Microsoft is running a disreputable spyware outfit

[Sunny]

By logging into hotmail on a new system I found out that Microsoft is
running a disreputable spyware program which pops up targeted adware on
your Windows PC some time AFTER you view web pages.

You base your accusation on one persons observation from 4 years ago ?
(http://www.kuro5hin.org/story/2001/8/17/11541/1217)
"By Signal 11
Fri Aug 17th, 2001 at 03:07:09 PM EST "

Judging by the groups you cross posted to, do you live under a bridge ?

 

[Bigbruva]

No I'm not ;-)

BB

Wooly

Big Brother is watching you..

 

[Richard Urban]

Not one of the files you mentioned in another post is on my computer.

--

Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

 

[PA Bear]

What targeted adware do you get when you post via Google Groups or use
GMail?
--
~PA Bear

By logging into hotmail on a new system I found out that Microsoft is
running a disreputable spyware program which pops up targeted adware on
your Windows PC some time AFTER you view web pages. HOW DO WE PREVENT
MICROSOFT FROM INFECTING OUR PC?

<snip>

 

[The Real Bev]

Do experts know how to totally prevent the Microsoft Ad Delivery
Service from bothering the user EVERY time they log into their Hotmail
account on Firefox?

Yes. They use linux, firefox and privoxy.

 

[Charlie Tame]

If MS wanted to infect your machine why not simply build a back door into
the operating system?

If you get ICQ, Yahoo instant messenger or numerous other "Free" things you
will find they are paid for by ads, just like your TV. This applies to the
little picture ads included in their interfaces as well as web pages shown
on startup that you have set preferences to see. "Someone" has to pay the
people who operate these things, don't they? If not you directly then
expect advertising.

Being a privacy conscious person you did of course READ the privacy policy
before signing up, right?

http://privacy1.msn.com/

<quote>

We use the information we collect to provide the services you request. Our
services may include the display of personalized content and advertising.

We use your information to inform you of other products or services offered
by Microsoft and its affiliates, and to send you relevant survey invitations
related to MSN services.

We do not sell, rent, or lease our customer lists to third parties. In order
to help provide our services, we occasionally provide information to other
companies who work on our behalf.

</quote>

I believe your argument just went out the window...

Charlie

 

[Daniel Crichton]

Susan wrote on 31 Oct 2005 10:12:32 -0800:

I added the 127.0.0.1 loopback back to my own machine to the Windowx XP
c:\winnt\system32\drivers\etc\hosts file based on well known advice
from a variety of sites such as
http://accs-net.com/hosts/how_to_use_hosts.html

Did you read the linked post? It clearly showed that rad.msn.com was being
redirected to a different IP (not the loopback one) prior to the DLL being
downloaded. Are you saying that there was no existing entry for rad.msn.com
in your hosts file and that you added the loopback, or was there already an
entry for it?

In the link in Karl's post it showed that rad.msn.com had been added to the
hosts file with the IP 207.44.240.65. If you use nslookup to get a list of
current addresses for rad.msn.com from DNS, you'll find that is not one of
the 3 IPs that Microsoft uses (current addresses are 65.54.194.118,
207.68.178.16, 207.68.178.61). 207.44.240.65 resolves to
ev1s-207-44-240-65.ev1servers.net, which is definitely not a server run by
Microsoft.

If you remove the loopback entry you've added, and from a command prompt
type ping rad.msn.com, does it try to ping on of the 3 MSN servers I listed
or a different one? If a different one, it points to something else on your
machine changing the DNS response, or the DNS server you use to resolve
against may have been the victim of cache poisoing (this is something that
every DNS owner should have locked down years ago, I myself run the DNS
servers for the company I work for and cache poisoning prevention is pretty
simple in every Bind port and even the MS DNS software).

Dan

 

[Stephen Howe]

You are sooo right. In the three years since I was diagnosed with

testicular cancer (three years cancer-free this month! Woohoo!), I've
noticed that Lance Armstrong has been a strong television presence, as he
wins bike race after bike race. I can't believe that he's won the Tour de
France three times in a row now. I have no idea what he did before then.

He has won the Tour de France 7 times in a row (1999-2005), not 3 times in a
row.
That is monumental, no one has ever won more than 5 Tours.
Before Lance, the maximum number of years ever won was 5 years by 4 riders
(Anquetil, Merckx, Hinault, Induráin) over the years, and only one (Miguel
Induráin, Spanish, 1991-1996) has ever done it consecutively like Lance.
See
http://en.wikipedia.org/wiki/Lance_Armstrong
http://en.wikipedia.org/wiki/Tour_de_France

Stephen Howe

 

[Paul Adare]

microsoft.public.security news group, <"Stephen Howe"

He has won the Tour de France 7 times in a row (1999-2005), not 3 times in a
row.
That is monumental, no one has ever won more than 5 Tours.
Before Lance, the maximum number of years ever won was 5 years by 4 riders
(Anquetil, Merckx, Hinault, Induráin) over the years, and only one (Miguel
Induráin, Spanish, 1991-1996) has ever done it consecutively like Lance.
See
http://en.wikipedia.org/wiki/Lance_Armstrong
http://en.wikipedia.org/wiki/Tour_de_France

Definitions of humour on the Web:

temper: a characteristic (habitual or relatively temporary) state of
feeling; "whether he praised or cursed me depended on his temper at the
time"; "he was in a bad humor"
wit: a message whose ingenuity or verbal skill or incongruity has the
power to evoke laughter
humor: (Middle Ages) one of the four fluids in the body whose balance
was believed to determine your emotional and physical state; "the humors
are blood and phlegm and yellow and black bile"
liquid body substance: the liquid parts of the body
humor: the quality of being funny; "I fail to see the humor in it"
humor: the trait of appreciating (and being able to express) the
humorous; "she didn't appreciate my humor"; "you can't survive in the
army without a sense of humor"
humor: put into a good mood
wordnet.princeton.edu/perl/webwn

--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea

 

[Jon von Leipzig]

Wooly

Big Brother is watching you..

