Maximum logical drive size that will allow scandisk to run

  • Thread starter Thread starter Daniel Prince
  • Start date Start date
D

Daniel Prince

A friend of mine runs Windows 98 SE. He has an 80 gig drive partitioned
as one logical drive. He can not run scandisk. Windows says he does
not have enough memory.

He says he has 240 megs of ram. What is the maximum logical drive size
that will allow scandisk to run on his system? Would more ram help or
does scandisk use conventional memory only? Thank you in advance for
all replies.
 
Daniel said:
A friend of mine runs Windows 98 SE. He has an 80 gig drive partitioned
as one logical drive. He can not run scandisk. Windows says he does
not have enough memory.

He says he has 240 megs of ram. What is the maximum logical drive size
that will allow scandisk to run on his system? Would more ram help or
does scandisk use conventional memory only? Thank you in advance for
all replies.

I dunno, but this machine runs W98SE and just finished a scandisk on an
80 gig drive partitioned as one big disk with only 256 MB of RAM. Does
your friend have a lot of programs open when he tries? Does your friend
have all MSFT's patches applied?
 
He did not use Microsoft format, and chose a small cluster size that results
in too large FAT for DOS. Reformat and reinstall Windows.
 
A friend of mine runs Windows 98 SE. He has an 80 gig
drive partitioned as one logical drive. He can not run scandisk.
Windows says he does not have enough memory.

Thats a scandisk problem usually caused by too many clusters
in the partition, caused by the use of non standard cluster sizes.
http://support.microsoft.com/default.aspx?scid=kb;ko;229154
He says he has 240 megs of ram.

Thats irrelevant.
What is the maximum logical drive size
that will allow scandisk to run on his system?

That drive would be fine if standard cluster sizes had been used.
Would more ram help
Nope.

or does scandisk use conventional memory only?

Its more complicated than that. Its a 16 bit app which does
have a problem with not having access to enough memory
to handle all the clusters if a non standard cluster size is used.
 
CJT said:
I dunno, but this machine runs W98SE and just finished a scandisk on an
80 gig drive partitioned as one big disk with only 256 MB of RAM. Does
your friend have a lot of programs open when he tries? Does your friend
have all MSFT's patches applied?

I am afraid that I do not know what MSFT patches are. I assume that MS
is Microsoft but I do not know what FT is.
 
Daniel said:
I am afraid that I do not know what MSFT patches are. I assume that MS
is Microsoft but I do not know what FT is.

MSFT is Microsoft's stock ticker symbol. So the question is whether all
Microsoft's patches have been applied.
 
A friend of mine runs Windows 98 SE. He has an 80 gig drive partitioned
as one logical drive. He can not run scandisk. Windows says he does
not have enough memory.

He says he has 240 megs of ram. What is the maximum logical drive size
that will allow scandisk to run on his system? Would more ram help or
does scandisk use conventional memory only? Thank you in advance for
all replies.

weird.

On the new Large drives bigger than 128Gig, the documentation says to
keep partitions to 128Gig or less for older disk utilities to work.
 
Are there any good free utils to use instead of scandisk. I have a 160G set
as one large data partition and would like to be able to check it.
 
Why should there be? Windows 98/ME does not support that configuration. Get
a supported OS.
 
What do you mean by does not support ? Its in there and working fine for
some time now. When I check the properties box it seem to see the whole
thing. I'll be useing 98SE until the end. I have hardware that is not
happy with XP.
 
It's not working fine if scandisk doesn't work, is it? Microsoft says it is
not supported, that's what I mean. Of course there are alternatives like
Norton, but they screw up more than Microsoft.

If you had a dual-boot XP system, you could do your chkdsk there. Even
recovery console would do, which you can run from CD.
 
It's not working fine if scandisk doesn't work, is it? Microsoft says it
is
not supported, that's what I mean. Of course there are alternatives like
Norton, but they screw up more than Microsoft.

I thought you ment Win98 didnt support big drives. Yes I new of the
scandisk limitation before hand. I thought I might be able to find another
util to do it. I'm not a big Norton fan but there is probably others out
there. I saw an article the other day that said I'm not the only one left
using Win98, there where even a large number of corporate users still
running Win95.
If you had a dual-boot XP system, you could do your chkdsk there. Even
recovery console would do, which you can run from CD.

Actually it is a dual boot system but I tried using XP in another box (with
same drive setup and dual boot) and it screwed up a lot of files. Turned
into one of those keep finding another problem and pretty soon whole
directories are gone kinda deals.
 
Jim wrote
I saw an article the other day that said I'm not
the only one left using Win98, there where even
a large number of corporate users still running
Win95.

That's because Windows XP itself is spyware.
AKA Project Hailstorm Wallet Inspection System.

Companies are not comfortable allowing BILL
to be their personal Wallet inspector.

Does anybody have a way to turn OFF the Project
HAILSTORM Wallet Inspection System in XP?

It's all about security FOR BILL and not for you.

Ask about it on a newsgroup hosted by Microsoft and
take bets on how long before the post goes missing. :)
 
On 26 Dec 2003 02:28:53 -0800
Jim wrote

That's because Windows XP itself is spyware.
AKA Project Hailstorm Wallet Inspection System.

Companies are not comfortable allowing BILL
to be their personal Wallet inspector.

Does anybody have a way to turn OFF the Project
HAILSTORM Wallet Inspection System in XP?

It's all about security FOR BILL and not for you.

