Big Brother Is Watching - Microsoft Is Helping

McJ's picture

I got a new laptop for Christmas which of course was loaded with Windows Vista. The other computers in my house all run XP.
I stumbled upon this article today and it has me wondering if I need to make a change.

Does Windows Vista Send Information to the Government?
by Bill Lindner on 20070726 @ 00:13AM EST | google it | send to friends
Channel: Windows | Bill's Links and More | (related terms: vista, network)

Is there more to Windows Vista being big brother than was originally thought? There appear to be features and services bundled into Windows Vista that stay in touch with the government and their associates, too.

If this is true, Microsoft has gone too far. This post was in an forum, and appeared to get overloaded from all the attention it was getting. had a copy of it on their site.

A forum user switched to Windows Vista a month ago and actually had some good luck with it. He began noticing latency on his home network connection. He used port sniffing software and networking tools to see what was going on. What he found he referred to as "foundation shaking." There are some graphical images of a peerguardian 2 log with some very interesting information. The computer was in an idle state.

It shows the computer connected to the following (in his own words):
* DoD Network Information Center (Department of Defense)
* United Nations Development Program (Seems to correlate to the parent branch of the U.N. Informatics Division)
* Halliburton Company (We all know these guys)
* Ministry of Defense Data Return Agent
* DOHS-Recon (traceroutes for this address provided nothing, suspected blocks on traceroute. Many of us who are monitoring this situation have suspected the acronym stands for the Department of Homeland Security Reconnaissance. This is merely a guess, but an educated one at that)

I ran traceroutes on the IP's, and sure enough they came back government owned. I thought this might be exclusive to my system, so I ran over to a friend of mine who upgraded to Vista when it first became available. After installing monitoring software on his system, the hits it caught on his network were immediate and almost identical in source.

Is there anyone in the abandonia community with a US based connection who is experiencing this watchdog behavior? Are any foreign Vista users experiencing similar attacks from their own countries ministries and governing agencies?

It would be interesting to see how common this is. If Microsoft is doing this to all their Windows Vista consumers, it's time to take a long hard look at how they do things.



McJ's picture


It's atrocious in the extreme that they are sending our personal information to the US DoD and the United Nations.... but Halliburton??!!
It makes my blood boil!

"They say that patriotism is the last refuge to which a scoundrel clings.Steal a little and they put you in jail. Steal a lot and then they make you king"
Bob Dylan

Microsoft shenanigans?

Can't Vista be tested widely? If the same results come up, demand an explanation from Microsoft.

My question is if it is simple to find routes and connections, why haven't Halliburton, DOD, etc. masked themselves in some way?

(This from a very non-techie.)

--Arry (I guess I need an account?)

McJ's picture

Can Never Be Too suspicous??

Hi Arry - good to see you here.


I guess my feeling is you can never be too suspicious of the government...but then I'm a former 'hippie' from the 60's, when everyone was suspicious of governments.
I wish I was more techy, then maybe I'd have an answer. However, I did a bit more checking and followed the links in the original post. I found the post on the Forum, which appears to be a huge forum for hard core gamers.

There were lots of pages of comments but for some reason they were closed after three pages (maybe they expire?). Someone from there had posted this on Digg so I went there to check this out. There were lots of 'yes they are spying' - 'no they are not' comments - with most people apparently having no idea what they are talking about. One that stuck out for me was a comment (with six replies) from a poster named Xanaver.
"Let me set the record straight for all you guys out there. I work in the IT department of a small ISP comapny. