Vulnerability Development mailing list archives
Re: Windows XP RC2
From: "Dennis McHenry" <ronmch () comports com>
Date: Mon, 20 Aug 2001 20:12:02 -0700
Geez, I'm not much for conspiracy theories, so here goes my rebuttal:
but what is disturbing is take a guess as to what the "default" Time
Server
that gets used??? time.windows.com !!!
What would you rather that they do? Better than MS saying to someone "Get ready for tens-of-millions of hits on your NTP Server...."
Well for every install M$ can monitor/track who is running XP that has a
Net
connection.
Dial-ups kinda screw this theory up, don't you think? It seems like you're argument assumes everyone has a static IP, which is far from reality. NAT kinda messes that theory up, too (time.microsoft.com will see thousands of requests coming from x.x.x.x, because that IP translates for an internal network of a Fortune 100 company, or whatever). What useful information can they get from this? I don't see any value of tracking unique IPs using their NTP server. The reregistration process handles people pirating their software.
If your real paranoid one can think well if the NTP is using time.windows.com what is stopping M$ from having some hidden app that can
be
communicated to once they grab the IP that queries their time server?!
The market will stop this. No company in their right mind would put coding like this into their product. It relies on one flawed premise, a flaw which is easily spotted: "nobody will ever use a packet sniffer and our product." Besides, they could just have this "Sup3R S3krIt" application phone home. But they won't. Microsoft is a multi-billion dollar corporation. There's one thing that would stop them from doing this: turning their company into a penny-stock by intentionally putting a backdoor into their software. It's a *feature* (for real!) intended to make their customers (the one's that made the company into a multi-billion dollar company in the first place) happy. Of course I could be wrong, and they may be a front company for the NSA, and NTP could be a 5uP3R S3krIt project that actually means NSA Tracking Protocol. -Dennis
Current thread:
- RE: Windows XP RC2, (continued)
- RE: Windows XP RC2 Thomas Reagan (Aug 20)
- Re: Windows XP RC2 Derek Kwan (Aug 20)
- Re: Windows XP RC2 John Galt (Aug 20)
- Re: Windows XP RC2 bugtraq (Aug 20)
- Re: Windows XP RC2 Gregory McCann (Aug 20)
- Re: Windows XP RC2 Dino (Aug 21)
- Re: Windows XP RC2 Blue Boar (Aug 21)
- Re: Windows XP RC2 Gregory McCann (Aug 21)
- Re: Windows XP RC2 herrold (Aug 21)
- Re: Windows XP RC2 Michel Arboi (Aug 21)
- Re: Windows XP RC2 Dennis McHenry (Aug 20)
- RE: Windows XP RC2 Dom De Vitto (Aug 21)
- Re: Windows XP RC2 Jason Legate (Aug 21)
- RE: Windows XP RC2 Dom De Vitto (Aug 21)
- Re: Windows XP RC2 Christopher McCrory (Aug 21)
- Re: Windows XP RC2 Dimitry Andric (Aug 22)
- RE: Windows XP RC2 Petruzel, Oliver (Aug 20)
- Re: Windows XP RC2 fintler (Aug 23)