Imo, a more serious issue is the countless "Little Brothers" willing to
pay the admission price to Bill Gates to watch the Peep Show.

Never mind Hotmail, the swiss chees OS is (potentially) much worse.

M$ Windows XP Professional Bugging Device?

http://www.indymedia.org.uk/en/2004/10/298702.html


ps: You MS-MVP's will soon be replaced with MC-MVP's (Much
Cheaper-MVP's)
in Beautiful Downtown Bangalore.

 

[Daniel Crichton]

I've dug around a bit more, and noticed that rad.msn.com does have a DLL
with the same name. However, this is not downloaded to the browser - it's an
ISAPI DLL that runs on the rad.msn.com web server and spits out HTML
adverts. Perfectly safe.

What appears to have happened is that a virus/trojan/worm has taken
advantage of this (and has been doing for some years, there are posts going
back to at least mid 2003 about this) to modify hosts files to redirect
requests for rad.msn.com to another server where there is a DLL with the
same name located, that may be malicious.

There is a third possibility - one of the rad.msn.com servers is
misconfigured, or occassionally has a fit, and instead of executing the
ISAPI DLL ends up trying to send it to the browser (after all, the browser
requested the URL albeit due to a Hotmail advert). In this case the DLL
itself is harmless, but may trigger an alarm as it's a binary file being
sent rather than the expected HTML.

If you did not have a host entry already that pointed rad.msn.com to a
different IP than those shown in an nslookup, I'd suspect a prior infection
by something that does it's best to hide it's intentions by pretending to be
a MS advert server and attempts to install the DLL (this will however
normally require a lot more work than just downloading the DLL, there would
have to be something already on your machine watching for it to arrive in
the temporary internet files folder so it can do something with it).

If there was no hosts entry prior to you adding the loopback address, it
could well be a MS ad server hiccup, maybe exacerbated by FireFox rather
than IE. I've tested a number of URLS (eg. http://rad.msn.com/ADSAdClient31.dll?GetAd?PG=IMSUKM?SC=HF?ID=0003bffd852fcb7f)
which do exactly what I'd expect - in both IE and FireFox return a bit of
Javascript and a banner advert, nothing more.

Dan

 

[Bob Ward]

He has won the Tour de France 7 times in a row (1999-2005), not 3 times in a
row.
That is monumental, no one has ever won more than 5 Tours.
Before Lance, the maximum number of years ever won was 5 years by 4 riders
(Anquetil, Merckx, Hinault, Induráin) over the years, and only one (Miguel
Induráin, Spanish, 1991-1996) has ever done it consecutively like Lance.
See
http://en.wikipedia.org/wiki/Lance_Armstrong
http://en.wikipedia.org/wiki/Tour_de_France

Stephen Howe

But only three times since the OP claims to have been diagnosed with
testicular cancer.

 

[Wooly]

Golly, the Bullshit Meters weren't working very well, were they?
Shame on y'all for not recognizing tongue-in-cheeck ironicalness...

[Now I'll get people telling me "ironical" isn't a word...]


+++++++++++++

Reply to the list as I do not publish an email address to USENET.
This practice has cut my spam by more than 95%.
Of course, I did have to abandon a perfectly good email account...

 

[Jupiter Jones [MVP]]

MVPs are not paid so how much cheaper can you get?

 

[PA Bear]

It ain't easy being cheap.

MVPs are not paid so how much cheaper can you get?

 

[David H. Lipman]

From: "PA Bear" <[email protected]>

| It ain't easy being cheap.
|

I prefer the word inexpensive.
The vast majority of MVPs don't deserve the word "cheap" associated with their work !

 

[SoCalMike]

If you get ICQ, Yahoo instant messenger or numerous other "Free" things you
will find they are paid for by ads,

then use trillian basic.

 

[Charlie Tame]

Actually GAIM is quite good too, however one has to expect Yahoo and the
others to raise revenue to pay for their "Free" services which do not come
free to them.

I was merely pointing out that the accusation aimed at MS (whether there is
genuine trojan activity or not) is rather silly since the genuine product
does actually warn you that you should expect targeted ads.

Charlie

 

[Sunny]

By now it is probably apparent the ""Susan" has achieved her aim.
(A better attempt than the usual "Microsoft Sucks" trolls)

If MS wanted to infect your machine why not simply build a back door into
the operating system?

<snip>

 

[Alun Jones]

He has won the Tour de France 7 times in a row (1999-2005), not 3 times
in a row.
That is monumental, no one has ever won more than 5 Tours.
Before Lance, the maximum number of years ever won was 5 years by 4 riders
(Anquetil, Merckx, Hinault, Induráin) over the years, and only one (Miguel
Induráin, Spanish, 1991-1996) has ever done it consecutively like Lance.

Did you hear that big "whoosh" sound?

That was the sound of the joke going right over your head.

The point that I was trying to make is that if you suddenly come down with a
medical condition, you're likely to notice all the TV content that is
targeted towards people with that medical condition, that you had previously
spent a great deal of time ignoring. You get diabetes, suddenly, it seems
that everything's advertising diabetes to you; the number of ad spots hasn't
gone up, but you pay more attention to them, because the word is suddenly
one that is important to you, where it wasn't previously.

See what happens when you don't pay attention?

Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]