Author Topic: Is Microsoft into trojans or spyware?  (Read 40593 times)

0 Members and 1 Guest are viewing this topic.

Offline PartialDischarge

  • Super Contributor
  • ***
  • Posts: 1626
  • Country: 00
Re: Is Microsoft into trojans or spyware?
« Reply #100 on: June 01, 2016, 08:13:11 am »
To sum it up, answering to the original post question "Is Microsoft into trojans or spyware?", the answer is clear, "No, Microsoft is the trojan"
 
The following users thanked this post: VK3DRB, cimmo

Offline VK3DRBTopic starter

  • Super Contributor
  • ***
  • Posts: 2261
  • Country: au
Re: Is Microsoft into trojans or spyware?
« Reply #101 on: June 01, 2016, 12:00:32 pm »
To sum it up, answering to the original post question "Is Microsoft into trojans or spyware?", the answer is clear, "No, Microsoft is the trojan"

Yes, I get a pop-up every few days saying "Your Microsoft Office is out of date. Click here for a 50% discount on an update". I did not ask for the pop-up, but the telemarketer who runs Microsoft seems to think I did.

Why would I want to upgrade, when it will just contain even more bugs than the bug-infested 2010 version? Plus they dictate a poor interpretation of a intuitive user experience.

So, what next?

"You agreed to the terms and conditions of the free Windows 11 license. As a result Microsoft has deducted $299 from your bank account for the latest Office upgrade which includes a free download from iTunes of the Justin Bieber Christmas Album."
« Last Edit: June 01, 2016, 12:24:56 pm by VK3DRB »
 

Offline Jeroen3

  • Super Contributor
  • ***
  • Posts: 4195
  • Country: nl
  • Embedded Engineer
    • jeroen3.nl
Re: Is Microsoft into trojans or spyware?
« Reply #102 on: June 01, 2016, 12:27:39 pm »
"You agreed to the terms and conditions of the free Windows 11 license. As a result Microsoft has deducted $299 from your bank account for the latest Office upgrade which includes a free download from iTunes of the Justin Bieber Christmas Album."
We have made Bing your default homepage and search engine!
 

Offline GEuser

  • Frequent Contributor
  • **
  • Posts: 502
  • Country: 00
  • Is Leaving
Re: Is Microsoft into trojans or spyware?
« Reply #103 on: June 01, 2016, 01:10:08 pm »
Soon
 

Offline Thor-Arne

  • Supporter
  • ****
  • Posts: 500
  • Country: no
  • tinker - tinker, little noob.....
Re: Is Microsoft into trojans or spyware?
« Reply #104 on: June 01, 2016, 04:32:56 pm »
So, what next?

It will delete the software you didn't pay your annual subscription fee for.  :P
 

Offline amspire

  • Super Contributor
  • ***
  • Posts: 3802
  • Country: au
Re: Is Microsoft into trojans or spyware?
« Reply #105 on: June 01, 2016, 05:19:27 pm »
There is quite a lot of Skylake hardware with Win7, 8.1 drivers, and Microsoft  has agreed to extend  full Win7 support for Skylake an extra year till 2018. There will still be security updates till the end of Win7 in Jan 2020, so I am happy to use Skylake for new Win7 systems. The successor to Skylake will be Win10 only.
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #106 on: June 01, 2016, 10:37:20 pm »
https://libreboot.org/faq/#intelme

Not only windows 10 is spying intel use ME ARC processor core !

Introduced in June 2006 in Intel's 965 Express Chipset Family of (Graphics and) Memory Controller Hubs, or (G)MCHs, and the ICH8 I/O Controller Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip. In Q3 2009, the first generation of Intel Core i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside the PCH chip, which itself replaced the ICH. Thus, the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.


The ME consists of an ARC processor core (replaced with other processor cores in later generations of the ME), code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through an Intel Gigabit Ethernet Controller. Its boot program, stored on the internal ROM, loads a firmware "manifest" from the PC's SPI flash chip. This manifest is signed with a strong cryptographic key, which differs between versions of the ME firmware. If the manifest isn't signed by a specific Intel key, the boot ROM won't load and execute the firmware and the ME processor core will be halted.


The ME firmware is compressed and consists of modules that are listed in the manifest along with secure cryptographic hashes of their contents. One module is the operating system kernel, which is based on a proprietary real-time operating system (RTOS) kernel called "ThreadX". The developer, Express Logic, sells licenses and source code for ThreadX. Customers such as Intel are forbidden from disclosing or sublicensing the ThreadX source code. Another module is the Dynamic Application Loader (DAL), which consists of a Java virtual machine and set of preinstalled Java classes for cryptography, secure storage, etc. The DAL module can load and execute additional ME modules from the PC's HDD or SSD. The ME firmware also includes a number of native application modules within its flash memory space, including Intel Active Management Technology (AMT), an implementation of a Trusted Platform Module (TPM), Intel Boot Guard, and audio and video DRM systems.


The Active Management Technology (AMT) application, part of the Intel "vPro" brand, is a Web server and application code that enables remote users to power on, power off, view information about, and otherwise manage the PC. It can be used remotely even while the PC is powered off (via Wake-on-Lan). Traffic is encrypted using SSL/TLS libraries, but recall that all of the major SSL/TLS implementations have had highly publicized vulnerabilities. The AMT application itself has known vulnerabilities, which have been exploited to develop rootkits and keyloggers and covertly gain encrypted access to the management features of a PC. Remember that the ME has full access to the PC's RAM. This means that an attacker exploiting any of these vulnerabilities may gain access to everything on the PC as it runs: all open files, all running applications, all keys pressed, and more.


Intel Boot Guard is an ME application introduced in Q2 2013 with ME firmware version 9.0 on 4th Generation Intel Core i3/i5/i7 (Haswell) CPUs. It allows a PC OEM to generate an asymmetric cryptographic keypair, install the public key in the CPU, and prevent the CPU from executing boot firmware that isn't signed with their private key. This means that coreboot and libreboot are impossible to port to such PCs, without the OEM's private signing key. Note that systems assembled from separately purchased mainboard and CPU parts are unaffected, since the vendor of the mainboard (on which the boot firmware is stored) can't possibly affect the public key stored on the CPU.


ME firmware versions 4.0 and later (Intel 4 Series and later chipsets) include an ME application for audio and video DRM called "Protected Audio Video Path" (PAVP). The ME receives from the host operating system an encrypted media stream and encrypted key, decrypts the key, and sends the encrypted media decrypted key to the GPU, which then decrypts the media. PAVP is also used by another ME application to draw an authentication PIN pad directly onto the screen. In this usage, the PAVP application directly controls the graphics that appear on the PC's screen in a way that the host OS cannot detect. ME firmware version 7.0 on PCHs with 2nd Generation Intel Core i3/i5/i7 (Sandy Bridge) CPUs replaces PAVP with a similar DRM application called "Intel Insider". Like the AMT application, these DRM applications, which in themselves are defective by design, demonstrate the omnipotent capabilities of the ME: this hardware and its proprietary firmware can access and control everything that is in RAM and even everything that is shown on the screen.


The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that can't be ignored.


Before version 6.0 (that is, on systems from 2008/2009 and earlier), the ME can be disabled by setting a couple of values in the SPI flash memory. The ME firmware can then be removed entirely from the flash memory space. libreboot does this on the Intel 4 Series systems that it supports, such as the Libreboot X200 and Libreboot T400. ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH, include "ME Ingition" firmware that performs some hardware initialization and power management. If the ME's boot ROM does not find in the SPI flash memory an ME firmware manifest with a valid Intel signature, the whole PC will shut down after 30 minutes.


