Forgot your password?
typodupeerror
Microsoft Cellphones Handhelds Privacy Security Software News

Microsoft Releases Mobile Data Collection Source Code 69

Posted by timothy
from the but-the-secret-room-isn't-in-the-blueprints dept.
mikejuk writes "To avoid the problems that Google and Apple have had with collecting WiFi data and privacy issues Microsoft has just released [some of] the source code used in its mobile data collection system. The code shows how the phones that it drives around don't collect any personal data — just WiFi and cell tower identification so that they can be used in geolocation. The source code is a great educational resouce but as to proving that Microsoft is doing the right thing it just doesn't work. First off, it isn't complete. Second, who is to say that it is the code used in the phones? That's the point of software — it's easy to change. Now if only we can provoke them to release large chunks of Windows or Windows Phone 7...."
This discussion has been archived. No new comments can be posted.

Microsoft Releases Mobile Data Collection Source Code

Comments Filter:
  • by goldspider (445116) <ardrake79&gmail,com> on Thursday July 07, 2011 @04:59PM (#36688318) Homepage

    First off, it isn't complete. Second, who is to say that it is the code used in the phones? That's the point of software — it's easy to change.

    Blah blah blah. And where's the "REAL" birth certificate??

    No amount of proof is enough for some people.

    • I'll believe Microsoft before I believe politicians... and that's saying something.
    • by h4rr4r (612664)

      Those are quite different. Heck, just giving out source and let users compile it and place it on their own phones would solve this complaint. Sure you have to trust the compiler and the hardware, but that is pretty normal.

    • by iluvcapra (782887)

      For any non-trivial function its basically impossible to prove exactly what a computer will do, and once the data leaves the phone to someone's server you can't prove anything. All you have is the company's good word.

      • by Bacon Bits (926911) on Thursday July 07, 2011 @06:13PM (#36688940)

        For any non-trivial function its basically impossible to prove exactly what a computer will do

        Bullshit.

        If this were remotely true then closed-source applications couldn't be hacked. How exactly do you think you crack and application which requires a software key or has a DRM requirement? How do you think they jailbreak game consoles with saved games? The magic of coincidence? Of course not. The look at the binary code, see what it's doing, disassemble/decompile what they can, and trap all network I/O and file I/O. If you really want to know what WP7 is doing, you can reverse engineer it. If DRM -- which is specifically designed to be difficult to reverse engineer or circumvent -- if DRM can be understood with just binary access, the behavior of an OS on a phone which lacks this design focus should not be that difficult.

        Other than being a goodwill gesture (and arguably opening MS up to fraud lawsuits if they are found to be lying), this release doesn't do much at all. However, given what would happen to MS if the code they release here is found to be anything other than what is actually running, I don't believe that they would risk being so stupid as to release anything but the actual source code. MS is in no position in the mobile marketplace to suffer such a gaffe.

        • by Rockoon (1252108)
          In short, you are a complete idiot on this subject of proof, and you have just proven it.
      • I work in an environment where super paranoid measures are imposed to avoid issues. Every piece of software is isolated on a network with a sniffer that will check the nature and content of any data going out or in, while the software is taken through all of it's use cases. Some of these tests are time consuming because the tested software is complex and involves running very many use cases. Compared to some of these, a phone is in fact very simplistic. In many cases we test closed-source appliances but I c
    • You mean you can compile and run this code on your Windows phone?

      You, sir or madam, are missing the point.  Source code alone is meaningless if you can't actually *use* it.
      • by afabbro (33948)

        You, sir or madam, are missing the point. Source code alone is meaningless if you can't actually *use* it.

        You made Donald Knuth cry, you big bully.

      • Re: (Score:2, Offtopic)

        by weicco (645927)

        I don't have time to compile fricking source codes! I have better things to do, like actually use the software. Besides, Microsoft already compiled it for me.

      • by The Moof (859402)

        Source code alone is meaningless if you can't actually *use* it.

        Assuming the code provided is exactly what's used, you can use the source code to do your own code audit. You can see where there might be security problems, see if there's any shady stuff going on, etc.

        Of course, this usefulness relies on those first 8 words of my comment.

