"Built-in Vista probing tools exposed"

[NoobyDoo]

Built-in Vista probing tools exposed

Softpedia Link

A report on Softpedia has revealed more than 20 different Vista features and services that harvest user data for Microsoft and (dare I say it) to the software giant's credit, it makes no secret about the fact Windows Vista is gathering information.
...
However, what's disappointing is the fact that Microsoft has admitted that the list provided under the Windows Vista Privacy Statement is far from exhaustive. Indeed, Softpedia says that there are another 47 Windows Vista features and services that collect data. Not all of these phone home, but the report claims that around 50 percent of these items do contact Microsoft.

 

[Brazen]

from the article:

the company reveals that it can use the data it collects against you if it wanted to, or was forced to.

from Microsoft:
"Balmer needs a scalp transplant so we are going to charge a little bit to all the credit cards we've collected. You have already agreed to this."

 

[AnitaPeterson]

I saw the news earlier today.

Frankly, I'm surprised at the lack of response from the AT community, as well as the "meh!" attitude surrounding this information in general...

 

[Nothinman]

I say 'meh' because if this comes as a surprise to you then you haven't been paying attention. Some of the stuff is disturbing but a lot of the stuff like having to tell WU about the type of hardware you just plugged in for it to see if there's a driver available is common sense. And I really doubt inane stuff like that is logged by MS but even if it is, who cares if they know that you just bought a new video card?

Things like this are part of the price you pay above and beyond the sticker price of closed source software.

 

[soonerproud]

A lot of Linux distros also collect information on the user and phone home. The biggest difference is most allow you to opt out unlike Windows. However, if you are using any third party applications, (Google Desktop for instance.) your information is being logged regardless of the platform it is on.

Don't forget that every website you visit your ip is logged. Search engines also collect data on you every time you use them. So if you are that concerned about your privacy then my suggestion would be to run Linux and never connect to the internet.

 

[Nothinman]

A lot of Linux distros also collect information on the user and phone home.

Like what?

 

[bsobel]

Originally posted by: AnitaPeterson
I saw the news earlier today.

Frankly, I'm surprised at the lack of response from the AT community, as well as the "meh!" attitude surrounding this information in general...

The news was an attempt to sensationalize a non-issue. They are suggesting that automatically downloading new drivers (for example) for a user is a bad thing. Users WANT this to occur. I'd love to hear a scheme that involves end user A plugging in new device X and getting the right drivers without having to tell driver server what X was.

Some of the other examples are just as ridculous, such as error reporting. Guess what, error reporting is one of the primary reasons that XP and Vista are so stable. Fixes get made faster. And, of course, you can opt out. As someone who gets those bug reports, they arent used to spy on anyone, they are used to fix bugs and multi driver incompatibility issues.

Most of the other issues where just as silly. The 'big ones' like Windows activation are well known and shouldn't have been a surprise to anyone.

 

[nova2]

one can block most or all of this using a decent firewall or firewall at their internet gateway and one doesn't even need to utilize the MS windows update service if they download patches manually or use http://autopatcher.com/ and perhaps even windizupdate

as for other people who knowingly allow this stuff without blocking it, well its their choice.

 

[ViRGE]

The whole article is rather FUDish, they talk about programs sending data without explaining what's being sent and why. Given proper context a lot more things make sense (this is ripped from Slashdot)

The things that get transmitted are:
1. Activation info. Well, duh.
2. Windows Update. -do-
3. Auto Root Update. Updates the list of trusted certificate authorities. You know, Verisign etc.
4. Windows Media DRM. Not an issue if you don't use DRM files, and no, information isn't transmitted every time you play the song.
5. Windows Media Player. To download album art/track names. Again, no different from other players. Easy to disable completely.
6. Malicious Software Removal. What's the problem if info is transmitted to Microsoft that you had an infection and it was cleaned? Non-issue. You can choose not to use it at all.
7. Network Connectivity Status Icon. This doesn't TRANSMIT anything except the HTTP request. It just downloads a small page to check if the Internet connection is working. Easy to disable, no problem.
8. Windows Time Service. Syncs time. Again, what's the problem? It's easy to disable if you really have a problem.
9. Problem reports. It asks you very clearly if data is to be sent to Microsoft, and asks you again if you want to send personal data. And reporting problems is good.
10. Games. Come on, it downloads fucking info and covers.
11. Event Viewer. Data is sent only when you specifically REQUEST for more online help. http://technet2.microsoft.com/WindowsVista/en/libr ary/28cd5e13-e955-4941-91d9-fec2525e96c71033.mspx? mfr=true [microsoft.com]
12. Customer Experience Improvement Program. Microsoft *SPECIFICALLY ASKS YOU* if you want to opt-in. Once you say no, it never asks you again.

 

[RebateMonger]

I don't see anything new here.

Personally, I just want the software to work reliably. Most of that data collection seems to be slanted towards that goal. Although I wish that the copy protection stuff wasn't needed, it's obvious why Microsoft feels it's necessary.

As noted, most of the data collection can be turned off or blocked if you really feel the need.

There's a lot of "evil" data collection going on in this world, but most of it is by governments and criminals. Microsoft's efforts pale in comparison.

 

[masteraleph]

When Slashdot is the rational voice on something, you know the world's gone crazy. The article is FUD.

 

[soonerproud]

Originally posted by: Nothinman
<div class="FTQUOTE"><begin quote> A lot of Linux distros also collect information on the user and phone home. </end quote></div>

Like what?

Mainly hardware and system information so that the distros can keep track of what is and isn't compatible. Ubuntu has been doing this for quite some time now as do many of the major distros. Ubuntu allows you to opt out but I believe Suse does not. (I could be wrong about Suse but I have not found the opt out option personally.)

 

[Nothinman]

Mainly hardware and system information so that the distros can keep track of what is and isn't compatible. Ubuntu has been doing this for quite some time now as do many of the major distros. Ubuntu allows you to opt out but I believe Suse does not. (I could be wrong about Suse but I have not found the opt out option personally.)

I've only installed Ubuntu once or twice but I don't remember it ever asking to send any hardware information back to Canonical.

 

[soonerproud]

Originally posted by: Nothinman
<div class="FTQUOTE"><begin quote> Mainly hardware and system information so that the distros can keep track of what is and isn't compatible. Ubuntu has been doing this for quite some time now as do many of the major distros. Ubuntu allows you to opt out but I believe Suse does not. (I could be wrong about Suse but I have not found the opt out option personally.) </end quote></div>

I've only installed Ubuntu once or twice but I don't remember it ever asking to send any hardware information back to Canonical.

It is an option in the menu. That is why I said you can opt out on it.

 

[HannibalX]

Originally posted by: ViRGE
The whole article is rather FUDish, they talk about programs sending data without explaining what's being sent and why. Given proper context a lot more things make sense (this is ripped from Slashdot)

<div class="FTQUOTE"><begin quote>The things that get transmitted are:
1. Activation info. Well, duh.
2. Windows Update. -do-
3. Auto Root Update. Updates the list of trusted certificate authorities. You know, Verisign etc.
4. Windows Media DRM. Not an issue if you don't use DRM files, and no, information isn't transmitted every time you play the song.
5. Windows Media Player. To download album art/track names. Again, no different from other players. Easy to disable completely.
6. Malicious Software Removal. What's the problem if info is transmitted to Microsoft that you had an infection and it was cleaned? Non-issue. You can choose not to use it at all.
7. Network Connectivity Status Icon. This doesn't TRANSMIT anything except the HTTP request. It just downloads a small page to check if the Internet connection is working. Easy to disable, no problem.
8. Windows Time Service. Syncs time. Again, what's the problem? It's easy to disable if you really have a problem.
9. Problem reports. It asks you very clearly if data is to be sent to Microsoft, and asks you again if you want to send personal data. And reporting problems is good.
10. Games. Come on, it downloads fucking info and covers.
11. Event Viewer. Data is sent only when you specifically REQUEST for more online help. http://technet2.microsoft.com/WindowsVista/en/libr ary/28cd5e13-e955-4941-91d9-fec2525e96c71033.mspx? mfr=true [microsoft.com]
12. Customer Experience Improvement Program. Microsoft *SPECIFICALLY ASKS YOU* if you want to opt-in. Once you say no, it never asks you again.</end quote></div>

I agree. This sounds like a lot to do over nothing.

I think the people who are worried about this the most are those who run illegal software.

 

[Markbnj]

Looks like the usual "Microsoft is teh evil" dashdot article to me.

 

[nweaver]

Ubuntu does have a manual detection, which is "opt out" because it's not automatic. Debian does have their popularity contest, but it asks and offers an opt out option during install time, that is clear about what it's sending/for.

Other then those two, I've not found anything in linux that's not 3rd party (such as google apps) that "phones home"

edit: Not Linux, but I forgot that NTOP has a version check/report so that the maintainers have a list of what versions are being run the most. It's on by default (or was in one of the oder versions, not sure about the modern 3.2/3.3) but could be disabled with a switch.