Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Examining Microsoft Update

michael posted more than 11 years ago | from the policy-of-no-privacy dept.

Microsoft 805

eggsovereasy writes "The Inquirer is reporting that a group in Germany has deciphered the information sent to Microsoft during an update using Windows Update and says that information on all software installed on your computer is sent, even that which is not Microsoft's own software." The original article is, unfortunately, pay-per-view. Update: 02/26 18:19 GMT by T : ionyka points to this "related article from ITWorld that deals with Microsoft's transferring of information through Windows Media Player. When you open up Media Player it sends information back to Microsoft like what movies you play, what songs you listen to and where they come from."

cancel ×

805 comments

Sorry! There are no comments related to the filter you selected.

ME FIRST? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386390)

HAHA. NO FAIL HERE!

Re:ME FIRST? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386394)

I beat you, fuckar

Whore Whore Whore (-1, Offtopic)

Real World Stuff (561780) | more than 11 years ago | (#5386396)

And another whore. You asspugilists.

Hiya mikey...A/S/L

fsdf (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386397)

first post!

Surprise, surprise... (2, Insightful)

stevenbdjr (539653) | more than 11 years ago | (#5386399)

I mean really, did anyone actually think M$ only collected information about patches? It seems like any chance they get to know more about you, or your "computing habits", they're going to take it.

Re:Surprise, surprise... (1, Troll)

wilstephens (535110) | more than 11 years ago | (#5386536)

Microsoft needs to collect this information for driver updates and other *useful* updates.

Only last night I tried to install a wirless USB interface onto a laptop and didn't have the drivers so I headed onto windowsupdate.microsoft.com with the USB adapter dangling out the back and bam! there was a driver there ready for me to download. Excellent.

Fast. Easy computing. That's why I pay for my software...

Re:Surprise, surprise... (0)

Anonymous Coward | more than 11 years ago | (#5386575)

oh, manufacturer's website --> drivers and bam! there is your driver...
Never confuse "Fast, Easy Computing" with "Lazy_ass_user computing".

Haha (5, Interesting)

mao che minh (611166) | more than 11 years ago | (#5386402)

Remember the little "No information is being sent to Microsoft at this time...." message during updates? Wait, why am I laughing?

Re:Haha (5, Funny)

duckpoopy (585203) | more than 11 years ago | (#5386502)

Their defense: The information is sent right before this message appears.

Re:Haha (0)

Anonymous Coward | more than 11 years ago | (#5386504)

That was only displayed when retrieving the list of available updates. Downloading the updates offered no such assurances. Of course, I'm not sure anymore, since I only use the RedHat update tool lately.

Re:Haha (4, Insightful)

Ian Wolf (171633) | more than 11 years ago | (#5386507)

A cow-orker of mine actually argued with me one day that "No Information" really meant nothing, nada, zilch was sent back to MS.

I should have taken him out back and beaten him with a frozen salmon. Hello!? How do they know what patches you need if they can't look at your system and tell their servers what you've already got.

The fact that the program takes the time to rifle through the system is of no surprise to me. While, I think the practice stinks it hasn't stopped me from using the service though. Given the choice between MS finding my installation of UT2003 or some script kiddie looting my system, I'll choose the former.

Re:Haha (4, Insightful)

AyeRoxor! (471669) | more than 11 years ago | (#5386538)

"I should have taken him out back and beaten him with a frozen salmon. Hello!? How do they know what patches you need if they can't look at your system and tell their servers what you've already got."

They could send a complete list of available patches to your system and let the client running on your computer pick which ones are neccesary, without microsoft ever knowing what software you have installed. Granted, they could deductively determine what hardware you use based on what patches you then request, but since you can only download patches for microsoft software, the best they could do would be to determine what hardware and microsoft software you currently have installed.

Re:Haha (1)

VTg33k (605268) | more than 11 years ago | (#5386553)

Hello!? How do they know what patches you need if they can't look at your system and tell their servers what you've already got.

I don't understand your reasoning here... What would stop WU from simply downloading an XML list of all available updates? The applet could then compare this list to your computer's configuration, and act accordingly... There really is no reason that any data should have to be sent to MS.

