Sign in with
Sign up | Sign in
Your question

XP pro loaded with spyware???

Last response: in Windows XP
Share
November 26, 2001 10:09:54 PM

Our IT guy a work says that the new XP is loaded with spyware ??? is that true or is he full of himself?? those guys are usually in the know right? he didn't give his source but said it tracked every movement the computer made while online and reported to somewhere?? could this be true?? has any of you heard the same thing? I have a copy of the pro version and was wanting to try it. but not if this is true.... thanks

dazed and confused

More about : pro loaded spyware

November 27, 2001 1:40:01 AM

I highly doubt that. Think about how many computers are running XP Pro and how many of those are on the internet, and how many webpages those computers go to... That's a lot of info to report to somewhere...

But then again, this is just how it seems to me.

Lyrics. Wasted time between solos.
Related resources
November 27, 2001 2:12:58 AM

In some ways, this is a fairly simple question, but complicated to answer.

The intent of the Microsoft Passport (a feature built into Windows XP that may however be disabled) is to offer integration with the .Net server initiative in providing some advanced features for user identification (including communications level identification tags) to "enhance the user experience" when doing online shopping, visiting partner portals and/or user communities such as MSN and others. This initiative (a purely Microsoft Venture) is what Steve Ballmer and Bill Gates are banking on for the future as services (destinations) will be paying them a fee for routing buyers/users and managing security. In this regard, Microsoft is probably able to get a pretty good picture of what you are doing when online.

As far as anyone is willing to admit, there are no inherit tracking or privacy infringements in Windows XP including the use of the .Net Passport; however, as Microsoft will not reveal their source code to anyone, stating this as fact is impossible and would be irresponsible. Microsoft themselves have some pretty political wording in how they describe their role in developing, using and managing this technology.

Unfortunately, there are several neat features of XP that won't work without a .Net Passport; however, if you decide (as I did) to use the passport, there is nothing stopping you from setting up a simple passport account that uses false personal information and uses an IMAP email address (like a yahoo, Hotmail, Netscape) to manage your subscription. In this case, you can feed everyone totally bogus information for one account that you use when online surfing and reporting bugs, etc... and have a second online passport for those times when you want to exploit the features. For example, online purchases or conducting secure communications with anyone from your bank to your work PC.

As with any online Operating System, you should take certain preventative measures if you wish to protect your identity while online. In this regard, Windows XP is not much different than any other Operating System including Windows 2000, Windows 98 or Linux if you are on the client side. Some add-in software to disguise your IP address, or otherwise make you an alias is always a good idea to protect you from ... well.. let's just say cellar dwellers out there with less than desirable intentions.

Generally speaking, there will ALWAYS be someone out there trying to follow your every online move. Whether it is the NSA, your neighbor's kid, or some company that peeks into your cookies, you can't ever think your privacy is protected.

If configured correctly with the appropriate tools (whether Microsoft's or someone else's) for managing communications and security, Windows XP Professional will deliver significant improvements in both the desktop and online experience without sacrificing any privacy.

There are many advantages of XP Professional over any other Microsoft Platform, mainly in the areas of communications, stability, compatibility and performance. Security and privacy have been improved, but you will need to consider whether some of Microsoft's "advances" put you at risk. If so, you will need to decide on the best course of action to protect yourself by either disabling these features or working around them with third party tools and/or countermeasures.

Steve Benoit


Stable Technologies
'The way IT should be!'
November 27, 2001 2:17:43 AM

Your IT guy is pulling your leg. Or he's just not the smartest cracker in the barrel. WinXP does not track your movements and report the info to some unknown destination.

Can you imagine what it would take for any website to correlate that much data and make some sense of it?

However ...

It's possible that he might have been influenced by some recent articles written by Steve Gibson, in reference to some of the security weaknesses in WinXP, but I recommend that you keep something in mind while reading this material.

Steve Gibson <i>is</i> just a little bit paranoid. He's a smart guy, and he may be right-on-the-money on some subjects, but he also has tendency to exaggerate whenever possible. Steve likes using the inflammatory phrase, when it may not be absolutely necessary in order to make his point. I've read a lot of his material over the past few years, and I think he enjoys the image of being the lone, sane voice screaming in the wilderness. It's what some of us refer to as the Chicken Little Syndrome.

<A HREF="http://grc.com/dos/winxp.htm" target="_new">http://grc.com/dos/winxp.htm&lt;/A>

I thought the story of the DoS attacks by the 13 year old attacker to be quite entertaining.

But never mind my opinion. You make the call.

Toejam31

<font color=red>My Rig:</font color=red> <A HREF="http://www.anandtech.com/mysystemrig.html?rigid=6847" target="_new">http://www.anandtech.com/mysystemrig.html?rigid=6847&lt;/A>
____________________________________________________

<font color=purple>"Procrastination on your part does not constitute an emergency on my part."</font color=purple>
November 27, 2001 4:01:50 AM

Toejam,

There is a world of difference between inherent security flaws in XP and the O/S itself being <b>deliberately loaded</b> with spyware.

I've read Steve Gibson's pages, and have no doubt the guy is right on the ball. Having said that, he clearly relished his investigations after the kiddie's hacking attempts, and he can be a tad melodramatic.

Still, makes for fun reading :smile:
November 27, 2001 5:23:02 AM

Download optout or something similar to remove it if that's the case. I haven't even checked...

<font color=red>God</font color=red> <font color=blue>Bless</font color=blue> <font color=red>America!</font color=red>
November 27, 2001 5:26:15 AM

Odds are he installed software right away that installed spyware. AOL 4.0 and 5.0 for example were notoriously bold in this respect. They installed a ton of it.

<font color=red>God</font color=red> <font color=blue>Bless</font color=blue> <font color=red>America!</font color=red>
November 27, 2001 8:39:46 AM

I havn't seen any hard evidence of spyware, but there are microsoft accounts on some instalations of XP that could potentially let them log on to your computer (or a hacker that could gain access to MS files). The Corp. version has two such accounts. You can check yours by viewing ControlPanel => AdministrativeTools => ComputerManagement => LocalUsersAndGroups and looking for accounts that you did not create, and that are not built in accounts.

codito ergo sum
November 27, 2001 1:28:59 PM

I totally agree.

I just thought I'd provide a link to some issues that are at least <i>partially</i> grounded in reality.

And it is a fun read.

Toejam31

<font color=red>My Rig:</font color=red> <A HREF="http://www.anandtech.com/mysystemrig.html?rigid=6847" target="_new">http://www.anandtech.com/mysystemrig.html?rigid=6847&lt;/A>
____________________________________________________

<font color=purple>"Procrastination on your part does not constitute an emergency on my part."</font color=purple>
!