2021-04-01 12:37:50 -04:00
|
|
|
[//]: # (to do: vet the links for CF & scrub)
|
|
|
|
|
2021-04-01 12:40:41 -04:00
|
|
|
[0]: https://infosec.exchange/@bojkotiMalbona/104637098084869887
|
|
|
|
[1]: https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlockingTor#ComputingTechnical
|
|
|
|
[2]: https://user-images.githubusercontent.com/21023035/61580062-10fd6300-aafd-11e9-8bf2-64faddf63760.png
|
|
|
|
[3]: https://github.com/Eloston/ungoogled-chromium/issues/795#issuecomment-687991721
|
|
|
|
[4]: https://www.bleepingcomputer.com/news/security/microsofts-github-account-allegedly-hacked-500gb-stolen
|
|
|
|
[5]: https://www.zdnet.com/article/hackers-stole-github-and-gitlab-oauth-tokens-from-git-analytics-firm-waydev
|
|
|
|
[6]: https://msrc.microsoft.com/create-report
|
|
|
|
[7]: https://www.bbc.com/news/technology-50232902
|
|
|
|
[8]: https://mako.cc/writing/hill-free_tools.html
|
|
|
|
[9]: https://corporate.exxonmobil.com/news/newsroom/news-releases/2019/0222_exxonmobil-to-increase-permian-profitability-through-digital-partnership-with-microsoft
|
|
|
|
[10]: https://news.microsoft.com/2019/09/17/schlumberger-chevron-and-microsoft-announce-collaboration-to-accelerate-digital-transformation
|
|
|
|
[11]: https://www.scientificamerican.com/article/exxon-knew-about-climate-change-almost-40-years-ago
|
|
|
|
[12]: http://web.archivecrfip2lpi.onion/web/publicintegrity.org/federal-politics/republican-lawmakers-posh-hideaway-bankrolled-by-secret-corporate-cash
|
|
|
|
[13]: http://techrights.org/wiki/index.php/Microsoft_and_the_NSA
|
|
|
|
[14]: http://cal-access.sos.ca.gov/Campaign/Committees/Detail.aspx?id=1401518&view=late1&session=2017
|
|
|
|
[15]: http://web.archivecrfip2lpi.onion/web/20200318144031/www.theverge.com/2018/6/15/17468292/amazon-microsoft-uber-california-consumer-privacy-act
|
|
|
|
[16]: https://web.archive.org/web/20200722105800/tokenpost.com/Central-Bank-of-Sweden-is-testing-digital-currency-5197
|
2022-04-27 03:22:41 -04:00
|
|
|
[17]: https://github.com/privacytools/privacytools.io/issues/374#issuecomment-460077544
|
2021-04-01 12:40:41 -04:00
|
|
|
[18]: https://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database
|
|
|
|
[19]: http://gnu.org/philosophy/free-software-even-more-important.html
|
|
|
|
[20]: http://gnu.org/proprietary/malware-microsoft.html
|
|
|
|
[21]: https://www.vice.com/en_us/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana
|
|
|
|
[22]: https://www.rijksoverheid.nl/documenten/rapporten/2018/11/07/data-protection-impact-assessment-op-microsoft-office
|
|
|
|
[23]: https://www.zdnet.com/article/dutch-government-report-says-microsoft-office-telemetry-collection-breaks-gdpr
|
|
|
|
[24]: https://gdpr-info.eu/art-5-gdpr
|
|
|
|
[25]: https://gdpr-info.eu/art-17-gdpr
|
|
|
|
[26]: https://www.forbes.com/sites/thomasbrewster/2019/08/01/microsoft-slammed-for-investing-in-israeli-facial-recognition-spying-on-palestinians
|
|
|
|
[27]: https://edition.cnn.com/2018/06/03/middleeast/razan-al-najjar-gaza-nurse-killed/index.html
|
|
|
|
[28]: https://www.independent.co.uk/news/world/middle-east/gaza-protests-latest-idf-condemned-edited-video-angel-of-mercy-medic-razan-al-najjar-a8389611.html
|
|
|
|
[29]: https://companies-that-work-with-ice.com
|
|
|
|
[30]: https://thehill.com/policy/technology/393358-microsoft-employees-dissatisfied-by-ceo-response-plan-action-against-ice
|
|
|
|
[31]: https://www.theverge.com/2019/10/9/20906213/github-ice-microsoft-software-email-contract-immigration-nonprofit-donation
|
|
|
|
[32]: https://gizmodo.com/microsoft-employees-up-in-arms-over-cloud-contract-with-1826927803
|
|
|
|
[33]: http://fortune.com/2020/05/18/microsoft-fedex-partnership-build
|
|
|
|
[34]: https://www.zdnet.com/article/honeywell-set-to-launch-its-quantum-computer-with-quantum-volume-of-64
|
|
|
|
[35]: https://techinquiry.org/SiliconValley-Military
|
|
|
|
[36]: https://ai.google/principles
|
|
|
|
[37]: https://web.archive.org/web/20200529160343/www.cheatsheet.com/web/20200529160343mp_/https://www.cheatsheet.com/money-career/these-companies-started-firing-employees-right-after-getting-tax-cuts-from-trump.html
|
|
|
|
[38]: http://www.theguardian.com/technology/2016/feb/02/microsoft-downloading-windows-10-automatic-update
|
|
|
|
[39]: https://www.cnet.com/news/microsoft-windows-10-forced-updates-auto-restarts-are-the-worst
|
|
|
|
[40]: https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation
|
|
|
|
[41]: http://www.linfo.org/microsoft_tax.html
|
|
|
|
[42]: http://techrights.org/2017/03/15/still-using-patents-to-coerce
|
|
|
|
[43]: http://techrights.org/2017/02/27/microsoft-novell-v2-via-azure
|
|
|
|
[44]: https://www.gnu.org/software/repo-criteria-evaluation.html
|
2021-04-03 16:13:44 -04:00
|
|
|
[45]: https://ilyaigpetrov.medium.com/github-shadowbans-anti-censorship-coder-account-for-a-link-to-the-christchurch-shootings-video-c79a80b408a9
|
2021-06-21 09:02:28 -04:00
|
|
|
[46]: https://github.com/deCloudflare/deCloudflare
|
|
|
|
[47]: http://crimeflare.eu.org/
|
2021-06-21 09:48:37 -04:00
|
|
|
[48]: images/github_ban.png
|
2021-04-13 15:28:31 -04:00
|
|
|
|
2021-04-01 12:37:50 -04:00
|
|
|
# Direct practical problems with using Microsoft Github
|
|
|
|
|
|
|
|
1. A survey [shows][0] that a significant number of bug reports are
|
|
|
|
**withheld** when the bug tracker is inside a restrictive or
|
|
|
|
politically controversial walled-garden like MS Github or
|
2021-06-21 09:02:28 -04:00
|
|
|
gitlab.com. This ultimately hinders the quality of software in the
|
|
|
|
commons.
|
2021-04-01 12:37:50 -04:00
|
|
|
1. Github is Tor-hostile [according to Tor project][1]. GH has
|
|
|
|
started forcing Tor users through an extra email verification step
|
|
|
|
that effectively discourages bug reports:
|
|
|
|
![github-tor_hostility][2]
|
|
|
|
1. Github takes a hostile posture toward burner accounts, and they
|
|
|
|
[enforce it][3]. Burner accounts are important for privacy because
|
|
|
|
aggregation of pseudo-anonymous identities enables adversaries to
|
|
|
|
identify someone. Even notwithstanding doxxing, aggregation blocks
|
|
|
|
someone from working on something like "a design for a better
|
|
|
|
marijuana bong" while also working on a project like "business
|
|
|
|
critical infrastructure" for his boss. The bong project might ruin
|
|
|
|
the user's reputation from the standpoint of a commercial job.
|
|
|
|
Burner accounts protect users so they can work on multiple
|
|
|
|
projects, and Microsoft bans that protection.
|
|
|
|
1. MS failed to secure Github, which was [breached to the tune of 500gb of private projects][4].
|
|
|
|
Then security was breached again in July 2020 when OAuth tokens were
|
|
|
|
[stolen][5] from both Github and Gitlab.com.
|
|
|
|
Security incompetence is further showcased by an MS-imposed requirement
|
|
|
|
to create and account and sign in to report an MS security bug.
|
2021-06-21 09:02:28 -04:00
|
|
|
And for those not discouraged by that, [the sign-in page][6] is also broken.
|
2021-04-01 12:37:50 -04:00
|
|
|
1. MS suppresses democracy by [blocking][7] Github access to a project
|
|
|
|
that facilitates protests in Catalonia.
|
2021-04-03 16:13:44 -04:00
|
|
|
MS also [banned][45] the account of an anti-censorship developer.
|
2021-06-21 09:02:28 -04:00
|
|
|
1. In 2021 1st quarter, MS [sabotaged][46] the deCloudflare
|
|
|
|
[project][47], a charitable humanitarian project that gives the
|
|
|
|
general public tools and knowledge to avoid Cloudflare. MS did
|
2021-06-21 09:48:37 -04:00
|
|
|
that silently and without warning or discussion. The user account
|
|
|
|
was also suspended:
|
|
|
|
![github-ban][48]
|
2021-04-01 12:37:50 -04:00
|
|
|
1. Free software projects that rely on non-free software
|
|
|
|
"[put everyone at the whim of the groups and individuals who produce the tools they depend on][8],"
|
|
|
|
and it puts free software developers in a position of hypocrisy.
|
|
|
|
|
|
|
|
## Ethical problems with using Microsoft products and services
|
|
|
|
|
2021-06-21 09:02:28 -04:00
|
|
|
8. Microsoft harms the **environment** by serving the two most destructive oil companies in the world: [ExxonMobil][9] and [Chevron][10].
|
2021-04-01 12:37:50 -04:00
|
|
|
1. (#ExxonKnew) Exxon notoriously [knew][11] about climate change
|
|
|
|
since 1977. They not only kept it secret from the public, but
|
|
|
|
they also financed a disinformation campaign.
|
|
|
|
1. Microsoft and Chevron were [caught][12] each paying $100k to
|
|
|
|
"the Cloakroom", a project to hide bribes going from large
|
|
|
|
corporations to republican politicians.
|
|
|
|
1. Chevron's right-leaning stance is further pushed through its
|
|
|
|
membership with ALEC, which doubles as a superPAC and bill mill
|
|
|
|
that lobbies and writes policy for U.S. republicans.
|
|
|
|
1. Microsoft is a notorious **privacy** abuser:
|
|
|
|
1. MS is a PRISM corporation prone to mass surveillance.
|
|
|
|
1. MS supported CISPA and [collaborates][13] with the NSA.
|
|
|
|
1. MS [paid][14] $195k to [fight][15] the California Consumer
|
|
|
|
Privacy Act (CCPA).
|
|
|
|
1. MS drug tests its employees, thus intruding on their privacy
|
|
|
|
outside the workplace.
|
|
|
|
1. MS finances other privacy abusers:
|
|
|
|
1. In 2012 Microsoft spent $35 million on Facebook ads and in
|
|
|
|
2015 Microsoft was the third biggest spender on Facebook
|
|
|
|
ads in the world.
|
|
|
|
1. MS proxies through Accenture to [make Sweden cashless][16].
|
|
|
|
The war on cash is war on privacy.
|
|
|
|
1. MS supplies Bing search service which gives high rankings to
|
|
|
|
[privacy-abusing][17] CloudFlare websites.
