Author Topic: Win 2k, ME and XP question (Read 446 times)

Maverick · « **on:** January 27, 2002, 11:14:00 AM »

Hi there,

A person who admits to being a hacker, I saw her setup and the claim seems valid, says there is a spyware situation with the above listed OS from massivesoft.

She indicates there is a backdoor on all 3 that allows MS to check the contents of your HD anytime you are connected to the web and see what you have installed. This is allegedly to cut back on piracy of the systems. Does anyone have any idea if this is a true situation or just bogus? It sounds believable to me and I was wondering if it was true. This person has absolutely no reason to blow smoke at me and nothing to gain by it. Jusat curious as I might upgrade to xp after the "second edition" is released.

Mav

qts · « **Reply #1 on:** January 27, 2002, 11:21:35 AM »

I think you need to be a little more specific. There are significant holes in many MS products - just subscribe to NTBugTraq.

Maverick · « **Reply #2 on:** January 27, 2002, 02:11:25 PM »

Quote

Originally posted by qts
I think you need to be a little more specific. There are significant holes in many MS products - just subscribe to NTBugTraq.

Hi there,

Wasn't talking about "holes" but a deliberate MS reporting spyware subprogram that reports what MS products you have on your system to MS. This is "supposed" to work just like spyware and reports without your knowledge any time you are in the net. I don't know if this is true, hence the question.

Mav

Personally I don't like the idea of anyone getting info off of my machine unless I send it deliberately. It's my damn machine not anyone elses. Peeping toms of any description are not my kind of folks. That's why I use a firewall since I caught someone tapping into my system before.

mrsid2 · « **Reply #3 on:** January 28, 2002, 03:32:01 AM »

I think what he meant was the MS automatic update feature..

When you connect to windows update it asks you to install a small piece of software which scans the contents of your computer and sends the info back to MS. That way it can automatically patch your computer with the updates it needs.

Downside is that even though it says 'no information is being sent to MS' it surely does just that. Everything that you have there is known to them after that.

Did you know MS also stores your web history in a secret dll file? Even if you delete your web cache from explorer, it's still stored in a system file which you can't delete just like that

Our buddy, Bill.. tsk tsk.

-lynx- · « **Reply #4 on:** January 29, 2002, 04:58:10 AM »

I guess with me running the same XP version on both home desktop and laptop (both systems updated regularly via Windows Update) I need to expect a knock on the door from Bill's goons anytime now... *yawn* Conspiracy theories (especially those involving "Big Bill Watching You") never die, do they?

Maverick · « **Reply #5 on:** January 29, 2002, 03:52:55 PM »

I am kinda sorry I posted this thread here. I was hoping someone would have a definitive answer either way about this but all there has been has been conjecture about something I didn't talk about or simple useless sarcasm.

Believe it or not, I am not interested in opinions or guesses.

Mav

rounder · « **Reply #6 on:** January 29, 2002, 04:45:45 PM »

You will never find a definitive answe to that question Maverick bit IMO the answer is no and I will justify it below

1. What good would it do Microsoft to know what data you had on your computer? Not much since they could never actually do anything about it.

2. To Collect data from a machine and then to send it would require a certain amount of bandwidth, there are hundreds of watchdog groups, thousands of gurus, and a number of software products that monitir network traffic. If this was going on it would have been discovered and made public by now. There are far too many people who want to discredit MS for this to be kept a secret.
This is how the spyware issue with the popular p2p music sharing applications was discovered recently.

It is also important to note that although I do not think MS is using spyware at the operating system level they may in fact obtain data about users from 3rd parties, again this is useless information as they cannot do anything about it, they would have no case if the information was obtained in an illegal fashion.

3. How does MS know who you are??? All MS would have is an IP addy and perhaps usernames from either windows or applications installed. It takes an act of god, well not really, but a court order for an ISP to release a name associated with an IP addy.

just my 2, anyone else have thoughts on this

Rounder

-lynx- · « **Reply #7 on:** January 31, 2002, 09:51:12 AM »

OK, you don't want sarcasm about the subject that has been discussed way too many times. Try simple test - install a firewall. Watch the results - does it scream out every time you connect to the internet that a "secret M$ spyware application" is trying to connect to the internet without your consent/knowledge? No? Blimey - next time you see that self-confessed hacker you can tell her she's full of BS.

Yes it sends information to M$ when you use Windows Autoupdate feature - how else would it know what to offer you an update on??

But I really don't think it sends out the personal info like registration codes etc. As Rounder said - it would be impossible to do anything about it anyway. They just hike the price of the next version to cover the cost of those who don't want to pay.

There was a discussion just before XP came out whether M$'s stupid idea about activating the version by phone would prevent unathorised use (just imagine how much it'd cost M$ to set up call centres worldwide!) - I'm living proof that it failed miserably. And I update both systems regularly (did pay for one though:))...

Wlfgng · « **Reply #8 on:** January 31, 2002, 11:10:56 AM »

firewall.. simple as that.

Furious · « **Reply #9 on:** January 31, 2002, 11:54:40 AM »

http://www.grc.com

read carefully.

F.

Lephturn · « **Reply #10 on:** January 31, 2002, 02:58:40 PM »

No, there is no such thing. I'm an MCSE with many years of experience, and I work for a software company doing testing on Win2k platform every single day. I've been working with Win2k since before it was released. People who say such things are not hard to find, but I've never seen anything like this proven.

And a little logic will tell you how Windows Update works. Windows update sends the list of all available updates to your computer. Your computer then scans to see which updates are required, and asks for those. The only thing sent to MS is what options of MS update you have selected.

If such a thing was true, folks like Steve Gibson (http://www.grc.com) would long ago have discovered and publicized it.

bloom25 · « **Reply #11 on:** January 31, 2002, 05:08:54 PM »

I'm not aware of any such spyware. As others have stated, about the closest thing is the Windows Update program. (Active X) This program has the ability to examine Windows and hardware configurations, though I believe it is done on the client side. (I.E. The list of available updates since your last visit are sent to your computer, which then determines which it needs.)

If there was Microsoft installed spyware the uproar would be huge. It is quite easy to examine the packets coming into and out of your computer. Firewalls do this to some extent, but there are other utilities that do more.

There are a few things in Windows that *could* be used to ID your computer. (Look at product activation in Windows XP and Office XP for example.) There have been a few cases of download utilities, such as Real Download and a few others, that were tracking your downloads and other personal information. You can read about them at grc.com .

I'm trying to figure out what exactly your friend could be talking about. About the closest thing to Microsoft created spyware network traffic is the NetBios data sent on ports 137 - 139. NetBios is used to ID computers on a network and for a few other things such as Windows NT and 2000's "net send" command. ("net send" lets you send a pop up window message to another computer on your network.) Almost all software firewalls and all hardware firewalls I've seen block these ports.

Maverick · « **Reply #12 on:** February 01, 2002, 03:12:34 PM »

Thanks Gents. That was exactly the type of info I was looking for. I was given this story and didn't know if it was bogus or not. I have never been that deep into computers to have the info to know one way or another. That was why I wanted to ask here. I knew that there was a wealth of knowledge in the folks who are associated with AH and I could get a good answer.

Thanks again.

Mav