spyware in windows xp

By John
in Microsoft (Windows)

 Share

Recommended Posts

Neowinian

Witchdoctor

Posted
Posted

Think about this for a minute. The United States of America is Litigation crazy. You don't need the source to figure out if your computer is communicating with the outside world. There are tools that allow you to track the network traffic. It's actually quite simple. Now do you think MS would risk a 'major invasion of privacy' suit? Every owner of XP would be part of the suit. The consequences would destroy Microsoft.

Link to comment
Share on other sites
Community Regular

PsychCom

Posted
Posted

to find out if youre pc is cheating on you whit good old bill:

1. install a firewall that operates on a program level. like zone alarm

2. sett the firewall to get any files/program that wishes to enter the nett to ask for premission

3. sett the firewall to get any files/programs that uses other files/programs to ask for premission

4. when you se a file trying to accsess the web, google it and see what the files does..

5. use the command netstat to find out were the files is connecting, if you gave it a yes to enter the nett

6. find out what is on the address that the files connected to..

by the way:

altough error reporting and codec/update, system scan for downloads or otherwise, may be considerd by some to be spyware, i would have to say its not. you can easely choose not to use these things, and have the full option to turn them off. now spyware on the other side is programs that is by my defenitions are "hard" to get rid off and dont have a big red shiny off switch... :cool:

Link to comment
Share on other sites
Enthusiast

jeff_pony

Posted
Posted

You might want to look into index.dat files and there relationship with Explorer, I.E and outlook. If you have been using outlook any mail you think you have deleted is contained in a temp file and referenced by a index.dat file, same with sites viewed with I.E. You cannot find these files with explorer as they are hidden from the system. Google for index.dat for a solution. Just for shock value my friend found over a gig of data held in these temp files, this included parts of movies, etc

There is a program you can purchase of the web that will clean your system. Its name escapes me atm

Link to comment
Share on other sites
Explorer

actz

Posted
Posted

winXP doesn't intentionally spy on users but they can and do collect information about system and other info which is supposed to be helping the dev of the OS in the end but some may consider this spyware.

Link to comment
Share on other sites
Grand Master

PseudoRandomDragon

Posted
Posted

First, for all those interested in Microsoft WinXP EULA, it is at http://faq.belg88.com/index.php?op=view&t=75

I invite you all to read the article "WinXP shows the direction Microsoft is going". It is located here:

http://www.hevanet.com/peace/microsoft.htm

The article shows that WinXP does indeed connect to Microsoft computers, even without specific request to do so. There is also the case of WMP sending out DVD info. Fortunately, it is easy to block, but it is still there. Sorry people, but because WMP is integrated into WinXP, it is a part of the OS. You can't have it integrated and say it is not part of the OS, doesn't work that way.

Correct me if I am wrong (I am not sure about this), but aren't you required to enter personal information when activating the product?

Link to comment
Share on other sites
Grand Master

Frank

Posted
Posted
Correct me if I am wrong (I am not sure about this), but aren't you required to enter personal information when activating the product?

Nope. You have the option to register, but you do not need to do it to activate Windows XP.

Link to comment
Share on other sites
Grand Master

John Veteran

Posted
  • Author
  • Veteran
Posted
...and XP pro Corp edition doesnt even require activation....let alone registration :blink:

anyone who referrs to that license by that name has it illegally :yes:

Link to comment
Share on other sites
Grand Master

itsnotabigtruck

Posted
Posted

WMP9: It asks you for all your privacy settings in a giant window in the center of the screen during setup (for a graphical install) or the first time you start WMP9 (for a silent install, Windows Update install, or on MCE 2004 and Windows Server 2003 for an OS integrated install).

Link to comment
Share on other sites
Grand Master

itsnotabigtruck

Posted
Posted
Nope.  You have the option to register, but you do not need to do it to activate Windows XP.

It only asks you for your country. That is not personal information, and it only used for a) to track demand for different localizations of Windows, and b) to determine what server to send the data to.

...and XP pro Corp edition doesnt even require activation....let alone registration

gameguy is right. It is the volume license version, not the "corporate edition".

Link to comment
Share on other sites
Proficient

Maxious

Posted
Posted

alexa sends out the web pages you went to, thats how it works out related links (sorry i deleted the packet dump) and the add new hardware wizard contacts microsoft... i was yelling spyware till i realised i left the box ticked where it says search windows update for a driver :p

Link to comment
Share on other sites
Grand Master

John Veteran

Posted
  • Author
  • Veteran
Posted
First, for all those interested in Microsoft WinXP EULA, it is at http://faq.belg88.com/index.php?op=view&t=75

I invite you all to read the article "WinXP shows the direction Microsoft is going". It is located here:

http://www.hevanet.com/peace/microsoft.htm

The article shows that WinXP does indeed connect to Microsoft computers, even without specific request to do so. There is also the case of WMP sending out DVD info. Fortunately, it is easy to block, but it is still there. Sorry people, but because WMP is integrated into WinXP, it is a part of the OS. You can't have it integrated and say it is not part of the OS, doesn't work that way.

Correct me if I am wrong (I am not sure about this), but aren't you required to enter personal information when activating the product?

i apologize to PseudoRandomDragon for missing his post in this thread. i honestly don't remember reading it and i don't see how i missed it :blink: either way, here's my response:

first, activation doesn't require any personal information at all. i assume anyone worried about a loss of personal information would activate over the phone, so i'll go over that. from memory, windows will generate a code that you give to the rep on the phone. they will in turn give you a code you type into the activation screen. total time spent on the phone for activation is often less than 2 mins. also remember, it's a free call.

now that that's done, i'll respond to the page http://www.hevanet.com/peace/microsoft.htm. i'd like to mention that this page attacks some of microsoft's business policies, and i'm not going to argue those here. mainly because i'm not qualified to defend microsoft's policies, not to mention i don't work for microsoft, it's not my job. anyway...

You must have permission from Microsoft to install software you own.?  In Windows XP there is a system called Windows Product Activation (WPA) that requires users to get permission from Microsoft when first installing its software and every time the user's hardware changes significantly.

Note that WPA is used only on the Windows XP Home and Professional versions. The Windows XP Corporate version is identical to the Professional version, except that it does not use product activation.

saying that activation is "permission from microsoft to install software you own" is exaggerating it a bit... activation simply ensures you have a valid license to use windows. if you read the EULA, it states you can only install windows on one computer for each license you own. also, no customer "owns windows". microsoft exclusively owns windows. when you pay for the box/cd, you are buying a license to use windows, not the ownership rights to it. youdon't> have the right to copy/modify/reverse engineer the software, etc. the EULA explains your rights to the software. if there's something you don't understand, i'm sure microsoft (or any lawyer, providing you pay for their time... stupid laywers...) will be happy to explain to you in full detail what you can and cannot do with the software.

WPA and software death can force users to pay more.[/b]>?  The two schemes of WPA and artificial software death together give Microsoft a way of preventing people from using Windows XP on a new computer, for example when they upgrade their hardware after several years. It would work like this: WPA prevents a customer from re-installing Windows XP on a new machine without Microsoft's permission. Microsoft may not give permission after declaring that that the software has died. If Microsoft won't give permission, the user may be required to buy new software; a customer could not move a working Windows XP system to new hardware.

true, but again, exaggerated. the site makes the truth seem more of a pain than it really is. from what i've heard, the microsoft reps on the phone are very understanding. just explain to them your situation and they'll give you a code. i myself have never called them because i always use the internet method, so i can't give my personal opinions on their helpfulness...

The issue is not that the connections are always bad for the user. The issue is that Microsoft has moved from making operating systems that are independent to making operating systems that try to connect to Microsoft's own computers, and are somewhat dependent on new ways of having access through the software firewall. Windows XP is the first Microsoft operating system to challenge whether the user can have control over his or her own computerWindows 98 does not connect to Microsoft's computers./b>?  Microsoft Windows 98 connects to Microsoft's computers only by user requesWindows XP connects with Microsoft's computers and expects to be allowed through the user's firewall in many new ways.?  Each user has a responsibility to control what goes in and out of his or her computer. Microsoft's new networking arrangements make this difficult. Here is a (probably incomplete) list of ways Windows XP tries to connect each user's computer to Microsoft's computers, or expects to be allowed through the user's software firewall:

Application Layer Gateway Service (Requires server rights. "Server rights" means that this Microsoft software inside your computer can set up an arrangement that allows other computers to control it.)

Fax Service

File Signature Verification

Generic Host Process for Win32 Services (Requires server rights.)

Microsoft Direct Play Voice Test

Microsoft Help and Support Center (If you don't stop it, using "Help and Support" notifies Microsoft of the subject of your search.)

Microsoft Help Center Hosting Server (Wants server rights.)

Microsoft Management Console

Microsoft Media Player (Tells Microsoft the music and videos you like. See the February 20, 2002 Security Focus article Why is Microsoft watching us watch DVD movies? [securityfocus.com].)

Microsoft Network Availability Test

Microsoft Volume Shadow Copy Service

Microsoft Windows Media Configuration Utility (Setup_wm.exe, sometimes runs when you use Windows Media Player.)

