In this article Microsoft sued over XP's "spyware" copy protection we hear that someone is suing Microsoft for, among other things, installing spyware in Windows XP as "security update". The software in question is Windows Genuine Authentication (WGA). According to Microsoft the purpose of this software is ensure the user's copy of Windows XP and Vista are genuine and claimed no personal information is collected.
I have always suspected Windows Automatic Update (WUA) served only one purpose - update Microsoft's embedded spyware. My reasoning is this - automatic updates are done daily, Microsoft updates and "security updates" are put out once a month, Microsoft security patches, or service packs, are released once every one - two years. If service packs are released once a year, why does WAU does updates daily? What is being installed daily? Ok, let us look at it differently, if Microsoft software updates for MS Office, IIS, MS SQL, Internet Explorer etc is released once a month, why does WAU install updates daily? The simple answer is WUA is updating it's remote database with a list of all software the user has installed, all processes running and the user has the rights to those software and processes. In other words, WUA is spying on the user.
Another thing I noticed with WUA is that whenever the administrator sets the security level at an acceptable security level which makes it difficult for hackers to gain access to the system or for malware to be installed, the next WUA update resets the system back to factory default setting - wide open with no security. Because of this I completely disabled WAU and only install service packs when they are required by a software being installed or when I read an article on a trusted web site like Technology Review or Security Focus that recommends the service pack for specific reasons. In those cases I would manually retrieve the service pack MS web site and install it then check to make sure my security settings have not been changed.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment