Microsoft just exposed email's ugliest secret


Recommended Posts

Did you read what I was replying to?  A question was asked how it was a secret.

I would say his response still suffices. Microsoft (et al) isn't going out of their way to hide these facts - they're putting it where you expect it to be, in the TOS. It's not on them that people don't read the TOS, nor does that fact turn anything in the TOS into some sort of secret.

Link to comment
Share on other sites

technicaly we could do it and no one would ever know; it's a matter of trust and business ethics.

Yes, and that's where unless it's a completely shady company you either trust those like Google, MS, Yahoo and others or you don't. If you're concerned about even the possibility, however remote, of an employee reading your mails or accessing your data (no matter the justification) then the alternative is obvious. Unfortunately not everyone is in a position to host their own mail servers, are they?

Link to comment
Share on other sites

In reality, they are only the good guys when is suits them

 

Give it a break.  What is wrong with people trying to paint companies as good or bad.  They are self serving, just as a company pretty much is expected to be.  Why would you even think different?

Link to comment
Share on other sites

So how it is "illegal" for Microsoft to access an account hosted by them at absolutely no charge to you? Are some of you so deluded you honestly think that you have rights in this case? Microsoft is NOT the government and doesn't owe you a damn thing.

 

Don't like it? gmail and others are waiting for you though don't delude yourself and think they wouldn't do any differently. Otherwise, purchase your own hardware/software and run your own email services.

  • Like 1
Link to comment
Share on other sites

True, it was never built keeping privacy in mind. What do you suggest as an alternative though? Time for the world to come up with new communication protocols with end-to-end security as a focus?

The issue is that mail really has no way of being 100% protected against a host provider and only intended to be read by the individual(s) it is being sent to as there is no way to authorize it on both ends.  I would guess the only way to be able to send secure messages is with no middleman, the originator has a encryption key that can only be decrypted by the key on the other end.  This is currently done now with mail certs, it sure would cut down on a lot of spam but it is a very manual process to get the certs to each others hands. 

Link to comment
Share on other sites

Again, what does this have to do with that? Going into someone's inbox for a criminal investigation is not the same thing as data mining people's inboxes for advertising purposes.

 

Stop confusing the two.

Microsoft, or any party not acting on behalf of law enforcement, isn't capable of conducting a criminal investigation. This is illegal in the US...

 

Microsoft conducted an investigation on its own then turned over its findings to a law enforcement agency who then decided to pursue a criminal investigation... You're confusing the two...

 

And there's no guarantee that ISPs are any safer in this regard. So if you want correspondence to be truly secure, I guess you need your own email server, probably for both parties.

 

Or snail mail with a wax seal, like in ye olden days.

Exactly, this is why I have hosted my own EMail server since 2002 or earlier. Email is still pretty weak in that you have no control over the content that may hop through many mail servers on its way to and from its destination, but it is better than just giving the entire bundle to someone hoping they will protect your privacy. The way I see it, I want to control my data in its entirety and hosting myself (and this extends far beyond just email) is the only way to ensure I have this control.

 

I see email a lot like I see letters. I can mail a letter to a friend in the classic snail mail and I can't control what he/she does with it once they receive that letter. But I can control what happens with my store of letters...

 

Information is the most valuable asset we have today. It shouldn't be given up as easily as people today give it up. Most people place no value on their most valuable asset, crazy...

Link to comment
Share on other sites

Why are people so shocked? The guy leaked Windows 8 information's and now they're looking into what he did. If they have no reasons to look through your email, they probably won't, simple as that.

  • Like 1
Link to comment
Share on other sites

I think the biggest reason this is making as much as an impact as it is that it puts a dent in there Scroogled campaign.

Link to comment
Share on other sites

Microsoft, or any party not acting on behalf of law enforcement, isn't capable of conducting a criminal investigation. This is illegal in the US...

If that were true then they'll have to deal with the consequences. Since they're looking for their property being stored on their property, it's not illegal. This isn't like somebody barging into your house looking for evidence.