|
|
|
|
1. MS owns and operates Outlook Email and the LinkedIn social
|
|
|
|
media site, both of which are exclusive walled-gardens that
|
|
|
|
limit participation to those who have a phone number and the
|
|
|
|
will to share it with Microsoft.
|
|
|
|
1. MS supplies hotmail.com email service, which uses vigilante
|
|
|
|
extremist org *Spamhaus* to force residential internet
|
|
|
|
users to share all their e-mail metadata and payloads with
|
|
|
|
a corporate third-party.
|
|
|
|
1. MS [unlawfully][18] used people's images without consent to
|
|
|
|
train their facial recognition products
|
|
|
|
1. MS distributes a [nonfree operating system][19], Microsoft
|
|
|
|
Windows, which is jam-packed with
|
|
|
|
[malicious functionalities][20], including surveillance of
|
|
|
|
users, DRM, censorship and a universal back door.
|
|
|
|
1. MS was [caught][21] surreptitiously recording Xbox users and
|
|
|
|
paying contractors to listen to the recordings.
|
|
|
|
1. Dutch government commissioned [a study][22] which found
|
|
|
|
Microsoft to have [several GDPR violations][23]. E.g. Office
|
|
|
|
365 violates [GDPR article 5][24] ¶ `1.c`,
|
|
|
|
[GDPR article 17][25], and stores the data outside the EEA (may
|
|
|
|
also be a GDPR breach).
|
|
|
|
1. Microsoft is detrimental to **human rights** and **democracy**
|
|
|
|
1. Microsoft [finances AnyVision][26] to produce facial
|
|
|
|
recognition technology that the Israeli military uses as a
|
|
|
|
weapon against the Palestinian people who they oppress in their
|
|
|
|
occupation. Note that Israeli snipers [murdered][27] an unarmed
|
|
|
|
civilian Palestinian medic (in breach of the Geneva Convention)
|
|
|
|
then [edited][28] the video to deceive the public for PR damage
|
|
|
|
control.
|
|
|
|
1. Microsoft [supports ICE][29] in a variety of ways in the course
|
|
|
|
of ICE's implementation of Trump's xenophobic border
|
|
|
|
policies. Microsoft services an ICE contract worth
|
|
|
|
[$19.4 million dollars][30] despite protest from employees. In
|
|
|
|
addition to MS Office products, Microsoft has renewed a
|
|
|
|
[Github contract][31] and also supplies cloud computing through
|
|
|
|
its [Azure platform][32].
|
|
|
|
1. MS [partnered with FedEx][33], an NRA-supporting ALEC member as
|
|
|
|
well as [JP Morgan Chase][34], the most evil bank in the world.
|
|
|
|
1. MS [conceals][35] US military contracts to bias PR and dodge
|
|
|
|
social accountablity. They have a much bigger piece these
|
|
|
|
contracts than the rest of MACFANG, they lack Google's
|
|
|
|
[AI principles][36], and unlike Google they ignore employee
|
|
|
|
protest and petitions.
|
|
|
|
1. MS is among the top 15 recipients of Trump's corporate tax breaks,
|
|
|
|
a benefit of $128 billion. Microsoft
|
|
|
|
[sacked hundreds of employees][37] immediately after receiving the
|
|
|
|
tax breaks in February 2018.
|
|
|
|
1. MS is **anti-consumer** and anti-competitive
|
|
|
|
1. MS [tricked][38] users into "upgrading" to Windows 10, which
|
|
|
|
[sabotages][39] users in a variety of ways, one of which is to
|
|
|
|
[prevent cloud-free accounts][40].
|
|
|
|
1. MS [strong-armed][41] nearly all PC manufacturers charge every
|
|
|
|
buyer for an MS Windows license regardless of whether the user
|
|
|
|
actually wants Windows.
|
|
|
|
1. MS [hoards][42] software patents and uses them to [fight free software][43].
|
|
|
|
1. Github [has an F rating][44] by the FSF.
|