Due to the signature verification, developing free replacement firmware for the ME is basically impossible. The only entity capable of replacing the ME firmware is Intel. As previously stated, the ME firmware includes proprietary code licensed from third parties, so Intel couldn't release the source code even if they wanted to. And even if they developed completely new ME firmware without third-party proprietary code and released its source code, the ME's boot ROM would reject any modified firmware that isn't signed by Intel. Thus, the ME firmware is both hopelessly proprietary and "tivoized".


In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely. Since recent versions of it can't be removed, this means avoiding all recent generations of Intel hardware.


More information about the Management Engine can be found on various Web sites, including me.bios.io, unhuffme, coreboot wiki, and Wikipedia. The book Platform Embedded Security Technology Revealed describes in great detail the ME's hardware architecture and firmware application modules.
« Last Edit: June 02, 2016, 05:54:08 am by lilos »
www.iot-dev.net team member
 
The following users thanked this post: TerraHertz, cimmo, botcrusher

Offline Lightages

  • Supporter
  • ****
  • Posts: 4316
  • Country: ca
  • Canadian po
Re: Is Microsoft into trojans or spyware?
« Reply #107 on: June 02, 2016, 03:17:36 am »
Sorry lilos, but your post is unreadable. I know English is not your first language, but you need to break things up a bit so people can read it.
 

Offline GEuser

  • Frequent Contributor
  • **
  • Posts: 502
  • Country: 00
  • Is Leaving
Re: Is Microsoft into trojans or spyware?
« Reply #108 on: June 02, 2016, 03:43:13 am »
It is called a "Wall of text" lilos .
« Last Edit: June 03, 2016, 02:00:58 am by GEuser »
Soon
 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2751
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #109 on: June 02, 2016, 04:54:33 am »
*Lilos has been spawned
*Lilos casts "great wall of text"
*all players within 10 tiles take 200 damage
 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2751
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #110 on: June 02, 2016, 05:25:50 am »
Not sure what a bootloader has to do with monitoring, but monitoring *IS* a real issue.  Look at North Korea, do we want to become like that?  We have to fight this ridiculous amount of monitoring and not accept it or we will turn into NK too.  The government always wants to regulate and control the people and keep pushing a bit at a time.  Just look at how they can seize stuff at will, or how they are talking about making encryption illegal etc.  Or look at stuff that's already been passed like the DMCA and patriot act.  These are all things that undermine our freedoms.   I refuse to use an OS like Windows that will facilitate these organizations at collecting data on my activities. Not too much I can do about online activities but I at least want my offline ones to be private.
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #111 on: June 02, 2016, 06:00:30 am »
Quote

It is called a "Wall of text" lilos .

Is now ok ?

Just wanted to share what i found and all this is form FSF ( Free Software Foundation ) --> http://www.fsf.org/ ,

and their project to free people from proprietary bios --> https://libreboot.org/faq/#intelme

Here is Talos OpenPower 8 CPU Secure Workstation one  FSF recommended computer.

http://www.iot-dev.net/full.php?ar=5
« Last Edit: June 02, 2016, 10:52:59 am by lilos »
www.iot-dev.net team member
 

Offline TerraHertz

  • Super Contributor
  • ***
  • Posts: 3958
  • Country: au
  • Why shouldn't we question everything?
    • It's not really a Blog
Re: Is Microsoft into trojans or spyware?
« Reply #112 on: June 02, 2016, 11:04:07 am »
lilos it's sad isn't it? You post a reveal of irremovable spyware and DRM enforcement crap being built into the fundamental architecture of modern PCs, in ways that should be absolutely and unequivocally unacceptable to everyone who learns of them. What should be 'enraged mob with pitchforks and firebrands' stuff, resulting in Intel/Microsoft  execs being hunted down and killed. Yet all most readers have to say is complaints about the text formatting.

This civilization is hopelessly doomed.
Collecting old scopes, logic analyzers, and unfinished projects. http://everist.org
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #113 on: June 02, 2016, 12:31:06 pm »
lilos it's sad isn't it? You post a reveal of irremovable spyware and DRM enforcement crap being built into the fundamental architecture of modern PCs, in ways that should be absolutely and unequivocally unacceptable to everyone who learns of them. What should be 'enraged mob with pitchforks and firebrands' stuff, resulting in Intel/Microsoft  execs being hunted down and killed. Yet all most readers have to say is complaints about the text formatting.

