Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Update v5 Gathering Too Much Information?

Posted by Cliff on from the don't-look-so-surprised dept.

LucasR asks: "I was testing out Microsoft's Windows Update v5 and read their latest privacy statement from April 15th of this year, and it appears they are collecting and storing more information than ever. Here is only some of what they are now collecting: computer make and model, version information for the operating system, browser, and any other Microsoft software for which updates might be available, Plug and Play ID numbers of hardware devices, and IP address (though only for aggregate statistics so they claim). Some of what they are collecting is really disturbing. I use Microsoft's products but I don't recall wanting them to know everything about my computer and what competing applications I might use. Check it out for yourself. Isn't this amount of collected information a bit much?"

65 comments

  1. Nice link by Anonymous Coward · · Score: 0

    Nice link, I found the 404 page extremely helpful

  2. Please fix the link by Fry-kun · · Score: 0, Redundant

    please fix the link
    thanks

    --
    Did you know that "FTW" ("for the win") is a direct translation of "Sieg Heil"?
  3. Fixed link by Matt+Perry · · Score: 5, Informative

    Here's the fixed link: http://v5.windowsupdate.microsoft.com/v5consumer/p rivacy.aspx?ln=en

    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
    1. Re:Fixed link by Anonymous Coward · · Score: 0


      Who is Microsoft.com? Are they some Gentoo wannabes with online update stuff and quick patches to the Linux kernel?

    2. Re:Fixed link by the_greywolf · · Score: 1

      the XML document it links to appears to be an XML conversion of a system .nfo file. other companies need identical information to provide their services.

      honestly, it doesn't look all that bad unless the IP address is actually assosciated with the GUID.

      --
      grey wolf
      LET FORTRAN DIE!
    3. Re:Fixed link by itwerx · · Score: 1

      I wonder what exactly is in that encrypted section at the beginning...?

    4. Re:Fixed link by ratboy666 · · Score: 1

      "To generate accurate statistics, Windows Update evaluates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any information that can be used to identify you."

      Um... the GUID *is* an indentifier for that particular computer. It will not identify an individual *only* in the in the case of a shared computer. Other than that, "they" know who you are. Even if your IP address changes (eg. you move, or use DHCP), the GUID WILL NOT CHANGE. So the GUID is better suited as an identifier.

      Ratboy.

      --
      Just another "Cubible(sic) Joe" 2 17 3061
  4. Standard practice... by RomSteady · · Score: 4, Informative

    It's a beta site. Microsoft's beta products usually collect more information in order to help recreate failure scenarios. When I've done betas in the past, I've collected additional information for the same purpose, and I disclosed it the same way.

    In this case, I'd say "chill." A stable Windows Update is a boon to security.

    --
    RomSteady - I came, I saw, I tested. GamerTag: RomSteady / http://www.romsteady.net
    1. Re:Standard practice... by Anonymous Coward · · Score: 2, Interesting
      All these anit MS freaks just dont understand. The more data you have, the more accurate your solutions can be.

      If there is some obscure driver in a turtle beach sound card which causes an IE update to crash, they will know about it just by the numbers.

      Try supporting a 200+ user environment. Then let me know if you think hardware/software reporting are a bad thing.

  5. Way to test the URLs by np_bernstein · · Score: 2

    The editors here are getting paid right?

    --
    RandomAndInteresting.comdefending the world from stupidity since 1979
    1. Re:Way to test the URLs by foobsr · · Score: 1

      The editors here are getting paid right?

      One would tend to answer no, right?

      Alternatively one might consider that many Open Source developers are not paid - so it is all consistent.

      CC.

      --
      TaijiQuan (Huang, 5 loosenings)
  6. Beta by prostoalex · · Score: 2, Informative

    The current version is v4, so if you tested v5, you apparently signed up for it, or were invited or decided it was worth it to get on the beta testing team.

    Betas usually ask testers to provide more information so that SQA can re-create the problem and such. If you feel uneasy, then don't sign up for beta testing.

