Windows 8 will automatically report every program you download to Microsoft

Discussion in 'other software & services' started by tgell, Aug 24, 2012.

Thread Status:
Not open for further replies.
  1. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,075
    Article
     
    Last edited: Aug 24, 2012
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,075
    Thanks for those links.
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    This isn't really a privacy problem (SSLv2 use excluded) any more than installing anti-virus is a privacy problem, at least you can turn this off unlike some AVs where collecting data on executables is forced/invisible.

    Popular software does it as well such as the Steam client. Looking forward to steam coming to Linux? Well, it will be profiling your software and hardware.

    App stores also keep a log of everything installed.

    But really, this is cloud functionality. With everything cloud comes a personal privacy decision. I don't think this could be implemented using a locally downloaded database, it would have to be gigantic and unreasonable for those on slow connections.

    I personally think this will be a great feature for reducing the amount of botnets we have assaulting websites with DDoS and assaulting us with spam. Wilders members may not use it, but it will definitely be a good extra barrier for those that struggle with computers.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    For the love of $diety do NOT connect a Windows 8 computer to a network, or if wireless even allow it to be within earshot of an open access point, prior to studying its configuration extensively and disabling everything you want disabled. Then use it for target practice :)
     
  6. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    unless you have examples to show us, or reports from a reputable source then this is just FUD.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It only uses SSLv2 if the host doesn't support newer.
     
  8. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    Fear, Uncertainty, Doubt? Yes, in moderation those would be perfectly healthy emotions to experience if about to use Windows 8 (or any other software that has such features built in). The privacy issues are well established; the recent article mentioning SmartScreen issues is in some but not all respects late to the game. I would suggest you Bing it. What I was actually doing is pointing out a way to cope with such a situation and strongly encouraging people to do it. Namely, to mitigate the risk of purposeful and/or accidental privacy events by preventing the possiblity of an Internet connection until after you are certain you have the machine tightly configured and options the way you want them. Not only for privacy reasons BTW but also for security reasons. Not only when bringing up a new computer and OS BTW, but also when installing new application software you aren't familiar with. An alternative to dealing with the wireless scenario during new computer setup would be to disable the wireless adapter via BIOS or manufacturer keyboard shortcut (IF that is possible). When installing unfamiliar application software one has those as well as OS provided options.

    That's no joke. The bit about a Windows 8 box being better fit for target practice than computing, well, that was sort of a joke. Not entirely.

    BTW..."As for concerns over the leakage of material via SSLv2.0, Microsoft said that it will not use this protocol with Windows 8 and that SmartScreen does not support that version. Kobeissi notes that 14 hours after he posted about the issue a new scan of the servers showed no SSlv2 support, although he stands by his original findings." via The Register.
     
  9. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Good to hear they removed SSLv2 support. So the real issue has been solved within a day, and the OS hasn't even released, good stuff.
     
  10. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    LOL. Even I must give you points for that try :)
     
  11. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    276
    Location:
    SE Asia
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Sorry, I don't argue with paranoid FUD spreaders so feel free to spout out nonsense until your hating heart is content, but I'll give you no points for that try.

    Also like I stated earlier, the only other way to do this is with a local database:

    Unfortunately the researcher conveniently ignores (as I pointed out) that this would be extremely impractical. If it was practical, there would be no need for cloud AV/reputation systems as they would all be locally stored.
     
  13. jonyjoe101

    jonyjoe101 Registered Member

    Joined:
    May 23, 2012
    Posts:
    29
    Location:
    united states
    just because we are paranoid doesn't mean there really isn't someone out there who is trying to get us. Trust no one is my motto. I already know microsoft is trying to spy on us, little story's like this just reinforce my gut feeling. The more they try to tell us that there simple "reporting" software is there to help us, the more I feel suspicious.
    I'm not trusting like some of you, If someone points out something suspicious, too me that's all the proof I need. I won't be an early adopter of windows 8 until it proves itself to be safe.
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    My post isn't directed at people like you, it's directed at those that make it their mission to spread FUD. Be as untrusting as you want, I'm quite untrusting of Google myself, however, I don't go around spreading FUD about them that's based on nothing other than gut feeling. There is no evidence here to suggest malicious intent any more than there is evidence to suggest that security software vendors have malicious intent.
     
  15. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    There has to be some basic fundamental level of trust or you wouldn't be using Windows at all... you'd be on Linux or a Mac or some other alternative..
     
  16. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I take that like you do trust the OS and OS developer that you are using right now to 100%, what OS that may be.....:rolleyes:
     
    Last edited: Aug 26, 2012
  17. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    When 8 asked me for the first time, if I want to have SmartScreen on, I read about it and I turned it off. All is pretty much explained here: SmartScreen Filter FAQ.
     
