Jump to content


Photo

Why aren't they called spyware?


  • This topic is locked This topic is locked
26 replies to this topic

#1 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 01 June 2005 - 03:54 AM

So Windows Media Player tries to connect to the internet and send info out every time I play a file from hard drive. It does this even though I've told it not to. It also has a hidden program called "windows Media Player Configuration . . . " something or another that triuews to send info out onto the internet and you'd never know it if you didn't have a really good firewall (like zonealarm).
Why isn't this called what it is? SPYWARE!

Nortons Antivirus. Same thing. It ignores my settings often, it treies to conncet to the internet and upload something, even when all my setting have told it not to, just like theWMP (above).
Why isn't this called what it is? SPYWARE!

I'm sure there are other biug name products out there that I can't remember right now.

Anyone have any idea why these aren't called spyware?
Anyone have some other big name items to add to the list?

#2 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 01 June 2005 - 08:45 AM

Are you sure they are not just checking for updates?
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#3 Lunatick

Lunatick

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 01 June 2005 - 10:38 AM

Are you sure they are not just checking for updates?

View Post


Lol :p

#4 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 01 June 2005 - 11:22 AM

Texx Smith,
In that case, ZoneAlarm and any other legitimate software is also spyware.
Don't be so paranoic, there are still good guys on the internet :)
ErikAlbert
Simplicity is always brilliant.

#5 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 01 June 2005 - 11:33 AM

Texx Smith,
In that case, ZoneAlarm and any other legitimate software is also spyware.
Don't be so paranoic, there are still good guys on the internet :)

View Post




Because ZoneAlarm connects to the internet and sends some kind of info about my computer to somewhere without my knowledge or consent?
Well, yes I would call that spyware too. Does it do that?

Dictionary.com defines spyware as:

Any type of software that transmits
information without the user's knowledge.

So when Nortons or MS or Zone Alarm sends info of some kind out over the internet and/or tries to act as a server.

It is true, tho. I am am a little paranoid!

P.S. I told WMP not to check for update and not to try to look up info on the music I play. Besides it tries to connect with every single file (movies too) I play.

#6 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 01 June 2005 - 12:15 PM

Texx Smith

P.S. I told WMP not to check for update and not to try to look up info on the music I play. Besides it tries to connect with every single file (movies too) I play.

If that is true, I agree with you that it's weird.
Aren't you able to block these programs with ZoneAlarm ?

The trouble is, that we don't know what the CONTENTS is of all that outgoing traffic of each software.
As long we don't know that, it could be anything : good, bad or worse.
I don't have the know-how to read outgoing traffic.

Personally, I don't really care about that as long it is legitimate software.
Even when these softwares aren't completely clean as it should be, I wouldn't care much about it either.
It can't be that bad like real spyware does.

The day, I don't feel safe enough anymore on the internet, I disconnect without hesitation.
I don't need internet to live at home.

I guess you have to wait for an expert.
ErikAlbert
Simplicity is always brilliant.

#7 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 01 June 2005 - 04:54 PM

If that is true, I agree with you that it's weird.
Aren't you able to block these programs with ZoneAlarm ?


O ya, I am (I think) blocking these products attempts to connect to the internet. But what about all those people that don't use ZoneAlarm. Especially the poor bastards who are using Nortons personal Firewall! You know that isn't going to block Nortons other products from connecting to the internet.

You're right, I have NO idea what they are trying to send. And it's not screwing up my computer like the really nasty spyware does. But think about the wealth of info that Windows Media Player has gathered! A list of every file played on every computer with WMP and the user and time is possible this way!

:alarm: And you wanna hear really paranoid stuff anyone? :alarm:

What if Internet Explorer is doing this? or Windows update? No one knows, not even the government what is getting sent. It's a trade secret I'm sure. :eek:
Let's just hope if the govt or MS is using this info it's stop child porn. But still....

It kinda creeps me out that they knew I watched "Fat girls and Mayonaise" 23 time in a row last week! :!:

#8 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 01 June 2005 - 05:22 PM

These programs are not spying on you... They explain what type of info they track and they are generally quite true to that since they know that they are being watched by all sorts of people out there that do know how to analyze what goes in and out of the computer... I suspect that you need to tweak the setting on MediaPlayer a bit more, but it is not communicating personal info on you...

MS does have an initiative to make future hardware and software able to personally identify you, but claims it is the interest of improving security... I am not happy with what I have read so far, but it may be different by the time it actually happens... There is a constant balance between valid security concerns and privacy concerns... Imagine if the people that wrote CWS had to have code in each program they spread that can be traced back to them no matter what!! Or imagine if the people who write phishing scams could be found the same day they send out their garbage!! There are clearly drawbacks to this technology, but there are also advantages...

Back to the original point... those programs are not spyware... They do connect to their companies, but that can be blocked... It also involves updating and other functions that are handy... I used to approve each NOD32 update, now I just let it do it and it works well... It has to connect to the company to do that and I don't have any problem with that... I trust them to only look at my version number and update to the latest... On the other hand, I avoid keeping personal info where it can be found in case someone does manage to hack into my system...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#9 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 01 June 2005 - 09:41 PM

i like your side point!

Interesting thought:
What if the software could NEVER connect to the internet with out a user telling it to. Wouldn't that be much better for security?

Another interesting thought:
When Microsoft says "Security" I think it mostly means "Anti-Piracy" you?

I do have to give them their props for increasing security. It's about time. But I don't think they understand yet.

#10 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 01 June 2005 - 09:46 PM

It is possible to set up most (if not all) of your software to ask permission before connecting to the internet and you can certainly set settings high enough on several firewalls that nothing will connect without permission... However, that is really unnecessary most of the time... If you are that worried about how the programs connect, the simplest thing would be to unplug your internet connection and give up on the web...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#11 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 02 June 2005 - 08:59 AM

If you are that worried about how the programs connect, the simplest thing would be to unplug your internet connection and give up on the web...

View Post


Are you working for Microsoft? Really, who else would say that someone should live with Spyware or give up the internet? Maybe you work for some spyware company?

I've already stopped them from connecting. It's obvious its not checking for updates, both the above do that but in a more obvious and controllable way. That the whole point of forums like this is to stop spyware.
If they aren't taking personal info or computer info or something bad, then why woulfd they go through all that trouble to hide the activity? Most people would never see this activity.

Maybe I'm just mis-understanding you....
Ya, I must be, no-one thinks spyware is ok in any form, right?

#12 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 02 June 2005 - 10:28 AM

Texx Smith, believe me --- no one here thinks spyware is okay in any form whatsoever. :)

Windows Media Player connects to the internet to gather license information and other embedded content, but those features can be disabled (I have them disabled on my machine). I wouldn't call it spyware, per se, but I don't like programs connecting remotely without my explicit consent. Furthermore, there are a few known malware exploits that take advantage of this WMP feature. But you should be able to disable it just within the WMP preferences menu.

Norton is most likely just connecting normally in order to update your virus definitions files. An antivirus wouldn't be much use if you didn't allow it to update! Whether you like Norton as a product or not, it is certainly not malicious...

Hope this helps :)

#13 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 02 June 2005 - 06:39 PM

Texx Smith,

The fact that you are over defining spyware does not mean that I support spyware... Your argument is actually close to what the real spyware makers would have us believe, that they are not doing anything worse than the legit companies... Amplifying your paranoia to the point of accusing me of supporting spyware is ridiculous and insulting...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#14 heggee

heggee

    Member

  • Full Member
  • Pip
  • 44 posts

Posted 02 June 2005 - 07:40 PM

I guess it's pretty much known that when you want to update a driver or such, one is better off getting it from the venders website. Heck, I no longer use the install discs when installing a new printer; I just pull the software and drivers from their site. It's up to date already.

When I bought my Audigy Hardware a few years back I was appalled at what I found after being a bit educated here. The discs themselves were full of Malware. ie-
( killapp.exe ) and much,much more.

Should one be paranoid when one goes out and buys their favorite CD to play on their computer and all of a sudden Kerio is telling me my disc is trying to make the computer connect to the internet? I don't think so. I always scan any product before opening it. Just makes sence.

Yes, I'de be a bit offended if somone suggested I give up the internet. Sure would hate to have to start in the Library again researching material for a term paper.I'll bet you more than half the students today don't know the publication to begin with. I'll tell you though, when we create music; computer is never,ever connected to anything except my soundboard. ;D
"Youth pases, but with luck immaturity can last a lifetime!"

#15 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 02 June 2005 - 08:12 PM

heggee,

This is what I said:

If you are that worried about how the programs connect, the simplest thing would be to unplug your internet connection and give up on the web...