Ask about it on a newsgroup hosted by Microsoft and
take bets on how long before the post goes missing. :)

Uh, what leads you to believe that this is part of XP? It was announced
near the end of 2002, long after XP had shipped, and seems to be a
codename for services that run under .NET, which also is not part of XP.
So I don't see where the problem is. And the only "discussion" I can
find about it is your rants.
 
J.Clarke said:
Uh, what leads you to believe that this is part of XP? It was announced
near the end of 2002, long after XP had shipped, and seems to be a
codename for services that run under .NET, which also is not part of XP.
So I don't see where the problem is. And the only "discussion" I can
find about it is your rants.

Wasn't announced until 2002?
Not part of XP?

The funniest hit is
Even MS executives do not know what HailStorm/.NET is for <g>
Date: 2001-08-30 10:17:01 PST

Google Hailstorm Privacy

Re: HailStorm / XP Privacy Concern
Anyone has any opinion on this Hailstorm privacy concern on XP?Refer
this CNN news: http://www.cnn.com/2001/TECH/industry/07/27 ...
jaring.pcbase - Jul 28, 2001 by Aspire Planet - View Thread (1
article)

Global Internet Liberty Campaign Newsletter Alert
.... agency created [19] Euro hearing on ECHELON surveillance [20]
US-EU flap over Safe
Harbor contracts [21] Microsoft SmartTags & Hailstorm privacy woes
[22] EBay ...
comp.society.privacy - May 8, 2001 by Chris Chiu - View Thread (1
article)

Privacy in a HailStorm
.... of the week is Internet privacy. It seems that the Internet wants
to empty your wallet
and then steal your soul, and Microsoft's new HailStorm software
package ...
comp.society.privacy - May 16, 2001 by Steve Brock - View Thread (1
article)

Win XP under fire from privacy groups
.... press conference Wednesday, Rotenberg said the complaint "concerns
the privacy implications
of ... to the scheme is .Net, which encompasses HailStorm, Passport
and ...
soc.culture.singapore - Jul 26, 2001 by Kobalt - View Thread (3
articles)

More Microsoft security concerns: Wall Street Journal
Microsoft's HailStorm Initiative Raises Security, Privacy Questions By
Rebecca Buckman
Staff Reporter of The Wall Street Journal Microsoft Corp.'s sweeping
new ...
comp.os.linux.advocacy - Mar 24, 2001 by Chad Everett - View Thread
(108 articles)

Banks Share Privacy Policies, but Examine Them Carefully
.... Note to readers: If you get a privacy notification that's
especially well-disguised
or ... is also designed to be the entry point to the ``Hailstorm''
world of ...
comp.society.privacy - Apr 18, 2001 by Prof. L. P. Levine - View
Thread (1 article)

Is Hailstorm going to bring a piece of mind?
.... the technical capabilities, Microsoft will mandate strict data
collection and use
practices among HailStorm licensees to ensure that user privacy is
protected. ...
microsoft.public.dotnet.general - Mar 30, 2001 by Larry Serflaten -
View Thread (6 articles)

Re: Passport.COM claimt in algemene voorwaarden IE-licenties
.... so that it reflects the strong privacy commitments and safeguards
articulated in
the TRUSTe approved and certified privacy statement. "HailStorm" is
currently ...
nl.juridisch - Apr 6, 2001 by Eggie - View Thread (9 articles)

The problem with .net
.... improve credibility with consumers before it can become a trusted
'infomediary'
through its Passport and Hailstorm initiatives," Privacy Foundation
executive ...
se.dator.datorkrig - Mar 20, 2002 by Marco - View Thread (1 article)

Global Internet Liberty Campaign Newsletter. Part 2
.... 21] Microsoft SmartTags & Hailstorm privacy woes =====
How would you like to have your most personal details ...
free.uk.politics.libertarian - May 5, 2001 by Claire Johnstone - View
Thread (1 article)
 
On 29 Dec 2003 03:36:01 -0800
Wasn't announced until 2002?
Not part of XP?

Oh, I'm sorry, I was looking for something to do with Hailstorm and a
"wallet". Perhaps if you used nomenclature that related to
an actual product you might communicate more effectively.

That said, if "Hailstorm" is part of XP then why is it necessary to
download .NET services as a separate item? Hmmm?

Do yourself a favor, don't shout "The sky is falling" until you're sure
that what hit you on the head wasn't seagull poop. That way, when the
sky really _is_ falling you won't have been plonked as Yet Another
Usenet Kook.

<bunch of Chicken Little poop snipped>
 
Companies are not comfortable allowing BILL
to be their personal Wallet inspector.

Does anybody have a way to turn OFF the Project
HAILSTORM Wallet Inspection System in XP?

It's all about security FOR BILL and not for you.

