| Microsoft Installs Skype Without Consent From H-Online:
Apparently by mistake, Microsoft's Windows Server Update Services (WSUS) last night deployed a Skype update to Windows clients that had never had the telephony and messaging software installed. This resulted in Skype being installed on these computers.
The issue affects all computers that automatically receive Microsoft's updates via WSUS without explicit administrator approval. After the blunder surfaced publicly, Microsoft marked the update as expired. It is now no longer being deployed by WSUS servers.
Updates via WSUS are becoming increasingly popular in networks where multiple Windows systems need updating. With a WSUS server, administrators can minimise network loads and control which updates will be installed. In this case, the Skype update was deployed as a non-security update. |
|
|
|
 Dude111An Awesome DudePremium
join:2003-08-04
USA
kudos:11 | Ya right,no mistake about it!!!!
They wanna try and listen to as many ppl as they can!! (having windows spying on them isnt enough anymore,they wanna hear/see also) |
|
 psafuxPremium,VIP
join:2005-11-10
kudos:2 | reply to FF4m3
Re: Microsoft Installs Skype Without Consent I've noticed Skype as an optional update for a couple of weeks on regular windows/microsoft update.. Interesting blunder. |
|
| Skype is already super compromised.. Remember;
»www.theregister.co.uk/2009/02/12···_pwnage/ |
|
| reply to FF4m3
"The issue affects all computers that automatically receive Microsoft's updates via WSUS without explicit administrator approval."
If I was an Admin, I would certainly want to make sure that I had control of all updates going to the PCs that were my responsibility. I wonder how many Admins let updates go on autopilot? |
|
| reply to Todd Sloan
There's been a lot of speculation over the years about what that whole story was about. Some think it was a publicity scheme (i.e. "Hey we are NSA and we can't break Skype, wink wink.") In other words, NSA wanted to encourage people to use a service they routinely eavesdrop on.
In any case, there's no way they would publicly announce a billion dollar contract like that. It was either a phoney story all together or put out there to fool people into trusting Skype.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999 |
|
 Link LoggerPremium,MVM
join:2001-03-29
Calgary, AB
kudos:3 | said by KodiacZiller:There's been a lot of speculation over the years about what that whole story was about. Some think it was a publicity scheme (i.e. "Hey we are NSA and we can't break Skype, wink wink.") In other words, NSA wanted to encourage people to use a service they routinely eavesdrop on. In any case, there's no way they would publicly announce a billion dollar contract like that. It was either a phoney story all together or put out there to fool people into trusting Skype. its all true, as Skype was the bugger for them to crack as it only cost a couple hundred bucks for example to break into FaceTime 
Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool |
|
| They didn't need to break into Facebook, just creating a user there gave them all they need. |
|
Reviews:
 ·WestNet Broadband
| reply to FF4m3
If I put my tin hat on and Microsoft installed Skype in hopes of allowing the 3 letter agencies access to your data streams, maybe someone should have told this school? Easier than getting caught for installing software that sticks out and possibly detected by an A/V. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:8 | said by norwegian:If I put my tin hat on and Microsoft installed Skype in hopes of allowing the 3 letter agencies access to your data streams, (...) Not very sophisticated attempt, though.
My morning:
1. Get coffee, sit at desk
2. Think "where'd that frigging Skype icon com from?"
3. Select "exit" on icon, observe it does not exit, snarl.
4. Uninstall Skype.
Elapsed time, about 5 minutes. Had a few minor misgivings about whether our IT guys *wanted* Skype installed, but decided on a system with no mic/speakers/camera there likely was no point. |
|
| Didn't someone inject Skype into Firefox as an add-on about a year/maybe two years ago? I'm thinking it was just about the time MS bid to buy Skype. Don't know if MS did it.
I do remember a rather large outcry
»www.computerworlduk.com/news/app···add-ons/ |
|
| reply to FF4m3
Microsoft Accidentally Deploys Skype During Windows Server Update Service:
One user on the support forum suggested the following fix:
psexec \\computername -h -s MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} /qn
This worked for me at least, just got all the computers in a text file and ran:
psexec @C:\pclist.txt -h -s MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} /qn
WSUS showed 50% deployment so some of them failed but the ones that exit with Code 0 seemed to be OK.
And of course decline the update on WSUS and remove the Skype product until they get this resolved. Make sure nobody is using Skype with permissions or you will have to re-install the application after running the removal query. |
|
| reply to carpetshark3
said by carpetshark3:Didn't someone inject Skype into Firefox as an add-on about a year/maybe two years ago? It was Microsoft's .NET ClickOnce add-on in 2009. |
|
| reply to FF4m3
»en.wikipedia.org/wiki/Skype#Serv···of_China
Service in the People's Republic of China
Since September 2007, users in China trying to download the Skype software client have been redirected to the site of TOM Online, a joint venture between a Chinese wireless operator and Skype, from which a modified Chinese version can be downloaded.[95] The TOM client participates in China's system of Internet censorship, monitoring text messages between Skype users in China as well as messages exchanged with users outside the country.[96][97] Niklas Zennström, then chief executive of Skype, told reporters that TOM "had implemented a text filter, which is what everyone else in that market is doing. Those are the regulations." He also stated: "One thing that’s certain is that those things are in no way jeopardising the privacy or the security of any of the users."[98]
In October 2008, it was reported that TOM had been saving the full message contents of some Skype text conversations on its servers, apparently focusing on conversations containing political issues such as Tibet, Falun Gong, Taiwan independence, and the Chinese Communist Party. The saved messages contain personally identifiable information about the messages' senders and recipients, including IP addresses, usernames, land line phone numbers, and the entire content of the text messages, including the time and date of each message. Information about Skype users outside China who were communicating with a TOM-Skype user was also saved. A server misconfiguration made these log files accessible to the public for a time.[97][99][100] |
|
| Microsoft has a history of injecting code into machines, and other products. In the case of Firefox they arguably did it to impact browser performance negativity to possibly discredit Mozilla. Flame was injected through Windows Update. Now we have a mysterious installation of Skype through update when Skype is well known as a fully compromised datastream? The flame episode itself, largely should have resulted in criminal investigation into Microsoft, and it didn't.. Why?
When will people have enough of MS and run to PCBSD, Linux, SUSE, or various distros and leave MS in the dust once and for all? Microsoft sold us out, repeatedly, and keeps doing this crap and claiming it was a mistake and people keep buying their crap.. It's disgusting to watch people wait in line for hours to get the latest Windows trash, nothing but clueless lemmings. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:8 | Basic credibility test: would someone attempting to surreptitiously insinuate code into your machine give that code a nasty highly-visible systray icon that you couldn't tell to go away? |
|
| said by dave:Basic credibility test: would someone attempting to surreptitiously insinuate code into your machine give that code a nasty highly-visible systray icon that you couldn't tell to go away?
Answer: Yes, hidden in plain sight. It's a doctrine they use, anything else would have garnered suspicion. Most people just think "Skype? Cool.." and move along while their datastreams are being monitored. Makes perfect sense. |
|
 SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by Fern Rivas : Answer: Yes, hidden in plain sight. It's a doctrine they use, anything else would have garnered suspicion. We can see how successful they were in deflecting all that suspicion, no?
It was just a mistake, and they've fixed it. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:8 | reply to Fern Rivas
Conspiracy theories can form a monological belief system: A self-sustaining worldview comprised of a network of mutually supportive beliefs. |
|
Dude111An Awesome DudePremium
join:2003-08-04
USA
kudos:11 | reply to Steve
A mistake?
THEY KEEP DOING THINGS LIKE THIS OVER AND OVER..... I highly doubt it was a mistake Steve,ya gotta remember who we are dealing with buddy! (They have become quite intrusive over the years)
said by Fern Rivas :
Most people just think "Skype? Cool.." and move along while their datastreams are being monitored. Makes perfect sense.
Exactly my friend!
Anything to make it even EASIER to spy on people!! (This gives them voice and maybe video also) |
|
