Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to La Luna
Re: Microsoft WGA phones home even when told not to
said by La Luna  :Problem being, MS could never prove otherwise to your satisfaction. You've already got it in your head that MS MUST be secretly using "something that bypasses firewalls and software....", no doubt about it, and nothing will change your mind. If you can't understand the simple concept of why they want basic, non personally identifying information about WU install successes and failures, it's a lost cause for anything beyond that. You are talking about WU. I am talking about something entirely different. I can understand that they say they need information on those who use WU/MU. But I don't use those. I download individual patches from MS download site. I install them sometimes. Sometimes I never install them. I don't download all monthly patches on the same day either. In fact, I have just about stopped doing any patching except some critical ones. I'm tired of having to call MS about a patch problem. Or having to uninstall the one I just installed.
I wasn't asking about Microsoft saying they need information on those downloading from WU so they can improve WU site. I also was not asking about some NON PERSONALLY IDENTIFYING information being transmitted to Microsoft from the installer. I was asking about Microsoft placing something in the installer to let it know who is avoiding WU, etc. I don't care if MS collects non personal indentifying information but I think the day that would happen would be the day MS goes out of business. Of course, any information identifies you. MS admits that! They just say that they delete it and you believe them...just like Google mail and Google itself will never turn on the users..yeah..uhhuh. What I am interested in knowing though is whether or not MS is bypassing firewalls and software like ProcessGuard and transmitting information from the installer without the knowledge or consent of the user. Microsoft certainly would never fess up to that if true. So, what does it matter whether I would or wouldn't believe Microsoft?
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
|
PeeWee
Premium
join:2001-10-21
Clovis, CA
clubs:
 ·Pacific Bell - SBC
 ·Comcast
1 edit | reply to MarkAW
I did not put words in your mouth. (Note the quote)
"Yeah but Microsoft is not a law enforcement agency."
You should also notice the question mark and notice that my statement was a question. It appears you would rather act offended in an effort to shut me up rather than clarify your statement.
The implication being that as applies to law enforcement it would be acceptable.
Could you have meant something else?
If you're that thin skinned, I am sorry you got offended.
But I do not accept that if that is the case I should not take note of what you are saying.
--
Nemo me impune lacessit.
[No one provokes me with impunity]
-- Motto of the Crown of Scotland |
|
alfee
join:2006-05-12
Toledo, OH
| reply to Doctor Four
If you have a router it probably has logging capabilities. Just use that to see if any MS security patches "phone home". You can also use utilities like WallWatcher or LinkLogger to keep an eye on your router logs.
I get my updates manually and log my traffic. I have never seen a MS security patch call the mothership yet. |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
·Bell Sympatico
·Cogeco Cable
2 edits | reply to PeeWee
"So your okay with that and complain about computer hardware information being shared with microsoft?"
To answer your question no i do not think that is okay. I was trying to say that Microsoft is not a law enforcement agency to be collecting info on people who use legit licenced software. If i was using an illegal OS then i could understand the reason they want me download and install WGA every month, but as i have said before they know and i know i am using a legit OS.
--
Whenever you are asked if you can do a job, tell 'em, "Certainly I can!" Then get busy and find out how to do it. - Theodore Roosevelt (1859-1919) |
|
PeeWee
Premium
join:2001-10-21
Clovis, CA
clubs:
·Pacific Bell - SBC
·Comcast
| said by MarkAW :"So your okay with that and complain about computer hardware information being shared with microsoft?" To answer your question no i do not think that is okay. I was trying to say that Microsoft is not a law enforcement agency to be collecting info on people who use legit licenced software. If i was using an illegal OS then i could understand the reason they want me download and install WGA every month, but as i have said before they know and i know i am using a legit OS.
More of a right than a Law Enforcement Agency should have in the case of your personally owned auto. Yet we seem to get more offended with Microsoft and the position they hold with a License agreement and their actions in the protection of their own rights, rights you agreed to when you purchased a license. I do agree though that they are a little short sighted in not pursuing a PR campaign in an attempt to gain acceptance of tactics. The revenue they are attempting to recover would make a great difference in the cost we all share.
--
Nemo me impune lacessit. [No one provokes me with impunity] -- Motto of the Crown of Scotland |
|
msare
@ntli.net | So MS use my connection without my express permission, the connection I pay for, taking and using something without permission....
THEFT and PIRACY......... |
|
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
| reply to Doctor Four
The behavior that this thread started out being about, namely WGA installations "phoning home" even if aborted, rightly offends people because it betrays reasonable expectations. And before the Microsoft fans start braying about licence terms and such, yes I'm sure Microsoft has granted itself permission to do that and much more, somewhere in its morass of one-sided, non-negotiable fine print. That does not reduce the sleaze factor.
On the followup story, that MS grabs similar datasets on every transaction in MS Update, upon reflection I think this should not surprise anyone, and does not violate reasonable expectations. If you use that service you're giving Microsoft's Active X controls plenary power over your computer. I choose not to do that, but millions don't mind and that's fine.
On the question that mele and i wondered about, whether the standalone patch installers do anything sneaky, there were some clues in the slashdot thread - reports of firewalls flagging phone-home attemts (as well as other interesting information).
To pursue it further one would have to set up a second pc with packet capture and analysis. I plan to do that sometime when I have time, because I've become increasingly curious about this sort of thing, and whenever there's a discussion like this no one has a first-hand report. Unfortunately it won't happen in time for this thread.
Finally, i will try the low-budget version relying on router logs tonight. My router has a checkbox in the log config to log "All incoming and outgoing traffic", so i'll shut down all known network-using programs, turn on this router feature, install a few MS patches and see what happens. I have a backlog of not-yet-installed patches in the security series (msyy-nnn, year and serial number), so I'll select some that look harmless and try it and post here again. |
|
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
| Tried the above-described experiment.
System: P4 tower, Windows XP Pro SP1, no unusual hardware or software
Services:
Automatic and started: Event Log; Plug and Play; Print Spooler; Remote Procedure Call (RPC); Server; TrueVector Internet Monitor [= Zone Alarm]; Windows Audio; Windows Management Instrumentation; Workstation; ;
Manual and started: Network Connections; Network Location Awareness (NLA)
All others manual or disabled, and not running.
Running tasks: see image (if anyone can tell me how to get text above an image, please pm)
Zone Alarm settings: Nothing is allowed internet access without asking permission.
Patches selected for this experiment (all are version for XP SP1):
ms06-024, for Windows Media Player 10
ms06-042, cumulative update for IE6 SP1
ms06-055, VML fix, rev. 2006.10
ms06-061, XML fix
ms06-063, server service fix, revised
Procedure:
1. gather info and installers; logged on as admin
2. clear router log
3. shut down all network-accessing programs on all computers on lan, except browser to access router config
3. set router to log all traffic in & outbound; then close browser
5. install all 5 selected patches (opting for "do not restart now" when prompted for reboot)
6. reboot the XP; log on as administrator again and wait for userinit.exe to finish
7. check firewall log in router
Results:
* Zone Alarm did not alert on anything.
* log:
Fri, 2007-03-09 05:25:16 - UDP packet - Source:204.16.211.8,57052,WAN - Destination:[wan ip],1026,LAN [Drop] - [Inbound Default rule match]
Fri, 2007-03-09 05:25:16 - UDP packet - Source:204.16.211.8,57052,WAN - Destination:[wan ip],1027,LAN [Drop] - [Inbound Default rule match]
Fri, 2007-03-09 05:26:37 - UDP packet - Source:60.11.125.52,45190,WAN - Destination:[wan ip],1027,LAN [Drop] - [Inbound Default rule match]
Just the usual messenger spam.