Be nice to Bill. How would you like it if your net worth dropped by
tens of billions of dollars?
 
www.epic.org/privacy/consumer/MS_complaint.pdf

Before the
Federal Trade Commission
Washington, DC
In the Matter of )
)
Microsoft Corporation. )
_____________________________ )
Complaint and Request for Injunction, Request
For Investigation and for Other Relief
INTRODUCTION
1. This complaint concerns the privacy implications of the Microsoft
XP operating
system that is expected to become the primary means of access for
consumers in the
United States to the Internet. As is set forth in detail below,
Microsoft has engaged, and is
engaging, in unfair and deceptive trade practices intended to profile,
track, and monitor
millions of Internet users. Central to the scheme is a system of
services, known
collectively as ".NET," which incorporate "Passport," "Wallet," and
"HailStorm" that are
designed to obtain personal information from consumers in the United
States unfairly and
deceptively. The public interest requires the Commission to
investigate these practices
and to enjoin Microsoft from violating Section 5 of the Federal Trade
Commission Act,
as alleged herein.
PARTIES
2. The Electronic Privacy Information Center ("EPIC") is a non-profit,
public interest
research organization incorporated in the District of Columbia. EPIC's
activities include
the review of government and private sector polices and practices to
determine their
possible impact on the privacy interests of the American public. Among
its other
activities, EPIC has prepared reports and presented testimony before
Congress and
administrative agencies on the Internet and privacy issues.
C 2
3. The Center for Digital Democracy ("CDD") is a non-profit
organization that represents
the interests of citizens and consumers with respect to new media
technologies.
4. The Center for Media Education ("CME") is a national nonprofit,
nonpartisan
organization dedicated to creating a quality electronic media culture
for children, their
families, and the community. CME's report "Web of Deception" (1996)
first drew
attention to potentially harmful marketing and data collection
practices targeted at
children on the Internet and laid the groundwork for the Children's
Online Privacy
Protection Act.
5. Computer Professionals for Social Responsibility ("CPSR") is a
public-interest
alliance of computer scientists and others concerned about the impact
of computer
technology on society
6. Consumer Action is a 30 year-old, San Francisco-based non-profit
education and
advocacy organization. It works on a wide range of consumer and
privacy issues in
conjunction with its national network of 6,500 community-based
organizations.
6'. The Consumer Federation of America ("CFA") is a non-profit
association organized
in 1967 to advance the interests of consumers through advocacy and
education. CFA's
current membership is comprised of over 280 national, state, and local
consumer groups
throughout the United States, which, in turn represent more than 50
million consumers.
7. The Consumer Task Force for Automotive Issues ("CTFAI") was
co-founded by Ralph
Nader and Remar Suttton. CTFAI monitors auto fraud activities for
consumer
groups, attorneys general, and plaintiff firms. CTFAI has particular
interest in consumer
privacy since using the Internet is a common practice for consumers
looking for
information on cars and loan.
8. The Electronic Frontier Foundation ("EFF") is a non-profit
organization based in San
Francisco, California. EFF is a donor-supported membership
organization working to
protect our fundamental rights regardless of technology; to educate
the press,
policymakers and the general public about civil liberties issues
related to technology; and
to act as a defender of those liberties.
9. Junkbusters is a privacy advocacy and consulting company based in
New Jersey
and incorporated in Delaware.
10. The Media Access Project ("MAP") is a non-profit, public interest
law firm
C 3
that promotes the public's First Amendment right to hear and be heard
on the electronic
media of today and tomorrow.
11. NetAction is a San Francisco-based nonprofit organization that
promotes use of the
Internet for grassroots citizen action, and educates policy makers on
technology policy. In
1997, NetAction launched a campaign that mobilized Internet users to
pressure the
Justice Department to enforce antitrust laws against Microsoft.
12. The Privacy Rights Clearinghouse ("PRC") is a nonprofit consumer
information and
advocacy program based in San Diego, California.
13. U.S. Public Interest Research Group ("USPIRG") serves as the
national association of
state PIRGs, which are independent, non-profit, non-partisan advocacy
organizations
around the country. U.S. PIRG and the state PIRGs have a long-standing
interest in data
privacy and data protection and have published a series of reports on
privacy-related
topics, including identity theft.
14. Microsoft Corporation ("Microsoft") was founded as a partnership
in 1975 and
incorporated in the State of Washington in 1981. Microsoft develops,
manufactures,
licenses, and supports a wide range of software products for a variety
of computing
devices. Microsoft's principal place of business is One Microsoft Way,
Redmond,
Washington 98052-6399. At all times material to this complaint,
Microsoft's course of
business, including the acts and practices alleged herein, has been
and is in or affecting
commerce, as "commerce" is defined in Section 4 of the Federal Trade
Commission Act,
15 U.S.C. § 44.
15. EPIC, CDD, CME, CPSR, Consumer Action, CFA, CTFAI, EFF,
Junkbusters, MAP,
NetAction, PRC, and USPIRG bring this complaint against Microsoft
alleging unfair and
deceptive trade practices under Section 5 of the FTC Act.
16. The complainants reserve the right to amend this complaint as new
facts emerge
regarding this matter.
THE IMPORTANCE OF PRIVACY PROTECTION
17. The right of privacy is a personal and fundamental right in the
United States. The
privacy of an individual is directly implicated by the collection,
use, and dissemination of
personal information. The opportunities for an individual to secure
employment,
C 4
insurance, and credit, to obtain medical services, and the rights of
due process may be
jeopardized by the misuse of certain personal information.
18. Privacy law in the United States has by tradition protected the
privacy of consumer in
the offering of new commercial services enabled by new technologies.
For example, the
Cable Act of 1984 protects the privacy of cable subscriber records
created in connection
with interactive television services. The Electronic Communications
Privacy Act of 1986
protects the privacy of electronic mail transmitted over the Internet.
The Video Privacy
