First off I want to say what a wonderful site this is. I am very glad that I have found it. After looking forever for good DVD burning software that wouldn't cost me an arm and a leg I stumbled onto your site and it helped out a lot. Thank you.


Now onto my question. How much information is sent to Microsoft if I am running XP. Someone told me that every month XP sends info to the people at Microsoft telling them almost everything I have been doing. Is this true? Is there any way to stop it? Thanks again.

Your question isn't an easy one to answer. However, in a word; no, they aren't doing exactly what you're saying.

Let me tell you what they COULD be doing ...

Microsoft assures us that they aren't spying on us. If you look around, almost everytime you interact with MS (say, Windows update) they say over and over "No personal information is being collected about you or your computer" ... stuff like that. Microsoft doesn't have a lot of trust in the world, and since its DAMN easy to watch traffic with firewall software, Microsoft wouldn't do such a thing under such close scrutiny.

However; that doesn't mean they are not responsible for loss of privacy.

Use MS software almost guarentees you're revealing some information to MS. If you use Hotmail - their EULA basically says they can rout through your mail. At one time (I believe they changed it), they even said in the EULA that they had the right to HARVEST and SELL anything that was present or sent THROUGH Hotmail! This isn't a company I trust. People want to know why I don't use Hotmail, there you go. Sure, its not in the EULA **NOW** but to have seen their underhandedness in action - well, I'm not taking the risk.

You should also assume that EVERYTHING that goes through MSN Instant Messenger is being filtered and watched too. Probably in the EULA you agreed to the first time you used it. Is AIM or ICQ any better? Probably not - but I trust AOL more than MS (damn, was THAT hard to say).

Microsoft's Internet Explorer routs your searches through their servers to profile searches based on demographics. Your IP address is enough to show Microsoft where you GENERALLY live. That, coupled with your search information, is enough to begin making profiles. Don't get me wrong; Google and everyone else does it too. IE, however, does it WITHOUT ASKING YOU. If you go to Google, you're making a conscious effort to do so. If you type in a domain name incorrectly in IE, you're feeding them semi-personal information about you, without your consent or knowledge. VERISIGN tried to hijack every unused domain name on the planet to to the very same thing. However, this was stopped only months into it. Probably by Microsoft that wants you using their search tool. People have to understand; FREE doesn't matter to Microsoft. They would GIVE AWAY Xboxes to ensure MARKET DOMINATION. This is how they will wage their war against Google. Google can NEVER be the default search engine for IE; out of the box, no fiddling around. But Microsoft CAN leverage their new search tool into IE, Longhorn, etc. This means that EVERY SINGLE misspelled domain done by MILLIONS of people that don't know any better, gives Microsoft marketshare in the search engine market. They turn that marketshare (intentional or not, they have numbers backing it up) into business and money; making them stronger. IE isn't the #1 browser because its the best web browser out there. IE is the #1 browser because MILLIONS of people won't BOTHER to install something else if the OS already has a tool in it to do it. This sort of thing should make people VERY AFRAID ... but it doesn't.

If you're surfing on the web, your privacy is being compromised in one way - or another. BEING CONNECTED TO THE INTERNET VIOLATES YOUR PRIVACY. Just like going out in public violates your privacy. Once you enter a PUBLIC STREET, you can be photograghed ... you can be FOLLOWED ... you can be WATCHED ... and its all legal. Once you are on a PUBLIC SYSTEM, you are being profiled, watched, and followed.

