Hailstorm, two years later

In 2001, Microsoft introduced a solution to a non-problem with its Passport authentication service in a push to be at the center of every Internet transaction. They dubbed the plan Hailstorm and drew a swift reaction from rivals and even potential partners. Suddenly, having an Online ID and Single Sign-On strategy became a top priority across the industry. The fear of Microsoft holding the keys (literally) was enough to drive some large players to form an alliance called Liberty to seek an alternative.

By the end of 2001, Microsft was backpedldling, performing damage control on the PR front. First, they renamed Hailstorm MyServices to soften it. But, they could not fend off the backlash, and by April 2002, the New York times was reporting that Microsoft had shelved the ambitious Hailstorm initiative, publically at least.

At that time, I believed Microsoft had not actually changed plans, but had simply gone into stealth mode about it. In July 2002, this Infoworld article agreed, reporting that “CONTRARY TO REPORTS that Microsoft has abandoned its HailStorm technology, company officials have revealed plans to embed components of the XML schema and data-access technology throughout its .Net application, server, and client stack.” Microsoft VP Gordon Mangione told InfoWorld “Are we calling it HailStorm going forward? No. We’re calling it Web services and .Net.”

At this point, most the world has forgotten about Hailstorm and the Online ID and Single Sign-On. The so-called problem, is once again, a non-issue. People were never demanding a single sign-on in the first place. Microsoft made it a big deal, not users. Meanwhile, Microsoft continues to permeate the universe with Passport ID’s, without generating much stir in the industry. Many of the company’s latest products such as IE, Office, and Windows XP, deluge users with warnings imploring them to sign up for a .NET Passport. Below is a rundown (from thetechzone.com) of products requiring a .NET Passport:

1. To send and receive email through a HotMail account, you need a .NET Passport.
2. Windows Messenger, the Instant Messaging option in Windows XP, requires a .NET Passport.
3. MSN Messenger (the version of Messenger for users of other versions of Windows) requires Passport.
4,. Want to listen to MSN Radio? The “Soundlike” feature requires a .NET Passport.
5. Planning to watch movies at Windows Media.com? – Watching some movies requires a Passport.
6. To send a message to a human through Microsoft’s Knowledge Base support option, you have to sign up for a Passport account.
7. The new Windows Online Crash Analysis page requires Passport.
8. To read eBooks with Microsoft Reader 2.0, you’ll need a Passport — and you need to “activate” your installation of the software.
9. Language translations with the Microsoft Office “eService” called iTranslator require Passport.
10. Windows Messenger is being refashioned to work with Microsoft Exchange 2000 Server as the authentication server. You guessed it. Passport again.

Given Microsoft’s history, it should come as no suprise that a year-long FTC investigation found, among other things, that Microsoft made many false claims about its security practices, violated its published privacy policies, and falsely represented that the ‘The Kids Passport’ program allowed parents control over what information could be collected about their children. Unfortunately, the FTC settled, giving Microsoft only a slap on the wrist, as usual.

In a separate agreement earlier this year, Microsoft promised to make ‘substantial’ changes to .NET and Passport to pacify EU Regulators. Well, that certainly inspires confidence: a ‘promise’ from Microsoft.

So now, here we are, mid-2003, and it is already nearly impossible to avoid having a Passport account, almost impossible to avoid providing Microsoft with your personal information in order to use the software and services we are essentially forced to use as a result of the company’s monopoly position. Hailstorm dead, indeed.

With the FTC, DOJ, EU, and other authorities playing the role of lackey, Microsoft is left to abuse our data and our privacy, as they see fit. Microsoft has already revealed through a number of separate investigations they have absolutely no reservations about doing so.

It is, simply, outrageous.

In separate news, last November (2002), Wired reported that a certain large Microsoft customer database was for a time accidentally available to the public to download.