Microsoft WinXP Update spies on other PC software

25 February 2003
The German tecCHANNEL deciphers Windows Update's stealth transfers.

Be thankful you're not running MS Windows (if you're not). The Inquirer has just published yet another article on what goes on in WinXP updates. We already know that Microsoft begin downloading files before they even ask you if you want something; we are aware they can theoretically glean any information they want, as they '0WN' your computer by this point; but knowing they are now collecting statistics on third party software you've installed - this is news, but frankly not surprising news.

Using a proprietary utility called tecDUMP (and a fair bit of ingenuity and creativeness) the German team have fully decrypted and analysed the traffic between Windows Update and an unsuspecting client computer. What they found is not encouraging.

Naturally the information passed on to Microsoft is far and above anything needed for system updates. Microsoft are aware of the tecCHANNEL research, but have not as yet responded.

As always, there are two things you can do to prevent any untoward traffic on your computer (and a firewall is not one of them).

• Make sure microsoft.com is not in your list of IE trusted domains (you might want to also consider an alternate browser).
• Use X-frame to fully monitor traffic in and out of your computer (firewalls will often be fooled here, but X-frame shows you the actual traffic).

You don't have to be a rocket scientist to use X-frame for this purpose either: Although X-frame is a highly sophisticated tool, all you need to do is check the main window - is there any activity when there shouldn't be? It's as simple as that.

http://www.theinquirer.net/?article=7980
http://tecchannel.de/betriebssysteme/1126