Bugtraq mailing list archives

Re: Windows 95 Espionage ( ?? )

From: rds () cadvision com (Jan Vandenbos)
Date: Tue, 6 Jun 1995 13:30:33 +0000

 Microsoft officials confirm that beta versions of Windows 95 include a
 small viral routine called Registration Wizard.  It interrogates every
 system on a network gathering intelligence on what software is being run
 on which machine.  It then creates a complete listing of both Microsoft's
 and competitors' products by machine, which it reports to Microsoft when
 customers sign up for Microsoft's Network Services, due for launch later
 this year.


This is another example of one of the things we should all be aware
of in the computer security business.   Although Microsoft might me a
poor example, it is unbelievably easy for the author/manufacturer of
any so-called "trusted" piece of software to place "trojan - code"
which may be harmful to us, or beneficial to them without us
realizing it.   Often it may heppen unintentionally.   Don't we have
enough problems keeping our information private without having to
monitor high profile vendors (or all vendors for that matter) for
occurrences such as these.   But I guess thats an inherent limitation
with people... You just can't trust 'everyone' :)

I'm just glad that with the large number of us out there who
examine/explore code interactions, that people catch these things and
that we share this information.

FWIW, the Microsoft "registration wizard" in Windows 95 preview does
not indicate in any way, shape or form that it will send your
directory structure out over the net.

I'm reminded of Prodigy's big scare a few years back  in which their
caching algorithm had some 'bug' which wrote the contents of a users
memory to the cache file (hello... Zero the Memory =) ), and allowed
Prodigy to retrieve the contents of this "cache", thereby allowing
them access to your sensitive data (ie: Whats in your SmartDrive
cache at any given time??  Payroll/HR Data... A new high tech
discovery??)

Cheers

...Jan
Bloodhounds International Inc.
Protecting your Information and Communications
Calgary, Alberta  CANADA      403-660-7801

Current thread:

Re: Windows 95 Espionage ( ?? ) Peter Sivo (Jun 05)
- <Possible follow-ups>
- Re: Windows 95 Espionage ( ?? ) Jan Vandenbos (Jun 06)
- Re: Windows 95 Espionage ( ?? ) John Mayo - NSM (Jun 06)
  - Re: Windows 95 Espionage ( ?? ) George Mullins (Jun 06)
- Re: Windows 95 Espionage ( ?? ) Jonathan Stott (Jun 06)
  - Re: Windows 95 Espionage ( ?? ) Joe Konczal (Jun 07)
- Re: Windows 95 Espionage ( ?? ) Matthew SAMS (Jun 06)
- Re: Windows 95 Espionage ( ?? ) Larry Kealey (Jun 06)
- Re: Windows 95 Espionage ( ?? ) Matthew SAMS (Jun 06)
- Re: Windows 95 Espionage ( ?? ) Tatu Ylonen (Jun 06)
- Re: Windows 95 Espionage ( ?? ) Heath I Hunnicutt (Jun 07)
- Re: Windows 95 Espionage ( ?? ) tws () wh bayer com (Jun 07)

(Thread continues...)