Microsoft Self-Exposed

Brad Smith is Microsoft President. The book Tools and Weapons: The Promise and the Peril of the Digital Age, by Brad Smith (Author), Carol Ann Browne (Author), Bill Gates (Foreword) has been released few days ago. It reveals the mentality of Microsoft and, to some extent, of Google, Facebook, and Twitter.

  1. The self styled Masters of the Universe do NOT recognize, do NOT accept, and will NOT accept American sovereignty.
  2. Microsoft believes in “Russian interference” in the 2016 elections, but wants to continue to do business with the Russian government, so it is deliberately vague about what the word Russian means.

Few quotes and remarks (emphasis is added; pages are according to Kindle Edition):

Ten days earlier, on the Friday before the 2016 Democratic National Convention, WikiLeaks had released emails stolen by Russian hackers from the Democratic National Committee, or DNC. It became a major news story throughout the week of the convention. As the week progressed, our threat intelligence center, MSTIC, identified a new and separate hacking attempt by Strontium—our name for a Russian hacking group also known as Fancy Bear and APT28. Tom’s team wanted to launch a legal assault that coming Tuesday to disrupt Strontium. The FBI and intelligence community had connected Strontium with the GRU, Russia’s military intelligence agency. (p. 78).

The authors aren’t bothered by the facts:

  • the DNC emails were released by insiders, including Seth Rich, not by “Russian hackers”

  • that  “Fancy Bear” and “APT28” were described completely differently by their inventors, FireEye and CrowdStrike

  • the putative attribution was based on misinformation from the DNC contractors CrowdStrike and Fusion GPS, and then became circular: the FBI and CIA quoting private companies, while the private companies quoting the “intelligence community”.

MOTU think they own the facts.

We followed Strontium as it hacked its way around the world. Remarkably, the trail led to targets in more than ninety countries, with the highest amounts of activity in central and eastern Europe, Iraq, Israel, and South Korea. (p. 81)

Here, the authors should have asked themselves – would Russian intelligence use the same intelligence unit to work against the US and against fourth tier countries? No, it wouldn’t. This is a contradiction, so the entire premise is wrong.

We wrestled with the “Russian problem” internally. If we publicly discussed the Russian government’s connection to hacking, we worried it would retaliate against our business interests and employees there. We tried to reassure our private- and public-sector customers in Russia that our concerns with their government didn’t mean that we would turn our backs on them or their country. After all, we had sued our own government five times, under Obama and Trump. We had not minced words with the Trump administration when it came to immigration issues. (pp. 82-83).

Here, Microsoft’s President seemingly admits that Microsoft has sued the United States to “re-assure” the Russian government. Microsoft has apparently arrived at a set of compromises to maintain its relationships with the Russian government, but to support the Russian election interference hoax. First, not to say Russian government, but Russian, the word which can be interpreted in multiple ways, including Russian speakers or Russia-born Americans. Second, to attack Trump administration.

Russia’s message to Microsoft reflected the bind that many American tech firms now confront. On the one hand, US politicians understandably push us to take strong stances against foreign hacking. But on the other, these steps lead to foreign pressure on the companies themselves. (p. 86)

American tech firms must ignore foreign pressure to do or to refrain from doing something in the US, per 18 U.S.C. 951.

We also encountered pushback from people who objected to the notion that international companies would protect civilians on a global basis rather than help their home government attack other nations. As one Trump adviser challenged me on a trip to Washington, DC, “As an American company, why won’t you agree to help the US government spy on people in other countries?” (p. 115).

Microsoft, Facebook, FireEye and other private companies signed a Cybersecurity Tech Accord, in which they promised not to “help governments launch cyberattacks against innocent citizens and enterprises” (practically, meaning not to help the US government). Microsoft includes intelligence gathering in its definition of a cyber attack.