[Dshield] traffic towards Microsoft

jayjwa jayjwa at atr2.ath.cx
Fri Feb 6 15:26:42 GMT 2004

On Thu, 5 Feb 2004, Chuck Lewis wrote:

> Are these Windows XP ? I've heard some time back that XP like to "talk back"
> to the "Mother Ship"...

See the attachment.

Of course, die-hard Windows fans deny this up and down.

Once, I was on IRC at Undernet. There, there's a channel, #windowsxp. It's
ruled by "puppet". Apperently, he was booting people from the channel
because of illegit Windows XP copies. I wondered about this, and asked the
group if they could really tell which version of Windows you were using;
puppet said yes, they can tell alot about your system. So I ask him to
tell me which version of Windows I run (I don't...I wouldn't be caught
dead running Windows). He didn't answer. I asked the group if they were OK
with the fact that this guy, who no one even really knew, seemed to be
able to tell an awful lot about your Windows-based system. They thought
about it, then the replies came. They began to ask more about it, and
became suspect of Windows being see-thru. I scrolled to another
channel...needless to say when I returned, I had been kick-banned out of
#windowsxp by puppet :`( complete with a nasty comment/reason after it
that's not printable for a public forum. Hmmm...hit apon a sore spot, did

Most people will generally say that MS doesn't look at your personal stuff
(how do they know, really?), but the _technology_ and _means_to_do_it_ are
certainly there. Back when I ran Windows, I had a 3rd party firewall that
blocked in AND out- both directions. Take a wild guess what was trying to
connect out, and to where it was going. ;-)

(Please note, I'm not attempting to slander MS, only report on what I've
experienced, seen and heard. People deserve to know about the system that
is controlling their computer, so that they may make their own choice.)

-------------- next part --------------
   This news article was copied verbatium from Geek.com at

   and details what I've already suspected and stated countless times before-
   that Micro$oft is playing BigBrother at its Windows Update Sites.

   posted 9:43am EST Wed Feb 26 2003 - submitted by J. Eric Smith


   The difficulty of keeping up with the endless flow of patches and fixes
   coming from Microsoft has long been a reason for the poor security
   administration worldwide of its products. To address this concern,
   Microsoft rolled out its Windows Update service several years ago to much
   fanfare. Finally, ordinary users could go to a single Web page and it
   would download all the patches and install them automatically. What could
   be better?

   Privacy advocates took issue, though, with the possibility for sensitive
   data to be passed to Microsoft during the update procedure. Microsoft's
   verbage on the update site indicates that no personal data is being sent
   to Microsoft, but German researchers at tecChannel were a bit perplexed at
   the amount of data flowing not into your computer from Microsoft, but out
   of it to Microsoft. So, they analyzed the packets to see what was going

   As it turns out, packet analysis is useless, as the stream is encrypted
   via Secure Sockets Layer (SSL). However, using an undocumented Windows
   feature, tecChannel was able to get around this and view the raw data. The
   results were alarming. Embedded in the data stream were lists of what
   software you have installed on your PC--and not just Microsoft products.
   Apparently the folks in Redmond can find out just what you've got
   installed on your PC, all without you ever knowing about it or explicitly
   consenting to it.

   You can head over to tecChanel.de for the full story (subscription

More information about the list mailing list