Protection Act of 1988 protects the privacy of rental record for video
recordings of
commercial programs made available to the public for home viewing. The
medical
privacy regulations mandated by the Health Insurance Portability and
Accountability Act
establish safeguards for the delivery of medical information in
electronic formats.
19. The vast majority of Americans are today "concerned" or "very
concerned' about the
loss of privacy particularly with regard to commercial transactions
that take place over
the Internet. One poll has indicated that the "loss of personal
privacy" is the number one
concern facing the United States in the twenty-first century. A recent
poll shows that
Americans favor government action to safeguard online privacy. Another
recent poll
indicates that the ability to remain anonymous online is supported by
both Internet
experts and ordinary Internet users.
20. The Federal Trade Commission has played a significant role in the
last several years
investigating and prosecuting violations of section 5 of the Federal
Trade Commission
Act where the privacy interests of Internet users are at issue.
STATEMENT OF FACTS
Background
21. Microsoft is the largest computer software company in the world.
Microsoft's
customers include consumers, small and medium-sized organizations,
enterprises,
educational institutions, Internet Service Providers, and application
developers. Most
consumers of Microsoft products are individuals in businesses,
government agencies,
educational institutions, and at home.1 The Microsoft operating system
is used by more
Internet users than any other operating system in the world.
Microsoft's database of
1 Microsoft Corporation Form 10-K for the Fiscal Year Ended June 30,
2000.
C 5
Passport users is the largest commercial database of Internet users.
At present there are
more than 100 million users.2
22. Microsoft's Internet business activities include the MSN network
of Internet products
and services and alliances with companies involved with broadband
access and various
forms of digital interactivity.3 Microsoft's online properties include
MSN Internet
Access, MSN Hotmail, MSN Messenger Service, WebTV Networks, Microsoft
CarPoint,
Microsoft Home Advisor, Expedia, Inc., MSN MoneyCentral and MSNBC.4
23. The far-reaching and inter-connected nature of Microsoft's
Internet business activities
provides a unique potential for the collection, sharing and use of
personal information
concerning the users of its various properties. This potential to
track, profile, and
monitor users of the Internet has far-reaching and profound
implications for privacy
protection in general and in particular with regard to the growth of
electronic commerce.
24. As is set forth in detail below, Microsoft has developed technical
capabilities and
business practices that facilitate such tracking, profiling, and
monitoring in an
unprecedented manner. As a direct result of these capabilities and
business practices,
Internet users who seek to engage in online commerce will routinely
disclose to
Microsoft virtually all aspects of their private transactions with
other merchants.
25. Internet users will also be confronted with a confusing labyrinth
of inter-connected
Microsoft websites that collect and share their personal data.
Consumer confusion is
exacerbated by the misleading registration practices, incoherent
privacy policies, and
covert data sharing arrangements that are intended to facilitate the
collection of personal
information from consumers by Microsoft while simultaneously making it
difficult if not
impracticable for consumers to exercise control over their personal
information.
26. When viewed both in its entirety and in terms of specific business
practices outlined
below, and considering the extraordinary market dominance enjoyed by
Microsoft, the
collection and use of personal information within the Microsoft
network under Windows
XP and with the associated .NET services constitutes a series of
unfair and deceptive
trade practices.
2 New York Times, July 26, at C4.
3 Microsoft Corporation Form 10-K for the Fiscal Year Ended June 30,
2000.
4 Id.
C 6
Windows XP Impact on Consumer Profiling
27. With the release of the new operating system Windows XP and its
associated
services, Microsoft will transform the process for the collection and
use of personal
information on American consumers who engage in electronic commerce on
the Internet.
Personal information associated with commerce, such as credit card
numbers, has
traditionally resided under the personal control of the individual
consumer. Such
information is typically disclosed in the context of a particular
transaction for a particular
purpose to a particular merchant. With the release of Windows XP,
Microsoft proposes to
move the locus of control away from the end user to Microsoft.
Although it is described
by Microsoft as a "user-centric," the Windows XP architecture is more
accurately
described as "Microsoft-centric."
28. The Microsoft Passport is a user authentication standard that will
enable Microsoft to
collect personal information from consumers and disclose that
information to Microsoft
partners and others. It makes Microsoft the central repository for
routine information for
commercial transactions, as well as personal facts such as birthdates
and anniversaries.
29. The HailStorm platform will enable the widespread exchange of
personal information
among Microsoft business partners. It is intended to exchange the
rapid exchange of a
wide range of personal information set out in more detail below.
30. Microsoft privacy practices will have a profound impact on
American consumers.
According to Microsoft, the Hotmail web-based e-mail service, MSN,
Microsoft.com,
and Passport, are among the ten largest Web sites in the world.5
31. Microsoft is currently testing the Windows XP operating system.
Several questions
have already been raised about certain proposed features of XP that
may disadvantage
competing products, services and standards provided by Microsoft's
competitors.
32. The Windows XP system is expected to be finalized later this year
and then sold to
consumers.
33. The Federal Trade Commission is the primary federal agency
responsible for
investigating and prohibiting "unfair methods of competition in or
affecting commerce;
and unfair or deceptive acts or practices in or affecting commerce."
5 Hailstorm White Paper, http://www.microsoft.com/net/hailstorm.asp.
C 7
A. Passport
34. According to Microsoft, "Microsoft Passport allows consumers to
create a
single sign-in, registration, and electronic wallet that can be shared
between all of
the sites that support Microsoft Passport."6
35. The information that may be stored in the Microsoft Passport
includes "real
