Author Topic: XP/Passport question  (Read 664 times)

DC

  • Member
  • **
  • Posts: 211
  • Kudos: 0
XP/Passport question
« on: 8 August 2002, 22:15 »
If, in XP, you do, well, anything, it starts whining about the passport stuff. My question, if you sign up to passport *through XP*, what EULA's/privacy statements/whatnots do you get to see (including links to said statements). In other words, what do you agree to? I'm talking about the original texts, not an interpretation. I can't see that myself (lack of XP).
GS/CS d- s-: a--- C++ UL+ P+ L++>+++ E W++ N>+ o K- w-- O- M V? PS+>++ PE- Y+ PGP t+ 5+ X R tv+ b+++ DI+ D+ G++ e>++++ h! r- y
A quantummechanical wavefunction describing an unknown amount of bottles of beer on the wall
A quantummechanical wavefunction describing an unknown amount of bottles of beer on the wall
We take a measurement, the wavefunction will collapse, and one of the bottles of beer will fall

saddlemagic

  • Member
  • **
  • Posts: 43
  • Kudos: 0
XP/Passport question
« Reply #1 on: 9 August 2002, 02:59 »
I'm sure that if you go to Passport and click on the sign-up button, they will give you a link to the EULA for Passport. Just go there and read it.

Through XP or through whatever won't make any difference. The Passport EULA is for Passport. The XP EULA is for XP. The two are mutually exclusive. What you find in one EULA may or may not be in the other's EULA.
Bitter? I'm not bitter. After seeing what Bill Gates and MicroSoft has inflicted upon us. I wish Bill would choke on a cheese sandwich and put us out of his misery.

DC

  • Member
  • **
  • Posts: 211
  • Kudos: 0
XP/Passport question
« Reply #2 on: 9 August 2002, 03:08 »
quote:
Originally posted by Saddle Magic:
Through XP or through whatever won't make any difference. The Passport EULA is for Passport.  EULA.

No it's not. If they don't display those texts (or links to them), and provide some other texts, then the 'normal' ones do not apply (I never agreed to them, so they have the legal value of a puff of air).

That's my question. Does it show them?

Besides, MS whines that I use an incompatible browser when I go there (Mozilla 1.0) and konquerer (when set to identify as MSIE - otherwise it displayes the same error - friggin fascists) crashes on me when I get to the signup page.

[ August 08, 2002: Message edited by: DC ]

GS/CS d- s-: a--- C++ UL+ P+ L++>+++ E W++ N>+ o K- w-- O- M V? PS+>++ PE- Y+ PGP t+ 5+ X R tv+ b+++ DI+ D+ G++ e>++++ h! r- y
A quantummechanical wavefunction describing an unknown amount of bottles of beer on the wall
A quantummechanical wavefunction describing an unknown amount of bottles of beer on the wall
We take a measurement, the wavefunction will collapse, and one of the bottles of beer will fall

saddlemagic

  • Member
  • **
  • Posts: 43
  • Kudos: 0
XP/Passport question
« Reply #3 on: 9 August 2002, 06:01 »
The EULA is used when you purchase/install software programs. At a guess, when you use a web site the privacy statement and terms of use would be used in place of the EULA.

I did go to the passport site and when I clicked on join, well, I clicked on "get your free .net passport today", it promptly told me my browser was not supported. I use Opera exclusively, if Opera doesn't work then I don't need to use that web site.

There may be an EULA buried in there but, I suspect the PS and TOS are it.
Bitter? I'm not bitter. After seeing what Bill Gates and MicroSoft has inflicted upon us. I wish Bill would choke on a cheese sandwich and put us out of his misery.

HibbeeBoy

  • Member
  • **
  • Posts: 246
  • Kudos: 0
XP/Passport question
« Reply #4 on: 9 August 2002, 21:48 »
Stay clear of M$ passport. It's serves no purpose and it's simply a tool for M$ to monitor your web activity.
Democracy, it's like three wolves and a sheep voting on what's for dinner.

HPC GUY

  • Member
  • **
  • Posts: 275
  • Kudos: 101
XP/Passport question
« Reply #5 on: 10 August 2002, 00:31 »
heres a good answer to your question...

Microsoft-FTC settle over Passport
 
By Joe Wilcox
Special to ZDNet News
August 8, 2002, 11:00 AM PT

 

WASHINGTON--Microsoft on Thursday agreed to make sweeping changes to its Passport authentication system as part of a settlement agreement with the Federal Trade Commission.
 
   
Tech Update
Microsoft's Passport

 
The settlement addresses allegations that Passport collects too much information, uses unfair or deceptive practices, and fails to adequately protect the privacy or security of personal information, particularly of children. The FTC's investigation and settlement came in response to a series of complaints made against Passport last summer, said agency chairman Timothy Muris.

Passport is Microsoft's online authentication system, which allows customers to use single sign-in to access multiple Web services. The idea behind Passport is simple: Microsoft would collect and store an ID, password and other personal information such as a shipping address or credit card number. This electronic "wallet" would travel around the Web with a consumer, making it easier to engage in a range of online transactions, such as banking, making travel plans or subscribing to an online publication. AOL Time Warner and Sun Microsystems have backed services using a similar concept.

 

Microsoft uses Passport authentication for its MSN Messenger and Hotmail e-mail services, Microsoft Developer Network online access, and Microsoft Reader e-book purchases, among other product and service offerings. The service also is a cornerstone for .Net, Microsoft's slowly evolving Web services strategy.

But critics have assailed the plan on several fronts, particularly privacy and security, and the FTC on Thursday agreed on some points.

"We believe that Microsoft made a number of misrepresentations, dealing with, one, the overall security of the Passport system and personal information stored on it; two, the security of online purchases made with Passport Wallet; three, the kinds of personal information Microsoft collects of users of the Passport service; and four, how much control parents have over the information collected by Web sites participating in the Kids Passport program," Muris said during the conference call.

The FTC outlined its findings in a six-page complaint. Many of the problems resulted from Microsoft failing to adhere to its own privacy statements about Passport, Passport Wallet or Kids Passport.

As part of the settlement agreement, Microsoft has changed its privacy statements to accurately reflect what information is collected and how it is used, Brad Smith, Microsoft's general counsel, said in a separate conference call.

In an eight-page settlement released Thursday, Microsoft also agreed not to engage in unfair or deceptive practices and to protect the security and privacy of personal information.

The settlement "prohibits Microsoft from misrepresenting its privacy and security practices," Muris said. "The settlement...also requires Microsoft to establish a program to protect the security, confidentiality and integrity of its customers' personal information."

Microsoft is bound by the agreement for 20 years, which is the customary time period for settlements of this type.

"We're just, in fact, at the beginning of the FTC's oversight of Microsoft's online services," said Marc Rotenberg, director of the Electronic Privacy Information Center (EPIC), in a separate conference call. "This is a very big development."

Within one year, Microsoft must "obtain certification from a qualified, independent third party that its security program provides at least the protections that the order mandates," Muris said. The assessment must be performed biannually.

Smith said that Microsoft would abide by third-party audits essentially indefinitely.

For five years, Microsoft must also provide the FTC with all advertising or other documentation pertaining to the collection of personal information; plans, studies, audits or other related information; and any information that might question Microsoft's compliance with the settlement.

"Privacy and security promises must be kept," Muris said during the conference call. "It's good business, it's the law and we'll take action against companies that do not keep their promises."

The FTC settlement is part of an ongoing attempt by Microsoft to smooth over legal problems with regulators, Smith said. "Our agreement with the FTC underscores our commitment as a company to forge a more constructive dialog with government on important public issues."

Jupiter analyst Michael Gartenberg concurred: "As Microsoft attempts to put an end to its trial and tribulations with the government, it will be very aggressive" about settling any outstanding issues.

"At a time when Microsoft is looking for greater user adoption of Web-based services, all which require delivering personal information to them, it needs to be certain that customers are satisfied with the security and privacy being offered."

Passport rejected
A group of privacy organizations, including EPIC and Junkbusters, filed a complaint in July 2001, alleging Passport and the accompanying Wallet service violated Section 5 of the Federal Trade Commission Act. That section covers unfair or deceptive practices.

In August 2001, the lose affiliation of 14 groups amended its original complaint. Among other things, the groups charged that Kids Passport did not comply with Children's Online Privacy Protection Act (COPPA).

The groups also charged that Microsoft was using Windows XP to force signups of the authentication system. Passport is required to use some XP features, such as Windows Messenger.

Users receive five prompts to signup for a Passport account after installing the operating system. Microsoft had already announced plans to remove the prompts as part of Windows XP Service Pack 1. The update, expected as early as late August, includes other tweaks in response to Microsoft's antitrust settlement with the Justice Department and nine of 18 states. A federal judge has yet to approve the deal.

"The FTC has essentially agreed with us, the privacy organizations, as to our original petition," Rotenberg said. "Both in terms of online privacy and also as a legal precedent, it's a very significant outcome."

The FTC contacted Microsoft soon after the groups filed their complaints, Smith said during the conference call. "We cooperated fully in that process," he said. The two sides came to an agreement "in the last few weeks," he added.

As part of the settlement, Microsoft has agreed to make numerous changes to tighten up how much information it collects or what it tells consumers about how information will be used.

The FTC's privacy complaint focused on a single issue: Microsoft's collecting of very detailed information from people's sign-in information and the Web sites onto which which they logged on without notifying customers of the activity. Smith said Microsoft used the information for customer support purposes. In response, Microsoft "changed our privacy statement so that our current privacy statement does make very clear that we collect this information," Smith said.

The FTC also found potential problems with Passport security, which Microsoft also is addressing.

"I want to emphasize that we did not uncover any security breaches during our investigation," Muris said. "Nevertheless, we did uncover the potential for a security problem. We were able to act before the potential became reality."

In response to FTC concerns, Microsoft will institute a comprehensive security program, Smith said. "Clearly the FTC is setting a high bar, not only for Microsoft but for our entire industry, when it comes to security and privacy...a level of security that seemed reasonable when we launched Passport in 1999 does not seem so reasonable by today's norms."

It is uncertain what the broader implications could be for other companies conducting transactions or collecting personal information over the Internet, analysts said. One concern was that many of the allegations made against Microsoft could apply to the company's competitors such as Sun and AOL.

"We're pleased," Rotenberg said. "In some areas the FTC went further than we anticipated...The ongoing presence of the FTC in overseeing some of the new services that are going to be made available to consumers online is important as well."

He added, "The order is quite sweeping because the commission is, in effect, telling Microsoft that it's going to be held to a very high standard in its future representations to consumers about privacy practices. It is further going to require high security standards."

"Anyone in this space will follow suit," Gartenberg said. "The key is that they have a policy and practice in place."

Rotenberg also noted the settlement represents an important precedent that could affect other companies, particularly as the FTC applies its authority under Section 5 of the Federal Trade Commission Act to police online transactions.

"It indicates that as a matter of precedent that the FTC does have the authority to safeguard online privacy,"
"if i destroyed you, i would only be perpetuating your legacy" - Me

HibbeeBoy

  • Member
  • **
  • Posts: 246
  • Kudos: 0
XP/Passport question
« Reply #6 on: 10 August 2002, 04:02 »
Wow ! So, maybe I missed something because I didn't read it all but all that happened here was M$ are going to change the wording on the "Passport" agreement and not the actual practice of gathering info on you ?
I can't stand M$, every fucking day it's something else with this organisation.
Democracy, it's like three wolves and a sheep voting on what's for dinner.