[IP] Data sent to Microsoft by "Windows Update" (fwd)

Sean McGrath sean at manybits.net
Thu Apr 17 20:06:49 EDT 2003


From: Dave Farber <dave at farber.net>
Subject: [IP] Data sent to Microsoft by "Windows Update"
To: ip <ip at v2.listbox.com>
Date: Thu, 17 Apr 2003 17:35:05 -0400


------ Forwarded Message
From: George Sadowsky <george.sadowsky at internews.org>
Date: Thu, 17 Apr 2003 16:56:46 -0400
To: Dave Farber <dave at farber.net>
Subject: Data sent to Microsoft by "Windows Update"

Dave,

I may have missed your picking this story up, but if you didn't, it
may be of interest to the IP list.  The summary below was prepared
for our use by my colleague, Robert Horvitz.

George Sadowsky

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

http://www.tecchannel.de/betriebssysteme/1126/

Folks, this is a bit off-topic, but it relates
to an important privacy issue.

Mike Hartmann in Germany has written a very
interesting report about the data that Microsoft
extracts from your computer after you activate
the "Automatic Windows Update" option.

The data is sent to Microsoft through an
encrypted channel, but Hartmann figured out how
to find and read the data before it is encrypted.

The first six pages of his report are free in
either English or German at the URL above.  To
get the full article, you are supposed to pay
0.60 euros...but thanks to the fact that someone
in Portugal bought it and put it on a server
which Google indexed, you can read the full
article in English in Google's cache of HTML
conversions from PDF originals:

http://216.239.33.100/search?q=cache:YOIoKNeVn6UC:mega.ist.utl.pt/~vfp
/windowsupdate.pdf&hl=en&ie=UTF-8

To summarize, Windows Update sends Microsoft
a complete list of all the hardware devices
installed in your computer - make, model and
driver version.  It also sends a registry
subkey listing the vendor of every software
package installed on your computer.  And
finally, it sends a digitally signed product
code that seems to enable Microsoft to deny
updates to people using pirated copies of
Windows.  The datastream appears to support
additional capabilities that are not yet
activated.

The tools that Hartmann used to analyse Windows
Update can be downloaded from his website for
only 4.90 euros.  But he warns that since these
techniques are now known to Microsoft, "It is
likely that an update, e.g. a new service pack
or a hotfix, will change this behavior and
therefore render the tools unusable."


----------


-------------------------------------
You are subscribed as sean at manybits.net
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list