WiMP Security Patch changes M$ EULA

Discussion in 'other security issues & news' started by Mike_Healan, Jun 29, 2002.

Thread Status:
Not open for further replies.
  1. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    New EULA says that you give M$ the right to install digital rights management software, and the right to disable any other programs which may circumvent DRM on your computer.

    http://bsdvault.net/article.php?sid=527&mode=&order=0

     
  2. snowy

    snowy Guest

    Mike

    I just re-installed my os....then updated all the security patches.....will be doing this all over again very soon......well I must have been half asleep because that part of the eula slid pass me.....so thanks for advising.
    since its been a very long time since I last used media player...I decided to check it out again....well, my security wont even allow windows media player to work....so, ok, I lowered the security a bit...still no working media.....the darn thing wants clear passage to the internet it would seem.........nope...no way!
    actually only because I was re-installing the os was windows media player even still on my system....it gets un-installed by me very quickly..........there are nice non-snakeware media players out there that are free......for the heck of it I'm going to test a couple an give the results...
    M$ wont..not today..or next year ever install anything on my os without my knowing it..an what it is.....I'll crash the computer first.

    snowman
     
  3. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    ~shaking my head~

    that's just nasty!

    i am waiting for M$ to come out with a rental clause to continue using their already purchased OS......or suffer the critical update consequences!
     
  4. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    That's the last update I'll install. QED, XP is just a stepping stone to DRM.

    They can go stuff themselves. I am totally disgusted.
     
  5. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    There is a nice little program who will solve this and other (security) problems concerning WindowsXP, I don't know it is functionating with W98, ME etc. but it will do with XP, I've tried it and it works fine!

    XP-AntiSpy

    XP-AntiSpy is a little utility that let's you disable some built-in update and authetication 'features' in WindowsXP.
    For example, there's a service running in the background wich is called 'Automatic Updates'. I don't know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these function manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour. But why wasting time when a little neat utility can do the same in 1 minute? This utility was successfully tested by lots of users, and was found to disable all the known 'Suspicious' Functions in WindowsXP. It's customizeable, but comes up with the Default settings, which are recommended. If you like to get more information about those 'functions',read THIS.

    This utility is FREEWARE! This means, you dont have to pay anything for this program and you can give it to anyone who's interested in, as long as you don't sell it. If you find this tool useful, and wanna gimme something back, then click on my sponsors.

    Link to the program: http://www.xp-antispy.org

    Program available in several languages.

    Ciao,

    Smokey
     
  6. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Hi,
    Xp-Antispy works ponly with XP as its name is XP :)

    The new EULA comes with the new update for Win2K and XP (don't think there is something about previous v like Win98 or Me).

    Very easy to circumvent :
    Don't go to the standard windows update, unactivat de Automatic updates from de services and d/l the SP, hotfixes and patches from :

    http://v4.windowsupdate.microsoft.com/fr/default.asp?corporate=true

    No check up of your system by Mickey$oft, no online install :

    you d/l on your PC and install when you want and may save on an amovible support.

    Available for Win 2K and superior, any language.

    Rgds,

    JacK
    http://smilies.sofrayt.com/1/r/bigdance.gif
     
  7. Pretender

    Pretender Registered Member

    Joined:
    Apr 23, 2002
    Posts:
    670
    Location:
    Virtual Paradise
    summary of the bottom line here please

    should we uninstall the update? i'm not up on all of this tech talk. please summarize for an idiot like me. it looks like windows media player update it bad?!?
     
  8. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    Re:summary of the bottom line here please

    Certainly no !

    Impact of vulnerability: Three new vulnerabilities, the most serious of which could be used to run code of attacker's choice.

    Maximum Severity Rating: Critical

    Recommendation: Customers running affected products should apply the patch immediately.

    Just disable the unique identifier which could be restore with the patch.

    Rgds,

    JacK
     
  9. Pretender

    Pretender Registered Member

    Joined:
    Apr 23, 2002
    Posts:
    670
    Location:
    Virtual Paradise
    "Just disable the unique identifier which could be restore with the patch." how do we do that?
     
  10. snowy

    snowy Guest

    For winME users there is a free program named
    OppCom that adds ten new options to the add/remove menue........FE: disble/remove the following....note: all can be re-installing very easily.......towith: Media player...windows scripting host...garbage files...WINDOWS UPDATE...pchealth....plus several others.....
    I use this program..an have for awhile with no problems or bugs............sorry I don't know the url offhand.....but it can be found by a search I'm sure...

    snowman
     
  11. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Thanks for the heads up on that Mike.
    You know M$ is getting to be like the government in our lives. They are dictating to us how we do what we do and are trying to become our Big Brothers to make sure we don't so anything they don't want us to do.
    This is frustrating! :mad: :mad: :mad:
    What happened to supply and demand and the customer dictating what products were needed? How did we get to the point the M$ is telling us not only what we need, but are telling us we are getting that whether we want it or not. :mad:
     
  12. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    No law states you must use their products. There are alternatives, several of them. They might require some time to learn, but then you would be back in control of your computer lives.

    Works for me ;) No M$ here anymore, I threw in the towel on M$ just last month. All I can say is man, are there ever alot of good security programs out there that I no longer need lol.
     