This is what you implied I said:

somone suggested I give up the internet.

There is a substantial difference in meaning between the two... I made a "if-then" statement... If you wish to believe that your legit programs are spying on you and you don't like it, then it would be easiest to give up the web... If you choose to believe people that have reason to know when they say these programs are legit and set up reasonable protections for yourself, then, of course, there is no reason to give up the web...

If you wish to maintain your paranoia and remain on the internet, there are solutions to help you do that, but they are not as easy as walking away...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#16 mitchshrader

mitchshrader

    Member

  • Retired Staff - Helper
  • Pip
  • 29 posts

Posted 02 June 2005 - 08:26 PM

first, I quite agree that programs that auto update should be avoided unless you throughly trust them.

equally, i do NOT trust either windows media player or norton. that far we are on the same wavelength.

the reason i don't trust em is they do what the vendor wants when it isn't what i want.

that is like a dog that poops in the house. no thanks.

as far as presuming folks with other opinions are evil or malicious, uh.. that's unsupported.

some people LIKE wmp and norton.. however much i disagree with their opinion, as long as they don't try to make ME use em, rave on. not my business.

my nickles worth and i only charged you 2c. such a deal!
Helpers Rules (as I see 'em)
First, Do No Harm!
Second, Use Known Good (canned) Fixes when possible.
Third, Get Help From Others when not positive of your answer.
Fourth, Do Not Recommend complex procedures without verifying the skill of the user to accomplish necessary tasks.
Fifth, Specify optional removals as 'Users Choice'.
Sixth, Give Credit for info and assistance.
Last, BE POLITE. Especially when it is most difficult.

#17 heggee

heggee

    Member

  • Full Member
  • Pip
  • 44 posts

Posted 02 June 2005 - 08:31 PM

I apoligise Budfred. Thank you for pointing out my misuse concerning semantics. Never was one of my strong points. Guess I misread and should not have said anything. I just found this topic very interesting. Guess I'll move along...............again, I apoligise.....
It won't happen again.
"Youth pases, but with luck immaturity can last a lifetime!"

#18 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 03 June 2005 - 04:47 AM

Well I'm sure I'm being too hard on you, BudFred. And I apologize.

But I'm not looking for solutions. I have already blocked these apps from connecting to ther internet. I'm raisng questions.
You just seem to represent a way of thinking that has made spyware able to get away with what they've been doing for so long. That whole republician "don't ask questions we don't want to answer" thing, it's kinda frustrating.

I'm just thinking that someone should call MS out and say "Your doing what spyware people are doing. Maybe not as bad, but still - You need to stop."
Just because their software isn't screwing up my machine doesn't make it ok. Just because they are a big software vendor doesn't make it ok.
The fact remains that these two products ARE connecting to the internet above and beyond when they should be for unknown reasons. Maybe spying maybe not.
[ul]
[li]MS WMP: That whole "gather license information and other embedded content" I just don't buy it. sorry. just sounds like crap to me. What licsense? I made the movie myself! check for updates? Maybe when I first start the program, If I've said that's ok (There's a plcae to turn this and the previous feature off, and I have). Every option that even looks like it might connect to the internet is turned off. Yet it still tries to connect to the internet every time I play a file.
[li]Nortons: I download my definitions from thier website. Actually I use AVG now becasue Nortons has missed two viruses on me. But Nortons also would repeatedly try to connect to the internet without my knowledge (or most peoples knowledge anyway) or permission. Not checking for updates because, that's what Live Update is for, not checking for definitions, that's what Live Update is for. Just for unknown reasons.
[/ul]
I've actually written (e-mail) both of these companies to ask about this. MS ignored me, and Symantec denied it at first and then they ignored me too.

So back to the orginal question: Why aren't these considered spyware?


And adding a new question: Has anyone even investigated these two products?

