from sgibson5150@slrpnk.net to privacy@lemmy.ml on 24 Aug 04:31
https://slrpnk.net/post/12663480
I know this will sound paranoid as fuck, but I’ve really been thinking about Microsoft lately. Like, they’re pushing their Recall shit whether we like it or not. The fact that it even made it past the concept stage tells me that no one at Microsoft gives a single fuck about their users anymore. The final shreds of any trust I had in them as a company are gone and I’ve started thinking of them as an adversary.
Today I was considering Teams in particular. My company has been using it for maybe six years. When our email provider went teats up, I did some research and realized we had Microsoft cloud stuff included in our Action Pack subscription. We started using their email, and about the same time we started using Teams.
Teams offers EEE but only on Teams Premium, which we don’t pay extra for. Microsoft has access to every message and chat. They could be saving transcripts and voice calls. They might have accumulated billions of hours of voice data by now.
What could they do with all this data?
- Sell to LEO
- Commit corporate espionage
- Gather government secrets
- Use for AI training
Something else just occurred to me. I did research a while back on the software stacks that big tech companies use. Not one uses IIS.
I’ve been a Windows developer for thirty years. I used to like Microsoft. I looked forward to new versions of Windows and Visual Studio. Now I feel like they’ve lured us all in slowly until we put our throats in their jaws. Fucking mental.
Talk me down, if you can.
#privacy
threaded - newest
On a related note, within the past year microshit made it so you can’t join a teams meeting on their android app unless you give it permission to see your phone number
Teams is absolutely used already or going to be used to train AI. Probably already has been used in corporate espionage. And yes, IIS is a steaming pile of shit compared to the alternatives. It’s really only even entertained as an option at smaller businesses in my experience.
It is, it’s already doing transcripts and summaries / meeting minutes in the corpo I work in. I’m astonished how much they trust and rely on Microsoft services without giving it a second thought.
I work with our complianceand privacy attorneys and the contracts we maintain protect our data, state it is ours, and guarantees it is not used to train on ai.
I hate ms as much as anyone hear but it is misguided to think no one is protecting your or your companies intersects.
The contract only works if Microsoft complies with it.
Why wouldn’t they, they don’t care and are unlikely to get caught stealing the data the agreed not to steal. How are you going to find out, how are you then going to sue them and how are you going to replace the services. The reality is most businesses won’t find out, they won’t sue if they do and they’ll continue using Microsoft services.
They are a corporation. They exist to make money for ahareholders. The reputational harm of mass surveiling their peer corpos is colossal. Sure, their could absolutely be a rouge individual and we see it time and time again, but mass scale hovering of another companies IP? Nah, expecting that borders conspiracy.
Microsoft and their business practices are shit. It is very much a take it or leave it scenerio. Amazon, the competition, just went all in on M365 services for their operations. You expect that MS is actively stealing their data to enrich themselves. Sure, possible. Their teck would allow it, but I bet the service contract mandates consent and observation anytime an MS agent engages with Amazon’s deployment. And I’d bet it all they honor that contract.
Why risk everything on spying? They are doing just fine sucking up the publics data when contracts aren’t in place. Individuals should stay the fuck away but big coropos is another game entirely
Yeah, just as Zoom.
Jitsi for the win! And also Big Blue Button, for certain settings that may be better.
…because Zoom is much better… (Joking)
Jitsu isn’t bad but it isn’t e2e and only really works for one time meetings. Better to use Nextcloud talk, Rocket chat, Mattermost or even Matrix
Sorry but I can’t believe a single word that zoom tells about security, so in my point Jitsi will always be more secure. To me it’s just the same as google and facebook preaching about how private they are, and how much control did they give you over your data. Yeah, sure.
Also, why do you think it only works for one time meetings? If you mean that settings get reset when everyone leaves, and anyone can kick anyone, it can be setup to have permanent access control, even with their free service.
There are better options that Jitsi. Jitsi doesn’t allow for text chats outside of an active meeting
Yes, that’s true. I believe BBB allows that, though.
Why would it? The point is to hold meetings and disappear… get mattermost, i’m sure there’s a jitsi plugin.
Low Earth Orbit? I hate TLAs
Oh sorry I meant law enforcement. Not sure what my dumb ass was trying to abbreviate there.
