Re: Microsot DID DISCLOSE potential Backdoor

["J. Oquendo" <sil () infiltrated net>]

On Wed, 07 May 2008, Paul Schmehl wrote:

> Please point to the part where they are "relying on IP" when they
> explicitly state "No identifiable personal information that is related to
> you ***or to the computer*** is sent...."

What's going on Paul. You're right. "No identifiable personal information
that is related to you ***(adding more stars for empashis)****** or to the
computer ******* is sent..."

Mea culpa. For a moment here I thought LEA's used IP as an identifier in
courts of law. Silly me.

/ SNIP http://tinyurl.com/54h9fu

They contacted Special Agent Adam D. Aichele of the Allentown FBI, Wolfe said.

Wolfe said Aichele took her to a Lehigh library computer to look at the e-mail and retrieve the IP address from which 
it was sent.

/ SNIP

/ SNIP http://www.fbi.gov/congress/congress04/lourdeau050604peer.htm

Therefore, despite the fact that a Peer-to-Peer connection is not facilitated by a central server, users can still be 
identified in real time by the IP addresses associated with
+their computers.

/ SNIP

So before you argue back with "but your IP information is not sent!"
really? And how did the information from your machine get there? Smoke
signals?

As for "sniffing the wire" to see what MS is sending. Sort of difficult
to do. 1) I'm not on Windows that much. 2) When I am on Windows, the
machines I use are sanitized.

Furthermore, if you go back to the original article in PC World, I
don't know about you but to me its in black and white the correlation.
I don't know anyone who begins to talk about one thing, then goes off
into a complete different tangent in the next paragraph: "Information
obtained from WMSRT etc, etc, etc,..." ... "Officials were able to
identify..."

If at any point anyone here including LEA's believe wholeheartedly
there is nothing wrong with this in the sense it doesn't have a huge
potential for abuse (not the information sent by WMSRT but the
concept of using data WITHOUT NOTIFYING THE USER), if none have
qualms with this, you're in the wrong business (security).

I should make it a point to point out the flaws in the system but
alas that would lead to a complete misunderstanding of it. With this
said, here is a scenario for you Paul... Let's say I despised you.
Let's say I AM A BOTNET operator. Let's say I take my EXISTING botnet
and tweak the logged information being sent to Microsoft. I don't
know... I guess I'll make it look as YOUR NETWORK is a CNC for a
large botnet. I can only imagine 1) You will be going through an
insane ghost analysis for something that doesn't exist after being
raided... 2) Frustrated as an engineer since you know for a fact
there is no damn reason a LEA should be even talking to you.

Look I can think of the horrors behind this. If you can't see it
again, perhaps you and I aren't on the same level of thinking
outside of the box. The abusive side of "hacking" and I won't go
into the political bs of what a hacker is or does or is supposed
to be.

-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)

wget -qO - www.infiltrated.net/sig|perl

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/