Of course this does not rule out anything that may happen with other patches or on other configurations, etc. |
|
Razzy
join:2002-10-29 | reply to SUMware
Yeah ok whatever,
Problem is there isn't any.
Why do people like to post nonsense? |
|
fatness
subtle
Janitor
join:2000-11-17
fishing
·EarthLink
Host:
Earthlink DSL
TekSavvy
Forum Feature Requ..
Need Site Help?
Rants, Raves, and ..
| reply to fatness
»blogs.msdn.com/wga/archive/2007/···try.aspx
quote:
here an example of the actual XML that is returned when a user cancels an installation. We’ve also added a data type and detailed description of each field. This XML schema is common to a number of products so some fields are not used in this case.
--
Sure, that'll work.. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Doctor Four
said by Doctor Four :According to someone who posted this at Slashdot, quote:
"When you start WGA setup and get to the license agreement
page but decided NOT to install the highly controversial
WGA component and cancel the installation, the setup
program will send information stored in your registry and
the fact that you choose not to install WGA back to
Microsoft's servers."
» yro.slashdot.org/yro/07/03/07/162203.shtmlI knew there was a good reason for my refusing the download of this. It appears to send some kind of unique ID to Microsoft. Of corse it sends a unique id thats pretty obviously how it works. The id is your cd key or a hash of hardware and cd key similar to activation. Not like they can tell that the id belongs to doctor four and not novaflare.
--
Evil does exist and it has a face to often that face is one that should look on their child with love in their eyes.
Instead only hate exists in those eyes. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Doctor Four
said by Doctor Four :According to one of the replies on the latest Microsoft phones home topic on Slashdot, it would be nearly impossible to use Windows Update without some information being sent back to Microsoft. And another reply states that only in the case of pirated software is the information retained. It is otherwise deleted. This is beginning to sound more and more like a case of FUD from Heise Online. Na we could go back to early win 95 meathods. Downloading each individually grab them all and hope to god that one does not break functinality under a given set of conditions.
When windows update sends information to the server and gathers a list of updates any that are known to break somethign on your computer some application for example then it is left out. With out this information you get them all and to hell with it if it busts your favorite cant live with out application.
As drm fault said "Any customer service my supplier of a $140 piece of software wants to provide to me would be most welcome. So, they collect the serial number of the hard drive and your license key ? Oh my god, damn !"
On the surface it would seem that there no need for the hd serial number aka volume serial number. But think about this little what if.
Lets say your maxtor hd has a recall notice and they share this information with ms and this recall notice effects a given set of serial numbers between x and y. Now ms could update wga so that when you use it wga pops up a alert box.
"Alert maxtor has isued a recall notice for your hard drive do to spontaneous failures resulting in loss of data. Click this link to find out more."
Sure they could limit wga to only model number but failures in hardware can happen only in a small number of a given model ibm deskstore any one? or how about the dell laptop batteries that were exploading that only effect about 10k of the batteries out at the time out of a total 100k. In dells cases they followed a better safe than sorry approach and isued a recall for all laptops useing the battery model.
Point is wga doesnt do this yet but it could be made to do so or hell may already have those abilities and just never been used yet do to no recalls on hard drives.
Of all the parts that can blow up on a computer hds are number 1 on the list secound only to maybe powersupplies.
Can and does ms use the serial number to make sure your not installing xp on a dozen comps sure they can and probabbly do. I bet theres a specific tolerance that is built in to wga to prevent false possitives when it comes to faziling a install. Maybe 3 maybe 10 who knows. Sure would be a handy way to spot pirated installs from computer retailers cloneing images including keys to dozens of hds.
When it comes to pirated software we all know full well that pirates have in the past coded in trojans keyloggers proxies full blown ftp servers irc bots for botnets etc all right in to their cracks they pre apply to the pirated software. Totaly undetectable in most cases unless you tend to watch data packets.
Its hard to tell how many pirated copies of xp and other ms oses are acting like a terorist sleeper cell just waiting to be woke up to launch a attack agaisnt a web site or server. We have seen this with many a email worm and other worm types so why now build that in to a pirated os?
--
Evil does exist and it has a face to often that face is one that should look on their child with love in their eyes.
Instead only hate exists in those eyes. |
|
FiL
Premium
join:2005-08-16
Silver Spring, MD
| reply to trickyrick
"As for MS doing something with out your consent, Remember you don't own the software your only licensing it. I would more compare it to a rental car, and I believe they can get in to your car if they have cause with out your consent."
Thus proving your not a lawyer and you can't read. |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
| reply to Doctor Four
Windows Genuine Advantage Problems and Solutions
»www.pchell.com/support/windowsge···ge.shtml
Since the above site will tell you how to fix it..if the process for you is broken..it also contains info on what any one can to to not even make it happen  And it still surprise me that all the privacy hawks do not have in place those "tricks" to not even let "Microsoft WGA phones home even when told not to" because without them set up..they are vulnerable at every site they visit for more then just an in your face WGA.
I do accept the WGA..but I do it on my own terms. 
Next time you put your bank or credit card in an atm and decide to cancel the process..ask yourself if they already read your card. 
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/ |
|
AB
Premium
join:2006-04-04
Leesburg, VA
1 edit | reply to swhx7
said by swhx7 :Tried the above-described experiment. System: P4 tower, Windows XP Pro SP1, no unusual hardware or software . . . . Ah! But the experiment has been invalidated through the use of the "Waldo's Flypaper" theorem (the opposite of "Occam's Razor"), which states that you don't have SP2 installed, which, as recently as 2004, many people were calling the Devil Himself:
»Re: Vista Bitches and complaints.
BTW, has it ever occurred to anyone that the letters of "Service Pack Two" can be easily rearranged to spell "Vice Pact Workes"? As well as "Swear to Veicck"?
"Dark Lord", "Beelzebub", "Satan", "Veicck"-- He goes by many names . . . .
*Edit- Clarification |
|
OZO
Premium
join:2003-01-17
| reply to swhx7
said by swhx7 :Running tasks: see image (if anyone can tell me how to get text above an image, please pm) Run: tasklist
--
Keep it simple, it'll become complex by itself... |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Razzy
said by Razzy :Yeah ok whatever, Problem is there isn't any. Why do people like to post nonsense? You shouldn't post nonsense either. QUOTE the person you are replying to please. Your comment makes no sense until I scroll way, way back up (not one or two posts but way up) and finally find SUMware' comment. Even after I did that, your reply doesn't make much sense.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"
»www.msfirefox.com/ |
|
dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
 ·Verizon FIOS
| reply to novaflare
Lets say your maxtor hd has a recall notice and they share this information with ms and this recall notice effects a given set of serial numbers between x and y. Now ms could update wga so that when you use it wga pops up a alert box. Yes, they could. But Microsoft has never given any indication whatsoever that it wants to be in the business of disseminating 'recall' information for the world's hardware vendors. Thus, this is pure fantasy.
The truth is surely that Microsoft has an interest in deriving a unique id for your system. Let's not pretend that it's for the good of your disk drive.
--
Microsoft Security MVP, 2005-2007. |
|
Kill DRM
@rr.com
| reply to AB
said by AB :BTW, has it ever occurred to anyone that the letters of "Service Pack 2" can be easily rearranged to spell "Vice Pact Workes"? As well as "Swear to Veicck"? "Dark Lord", "Beelzebub", "Satan", "Veicck"-- He goes by many names . . . . You need to actually spell the word "TWO" to include "Dubya" in your list. Who in the hell registered my "DRM Fault" anon name ??!! |
|
Kill DRM
@rr.com
| reply to dave
said by dave :The truth is surely that Microsoft has an interest in deriving a unique id for your system. If you are insinuating that Microsoft's assigning you unique system ID (in addition to the unique product ID) is something bad, please elaborate. |
|
