Jump to content

The personal info microsoft collects and hides

smercer

By smercer
in Networks and the Internet

 Share

Recommended Posts

smercer

smercer

Posted
Posted

I have found an artical on the internet about Personal information about what you have been doing since you have formated your computer.

here is an extract of the attachment:

There are folders on your computer that Microsoft has tried hard to keep secret.

Within these folders you will find two (major) things: Microsoft Internet

Explorer has been logging all of the sites you have ever visited -- even after

you've cleared your cache, and Microsoft's Outlook and Outlook Express has been

logging ALL of your e-mail correspondence -- even after you've erased them from

your trashbin. (This also includes all incoming and outgoing e-mail attachments.)

And believe me, that's not even the half of it.

When I say that these files are hidden well, I really mean it. If you don't have

any knowledge of DOS, then don't plan on finding these files on your own. I say

this because some of these files will only be found in DOS while some of these

folders can only be found in Windows Explorer. Additionally, there are some

folders that will not be displayed by neither DOS nor Explorer -- but can only

be found using a workaround. Basically what I am saying is if you didn't know

these files existed then the chances of you running across them is slim to

slimmer.

To give you an example of how sneaky this is, there are three hidden folders

that may contain your name, address, phone, all the sites you've visited, every

single e-mail you've sent/received, every attachment you've ever sent/received,

everything you've searched for in a search engine, every filename you've

downloaded, names of documents containing "sensitive" information, copies of all

your cookies, full readable e-mail from your hotmail account, your PGP keys, and

more. 

I think this is about Windows 98, but I think Windows XP has it too.

I posted this in another forum and they have said it is all true.

Makes you wonder.

I am planing to incorperate the changes it tells you to do in an unattended installation, for both win 98 and XP. if anyone has suggestions please post them thanks.

PS to the mods: I did not know what forum to post this in as it covers all microsoft products, so please forgive me for posting in the wrong section.

_ebook____the_information_microsoft_hides_on_your_computer.zip

Link to comment
Share on other sites

un4given1

un4given1

Posted
Posted

It doesn't matter. Let's assume you lost an e-mail. "OMG! What am I going to do?!?!" You contact MS support and they say "That's OK, there's a hidden folder where all of your e-mail is kept." *sigh of relief* I'm not too sure how accurate the information above is, but as long as it's on your local PC, who cares, right? MS doesn't have the right to collect this information and won't.

Link to comment
Share on other sites
un4given1

un4given1

Posted
Posted
Another reason to use Firefox and Thunderbird over Internet Explorer and Outlook.

I disagree. That story doesn't state anything that suggests that Microsoft collects this information, and nothing in the EULA gives them permission to collect this such data. You may be able to compare Thuderbird to Outlook Express, but certainly NOT Outlook.

Link to comment
Share on other sites
Zxian

Zxian

Posted
Posted

All this mumbo jumbo about Microsoft trying to steal your personal information is just that... a lot of talk.

My friend and I set up a small network to test this out where all the packets that were being sent back and forth to a Windows XP Pro computer were logged by a Linux machine. Over the course of a week, nothing random was going to Microsoft, and all that was sent to Windows Update was the current version of WU installed, the product key, and the current updates installed. That's it. Period.

I've also never been able to find any files on my hard drive using Knoppix that I couldn't find with Windows Explorer or command line. I used to believe this stuff... but not any more. Unless someone can give me some definitive proof that this is true now (please note, definitive), I don't believe it.

Link to comment
Share on other sites
FthrJACK

FthrJACK

Posted
Posted

wow, my hard drive is able to store GB's of information and... its as if its not even there, it takes up no room!

MAGIC!

Did you know, that the USA didnt even land on the moon? and that Elvis lives?

The things they try to hide from us, but... the truth is out there!

Link to comment
Share on other sites
prathapml

prathapml

Posted
Posted
All this mumbo jumbo about Microsoft trying to steal your personal information is just that... a lot of talk.

Yes.

Scare-mongers never seem to get tired. There's no reason for microsoft to spy on you.

In fact, they have better things to do than waste resources on such things :P

Link to comment
Share on other sites
kamran_mehmood

kamran_mehmood

Posted
Posted
All this mumbo jumbo about Microsoft trying to steal your personal information is just that... a lot of talk.

