Microsoft Archives

Microsoft

At MIT Conference, Warnings of Big Data Fundamentalism

October 9, 2013 Paul Roberts

A senior Microsoft researcher issued a stern warning about the negative consequences of the current mania for data harvesting saying that a kind of “fundamentalism” was emerging regarding the utility of what’s been termed “Big Data” that could easily lead to a Orwellian future of ubiquitous surveillance and diminished freedom. Speaking to an audience of around 300 technology industry luminaries at the Massachusetts Institute of Technology’s annual Emerging Technology (EMTECH) conference, Kate Crawford, a Principal Researcher at Microsoft Research in Boston said that the technology industry’s fetish for “Big Data” had blinded it to the limits of analytics, and the privacy implications of wholesale data harvesting. The Massachusetts Institute of Technology’s (MIT’s) annual Emerging Technologies (EMTECH) conference, a high-gloss event that throws entrepreneurs, venture capitalists and academics together to talk ‘big ideas’ on TED-inspired sets. Crawford’s speech, coming on the heels of a talk about transforming healthcare with big data […]

FTC Bows Out Of IOT Conference Amid Shutdown

October 1, 2013 Paul Roberts

Attendees at a high-level summit to discuss the fast-emerging Internet of Things in Washington D.C. were informed that a scheduled talk by Federal Trade Commission (FTC) Chairwoman Edith Ramirez would not take place because of a U.S. Government shutdown that began at Midnight. Ramirez was scheduled to address the 2013 M2M & Internet of Things Global Summit on Tuesday morning on “The FTC’s Interest in the Internet of Things,” but conference attendees told The Security Ledger that Ramirez was forced to cancel her talk because of a government shutdown. “Attendees were told she could not give it due to the shutdown,” said Torrey Barrett, a marketing professional attending the event, reported via Twitter. Ramirez was scheduled to speak at 9:00 AM on Tuesday as one of a series of keynote speakers, just after Michael Nelson (@MikeNelson), Microsoft’s Principal Technology Policy Strategist and just ahead of Chris Vein, a former deputy […]

SANS’ Pescatore: Security Needs Rethink For Internet Of Things

August 16, 2013 Paul Roberts

Our friends over at InfoSecurity Magazine have an interesting interview with SANS’ Director of Emerging Security Trends John Pescatore about security and The Internet of Things. Pescatore gets a somewhat skeptical hearing from the enterprise-focused IT security publication. (“Granted, it’s unlikely that anyone would be sending a car an email with a malicious executable, but that doesn’t mean there aren’t threat vectors for hackers to exploit,” InfoSecurity opines, by way of an introduction. Oh really?) But Pescatore brings a “deep field” view to this topic, noting that the security issues around IoT are already upon us in the spent almost two decades as Gartner’s Obi-Wan Kenobi for security, where he advised companies and technology vendors on the best way to navigate the shifting sands of the IT security space. Speaking to InfoSecurity, Pescatore says the 100,000 foot message is: ‘let’s learn from our mistakes.’ Specifically, that means not looking at intelligent devices, including […]

Microsoft Bug Bounties Flowing To Googlers

July 19, 2013 Paul Roberts

Two Google employees earned the distinction of receiving some of the first monetary rewards (a.k.a. “bounties”) issued under the company’s newly minted bounty program. Fermín Serna, a researcher in Google’s Mountain View, California headquarters, told The Security Ledger that he received a bounty issued by Microsoft this week for information on an Internet Explorer information leak that could allow a malicious hacker to bypass Microsoft’s Address Space Layout Randomization (or ASLR) technology. His bounty followed the first ever (officially) paid to a researcher by Microsoft: a bounty that went to Serna’s colleague, Ivan Fratic, a Google engineer based in Zurich, Switzerland, for information about a vulnerability in Internet Explorer 11 Preview. Fratic (@ifsecure) acknowledged the honor in a July 11 post on his Twitter account. In an e-mail exchange with The Security Ledger, Serna declined to discuss the details of his discovery until Microsoft had a patch ready to release. But […]

Microsoft Set To Pay First Bug Bounty For IE Hole

July 11, 2013 Paul Roberts

Weeks after launching its first, formal bug bounty program, Microsoft is set to issue its first monetary reward, according to a blog post by Katie Moussouris, the Senior Security Strategist at Microsoft’s Security Response Center (MSRC). Writing on Wednesday, Moussouris said that the company has received “over a dozen” submissions since it launched the paid bounty program on June 26, and that “I personally notified the very first bounty recipient via email today that his submission for the Internet Explorer 11 Preview Bug Bounty is confirmed and validated. (Translation: He’s getting paid.)” Last month, Microsoft announced its new policy to pay for information about serious vulnerabilities in its products. The company had long maintained that it provided other kinds of rewards for information on software holes – mostly recognition and jobs – and didn’t need to offer bounties, as firms like Google, The Mozilla Foundation and Facebook do. In launching the new […]