Re:Haha (0)

Anonymous Coward | more than 11 years ago | (#5386560)

Doesn't it say "no PERSONAL information will be sent"?

Banzai said it best (0, Funny)

Anonymous Coward | more than 11 years ago | (#5386571)

"Evil! Pure and simple from the eighth dimension!"

Complete Breach of Trust (3, Insightful)

SUB7IME (604466) | more than 11 years ago | (#5386408)

Is this not a complete breach of the TOS that Microsoft offers when you sign up for Windows Update?

If not, it's at least a huge breach of trust, and users should not stand for it.

Re:Complete Breach of Trust (0)

Anonymous Coward | more than 11 years ago | (#5386501)

ROTFLMAO, you should go in for stand-up, you're a riot. "users should not stand for it", heh, that's going to keep me grinning all afternoon.

Re:Complete Breach of Trust (0)

oliverthered (187439) | more than 11 years ago | (#5386541)

But, gentoo what I'm using... Oh... Installed the package to do that.

wow (1, Funny)

matt4077 (581118) | more than 11 years ago | (#5386409)

They actually found out, that MS Update sends out all the data that (according to MS) it is supposed to send out.

In related news: green mice were found to be green and mice.

Makes sence (5, Funny)

Anonymous Coward | more than 11 years ago | (#5386411)

Trying to figure what other companies they should push out of business.

Pay per view? (-1, Informative)

mikeage (119105) | more than 11 years ago | (#5386413)

No it's not. Michael, please do a little thinking before you post... just try it, perhaps? Hint: Weiter means Next (or continue)... I'm reading the story quite well now...

Re:Pay per view? (0)

Anonymous Coward | more than 11 years ago | (#5386429)

until you reach the point where it says from her on out you got to pay us money.

Re:Pay per view? (1)

mikeage (119105) | more than 11 years ago | (#5386434)

Ok, yes, I forgot to mention this. The second part is... but you can get quite a good idea of what's going on from the first three pages... though I also have to question a group who won't release results unless you pay...

Re:Pay per view? (5, Informative)

Call Me Black Cloud (616282) | more than 11 years ago | (#5386447)

I made the same mistake...it is ppv...you can read freely until the heart of the article, then it's 1.99 (euro) for the rest.

until... (1)

mikey504 (464225) | more than 11 years ago | (#5386450)

you get to the meat of the article, where you will be asked to pay to keep playing.

Re:Pay per view? (0, Redundant)

brocheck (59415) | more than 11 years ago | (#5386460)

Yes it is, Mikeage. You can only read about three pages then it cuts out on you. Please do a little reading before you post... just try it, perhaps?

Re:Pay per view? (0)

Anonymous Coward | more than 11 years ago | (#5386466)

The detailed article and the programs are pay per view, but if you follow the link you will read 4-page descripton of their findings.

Re:Pay per view? (1)

incompetent_bitch (519780) | more than 11 years ago | (#5386467)

Yeah, you can get a little teaser, I just read it, but to get the complete article along with the tools, you have to pay 1.99 Euro. So yes, it is Pay Per View to get the complete thing, the link is for just a bit of info.

Re:Pay per view? (0)

Anonymous Coward | more than 11 years ago | (#5386474)

Yes it is. mikeage, please do a little thinking before you post... just try it, perhaps? Hint: You get a teaser but then the full article is pay-per-view. But it'd suck to actually visit the site before posting right?

Re:Pay per view? (2, Informative)

illtud (115152) | more than 11 years ago | (#5386479)

No it's not. Michael, please do a little thinking before you post... just try it, perhaps?

Yes, it is pay-per-view beyond a certain point, but the meat of the story is in the stuff sent back to MicroSoft, which they've updated to be free at this link here: http://www.tecchannel.de/betriebssysteme/1126/14.h tml [tecchannel.de] . It seems to be information on hardware in the machine. I'd like to see MicroSoft's response to this.

Re:Pay per view? (1)

tommyServ0 (266153) | more than 11 years ago | (#5386492)

On the last free page:

The following pages are restricted to users of our Premium service. If you are not member you can buy the externer Linkcomplete article as a PDF-file for Euro 1.99. Included you will find a complementary copy of the tools we used to find out what is going on with Windows Update.

So it isn't free.

Re:Pay per view? (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#5386496)

You, sir, are a jackass. LOL.

*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_
g_______________________________________________g_ _
o_/_____\_____________\____________/____\_______o_ _
a|_______|_____________\__________|______|______a_ _
t|_______`._____________|_________|_______:_____t_ _
s`________|_____________|________\|_______|_____s_ _
e_\_______|_/_______/__\\\___--___\\_______:____e_ _
x__\______\/____--~~__________~--__|_\_____|____x_ _
*___\______\_-~____________________~-_\____|____*_ _
g____\______\_________.--------.______\|___|____g_ _
o______\_____\______//_________(_(__>__\___|____o_ _
a_______\___.__C____)_________(_(____>__|__/____a_ _
t_______/\_|___C_____)/Insert\_(_____>__|_/_____t_ _
s______/_/\|___C_____)__Head_|__(___>___/__\____s_ _
e_____|___(____C_____)\_Here_/__//__/_/_____\___e_ _
x_____|____\__|_____\\_________//_(__/_______|__x_ _
*____|_\____\____)___`----___--'_____________|__*_ _
g____|__\______________\_______/____________/_|_g_ _
o___|______________/____|_____|__\____________|_o_ _
a___|_____________|____/_______\__\___________|_a_ _
t___|__________/_/____|_________|__\___________|t_ _
s___|_________/_/______\__/\___/____|__________|s_ _
e__|_________/_/________|____|_______|_________|e_ _
x__|__________|_________|____|_______|_________|x_ _
*_g_o_a_t_s_e_x_*_g_o_a_t_s_e_x_*_g_o_a_t_e_x_*_


Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Important Stuff: Please try to keep posts on topic. Try to reply to other people's comments instead of starting new threads. Read other people's messages before posting your own to avoid simply duplicating what has already been said. Use a clear subject that describes what your message is about. Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page) If you want replies to your comments sent to you, consider logging in or creating an account.

Re:Pay per view? (1)

mrtroy (640746) | more than 11 years ago | (#5386562)

hehe in the true spirt of a slashdotter you didnt read very far....once you get to the juicy part you have to pay!!!

"The following pages are restricted to users of our Premium service. If you are not member you can buy the complete article as a PDF-file for Euro 1.99. Included you will find a complementary copy of the tools we used to find out what is going on with Windows Update"

pay-per-view (5, Funny)

sys49152 (100346) | more than 11 years ago | (#5386418)

The original article is, unfortunately, pay-per-view.

How can we comment, if we can't read the article?

Oh, wait...

Suprised? (1)

kperrier (115199) | more than 11 years ago | (#5386421)

What, you are suprised?

Welcome to Earth, have a nice stay.

Kent

I FAILED IT (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386422)

i shouldve run update and got the new ultra psyware version of Internet Explorer (now with 110% more MSN!).

I am sad

Re:I FAILED IT (3, Funny)

guacamolefoo (577448) | more than 11 years ago | (#5386489)

got the new ultra psyware

Great! Where can I get psyware? I've been looking for a way to get rid of my mouse and keyboard. Dos it allow a USB 2.0 connection to my nervous system, or does it use 1394?

GF.

Re:I FAILED IT (5, Funny)

jetmarc (592741) | more than 11 years ago | (#5386552)

> or does it use 1394?

I think it uses 1984.

Oooh, psyware. (0, Offtopic)

IICV (652597) | more than 11 years ago | (#5386546)

Does it interact directly with your brain? Or does it just search your memory to see if you remember pirating any Microsoft products?

I wonder what Virtual PC sends ... (4, Insightful)

adzoox (615327) | more than 11 years ago | (#5386423)

I wonder what Virtual PC sends, whether it sends only the info in the Windows Drive image or everything on the Mac.

This may also be an alterior motive to Microsoft buying Virtual PC from Connectix last week. They want this same data from Mac Users. I imagine if it's not there then it will be added to read all partitions mac/Linux/PC

Knowing what your customers have on their hard drives is sensitive corporate data. Basically, you know the Hot or Not Programs in the industry and then develop programs based on their hard drive residency!

Pay per view? (-1, Offtopic)

Call Me Black Cloud (616282) | more than 11 years ago | (#5386424)

Funny, I was able to read the original just fine. I'm quite sure I haven't subscribed to any german on-line newspapers...at least since I gave up drinking.

Re:Pay per view? (1)

Call Me Black Cloud (616282) | more than 11 years ago | (#5386476)

I retract the above. It is ppv after a certain point (which is, right before the good part).

Ok, it's time for some Frenchie to make amends to the US and download and post the article.

doesn't this mean (1)

kraada (300650) | more than 11 years ago | (#5386425)

that if anybody can definitively prove that M$ is retrieving data about all programs installed that we could have a class action suit here? It does specifically say "No information is being sent to Microsoft" (or something similar) last time I checked (I do tech support . . . I'll check tomorrow next time I'm on a windows machine).

Re:doesn't this mean (1)

Ian Wolf (171633) | more than 11 years ago | (#5386537)

Have fun trying to convince a judge that you have damages in excess of a small claims court. Then try splitting any winnings with all those plaintiffs.

Its not worth the court filing fee.

Start counting... (-1, Offtopic)

genka (148122) | more than 11 years ago | (#5386426)


How long will it take before "Pay Per View" article will be posted here?

Re:Start counting... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386452)

1... 2... 3.. Profit! Doh'

EULA says they can take what they want (3, Insightful)

RichMan (8097) | more than 11 years ago | (#5386428)

According to the EULA for the latest versions of the OS Microsoft has the right to read any data you have stored on a computer which runs the OS.
Theoretically this includes data dumps of hard drive formats which the OS does not even support.

Re:EULA says they can take what they want (3, Insightful)

Nursie (632944) | more than 11 years ago | (#5386473)

Well yeah, they're going to make sure they cover their arses.
I thought this sort of outrage was already covered by the change in TOS brought in by WinXP SP1? (i.e. we will take whatever info we want from your machine, and if we don't like it we'll lock you out.)

Re:EULA says they can take what they want (4, Informative)

Ezrem (559493) | more than 11 years ago | (#5386494)

And where did you find that piece of info?

Direct from About Windows Update :

Windows Update Privacy Statement (Last Updated 10/15/2002)
Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of configuration information from your computer. None of this configuration information can be used to identify you. This information includes:

* Operating-system version number
* Internet Explorer version number
* Version numbers of other software for which Windows Update provides updates
* Plug and Play ID numbers of hardware devices
* Region and Language setting
The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

Windows Update also collects the Product ID and Product Key to confirm that you are running a validly licensed copy of Windows. A validly licensed copy of Windows ensures that you will receive on-going updates from Windows Update. The Product ID and Product Key are not retained beyond the end of the Windows Update session.

To provide you with the best possible service, Windows Update also tracks and records how many unique machines visit its site and whether the download and installation of specific updates succeeded or failed. In order to do this, the Windows operating system generates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any personally identifiable information and cannot be used to identify you. Windows Update records the GUID of the computer that attempted the download, the ID of the item that you attempted to download and install, and the configuration information listed above.

Hardly "We can scan your computer for any information we want, and there's not a damned thing you can do about it!" as you've implied.

Re:EULA says they can take what they want (5, Informative)

leviramsey (248057) | more than 11 years ago | (#5386565)

Read the parent comment.

This isn't Windows Update he's talking about, it's the EULA for recent versions (XP, IIRC) of Windows.

Re:EULA says they can take what they want (4, Interesting)

gmuslera (3436) | more than 11 years ago | (#5386515)

The EULA also says that they can delete what they want (at least what they say that violates DRM, and their sofware is not know to be very intelligent), and have others that says something like they own all what you transmit thru they servers...

In fact using their software (and then accepting the EULA) is like simply close your eyes and pray that the big depredator which is in front of you isn't hungry right now, and will not be all the long time you be there.

Tell MS What you think, apparently... (0, Troll)

airrage (514164) | more than 11 years ago | (#5386433)

Just got this in the mail, you may want to pass along to tell 'em what you think....?

You can have a significant impact on what Microsoft does in the near future by filling out a brief survey.

Microsoft wants to tailor its efforts to address the issues that challenge you every day. To do that, we need your input. Our highest priority is to understand your needs better, and that's why we selected you to receive this survey.

The Gartner Group has conducted extensive research on mid-sized companies across the country and published what they believe are the top priorities for the near future. This is valuable, but we need to know if it reflects your plans. Microsoft wants to give you the tools you really need.

Microsoft will be happy to thank you for taking this survey by entering your name in a drawing for one of 25 brand new copies of Office XP Standard Edition.*

Please click here to input your survey response.
Link is here (update your email in the link): http://reply.mst1.com/link.asp?L=100167&E=email_id @Domain.com

*Limit 1 per customer. Valid only for the original recipient of this email. Response must be received by March 25, 2003.

Enjoy!

Half the article is available..... (1)

Elvisisdead (450946) | more than 11 years ago | (#5386436)

the last half with all of the technical details is 1.99 euro. The first half is really enough to get the gist.

Really... (1)

cpuenvy (544708) | more than 11 years ago | (#5386440)

Is this some big suprise to anyone? "This is done without sending any information to Microsoft." Sure...

/Tin Foil Hat Off (5, Insightful)

GLX (514482) | more than 11 years ago | (#5386442)

The reason why it sends info about other applications (and third party drivers for that matter) is so that they can attempt to be a single-source vendor of patches if needed.

While the intentions may not be all that honest, it's not a horrible idea. I've noticed numerous times when running Windows Update that it's offered to upgrade my Cisco Wireless LAN software as well as my Epson print drivers. Kind of nifty and not all that bad, if you ask me.

Re:/Tin Foil Hat Off (4, Insightful)

Atzanteol (99067) | more than 11 years ago | (#5386526)

But why must this be done on the server, and collected at Microsoft? Can't the client download a list of what MS has for updates, and decide what the local system has?

Indeed! (0)

Anonymous Coward | more than 11 years ago | (#5386548)

Using up2date, or browsing the errata site, I can have my computer chock full of updates for software that wasn't created or worked on by RedHat.

I expect most other Linux distributions are the same.

Now, isn't this what we want? Sure, Microsoft has let loose some pretty horrible bugs in their day - but so have other vendors. And, let's face it, browsing 30+ sites to find all your bugfixes is a pain in the ass and a time sink.

If you can get all your updates from one source (like you can for Linux), what's the issue?

Re:/Tin Foil Hat Off (1)

Nonillion (266505) | more than 11 years ago | (#5386566)

But who's to say that the drivers and or software that it offers to update are not going to be riddled with DRM. Trying to print that picture of the lady with big gazungas might come up with something like..

ERROR: Digital Rights Management cannot verify ownership of this document.
ERROR: Print job aborted.

While I would trust the various Linux and Unix distros to do this, I would have second thoughts letting Microsoft replace my perfectly functioning drivers...

Re:/Tin Foil Hat Off (3, Insightful)

Com2Kid (142006) | more than 11 years ago | (#5386582)

  • While the intentions may not be all that honest, it's not a horrible idea. I've noticed numerous times when running Windows Update that it's offered to upgrade my Cisco Wireless LAN software as well as my Epson print drivers. Kind of nifty and not all that bad, if you ask me.


Driver updates? No problem.

SOFTWARE updates? Uh. Problem.

Windows Update is responsible for updating my SYSTEM, thus the term Windows update, not "universal software updator" or some other such silly name.

Besides, last time I let Windows Update update my drivers it replaced my Matrox G400 driver with a French G400 driver that refused to be uninstalled. . . .

Re:/Tin Foil Hat Off (0)

Anonymous Coward | more than 11 years ago | (#5386586)

They don't need to even know that you run Windows to offer you that... The way it should BE is that it sent all available PATCH to your PC and your PC should be the one processing What patch it might need then show you those patch...

Inquirer? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5386443)

Is this the same periodical that always seems to have a cover dedicated to aliens found in Kansas?

but (2, Funny)

mrpuffypants (444598) | more than 11 years ago | (#5386444)

i'll bet it totally gets confused if WinXP iteslf is pirated in the first place =]

along with Office and just about everything on the computer..oh well...I guess the police outside are for me

Check out the rest (5, Informative)

joshmathis (15461) | more than 11 years ago | (#5386446)

Here is the rest of the article, in PDF format. I'd suggest grabbing it and mirroring as soon as possible... this one won't hold up too long.

http://home.byu.net/~btc25/WindowsUpdate.pdf [byu.net]

One of the more interesting parts deals with how Microsoft can tell the difference between product keys they generated and those done with a keygen.

Re:Check out the rest (0)

Anonymous Coward | more than 11 years ago | (#5386488)

wow - dead already

Link doesn't work (1)

cperciva (102828) | more than 11 years ago | (#5386509)

Hint: Win95 filename mangling.

Re:Link doesn't work (1)

joshmathis (15461) | more than 11 years ago | (#5386528)

Link still works fine for me...

Re:Link doesn't work (-1)

Anonymous Coward | more than 11 years ago | (#5386550)

Hint: man wget

dumbass.

Re:Check out the rest - The file IS THERE. (0)

Anonymous Coward | more than 11 years ago | (#5386557)

yeah, use the google UP command, then you'll get a file list, then -click- it.... It is something like Window~1.pdf
\

The file is there.

No verification possible... (4, Insightful)

Reinout (4282) | more than 11 years ago | (#5386454)

Nice claims, but we the free part of the article doesn't show any actual examples of data that's transmitted. At least not data apart from some generic xml tags.

Any easy way to verify this ourself?

I'm suspecting their claim is true, but I'd like to see the data...

Reinout

yes it does (0)

Anonymous Coward | more than 11 years ago | (#5386545)

Nice claims, but we the free part of the article doesn't show any actual examples of data that's transmitted.

WTF WTFA [tecchannel.de]

Re:yes it does (0)

Anonymous Coward | more than 11 years ago | (#5386561)

That is:

WTF RTFA [tecchannel.de]

And I should be surprised why? Also, a suggestion. (4, Insightful)

Jack William Bell (84469) | more than 11 years ago | (#5386456)

Although I often semi-sorta-half-hearted-defend Microsoft when people make unsupported categorical statements or otherwise speak mindlessly, I am also willing to speak out against them when they are wrong. As in this instance.

I would have to do some research, but I believe this might violate their own privacy policy. Even if it doesn't, they really have no moral right to send any information about your system without letting you know what it is and giving you a chance to abort the whole thing. Yet I am unsurprised, in fact I expect every big company is doing this kind of thing when they can get away with it.

Not that I am saying "Everyone is doing it, so what is the big deal?" My attitude is more "Let's stop this crap now!"

So I have a suggestion -- someone should start an open source project to create a re-writing proxy for updates that strips out all the stuff Microsoft is sending in the updates, except what is absolutely needed. Make it open enough that we can plug it re-writers for other companies as well.

Is this surprising? (2, Interesting)

guacamolefoo (577448) | more than 11 years ago | (#5386459)

I am shocked - shocked - by this revelation.

I can see a legitimate purpose for it, from a bug-hunting and trouble-shooting standpoint, but I am highly skeptical that these are the only ways that this information is used. For instance, I expect that if MS sees a high number of installs for a particular app, that it might decide to include that app in the "OS", such as a personal firewall, for instance. Oh, wait...they already did.

An interesting compare/conrast to see is what MS license agreement says about this and what their public statements have been.

Also, is there going to be a DMCA action here? Ugh.

GF.

Re:Is this surprising? (1)

KAMiKAZOW (455500) | more than 11 years ago | (#5386533)

Also, is there going to be a DMCA action here?

No. It's a German page. No DMCA in Germany (yet).

Re:Is this surprising? (1)

guacamolefoo (577448) | more than 11 years ago | (#5386574)

As long as these guys don't travel to the US for a conference or a vacation.

GF.

Velly velly Ghey (0)

Anonymous Coward | more than 11 years ago | (#5386462)

What are those fags in Redmond up to?

Tie them to a fence post and teach them a lesson.

sample (1)

soreno (563079) | more than 11 years ago | (#5386464)

http://www.tecchannel.de/betriebssysteme/1126/14.h tml

i bet we all agreed to it.... (1)

smd4985 (203677) | more than 11 years ago | (#5386471)

when we accepted the license agreement when installing XP. so as much as i revile the practice, i'm not sure there is anything we can do except start using open software.

Predictable (2, Insightful)

Rik Sweeney (471717) | more than 11 years ago | (#5386472)

Come on, be honest. Who's genuinely suprised by this?

Not Pay Per View (0)

terraformer (617565) | more than 11 years ago | (#5386480)

I am reading it right now. Click here http://www.tecchannel.de/betriebssysteme/1126/inde x.html [tecchannel.de] and click on [Weiter >>]. It may be a teaser but I have gotten to the end yet.

Re:Not Pay Per View (1)

terraformer (617565) | more than 11 years ago | (#5386512)

Ah, there is a charge for a more complete doc.

The following pages are restricted to users of our Premium service. If you are not member you can buy the complete article as a PDF-file for Euro 1.99. Included you will find a complementary copy of the tools we used to find out what is going on with Windows Update.

This Far |--| (0)

Anonymous Coward | more than 11 years ago | (#5386485)

This could be useful to build a database of interactions and incompatabilities, but I trust MS only this far: |->-|.

So Does This Break Any Laws? (1)

ihatewinXP (638000) | more than 11 years ago | (#5386490)

If in fact a team has deciphered the codes (I can't read the article PPV) does this break actually break any laws and/or license agreements or is it one of those rights we long ago clicked away upon installation? We all feared the worst, well now it has been confirmed - but what are they doing-going to do with all this data? Legal action should be taken if at all possible to answer these questions.

Has anyone paid for the results? (0)

Anonymous Coward | more than 11 years ago | (#5386500)

I don't think the Inquirer did. Certainly Slashdot didn't. The poster probably didn't.

The SOAP listing on the site (http://www.tecchannel.de/betriebssysteme/1126/2.h tml [tecchannel.de] ) looks pretty innocuous. Seems to me at least *one* person somewhere could pay the $2 to find out just what exactly all these headlines are about and, perhaps, tell us. (Facts can't be copyrighted.) I betcha it's nothing... a driver listing or something.

What I took away from this article... (0)

Anonymous Coward | more than 11 years ago | (#5386508)

I gathered from the article that the update chooses to use shorthand codes to report the presense of "certain" or "selective" third party products, which I actually find far more disturbing and sinister than the idea of simply blindly dumping out the contents of the "installed software" list. I bet "realplayer" is on that list of target software they look for, and perhaps mozilla and netscape.

As an extra service.. (0)

Anonymous Coward | more than 11 years ago | (#5386514)

After a year of updates they corrupt your registry, corrupt your backups, and force a clean reinstallation to get rid of all the annoying little "quirks" that arrive within a year of trying to use windows like a real OS.

Duh (2, Insightful)

IAmRenegadeX (627910) | more than 11 years ago | (#5386520)

Assuming "nothing is sent" is about as smart as checking that "trust everything from microsoft.com" checkbox for the activeX control Windows Update downloads. You'd have to be a quart short of an oil change to do either.

big deal - they've confirmed the M$ privacy stmt. (4, Informative)

erik1474 (566010) | more than 11 years ago | (#5386521)

below from the M$ site... they tell you outright that they are collecting this info. What's the big deal?

Windows Update Privacy Statement (Last Updated 10/15/2002)

Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of configuration information from your computer. None of this configuration information can be used to identify you. This information includes:

Operating-system version number
Internet Explorer version number
Version numbers of other software for which Windows Update provides updates
Plug and Play ID numbers of hardware devices
Region and Language setting

The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

ever heard of firewall? (0)

Anonymous Coward | more than 11 years ago | (#5386527)

A good reason for filtering out all addresses related to microsoft.

Or if you have access to any names-server tables, redirect microsoft.com to linux.org

Hans

From the Windows Update Privacy Policy (3, Redundant)

neile (139369) | more than 11 years ago | (#5386529)

Note: Windows Update does not collect any form of personally identifiable information from your computer. Read our privacy statement.

