Re: Internet Explorer SuperCookies bypass P3P and cookie controls

From: Barry Dorrans (barryd@BANN.CO.UK)
Date: 01/15/02 

Date:         Tue, 15 Jan 2002 16:05:38 -0000
From: Barry Dorrans <barryd@BANN.CO.UK>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

> One solution to this problem is for Microsoft to remove
> the ClientID property from the WMP ActiveX control. For
> compatibility with existing JavaScript code, Microsoft may
> have to keep the property around, but always have it return a
> GUID of all zeros for all users.
>
> An even better idea might be to remove the WMP player
> ID number altogether and have WMP instead use the standard
> cookie mechanism of Internet Explorer.

This would break the Windows Media DRM, the player ID is used to
uniquely lock a license against a particular computer. Regardless of how
you feel about DRM in general, this unique identifier is necessary for
some of us.

Before anyone suggests that the ID should only be reported from within
the license acquisition popup that media player (or any DRM compatible
player - WinAmp would do the same), that would still break predelivery
code, where you deliver the license without a user having to play a
file.

Regards,

Barry

============================================================================
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here:
http://www.verisign.com/cgi-bin/go.cgi?a=n116965650045000
============================================================================

Relevant Pages

  • Re: Windows Media Player does not work on Internet
    ... See http://zachd.com/pss/pss.html for some helpful WMP info. ... I can't get my windows media player to play the ... to play on certain web sites like we have already discussed. ...
    (microsoft.public.windowsmedia.player)
  • Re: Default Mpg Player?
    ... I'm not familiar with ATI MM Center... ... See http://www.zachd.com/pss/pss.html for some helpful WMP info. ... > player other than WMP) I would appreciate it. ... >>> and WMP opens again. ...
    (microsoft.public.windowsmedia.player)
  • Re: Problem with RIFF tags in audio ripped with WMP11 x64
    ... there any expectation that answers can be provided in a given time ... I understand this is definitely a corner case, both from the WMP and the player side of things. ... I'm working with the developers, and they have bent over backwards trying to figure out why their player breaks on WMP ripped tracks, and ONLY on WMP ripped tracks. ...
    (microsoft.public.windowsmedia)
  • Re: Clicking Files
    ... The first one says "Windows Media Player is version 10.0.0.3990." ... See http://zachd.com/pss/pss.html for some helpful WMP info. ... If the installer is succeeding, it's pretty definitely not a problem ...
    (microsoft.public.windowsmedia.player)
  • Re: No Video interface ON WMP 11
    ... See http://zachd.com/pss/pss.html for some helpful WMP info. ... WMP to normal operation - however the taskbar mini player wasn't on show - ... There's a screenshot of how that looks here for WMP10: ... as the sound starts playing - then when I open WMP manually the ...
    (microsoft.public.windowsmedia.player)