Slashdot Mirror
All Microsoft Updates Phone Home
juct writes "In the wake of heise Security's report on the garrulous WGA Notification, Microsoft has now supplied additional details on the data sent. They have revealed to developers that apparently all updates relay information to the company in Redmond."
TFA: "In the Privacy Statement of Windows Update Microsoft grants itself fairly far-reaching rights. Thus the information collected by the Redmond-based behemoth includes the computer make and model, version information for the operating system, browser, and any other Microsoft software for which updates might be available, Plug&Play ID numbers of hardware devices, region and language setting, Globally Unique Identifier (GUID), Product ID and Product Key, BIOS name, revision number, and revision date"
Kinda sad that we just assume letting vendors capture all this info is part of the game (i.e. necessary to make the update work right). Wrong. When I do "yum upgrade" -- as far as I know -- not a single piece of information about my system goes up the wire. Correct me if I'm wrong.
My turnips listen for the soft cry of your love
I'll bite:
Computer make and model -- needed for drivers for specific manufacturers and models. Do you really want to apply a HP patch on a Dell system?
Version information for all installed Microsoft software -- Needed to calculate whether or not updates are needed for Windows Media player, etc. Remember, Windows update does more than just Windows--it also updates all included bundled software with Windows.
Note: Sending information about non-bundled software is needed for Microsoft Update, but not Windows Update. Perhaps lazy coding there--wouldn't YOU want to share the hardware/software detection code for both update utilities?
Plug&Play ID numbers of hardware devices -- Well, it does update hardware drivers...
# Globally Unique Identifier (GUID) -- This seems completely unnecessary.
BIOS name, revision number, and revision date -- I'm not sure, but I believe they may also provide manufacturer-supplied BIOS updates for some manufacturers.
I'm no huge fan of Microsoft, and I'm not saying Microsoft isn't misusing the information, but in 4 out of 5 cases this seems necessary for the service they are providing. Remember, Windows Update updates drivers, hardware, and bundled software too. Microsoft Update services Microsoft software as well.
-=Lothsahn=-
"It's too bad that stupidity isn't painful." - Anton LaVey
"In the Privacy Statement of Windows Update Microsoft grants itself fairly far-reaching rights. Thus the information collected by the Redmond-based behemoth includes the computer make and model, version information for the operating system, browser, and any other Microsoft software for which updates might be available, Plug&Play ID numbers of hardware devices, region and language setting, Globally Unique Identifier (GUID), Product ID and Product Key, BIOS name, revision number, and revision date"
There are what - like a billion or so computers in the world running an M$FT operating system?
And e.g. Windows 2000 is now up to something like 125 or 150 Critical Updates since SP4?
And they're keeping track of all of that data?
That's a database that would make the NSA green with envy.
Can SQLServer handle a load like that?
Or would you be looking at something specialized, like what National Cash Register built for Wal-Mart?
I seem to remember Windows Update in Win2000 prominently displayed a message: "Checking your computer for installed updates...this is done without sending any information to Microsoft." And it only downloaded the updates I needed, not every one for every supported product.
Did something fundamental change as to why that system can't work anymore?
Momentarily, the need for the construction of new light will no longer exist.
It is a violation of privacy and Microsoft is sending information back to their location for storage or not against the wishes of an individual.
If you break the law it is still up to the police and the courts to follow legal procedure to catch you and prove you broke the law and then to punish you commensurate with the proven charges. Even if you steal something and they know you stole it they can't do anything about it till they prove it. Part of that process is to get the legal search warrants and other court orders to permit them to do this.
Microsoft is a civil organization which is usurping the rules of law that were well established. In fact, they are effectively searching everyone's home every time to prove they are not in possession of stolen goods. The government can't do that. Microsoft should not either.
Any information sent to them without our express permission is a violation of our privacy whether they store it or not. It is not permissible for them to blatantly flaunt in our faces the fact that there is no one there to stop them and if you try you won't have the resources to do so.
Again people, remember the computer you have is an extension of your home. It is not a playground for microsoft to do what they want. Would you allow them to come into your home to inventory your belongings and then make you account for all those things you may purchase after the fact? Would you let them check on you any time they choose? Hell no. You would never let anyone into your home to do that. So, why on fucking hearth are you letting them search your computer to inventory your system to send private information back to their offices? Is it because it isn't an inconvenience to you to allow them to do this? Because you have no recourse to stop them?
So, you say that it doesn't hurt you to have them to enter your home and search it and report back to their offices? So, then would it hurt you to allow the government to do this if they could do it in such a non-invasive way? How about putting hidden camera's in say 20% of homes and no one knows they are there so you have at least an 80% chance of not being spied on!?! Would that be acceptable to you? Hell, 1 if 5 chance of being someone that is observed by the government. Once you got used to it, wouldn't it be acceptable to have the government then say 40% and up it over the next 10 years to 60% and then all the way? You would have become accustomed to having the government spy on you?
I think you understand what I'm getting at. This is the same thing. You would not let the government do such a thing, and even some people feel cameras in public are a violation of our privacy.
Microsoft is not the government and they have no rights to do what they are doing. They should not be collecting any information unless you explicitly permit it.
As I have said in other posts. This is about them collecting as many pieces in their databases as possible. Having this information gives them a lot of leverage.
Have you heard about how the patent office has claimed that file sharing software is a threat to national security? How about a monopoly power that has control over 90% of the worlds computers able to go into your computer and home unchecked by any sort of mechanism that is designed for checks and balances? You think that is less a threat to national security than it is to allow people to share information between 1 or 2 or more party members. Either the comments by the patent office are totally ludicrous or no one is willing to accept that this sort of unchecked behavior by a company in control of 90% of the worlds computers is a threat to national security.
You can lead a man with reason but you can't make him think.