 

Exactly, this is why I have hosted my own EMail server since 2002 or earlier.

Used to do that for a while for a couple years around the turn of the century, but ditched the idea as my IP's in a residential block and some of the bigger spam blacklists automatically rejected it just because of that, got too many bounced messages. Just out of idle curiosity, that still apply? Haven't bothered to check in some time.. kind of miss having the control but was too much of a hassle at the time.

 

I think the biggest reason this is making as much as an impact as it is that it puts a dent in there Scroogled campaign.

Doubt it would make much of an impact as you're comparing apples and oranges. One case versus systematically scanning everything. Plus you shouldn't expect any sort of "right to privacy" on a third party server to begin with. Even Google to reference the post above mine.. they flat out said exactly that.
  • Like 2
Link to comment
Share on other sites

Why are people so shocked? The guy leaked Windows 8 information's and now they're looking into what he did. If they have no reasons to look through your email, they probably won't, simple as that.

Hopefully this simple analogy makes it clear for you...

 

Let's say that I get a call from you saying "Hey LogicalApex. I have this phone here that had a note on it saying to call you if it was found. A bud of mine just offered it to me so I wanted to be sure it wasn't stolen or something."... After the call is over I decide to come to your house and start ruffling through things until I find a note from your buddy about the phone. I then take the information I found to the police who arrest your buddy for stealing my phone.

 

No one is upset that the criminal has been caught and charged. Everyone, well at least those of us who are looking at the big picture, is concerned about how they went about finding him.

 

There is an old saying about this sort of thing, the end does not justify the means.

Link to comment
Share on other sites

If that were true then they'll have to deal with the consequences. Since they're looking for their property being stored on their property, it's not illegal. This isn't like somebody barging into your house looking for evidence.

 

Used to do that for a while for a couple years around the turn of the century, but ditched the idea as my IP's in a residential block and some of the bigger spam blacklists automatically rejected it just because of that, got too many bounced messages. Just out of idle curiosity, that still apply? Haven't bothered to check in some time.. kind of miss having the control but was too much of a hassle at the time.

 

Doubt it would make much of an impact as you're comparing apples and oranges. One case versus systematically scanning everything. Plus you shouldn't expect any sort of "right to privacy" on a third party server to begin with. Even Google to reference the post above mine.. they flat out said exactly that.

You're statement is the exact reason why I don't host on boxes I don't own... "...their property being stored on their property..."

 

To me it is crazy that you're turning over your information to be owned by some third party on a regular basis and that this has become an accepted norm. Is it fair that Microsoft owns the emails of the blogger?

 

Yeah residential IPs are still a problem for email hosting. I don't host on residential dynamic IPs. To be honest, there are a ton of positives I like about hosting my own. So I have no real interest in ever going to some third party (even if I exclude my privacy and ownership issues for the sake of evaluation).

Link to comment
Share on other sites

If that were true then they'll have to deal with the consequences. Since they're looking for their property being stored on their property, it's not illegal. This isn't like somebody barging into your house looking for evidence.

 

Used to do that for a while for a couple years around the turn of the century, but ditched the idea as my IP's in a residential block and some of the bigger spam blacklists automatically rejected it just because of that, got too many bounced messages. Just out of idle curiosity, that still apply? Haven't bothered to check in some time.. kind of miss having the control but was too much of a hassle at the time.

 

Doubt it would make much of an impact as you're comparing apples and oranges. One case versus systematically scanning everything. Plus you shouldn't expect any sort of "right to privacy" on a third party server to begin with. Even Google to reference the post above mine.. they flat out said exactly that.

 

Completely agree, I don't trust Google, Microsoft, or Yahoo at face value.

 

Google business model is in exchange for giving up a portion of your privacy, they will provide you with a free service.

 

When a company goes out on an advertising model like MS did with Scroogle, when something like this happens, it can back fire.

Similar with NSA leaks, Gov down played, people suspected but being in the dark made people compliance. When the truth came to life, it started a windstorm. 