Law Enforcement Organizations, it's a valid initialism
I always read it as Law Enforcement Officer
I imagine it can be used that way too!
What makes you hate tiny little ants?
All I can do is talk you up. I think it’s a lot worse than what you’ve highlighted.
For real. We already know Microsoft is a leader in data collection, economic espionage, and surveillance capitalism. We know for a fact they gave secret police real-time backdoors into their systems and all data they hold the encryption keys to.
I suppose pointing out MS also owns linkedin isn’t the talk down you’re looking for?
If you’re a dev, this along with GitHub, and your employer using teams, is a pretty severe panopticon.
They don’t own git and they don’t own your infrastructure.
They're not "pushing their Recall shit whether we like it or not", they're explicitly making it opt-in. They gave a fuck about their users' complaints and made a bunch of modifications to it.
You may still not like it, but give them some credit.
Underrated comment
Dude, think of what you’re saying. Recall is baked into the OS. In this day and age there’s a huge chance, almost a certainty, that the only options are to “opt-in” and know all your interactions are being funneled and mined, or don’t, and you don’t know, but it’s still happening.
How are you going to audit it? Most Windows users have no idea how to audit what happens in their network, most humans don’t have a way to look into what MS software is doing because there’s no access to the code.
Yeah, I’ll keep giving them the credit they deserve, which is being sure thay are doing whatever they want whether you know it or not.
Corporations will notice extra data over their network, etc and act as an unofficial audit. That’s also the way problems with updates generally get found.
Corporations and nerds will most likely find out, but as I said, regular users? Highly unlikely.
They are forcing it again later this year
No, it's opt-in. If you do nothing you won't have it.
For now
Just like it is stored locally, for now.
Microsoft has a funny habit of turning things on with updates
I don’t think they ever did.
In the past they at least tried to pretend.
I guess nobody remembers windows ME any more?
I mean. In teams the client is the business, not the employees.
They’ve already given away that they use teams to track stuff. I forget the context, but some teams person said that they get less activity after 3:30 in the context of some article about working from home. Revealed that they were tracking mouse usage with teams indirectly.
It’s called Microsoft Clarity, and yes, Teams does it clarity.microsoft.com en.wikipedia.org/wiki/Session_replay
I lost the trust with windows 8 :)
I lost the trust with MS DOS.
I lost trust with MS-BASIC
MS-BASIC was OK IMO, but I preferred AppleSoft BASIC.
Every single corporation is doing what they’re legally bound to do: increase profits for shareholders. Companies don’t and never have cared about the customer. They care about a customer as much as you care about an NPC. What’s with people thinking that they ever cared??
Of course MS is using that data. Why wouldn’t they?? Would they lose customers if people found out? Nope. If you were in charge of making that decision, you would use that data too. And if you’re too held to your privacy morals, you’ll never be in that position at MS because they only place people that will decide to maximize profits.
Here’s how you know a company is doing something: Would it make them more money? Then theyre doing it. That’s it.
Also, it’s MICROSOFT!! lol Not Mozilla, RedHat, Canonical, or the Linux Foundation. Remember when someone shoved a pie in Bill Gates face?
Teams is built on top of the old SKYPE infrastructure. It is a bastardisation of Skype (communications) and SharePoint (data storage)
As it is built on Skype, all the acces Leo had as part of Skype still exist. MS is a US org and have the legal requirements to tap communications for Leo.
How sure are you about that? I work for a global MSP and see it all the time.
Of course they do. It’s to be expected that big tech companies use all data they can gather for training AIs, tracking users, creating psychological profiles of the users and selling data to the highest bidders.
Microsoft is also known for creating tools and products which track employees and workers and provide nice looking dashboards and statistics for the employers. And they partner up with Palantir and other companies to create even more effective surveillance solutions for companies and law enforcement to use eventually. MS is a data company since a couple of years, just like Google or Meta is. Data is very valuable.
In the case of Microsoft Office and Teams, there’s also the issue of corporate espionage. Companies from all over the world are freely giving away sensitive data about their documents, employees and projects to a US-based megacorp. There was a time in history when this would be called corporate espionage which is supposed to be bad and illegal and so on. But, since they’re all doing it voluntarily, and there’s no definite proof of MS doing anything because it’s a black box and no one except MS can inspect what they’re doing, it’s apparently “fine”. It’s like we have collectively become dangerously naive.
