Subject: Re: 1024 bit key considered insecure (sshd)
To: Actually davidchr <>
From: Christian J Hedemark <>
List: tech-security
Date: 09/14/2002 11:57:51

Tell you what.  Send me a legit copy of Windows XP (I have no other 
need to buy it and won't steal it).  I'll hook it up in my lab and run 
a sniffer during the install.  I'll provide the full tcpdump output as 
well as a plain English analysis of what I could see it doing.  There 
have been a lot of accusations that XP "phones home" during the 
install.  I have yet to see hard evidence of this.  I'm willing to 
provide hard evidence one way or the other as to what XP does when you 
install it.


On Friday, September 13, 2002, at 06:09 PM, Actually davidchr wrote:

>> In fact, in at least two recent cases, governments have
>> refused to install
>> Windows XP because of this situation.  I'm told that
>> Microsoft graciously
>> agreed to sell them Windows 2000 as long as they pay the
>> price of Windows XP.
> That would be pretty kind of us, seeing how XP costs the same or
> cheaper, depending on the SKU (Personal or Professional).
> I can't say for sure, but I think someone's pulling your leg (or that
> someone has had his leg pulled).  Any entity with the clout to 
> negotiate
> price at that level with us is probably source-licensed and can see 
> what
> we're doing under the covers for itself.
>> There really is no question about the technical facts; just
>> turn on a sniffer
>> while you are installing XP.
> Intriguing.  What do you see?  (seriously)
> The only thing I can think of that might access the network while
> someone installed Windows from CD would be the routine looking for
> updates to the setup app, and if I remember correctly, it even asks you
> before it goes to the network.  "Do you want me to check for updates to
> setup?" or something like that.
>> What Microsoft does with or
>> intends to do with
>> it is, of course, another matter.  From the customer's
>> viewpoint Microsoft's
>> intensions make little difference, because if circumstances
>> dictate Microsoft
>> can change their policies, and/or the government can impose
>> policy changes.
> Not a valid argument unless you explain what "it" is.  What is "it" 
> that
> Windows is supposedly transmitting to us in Redmond?
> Last time I heard an argument like this, it was Win95.  On closer
> inspection, it turned out that the "mystery traffic" was simply a DHCP
> request to determine if the network had that service available.
>>> The back door is already there. When installing some recent service
>>> packs, we are required to accept a license that allows you
>> to, without
>>> notification, make arbitrary changes to our computers, including
>>> disabling software.
> Maybe I'm not looking in the right place, but I don't see anything of
> this kind.  Is this a dialog thrown by the SP1 upgrade app, or by the
> download site?
> -----
> This message or posting is provided "AS IS" with no warranties, and
> confers no rights.
> Message may originate from an unmonitored alias ("davespam").  If so,
> use "davidchr" instead.
> Any opinions or policies stated within are my own and do not 
> necessarily
> constitute those of my employer.
> I reside in Washington, USA, where Title 19 declares that sending me
> Unsolicited Commercial Email can result in a $500 fine.
> Harvesting of this address for purposes of bulk email (spam and UCE) is
> expressly prohibited unless by my explicit prior request.  I retaliate
> viciously against spammers and spam sites.