Microsoft contractors are listening to your Skype conversations

Originally published at: https://boingboing.net/2019/08/08/microsoft-contractors-are-list.html

…

And nothing of value was lost…

Joke’s on them; I don’t have Skype conversations.

fart, copulate and sing in the shower, all the damn time

It’s not all the damn time

The bad news is that doing so more or less renders Cortana useless.

And? Cortana is useless. I disabled it on my PC as fast as I could and have never ever needed it

Microsoft contractors are listening to your Skype conversations

Why is this snooping always outsourced?

This is why I dropped skype, second Microsoft bought it. I knew this would happen, I knew they would fuck it up.

No company that has the power to provide communications in any fashion should ever be trusted.
They should be relentlessly overseen by EFF lawyers ready to sue.

That seems like a MASSIVE liability on Microsoft? Since Skype is huge with a lot of businesses (big and small) seems like there’s a real potential for industrial espionage.

… this and Github too.

Moral of the story: avoid using other people’s servers, and software you can’t compile and read yourself.

Sadly, many of the apparently convenient services they provide are fairly easily done while adhering to this advice. A combination of habit, lack of reasonably easily acquired skills, and profound ignorance or indifference to the consequences seems to be to blame.

I did give up on Skype when they turned it into a mobile app on the desktop and it became an abomination.

I expect these sort of stories to just gain in frequency.

A subtext to this, perhaps, is how Microsoft is handling contractors since they made big cuts circa 2014 to get around the labor laws: on for 18 months, off for 6 months.

It is useful on Xbox for turning the thing on and off.

…Assuming an empty room without much noise and you have a deep male voice.

I don’t own an Xbox, and even if i had one i don’t do voice assistants of any kind or any IOT which to me is relatively under the same kind of umbrella. If i could nuke Cortana entirely off my OS i would, but i’m fine with disabling as much functionality from it as i can (and i did).

The problem is is that it is more expensive to operate that way because of the hidden costs.

You rent a cloud server and you pay a small king’s ransom for its hourly rate. But, you do not have to buy a physical server, or a rack to store it in, a network to plug it into, or a datacenter in which to build the network, the staff to maintain all of it, or the accountants to depreciate the costs of all this every year on the tax filings.

The whole tech industry is fiddling with the dials on costs vs. control on cloud computing to see what they are comfortable with.

Company-owned mainframe -> companies leasing mainframe (service bureau) -> replatform to unix and client-server -> the cloud

To me, it sounds like we’re back to the service bureau model. Will CA come and kill the cloud like it did the service bureau?

The thing that cracks me up is the paid cloud provider offerings which let you run their stack on-prem, so that if you have limitations on where your data lives, you can use your deployments built for the cloud on your own hardware that you own and operate.

And of course, owning the hardware gets you a significant discount on paying compute costs! /me shakes head

Wasn’t Skype one of the systems the NSA exploited long before Snowden, according to the Snowden dumps? I’m just, ya know, trying to compile a list of all the organizations that are listening in on business meetings and whatnot.

I don’t deal with too many machines (<100 VM’s) for my businesses so the cloud tools on owned machines works well. Don’t get me wrong, I’ll use other people’s servers if it makes sense, but nonsense like conversations being monitored makes it too easy for IP to slip out the door. I’m not interested in that at all. How MS thinks it’s indemnified for that is beyond me.

I suspect that a lot of smaller outfits are just winging it with Skype; but (in a masterpiece of Microsoft branding excellence) the ‘Skype’ that business customers are intended to use is ‘Skype for Business’; which is more or less wholly unrelated to Skype-the-one-they-purchased-and-run-as-a-consumer-product; with its lineage coming directly from Lync(I think they’ve just about finished find-and-replacing instances of the ‘lync’ name out of the more visible areas; but I assume that they will remain in logfile directory names and such until the product is taken out and deprecated).

If you are using Skype for Business, you are either running it on premises; or via Office365; which may or may not have the privacy policy you would like it to have; but has a rather different privacy policy(and more control over ‘features’ like this one) than the prole-tier products do.

Microsoft has, beyond a doubt, gotten more cloud-y and grabby over time; but it remains the case that they are more cautious about upsetting the important customers, so many of their pushiest moves are optional with the right SKU (‘telemetry levels’ being a big one: on non-enterprise versions ‘off’ means ‘limited’; enterprise customers get an off-means-off button. There are a number of Win10 GPOs that work that way, they just get ignored by some versions; like the one below, for the grimly honest, if deeply uninformative, “Microsoft consumer experiences”)

image700×643 11.1 KB

Make that an unaccented deep male voice