So yeah, it’s all “fine”. Until it isn’t. Until it is revealed one day. Then we can all be shocked and say “how could they do this, how could they violate our trust like that, their marketing slides looked so nice and the consultant was so charming and said we needn’t to worry about anything they would keep our data safe”. Well, if you trusted them in the first place, that’s your mistake. You cannot trust a company like MS, Meta, Google, TikTok, and so on with a huge track record of privacy violations. Ever. Cloud = someone else’s computer. Host your own stuff. Prefer not to use software with proven track records of privacy violations. Don’t use products or services from companies with such track records. Prefer open source over proprietary because when the code is openly auditable that’s a plus for trustworthiness, and proprietary applications usually have a bad track record of privacy violations and other anti-user features, while open source software rarely includes such things.
And it’s only going to get worse. With upcoming things like Recall, that’s almost like having a permanent camera behind you recording your screen at all times. I feel bad for all Windows users, but on the other hand, I don’t actually have to care. Keep trusting them blindly, but please don’t be surprised when it will come crashing down on you one day.
Yeah. Frankly, if my company gets spied by MS it’s their fault. I don’t care.
Everything I put in my Teams has been accessible by my company anyway, and so I use that shit accordingly.
Could? Lol.
> my company feeds all our data to big tech
> is big tech gonna use that data for malicios purposes?
there’s your answer
Uhh dude have you ever looked into what types of characters run these companies? You’re just an npc to them.
Do you really think our current economic system incentivizes good behavior? It’s all about being exploitative, and so it filters out anybody who cares about others. If they don’t, then someone else will. Take a look at starbucks. They don’t pay taxes in for example Germany. If they did, as other coffee shops do, they will go down. So the system dynamics filter out the people who are prepared to not care about others.
Yeah, watch the network traffic from Teams and kind hard not to think of them as data harvesters. In a day, there are close to a hundred servers involved that will leave your country for no functional reason
I agree
Time to move to something else. There are plenty of alternatives.
Talk me down from the paranoia place
Where the data’s cataloged and sent to cop space
Reflections on trusting trust 🎶
Could?
Given the ease of implantation of end to end encryption now, it’s a reasonable assumption that anything not e2ee is being data mined. E2ee has extensive security benefits, for example even if your data is dumped the info is still useless. So, there has to be a compelling reason to not use it.
“anymore” 🤣
When you say billions of hours, I would keep things in perspective. AI and storage aren’t free. They’ll only save the important stuff. The solution to saving yourself, us, and all of humanity is to never do anything important or useful. So the good news is if we go back to work and slack off as we’ve always done, we’ll outsmart them and save us all!
I’m sorry. It came out years ago that Win 10 keylogged and told home all about it (justified as to improve our predictive typing software ) even though there were no promises in the ToS to limit its spyware use, I screamed about how the fucking sky is fucking falling, and now Windows 10 is in bunches of US businesses, and more than a few outside the US. It even says in the EULA MS will snitch on you to law enforcement about anything it feels like.
So yeah, all the people who have legitimate businesses that have real secrets (and break laws as a matter of course) have all wittingly chosen to give Microsoft all the biographical leverage MS needs to take over the world. (Some companies actually got their tech teams to defang the Win10 spyware. But more didn’t than did.)
Now I’m one of those 1960s hippies who screamed about the rising police state in the US to whom no one listened. Another Cassandra crying like a bainsidhe into the wind.
Oh you have no idea how deep my paranoia on this goes! We’ve been implementing Dynamics 365 at my office, MS made software that manages your entire business from the accounting ledgers on out. Copilot AI is everywhere in it, trying to encourage you to teach it how to do things.
MS wants to offer the next generation of knowledge worker. No more accountants, no more senior managers of inventories and all those many miscellaneous titles it takes to run a company. Certainly no more technical support. AI is going to do it all. MS wants to tell every business how to do business.
Down? You’re only going to get talked up here.
Wait till your average desktop computer has enough power to train models. Every single application out there will have a trained model and everything you’ve ever written or done. The train data set is tiny they could have it easily uploaded and then query it for marketing data against you.
AIs lossy compression is astounding, and it’s level of error is absolutely no big deal for marketing.