name," country/region, state, city/locale, gender, age, occupation,
marital status,
e-mail, personal statement, hobbies and interest, favorite quote,
favorite things
("Name your favorite books, artists, places, gizmos, or gadgets"), a
personal
photo ("include a photo of yourself, a loved one, or a favorite place,
thing or
pet"), a home page, options to routinely disclose the Public Profile
in MSN chat
rooms, and to be notified of future features, as well as whatever
additional data
Microsoft eventually chooses to request for the Public Profile.
36. The information maintained in the Passport Public Profile is under
the "user
control" in the sense that the user may choose not to provide certain
information
or to prevent certain information from being routinely disclosed, but
the Profile is
also very much under the control of Microsoft in the sense that the
information is
physically in the possession of Microsoft and may be obtained by
Microsoft
whether or not the user chooses to make the personal information
public. Further,
many of the practices described below demonstrate how Microsoft
through the
XP Registration procedures, access to MSN, use of Hotmail, and use of
new
services such as e-books seeks to obtain from the consumer detailed
information
for the Passport system.
37. The Microsoft Passport Privacy Policy contains a section entitled
"Participating Sites'
Commitment to Privacy." The title of this section reasonably would
lead a consumer to
believe what the heading implies; that sites that participate in
Microsoft Passport have a
commitment to protect users' privacy. However, the section only
contains one
requirement for participating websites; "All Web sites participating
in the Passport
program must have a posted privacy policy." Nothing is said regarding
what level of
protection that policy must provide. This section, with its deceptive
title, is likely to
promote consumer confidence in Passport by instilling the mistaken
impression that
participating websites will protect their personal information.
6 Microsoft Corporation Form 10-K for the Fiscal Year Ended June 30,
2000.
C 8
38. The Windows XP operating system leaves the user with little choice
but to employ
Passport. As soon as the user starts a computer and uses a modem, a
dialog box appears
on the screen stating: "You've just connected to the Internet. You
need a Passport to use
Windows XP Internet communications features (such as instant
messaging, voice chat
and video), and to access Net-enabled features. Click here to set up
your Passport."
39. The collection and use of detailed personal information in this
fashion constitutes an
unfair and deceptive trade practice.
B. HailStorm
40. HailStorm is a software based means to transfer personal
information contained in the
Microsoft Passport, as well as a host of other information, across any
operating system,
platform, or device. Microsoft lists an extraordinary range of
consumer information that
will be collected and subsequently disclosed by means of HailStorm.
This information
includes a person's home telephone number, office telephone number,
fax number, home
address, business address, and geographic locations; a person's actual
name, nickname,
birthdate, anniversary, other special dates, and personal photograph;
a complete list of all
names of all contacts contained in an electronic datebook, including
names, addresses,
contact dates, and personal details for all friends and associates;
information concerning
location and contact information; all forms of incoming mail,
including voicemail,
electronic mail, and fax mail; tracking information; personal and
business documents;
favorite websites and other identifiers; receipts, payment
instruments, coupons and other
transaction records, devices settings and capabilities across all
platforms, including PC,
PDA, and telephones; and detailed usage reports for each one of these
services.7
41. Microsoft represents that when using HailStorm, the "user owns the
data" that he or
she enters into Passport. HailStorm will, according to Microsoft, "put
people in control
of their own data," because "HailStorm starts with the assumption that
the user controls
all personal information and gets to decide with whom to share any of
it and under what
terms."8
42. Despite these broad representations, the control that users will
ultimately have over
the extensive collection of their personal information within the
HailStorm system will be
subject to the vagaries of Microsoft's business model.
7 Hailstorm White Paper, http://www.microsoft.com/net/hailstorm.asp.
8 Microsoft Corporation Form 10-K for the Fiscal Year Ended June 30,
2000
C 9
43. Microsoft states that it "intends to contractually bind licensees
to specific terms of
use that control what can and cannot be done with user data
originating from a HailStorm
source." Microsoft has made its intention clear, stating that it "will
operate HailStorm as
a business." In Microsoft's HailStorm business model, "end users will
be the primary
source of revenue to Microsoft."9
44. To use Windows XP, consumers will be unfairly led to believe that
they need a
Microsoft Passport. Passport is the "basic user credential" of
Hailstorm. Although
Microsoft claims the "users own their information" and that consumers
will control the
use of that information, Microsoft will charge consumers to relay this
vast amount of
individually identifiable information, ranging from their home
addresses to the
documents stored on their computers. Microsoft will also charge
recipients to use the
information.
45. As a result of these practices, Microsoft will essentially provide
consumers the
"right" to buy some limited level of "control" over the use of their
own personal
information outside of Microsoft, despite the fact that the consumer
has no meaningful or
effective control over the use of that information within Microsoft.
Additionally, in
reference to third parties, consumers' control of their own
information exists only so long
as the consumers' desires fit within the framework of Microsoft's
intent to "contractually
bind licensees" regarding the use which they can and cannot make of
this information.
46. Microsoft's Windows XP / Passport / HailStorm business model
constitutes both an
unfair and a deceptive trade practice when considered in its entirety.
Misleading Product Activation and Registration Procedures
47. Microsoft represents to consumers that the product activation
feature included in the
new Windows XP operating system and its software suite Office XP will
not combine the
information gathered in the activation's hardware sweep with
personaly identifiable
information. Information at the Microsoft website states:
Microsoft Product Activation is completely anonymous, and no
personally
identifiable information is collected.
9 Id.
C 10
48. However, Microsoft then goes on to say:
Activation is different from product registration. If they wish,
customers
may voluntarily register their product by providing their name and
contact
information. Registration is for those customers who want to receive
future communications on product updates, service releases and other
special offers.10
49. Microsoft also claims that product registration, which requires
personally identifiable
information, is voluntary. However, users cannot receive support
services for products
without registering for Microsoft Passport. The user's product
identification number is
then linked to his or her personally identifiable Passport
information. Information posted
by Microsoft states:
Using the Online Support sites secured by Passport is easy. Passport
provides secure authentication ensuring that your support interactions
and
all data exchanged with Microsoft is secure and private. To establish
your
own private and secure personalized support web page where you can
interact with our award-winning Microsoft Support Professionals, first
time users will need to (1) sign-up for Passport or sign-in to
Passport and
(2) complete a profile.
In order to identify the type of support you are entitled to, this
system may
automatically determine your product identification number. This
number
is required to receive support from Microsoft.11
50. Through product activation and registration, Microsoft can
actually match users to
their machines. Although Microsoft represents to users that the
product activation
process preserves anonymity, users cannot receive software support
anonymously for the
product that they activate and are forced to register for Microsoft
Passport.
51. This practice constitutes an unfair and deceptive trade practice.
10 Software Piracy on PressPass,
http://www.microsoft.com/presspass/newsroom/piracy/productactivationfaq.asp
11 http://servicedesk.one.microsoft.com/WRPublic/en/Consent.asp
C 11
Hotmail Service Tracks Users
52. Hotmail is an email service offered by Microsoft.
53. Users of Hotmail email service are required to create Passport
accounts, using the
personal information they provided to sign up with Hotmail. No notice
is provided to
Hotmail users that they are being given Passport accounts, nor does
the Hotmail website
contain an opt-out feature. When Hotmail users login to Hotmail, they
are simultaneously
logged-in to the Passport system.
54. Passport will track Hotmail users as they visit other MSN sites,
and provide users'
personal information to those sites, unless the users click on a small
"Sign-Out" button on
the page each time they wish to move to a different MSN site.
Hotmail's privacy policy
states in part:
Your non-personally identifiable information from your Hotmail
registration (such as zip code and gender) may be shared with other
Microsoft websites to provide a more personalized advertising
experience
online. For example, you may see ads from a Microsoft
bCentral/LinkExchange Banner Network member as you surf the Web but
none of your personally identifiable information is shared with the
third
party websites.12
55. Passport tracks the behavior and divulges the personal information
of Hotmail
customers who neither have been notified of their Passport accounts,
nor have granted
permission for such use of their information. If a user visits the MSN
homepage, a
Passport "Sign-in" button will appear. If the user who did not come
from Hotmail or
another MSN site clicks this button, information on Passport will
appear, along with an
invitation to join the Passport system. However, if a Hotmail user who
did not click the
Passport "Sign-Out" button before exiting Hotmail visits the MSN
homepage and clicks
the same button, the MSN page will reload, with a message greeting the
user by name.
56. This practice constitutes an unfair and deceptive trade practice.
12 Hotmail MSN Hotmail Privacy Statement,
http://lc1.law5.hotmail.passport.com/cgibin/
dasp/hminfo_shell.asp?content=pstate
C 12
Kids Passport Captures Data from Parents for Unrelated Services
57. Microsoft makes the following representations regarding the Kid's
Passport service,
which enables the collection of information on children under the age
of 13 that will be
subsequently disclosed to Microsoft partners and other entities
operating on the Internet.
Microsoft Kids Passport allows parents to consent to the collection,
use
and sharing of their children's information with Microsoft and the
sites
and services operated by or for Microsoft (including MSN) and with
participating Passport Web sites that have agreed to utilize Kids
Passport
as their parental consent process. (emphasis added) . . .
All of these sites [participating passport websites] agree to have a
posted
privacy statement describing how they use personal information
collected
by their website. . . .
It is important for you to read the Privacy Statement and Terms of Use
for
each website you are consenting for your child to visit and use.13
58. The Kids Passport privacy policy only requires one parental
verification process.
Participating Passport websites will not have to obtain "verifiable
parental consent" if the
user enters the site through Kids Passport because the participating
websites will have
already agreed to utilize Kids Passport as their parental consent
process. Thus if a
participating website changes its existing privacy policy after the
parent has gone through
the verification process and the changed policy conflicts with the
parent's level of
consent, the participating site will not have to obtain parental
consent a second time. The
burden will be on the parent to ensure that his/her consent level is
consistent with
participating websites' privacy policies at all times.
59. Even if the privacy policies of participating Passport websites
contradict or provide
less protection than Passport's privacy policy, the participating
Passport websites'
policies will govern over Passport's privacy policy. Hence, the parent
is effectively
required to read all participating Passport websites' privacy policies
before providing
parental consent in the first instance for Kids Passport
13 Microsoft Passport: Privacy Statement,
http://www.passport.com/Consumer/PrivacyPolicy.asp?PPlcid=1033
C 13
60. The design of Kids Passport further requires parents to review the
privacy policies of
participating websites on an ongoing basis to make sure that websites
have not altered
their privacy policies in a manner that conflicts with the parents'
desired level of consent.
61. Parents are required to establish their own Microsoft Passport
accounts in order to
register their children with Kids Passport. Microsoft does not provide
parents with any