Yes.

Scare-mongers never seem to get tired. There's no reason for microsoft to spy on you.

In fact, they have better things to do than waste resources on such things :P

i agree with that as well, why would Microsoft spy on us? :blushing:

~~~~~~~~~~~~~~~~~~~~

Callsign: ~Maverick~

Link to comment
Share on other sites
smercer

smercer

Posted
  • Author
Posted
All this mumbo jumbo about Microsoft trying to steal your personal information is just that... a lot of talk.

My friend and I set up a small network to test this out where all the packets that were being sent back and forth to a Windows XP Pro computer were logged by a Linux machine. Over the course of a week, nothing random was going to Microsoft, and all that was sent to Windows Update was the current version of WU installed, the product key, and the current updates installed. That's it. Period.

I am curious as to how you tested it, were you only looking at pure words, or were you looking at the binary as well? also was it only Microsoft packets you were looking at?

I am considering using Binary Browser to see what is being stored/sent.

I have not heard about Microsoft transmiting the data once gathered into a couple of files, but like everything there is always a first time.

Netscape was one of the first that was found to contain spyware, and I don't know if they still are spyware.

The reasons for having spyware in programs that are free are obvious, so they can get some money back in another form by selling personal info to advertisers.

But if Microsoft is transmiting it that no one has found it could be for one of two reasons, or both:

1) Extra money (greedy)

2) Government reasons

quote from Privacy International

http://www.privacyinternational.org/articl...%5D=x-347-83813

In the past fifteen years, the United States government has led a worldwide effort to limit individual privacy and enhance the capability of its police and intelligence services to eavesdrop on personal conversations. This campaign had two strategies. The first is to promote laws that make it mandatory for all companies that develop digital telephone switches, cellular and satellite phones and all developing communication technologies to build in surveillance capabilities; the second is to seek limits on the development and dissemination of products, both in hardware and software, that provide encryption, a technique that allows people to scramble their communications and files to prevent others from reading them.1

Law enforcement agencies have traditionally worked closely with telecommunications companies to formulate arrangements that would make phone systems “wiretap friendly.” These agreements range from allowing police physical access to telephone exchanges, to installing equipment to automate the interception. Because most telecommunications operators were either monopolies or operated by government telecommunications agencies, this process was generally hidden from public view.

Following deregulation and new entries into telecommunications in the United States in the early 1990s, law enforcement agencies, led by the FBI, began demanding that all current and future telecommunications systems be designed to ensure that they would be able to conduct wiretaps. After several years of lobbying, the United States Congress approved the Communications Assistance for Law Enforcement Act (CALEA) in 1994.2 The act sets out legal requirements for telecommunications providers and equipment manufacturers on the surveillance capabilities that must be built into all telephone systems used in the United States. In 1999, at the request of the Federal Bureau of Investigation, an order was issued under CALEA requiring carriers to make available the physical location of the antenna tower that a mobile phone uses to connect at the beginning and end of a call.3

In the United Kingdom the Regulation of Investigatory Powers Act 2000 requires that telecommunications operators maintain a “reasonable interception capability” in their systems and be able to provide on notice certain “traffic data.”4 It also imposes on obligation on third parties to hand over encryption keys. These requirements were recently clarified in the Regulation of Investigatory Powers (Maintenance of Interception Capability) Order 2002.

In the Netherlands, a new Telecommunications Act was approved in December 1998 that required that Internet Service Providers have the capability by August 2000 to intercept all traffic with a court order and maintain users logs for three months.5 The law was enacted after XS4ALL, a Dutch ISP, refused to conduct a broad wiretap of electronic communications of one of its subscribers. In New Zealand, the Telecommunications (Residual Powers) Act 1987 requires network operators to assist in the operation of a call data warrant (equivalent to the United States trap and trace or pen register warrant). 6 An obligation to assist in the operation of a full interception warrant is now also being considered in New Zealand. The Telecommunications (Interception Capabilities) Bill currently being drafted by the Government would require all Internet Service Providers and telephone companies to upgrade their systems so that they are able to assist the police and intelligence agencies intercept communications. It would also require a telecommunications operator to decrypt the communications of a customer if that operator had provided the encryption facility.7