  7. Don't they need all of that information? by yotaku · · Score: 2, Informative

    "Here is only some of what they are now collecting: computer make and model, version information for the operating system, browser, and any other Microsoft software for which updates might be available, Plug and Play ID numbers of hardware devices, and IP address (though only for aggregate statistics so they claim)."

    Other than the IP address, I would assume that they would have to know all of that information in order to be able to provide you with all the updates you may need. The hardware information is needed in order to provide updated drivers. I'm going to assume that by browser they mean information about IE, since we all know that that needs fequent updates. The only iffy things I see here is the IP address, and every web page you visit gets that, so I dont think its something to be overly concerned about.

    And then there is the version information for other Microsoft software. Personally I love this. I hate having to go to OfficeUpdate to seperately check for updates to office. It would be nice if all my software could get updated thought windowsupdate. But I dont see Microsoft opening it up for other companies to use - so I will settle for just all microsoft software.

    1. Re:Don't they need all of that information? by Tablespork · · Score: 4, Insightful

      They shouldn't need any information. They just need a list of all available updates, and the client can check to see if any are needed. Microsoft shouldn't need to collect any data whatsoever. I'm not picking on Microsoft, I think any company would/does/has every right to collect this information. It's free usage statistics.

    2. Re:Don't they need all of that information? by chriso11 · · Score: 1

      They don't need to know the hardware ids for every component. They could get by just knowing the make/model. That much data is excessive.

      --
      No, I don't trust in god. He'll have to pay up front, like everybody else.
    3. Re:Don't they need all of that information? by markhb · · Score: 1

      Is the PnP ID unique to a particular part (like a MAC address), or simply a unique identifier for the make/model?

      --
      Save Maine's economy: write stuff down. All comments are exclusively my own, not my employer.
    4. Re:Don't they need all of that information? by NetJunkie · · Score: 1

      Hah! Make and Model of the PC? No way. IBM/Dell/Gateway change specific components all the time in a model of PC.

    5. Re:Don't they need all of that information? by Gadget_Guy · · Score: 1
      They just need a list of all available updates, and the client can check to see if any are needed.

      So instead of uploading 10 or so IDs for the server to do a query with, you would have to download thousands of them so they can check them on the client side. That would really slow down the Windows Update process.

    6. Re:Don't they need all of that information? by shadowarts · · Score: 1

      Your forgetting, half the Windows population (at least half, probally more) wouldn't know what to download. The Windows Update selects what they should download. You give a novice user a list of 2000 files they'll just close the program.

      --
      ?
  8. The link I believe they wanted by scupper · · Score: 4, Informative

    I think this is the page they wanted to link to: http://v5.windowsupdate.microsoft.com/v5consumer/d riversquery.xml

    Looks like they added BIOS info collection. This is news?

    V5 privacy statement: http://v5.windowsupdate.microsoft.com/v5consumer/p rivacy.aspx?ln=en

    v4 privacy statement:

    Windows Update Privacy Statement (Last Updated 10/17/2003)

    Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of configuration information from your computer. None of this configuration information can be used to identify you. This information includes:

    Operating-system version number
    Internet Explorer version number
    Version numbers of other software for which Windows Update provides updates
    Plug and Play ID numbers of hardware devices
    Region and Language setting

    The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

    Windows Update also collects the Product ID and Product Key to confirm that you are running a validly licensed copy of Windows. A validly licensed copy of Windows ensures that you will receive on-going updates from Windows Update. The Product ID and Product Key are not retained beyond the end of the Windows Update session, unless the Product ID is not valid.

    To provide you with the best possible service, Windows Update also tracks and records how many unique machines visit its site and whether the download and installation of specific updates succeeded or failed. In order to do this, the Windows operating system generates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any personally identifiable information and cannot be used to identify you. Windows Update records the GUID of the computer that attempted the download, the ID of the item that you attempted to download and install, and the configuration information listed above.

