Joeleonhart’s Weblog

To Learn and To Share

How to Secure Your Windows with Free Softwares (5)

2.8 Microsoft Embeds Secret Identifiers in Your Documents

Windows, Windows Media Player, Internet Explorer, and other Microsoft applications contain a number that identifies the software called the Globally Unique Identifier or GUID.

Microsoft Office embeds the GUID in every document you create.

The GUID could be used to trace the documents you create back to your computer and copy of Microsoft Office.

It could even theoretically be used to identify you when you surf the web.

The free program ID-Blaster Plus can randomize (change) the GUIDs embedded in Windows, Internet Explorer, and Windows Media player. The free program Doc Scrubber erases GUIDs contained in a single Word document or all the Word documents in a Folder.

If you’re concerned about secret identifiers embedded in your Office documents, use the OpenOffice suite instead. This compatible alternative to Microsoft Office doesn’t embed GUIDs in your documents nor does it require personal registration and Properties information.


2.9 Windows Secretly Contacts Microsoft

Windows versions from XP on run Microsoft software components called Windows Product Activation, Windows Genuine Advantage, and Office Genuine Advantage. The details of how these programs operate have changed over time, but their common element is that all “phone home” — they silently contact remote Microsoft servers – to periodically check that your copy of Microsoft software is licensed. If the software fails the check, penalties follow. These range from annoying messages, to reduced functionality, or even the inability to start Windows on your computer.

Concerns about this include:

False positives sometimes occur or Microsoft’s servers are down and can’t perform the check (legal software is inaccurately flagged as illegal and y ou pay the price)

Privacy violation by the information sent to Microsoft (which uniquely identifies your computer and when you are using it)

“Phoning home” raises security concerns

Why does the software periodically send information about you to Microsoft when only one license check would suffice? Some consider this software spyware. (Vista includes several other new components that gather data or send it to Microsoft.)

If Genuine Advantage concerns you, the article links in this section tell you everything you need to know.

Google “disable WGA” and you’ll find many more how-to’s on this topic. You can install free tools like RemoveWGA or xpy to disable Windows’ “phone home” function.


2.10 Chart of Microsoft’s Tracking Technologies

I’ve discussed the major areas in which Windows and other Microsoft products track your computer use. In most cases you can not turn off this tracking. But the free programs I’ve described will delete the tracking information.

The chart below summarizes where and how Windows and other Microsoft products track your behavior. Many items apply only to specific software versions.

A few functions report your behavior back to Microsoft. Examples include when Windows Media Player sent your personal audio and video play lists to Microsoft and the company’s attempts to use the Internet to remotely cripple Windows installs it considers illegal.


— Where Windows Tracks Your Behavior —

Application Logs – Records on how often you run various programs

Clipboard Data – Data you’ve copied/pasted is in this memory area

Common Dialog History – Lists Windows “dialogs” with which you’ve interacted Empty Directory Entries – File pointers unused by Windows but still usable by those with special software

Error Reporting Services – Reports Windows or Microsoft Office errors back to Microsoft

File Slack Space – “Unused” parts of file clusters on disk that may contain old data

File Properties – Office document Properties contain your personal editing information and more

Find/Search History – Lists all your Find or Search queries (used by Windows auto-complete)

GUIDs – Embedded secret codes that link Office documents back to your computer

Hotfix Unistallers – Temporary files left for un-doing Windows updates

IIS Log files – Logged actions for Microsoft’s IIS web server

Index.dat Files – Secret files that list all web sites you visit and other data Infection reporting – Microsoft’s Malicious Software Removal Tool reports infections to Microsoft

Last user login – Tracks the last user login to Windows

Microsoft Office History – MRU lists for Office products like Word, Excel, Powerpoint, Access, and Photo Editor

Office Genuine Advantage – Office phones home to Microsoft servers for license checks

Open/Save History – List of documents or files for these actions

Recently Opened Doc. List – MRU list accessible off Start | Documents

Recycle Bin Deleted files remain accessible here.

Registration of MS Office – Registration information is kept in the product Options, Splash panels, and Registry.

Registration for Windows – Registration information is kept in the Registry.

Registry Backups – Registry backups may contain personal data you may have edited out of the Registry.

Registry Fragment Files – Deleted or obsolete data in the Registry that remains there.

Registry Streams – History of Explorer settings

Remote Help – Allows remote access to your computer for Help

Run History – Lists all programs you have run through Windows Run box

Scan Disk Files – Files output from SCANDISK (may contain valid data in *.chk files)

Start-Menu Click History – Dates and Times of all mouse clicks you make for the Start Menu

Start-Menu Order History – Records historical ordering of Start Menu items

Swap File – Parts of memory written to disk

Temporary Files – Temporary files used during program installation or execution

Time synchronization service – Synchronizes your computer clock by remote Internet verification

User Assist History – Most used programs on the Start Menu

Windows Authentication – Windows phones home to Microsoft servers for license checks

Windows log – files Trace results of Windows actions and installs

Windows Media Player content – Automatically downloads content-licenses through the Internet

Windows Media Player History – Lists the Most Recently Used (MRU) files for Windows Media Player

Windows Media Player metadata – Automatically retrieves metadata for audio CDs through the Internet

Windows Media Player Playlist – Your Windows Media Player play lists

Windows Media Player statistics – Sends your Windows Media Player usage statistics to Microsoft


— Where Internet Explorer Tracks Your Behavior —

Auto-complete form history – Everything you type into web site forms (inc. passwords & personal information)

Auto-complete for passwords – Convenient but less secure

Cookies – Data web sites store on your computer (sometimes used to track your surfing habits)

Downloaded files – Files you download while using the Internet

Favorites  Web sites you list as “favorites” in your browser

Plug-ins – Information saved or cached by third-party software that “plugs into” Internet Explorer

Searches – Searches are retained by both IE and search engines

Temporary files (cache) – Web pages the browser stores on disk

Web site error logs – Errors encountered during web site retrieval

Web sites visited – All the web sites you have ever visited are stored in the Registry and index.dat files


2.11 Does Your Printer Spy on You?

Did you know that documents printed on your computer’s printer could be traced back to you? The printers write a unique pattern on every page that can be traced back to your hardware. You can see these tiny dots with a magnifying glass.

The United States government admitted to prevailing upon printer manufacturers to include this capability and keep it secret from the public. If this concerns you, the best solution is to buy a printer that does not write its “fingerprint.”

Printer fingerprints are not a Windows issue. They apply to any printer regardless of whether the connected computer runs Windows, Apple’s Mac OS, Linux, or some other operating system.


June 10, 2008 - Posted by | Computer & Techs

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: