Microsoft Security ‘Blocks Free Software Foundation Donations’

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Oops! Microsoft product labels the Free Software Foundation’s donation page as a gambling site

Microsoft’s security products have blocked the donation page of the Free Software Foundation, believing it to be a gambling site, according to the FSF.

The body said the error had meant many could not make donations, but claimed there were wider repercussions for businesses running Microsoft network security kit – arguing that such an error illustrated the inaderquacy of proprietary security software compared to open source competitors.

“If Microsoft’s ‘reputation’ database can’t tell the difference between a gambling site and an independently audited registered nonprofit public-interest charity founded almost 30 years ago, it is certainly doing you and your business more harm than good,” read a post from John Sullivan, executive director of the FSF.

All security bets are off

It is believed the Microsoft Threat Management Gateway was the offending product, as noted by a Reddit user who was attempting to make a donation to FSF. At the time of publication, Microsoft was still classing the donate.fsf.org page as a gambling service, according to the Redmond giant’s Reputation Services feedback and error tool.

This would mean that any business running the Threat Management Gateway – essentially a firewall product that separates sites into categories to let IT teams filter them – could have had access to the page blocked.

Sullivan has now submitted a request to Microsoft to remove the ‘gambling’ label and place the site in the “Non-Profit/Advocacy/NGO” category.

“We will avoid attributing this error to malice just yet and wait for their correction,” Sullivan said, adding that he expected Microsoft to make the change.

However, he urged people not to use proprietary network security kit from Microsoft, or any other vendors.

“We strongly suggest you avoid using proprietary ‘network security’ software from Microsoft. If you need to provide evidence to someone else to illustrate why using such software is a bad idea, feel free to use us as an example,” Sullivan added.

“If your workplace uses the software currently, please point to this post and ask them to drop it. Proprietary security software is an oxymoron – if the user is not fundamentally in control of the software, the user has no security.”

Microsoft had not responded to a request for comment at the time of publication.

Are you a security guru? Try our quiz!