#19 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 03 June 2005 - 05:29 AM

Your questions have been answered several times here and you are just not happy with the answers... Read the EULAs that come with the programs, they will tell you what it does and they have clearly defined privacy policies... If you want to define a new class of "Texx Smith spyware" that meets a definition only you believe, feel free, but the general term does not apply to these programs... And YES, a lot of people have investigated these programs and continue to do so on an ongoing basis... You are wasting time focusing on these programs while the real malware infects more and more systems every day... and you continue to imply that those of us that fight that battle are somehow in league with the big companies to cover up a spyware conspiracy and that is just plain insulting... After you devote 40 hours or more of your free time each week for a year to fighting this stuff, come back and tell me about these companies creating spyware....
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#20 Quantum

Quantum

    Advanced Member

  • Full Member
  • PipPipPip
  • 124 posts

Posted 03 June 2005 - 06:10 AM

Texx Smith I have never really questioned Microsoft's motives on privacy, not because there are a a big company but because there can be viewed largely as a legit company, and they are not likely going to start stealing credit card numbers, after searching through MP I found there privacy section under options. Under there is tells you a number of reasons that it wishes to connect to the internet (finding data about the album the song comes from etc) and if you do so wich you can disable those options, and it also there is an option about Customer Experience, that is default UNCHECKED where if you wish you CAN send information about the Media Player so that they can improve in the future, have a look. Furthermore if you are so worried about Microsofts motives here is the privacy statement:

http://www.microsoft...&userlocale=809

and you feel that it is too long to read it is obvious that you really don't suspect Microsoft as a spyware company, and if you do read it you will find the extents they reach for to protect information.

Secondly if Microsoft was spying on customers the media would be all over it, and there would be mass controversy, and furthermore Microsoft's sales would crash, do you think that Microsoft want that?

The final point is that if you think that Microsoft or Symantec or Kaspersky etc are spying on you, then don't use their products, and then you'll realise that you aren't using any products at all because you discover that 99% of applications want to connect to the internet, to update or whatever else.

Why are you moaning at Norton, or Microsoft BETA because they are trying protect you, shouldn't you be more bothered about the things they are trying to catch.

-Quantum :D
Protection is the key
The following are all freeprograms for your protection:
Anti-Virus...AVG 7 AntiVir aVast!
Anti-Spyware...Ad-Aware SE Spybot S&D X-Cleaner
Don't let it get onto your system in the first place...Spyware Blaster Spyware Guard
Firewalls...ZoneAlarm Sygate Kerio
Keep Updated...Windows Update
Be safe not sorry

#21 Texx Smith

Texx Smith

    Member

  • Full Member
  • Pip
  • 12 posts

Posted 03 June 2005 - 06:52 AM

Ok, So I investigated my own last question:

"Has anyone even investigated these products?" and came up with a gem of a surprise at:

ExtremeTech.com
Their conclusion:
"No, They Probably Aren't Spying, But...
It's obvious that many of the accusations against Microsoft are overstated. Yes, the company could be using arcane data-synchronization tricks to sneak personal data off your hard drive. But doing so would be blatantly illegal, and none of the security experts I spoke with could find a shred of evidence that anything like that is taking place. "
Actually he's wrong about the legality thing, that would be completly legal and some would call it poor business pratice, not to do it. And we know about Microsoft's values and what it thinks of the law, so therefore we should assume that they are doing bad things with that data!

Conclusion:

Windows Media Player IS Spyware

Everyone else is afraid to say so, So therefore I have hearby officially declare it to be so!
There, that case is closed.

Anyone wanna check out Norton's AV next?

#22 Quantum

Quantum

    Advanced Member

  • Full Member
  • PipPipPip
  • 124 posts

Posted 03 June 2005 - 07:17 AM

Before you overlook the text in such a way that only satifies your needs we need to analise the text more carefully. The main point that you mix that is within the text is "could" this doesn't mean that Microsoft is spying on you.

And the rest of your quote states my side of the case for example:

"But doing so would be blatantly illegal, and none of the security experts I spoke with could find a shred of evidence that anything like that is taking place."

How does that strengthen your opinion that Microsoft is a spyware company?

Also back to the very, very first point you made. CWS is a massive company, and we will target that, we don't target malware based on the size of the company, we don't target the company Collectorz (a tiny company) even through it is small.

I have never used Norton (nor will in the future) but I still find it highly unlikely that Symantec has spying motives.

After thinking deeper I lead in a point that I think you and I diagree on "The companies might collect information but the difference on what is spyware is what they do with the information, transmitting back to a company so they can target you with pop-ups is spyware, trying to find an album name is not", and also any internet connection from MP to the internet can be stopped Microsoft doesn't try to maliciously get around your firewall.

-Quantum :D

Edited by Quantum, 03 June 2005 - 07:18 AM.

