Posted by John Scarrow General Manager of Safety
Last week the Microsoft
Digital Crimes Unit filed a lawsuit in U.S. District Court under the
federal CAN-SPAM Act against the perpetrators of what we believe to be
one of the largest-ever spam attacks on Windows Live Hotmail. The
lawsuit –Microsoft Corporation v. Boris Mizhen, et al. – alleges
defendants engaged in an elaborate scheme to evade Microsoft’s filters
by abusing Microsoft’s Junk E-Mail Reporting Program (JMRP)
and Smart Network Data Services (SNDS) to send
vast quantities of spam each day. JMRP and SNDS are free services
designed to help protect Windows Live Hotmail customers from spam by
encouraging people to report it and to help improve our spam filters by
identifying legitimate mail as such.
In our lawsuit, we allege
that defendants opened millions of Hotmail e-mail accounts and hired
people to manually identify spam mails as legitimate mails in order to
trick Hotmail into classifying spam as legitimate mail. Such actions
undermine the measures we’ve put in place to protect people. We take
this abuse very seriously, and while Hotmail and our SmartScreen filter continue to work to block spam
from this identified scheme, we’ll keep investigating and pursuing spam
attacks to protect our network and our customers.
Posted by Scott Charney Corporate Vice President, Trustworthy Computing
Today I’m testifying at a hearing of the House Committee on Oversight and Government Reform. The hearing is on the benefits and risks of the federal government’s adoption of cloud computing.
Cloud computing in its many forms creates tremendous new opportunities for cost savings, flexibility, scalability and improved computing performance for government, enterprises and citizens. At the same time, it presents new security, privacy and reliability challenges, which raise questions about functional responsibility (who must maintain controls) and legal accountability (who is legally accountable if those controls fail). Customers, including the government, need to make informed decisions about adoption of the cloud and its various service models because the model that is embraced will entail different allocations of responsibility between the customer and the cloud provider(s).
This shifting responsibility requires that both cloud providers and governments take seriously their distinct and shared responsibilities for addressing the security, privacy and reliability of cloud services. Both customers and cloud providers must understand their respective roles. Customers must be able to communicate their compliance requirements, and cloud providers must be transparent about the controls in place to meet those requirements:
Posted by Nancy Anderson Corporate Vice President and
Deputy General Counsel Today in Washington, DC, the
National Cyber-Forensics and Training Alliance (NCFTA) and other leading industry and
consumer protection organizations are announcing the worldwide launch of Internet Fraud Alert. It’s a new
program to help make the Internet a safer and more productive place for
consumers and businesses.
Through a centralized alert system
powered by Microsoft technology and managed by NCFTA, Internet
Fraud Alert provides a new, powerful tool to quickly inform financial
and online companies about compromised customer account credentials
(such as online usernames and passwords) or stolen credit card numbers.
With this information, institutions can take action to protect their
customers from further fraud against their accounts.
effects of fraud can be devastating to people and the financial and
online institutions whose services they use. Last year, according to the
Anti-Phishing Working Group,
one million U.S. households lost money or had accounts misused as a
result of phishing, at a cost of $650 million. APWG’s recent data
suggests that phishers are exploiting more brands than ever before.
online fraudsters become increasingly sophisticated in their endeavors,
so too have public/private countermeasures. But we’re not yet as
effective as we could be. For example, when compromised or stolen
account information is uncovered, there is no easy way to determine the
company responsible for the account or how best to report the problem –
which wastes valuable time and resources.
Posted by Peter Cullen Chief Privacy Strategist
have been actively engaged in privacy issues for over a decade, first
at the Royal Bank of Canada and now as Chief Privacy Strategist for
Microsoft since 2003.
During that time privacy has rarely
received as much attention as it’s getting now. Mainstream media from
Good Morning America to USA Today regularly have stories about
everything from shifting online privacy policies to unauthorized
collections and use of personal data. At the same time, some in the
tech industry have suggested that social networking and other new
technologies are making privacy obsolete.
Given the high level
of interest, I’m pleased to be in San Jose this afternoon to deliver the
keynote address at the Computers,
Freedom and Privacy conference.
Microsoft has been working
on online privacy issues since launching MSN in 1994. We’ve had our
challenges along the way, but we’ve learned from our mistakes and
privacy has become increasingly central to everything we do.
this year, in a speech at the University of Washington, Steve
Ballmer said: “As a mature and responsible organization, we have got to
lead with privacy.”
And this is very much Microsoft’s goal. To
apply what we’ve learned in the past around privacy to today’s rapidly
evolving landscape of social media, information flows and the cloud.
One reason we are focused on privacy is because it still very much
matters to our customers- it remains a matter of “trust.”
social media may be pushing the boundaries around privacy and altering
certain behaviors, heavy users of social media – including young people
who some claim don’t know better -- value and fiercely protect their
right to privacy.
Posted by Patrick Brazel CEO of Zignals
(Cross posted from The
Official Microsoft Blog)
In 2008, the financial markets changed fundamentally and
completely. The causes will be debated and they of course predate the
collapse. But there is no argument that the summer of 2008 is when the
market certainties that had prevailed since 1945 evaporated.
was at this time that my business partner and I had been working on a
plan to address what we saw as a huge gap in the financial market. We
saw a need to empower individual investors with the online capabilities
that were available only to professional or major institutions. At the
same time, we wanted to create opportunities for a new class of
researchers to earn from its expertise by being paid for the strategies
it creates and publishes.
We believed strongly that the model
had to change — something different was needed. We had a compelling idea
and a strong plan, but were searching for the technology to lift it off
Around that time, while attending an event hosted
by Enterprise Ireland the economic development arm of the Irish
government, I was introduced to Microsoft’s IP Ventures program. We learned that IP Ventures
identifies innovative technology developed at Microsoft, and provides it
to interested entrepreneurs like us to start new businesses. We brought
the idea and our financial services experience to the table, and after
approving our plans, IP Ventures gave us access to IP assets, as well as
the support and business guidance we needed to help us develop our idea
into something concrete.