This civilization is hopelessly doomed.

I completely agree with you TerraHertz!

www.iot-dev.net team member
 

Offline botcrusher

  • Regular Contributor
  • *
  • Posts: 192
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #114 on: June 02, 2016, 01:21:19 pm »
Good post!
It's all perfectly legible and understandable to me, but i am a bit of a computer nut. :-/O
 

Offline Lightages

  • Supporter
  • ****
  • Posts: 4316
  • Country: ca
  • Canadian po
Re: Is Microsoft into trojans or spyware?
« Reply #115 on: June 02, 2016, 05:54:16 pm »
lilos:

Please don't take my criticism of the way you posted the text as a rejection of your contribution to the subject. Thank you for sharing the information. It certainly helps everyone understand the problem we face with big corporations taking more control over the wealth of the world.
 

Offline KE5FX

  • Super Contributor
  • ***
  • Posts: 2013
  • Country: us
    • KE5FX.COM
Re: Is Microsoft into trojans or spyware?
« Reply #116 on: June 02, 2016, 06:22:24 pm »
I do not understand why people care about their bootloader -- billions of people and probably over 10 billion of devices are using proprietary bootloaders.
Unless you are an anti-social organization leader, a human right organization leader, a terrorism organization leader or a government head, NSA won't even want to bother to analyze your data.
My personal pursuing to freedom is, as long as it is close to me or I can possibly run into a freedom limited situation, I take actions. If its not even remotely related to me, I do not care.
In this situation, I do not think I will be monitored by M$, Intel or NSA, or whatever 3 letter organizations in my entire life because I'm not nearly that high profile, so what happens in my bootloader? I do not care.

Not caring about privacy because you have nothing to hide is like not caring about free speech because you have nothing to say.
-- attributed to Snowden, but I'm not sure it's original with him.
 

Offline GEuser

  • Frequent Contributor
  • **
  • Posts: 502
  • Country: 00
  • Is Leaving
Re: Is Microsoft into trojans or spyware?
« Reply #117 on: June 03, 2016, 01:58:22 am »
Quote

It is called a "Wall of text" lilos .

Is now ok ?


It was ok in the first place , i also found it hard to read to pull out what the words actually were saying , it's just the formatting .
Soon
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #118 on: June 04, 2016, 12:41:56 am »
https://github.com/zamaudio/intelmetool

This tool by Damien Zammit can query the status of the ME on your system. It uses the MEI (ME interface, previously called HECI) a bidirectional PCI interface between the host cpu and the ME cpu.

You need linux to compile it and tun it it is very simple information tool so you can know is ME is active on your pc!

I have one laptop that is intel core i5 and here is my output:

./intelmetool
Bad news, you have a `HM55 Chipset LPC Interface Controller` so you have ME hardware on board and it is very difficult to remove, continuing...
RCBA at 0xfed1c000
MEI not hidden on PCI, checking if visible
MEI found: [8086:3b64] 5 Series/3400 Series Chipset HECI Controller

ME Status   : 0x245
ME Status 2 : 0x60000000

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : YES
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Normal
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : No Error
ME: Progress Phase          : Host Communication
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : Host communication established

PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: 7aa32b527fe97b0374f01427d2fd18b93da7e88bddbc586038f67210c377d411

ME seems okay on this board
WRITE    [00] : CB: 0x80040007
WRITE    [00] : CB: 0x000002ff
ME: timeout waiting for data: expected 8, available 0
ME: GET FW VERSION message failed
WRITE    [00] : CB: 0x80080007
WRITE    [00] : CB: 0x00000203
WRITE    [00] : CB: 0x00000000
ME: timeout waiting for data: expected 5, available 0
ME: GET FWCAPS message failed
exiting





