal Technology Openness). We learn:

“One of FUTO’s key strategies is to fund open-source versions of important technical building blocks like AI accelerators, ensuring they remain accessible to a wide range of actors. They’re also working to make decentralized software as user-friendly and feature-rich as the offerings of the tech giants, to reduce the appeal of convenience-for-control tradeoffs.”

Even if and when those building blocks are available, resistance will be a challenge. It will take mindfulness about technology choices while Microsoft dangles shiny, easier options. But digital freedom, Thomason asserts, is well worth the effort.

Cynthia Murrell, May 29, 2024

Apple Fan Misses the Obvious: MSFT Marketing Is Tasty

May 28, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I love anecdotes seasoned investigators offer at law enforcement and intelligence conferences. Statements like “I did nothing wrong” are accompanied by a weapon in a waistband. Or, “You can take my drugs.” Yep, those are not informed remarks in some situations. But what happens when poohbahs and would-be experts explain in 2,600 words how addled Microsoft’s announcements were at its Build conference. “Microsoft’s Copilot PC and the M3 Mac Killer Myth” is an interesting argumentative essay making absolutely clear as fresh, just pressed apple cider in New Hampshire. (Have you ever seen the stuff?)

image

The Apple Cider judge does not look happy. Has the innovation factory failed with filtration? Thanks, MSFT Copilot. How is that security initiative today?

The write up provides a version of “tortured poet” writing infused with techno-talk. The object of the write up is to make as clear as the aforementioned apple cider several points to which people are not directing attention; to wit:

  • Microsoft has many failures; for example, the Windows Phone, Web search, and, of course, crappy Windows in many versions
  • Microsoft follows what Apple does; for example, smart software like facial recognition on a user’s device
  • Microsoft fouled up with its Slate PC and assorted Windows on Arm efforts.

So there.

Now Microsoft is, according to the write up:

Today, Microsoft is doing the exact same lazy thing to again try to garner some excitement about legacy Windows PCs, this time by tacking an AI chat bot. And specifically, the Bing Chat bot nobody cared about before Microsoft rebranded it as Copilot. Counting the Surface tablet and Windows RT, and the time Microsoft pretended to "design" its own advanced SoC just like Apple by putting RAM on a Snapdragon, this must be Microsoft’s third major attempt to ditch Intel and deliver something that could compete with Apple’s iPad, or M-powered Macs, or even both.

The article provides a quick review of the technical innovations in Apple’s proprietary silicon. The purpose of the technology information is to make as clear as that New Hampshire, just-pressed juice that Microsoft will continue its track record of fouling up. The essay concludes with this “core” statement flavored with the pungency of hard cider:

Things incrementally change rapidly in the tech industry, except for Microsoft and its photocopy culture.

Interesting. However, I want to point out that Microsoft created a bit of a problem for Google in January 2023. Microsoft’s president announced its push into AI. Google, an ageing beastie, was caught with its claws retracted. The online advertising giant’s response was the Sundar & Prabhakar Comedy Show. It featured smart software which made factual errors, launched the Code Red or whatever odd ball name Googlers assigned to the problem Microsoft created.

Remember. The problem was not AI. Google “invented” some of the intestines of OpenAI’s and Microsoft’s services. The kick in the stomach was marketing. Microsoft’s announcement captured attention and made — much to the chagrin of the online advertising service — look old and slow, not smooth and fast like those mythical US Navy Seals of technology. Google dropped the inflatable raft and appears to be struggling against a rather weak rip tide.

What Microsoft did at Build with its semi-wonky and largely unsupported AI PC announcement was marketing. The Apple essay ignores the interest in a new type of PC form factor that includes the allegedly magical smart software. Mastery of smart software means work, better grades, efficiency, and a Cybertruck filled with buckets of hog wash.

But that may not matter.

Apple, like Google, finds itself struggling to get its cider press hooked up and producing product. One can criticize the Softies for technology. But I have to admit that Microsoft is reasonably adept at marketing its AI efforts. The angst in the cited article is misdirected. Apple insiders should focus on the Microsoft marketing approach. With its AI messaging, Microsoft has avoided the craziness of the iPad’s squashing creativity.

