Windows XP Shows the Direction Microsoft is Going (2003 article)

Discussion in 'privacy general' started by Jim Verard, Jun 12, 2007.

Thread Status:
Not open for further replies.
  1. Jim Verard

    Jim Verard Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    205
    http://metabolik.hacklabs.org/alephandria/txt/jennings_windowsXP_en.htm

    According to this old article, is really simple to verify, by using a firewall, how Windows XP tries to do about 16 different connections - not authorized - with Microsoft computers.

    Some connections could be identified, like the one who tells Microsoft what DVDs are being played on your computer (did someone authorize them to know that?), and other who allows even the remote control of machine (I, Robot?); in other cases, however, was not possible to determinate the reason of connection.

    There are only two ways to verify the existence of spies hidden on computers and machines like printers (remember the article "Is your printer spying on you" from EFF — Electronic Frontier Foundation who says every printer has some system who may identify his owner?), the reverse engineer (forbidden on several countries), and the opening of source-code from softwares, which gives you freedom to depurate and recompile them.

    The first alternative is practically impossible. The amount of data and chances of hiding using strong cryptography, for example, plus these kinds of activities, by terms of license or laws, makes no other choice but drop this possibility.

    The second alternative seems to be the only effective way to provide results. Making a choice for free or open-code softwares it's more than an ideological or economic choice - it's a necessity for those who needs security and transparency.
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I was writing my firewall tutorial about the time I purchased my laptop with WinXP (my desktop has Win2K) and I monitored very carefully the outbound attempts. For XP there were four:

    1) Generic Host Process for Win32 Services: this is necessary for DHCP and DNS


    The following were not necessary for my set up so I created a block rule for each:

    2) IGMP to MCAST.NET - which allows internet hosts to participate in multicasting.

    3) UDP via port 1900 - Universal Plug N' Play (UPnP)

    4) UDP - time.windows.com for clock regulation

    I've never gotten an alert for any of the other items in that list except WinMediaPlayer which I just block.

    Most other media players also attempt to connect to their site.

    Other software has been found to attempt to connect to their site. So MS isn't the only one who does it.

    regards,

    -rich

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
  3. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Do you folks dislike hardening windows or what?
    A properly hardened system wouldn't be making those silly connections. Shut it all down baby, just because MS shoves things down our throat doesn't mean we gotta swallow.
     
  4. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    You'll enjoy this one:
    http://mepislovers.org/forums/showthread.php?p=55364
     
  5. Jim Verard

    Jim Verard Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    205
    Haha, that's funny. :D

    I wonder if there's some sort of investigation not only about what all Windows unauthorized connections can possibly do, but every software available on the market.

    What about firewalls? You can't block their own unauthorized access to the internet while you're connecting. What seems most dangerous is the fact that you prove the existence of hidden source codes on systems placed by government requests or by companies.

    It is possible, we can be sure, that our printers connected by network are not sending informations to other places?

    And even a software far more complex than a printer, like a text editor, Excel, or operational systems can't do the same things?

    How do you know there's no spies hidden on each computer, leaving thin marks to be read by those who know the correct code?

    How you may guarantee a country's supremacy, while they can be sending, without any knowledge, privileged informations to others?

    Regarding the article "Is your printer spying you", it was announced, on October 17, 2005, by the EFF — Electronic Frontier Foundation that many printers bring a hidden system that may identify herself and all papers she ever printed. The result of this research may find here:

    http://www.eff.org/Privacy/printers

    The EFF is one of the most recognized institutions of privacy defense of electronics, working since 1990. It's well know by his articles about privacy protection and civil rights throughout the world. It's the company who supports TOR.

    Resuming what the article says: it was discovered that all pages printed by many printers, from many models, are leaving, using a "stealth camouflage", a code that shows informations about the machine which is being used, like his serial number and the date of your print.

    The list of all printers which this code could be found was available here:

    http://www.eff.org/Privacy/printers/list.php.

    It's a huge list and includes printers from several models like Brother, Epson, HP, Canon, Dell, Lexmark, Xerox, etc.

    EFF's text begins that way: Imagine if all printed pages that you can generate may identify, by using a secret code, what printer and the date of this action, and, potentially, who print that page?

    We should note that all printers that uses ID codes are doing that by using the best possible camouflage. Usually, in order to find that kind of code, you need to increase the image 10 to 60 times and put her on blue light, to find out the yellow dots. That means their original intention wasn't let normal users to find out the code.

    And the worst thing about this: this system was inserted by pression of the american government, according to EFF. Their intention can't be other than identify who's printing texts, even if they are anonymous.

    The issue from common users, and every people, is huge, since many cases can ended badly, how you may identify who is doing one anonymous tip, some sort of guest from a public contest which doesn't requires any kind of ID documents, or even any simple document, in cases that the author wishes not being identified.

    When some printer is bought, his serial number goes to guaranty and order of payment papers, making very simple to identify all documents printed by her.

    The two great concerns of EFF are: a) the confirmation of existence, from hidden agreements between the government and companies in order to promote illegal espionage; b) the fact that there's no law to prevent this kind of action in U.S.

    How we are going to dismiss, based on these allegations, violations of intimacy and private lifes by some sort of insertion of a hidden code on printed pages, without the knowledge of his own users? How we may defend that some ID code placed on papers sent by some sources from his newspaper, which have his own work protected by the Constitution, free from this kind of violation (the most important)?

    Anonymous tips/warnings about drugs, pedophiles and other crimes should be, from systems discovered by EFF, identify all people for police and criminals if they have access to these printed documents.
     
Loading...
Thread Status:
Not open for further replies.