Windows Update Privacy Statement (Last Updated 10/15/2002) Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of configuration information from your computer. None of this configuration information can be used to identify you. This information includes:

  • Operating-system version number
  • Internet Explorer version number
  • Version numbers of other software for which
  • Windows Update provides updates
  • Plug and Play ID numbers of hardware devices
  • Region and Language setting

The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

Windows Update also collects the Product ID and Product Key to confirm that you are running a validly licensed copy of Windows. A validly licensed copy of Windows ensures that you will receive on-going updates from Windows Update. The Product ID and Product Key are not retained beyond the end of the Windows Update session.

To provide you with the best possible service, Windows Update also tracks and records how many unique machines visit its site and whether the download and installation of specific updates succeeded or failed. In order to do this, the Windows operating system generates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any personally identifiable information and cannot be used to identify you. Windows Update records the GUID of the computer that attempted the download, the ID of the item that you attempted to download and install, and the configuration information listed above.

Hold on there, bucko (1)

Toasty16 (586358) | more than 11 years ago | (#5386539)

Can we stop jumping to conclusions here? Why is it that anytime Microsoft adds a useful new feature all the /.ers start running around like a chicken sans head? Maybe this extra checking that MS does is to ensure that the Windows updates are compatible with your existing programs! Ever think of that? No, I didn't think so.

/sarcasm

Seriously folks, I don't know what kind of information is collected by MS, but I know that there's an option in a system configuration utility called X-Setup [xteq.com] which allows one to anonymously connect to the Windows Update site. Does it actually work? I don't know, but on the upside it prevents the "customize Windows Update" feature from saving your settings, which seems promising.

Well, if they are collecting it (1)

Sgs-Cruz (526085) | more than 11 years ago | (#5386540)

You can be sure that they're not actually doing anything with it. What I mean is, me and the other 20,000,000 people with a pirated copy of Microsoft Office don't have a whole lot to be afraid of. If Microsoft starts using the information to go after these people then they'd have to admit how they got the information in the first place, which would expose this to the whole world (as opposed to just the audience on Slashdot and that German site...).

Not news.. but a nice update. (1)

sporty (27564) | more than 11 years ago | (#5386559)

Didn't this issue first come up with windows update? The fact it sends the registry across to MS even though it doesn't need the registry? What is it, 4.. 5 years ago we cried foul?

Personally, I like the way cvsup works. You ask for what you need and a file list. Or so it seems.

XML Schemas available here (4, Informative)

cobyrne (118270) | more than 11 years ago | (#5386563)

Client Info Schema [windowsupdate.com] and System Info Schema [windowsupdate.com] .

They appear to get a copy of your registry, as well as information like processor architecture, manufacturer, printer(s?) etc

No software collected (2, Interesting)

IamTheRealMike (537420) | more than 11 years ago | (#5386569)

No, sorry, Microsoft doesn't collect lists of softare, not even the article says that. What it does say is that if they wanted to, they could locate what software you have by looking for registry keys or files specific to that app.

In fact the article says the biggest privacy concern is the hardware list, which doesn't seem that big a deal to me.

Wow, what a total bullshit /. article (0)

Anonymous Coward | more than 11 years ago | (#5386577)

The conclusions section of the posted article even flat out states that M$ isn't sending information back about all your software and yet somehow the article summary gets "says that information on all software installed on your computer is sent, even that which is not Microsoft's own software". Maybe if you didn't lie out your asses so much, people would actually take the criticisms you make seriously?

No worries... (2, Interesting)

MindSlap (640263) | more than 11 years ago | (#5386578)

I've had concerns about MS for quite a long time.

Solution...
Block ALL outbound requests to MS at the router. (Home network)
There are several IP ranges that I have blocked.
This prevents any 'phone home' connections from any MS OS thats running.

Its easy enough to manually lift the blocks when downloading patches.
I never use Windoze Update.. It doesent work with Mozilla anyway :-D

You know... (0)

Anonymous Coward | more than 11 years ago | (#5386588)

I don't see why this is news. Microsoft does not deny this. It's clearly written in their privacy statement on the Windows Update website.

Here's what it says they collect...

-snip-

- Operating-system version number
- Internet Explorer version number
- Version numbers of OTHER SOFTWARE for which Windows Update provides updates
- Plug and Play ID numbers of hardware devices
- Region and Language setting

The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

-snip-

Now if they had found evidence that MS was also collecting your name, address, or email address then that would be a different matter.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?