Protection is the key
The following are all freeprograms for your protection:
Anti-Virus...AVG 7 AntiVir aVast!
Anti-Spyware...Ad-Aware SE Spybot S&D X-Cleaner
Don't let it get onto your system in the first place...Spyware Blaster Spyware Guard
Firewalls...ZoneAlarm Sygate Kerio
Keep Updated...Windows Update
Be safe not sorry

#23 Avohir

Avohir

    Computer Exorcist

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,098 posts

Posted 03 June 2005 - 08:45 AM

this thread is like watching two ships pass in the night... :huh:

TexxSmith: NORTON AND WMP ARE SPYWARE

SWI Staff: no, they're not (insert logical, well supported, researched answers and explanations)

TexxSmith: Norton and WMP are spyware! and YOU are a spyware advocate for saying otherwise!

SWI Staff: no no... you're still not listening... (insert reiteration of well-researched explanations)

TexxSmith: Microsoft cares what songs I play! They're spying on me! I pronounce myself grand guru of all things spyware since the rest of you yokels know nothing!

SWI Staff: *takes advil and goes off to lie down*

Edited by Avohir, 03 June 2005 - 08:46 AM.

To err is human, to really foul up requires a computer
Donate to keep the site alive

Posted Image

#24 LostAccount

LostAccount

    Forum Deity

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,291 posts

Posted 03 June 2005 - 09:09 AM

LOL, Avohir... but seriously... Texx Smith... if you want to turn this into a debate... please list all your points and we'll look to see whether they are valid or otherwise.

You tend to be assertive at some points:

Everyone else is afraid to say so, So therefore I have hearby officially declare it to be so!


Please note that not all of your points are accurate... soften your tone a little...

Regards,
LostAccount

Edited by LostAccount, 03 June 2005 - 09:12 AM.

<span style='font-size:8pt;line-height:100%'><b>Useful Software</b>:</span>
<a href='https://www.kaspersky.com'target='_blank'><i>Kaspersky</i></a>, <a href='https://housecall.trendmicro.com/' target='_blank'>Housecall <i>Trendmicro</i></a>, <a href='https://www.emsisoft.com' target='_blank'><i>a2 free edition</i></a>, <a href='https://www.kerio.com' target='_blank'><i>Kerio Personal Firewall</i></a>, <a href='https://www.lavasoftusa.com' target='_blank'><i>Ad-aware SE</i></a>, <a href='https://security.kolla.de' target='_blank'><i>Spybot S&D</i></a>, <a href='https://www.merijn.org/files/hijackthis.zip' target='_blank'><i>HJT</i></a>, <a href='https://www.cwshredder.net' target='_blank'><i>CWShredder</i></a>, <a href='https://www.mvps.org/winhelp2002/hosts.htm' target='_blank'><i>MVPS HOSTS file by WinHelp2002</i></a>, <a href='https://netfiles.uiuc.edu/ehowes/www/resource.htm' target='_blank'><i>IE-SPYAD by eburger68</i></a>, <a href='https://www.javacoolsoftware.com/' target='_blank'><i>Spywareguard and Spywareblaster</i></a>, <a href='https://www.winpatrol.com' target='_blank'><i>Winpatrol</i></a>, <a href='https://www.mozilla.org' target='_blank'><i>Mozilla & Firefox</i></a>

#25 Indrid_Cold

Indrid_Cold

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 7,082 posts

Posted 03 June 2005 - 09:11 AM

It was when Texx Smith accused Budfred, who has trained hundreds of Helpers that are now killing malware at a furious pace all over the world, of carrying water for the cruds that push this crap that this thread lost all it's relevance for me.

Gotta go! Window washer is here and if I am right, he may be looking in my dang windows!!

Hope is not a method.

If I have helped in some way, please consider donating to SpywareInfo's crusade against Malware See Here

Member of ASAP since 2004 Alliance of Security Analysis Professionals
Member of UNITE since 2006 United Network of Instructors and Trained Eliminators

 


#26 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,573 posts

Posted 03 June 2005 - 05:29 PM

LostAccount,

You tend to be assertive at some points:

There is NOTHING assertive in anything Texx Smith is saying... Being assertive means being direct and respectful... I would never accuse Texx Smith's arguments of having those characteristics....
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#27 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 03 June 2005 - 06:56 PM

I believe he meant "dogmatic"?

This thread is getting repetetive and I am closing it.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE




Member of UNITE
Support SpywareInfo Forum - click the button