In January 2002, a new Law on the surveillance of mail and telecommunications entered into force in Switzerland, requiring ISPs to take all necessary measures to allow for interception.8 In contrast, the Austrian Federal Constitutional Court held, in a decision9 in February 2003, that the law compelling telecommunications service providers to implement wiretapping measures at their own expense is unconstitutional.10 Most recently, Poland and New Zealand have been reported as proposing and adopting new laws requiring ISPs to monitor and record communications transactions.

If you decide to question that, why does Microsoft have so many holes that people keep finding? Why even the most sofisitcated sites which obvously have the most secure web servers still get hacked?

Of course some people would say that they feel more comfortable that the police and law enforcement have the capiblity to listen in on any electronic conversation, but it is against every citisens consitutional rights to have surveillance on them. In fact you would feel like a terrorist if you knew someone was watching everything you do. and there is no garrentee that the extra power that the government has given themselves, be abused.

I've also never been able to find any files on my hard drive using Knoppix that I couldn't find with Windows Explorer or command line. I used to believe this stuff... but not any more. Unless someone can give me some definitive proof that this is true now (please note, definitive), I don't believe it.

I tested it out and I did find exactly what he said.

I am using Windows 98 and at the time of looking I had Internet explorer 5.

I typed in:

C:\>CD WINDOWS<ENTER>

C:\WINDOWS>CD TEMPOR~1<ENTER>

If you do a DIR (shows you the contents of the directory you are currently in) like this:

C:\WINDOWS\TEMPOR~1\>DIR<enter>

You would find there is nothing listed, however if you then type in

c:\WINDOWS\TEMPOR~1\>CD CONTENT.IE5<enter>

You are now in a folder that DOS says doesn't exist. if you do a DIR here like this:

c:\WINDOWS\TEMPOR~1\CONTENT.IE5\>DIR<enter>

You get a listing with index.dat in it.

I then typed in:

c:\WINDOWS\TEMPOR~1\CONTENT.IE5\>EDIT INDEX.DAT<enter>

I was able to find things like my email address, URLs I had visited, my default website, etc.

Now that I am using IE 6, I did the work around that it said in the attachment to delete desktop.ini, and the file I had deleted in dos (index.dat) is back there again (recreated thanks to microsoft). I opened it up and it has logged the sites I have just now visited, and has loged what I had justed searched in google.

Edit: I used the find utillity to find desktop.ini by going start->Find->Files or folders. Then entered desktop.ini in named text box and set "look in" combo box to "My computer". I then deleted all that was found (which will be back there when I reboot).

Link to comment
Share on other sites
DigeratiPrime

DigeratiPrime

Posted
Posted

information cannot leave the computer if its not connected to the internet. ;)

If I setup a Firewall to block ALL outgoing connections, except Firefox for example, it becomes improbable for data leaking.

If I use a program like CurrPorts (freeware) I can view what Processes are acessing what Ports (as well as the remote addresses) on the local PC.

Finally if I want to wipe a hard drive I would Zero Fill (Low-Level Format) it.

Link to comment
Share on other sites
smercer

smercer

Posted
  • Author
Posted
Want to know more about Index.dat?

http://en.wikipedia.org/wiki/Index.dat

...

We could always go crazy and open it in a hex editor just to check though.  :)

Which pretty much sums it up.

desktop.ini is just a simple txt file that gives details about the folder it is in.

If it is, why does files & folders suddenly appear when it is deleted?, and when I do delete it the folder layout stays the same.

Link to comment
Share on other sites
prathapml

prathapml

Posted
Posted
I typed in:

C:\>CD WINDOWS<ENTER>

C:\WINDOWS>CD TEMPOR~1<ENTER>

If you do a DIR (shows you the contents of the directory you are currently in) like this:

C:\WINDOWS\TEMPOR~1\>DIR<enter>

You would find there is nothing listed, however if you then type in

c:\WINDOWS\TEMPOR~1\>CD CONTENT.IE5<enter>

You are now in a folder that DOS says doesn't exist. if you do a DIR here like this:

c:\WINDOWS\TEMPOR~1\CONTENT.IE5\>DIR<enter>

Ever heard of the command:

DIR /A

? :lol:

And index.dat contains personal info for yor own sake.... you can clear it from IE's options interface.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...