XP, Phone Home

Randomeyes writes: "The Register reports that Windows XP has functionality built-in to the Search Companion module that allows Microsoft to log users internet searches. Information collected includes user IP address, search term and related information. A cookie is also set. 'TrustUnWorthy Computing' anyone?" Tanveer1979 writes: though, that "the bright side is that it doesn't send anything to internet, it only downloads files, and compares the files on your computer with the files on server. And I guess a little effort is needed for the malicious to program it to send your data to web."

Microsoft Baseline Security Analyzer ���

I just saw it on my Microsoft Baseline Security Analyzer ©®(TM):

View Security Report

Sort Order: Score (worst first)

Computer name: MYADSDOMAIN \WindozePeeCee
IP address: 225.-1.65535.1
Security Report Name: MYADSDOMAIN - WindozePeeCee (04-12-2002)
Scan date: 12/04/2002 12:00AM
Hotfix database version: v2.0.10^23+[1/(planks constant)]
Security assessment: Sever Risk (As usual)

Windows Scan Results

Vulnerabilities

Windows Hotfixes
1. Local Account Passwords are simple or Weak. Please change them to something overtly convoluted and difficult to remember. It wont matter anyway because the Active Directory Server©®(TM) you authenticate against is probably not patched.

2. IIS©®(TM) Installed. Please update to Apache 1.3.24 or 2.0.35

3. JRE 1.4 is installed. Wow. That's even more bloated than the first revision of .NET ©®(TM).

4. Auto-login is enabled. This is inherently dangerous because this OS has no inkling as to what multi-user means, for whatever reason, everyone is a su-doer.

5. Passwords are too short. This is weak because the domain controller isn't patched. If you are running Samba 2.2, please disregard this. We can't tell the difference.

6. File systems. They all appear to be running NTFS. Good (you should have two UPS for this. If its get corrupted, snicker.........)

7. Your Cell Phone, Palm Device, monitor, printer, hub, DSL router, joystick, speakers, KVM, other PCs, scanner and filing cabinet do not have Client Access Licenses.

8. Sent all info to Microsoft.

© 1999 - 2009 (We paid of the US DOJ until then, they only take kick in decade increments), All your rights are belong to us.

xenon baxter meowmix purina

Please explain

[Ubi_NL]

Isn't this just a cache
I mean, netscape keeps track of my bwrowsing history. MS Find keeps track of my last searches.
BASH keeps track of my last typed command.

Usually this comes in handy. Hell, I can probably code something that will post my BASH command history and my netscape browsing archive onto the net.

What's the news here?

Re:Please explain

[cscx]

So, basically you're saying you entrust your data to a bunch of stool pigeons?

What are they up to?

[Smid]

I don't know, but every time I read yet another story about MS storing our behaviour patterns, I wonder...

Why do they want to know what we're doing???

Is my life particularly interesting? God help the poor lad who has to search through my personal searches...

+UT +MOHAA +GAMEBOY +ADVANCE +DREAMCAST +GTA3 +N64 +SUPERMARIO +GAMECUBE

(Note: no +XBOX)

Nooooooooo!!

Not a cookie!!! When will the injustices end???

People should stop complaining and move on

[newt]

It's really quite pointless complaining about privacy problems in Microsoft software -- The OS and its associated MS apps are so rife with security bugs that any script kiddy on the Internet can break in and obtain access to your closest-held secrets anyway, so complaining about additional bugs/features like the one described in this article is essentially useless. Let's face it, would less of your personal information be available to Microsoft if they didn't gift-wrap your search terms and send them to Redmond?

If you've deluded yourself into thinking that changing the behaviour of their search feature would make a difference, consider this: Microsoft is just as capable of being the aforementioned script kiddy as anyone else is.

Until MS fixes the underlying security problems in their OS, anyone who uses it is implicity acknowledging that they don't care about their privacy. If someone really wants to protect their privacy, they'll put in the small amount of additional effort required to run on a system which doesn't leak their data like a sieve.

heh

[waspleg]

irony? as i read this the banner ad the top is for OSDN's GEOTARGETING (targeted advertising)

*cough*
i wonder where they get/got the info
*cough*

** The preceding was not a troll, all opinions expressed are the authors which may contain forward looking statements and all of which is entirely speculation ;)

Good slashdot title

[cipset]

When I first saw the title I thought

"Ok it will phone home, that means that soon we will get rid of it"

Re:What a non story! A waste of space!

> You can't just make stuff up!

Hi there. Welcome to Slashdot...

Re:Solution: XP behind a firewall?

[Shiny+Metal+S.]

Could not a great deal of these 'features' (annoyances, security holes etc.) be circumvented by keeping a very restrictive firewall between any machines running XP (or any Microsoft OS) and the Internet at large?

Yes, I can see the slogan already:

Microsoft Windows XP: The most secure system ever built!*

(*If kept behind an OpenBSD firewall)

I can also hear a customer buying a computer asking:

- So, you say that 3GHz and 2GB RAM with 200GB HDD is enough to send emails to my grandchildren on every X-mas? I hope you're right. But will my new computer be also secure against those evil hacker pirates we lately hear so much about?
- Of course, madam! Just make sure to insert a very restrictive firewall between your computer and the Internet.

And the problem is solved!