Microsoft denies connections with Xinjiang surveillance in China - but "it's complicated"

<div _ngcontent-c14 = "" innerhtml = "

Getty

When an ethical hacker reported the SenseNets data breach, illuminate technologies including facial recognition used to track Xinjiang Muslims in real time, followed an online debate over whether Microsoft "collaborated" with SenseNets and if they knew about the inclusion of their technology in the dystopian surveillance program that attracted international condemnation for the subjugation of the Muslim population uigura of Xinjiang province.

The breach by the Shenzhen facial recognition company exposed a database of over 2.5 million records: names and addresses; Card numbers of identity; date of birth; passport photographs; details of the employer; and, alarmingly, 6.5 million records of GPS positions passed by such individuals in the previous 24 hours.

Microsoft has a complicated relationship with facial recognition. At the World Economic Forum in Davos this year, CEO Satya Nadella said it "One of the things I hear today is, on the market, there is competition; there is no discrimination between correct use and the wrong use of facial recognition."

And nowhere is that lack of discrimination between right and wrong more of a problem than in Xinjiang.

Victor Gevers, the hacker responsible for publishing the violation, tweeted at the time of the SenseNets infringement, "tthe company is also known as Microsoft he was a valued partner who turned more than once to the SenseNets engineers' (technical) / (mal) practices. From pirated versions of Windows servers to Azure cognitive services offerings for Face (recognition). "

A complicated relationship?

SenseNets has for some time openly listed Microsoft as a partner on their website, and yesterday on New Statesman & # 39; s NSTech Web site revisited the claims linking Microsoft and SenseNets, initially saying "tThe US software giant declined the opportunity to deny the existence of an alleged partnership with SenseNets, in light of the claims made on the website of the Shenzhen company, before NS Tech published this story. "

This was later revised to include a denial: "A Since then, the Microsoft spokesman has stated that he is not involved in a partnership with the company and that SenseNets has used the company logo on its website without his permission. "We asked for it to be removed," the spokesman added.

But by putting the supposed partnership on one side, the most targeted online debate is about the use by Microsoft's proprietary developers of GitHub's SenseNets and the alleged use of Azure Cognitive Services. And in particular the removal of an API key for Azure Cognitive Services from the GitHub archive.

Gevers explained on Twitter That aAfter SenseNets, the API key for cognitive services suddenly disappeared from GitHub. But other sensitive materials have still been leaked by developers through their personal repositories such as e-mail credentials, databases, SSH and Gitlab, where the lost API key was found … Right now it's not clear if Microsoft Azure services Cognitive are still in use. The developers of SenseNets haven't learned much from the previous incident and continue to push the new code and credentials to GitHub for their new & # 39; Face device management system & # 39; "

When I asked Microsoft about the alleged SenseNets partnership, the use of Azure Cognitive Services by SenseNets or the removal of the API from GitHub, they confirmed that they are not "involved in a partnership with SenseNets", adding that "we" have researched all of our partnerships over the past five years and have no evidence that Microsoft has a partnership with SenseNets. We did a thorough examination. SenseNets and its parent company are not customers of our Azure services including those related to facial recognition, and we have no evidence that they have purchased our products or services in the last five years. "

As a result, the apparent use of Azure and its cognitive services from the SenseNets program remains unexplained.

Right from the wrong

I interviewed Victor Gevers this week, following the news of a further data breach in China. He sees SenseNets as a turning point to expose the information gathered in the surveillance state of China, and this has given him a personal dilemma. "We don't want to be informants – we want to fix things, not to embarrass people," he told me. "In the last month, we found many databases showing the implementation of mass surveillance, using an extended technology that is designed exclusively for monitoring."

As for SenseNets, he explained that "wWe reported about the system, we found it very remarkable, not knowing exactly what it was used for. I posted a tweet, saying this is the system we found, it's mass surveillance, it's bad, it's out there. Then, after a while, some journalists asked if we had ever checked the GPS positions in the database because this could be a very bad thing … I reached and asked, "Can you help me with this?" And a journalist checked the information and said it's not good, it can't be covered, it's necessary to list it publicly. Here's how the ball started spinning ".

A focus on ethics

The questionable ethics around the surveillance state of China, especially where Xinjiang is concerned, is becoming more understandable as more data abuse has reached the headlines. This week, a spokesman for the US State Department called Xinjiang a "great shame on humanity" and stated that "we are committed to promoting the assumption of responsibility for those who commit such violations".

More generally, there is a complicated relationship between the major Western technology companies and the vast Chinese market – including the decline in smartphone sales this year, the debate on whether or not to customize search engines and the tolerance of pirated software. There is now also the background of ongoing trade negotiations with the United States and the extent to which China's surveillance ethics will come into play, a key factor for bans on Hikvision and Huawei.

But, with regards to ethics, perhaps this should be clear. "If we find things that are not good or that have a questionable ethics," Gevers told me, "then we are experimenting to see if we can share them on social media." Ultimately, where the state of China's surveillance is now under discussion, few Western companies are likely to want some public association to come to light. And so perhaps this becomes good news for social media to balance all the evil.