Will the AI PC work? Probably in an okay way. Has Microsoft’s AI marketing worked? It sure looks like it.

Stephen E Arnold, May 28, 2024

Google Dings MSFT: Marketing Motivated by Opportunism

May 21, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

While not as exciting as Jake Paul versus Mike Tyson, but the dust up is interesting. The developments leading up to this report about Google criticizing Microsoft’s security methods have a bit of history:

  1. Microsoft embraced OpenAI, Mistral, and other smart software because regulators are in meetings about regulating
  2. Google learned that after tire kicking, Apple found OpenAI (Microsoft’s pal) more suitable to the now innovation challenged iPhone. Google became a wallflower, a cute one, but a wallflower nevertheless
  3. Google faces trouble on three fronts: [a] Its own management of technology and its human resources; [b] threats to its online advertising and brokering business; and [c] challenges in cost control. (Employees get fired, and CFOs leave for a reason.)

Google is not a marketing outfit nor is it one that automatically evokes images associated with trust, data privacy, and people sensitivity. Google seized an opportunity to improve Web search. When forced to monetize, the company found inspiration in the online advertising “pay to play” ideas of Yahoo (Overture and GoTo). There was a legal dust up and Google paid up for that Eureka! moment. Then Google rode the demand for matching ads to queries. After 25 years, Google remains dependent on its semi-automated ad business. Now that business must be supplemented with enterprise cloud revenue.

image

Two white collar victims of legal witch hunts discuss “trust”. Good enough, MSFT Copilot.

How does the company market while the Red Alert klaxon blares into the cubicles, Google Meet sessions, and the Foosball game areas.?

The information in “Google Attacks Microsoft Cyber Failures in Effort to Steal Customers.” I wonder if Foundem and the French taxation authority might find the Google bandying about the word “steal”? I don’t know the answer to this question. The title indicates that Microsoft’s security woes, recently publicized by the US government, provide a marketing opportunity.

The article reports Google’s grand idea this way:

Government agencies that switch 500 or more users to Google Workspace Enterprise Plus for three years will get one year free and be eligible for a “significant discount” for the rest of the contract, said Andy Wen, the senior director of product management for Workspace. The Alphabet Inc. division is offering 18 months free to corporate customers that sign a three-year contract, a hefty discount after that and incident response services from Google’s Mandiant security business. All customers will receive free consulting services to help them make the switch.

The idea that Google is marketing is an interesting one. Like Telegram, Google has not been a long-time advocate of Madison Avenue advertising, marketing, and salesmanship. I was once retained by a US government agency to make a phone call to one of my “interaction points” at Google so that the director of the agency could ask a question about the quite pricey row of yellow Google Search Appliances. I made the call and obtained the required information. I also got paid. That’s some marketing in my opinion. An old person from rural Kentucky intermediating between a senior government official and a manager in one of Google’s mind boggling puzzle palace.

I want to point out that Google’s assertions about security may be overstated. One recent example is the Register’s report “Google Cloud Shows It Can Break Things for Lots of Customers – Not Just One at a Time.” Is this a security issue? My hunch is that whenever something breaks, security becomes an issue. Why? Rushed fixes may introduce additional vulnerabilities on top of the “good enough” engineering approach implemented by many high-flying, boastful, high-technology outfits. The Register says:

In the week after its astounding deletion of Australian pension fund UniSuper’s entire account, you might think Google Cloud would be on its very best behavior. Nope.

So what? When one operates at Google scale, the “what” is little more than users of 33 Google Cloud services were needful of some of that YouTube TV Zen moment stuff.

My reaction is that these giant outfits which are making clear that single points of failure are the norm in today’s online environment may not do the “fail over” or “graceful recovery” processes with the elegance of Mikhail Baryshnikov’s tuning point solo move. Google is obviously still struggling with the after effects of Microsoft’s OpenAI announcement and the flops like the Sundar & Prabhakar Comedy Show in Paris and the “smart software” producing images orthogonal to historical fact.

Online advertising expertise may not correlate with marketing finesse.

Stephen E Arnold, May 21, 2024

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta