Microsoft Confidential for Law Enforcement Use Only

That’s what the disclaimer says. I believe it.

Brennon Slattery at ComputerWorld just posted an article that’s going to be very controversial. In it, he not only describes the

Microsoft Online Services Global Criminal Compliance Handbook , a “spy guide” for law enforcement detailing what data Microsoft has, keeps, and can relinquish. Since most of you are Microsoft users, there are a few tidbits of information you’ll need to know before purchasing Xbox Live points, logging onto Office Live, or sending an e-mail through Hotmail.

The handbook was posted online by muckraking site Cryptome, prompting Microsoft to issue a DMCA complaint, which in turn led to Cryptome being shut down by its ISP. Calmer heads prevailed and Cryptome is back online.

Amazingly, Microsoft’s Global Criminal Compliance Handbook is still online. Get it while you can. Use a one-time email address if such things bug you.

Thanks to yangs for the heads-up.

MagicJack SLAPPed with $50,000 penalty

I’ve been running a series of articles about Microsoft’s End User License Agreement – particularly the Win7 EULA – in Windows Secrets Newsletter. Microsoft’s EULA is hardly a paragon off clarity and fairness, but it pales in comparison to MagicJack’s.

Back in April 2008, Bob Beschizza at Boing Boing posted a short review of MagicJack’s EULA:

[The EULA] not only has one agree to ads with its paid-for system, but claims that the ads are necessary for it to work. It will also snoop on your calls to target ads more accurately, and has you sign away your legal right to take it to court if it defrauds or otherwise harms you. Delightful.

Neither the EULA itself, nor any other privacy or legal information, can be easily found at its homepage. It’s not even provided at the point of sale, where one enters credit card info, email and street addresses as such, so as to gain access to the service and have your MagicJack dongle delivered. I found the EULA’s URL through Google.

MagicJack took umbrage, and sued Boing Boing for defamation. Fast forward a year, and MagicJack not only lost the lawsuit, it was hit with a $50,000 penalty for what amounts to a frivolous lawsuit.

Fascinating wrap-up on the Boing Boing site.

Most Windows 7 machines max out their memory – the rest of the story

Sometimes my friends write and ask why I don’t comment on certain stories here on the AskWoody site. Case in point: the ComputerWorld article from last week that claims “Most Windows 7 PCs max out their memory, resulting in performance bottlenecks.”

I took one look at the story and figured, meh, what a crock. Win7 may fill up all of your PC’s memory, but that inevitably leads to improved performance, not degraded performance. I figured, why parrot something that was obviously wrong?

Ends up that there’s more to the story.

Peter Bright at Ars Technica wrote an accurate article that refuted the claim. I didn’t bother writing about that either, because the original article was so hairbraned.

The person who wrote the CW story was sucked in by a guy whom Paul Thurrott calls “insane.” Now comes word that the guy who originally duped CW was, in fact, an InfoWorld writer, who was pimping his own software in InfoWorld articles written under a different name. Full details on Ars Technica.

Amazing how things echo around in the Windows reporting vacuum…

European IE ballot screen final

Microsoft posted a final screen shot and description of the Internet Explorer “ballot screen” that will roll out across Europe shortly.

I think the most telling detail is this: the technical explanation appears on Microsoft’s Legal blog, “Microsoft On the Issues.”

The browser choice screen software update will be offered as an automatic download through Windows Update for Windows XP, Windows Vista and Windows 7… [it] will present you with a list of leading browsers. In keeping with our agreement with the European Commission, this list is presented in random order. You can also scroll to the right to see additional browsers, which are also presented in random order.

I don’t see anything unexpected. Apparently Windows Update determines your location based on your IP address – so if you travel to Europe, but don’t live there, you may see this screen anyway.

MS10-015 Blue Screens due to TDL3 rootkit infection

Fascinating.

Last week I wrote about Microsoft’s security patch MS10-015 causing Blue Screens of Death on some machines: if you install MS10-015/KB 977165, or it gets installed for you, your machine may BSOD on reboot. Every reboot.

Marco Giuliani on the Prevx site has this explanation:

TDL3 rootkit looks incompatible with MS10-015 update. This is the cause of the BSOD. Problem resides in the lazyness of rootkit writers when writing the driver infection routine.

When the rootkit dropper is run, the infection calculates the RVA offsets of some Windows kernel APIs and hard code them so that at every restart the portion of the rootkit loader injected inside the infected driver can use these offsets to immediately calculate the address of the wanted functions.

This worked well until the MS10-015 update, when Microsoft updated Windows NT kernel. This update changed those offset values and consequently broke the rootkit code. When the update procedure is finished, system is restarted. At system restart, the rootkit code tries to call a non-valid address and this causes the BSOD.

Good news is that TDL3 authors care about us and they released in a couple hours a new updated version of the rootkit compatible with the Microsoft patch.

Iceman gets 13 years for stealing credit card numbers

Robert McMillan at IDG News reports that Max Butler (a.k.a. “Iceman”) was just sentenced to 13 years in prison for breaking into financial institutions’ computers and stealing credit card information. 13 years plus $27.5 million in restitution.

After a promising start as a security consultant who did volunteer work for the U.S. Federal Bureau of Investigation, [Max] Butler was arrested for writing malicious software that installed a back-door program on computers — including some on federal government networks — that were susceptible to a security hole.

Butler served an 18-month prison term for the crime and fell on hard times after his 2002 release, he said in a sentencing memorandum filed Thursday. “I was homeless, staying on a friends couch. I couldn’t get work,” he wrote. In desperation, he turned again to cybercrime. By the time of his arrest in September 2007, he had built the largest marketplace for stolen credit and debit card information in the world.

Windows 7 for Mobile launches – nobody notices

What happens if you put a Zune on a mobile phone?

CNet has the story.

Forgive me if I don’t get too excited about this one.

Office 2010 due on June 15, per Paul Thurrott

Paul’s WinInfo Short Takes this weekend includes this confirmation of what many of us have suspected for a long time:

(Office 2010 for Windows, meanwhile, will become generally available June 15, 2010.)

Yes, it’s a parenthetical expression, about half the way down the page, under a heading for Office 2011 for the Mac.