msft sucks. get over it. oh, and they are shady evil people
On Wed, May 7, 2008 at 7:45 PM, J. Oquendo <[EMAIL PROTECTED]> wrote: > On Wed, 07 May 2008, Paul Schmehl wrote: > > > Please point to the part where they are "relying on IP" when they > > explicitly state "No identifiable personal information that is related to > > you ***or to the computer*** is sent...." > > What's going on Paul. You're right. "No identifiable personal information > that is related to you ***(adding more stars for empashis)****** or to the > computer ******* is sent..." > > Mea culpa. For a moment here I thought LEA's used IP as an identifier in > courts of law. Silly me. > > / SNIP http://tinyurl.com/54h9fu > > They contacted Special Agent Adam D. Aichele of the Allentown FBI, Wolfe > said. > > Wolfe said Aichele took her to a Lehigh library computer to look at the > e-mail and retrieve the IP address from which it was sent. > > / SNIP > > / SNIP http://www.fbi.gov/congress/congress04/lourdeau050604peer.htm > > Therefore, despite the fact that a Peer-to-Peer connection is not > facilitated by a central server, users can still be identified in real time > by the IP addresses associated with > +their computers. > > / SNIP > > So before you argue back with "but your IP information is not sent!" > really? And how did the information from your machine get there? Smoke > signals? > > As for "sniffing the wire" to see what MS is sending. Sort of difficult > to do. 1) I'm not on Windows that much. 2) When I am on Windows, the > machines I use are sanitized. > > Furthermore, if you go back to the original article in PC World, I > don't know about you but to me its in black and white the correlation. > I don't know anyone who begins to talk about one thing, then goes off > into a complete different tangent in the next paragraph: "Information > obtained from WMSRT etc, etc, etc,..." ... "Officials were able to > identify..." > > If at any point anyone here including LEA's believe wholeheartedly > there is nothing wrong with this in the sense it doesn't have a huge > potential for abuse (not the information sent by WMSRT but the > concept of using data WITHOUT NOTIFYING THE USER), if none have > qualms with this, you're in the wrong business (security). > > I should make it a point to point out the flaws in the system but > alas that would lead to a complete misunderstanding of it. With this > said, here is a scenario for you Paul... Let's say I despised you. > Let's say I AM A BOTNET operator. Let's say I take my EXISTING botnet > and tweak the logged information being sent to Microsoft. I don't > know... I guess I'll make it look as YOUR NETWORK is a CNC for a > large botnet. I can only imagine 1) You will be going through an > insane ghost analysis for something that doesn't exist after being > raided... 2) Frustrated as an engineer since you know for a fact > there is no damn reason a LEA should be even talking to you. > > Look I can think of the horrors behind this. If you can't see it > again, perhaps you and I aren't on the same level of thinking > outside of the box. The abusive side of "hacking" and I won't go > into the political bs of what a hacker is or does or is supposed > to be. > > > -- > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > J. Oquendo > SGFA #579 (FW+VPN v4.1) > SGFE #574 (FW+VPN v4.1) > > wget -qO - www.infiltrated.net/sig|perl > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB > > _______________________________________________ > > > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