">

When an ethical hacker reported the SenseNets data breach, illuminate technologies including facial recognition used to track Xinjiang Muslims in real time, followed an online debate over whether Microsoft "collaborated" with SenseNets and if they knew about the inclusion of their technology in the dystopian surveillance program that attracted international condemnation for the subjugation of the Muslim population uigura of Xinjiang province.

The breach by the Shenzhen facial recognition company exposed a database of over 2.5 million records: names and addresses; Card numbers of identity; date of birth; passport photographs; details of the employer; and, alarmingly, 6.5 million records of GPS positions passed by such individuals in the previous 24 hours.

Microsoft has a complicated relationship with facial recognition. At the World Economic Forum in Davos this year, CEO Satya Nadella said it "One of the things I hear today is, on the market, there is competition; there is no discrimination between correct use and the wrong use of facial recognition."

And nowhere is that lack of discrimination between right and wrong more of a problem than in Xinjiang.

Victor Gevers, the hacker responsible for publishing the violation, tweeted at the time of the SenseNets infringement, "tthe company is also known as Microsoft he was a valued partner who turned more than once to the SenseNets engineers' (technical) / (mal) practices. From pirated versions of Windows servers to Azure cognitive services offerings for Face (recognition). "

A complicated relationship?

SenseNets has for some time openly listed Microsoft as a partner on their website, and yesterday on New Statesman & # 39; s NSTech Web site revisited the claims linking Microsoft and SenseNets, initially saying "tThe US software giant declined the opportunity to deny the existence of an alleged partnership with SenseNets, in light of the claims made on the website of the Shenzhen company, before NS Tech published this story. "

This was later revised to include a denial: "A Since then, the Microsoft spokesman has stated that he is not involved in a partnership with the company and that SenseNets has used the company logo on its website without his permission. "We asked for it to be removed," the spokesman added.

But by putting the supposed partnership on one side, the most targeted online debate is about the use by Microsoft's proprietary developers of GitHub's SenseNets and the alleged use of Azure Cognitive Services. And in particular the removal of an API key for Azure Cognitive Services from the GitHub archive.

Gevers explained on Twitter That aAfter SenseNets, the API key for cognitive services suddenly disappeared from GitHub. But other sensitive materials have still been leaked by developers through their personal repositories such as e-mail credentials, databases, SSH and Gitlab, where the lost API key was found … Right now it's not clear if Microsoft Azure services Cognitive are still in use. The developers of SenseNets haven't learned much from the previous incident and continue to push the new code and credentials to GitHub for their new & # 39; Face device management system & # 39; "

When I asked Microsoft about the alleged SenseNets partnership, the use of Azure Cognitive Services by SenseNets or the removal of the API from GitHub, they confirmed that they are not "involved in a partnership with SenseNets", adding that "we" have researched all of our partnerships over the past five years and have no evidence that Microsoft has a partnership with SenseNets. We did a thorough examination. SenseNets and its parent company are not customers of our Azure services including those related to facial recognition, and we have no evidence that they have purchased our products or services in the last five years. "

As a result, the apparent use of Azure and its cognitive services from the SenseNets program remains unexplained.

Right from the wrong

I interviewed Victor Gevers this week, following the news of a further data breach in China. He sees SenseNets as a turning point to expose the information gathered in the surveillance state of China, and this has given him a personal dilemma. "We don't want to be informants – we want to fix things, not to embarrass people," he told me. "In the last month, we found many databases showing the implementation of mass surveillance, using an extended technology that is designed exclusively for monitoring."

As for SenseNets, he explained that "wWe reported about the system, we found it very remarkable, not knowing exactly what it was used for. I posted a tweet, saying this is the system we found, it's mass surveillance, it's bad, it's out there. Then, after a while, some journalists asked if we had ever checked the GPS positions in the database because this could be a very bad thing … I reached and asked, "Can you help me with this?" And a journalist checked the information and said it's not good, it can't be covered, it's necessary to list it publicly. Here's how the ball started spinning ".

A focus on ethics

The questionable ethics around the surveillance state of China, especially where Xinjiang is concerned, is becoming more understandable as more data abuse has reached the headlines. This week, a spokesman for the US State Department called Xinjiang a "great shame on humanity" and stated that "we are committed to promoting the assumption of responsibility for those who commit such violations".

More generally, there is a complicated relationship between the major Western technology companies and the vast Chinese market – including the decline in smartphone sales this year, the debate on whether or not to customize search engines and the tolerance of pirated software. There is now also the background of ongoing trade negotiations with the United States and the extent to which China's surveillance ethics will come into play, a key factor for bans on Hikvision and Huawei.

But, with regards to ethics, perhaps this should be clear. "If we find things that are not good or that have a questionable ethics," Gevers told me, "then we are experimenting to see if we can share them on social media." Ultimately, where the state of China's surveillance is now under discussion, few Western companies are likely to want some public association to come to light. And so perhaps this becomes good news for social media to balance all the evil.

Leave a comment