RE: windows update reporting info back to MS? (and .NET fw SP1)
From: Amer Karim (amerk@telus.net)Date: 08/07/02
- Previous message: De Velopment: "Re: windows update reporting info back to MS? (and .NET fw SP1)"
- In reply to: Paris E. Stone: "RE: windows update reporting info back to MS? (and .NET fw SP1)"
- Next in thread: Tosh, Michael J (N-Joule): "RE: windows update reporting info back to MS? (and .NET fw SP1)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Amer Karim" <amerk@telus.net> To: <focus-ms@securityfocus.com> Date: Wed, 7 Aug 2002 11:30:59 -0700
In fact I believe that you don't need to enable them at all - the Automatic
update and BITS only apply to the automatic updates and aren't necessary for
manual updates. The remote registry service isn't necessary for either. I
have all three disabled on my systems.
Just be aware that on a W2K server, you'll need to enable the Remote
Registry service in order to configure certain components, i.e. RRAS, but
you can disable it after you're done.
Regards,
Amer Karim
Nautilis Information Systems
Pager: 604-645-7729
e-mail: amerk@nautilis-sys.com
Confidentiality Notice
The information contained in this communication is confidential and/or
proprietary business or technical data. If you are not the inteded
recipient, you are hereby notified that any dissemination, copying or
distribution of this communication, or the taking of any action in reliance
on the contents of this communication, is strictly prohibited. If you
received this communication in error, please immediately notify us by return
message, and delete or destroy all copies of this communication.
-----Original Message-----
From: Paris E. Stone [mailto:paris@archerintegration.com]
Sent: August 7, 2002 09:02
To: focus-ms@securityfocus.com
Subject: RE: windows update reporting info back to MS? (and .NET fw SP1)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
How to overcome the "New" Windows Update.
Stop 3 services:
Automatic Update
Background Intelligent Transfer Service
Remote Registry
Change their type from Automatic / Manual to Disabled.
Turn them on only when you want to update.
- -----Original Message-----
From: Javier Sanchez (Information Systems) [mailto:javier@msmc.com]
Sent: Thursday, August 01, 2002 11:24 AM
To: Douglas R. Wilson; focus-ms@securityfocus.com
Subject: RE: windows update reporting info back to MS? (and .NET fw
SP1)
Unfortunately, you're probably right.
With the latest version of Windows Update (essentially a mandatory
download and now part of SP3) you consent to sending the following
information to Microsoft:
* Operating-system version number and Product Identification number
* Internet Explorer version number
* Version numbers of other software
* Plug and Play ID numbers of hardware devices
This is stated in the "Windows Update Privacy Statement" which you
can
read at <http://v4.windowsupdate.microsoft.com/en/about.asp?> You
can
also follow the "About Windows Update" link off the WindowsUpdate
page.
Don't bother trying to right-click, they've made sure to disable
that.
I haven't bothered trying to sniff that packets to see precisely what
"Other Software" they're looking at. I'll just assume that "Other"
software means "Other MICROSOFT Software, such as Office"... Maybe if
I
keep telling myself that, one day I'll believe it.
Has anyone taken the time to sniff and see what's going on?
- -Javier I. Sanchez
- -----Original Message-----
From: Douglas R. Wilson [mailto:dallendoug@dallenhome.org]
Sent: Thursday, August 01, 2002 9:28 AM
To: focus-ms@securityfocus.com
Subject: windows update reporting info back to MS? (and .NET fw SP1)
I put the .NET framework on workstation for test purposes yesterday
before leaving work, and didn't put SP1 (for .NET) on it. This
morning,
the automatic update had already downloaded the patch, and prompted
to
apply it. (I have my windows update client set to download, but not
to
install unless I approve).
I went ahead, and ran the install. A few seconds in, I noticed sudden
network activity, and the install sat there for a moment. Not enough
data transfer seemed to be going on for it to be a download (and, in
theory, the patch should have already been downloaded), but I pulled
up
the following with netstat:
TCP MYHOSTNAME:1802 wustat.windows.com:http ESTABLISHED
Being paranoid, doesn't this look like windows update is reporting
back
to microsoft? (windows.com is owned by MS and redirects to
microsoft.com
if you go the plain www.windows.com domain). In theory, I forget the
official WU blurb, but isn't "no information returned to microsoft
about
your computer"?
Does anyone else know anything about this? (pardon me if this is
something blatantly obvious and/or discussed -- I have had my head in
projects for a bit).
TIA,
Doug
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: http://www.parisstone.com/
iQA+AwUBPVFEd/2j5dDsq7N3EQIknACg9EQIqGLEx5zqkn6YFTPoDzvAZl0AmNUJ
ErxySotw4dwETM/6l30GE+g=
=vWE4
-----END PGP SIGNATURE-----
- Previous message: De Velopment: "Re: windows update reporting info back to MS? (and .NET fw SP1)"
- In reply to: Paris E. Stone: "RE: windows update reporting info back to MS? (and .NET fw SP1)"
- Next in thread: Tosh, Michael J (N-Joule): "RE: windows update reporting info back to MS? (and .NET fw SP1)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