  9. From the article... by meta-monkey · · Score: 2, Insightful
    Windows Update evaluates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any information that can be used to identify you.
    So, the Unique Identifier cannot be used to identify. Sounds really useful :)
    --
    We don't have a state-run media we have a media-run state.
    1. Re:From the article... by My+name+isn't+Tim · · Score: 2, Informative

      It can't identify YOU the individual, but your computer (well in it's current Windows installed state) it can. Presumably they could track what GUID has downloaded what from Windows Update and they could further figgure out what segment of the population is upgrading and who isn't. (based on the data they may also collect such as make and model and software installed)

      that's my take on it anywho

    2. Re:From the article... by Too+Much+Noise · · Score: 1

      Add to that various connection patterns they can obtain by correlating the GUID with the IP. Still, not a big privacy issue yet.

      However, I'm not sure how exact this list is - given that previous examples of info capture showed that WindowsUpdate didn't bother to select only the MS products from the registry list it grabbed and sent the full list of installed software.

    3. Re:From the article... by Anonymous Coward · · Score: 0

      Just like how Gator and DoubleClick cannot identify YOU, just your computer.

    4. Re:From the article... by 3)+profit!!! · · Score: 1
      Windows Update evaluates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any information that can be used to identify you.


      Note that it is identifying your computer, just not you personally.
  10. Isn't this amount of collected info a bit much? by Elwood+P+Dowd · · Score: 0, Troll

    No.

    Next question?

    --

    There are no trails. There are no trees out here.
  11. What's to be worried about? by /dev/trash · · Score: 1

    MS has been collecting this info for years. They're just telling you about it now to make you feel good.

  12. Get over it, if not, then don't use Windows by shodson · · Score: 5, Funny

    Some of what they are collecting is really disturbing

    Disturbing? Yeah, now that they know your CPU model and BIOS version number they can clearly learn about your cross-dressing hobby.

  13. Scary Language by digitalvengeance · · Score: 3, Insightful

    From the article:

    The Product ID and Product Key collected are not retained after you are finished using Windows Update, unless the Product ID is not valid.

    Though my workplace has all validly licensed copies, there have been occassions where I've just grabbed the closest Product Key during a reinstall rather than pull up the database of which keys go with which machines. They WILL keep a product ID if they deem it to be invalid? How long before we are all getting audited for not memorizing 30 different Product Keys for the 30 different windows licenses we have?

    --
    How many roads must a man walk down? 42.
    1. Re:Scary Language by rritterson · · Score: 3, Informative

      That's not the point of PID validation. If you have 30 PKey's, then you must have 30 Retail Keys, and therefore have to activate them. If it activates, the key is considered valid.

      PID disqualification applies to corporate VLK's, which run on versions of XP that don't need to be activated (can you imagine activating 10000 copies during a deployment of XP). Those copies are, of course, ripe for pirating. Apparently, valid VLK's only generate a subset of possible valid PIDs, so they can tell if you are using a bad key (read: keygen'ed key) by the PID and you won't be able to use WU.

      You aren't going to get audited with only 30 XP licences. The cost of the audit far outweighs the cost they could hope to make from you. It's like the IRS auditing a 16 year old kid who makes $1500 yearly at a part time job.

      --
      -Ryan
      AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
    2. Re:Scary Language by Phillup · · Score: 2, Insightful

      Use a corporate licence key.

      The computers will most likely have a non-routable IP address assigned, and all of them will show up w/ the IP address of the firewall.

      Even if they note the number of individual computers connecting w/ that license... there are so many "spares" and "rebuilds" in the corporate environment to make tracking a fruitless proposition.

      --

      --Phillip

      Can you say BIRTH TAX
    3. Re:Scary Language by forged · · Score: 1
      The Product ID and Product Key are not retained beyond the end of the Windows Update session, unless the Product ID is not valid.

      So much for the majority of consumers running pirated XP Corp versions... Since they would no longer be able to get updates, I wonder how long until they become the next source of virus-spreading craze.

      As an interesting side effect, perhaps this will finally encourage people in this group to massively ditch XP Corp and go for Linux instead.

  14. What info does a WUS server share with M$ by scupper · · Score: 1

    Does anyone know how much of the info collected by a WUS server, which is also collected by windows update, is passed on to M$ by the WUS server and/or the WUS client? It all seems to me to be relevent and useful info to collect, considering you've already overcome your privacy issues by agreeing to the EULA and have purchased CALs.

