Privacy

A Failure To Believe

I’ve been talking over some of my privacy concerns around Windows XP with a few people I know, and they all seem to be in denial about it. They just cannot imagine that Microsoft would in any way want to track what people are doing with their computers. It can be frustrating when you feel so strongly about something and people do not seem to want to learn about it, even with the facts staring them in the face.

After reading about the Windows XP Media Player 8 scandal, where it turns out that Microsoft has in fact been tracking every song, CD and DVD you play in Windows XP, is it so hard to believe that Microsoft could set it up in Windows XP so that songs encoded in WMA can not only have track information in the header, but the unique “Product Activation” number for the host machine as well?

Just think, any digital file you encode or maybe even play could have your unique identification number embedded in it so that if that track ever ends up on another computer, through Gnutella for example, they will be able to track where it came from. Don’t you think that maybe, just maybe, the RIAA (Recording Industry Association of America) would be interested in such information as it pursues cases against Napster and other online file sharing groups? Don’t you think that Microsoft, who has been pushing their WMA file format and touting its DRM (Digital Rights Management) features, might be interested in getting on the good side of the industry? Were you even aware that Microsoft has been successful in its efforts to have support for the WMA format built into DVD decoding chips built into every DVD player?

Doubting Thomases

You say you just cannot believe that Microsoft would dare to build such a unique identifier into each and every WMA file created or actually add them to any MP3 that you may play and distribute? Try remembering back to the case of the man who created one of the early Word macro viruses. Do you remember how they caught him, and how they did it so fast? They were able to track him because of information hidden in the document header. Did you know that every Word document you create has personal information and unique identifiers encoded directly into the file? I certainly didn’t, until I read about that case.

I feel as though I’m beating my head against a brick wall trying to open people’s eyes. At the same time, I feel that I would not be doing my duty as a member of the online community if I did not keep trying to bring these issues to light. Time and time again, issues like these are raised by privacy groups and news organizations, but people seem content to declare them impossibilities and dismiss those groups and organizations as paranoid. Yet in many of these cases, those fears are justified because the concerns raised end up becoming a reality.

After I wrote about concerns with Passport, people declared that there was no way Passport was in danger of being infiltrated. Yet a few scant months after the release of Windows XP, Passport was in fact hacked and all of the data inside could be readily accessed, including credit card and checking account information, addresses and social security numbers.

The danger for abuse is very real, and the sooner that people open up their minds to the possibility that these fears may be based in reality, the better. I’m not saying everyone is out to take advantage of you, but there are a lot of shady characters out there, and the ability of computers to do tasks repetitively at extremely fast speeds mean that such people only need to invest a small amount of time creating and activating a script. Think about it.