    • by Anonymous Coward

      Do you not see the difference between a potentially but very unlikely faked birth certificate, and a piece of meaningless code which won't compile, is by their own admission incomplete, and can't be tested on working hardware?

      How is this insightful? The article was right on the money. This doesn't prove anything.

  • by spd_rcr (537511) on Thursday July 07, 2011 @05:02PM (#36688342) Homepage

    I don't know how this one made it through the slashdot filters to be published. Mikejuk's posting sounds like conspiracy drivel. What Microsoft did was clearly a good effort to try and show the worry-warts what they're doing, but to expect them to give away the source code to their operating systems is just crazy.. their whole business model is based on traditional closed source software.

    • by eln (21727) on Thursday July 07, 2011 @05:06PM (#36688378) Homepage

      I don't know how this one made it through the slashdot filters to be published.

      You must be new here.

    • their whole business model is based on traditional closed source software.

      No, their business model is based on vendor lock-in and pricey support contracts. They could publish the source code and it would not harm their business model because the moment someone created a compatible product, they'd be sued for copying the "look and feel". Our patent and copyright system pretty much ensure there will never be competition against Microsoft (or any large business) from this country, european countries, australia, or most anywhere else they've managed to sucker the government into enac

      • "there will never be competition against Microsoft " Please tell me you are joking. On the off chance you are not trolling please consider this, at a bare minimum MS is up against strong competition in the OS space, Game systems, Database systems, Phone systems, Mail systems, and productivity applications.
  • "That's the point of software — it's easy to change."

    And here I thought it was about letting the user accomplish something they consider useful. I didn't realize the point of software was to allow you to change it. Silly me.

  • by beamsplitter (2352770) on Thursday July 07, 2011 @05:41PM (#36688672)
    ... and while I don't work with this team, I can tell you that it will have been released in good faith, and that the code in the phones will not be any different. I've seen nothing but honesty and integrity in the two years that I've worked for the company.
    • Yeah, but you're probably a designer or an engineer. Generally, I trust what those people say. It's the executives, lawyers, and (to a somewhat lesser degree) sales and marketing reps I expect to lie through their teeth. That said, I expect the same of any corporate entity. Caveat emptor, indeed.

  • How DO you know? (Score:5, Insightful)

    by Sasayaki (1096761) on Thursday July 07, 2011 @05:50PM (#36688766)

    Good question. Very insightful. But how far do you go?

    How would you know that if they released the code that this code is what's really running on your phone? How do you know there isn't a backdoor inserted post compilation?

    How do you know that Linux isn't just a shell around an obscenely stenographed copy of Windows? Do you inspect every single line of code that goes into your machine personally? How do you know the code's not kept in a tiny hardware ROM on all modern chipsets and injected into Linux during boot? Do to read them all, personally? Well you should!

    The sheeple must know! It's a plot by the Skull and Bones society, the Illuminati and the masons, IE9 has links to stuff they put in our water and Windows mobile uses fillings in your teeth as an antenna so the greys can track you from space. Soylent Windows 7 is people! Oh God in heaven it's PEOPLE! ...

    More seriously, yes, it is possible they wouldn't use that actual code in their phones... but Occom suggests they probably do, while Hanlon agrees but clarifies if they aren't it's probably a slightly different version due to that idiot new developer in section 8 that ran the wrong script.

    Eventually, at some point, you just have to either accept what someone's saying or accept there's no trust there and move on. Keep in mind it's practically impossible to avoid cell-tower based snooping and tracking, making this whole point useless because the NSA etc don't need your phone to cooperate for them to get what they want.

    • by exomondo (1725132)

      How would you know that if they released the code that this code is what's really running on your phone?

      RTFA, it's code running on phones they are using for data collection.

  • When they are sued by privacy groups or federal regulators, they will be able to show to the court that this is the code being used in their phones.

    Yeah, sorry, they are not going to prove it to some random joes on the slashdot.

  • I was under the impression that the Wifi sniffing software that Google used was at least based on open source code as well. I'm not sure if that's the case, but I remember hearing something about it when it originally happened.
  • Are you really sure you want to see more? It might harm you in ways you can't imagine.

  • Microsoft does something...slashdotters complain. More news at 11.

Innovation is hard to schedule. -- Dan Fylstra

Working...