other means of registering their children with Kids Passport.
62. Microsoft's practice of requiring parents to register for Passport
in order to register
their children for Kids Passport is a deceptive practice. It enables
further collection of
personal information by Microsoft for purposes unrelated to the use of
Kids Passport.
Further, by requiring parents to verify their consent through credit
card validation,
Microsoft automatically creates a Passport Wallet for the parents,
where their credit card
information will be held.
63. These practices constitute unfair and deceptive trade practices.
Covert Sharing of Passport Information within the MSN Network
and Conflicting Privacy Standards within the MSN Network
64. Microsoft Passport facilitates greater access by Microsoft
affiliates within the MSN
network to personal information of computer users. Microsoft
represents that
When you sign in to any area of MSN (and don't sign out) and you visit
any other area of MSN, you will be automatically signed in . . . [and]
your
Passport information (excluding your wallet information) will
automatically be shared with each area in MSN that you visit.
65. While facilitating the broad sharing of personal data, Microsoft
makes it difficult, if
not impossible, for users effectively to protect their privacy within
the MSN Network
because the various components offer contradictory and conflicting
privacy policies.
Thus, Microsoft advises users that "when you choose to visit the
various areas of MSN . .
.. you are subject to their specific terms of use and privacy
policies."14
66. Microsoft's collection and sharing of personal data under this
procedure within its
network constitutes an unfair and deceptive trade practice.
14 Id.
C 14
The Flawed Microsoft Passport Privacy Policy
67. The Microsoft Passport Privacy Policy states that, "[y]ou are in
complete control of
which web sites receive the Personal Information in your Passport
profile and Passport
wallet … Microsoft will not share, sell, or use your Personal
Information in any way not
described in this privacy statement without your consent."15
68. Participating web sites are not required to abide by the same
information collection
practices as purportedly apply to the Microsoft Passport services, and
such sites can
apparently share, sell, or use personal information in a manner not
explicitly provided for
in the Passport Privacy Policy.
69. Buy.com, a shopping site accessible through the Passport service16
reserves the right
"to share [customers'] personally identifiable information with third
parties who provide
services to us, our customers and web site visitors … includ[ing]
authorized contractors,
temporary employees and consultants and other companies working with
us."17 Further,
customers of Buy.com who then wish to shop at other sites associated
with that company
(part of its "Partner Center") are subject to entirely different
privacy protections once
again.
70. Participating web sites are not required to meet even basic
industry standards of
privacy protection to participate in Passport services. Microsoft only
requires that
participating web sites have "a posted privacy statement."
71. Customers, assured by Microsoft that information in their Passport
profile is protected
according the principles of the Passport Privacy Policy, will
reasonably assume that sites
associated with Passport will offer the same protections, and share
personal information
they otherwise would not share.
72. The Microsoft Passport Privacy Policy unfairly and deceptively
leads consumers to
believe that websites participating in Passport will abide by the same
privacy practices as
Passport itself.
15 Id.
16 Microsoft Passport - Site Directory,
http://www.passport.com/Directory/Default.asp
17 http://www.us.buy.com/corp/privacy_policy_complete.asp
C 15
Harvesting of email addresses and Profiling of Users
73. The Passport service is intended to give Microsoft the ability to
send unsolicited
commercial email to Internet users and to profile their activities.
74. Microsoft obtains a user's email address and discloses that
personal information to
other Microsoft web sites whether or not the user intends to visit
those sites or if there is
any need for the address to be collected by those sites. According to
Microsoft:
Creating a Passport --- . . . Your email address is required to create
a
Passport and it will be shared with Microsoft and its web sites . . .
18
75. Microsoft retains the right to disclose email addresses obtained
by Passport to enable
unsolicited commercial email by web sites participating in the
Passport network:
If in the future Passport sends email on behalf of participating web
sites,
you will be able to follow instructions contained in the email to
choose
whether or not you'd like to receive additional email.19
76. There appears to be no means by which users currently can limit
the exchange of their
email addresses with the Microsoft Network and no limitations on the
unsolicited
commercial email that may result from the collection of email
addresses in this fashion.
77. Passport facilitates the profiling of Internet users by enabling
the collection of
personal information. According to Microsoft:
The site may store the profile and wallet information sent to it
during this
process in their database.20
78. These practices constitute unfair and deceptive trade practices.
18 Microsoft Passport: Privacy Statement,
http://www.passport.com/Consumer/PrivacyPolicy.asp?PPlcid=1033
19 Id.
20 Id.
C 16
Known Defects in Passport Design
79. Microsoft is aware of significant risks that users will have their
personal information,
including their credit card numbers, disclosed to others when the
Passport service is used
at a shared or public terminal, which could include a computer in a
library, community
center, workplace, or airport lounge. Microsoft advises:
You should always sign out of Passport when you are finished browsing
the web to ensure that others cannot access your Passport profile or
wallet.21
80. Microsoft is also aware of significant risks that users will
inadvertently disclose
personal information when they surf the web using the Passport
service.
It is important for you to read the privacy statement and terms of use
for
each site you visit to ensure you are comfortable with how they might
use
your personal information.22
81. Internet users are routinely unaware of web site privacy
statements. According to one
recent study, 41% of users report that they never or hardly ever read
privacy statements
online.
82. The failure to establish adequate security standards to ensue that
personal information
within the control of Microsoft, such as a credit card number, is not
inadvertently
disclosed to a third party is an unfair and deceptive trade practice.