  18. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Exactly, turn smartscreen off, done.
    Mrk
     
  19. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    FWIW for anyone is trying to look at this, I tried to find published samples/info sufficient for study. One from http://news.ycombinator.com/item?id=4427008 posted to https://gist.github.com/3448961 with some decoding:

    Code:
    POST /urs.asmx?MSURS-Client-Key=NVMU7wXXXvr+sBw/6wmCzw==&MSURS-MAC=esVXvXXX0NE= HTTP/1.1
    Accept: text/*
    Content-Type: text/xml; charset=utf-8
    User-Agent: VCSoapClient
    Host: urs.microsoft.com
    Content-Length: 435
    DNT: 1
    Cache-Control: no-cache
    
    <RepLookup v="4">
     <G>7A7E08C8-3FF5-45F2-873D-A84D669DCXXX</G>
     <O>DC54AF8F-4219-4BDD-9EFA-DE9C6E10AXXX</O>
     <D>10.0.8110.6</D>
     <C>10.00.9200.16384</C>
     <OS>6.2.9200.0.0</OS>
     <I>9.10.9200.16384</I>
     <L>en-US</L>
     <RU>http://www.drivesnapshot.de/en/idown.htm</RU>
     <RI>0.0.0.0</RI>
     <R>
       <Rq>
        <URL>http://www.drivesnapshot.de/download/snapshot.exe</URL>
        <O>PRE</O>
        <T>DOWNLOAD</T>
        <HIP>0.0.0.0</HIP>
       </Rq>
     </R>
     <WA/>
    </RepLookup>
    
    HTTP/1.1 200 OK
    Cache-Control: private, max-age=0
    Content-Length: 242
    Content-Type: text/xml; charset=utf-8
    Server: Microsoft-IIS/7.5
    Date: Fri, 24 Aug 2012 10:12:26 GMT
    Connection: close
    
    <RepLookupResponse>
     <RepLookupResult>
      <Rs>
       <M>www.drivesnapshot.de/download/snapshot.exe</M>
        <C>UNKN:100:1:1</C>
        <R>1:1</R>
        <L>10080</L>
        <S>0</S>
      </Rs>
     </RepLookupResult>
     <Y>100</Y>
     <T>DC54AF8F-4219-4BDD-9EFA-DE9C6E10AXXX</T>
     <E>0</E>
    </RepLookupResponse>
    
    Which appears to be the type triggered by downloading a file.

    A partial from http://www.withinwindows.com/2012/08/24/thoughts-on-the-windows-smartscreen-scare/ with some decoding:

    Code:
    <Rq V="1.2">
      <RqT>0</RqT>
      <App>
        <FName>SameGame.exe</FName>
        <FHash>d3ff5939726c9f8fa6e514fb65eb470a1f9ec7a65b2706732a03749226c2520</FHash>
        <Sig>0</Sig>
        <Sz>45056</Sz>
        <M>1</M>
        <SR>100</SR>
      </App>
      <ID>0F98AD9C-D498-42B3-B421-E6C97A8E6XXX</ID>
      <G>B68802CA-B396-4773-8FD9-EEECA4DE6XXX</G>
      <L>en-US</L>
      <OS>6.2.9200.0.0</OS>
      <I>9.10.9200.16384</I>
      <C>10.00.9200.16384</C>
      <DJ>2</DJ>
    </Rq>
    
    Appears to be the type triggered when running the program from http://samegamexna.codeplex.com/. Based on other info I think that extract may have been from a request to w.apprep.smartscreen.microsoft.com.

    Note: Where you see XXX that's me being conservative with the info they posted in full.

    I was hoping to find a full request/response for the later type and also a known request/response for non-download related URL checking. Having full samples of each variant **from the same machine/account** would be useful. If anyone does capture or come across such please let us know.

    Someone posted verbage they could access when doing an express install ( http://slashdot.org/comments.pl?sid=3070309&cid=41111521) which comments on something privacy oriented people would be looking for: "Windows SmartScreen randomly generates a number called a GUID that is sent to Microsoft with your SmartScreen usage data. The GUID lets us determine which data is sent from a particular PC over time.".
     
  20. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    Windows 8 privacy complaint misses the forest for the trees - Malware-detecting SmartScreen unfairly tarred as violation of user privacy.

    ...

    http://arstechnica.com/information-...cy-complaint-misses-the-forest-for-the-trees/
     
Loading...
Thread Status:
Not open for further replies.