Full Disclosure mailing list archives
Re: Geolocation Question
From: mrx <mrx () propergander org uk>
Date: Fri, 08 Jan 2010 00:55:40 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Agreed, there are a lot of things that "try to" phone home. I would have less dislike for MS data collection practices if there was a tick box along the lines of "disable all communication with MS servers" Perhaps with the exception of OS updates with the only information sent to MS being the current patch level of the machine to be updated. After all what other info do they need to update the OS? I concur with your appraisal of Google. That's why I use Scroogle, don't use Chrome and block analytics, syndication, adservices and doubleclick. I guess I am just paranoid. mrx ps I wish Thunderbird would default to the list when replying. Dan Kaminsky wrote:
There's lots of things that phone home, but as long as they're opt-in and explicitly documented, I don't have a problem with it per se. Google can sure identify a heck of a lot more, and doesn't exactly assail you with the opportunity to browse anonymously. On Jan 8, 2010, at 1:12 AM, mrx <mrx () propergander org uk> wrote: Dan, Windows 7 has a multitude if services that relay usage and hardware data back to Microsoft. I would be surprised if you are unaware of this. WGA or WAT. Location awareness. Smartscreen filter. Searches defaulting to Live/Bing. Windows problem reporting. Windows online help and support. Customer Experience Improvement Program. Search string collection. Windows Media Player. There are other services that contact MS with usage data. Much of the above is opt in, however MS recommend that these "features" are enabled to ensure a safe and enhanced Windows experience. As most computer users are consumers as opposed to knowledgeable computer users, I would imagine the majority will accept and enable. Although MS may not be able to identify me personally, ie: name, address, age, colour of eyes etc. They can get a pretty good profile of my surfing and computer usage habits along with my IP and MAC address. And this is more information than I am prepared to share. Perhaps I am being paranoid, but I would prefer that MS not have a clue what I do with my PC, what hardware it consists of, what software I run on it, or which websites I visit. http://news.softpedia.com/news/30-Windows-7-Features-Phone-Home-to-Microsoft-129592.shtml http://news.zdnet.co.uk/software/0,1000000121,39544372,00.htm http://www.microsoft.com/windows/windows-7/m3/privacy-highlights.aspx I recently removed the RC version of win7 which I installed out of curiosity. When I get around to buying the RTM I will run Wireshark with the OS for a while, opt in to all that MS recommend, and discover exactly what data is shared with MS. I will then discover if my paranoia is in fact warranted. mrx Dan Kaminsky wrote:phone home features? On Thu, Jan 7, 2010 at 11:50 PM, mrx <mrx () propergander org uk> wrote: Dan Kaminsky wrote:On Thu, Jan 7, 2010 at 11:12 PM, <Valdis.Kletnieks () vt edu> wrote:On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said:No, he uses an XSS against the router to pull its wireless MAC, andthenputs that into Firefox's location services API. That bounces offvariouswardriving sources and comes up with a latlong.OK, so it only works against wireless routers that have been wardriven already. Makes you wonder what's on those Google Street-View trucks besides a camera. ;)www.wigle.net and SkyHook have been doing this stuff for a while.Though Isuppose there is that rule, "It's only creepy if Google does it"Disabling ssid broadcast doesn't mitigate detection either, well not by more than a couple of minutes. If you don't need wireless access disable it. I used to think Microsoft were creepy. I still think Microsoft are creepy, especially after discovering the phone home features in Win 7. Google on the other hand are plain scary, thankfully unlike Microsoft they are entirely altruistic. mrx_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
- -- Mankind's systems are white sticks tapping walls. Thanks Roy http://www.propergander.org.uk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS0aCjLIvn8UFHWSmAQI3nQf/fESE130D7N4hgf913y3hEF/ziekTz7xc 4N/sYFLbkIMkwRPMg8oP7DJ8V4DHVR66NlGZBJtCLmWEKIHiZ8E5kCsrLH0hIFPS UV9Aa69tx67PnbigdQC022kzmA94xjg+6E6whz0mFIlEiXQ4hWYS8Os0utzSbLjJ PE2Lm7rrZYT/fJgfzkR8qm14HtmHGKzg5CJ8hQVZSZYeC3dZm/aXloCFURrAVR+H chsVzg0XoczPGChOssvuZV6woiWnm+6c+oZ56OfnJmBgyPW3H4UqOWMxCVfYxgbv Oo37uYh+AyRSFSw/0/3e8nSVMXTLwQCjd4i9Quh+1cJx2f7hvs6Jng== =qJzz -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Geolocation Question McGhee, Eddie (Jan 07)
- Re: Geolocation Question Dan Kaminsky (Jan 07)
- Re: Geolocation Question Valdis . Kletnieks (Jan 07)
- Re: Geolocation Question Dan Kaminsky (Jan 07)
- Re: Geolocation Question Valdis . Kletnieks (Jan 07)
- Re: Geolocation Question Dan Kaminsky (Jan 07)
- Re: Geolocation Question mrx (Jan 07)
- Re: Geolocation Question Paul Schmehl (Jan 07)
- Message not available
- Message not available
- Message not available
- Re: Geolocation Question mrx (Jan 07)
- Re: Geolocation Question Michael Holstein (Jan 08)
- Re: Geolocation Question Daniel Veditz (Jan 14)
- Re: Geolocation Question Dan Kaminsky (Jan 07)
- Re: Geolocation Question Valdis . Kletnieks (Jan 07)
- Re: Geolocation Question Dan Kaminsky (Jan 07)