I'm surprised Nokia's "you've been using a beta phone" with there Windows 7 Phone's knowing 8 had to be new phone with a lot of changes didn't back fire on them. 

 

Microsoft does offer it's advantage of e-mail that it won't scan your e-mail to target advertising (that google does), however the aggressiveness of the Scroogle tried to imply more.

Link to comment
Share on other sites

Hopefully this simple analogy makes it clear for you...

 

Let's say that I get a call from you saying "Hey LogicalApex. I have this phone here that had a note on it saying to call you if it was found. A bud of mine just offered it to me so I wanted to be sure it wasn't stolen or something."... After the call is over I decide to come to your house and start ruffling through things until I find a note from your buddy about the phone. I then take the information I found to the police who arrest your buddy for stealing my phone.

 

No one is upset that the criminal has been caught and charged. Everyone, well at least those of us who are looking at the big picture, is concerned about how they went about finding him.

 

There is an old saying about this sort of thing, the end does not justify the means.

 

Your analogy isn't even remotely the same as the case here though...

Link to comment
Share on other sites

Your analogy isn't even remotely the same as the case here though...

How is it not? We can step it up a closer notch and say that the house that you're in happens to be mine and I'm the landlord renting it to you...

Link to comment
Share on other sites

Yeah I'm not happy about this revelation but im also not surprised.

 

The lack of surprise probably comes from all the times we heard MS banning people for images on skydrive.  The algorithm may have alerted them but at the end of the day you still accessed the users accounts etc, so not surprising they do it with the email and I don't really think google would be much different though.  .

Link to comment
Share on other sites

How is it not? We can step it up a closer notch and say that the house that you're in happens to be mine and I'm the landlord renting it to you...

 

They searched their own house for stuff you left there, after giving them a contract saying they can search the stuff you left there if necessary. 

Link to comment
Share on other sites

Yeah, the note thing is confusing, who had the note?  Your friend or his buddy? Or is there more than one note?  :s

Link to comment
Share on other sites

Yeah, the note thing is confusing, who had the note?  Your friend or his buddy? Or is there more than one note?  :s

One note. The note is in the possession of you. The note is what allows me to know who in fact actually stole my fictional phone.

 

They searched their own house for stuff you left there, after giving them a contract saying they can search the stuff you left there if necessary. 

MS didn't do anything illegal... They did do what they shouldn't have...

 

But the sad reality is for the average user online they are just there to be milked and are in no position to stop it.

Link to comment
Share on other sites

One note. The note is in the possession of you. The note is what allows me to know who in fact actually stole my fictional phone.

 

<snipped>

 

You'll never pin it on me, I'm innocent I tell ya, innocent!  ;)

 

 

 

Got it, thanks for the info.

Link to comment
Share on other sites

Ok, but for some reason I still don't care one way or the other.

(My email may be private, but I'm also not hiding anything from the authorities, and (there not much in my inbox as it only gets used for the odd work memo, or whatever game I happen to have linked to the account)

Link to comment
Share on other sites

In other news, Anonymous has hacked Microsoft mail server in retaliation of the ill-practice business.  Thousands of email passwords are now exposed on pastebin.

 

lol /joke :laugh:

  • Like 1
Link to comment
Share on other sites

In other news, Anonymous has hacked Microsoft mail server in retaliation of the ill-practice business.  Thousands of email passwords are now exposed on pastebin.

 

lol /joke :laugh:

Many a truer word has been spoken in jest (Y)

Link to comment
Share on other sites

Used to do that for a while for a couple years around the turn of the century, but ditched the idea as my IP's in a residential block and some of the bigger spam blacklists automatically rejected it just because of that, got too many bounced messages. Just out of idle curiosity, that still apply? Haven't bothered to check in some time.. kind of miss having the control but was too much of a hassle at the time.

 

 

yeah that still applies but then again a fixed IP is way more cheaper now than years ago.

Link to comment
Share on other sites

This topic is now closed to further replies.