The genuine validation process will collect information about your system to determine if your Microsoft software is genuine. This process does not collect or send any information that can be used to identify you or contact you. The only information collected in the validation process is:Hard drive serial number? What in the blazes? Also, this list has been revealed to be incomplete: they also receive "IP address and date/timestamp data relating to systems' booting and continued operations". So they know where you are, if you've turned on your computer today, and if you've bought a new hard drive of late.
- Windows product key
- PC manufacturer
- Operating System version
- PID/SID
- BIOS information (make, version, date)
- BIOS MD5 Checksum
- User locale (language setting for displaying Windows)
- System locale (language version of the operating system)
- Office product key (if validating Office)
- Hard drive serial number
It gets better... Microsoft are also calling this software a beta - or, in their words, "This software is a pre-release version of the software intended to
update the technological measures in Windows XP which are designed to
prevent unlicensed use of Windows XP". It's not finished. They're using you to test their software for them, in many cases without asking your permission.
They go on (this is in the EULA) to say: "By using the software, you accept these terms. If you do not accept
them, do not use the software.
As described below, using some features also operates as your consent
to the transmission of certain standard computer information for
Internet-based services."
If you do not accept them, don't use the software. Fair enough. Sadly, though, there is a problem here... See, you only get to see this EULA after the validation software has been installed (it comes in two parts, and this EULA is shown when you install the "notifications" part). And, just to ice the cake, "You will not be able to uninstall the software but you can suppress the reminders through the software icon in the system tray."
To summarise: You have to install it (in fact, if you have Automatic Updates turned on, it's already installed). Once installed, you are then asked to agree to it telling Microsoft far more than is really necessary; if you don't agree, tough, because you can't remove it.
By Microsoft's own definition, spyware is "deceptive software
that is installed on a user’s computer without the user’s consent and has some
malicious purpose." I'm guessing that if you're reading this while running Windows (and please say you're using Firefox), you both have this software installed and were unaware of its presence and function. So we have deceptive. As for malicious: firstly we have no sure knowledge of what it does (which is dodgy enough for me). Second, it allows Microsoft to collect more data from you than they say it can (by their own admission). Third, it uses resources on your computer without your permission (someone posting in reply to the Groklaw article uses the analogy of someone taking your car for a joyride without you knowing). That, in my book, puts this "critical update" firmly in the category of spyware.
There are a whole load of other issues that contribute to this argument: the legality of any EULA, for example; what security holes are opened up by this beta-test software, based on Microsoft's track record? And just how many of our rights and how much of our privacy are we prepared to give up - are companies - are governments prepared to give up to Microsoft?
The inevitable conclusion to this article is: why put up with this? "If you wish to remove the Windows Genuine Advantage tools, and I
expect most of you do," it reads, "why not go the whole hog and remove the entire
software package, replace it with GNU/Linux, and find out what it feels
like to be treated with respect and to breathe free?"
I am a free man.
No comments:
Post a Comment