MS DTC Console program

Run DLL as an app (There is no indication about which DLL or which function in the DLL.)

Services and Controller app

Time Service, sets the time on your computer from Microsoft's computer. (This can be changed to get the time from another time server.)

the majority of these programs are accessing one of microsoft's various websites because the user requested information. i'll go through all of these items and explain as best i can what they are doing. for more information, i suggest anyone who's interested visit microsoft technet. technet has tons of information on nearly all microsoft software, geared towards IT administrators.

Application Layer Gateway Service

to be honest, i don't know much about this service. i do know that it is used for and by ICF (internet connection firewall) and ICS (internet connection sharing). i would imagine that this service requires "server rights" in order for some 3rd party tools to be able to configure the service or ICF/ICS. i doubt this service is accessable from the internet, and if it is, i would like to see proof. maybe someone else can comment on this one.

Fax Service

who uses this, hones:huh::huh: it's too bad the author didn't say exactly where/how this connects to microsoft...

File Signature Verification

this tool (sigverif.exe) checks the digital signatures on all your system files. each system file in windows is "signed" by microsoft. in order to verify the signatures, this must download microsoft's signature to check the files with. if the tool doesn't do this, there is no way to ensure that the signature on the file is really signed by microsoft, or whether it is signed by someone posing as microsoft. please note that the user (probably an administrator) would initiate this behavior, and that this is in no way any sort of "spyware".

Generic Host Process for Win32 Services (Requires server rights.)

this is simply the file "svchost.exe". this file is the host file that a system service can attach to. the host process merely carries out the tasks that the service gives it. while the host process itself is technically accessing the internet, in reality it is the service. the author of the site should have explained this, because it only confuses and misleads readers.

Microsoft Direct Play Voice Test

"dxdiag.exe" is the directx diagnostic tool. the two ways i know it accesses the internet is to check the WHQL digital signatures on directx files, and the DirectPlay test. the former is very similar to sigverif.exe above, and the latter connects to a microsoft directPlay server to ensure that directPlay (the network connection protocol used by directx programs/games) is working correctly. note that when you first run dxdiag, you are asked if you would like the program to check for digital signatures, and you must initiate the directplay test. the user asks for both to be completed - not spyware.

Microsoft Help and Support Center (If you don't stop it, using "Help and Support" notifies Microsoft of the subject of your search.)

with windows millennium, windows help changed how it searched for something. with windows xp, it now searches and displays results in three different sections: suggested topics, full-text search matches, and the microsoft knowledge base. for the last one, it checks microsoft's online database for the keywords entered in the search. help and support isn't "notifying microsoft of the subject of your search", it is simply looking for more results. if for some reason you don't want this behavior, you can disable it by going into help and support and clicking options at the top of the screen. then click "set search options" on the left, and uncheck the checkbox labeled "microsoft knowledge base" at the bottom of the right pane. again, this is not an example of spyware.

Microsoft Help Center Hosting Server (Wants server rights.)

i don't even know what this is, unless it is the same thing as above...

Microsoft Management Console

similar to svchost.exe above, MMC doesn't really do anything itself, but it is the snap-ins that contain all the information, or should i say, access all the information. the two snap-ins i can think of that access the internet are the device manager and the event viewer. the device manager accesses the internet when you check for updated drivers for your hardware. the user initiates this behavior. the event viewer has a link at the end of every entry that you can click on to get more information about that specific event. clicking this link opens help and support, which runs a search on the event in question. it also asks you to send some hardware information, which i cannot get a list of right now (because i previously checked the box that says "always submit this info"). nevertheless, you have a choice of whether or not you submit the information. again, not spyware.

Microsoft Media Player (Tells Microsoft the music and videos you like. See the February 20, 2002 Security Focus article Why is Microsoft watching us watch DVD movies? [securityfocus.com].)

WMP doesn't "tell microsoft the music and videos you like". this is highly exaggerated. WMP can lookup information (artist, title, genre, etc) on a music cd, song, or video. once again, the user must do this themselves, or at least allow WMP to do it automatically. take a look at the privacy tab of WMP and configure those options all you want. this isn't spyware in the slightest.

Microsoft Network Availability Test

i'm assuming this is part of the network diagnostics windows XP has, accessible by opening system information and choosing "net diagnostics" from the tools menu. this tool has several scanning options you can set, and once again, is started by the user. this isn't spyware either.

Microsoft Volume Shadow Copy Service

i don't know enough about this service to explain why it would be accessing the internet. if someone could post some links about this and/or why it accesses the internet or microsoft's sites specifically, that'd be great.

