WMP privacy issues...

Discussion in 'privacy problems' started by discogail, Feb 20, 2002.

Thread Status:
Not open for further replies.
  1. discogail

    discogail Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    151
  2. FanJ

    FanJ Guest

    From the Helpfile of IEClean by which (among a lot of other things you can do with it) you can block Media Player Monitoring:

    Site: www.nsclean.com
     
  3. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Jan - DG's link is referring to WMP 8 - the link you gave (when you follow it to here: http://www.nsclean.com/ieclean.html ) only refers to WMP 7.

    Since you're a user, can you verify with them if WMP 8 (the newest one) is covered? Just curious - they might not have gotten around to up-dating the webpage for it. Pete
     
  4. FanJ

    FanJ Guest

    Hi Discogail and Pete,

    Sorry, I should have looked better, then I would have known that the question was about WMP 8.

    At the moment I'm using IEClean 5.5 and that's where I got the info from.
    But there is a newer version IEClean 6.0.
    I don't know whether that newer version will also protect your privacy with respect to WMP 8; a good question!

    Anyway, I send the question to PSC.
     
  5. FarCry

    FarCry Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    82
    Location:
    Boston, MA
    If you are using WinXP you can run XP-AntiSpy.
    http://www.xp-antispy.org/

    You can disable the following; (From XP-AntiSpy)

    Mediaplayer: Do not acquire licences automatically - Open the MediaPlayer->Tools->Options... Klick the tab 'Player', look at the groupbox 'Internetsettings' and uncheck 'Acquire licences automatically'.

    Mediaplayer: Disable identification of player by internetsites - Open the MediaPlayer->Tools->Options... Klick the tab 'Player' , look at the groupbox 'Internetsettings' and uncheck 'Allow internetsites to uniquely identify your player'
    Meaning if activated: Services on the web are able to identify your system (not only your player) via the GUID (Global Unique ID)

    Mediaplayer: Disable automatic codec download - Open the MediaPlayer->Tools->Options... Klick the tab 'Player', look at the groupbox 'Automatic Updates' and uncheck 'Download Codecs Automatically'
    Meaning if activated: The mediaplay can automatically check a ms-server if the codec, your movie is compressed with, is not on your system, and download it.
     
  6. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    In the meantime, I've also emailed the people who put out SystemRestoreRemoverPro to make sure that it still works correctly (referring to the 'Media Player' tab stuff in SRRP here) with WMP 8. I'll let you know if they respond. Pete
     
  7. Nancy_McAleavey

    Nancy_McAleavey Expert Member

    Joined:
    Feb 10, 2002
    Posts:
    244
    Location:
    Voorheesville, NY, USA
    In an article posted at http://www.ComputerBytesMan.com/privacy/wmp8dvd.htm and reported widely by the Associated Press, a discussion of privacy concerns with respect to Windows Media Player 8 functioning under WindowsXP is presented. The security and privacy issues raised however extend to ALL Windows platforms running either Media Player 8 (XP/2000 only) or Media Player 7 or 7.1 (all other platforms including Windows 95, 98, 98SE, ME, NT, 2000 and XP) and the created database file called wmplibrary_v_0_12.db exists under all of these versions of Windows Media Player and contains the listings which can be found in Media Player by clicking on the "Media Library" tab on the left hand side of Media Player when it is running. The "issue" is not limited to either Media Player 8 or exclusively to Windows XP.

    We first discovered the "reporting" possibilities during our development of IEClean 6.00 which was released on December 6, 2001. As a result of our determination that privacy issues existed in the original Media Player 7 and Media Player 8 betas, functions were added to IEClean to permit users to short-circuit these capabilities using IEClean 6.00. In IEClean 6.00's PRIVACY tab is an option marked "Block Media Player monitoring" which disables transmission of the UUID (Universally Unique Identifier) to remote sites as well as the automatic obtaining of licensing and passing of that information to sites which request same.

    In addition, IEClean 6.00 provides a means of removing information regarding media files and URLs accessed by Media Player which are stored in several locations in the Windows registry by means of the "Remove Media Player opened file list" and "Common Dialog files" options in the MRU's tab of IEClean 6.00.

