Dillinger
Guerrilla Ontologist
- Joined
- Sep 19, 2000
- Posts
- 26,152
http://www.spywareinfo.com/newsletter/archives/march-2003/10.php
Microsoft is spying on you .... and yes there is proof
People have been saying for years that Microsoft is spying on people using Windows. People have been spouting crazy sounding theories about how Microsoft knows what is on your computer, knows what movies you are watching, and is installing software over the internet without your knowledge. Those people are usually dismissed as kooks and paranoids, and are often challenged to "run a port sniffer and see for yourself". Well, it seems that a lot of people have a lot of crow to eat, because as it turns out, Microsoft really is spying on its users, and they've been caught at it red-handed.
German tech news portal tecchannel is reporting that when users of Windows XP use the Windows Update web site, it transmits a list of installed software and the hardware configuration of the machine to Microsoft. Using custom-built software which takes advantage of an undocumented function of the Windows API, tecchannel has logged the data being transmitted to Microsoft just before it is encrypted. Their testing also reveals that Microsoft can identify your machine uniquely if they chose to do so, and could even lock you out of the site altogether.
The first six pages of the article are free. This is a subscription web site, so the complete article is not available to non-subscribers, but you can buy the article in pdf format for $2. When you buy the article, they also send you the custom software they used to log this activity. Since there is absolutely no doubt that a future "update" from Microsoft will disable the undocumented API function used to gather this evidence, they provide no support for the software.
This shouldn't really be a surprise. As I said, people have been saying it for years, but there is always the naive majority who refuse to believe that these sorts of abuses happen until the hard evidence is rubbed in their face. Last year rumors circulated that Microsoft's Windows Media Player was spying on them by sending back information of the music they listened to and the movies they watched. As before, the uninformed refused to believe the rumors, ridiculing those making the suggestions rather than investigating for themselves.
An investigation by noted privacy advocate Richard Smith found proof that once again, the rumors were true.
http://www.computerbytesman.com/privacy/wmp8dvd.htm
Using a port sniffer, Smith found that each time a DVD movie is played on a computer which is online, Media Player 8, which ships with all copies of Windows XP, contacts a Microsoft web server to get title and chapter information for the DVD. In violation of Microsoft's stated privacy policy, the server was setting a cookie with a unique identification code that enabled Microsoft to track what DVDs were being played on that particular computer. Rather than acknowledge that they had violated the privacy of their users, Microsoft merely shrugged and said "oops" before updating their privacy policy to include the behavior that they had been caught engaging in.
This wasn't the first time Microsoft has been caught lying in its privacy policy. Last year, an FTC investigation concluded that Microsoft made false promises about how secure it kept the consumer information it collected. The Director of the Bureau of Consumer Protection at the FTC, Howard Beales, said that Microsoft had been collecting information about the day and time consumers logged into participating Passport Web sites without their knowledge, and storing data for longer than it claimed.
It wasn't the first time it's happened, and it won't be the last time it happens. I am sure that the next time someone tries to warn people that Microsoft is doing something wrong, the same people who blindly refuse to listen will again display their ignorance with taunts and insults. History is full of examples of people reacting to theories that disagree with their own beliefs by ridiculing those who come up with them. In the end, no one looks more foolish than those who use childish insults as a substitute for intelligent argument. Keep that in mind the next time someone warns about privacy being invaded.
Microsoft is spying on you .... and yes there is proof
People have been saying for years that Microsoft is spying on people using Windows. People have been spouting crazy sounding theories about how Microsoft knows what is on your computer, knows what movies you are watching, and is installing software over the internet without your knowledge. Those people are usually dismissed as kooks and paranoids, and are often challenged to "run a port sniffer and see for yourself". Well, it seems that a lot of people have a lot of crow to eat, because as it turns out, Microsoft really is spying on its users, and they've been caught at it red-handed.
German tech news portal tecchannel is reporting that when users of Windows XP use the Windows Update web site, it transmits a list of installed software and the hardware configuration of the machine to Microsoft. Using custom-built software which takes advantage of an undocumented function of the Windows API, tecchannel has logged the data being transmitted to Microsoft just before it is encrypted. Their testing also reveals that Microsoft can identify your machine uniquely if they chose to do so, and could even lock you out of the site altogether.
The first six pages of the article are free. This is a subscription web site, so the complete article is not available to non-subscribers, but you can buy the article in pdf format for $2. When you buy the article, they also send you the custom software they used to log this activity. Since there is absolutely no doubt that a future "update" from Microsoft will disable the undocumented API function used to gather this evidence, they provide no support for the software.
This shouldn't really be a surprise. As I said, people have been saying it for years, but there is always the naive majority who refuse to believe that these sorts of abuses happen until the hard evidence is rubbed in their face. Last year rumors circulated that Microsoft's Windows Media Player was spying on them by sending back information of the music they listened to and the movies they watched. As before, the uninformed refused to believe the rumors, ridiculing those making the suggestions rather than investigating for themselves.
An investigation by noted privacy advocate Richard Smith found proof that once again, the rumors were true.
http://www.computerbytesman.com/privacy/wmp8dvd.htm
Using a port sniffer, Smith found that each time a DVD movie is played on a computer which is online, Media Player 8, which ships with all copies of Windows XP, contacts a Microsoft web server to get title and chapter information for the DVD. In violation of Microsoft's stated privacy policy, the server was setting a cookie with a unique identification code that enabled Microsoft to track what DVDs were being played on that particular computer. Rather than acknowledge that they had violated the privacy of their users, Microsoft merely shrugged and said "oops" before updating their privacy policy to include the behavior that they had been caught engaging in.
This wasn't the first time Microsoft has been caught lying in its privacy policy. Last year, an FTC investigation concluded that Microsoft made false promises about how secure it kept the consumer information it collected. The Director of the Bureau of Consumer Protection at the FTC, Howard Beales, said that Microsoft had been collecting information about the day and time consumers logged into participating Passport Web sites without their knowledge, and storing data for longer than it claimed.
It wasn't the first time it's happened, and it won't be the last time it happens. I am sure that the next time someone tries to warn people that Microsoft is doing something wrong, the same people who blindly refuse to listen will again display their ignorance with taunts and insults. History is full of examples of people reacting to theories that disagree with their own beliefs by ridiculing those who come up with them. In the end, no one looks more foolish than those who use childish insults as a substitute for intelligent argument. Keep that in mind the next time someone warns about privacy being invaded.