Microsoft Windows Media Configuration Utility (Setup_wm.exe, sometimes runs when you use Windows Media Player.)

ok, you're kidding, ri:huh::huh: this checks for updates, you tell it to. you can configure it to check for updates daily, weekly, or monthly, or disable them completely through group policy. definitely not spyware.

MS DTC Console program

distributed transaction coordinator manages communications through DCOM components. shouldd be accessing the internet, otherwise something's wrong. the reason it connects to microsoft's site probably has something to do with getting info about installed COM components. this isn't spyware either.

Run DLL as an app (There is no indication about which DLL or which function in the DLL.)

this is similar to svchost.exe and MMC where it doesn't really do anything itself, it only does what the DLL (dynamic link library, basically a program or a component used by a program) tells it to. this isn't spyware.

Services and Controller app

i had to look this one up to find out what it is. services.exe is basically a modified svchost.exe that runs the "event viewer" and "plug and play" services. these services must ALWAYS be running for windows to even boot. my guess is that the event viewer is looking up something, but i can't be sure because the author doesn't give any details as to when/why services.exe is accessing a microsoft site.

Time Service, sets the time on your computer from Microsoft's computer. (This can be changed to get the time from another time server.)

this just synchronizes your system time with a microsoft time server. it can be disabled or changed to a different server by opening "date and time" in control panel and clicking the "internet time" tab. for more information on the specifics of this, visit this website: How Windows Time Service Works. this is definitely not spyware.

i hope this has convinced someone that xp doesn't have spyware... also, if anyone could post some links to more info about any of the above topics i said i didn't know about, i'd appreciate it. i'm always learning, just like:)ou :)

Link to comment
Share on other sites
Grand Master

Frank

Posted
Posted
from what i've heard, the microsoft reps on the phone are very understanding. just explain to them your situation and they'll give you a code. i myself have never called them because i always use the internet method, so i can't give my personal opinions on their helpfulness...

I have called the Microsoft activation center and have had no problems with the reps. I have called for both Windows XP and Office 2003. They asked me what happened to the other computer, and I told them the truth, it broke and I am installing to a new computer. They gave me a activation code, and Off I was. I would say the total call lasted about 5 minutes.

It was the exact opposite of what I thought it was going to be. I thought I was going to have to argue with them over it, and complain until they gave me the activation key.

Link to comment
Share on other sites
Grand Master

PseudoRandomDragon

Posted
Posted

"Microsoft Direct Play Voice Test

"dxdiag.exe" is the directx diagnostic tool. the two ways i know it accesses the internet is to check the WHQL digital signatures on directx files, and the DirectPlay test. the former is very similar to sigverif.exe above, and the latter connects to a microsoft directPlay server to ensure that directPlay (the network connection protocol used by directx programs/games) is working correctly. note that when you first run dxdiag, you are asked if you would like the program to check for digital signatures, and you must initiate the directplay test. the user asks for both to be completed - not spyware."

Dxdiag tries to connect to the internet every time I try to load it, even with that option disabled. Maybe it is just a fluke to me?

"

Microsoft Help and Support Center (If you don't stop it, using "Help and Support" notifies Microsoft of the subject of your search.)

with windows millennium, windows help changed how it searched for something. with windows xp, it now searches and displays results in three different sections: suggested topics, full-text search matches, and the microsoft knowledge base. for the last one, it checks microsoft's online database for the keywords entered in the search. help and support isn't "notifying microsoft of the subject of your search", it is simply looking for more results. if for some reason you don't want this behavior, you can disable it by going into help and support and clicking options at the top of the screen. then click "set search options" on the left, and uncheck the checkbox labeled "microsoft knowledge base" at the bottom of the right pane. again, this is not an example of spyware."

Yes it is. It is spyware that can be turned off, but it is spyware non the less.

Link to comment
Share on other sites
Grand Master

Frank

Posted
Posted
Yes it is. It is spyware that can be turned off, but it is spyware non the less.

It is NOT spyware. It is enabling you to be able to search the UPDATED knowledge base articles on the Microsoft web pages. How is this spyware?

Not only this, but if Microsoft kept the information I searched for and improved on THERE search engine, I would not care. If something I searched for was not in there help or knowledge base articles and they knew that, wouldn't it better the product and provide a better service for everyone who used it?

Link to comment
Share on other sites
Community Regular

el22

Posted
Posted
Yes it is. It is spyware that can be turned off, but it is spyware non the less.
So, when using google to search, Google is spying on you just because YOU SENT THEM a query to their servers?
Link to comment
Share on other sites
Grand Master

Frank

Posted
Posted
So, when using google to search, Google is spying on you just because YOU SENT THEM a query to their servers?

Very good point. I wonder if they keep track of all of the searches that are made on their search engine.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.