  13. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    http://www.theregister.co.uk/content/4/25956.html

     
  14. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    Now where did I put that linux .iso? ....... :mad:
     
  15. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    [year-old attachment deleted by admin]
     
  16. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    I thought it was rather weird, when I went to WU this morning, that, when I clicked on 'Show Installed Updates', the WMP update didn't show up in the list - to find it, I had to go to the 'Installation History' button, where I finally saw it: "Q320920: Security Update (Windows Media Player 7.1) - version 7,10,0,3068 - was successfully installed.
    6:51:54 AM Thursday, June 27, 2002 : 5456".

    Guess they didn't want us to be able to easily remind ourselves that we did that? :D

    BTW, when I click on "Help"/"About Windows Media Player" , it tells me that I've got
    Version: 7.01.00.3055
    Product ID: 52782-OEM-0009147-00560

    Does that 'Product ID' identify my son, specifically, or just the player itself? (On the 'Player' tab of WMP, I have absolutely nothing checked - and nothing checked on any of the other tabs there that could be even remotely construed as giving it any kind of 'identifying' rights. So, between that and making sure my firewall's blocking the thing, i guess I've done about all I can do. (Besides switching to WinAmp, that is). Pete
     
  17. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Pete,

    Did you run Spybot SSD after updating by any chance?

    regards,

    paul
     
  18. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Yes, I did. Nothing beyond the standard usage tracks that are there any time WMP is used.

    Seems to me (I'll re-check later) that for some reason I had to right-click and delete whatever was showing in the right-hand "Now playing' column even after I ran SBS&D, though. Pete
     
  19. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    SBS&D results that applied to WMP:

    MS Media Player: Recent Files List (5 files)
    HKEY_CURRENT_USER\Software\Microsoft\Media Player\Player\Recent File List

    MS Media Player: Recent Open Directory
    HKEY_CURRENT_USER\Software\Microsoft\Media Player\Player\Settings\OpenDir=

    So I check-marked those two and told SBS&D to 'fix', they came up with two green checkmarks, closed SBS&D, opened WMP, and under the right-hand column (beneath 'Playlist5' "Now Playing' high-lighted) was the name of the last musical selection he'd played. I double-clicked it and it started playing.

    Closed WMP, opened Xteq, branched out 'Internet' category, then branched out 'Windows Media Player' folder, clicked on 'Clear Cache' , said 'Yes' to the warning, clicked 'Clear WMP Cache (total erase!)' , okayed the 'Information box that came up, clicked 'Clear Items' , then 'Clear recent file list' , okayed that when the info box came up.

    Closed Xteq and re-opened WMP - last selection he played was still there. Double-clicked it and it started playing. Right-clicked the selection name in WMP, selected 'Delete from Playlist' and it was finally gone.

    So, quite clearly, neither SBS&D or Xteq remove the name of the last selection played from WMP's 'Now Playing' area - you can only remove that particular information through the use of WMP itself (at least if you're only using either of the other two programs mentioned in your attempt to clear that particular information).

    Always a good thing to know. Pete
     
  20. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    The product ID shown in Windows Media Player, at least on Windows XP, is suprisingly the SAME PRODUCT ID USED FOR WINDOWS AND INTERNET EXPLORER. This is VERY scary.

    I will do some tests to determine if this ID can be changed as, obviously, it can very easily uniquely identify your computer. Access to it is questionable, but just the fact that it is used by Internet Explorer AND WMP, let alone the system itself, adds to potential privacy risks.

    -javacool
     
  21. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Javacool,

    i just checked that myself....and you are right!
    my pc's ID, IE6, and Window's Media Player's ID numbers are ALL THE SAME! ~shivers

    i am wondering now what other M$-related applications might have the same ID numbers, or, will have the same ID numbers with future updates.....and why would they want to do this? If they were to say so that "they" could identify me...then i'd be wondering who's best interest they have in mind.....definitely not the customers, since it would open my pc up for identification in several areas, to those i wouldn't want to identify me! Scary? Oh yeah!

    darn, i am not that knowledgeable in exploits..but it wouldn't take a rocket scientist to see the chances for one (MANY) happening here! What the heck were they thinking??
     
  22. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Yup. Same for all three on my WinME system, too.

    Probably just co-incidence. ( <g> )

    Heck, for all I know, everything from M$ on the computer could have the same Product ID # , established beforehand whenever you d/l software.

    How else would Windows Update know what you do or don't have when you're checking for updates? Pete
     
  23. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Had my son show me last night one of the songs he had a problem with after the update (I told him to live with it, BTW).

    The song totally locked up both WMP AND the computer, forcing a hard shut-down/re-start. Wanted to see if the firewall at least kept WMP from running home and ratting on him (so as to avoid having the Media Police come kick down the door) and it did (I just tried the same song again) :

    PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 2 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 3 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 4 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 5 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 6 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 7 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 8 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 9 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 10 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
    07-03-02,07:30:57 U 11 'APP: Stopped ' Microsoft(R) Windows Media PlayerEXE C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE

    Apparently, it was trying to call home and tattle clear up till I shut the computer down.

    I'm almost willing to bet that WinAmp has seen a recent huge increase in the number of d/l's! Pete
     
  24. FanJ

    FanJ Guest

    About those ID's:
    I have three different ones for:
    1) IE 5.5
    2) WMP 7.01
    3) System (as shown in My computer > Configuration > System > General).
     
  25. FanJ

    FanJ Guest

Loading...
Thread Status:
Not open for further replies.