| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 07 May 2008 16:54:50 -0500 From: Paul Schmehl <pauls@...allas.edu> To: "J. Oquendo" <sil@...iltrated.net>, Ken Schaefer <Ken@...penStatic.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Microsot DID DISCLOSE potential Backdoor --On Tuesday, May 06, 2008 13:35:33 -0500 "J. Oquendo" <sil@...iltrated.net> wrote: > On Tue, 06 May 2008, Ken Schaefer wrote: > >> I'm not sure the facts in evidence support the conclusions reached here >> (sorry, not posting inline as I don't want to address each conclusion built >> upon some other shaky conclusion. >> >> From http://support.microsoft.com/kb/890830 >> >> ====== >> >> Either I am missing the point of J. Oquendo's post, or the conclusions I >> think he reaches are speculation rather that established. >> >> Cheers >> Ken >> > > Unsure if this made it to the list the first time, therefore I will re-take. > Outside of technical quoting I will lay it out in understandable terms. > Microsoft DOES NOT NOTIFY THE END USER THAT INFORMATION TAKEN FROM THEIR > MACHINE WILL BE FORWARDED TO ANYONE OUTSIDE OF MICROSOFT. > > This *IS NOT* speculation but fact. Since you provided the link for us, > please go back and specify where Microsoft is telling us the information > they gather from Windows Malicious Software Removal WILL BE sent to > LAW ENFORCEMENT AGENCIES inside or outside the United States. > > Please read the article and the wording: > http://www.pcworld.com/businesscenter/article/145257/microsoft_botnethunting_ > tool_helps_bust_hackers.html > > /QUOTED > The software vendor is giving law enforcers access to a special tool that > keeps tabs on botnets, using data compiled from the 450 million computer > users who have installed the Malicious Software Removal tool that ships with > Windows. / END QUOTE > > Please find me anything in the EULA for WMSR tool that specifies they > will do as they see fit with data from my machine? Please find the EULA to begin with. :-) Here's what Microsoft's information page on the MSRT says: <http://support.microsoft.com/?kbid=890830> "The Malicious Software Removal Tool will send basic information to Microsoft if the tool detects malicious software or finds an error. This information will be used for tracking virus prevalence. No identifiable personal information that is related to you or to the computer is sent together with this report." > > /QUOTED: > In February, the S?ret? du Qu?bec used Microsoft's botnet-buster to break up > a network that had infected nearly 500,000 computers in 110 countries, > according to Captain Frederick Gaudreau, who heads up the provincial police > force's cybercrime unit. / END QUOTE > > Missing the part? Its black and white. If MS wasn't using information (flawed > since it's relying on IP) then how did they correlate IP information > back to law enforcement... OUTSIDE the United States... > Please point to the part where they are "relying on IP" when they explicitly state "No identifiable personal information that is related to you ***or to the computer*** is sent...." You're making huge assumptions and over-generalizations about something you know little or nothing about. What reporters report is often the same thing based upon their lack of understanding of the subject matter and their natural tendency to distrust everyone they interview. Note that, even in the quote you cite, they do not say that the Quebecois police (Mounties?) used the MSFT but the "botnet-buster". Are you claiming that the botnet buster *is* the MSRT? If so, on what basis? Have you even bothered to do a network trace to see what information the tool sends? -- Paul Schmehl (pauls@...allas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists