Microsoft Spying???
- Thread starter Bozo
- Start date
ddrueding
Fixture
There is a bigger question here. Was this update "pushed" from the server? Or do all XP/Vista machines "phone home" from time to time, checking for updates anyway. Although they are both scary, I am really worried if a server on the internet can push files to my computer and have them installed without my knowledge.
Mercutio
Fatwah on Western Digital
Well, the answer to that question is obviously yes, dd.
They can push anything they want onto a Windows machine and there's nothing you can do to stop it except unplug from the internet or block traffic to Microsoft domains on your client machines.
They're saying it's a major update to Windows Update, and I guess in a way it makes sense that they would need a mechanism for upgrading that even if the client *isn't* taking other updates, but I really despise the implications of that sort of activity.
They can push anything they want onto a Windows machine and there's nothing you can do to stop it except unplug from the internet or block traffic to Microsoft domains on your client machines.
They're saying it's a major update to Windows Update, and I guess in a way it makes sense that they would need a mechanism for upgrading that even if the client *isn't* taking other updates, but I really despise the implications of that sort of activity.
ddrueding
Fixture
I would so love to get linux on the desktop at some of my clients, but too many of them have special windows-only apps to deal with. Going to an unsupported configuration (wine) is just unthinkable.
Well, I checked my machines and none of them have the update. They run all the time; have been constantly attached to the internet during the suspected time period; and they also have update turned off. So if M$ was actually doing this, I would have expected to see it...
I find the concept of uploading unauthorized content to be reprehensible, to the extreme and I would expect others to feel the same way. Then there are the liability issues, if the update did harm to some. I would think that the liability issues alone would effectively prevent M$ from such an action.
There there is the potential, that if M$ can do it, then there is nothing really stopping some lone hacker from doing the same other than the secret of how and secrets are notoriously hard to keep. All it would really take is for someone to be recording the network traffic as it was happening to them. Whatever key used to access the system could undoubtedly be decoded and then used, with some DNS spoofing (so the phone home signal goes to the hacker rather than M$), in a less than noble cause which in the end could potentially bring Microsoft to their knees. Even Microsoft could not withstand the public uproar if they were implicated in such an attack.
I find the concept of uploading unauthorized content to be reprehensible, to the extreme and I would expect others to feel the same way. Then there are the liability issues, if the update did harm to some. I would think that the liability issues alone would effectively prevent M$ from such an action.
There there is the potential, that if M$ can do it, then there is nothing really stopping some lone hacker from doing the same other than the secret of how and secrets are notoriously hard to keep. All it would really take is for someone to be recording the network traffic as it was happening to them. Whatever key used to access the system could undoubtedly be decoded and then used, with some DNS spoofing (so the phone home signal goes to the hacker rather than M$), in a less than noble cause which in the end could potentially bring Microsoft to their knees. Even Microsoft could not withstand the public uproar if they were implicated in such an attack.
Bozo
Storage? I am Storage!
To me it's an envasion of privacy. No different than breaking into my home.
Bozo :joker:
Bozo :joker:
Fushigi
Storage Is My Life
This is still a pull & not a push. No one, not even the almighty House of Bill, can start a connection to systems behind a firewall & using NAT. The client system has to initiate a connection to the mother ship.
That said, the problem is that it's a push against our will. There have been several times over the years when Windows Update has required an updated version to run; I see no reason why this needed to be treated differently. MS had other options but chose to do something that's being perceived as invasive. Shame on them.
That said, the problem is that it's a push against our will. There have been several times over the years when Windows Update has required an updated version to run; I see no reason why this needed to be treated differently. MS had other options but chose to do something that's being perceived as invasive. Shame on them.
Mercutio
Fatwah on Western Digital
The "stealth update" breaks the ability to install old Windows Updates after a repair install of Windows.
In case you were wondering why your updates are failing.
In case you were wondering why your updates are failing.
Bozo
Storage? I am Storage!
ddrueding
Fixture
Just leaving the door open wouldn't be enough; most of us have other "doors" between our workstations and an outside IP (firewalls, NAT, etc). It has to be something sent from the OS out. Has anyone done a study to find all the traffic that a stock OS sends out? It would be interesting to see. Perhaps my Linux skills are now up to the task...