The Cellar - View Single Post

mbpark · 08-06-2001, 04:05 PM

I just disabled the two accounts HelpAssistant and SUPPORT_388945a0 (the latter being the registered serial number of my beta of XP Pro, apparently, since it changed between Beta 2 and RC1 which were different installs). I also removed their group membership to HelpServicesGroup (Admin with a different face). I think I'm going to change the passwords as well to something rather nasty

. Meanwhile, I know deep down it's hard to truly eliminate them.

What I noticed about the SUPPORT account is that it points directly to Microsoft's own Active Directory server for authentication. Looks like we'll be explicitly blocking LDAP outgoing when this comes in

. If there are AD exploits, this is one heck of a way to own MS as well

.

However, my nastiest experience with the spyware was with CA ArcServeIT 6.61. I had a server behind two firewalls, with a proxy server that was not specified in the Internet Explorer settings for that machine (which is where the proxy detection comes from). I was doing the upgrade from 6.5 to 6.61 and the installer did the following:
1. Found my proxy server (and this is without it being specified in Proxy Settings on a NATed LAN with the internal IP being a legit one so as to confuse other programs)
2. Sent registration info to CA.
3. Sent complete system information to CA.

I was just shocked as heck that it managed to find it all, and within 5 seconds of installation was on the net doing that. I put the Proxy in so that I could at least have some control over this, but I learned that day it was a bad idea.

I know for a fact that all CA products, Veritas, Rational Rose, among several others, employ this verification method. I wouldn't be surprised if MS bought it from CA, actually.

However, the Sun products I've worked with don't have that issue. The Sun Developer products I have to call in to get an activation certificate every time we reinstall Solaris on a developer machine.

I'm against them looking at my machine as much as I respect the privacy of others, aka I don't care enough to look at others' machines, and I don't want anyone caring enough to look at mine at all

. However, UCITA (which I know is MD and VA) scares the crap out of me for that.

Microsoft's trying to stop the people from selling Windows 2000 Advanced Server for $3 in Moscow and Kuala Lumpur. They're the ones trying to restructure it all so that your machine is no longer yours. Unfortunately, they put the squeeze on the USA. Meanwhile, it's a well-known fact their employees leak beta code out to their friends, and distribute it on the Net. They actually just fired several people for putting full copies of software on a web server for their friends.

I'm just a little po'ed at the fact that there are some people using the privacy movement as an excuse to hide many things that they have stolen. I fully support privacy and my rights to not have goons from Redmond examine my machine for anything they deem objectionable content.

However, there's a difference between privacy for the sake of keeping Redmond out and keeping my business my business and no one else's, and privacy to thumb one's nose at lots of big nasty corporate entities who will do what it takes to make your life hard. It's the equivalent of hiding behind a mother's skirts and pissing off the other kids, IMHO. I care more about keeping my information mine and mine alone, and about my right to not give my bank account info to Microsoft or AOL

. This poor excuse of hiding behind the privacy movement has already caused Microsoft and friends to suddenly take notice and start doing what it takes to remove our right to it.

However, as someone who writes software, I reacted rather negatively to the general consensus. I apologize if my meanings got crossed. I, like many other people who make a living writing software, do not like how rampant piracy happens. There's a billion-dollar industry of copylocks that are well-used. I know that we've already started using them on code we write, especially the embedded code. I just thank god we're not in the videogame industry, where the rate's around 95% instead of 90%.

My point about the congressional hearings was due to the fact that several congressmen have expressed extreme interest in Windows XP and have called for hearings about it in an attempt to delay the shipping date. As you can see from above, another company with rather monopolistic tendencies does exactly the same thing (and it's the backup software the US government uses in many installations AFAIK

).

I'm just not installing XP on a real system. Too much hassle. KDE 2.2 is looking nicer every day, and soon all my hardware at home will be supported.

Mitch

08-06-2001, 04:05 PM	#12
mbpark Lecturer Join Date: Jan 2001 Location: Carmel, Indiana Posts: 761	More XP stuff I just disabled the two accounts HelpAssistant and SUPPORT_388945a0 (the latter being the registered serial number of my beta of XP Pro, apparently, since it changed between Beta 2 and RC1 which were different installs). I also removed their group membership to HelpServicesGroup (Admin with a different face). I think I'm going to change the passwords as well to something rather nasty . Meanwhile, I know deep down it's hard to truly eliminate them. What I noticed about the SUPPORT account is that it points directly to Microsoft's own Active Directory server for authentication. Looks like we'll be explicitly blocking LDAP outgoing when this comes in . If there are AD exploits, this is one heck of a way to own MS as well . However, my nastiest experience with the spyware was with CA ArcServeIT 6.61. I had a server behind two firewalls, with a proxy server that was not specified in the Internet Explorer settings for that machine (which is where the proxy detection comes from). I was doing the upgrade from 6.5 to 6.61 and the installer did the following: 1. Found my proxy server (and this is without it being specified in Proxy Settings on a NATed LAN with the internal IP being a legit one so as to confuse other programs) 2. Sent registration info to CA. 3. Sent complete system information to CA. I was just shocked as heck that it managed to find it all, and within 5 seconds of installation was on the net doing that. I put the Proxy in so that I could at least have some control over this, but I learned that day it was a bad idea. I know for a fact that all CA products, Veritas, Rational Rose, among several others, employ this verification method. I wouldn't be surprised if MS bought it from CA, actually. However, the Sun products I've worked with don't have that issue. The Sun Developer products I have to call in to get an activation certificate every time we reinstall Solaris on a developer machine. I'm against them looking at my machine as much as I respect the privacy of others, aka I don't care enough to look at others' machines, and I don't want anyone caring enough to look at mine at all . However, UCITA (which I know is MD and VA) scares the crap out of me for that. Microsoft's trying to stop the people from selling Windows 2000 Advanced Server for $3 in Moscow and Kuala Lumpur. They're the ones trying to restructure it all so that your machine is no longer yours. Unfortunately, they put the squeeze on the USA. Meanwhile, it's a well-known fact their employees leak beta code out to their friends, and distribute it on the Net. They actually just fired several people for putting full copies of software on a web server for their friends. I'm just a little po'ed at the fact that there are some people using the privacy movement as an excuse to hide many things that they have stolen. I fully support privacy and my rights to not have goons from Redmond examine my machine for anything they deem objectionable content. However, there's a difference between privacy for the sake of keeping Redmond out and keeping my business my business and no one else's, and privacy to thumb one's nose at lots of big nasty corporate entities who will do what it takes to make your life hard. It's the equivalent of hiding behind a mother's skirts and pissing off the other kids, IMHO. I care more about keeping my information mine and mine alone, and about my right to not give my bank account info to Microsoft or AOL . This poor excuse of hiding behind the privacy movement has already caused Microsoft and friends to suddenly take notice and start doing what it takes to remove our right to it. However, as someone who writes software, I reacted rather negatively to the general consensus. I apologize if my meanings got crossed. I, like many other people who make a living writing software, do not like how rampant piracy happens. There's a billion-dollar industry of copylocks that are well-used. I know that we've already started using them on code we write, especially the embedded code. I just thank god we're not in the videogame industry, where the rate's around 95% instead of 90%. My point about the congressional hearings was due to the fact that several congressmen have expressed extreme interest in Windows XP and have called for hearings about it in an attempt to delay the shipping date. As you can see from above, another company with rather monopolistic tendencies does exactly the same thing (and it's the backup software the US government uses in many installations AFAIK ). I'm just not installing XP on a real system. Too much hassle. KDE 2.2 is looking nicer every day, and soon all my hardware at home will be supported. Mitch