    1. Re:What info does a WUS server share with M$ by scupper · · Score: 1

      I meant to say SUS.

  15. EULAs are more interesting... by MrHim · · Score: 4, Insightful
    I like the MS Visual Studio EULA better (C:\Program Files\Microsoft Visual Studio\MSDN98\98VSa\1033\Setup\EULA.txt, if you happen to own it). Section 4.1.2:
    Performance or Benchmark Testing. You may not disclose the results of any benchmark test of either the [Server Software] or [Client Software] for Microsoft Message Queue Server, Microsoft Transaction Server or Microsoft Internet Information Server to any third party without Microsoft's prior written approval.
    And if you get the Microsoft SDK from windowsupdate, the same restriction is placed on releasing .NET benchmarks.
  16. Let's have a peek: by NanoGator · · Score: 5, Insightful

    "Computer make and model": In order to figure out if particular motherboards need a fix applied. The AGP problem with Athlons immediately comes to mind.

    "Version information for the operating system, browser, and any other Microsoft software for which updates might be available": For security updates to IE, Outlook, Word, etc...

    "Plug and Play ID numbers of hardware devices": In case there is a fix for a particular bit of hardware. Maybe a DirectX update or something.

    "Region and language setting": What, you don't want your driver interfaces to be in Bulgarian?

    "Globally Unique Identifier (GUID)": Eh, not terribly interested in defending this one unless it's to count how many times a particular machine gets updated. I can't say I'm terribly concerned about this one either.

    "Product ID and Product Key": Filed under D for DUH.

    "BIOS name, revision number, and revision date": Again, may be related to fixes for a particular computer.

    This stuff is far less scary when you read through some of the MSDN articles for quick fixes etc. It's pretty obvious that they attain this info for the Automatic Update to actually work. Damn them for creating this free service!

    --
    "Derp de derp."
    1. Re:Let's have a peek: by loftwyr · · Score: 1

      The plug and play ID's are for the driver updates you can get through the site. It's tough to give you drivers if it can't ID the device...

  17. Is that all they're collecting? by loftwyr · · Score: 3, Informative

    There is a nice sample of what they're collecting in XML format. Well, it would be useful if it wasn't for the large block of encrypted into that they don't explain.

    Maybe I'm just paranoid but if they're going to give a sample of the collected data, shouldn't they tell what's in that block?

  18. [OT] Your sig by Anonymous Coward · · Score: 0
    C++, Java, .NET, Linux interview questions

    Interesting site. I don't know what is scarier, the fact that so many of the posted answers are wrong, or the fact that so many of the posted questions are. At least I don't have to worry about my programming job too much then. :)

    1. Re:[OT] Your sig by prostoalex · · Score: 1

      Leave a comment on whatever you find wrong. The questions come from variable sources, some, ahem, less reliable than the others. I try to keep up, but I can't manage a dozen of languages and technologies myself.

    2. Re:[OT] Your sig by Mr+Z · · Score: 1

      In some cases, the wrongness is simply horrible grammar. For instance, I can't tell what this actually means, since it isn't even a complete sentence: "In header files whether functions are declared or defined?"

      You know, if you're going to ask a subtle question (what's the difference between declaration and definition, and which one belongs in a header file?), you need to word it so it's unambiguous.

      --Joe
      --
      Program Intellivision!
    3. Re:[OT] Your sig by Anonymous Coward · · Score: 0

      Sorry, not meant to be a criticism of you personally, just a lament on the state of our industry generally. I can understand that most of your readership are young, inexperienced, and smart enough to look for a headstart. I do not expect them to get everything right. If they did, the questions would not be hard enough. But a lot of the questions contain rookie mistakes!! If I was asked at interview to comment on code like that in some of your questions, and it was supposed to be representative of what the prospective employer produced, I would thank them for their time and leave at the first polite opportunity. :(

  19. invited... not really by zoloto · · Score: 2, Interesting

    i connected to windowsupdate recently and manually changed the v4.windo---- to v5.windo--- just for kicks (b/c of rumors etc) and instantly i was sent to the new site.

    It was interesting and they automatically update your "windows update" client that's on your PC. Oh yeah, even very FIRST generation versions of XP licenses aren't valid (i have a valid license but they say it's not... so I'm a bit confused.)

    anywho. it's not an invite only thing. but maybe it is if it won't verify my key..?? perhaps so.

    1. Re:invited... not really by Delf · · Score: 3, Interesting

      Windows Update version 5 is being rolled out as part of the XP Service Pack 2 stuff, so if you don't have the XP SP 2 beta installed, that would explain why it won't validate you.

      Installing SP 2 does require you to accept a EULA.

    2. Re:invited... not really by Anonymous Coward · · Score: 0

      It's not anywho but anyhoo, which is a stupidification of anyhow.

  20. I dont care unless... by AliasTheRoot · · Score: 1

    ...they attach my name in real life to the bits they collect and start selling that information.

    it's not an invasion of privacy to collect information on hardware.

  21. Re:What Else? by siliconjunkie · · Score: 1

    what makes you think they record the items you listed? seriously. i'm curious how you've come to this conclusion.

  22. aren't going to get audited with only 30 XP licenc by Anonymous Coward · · Score: 0

    >You aren't going to get audited with only 30 XP licences.

    Huh?? Where have you been?? First, the MS I mean the BSA folks are sending FISHING expidition style letters to most legal departments. Nothing prompts these letters except maybe buying a handful of HP computers *without* buying same # of "Server" licenses. Just ask any Samba shop how many of these they got.

    Legal doesn't want to know if you feel 30 licenses is too low to chase. They got the "offer you can't refuse" letter, which implies you might not be legal but doesn't claim evidence. Legal just wants to know if you are 100% legit -- and you're an asshole to them if you're not (even though they may have been the first group to pirate that single freebie Office XP CD Microsoft mailed to everyone in the company listed as an Officer (bait!).

  23. They might be gathering it for Intel by Gary+Destruction · · Score: 2, Insightful

    Intel has the power to shape the hardware industry. If they want the floppy to disappear, they can make it happen. The information gathered can be used to give an idea of how much legacy hardware is still in use and it could be used to predict future demands in hardware. Take that as opposed to old motherboards and expansion cards sitting at the dump. If the user visits Windows Update, then it's know that the hardware is still in use.

  24. Focus by nusratt · · Score: 1

    Where are your priorities?
    Sincerely, not trying to flame, but this microsoft issue in this article is the only slashdot comment I find which has been authored by http://ask.slashdot.org/~LucasR

    So I have to ask:
    with everything else which is happening to steal or threaten our medical confidentiality, our privacy, our freedom to travel, freedom of speech, freedom of association, and other civil liberties -- things which appear on /. almost every day, such as
    http://slashdot.org/article.pl?sid=04/07/05/16 3721 4
    -- THIS issue (i.e. microsoft) is the issue you decide to worry about?!

  25. Note on the page by Tomahawk · · Score: 2, Informative

    When you run Windows Update, you get the following message:

    Note Windows Update does not collect any form of personally identifiable information from your computer.

    Under that is a link to the privacy statement telling you what they do collect. Here is the text behind the link:


    Windows Update Privacy Statement (Last Updated 10/17/2003)
    Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of configuration information from your computer. None of this configuration information can be used to identify you. This information includes:

    Operating-system version number
    Internet Explorer version number
    Version numbers of other software for which Windows Update provides updates
    Plug and Play ID numbers of hardware devices
    Region and Language setting
    The configuration information collected is used only to determine the appropriate updates and to generate aggregate statistics. Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information.

    Windows Update also collects the Product ID and Product Key to confirm that you are running a validly licensed copy of Windows. A validly licensed copy of Windows ensures that you will receive on-going updates from Windows Update. The Product ID and Product Key are not retained beyond the end of the Windows Update session, unless the Product ID is not valid.

    To provide you with the best possible service, Windows Update also tracks and records how many unique machines visit its site and whether the download and installation of specific updates succeeded or failed. In order to do this, the Windows operating system generates a Globally Unique Identifier (GUID) that is stored on your computer to uniquely identify it. The GUID does not contain any personally identifiable information and cannot be used to identify you. Windows Update records the GUID of the computer that attempted the download, the ID of the item that you attempted to download and install, and the configuration information listed above.