    Windows Media Player, when permitted to access the Microsoft site which provides details on media files played, will obtain a cookie which contains a "tracking ID" within that cookie along with other cookies obtained from various Microsoft sites. Ordinary use of the "Remove unwanted cookies" on the main IEClean 6.00 screen as part of a cleanup will destroy the data and identifiers contained in those cookies.

    Between these two options, any remotely-trackable information is thwarted through the use of IEClean and each time IEClean is used for a cleanup, this information is removed from the user's system through a secure deletion process. It is not possible to remove or alter the UUID installed with Media Player however without breaking its functionality, another issue we considered in IEClean 6.00's construction. This is the reason why we chose to permit blocking of transmission as opposed to modifying the data.

    Examination of traffic generated by Windows Media Player during IEClean 6.00's development and re-examination after release determined that this large file was never transported nor were any of its contents. The file is in a format similar to Microsoft's ODBC (Access) Database and was accessed SOLELY by Windows Media Player during our monitoring of its behavior.

    During our development of IEClean 6.00, using the beta release of Media Player it was determined that end-user licensing data was also kept within this database and it was determined that wiping this file would jeopardize customers who paid for licensed access by possibly destroying their "receipt" and could possibly result in their having to pay again to relicense media that they had already paid for.

    At the time of IEClean 6.00's release, we made the decision NOT to remove this file as it was not at potential risk for transmission and was an essential part of Media Player's functionality. Our determination at the time still holds true, however Microsoft has not placed license information into this database and it seems unlikely that they will. Therefore, if you're still concerned about this file, it can be removed if you wish and Media Player will create a new, empty file the next time it is run. However, it is NOT necessary to remove this file and its privacy implications are limited solely to the machine the file resides on.

    The wmplibrary_v_0_12.db file in question is not routinely kept in a fixed location - it can vary tremendously in where it lands from one machine to another and Microsoft does not provide a "where is it?" entry in the registry to locate this file as it normally does for most other files. This makes it difficult to automatically remove this file since it can be in a different place on any given machine, especially if multiple logins exist.

    It can be located in any of the following places:

     your \Windows or \WINNT folder

     your \Windows\System or \WINNT\System32 folder

     the \Documents and Settings\All Users\Application Data\Microsoft\Media Index folder (Windows 2000 and Windows XP only).

     the \Program Files\Common Files\Application Data\Microsoft\Media Index folder (Windows 9x and Windows Me only).

     or it can be present in other folders.

    The easiest way to determine where yours is located is to use the FIND or SEARCH feature from the Windows start menu and search for "files/folders" containing the keyword:

    WMPLIB*.DB

    For those using IEClean, note the FOLDER in which yours is located and you can place this folder into IEClean's FILES tab in the box marked "Additional folders." It is not necessary to specify the file in IEClean. Before doing so however, you're advised to use the Windows file explorer and navigate to that folder and make sure that no OTHER files exist in that folder.

    If you DO find any other files in that folder, and you're an IEClean customer, send an email to support@nsclean.com along with the NAME(S) of the files found in that folder so that we can help you determine if it's safe to add that folder for cleanup.

    IMPORTANT: If your copy of wmplibrary_v_0_12.db is in your WINDOWS or WINNT folder, DO NOT add the "windows" folder for cleanup by IEClean or your system will be destroyed as IEClean will dutifully wipe the entire folder's contents. If your wmplibrary_v_0_12.db file is in the "Windows" or "Windows\system" folder, then you will need to use the included FileVac utility provided with IEClean to destroy the file for you on a manual basis (to keep it from going to the recycle bin where it can be resurrected).

    To use FileVac in order to destroy the wmplibrary_v_0_12.db file, open the Windows file explorer, locate the wmplibrary_v_0_12.db file and DRAG it to the FileVac icon on your desktop. FileVac will then much the file performing a secure delete of the file without risk to your "windows" folder.
     
  8. FanJ

    FanJ Guest

    Hi Nancy,

    Thanks for clarifying this to us!
    I do like IEClean very much!

    Best regards, Jan.
     
Loading...
Thread Status:
Not open for further replies.