M2Ktech.com


Bookmark
Page
   TECH FORUM
 
Forum
FORUM
Tips to your desktop
Subscribe to our mailing list:
Email:

Search this site:

<< BACK

PRINT VERSION

Your Media Player May Be Watching You!

It seems that no matter how much I research a particular subject, I can always be surprised by what I missed. I consider myself pretty savvy and able to think outside the box, but when researching this week’s Tech Tip, I was surprised by what I found. Not because it's happening, but because I didn't think of it.

Spyware is a very passionate subject for me and I get angry, outraged even, by the privacy and control issues surrounding the topic. Many times in the past I have climbed on my soap box touting the perils of downloading free stuff from the Internet and to be careful of the tracking routines many freeware and shareware programs may have hidden in them. So, as you can imagine, I felt pretty stupid for overlooking something that now seems so obvious.

The Element of Surprise

It may surprise you to know that programs such as Real Player and Windows Media Player, as well as many other multi-media players, contain elements of spyware. We all know that spyware tracks what you do and where you go on the Internet, sends that information back to advertisers who keep a database of your personal preferences, and then sends you targeted advertising, or SPAM, as it is more appropriately called. What I didn't realize was that each time I played a CD on my computer using Real Player or Windows Media Player, that I was smack dab in the middle of an information exchange. I mean, I knew the program would detect the CD information for me, display other artists in the genre according to the CD being played, or display other interactive information. But I hadn't stopped to think about the information I was giving them.

For example, you may use Windows Media Player to play a new CD you just purchased. When you pop that CD into your computer, this information is transmitted to Microsoft. If you entered your email address upon program installation and registration, you may be sent more information about this artist in the future. While this practice is not overtly malicious, it does cause concern about the right to privacy. Maybe you don't want to receive extra advertising simply because you use the Windows Media Player.

This type of spyware is referred to as Adware. Adware and spyware have very much the same purpose, but do differ in one specific way. Spyware implies no informed consent is needed for a company to gather your personal information. Adware, on the other hand, is software that contains advertising components and more clearly informs users that information will be shared. Usually this is done in the End User License Agreement.

The "Hidden" Problem

Here's where you need to pay closer attention to those End User License Agreements. With the example of Windows Media Player, did you know Microsoft makes the following statements in their License Agreement:

"...the OS components may install on your computer technological measures that are designed to prevent unlicensed use, and Microsoft may use this technology to confirm that you have a licensed copy of the OS software..."

And then there's

"Microsoft may, in conjunction with such license, also download revocation lists onto your computer on behalf of Secure Content Owners." (Read the complete verbiage – see below)

What makes matters worse is that once you've installed Windows Media Player you can't uninstall it. So, if you inadvertently installed this program without reading the End User License Agreement carefully, you're stuck. Clicking OK without reading the agreement relieves the company from any liability regarding your security concerns because you have given them permission to use your information by agreeing to this document.

In the case of Real Networks' audio player, it is now well documented that the software installs spyware. However, the company never revealed this to it's consumers when the practice began. Even if the company's use of this information is benign, the practice is unacceptable because of their secrecy. Real Networks is one of the largest distributors of audio software on the Internet and does not clearly inform consumers that they are being identified and monitored by the company.

The information that Real Networks gathers is quite extensive. Every time a computer with an Internet connection runs the RealPlayer, the following information is sent to the company:

  • The number of songs stored on the user's hard drive
  • The file formats of each song
  • Quality level of the recordings
  • The user's preferred music genre
  • What type of portable media player the user has connected to the system, if any

While it may seem harmless to allow a company to have this type of information about you, do not forget that they also have demographic data like zip code and billing address as well as other personal data like credit card numbers and purchase history.

As an advocate of the individual right to privacy, I am very uncomfortable allowing anyone to collect that much personal information about me. We talk a lot about spyware and the point of this tip was not so much about how to detect and avoid spyware, but more to point out the fact that even the simplest things require our attention. In order for us as consumers to hold software vendors accountable and enforce ethics, we must be informed.

Detect a Security Breach

Sometimes there are obvious signs of infection and other times not. If you experience unexpected pop up ads, system slowdowns, or your home page has been changed, chances are you've been infected. We recommend two programs for the removal of spyware - Spybot Search & Destroy and AdAware. Both of these programs remove a wide variety of spyware, but neither removes everything so we recommend using both. After you download and install the programs, be sure to check for and install any updates before you do a spyware check. Then, once you've removed all those nasty little buggars, be sure to protect yourself from future infections by utilizing the Immunize feature within Spybot as well.

Just a note: You may find when you do a spyware sweep that Spybot cannot remove all infected files because one or more may be running in the background. This is a good thing. It means you have identified a big reason your computer has been misbehaving and once you remove those files, you can compute again happily ever after. Just agree to let Spybot search again upon restarting your machine and the program will catch and destroy those infected startup files.

Conclusion

Spyware, like viruses, is here to stay. It is annoying, but can be detected and removed. While there are no guaranteed methods for eliminating spyware, being smart about what you download and install can help you avoid it. Make it a regular practice to update your anti-spyware software and do a periodic sweep of your system.

Additional Information

Interesting Article

Last year, Computer Reseller News Magazine published a discussion among industry leaders with regard to security threats emerging from spyware, malicious mobile code, instant messaging, and peer-to-peer file sharing. Click here to view that discussion.

The Complete Verbiage

This is the actual language some vendors use when explaining Secure Content and their rights.

"Portions of this software and other 3rd party applications use WM-DRM to play the songs you download ("Secure Content"). If the WM-DRM Software's security has been compromised, owners of Secure Content ("Secure Content Owners") may request that Microsoft revoke the WM-DRM Software's right to copy, display and/or play Secure Content. Revocation does not alter the WM-DRM Software's ability to play unprotected content. A list of revoked WM-DRM Software is sent to your computer whenever you download a license for Secure Content from the Internet. Microsoft may, in conjunction with such license, also download revocation lists onto your computer on behalf of Secure Content Owners. Secure Content Owners may also require you to upgrade some of the WM-DRM components distributed with this software ("WM-DRM Upgrades") before accessing their content.

When you attempt to play such content, WM-DRM Software built by Microsoft will notify you that a WM-DRM Upgrade is required and then ask for your consent before the WM-DRM Upgrade is downloaded. Non-Microsoft Software may do the same. If you decline the upgrade, you will not be able to access content that requires the WM-DRM Upgrade; however, you will still be able to access unprotected content and Secure Content that does not require the upgrade."

Disclaimer - The Micro 2000 Tech Tip is a free service providing information only. While we use reasonable care to see that this information is correct, we do not guarantee it for accuracy, completeness or fitness for a particular purpose. Micro 2000, Inc. shall not be liable for damages of any kind in connection with the use or misuse of this information.

Micro-Scope - PC Hardware trouble shooting at your finger tips

Micro2000 PC Diagnostics

Erased the data on your hard drive? Think again!

MicroScope on a Stick





Free translation
   SITEMAP | CONTACT | HOME

Disclaimer - The M2K Tech Tip is a free service providing information only. While we use reasonable care to see that this information is correct, we do not guarantee it for accuracy, completeness or fitness for a particular purpose. M2KTech.com shall not be liable for damages of any kind in connection with the use or misuse of this information.

© 2006 M2Ktech.com All Rights Reserved