Failure to Warn of Passport Security Flaws
83. Microsoft has a history of privacy and security failures that is
inconsistent with its
claim that "Any information provided to Microsoft remains secure and
private."23
84. For example, in August 1999, when Passport was combined with
Hotmail, a defect
was discovered in Hotmail that allowed "anyone to read the private
correspondence of
21 Id.
22 Id.
23 Id.
C 17
about 50 million subscribers."24 In February 1999, Microsoft was found
to be quietly
creating "a vast data base of personal information about computer
users."25 The online
privacy seal organization TRUSTe subsequently found that Microsoft had
compromised
"consumer trust and privacy." Defects in Microsoft's software are
routinely discovered
that allow intruders unauthorized access to files, most recently a
defect in Microsoft's IIS
Web server software that has allows the "Code Red" virus to compromise
an estimated
300,000 computers, including some of Microsoft's own servers.26
85. Microsoft's failure to disclose the actual risks associated with
the collection and use
of personal information in the Passport service constitutes an unfair
and deceptive trade
practice.
Leading Industry Experts Have Expressed Concern about the
Privacy Implication of Windows XP and the HailStorm Services
86. Walter S. Mossberg is a widely regarded commentator on the
computer industry who
writes a regular column for the Wall Street Journal. On July 5, 2001
("Microsoft Cracks
Down On Sharing Windows XP") Mr. Mossberg examined the product
activation
procedure for Windows XP and noted that:
Windows will keep monitoring your setup to check that it's still
running
on the same machine. If you make major hardware changes, the system
could disable Windows and force you to check in with Microsoft in the
mistaken belief the program has been transferred to another computer.
One journalist reported that his copy of Office XP suddenly went into
"reduced functionality mode" and insisted he activate again while he
was
using it on an airplane.
87. Mr. Mossberg concluded:
Microsoft has chosen a method of enforcing its policy that smacks of
an
invasion of privacy. The company says its database of PC
configurations
won't contain any personal information, and will be encrypted so that
24 Wired News at http://www.wired.com/news/news/business/story/21490.htm.
25 New York Times, March 3, 1999.
26 "'Code Red" Worm Rearing to Attack on Net," ZDNet News, July 21,
2001,
http://www.zdnet.com/zdnn/stories/news/0,4586,5094428,00.html.
C 18
nobody can misuse it. But Microsoft's bully-boy behavior in the
marketplace hardly inspires confidence that it won't somehow exploit
this
information.
88. Stewart Alsop is a widely regarded commentator on the computer
industry who writes
a regular column for Fortune Magazine. In an article for Fortune on
July 23, 2001
("Monopoly Has Just Begun Insidiously, incrementally, Microsoft is
getting more and
more of me. That has me worried.") Mr. Alsop examined the impact on
Windows XP on
consumer privacy. He found, for example, that when he tried to take
advantage of a new
consumer product, the "e-book," offered by a non-Microsoft company he
was required to
go through the Microsoft Passport registration procedure.
I decided to buy the e-book, but Microsoft forced me to register with
its
Passport service to activate Reader. The ostensible reason is that
Microsoft
keeps track of the digital rights to each copy of the book.
89. He had a similar experience when he attempted to download a new
software product.
Based on his experience with these two products, Mr. Alsop observed:
Microsoft is going to collect more and more information about what I
buy
and what I do. I don't really have a choice. It is very nearly
impossible to
use any computer without using Microsoft's software, and increasingly
that means that it is very nearly impossible to avoid handing over
your
personal information to the company.
And this situation is just going to get worse, because Microsoft does
have
a monopoly, and it is using that monopoly to aggressively expand its
dominance of computers--personal computers, office servers, handheld
computers, even set-top boxes--and its dominance of the Web and Web
services delivered through its Internet Explorer browser.
90. Mr. Alsop concludes:
This gets to the heart of why I'm really starting to worry. Microsoft
is
encroaching on the consumer side, increasingly using its position
between
us and every computer to make sure that it has the data to know who we
are and what we're buying.
C 19
91. Esther Dyson is a widely regarded computer industry expert and
chairman of
EDVenture Holding. Regarding the privacy implications of the practices
described
herein, Ms. Dyson said to the Industry Standard, a leading industry
magazine:
I don't want the government, or Microsoft, asking me for my ID.
I find it kind of amazing. You sit and think, ‘Can they actually do
this? Is it
believable?' One hopes not.
REQUEST FOR RELIEF
Wherefore, the Complainants request that the Commission:
A. Initiate an investigation into the information collection practices
of Microsoft
through Passport and associated services;
B. Order Microsoft to revise the XP registration procedures so that
purchasers of
Microsoft XP are clearly informed that they need not register for
Passport to
obtain access to the Internet;
C. Order Microsoft to block the sharing of personal information among
Microsoft
areas provided by a user under the Passport registration procedures
absent explicit
consent;
D. Order Microsoft to incorporate techniques for anonymity and
pseudo-anonymity
that would allow users of Windows XP to gain access to Microsoft web
sites
without disclosing their actual identity
E. Order Microsoft to incorporate techniques that would enable users
of Windows
XP to easily integrate services provided by non-Microsoft companies
for online
payment, electronic commerce, and other Internet-based commercial
activity; and
F. Provide such other relief as the Commission finds necessary to
redress injury to
consumers resulting from Microsoft's practices as described herein.
C 20
Respectfully Submitted,
Marc Rotenberg David L. Sobel
Executive Director General Counsel
ELECTRONIC PRIVACY INFORMATION CENTER
1718 Connecticut Ave., N.W.
Suite 200
Washington, DC 20009
(202) 483-1140
July 26, 2001
 
More trolling. Instead of posting a 2.5 year old complaint, you could have
posted FTC's response.

If you really did research the topic, you could post some links to hailstorm
technology, instead of your paranoid conspiracy theories.

Greg Hanson said:
www.epic.org/privacy/consumer/MS_complaint.pdf

Before the
Federal Trade Commission
Washington, DC
In the Matter of )
)
Microsoft Corporation. )
....
 
Back
Top