    (note that the update date is 17 October 2003)

    T.

  26. What if we send more than 1MB of data each? by TheLink · · Score: 1

    I suspect that in their opinion they won't think they're gathering too much info till they need petabytes or exabytes of storage, if you know what I mean.

    So, any bright sparks know how to create a way to give them enough info so that they stop asking us for info?

    Clicking on something or making an HTTP access to something doesn't make it a legal contract. Tons of people click I agree coz they want to update their PC.

    --
  27. v5 by bendsley · · Score: 1

    They are able to tell whether or not the key you are using for your XP install is a valid key or not. I can pull updates from v4, but not v5. Oh well.

    --
    Alcohol & calculus don't mix. Never drink & derive.
    1. Re:v5 by jameslore · · Score: 1

      That's because in V5 they block product keys which aren't of the subset they've distributed.

      It's fairly easy to get around (not that I'm going to provide help), but it should server it's purpose - it'll knock out most of the leaked (or generated) corporate keys. And while it's a minor irritant to anyone sufficiently motivated to get around it, it'll block those without the knowledge or inclination to beat it.

      Personally I think MS should be taking the moral high ground and supplying at least security patches to those using illegit keys (if not feature enhancements) purely for the sake of those who have to put up with infected zombie PCs, but obviously they think otherwise :-(

  28. Ye Gods! by mcocke · · Score: 1

    A unique identifier and your IP address, as well as a list of all your hardware and software. Looks like I won't be using Microsoft update again. Thanks to the OP for the heads up.

  29. A bit much? by Nyhm · · Score: 2, Funny

    A bit much? That's several bytes too much!

  30. Quite standard nowadays by Wudbaer · · Score: 1

    While somewhat stupid, a lot of vendors have such limitations in their license agreements nowadays. AFAIK Oracle started with this some years back.

  31. What competing products? by belchingjester · · Score: 2, Insightful
    I use Microsoft's products but I don't recall wanting them to know everything about my computer and what competing applications I might use.
    I don't see anywhere in their disclosure statement where products other than MS products are tracked, so I'm not sure why you're being alarmist about "competing products". Perhaps they are collecting more info than they say they are, but that's not the issue you raised.
  32. The Slashdot Paradox by fluor2 · · Score: 2, Interesting

    I think its really a paradox that I actually feel SAFER when doing these update internet thingies on Windows, since we have all those people around the world, monitoring what Microsoft do every day.

    I'm sure it would be even in the news if Microsoft did something that was not allowed by laws of your government.

    However, wget a mySUPER-GPL-programtar.gz leaves me with much less security when I run ./configure make and such. Coz the userbase for that program might be very small, and sending private information might be un-known to the general public.

    I sure hate the fact.

  33. Is the speed issue? by bill_mcgonigle · · Score: 1

    For some reason visiting the Windows Update website causes a considerable delay in the browser, on the order of twenty to thirty seconds on a reasonable computer.

    This compares poorly with about 5 seconds on a Mac or even 10 seconds for an apt-get update.

    Could it be because it has to upload and/or analyze all this information?

    If it's sending a GUID certain data should only need to be sent once, or at least the OS could manage when it needs to be sent again (new hardware, etc.)

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  34. Linux and Firefox by nandhp · · Score: 2, Informative
    The amusing thing, is that you can go to http://v5.windowsupdate.microsoft.com/ in Firefox on Linux and it will say:

    Checking for the latest version of the Windows Update software...

    Depending on your connection speed, this might take a minute. During this time, you may receive one or more security warnings. Review each security warning to ensure that the content is signed by Microsoft, and then click Install or Yes to install the software.

    While nothing actually works, except for the Mozilla-customized CSS, it is rather amusing that I can get it to the real Windows Update website without resorting to User-Agent Switcher.

    If you try to go to http://v4.windowsupdate.microsoft.com/, it informs me that I need a Windows operating system to use Windows Update.

  35. Re:What Else? by nick125 · · Score: 0

    Well, if Microsoft don't do it, they have put the tools in the OS so anyone could do so.