How is this possible? Its not QUITE the same as being stalked on a public street ... but your IP address alone is demographic information. Your IP is like posting your home address in paint on the back window of your car. What do I mean? Well, let's say, that I'm interested in exploiting whatever this week's latest security hole is in IE/Windows. In order to do that, I need valid IP addresses of people that are MOST LIKELY to be exploitable by it. These are people that don't keep their computer up to date. These are people that don't have any protection on their 24/7 open-to-the-internet computers. So I set up a website that offers up free stuff - offers that are too good to be true, but I know uneducated computer users are going to at least VISIT the site to see what is being offered. The person hits the site --- POOF --- I have their IP address. What can I do with that? I now have a 'warm lead' of a likely UNPROTECTED computer. I can start probing ports, I can start doing bad Things(tm) to see if I can get into your computer and REALLY take REAL personal information from you. Sure, I could just start scanning IP addresses at random - but with very little effort, I have a warm list of potential computers to break into. I'm "casing" your computer to decide if I want and can get stuff from it. Just like a burglar scouting houses to break into. No alarm? Doesn't keep an outside light on? EXCELLENT. I can even tell what ISP you use by just you visiting my webpage.

No, I cannot get your name from your web browser unless you give it to me. No, I cannot get your ADDRESS from your web browser unless you type it into a form. No, I cannot get your credit card from your browser. The information people feel uncomfortable about OTHER PEOPLE having (like SSN, address, full name, etc) cannot be derived without you giving access to it. HOWEVER, THERE IS A CAVEAT TO THIS ...

Internet Explorer allows something called HELPER OBJECTS. This is REAL LIVE CODE that sits between your OS and your browser. Until XP SP2 comes out, its VERY SIMPLE for a website to install these helper objects WITHOUT YOUR PERMISSION. This allows the object to start every time you run your web browser. And since MS decided they need low level access to your operating system, they can DO THINGS. These "helpers" can INSTALL SOFTWARE. They can search your hard drive for valid credit cards. They can transmit data to anywhere without your knowledge. ANYTHING a real program can do, these helper objects can do. And these can be installed without your permission or knowledge.

Here is the great thing; don't use Internet Explorer - AND YOU ARE TOTALLY IMMUNE TO THESE. Nice eh?

Windows XP is your VERY LEAST concerns about violation of your privacy. Hotmail, Internet Explorer, Outlook Express ... ANYTHING that MS can leverage their monopoly over and GAIN INFORMATION or MARKETSHARE are going to be the things to fear. Windows is FAR overscrutinized to pull fast ones on the consumer. So they go for the 'legal' way by slipping things into the EULA for software you agree to use.

What DOES MS collect? Well, they have rights to know every piece of MS software installed on your system. See, that isn't PERSONAL information. When you installed Office - you gave them permission to look at your installation. When you use Windows Update - your computer is cataloged of all MS software, and sure - they know you have Office installed. Now they probably can't look at your CD key; that's a unique identifier and is considered PERSONAL. However, they can (and I'm sure DO) catalogue and report information about your software. How could THAT invade your privacy? Well, I hate Windows Media Player. I wouldn't use it on a bet. I'm sure that MS can look and see what files are associated with WMP (that isn't "personal" right?) - and perhaps even see what program they ARE associated with instead. Say MPG files. They are associated with PowerDVD, not WMP. That is actually USEFUL information to Microsoft. If Microsoft wants to OWN MPG playback, they now have the information of who to go after in the market. Normally, you'd have to conduct SURVEYS and have questionaires and stuff to determine that (that costs money - here they are getting it for FREE). Sounds like an unfair monopolistic advantage doesn't it? I'm not saying MS does this - I'm saying its very likely that they CAN do it. And thanks to people not giving a damn; they can do it LEGALLY.

Simple answer; No. Monthly they aren't collecting data. However, through using IE as a default search tool, using IE as a browser, and using other MS tools, you ARE GIVING THEM information they can use; even if its not totally personal. Being on the internet ... using ANY technology (not just IE and Outlook and Hotmail) is violating some aspect of your privacy.

All you can do it EDUCATE yourself. Don't use MS products if you don't have to.

You might also find the following link of interest:

http://www.hevanet.com/peace/microsoft.htm

The above is a nice piece of Linux propoganda, but it does list some different ways that MS tries to connect to its own servers.