Exposed: What MS Doesn't Want You to Receive

After the recent news that Microsoft is now censoring users of its instant messaging software from receiving messages containing .info, as well as things like .pif which they were already blocking, I decided to do some research to find out what else they think could pose a security risk to you and your computer and censor.

The list of blocked strings is stored on the Messenger servers so that it can be quickly downloaded to instantly update your Messenger with any new entries without you having to download a whole new version. After playing around a bit with the Messenger protocol (aka MSNP) I managed to retrieve the list from the servers, containing 124 entries in total ...

View: The full story
News source: Messenger Stuff

Report a problem with article
Previous Story

Paint.NET 3.10 Beta 2

Next Story

Judge Rules: SCO Does Not Own Unix

25 Comments

Commenting is disabled on this article.

ah now that would explain why when i try to send my domain name link via Messenger it wont send lol

Another problem solved - Thank you Neowin!

ChocIST

have any of you whiners read the list.

i don't see any issue with MS blocking any of the stuff they block. woudl you rather you got a dodgy link clicked it and got a virus, i have more issue with MS blocking the stuff they block in outlook, i.e. i can't get .exe .vbs .reg files (and i know they can be dodgy but in my job i need to be able to recieve these files) and i have to install a 3rd party plugin to allow the file type i want, from what i can see with this is that you can turn it off, and it really only blocks stuff you don't want anyway

as for the bad programming comments, i just wanted to mention the developers have no choice over what gets blocked it wil be a product mamnagement decision on what gets blocked, they just have to implement it.

I've just looked at the block list again and it's been updated, the main change being that the .info entry has been removed. If you try to send a message containing .info you will notice that is is only blocked if it is a string that WLM turns into a clickable hyperlink so if you want to send a .info site you are able to if it is something like this: css3.info and not http://css3.info, www.css3.info or http://www.css3.info - if you do try to send one like the later three then it will now actually tell you that "The following message could not be delivered to all recipients".

The security method is also flawed, it is impossible to really deal with IM worms, education is the best way to stop them. Also this method slows down Messenger and the scanning of messages uses way too many CPU resources. It is a case of sloppy programming, and since articles like this have been posted Microsoft have started to fix things.

Hello, if it's a leaked beta you're not SUPPOSED to see it.
There are reasons for every entry on the list, some of them obsolete and stupid, but some of them relevant to Microsoft's interests.

Everything in Windows is a remnant of some other version before it. I don't see why some of that old tech isn't removed. Who here still uses OS/2 1.x PM apps? I thought so.

Actually Microsoft won't let you send any string containing .info, fearing that all .info domains cause viruses. Even websites like 'css3.info' will be blocked. This is a case of sloppy programming, that the development team have chosen to ignore.

This list shows everything blocked on MSN/ Windows Live Messenger, something which is creating problems for millions of people who are sending messages that have nothing dangerous about them.

How is it not? Wouldn't you be annoyed if you owned dugbug.info? People wouldn't be able to pass that URL around, and some might even think it's a malware website, since it's being blocked by Microsoft!

noroom said,
How is it not? Wouldn't you be annoyed if you owned dugbug.info? People wouldn't be able to pass that URL around, and some might even think it's a malware website, since it's being blocked by Microsoft!

you can turn it off

abbeh said,
Actually Microsoft won't let you send any string containing .info, fearing that all .info domains cause viruses. Even websites like 'css3.info' will be blocked. This is a case of sloppy programming, that the development team have chosen to ignore.

Looks like .*.info. to me

I'm able to send css3.info to a contact fine.

noroom said,
How is it not? Wouldn't you be annoyed if you owned dugbug.info? People wouldn't be able to pass that URL around, and some might even think it's a malware website, since it's being blocked by Microsoft!

Seriously? You think that is equivalent to censorship?

-d

dugbug said,

Seriously? You think that is equivalent to censorship?

-d


Yes, because it's a block on a complete TLD. How about if it is decided that .name is blocked? Perhaps someone will hack it so all .com, .net, .org, .edu get blocked. Think you'll still be blasé about it?
Arbitrary blocking a TLD is censorship. Ask anyone in China (if you can).

Trying to stop us from getting viruses, spam or our accounts stolen? Those filthy *******! Thank you for exposing what everyone already knew they were doing.