For people that want method to be on safe side use usb to Ethernet adapters it is know that they don`t have DMA access so ME can`t access it.
This is in case we are on Linux computer for windows no one knows what happens in windows kernel :)
« Last Edit: June 04, 2016, 12:55:31 am by lilos »
www.iot-dev.net team member
 

Offline Artlav

  • Frequent Contributor
  • **
  • Posts: 750
  • Country: mon
    • Orbital Designs
Re: Is Microsoft into trojans or spyware?
« Reply #119 on: June 04, 2016, 02:39:57 pm »
Random question.
If Windows 10 is really that bad and virulent, then where are all the lawsuits and protests?
I've seen a lot of boiling compost on the internet about it, but yet to notice any action being taken.
Not even rotten tomatoes tossed at the MS people.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 8176
  • Country: de
  • A qualified hobbyist ;)
Re: Is Microsoft into trojans or spyware?
« Reply #120 on: June 04, 2016, 03:03:55 pm »
Random question.
If Windows 10 is really that bad and virulent, then where are all the lawsuits and protests?

A German consumer protection organization already sent a cease and desist letter to MS regarding the enforced update. I assume MS won't comply and we'll see a lawsuit.
 

Offline G7PSK

  • Super Contributor
  • ***
  • Posts: 3865
  • Country: gb
  • It is hot until proved not.
Re: Is Microsoft into trojans or spyware?
« Reply #121 on: June 04, 2016, 03:27:48 pm »
I can see the EU taking MS to court over the enforced installation of the edge browser, Bing and Cortana. They were fined heavily in the past over IE and it being the default browser. Google have just been fined billions over far less with their search results.
 

Offline rrinker

  • Super Contributor
  • ***
  • Posts: 2046
  • Country: us
Re: Is Microsoft into trojans or spyware?
« Reply #122 on: June 04, 2016, 03:33:17 pm »
 Damned if they do, damned if they don't. AOL/Netscape sued MS over IE being included DESPITE there ALSO being an AOL icon placed on the desktop of a new install of Windows 95. 90% of the morons out there never patch their systems, and end up becoming part of huge botnets pushing crap every bit as bad as any alleged 'spying' Microsoft is doing. So now you pretty much HAVE to get updates (though there still is control). A bunch of years ago there was a major attach on SQL Server. You might remember that one. The patch that prevented the exploit was over a YEAR old at the time of the attack. There was also the infamous "Hacked by Chinese" attach on IIS servers. The patch blocking that exploit was also several months old by the time of the actual attack. I watched my logs and saw 3 different attempts on my personal server, all blocked because I had long since patched it. I was able to identify 3 different ISPs as the source of the attacks and 2 of them actually responded and cut off the source, the third one was actually within China so I didn't even bother trying to contact them.

 

Offline Artlav

  • Frequent Contributor
  • **
  • Posts: 750
  • Country: mon
    • Orbital Designs
Re: Is Microsoft into trojans or spyware?
« Reply #123 on: June 04, 2016, 05:48:39 pm »
Some geeks have the illusion that big entities are persecuting them all the time, while the majority accepts the generally good new technologies with grace.
Hm?
Isn't it the geeks that just take 5 minutes to wrap the head around whatever new stuff is tossed their way, while it's the workhorse majority that screams bloody murder when their work process gets disrupted by the buttons changing colours and like?

I'm still getting regularly harassed by friends and relatives over such things, from WinXP's Outlook Express 6.0 not being able to support the TLS yandex mail now uses, up to removing the "Win 10 update ransomware".

 

Offline Jeroen3

  • Super Contributor
  • ***
  • Posts: 4195
  • Country: nl
  • Embedded Engineer
    • jeroen3.nl
Re: Is Microsoft into trojans or spyware?
« Reply #124 on: June 04, 2016, 07:41:42 pm »
We are not the majority of the population.
https://www.ted.com/talks/simon_sinek_how_great_leaders_inspire_action?language=nl
See 11 minutes.
It's a great talk anyway.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf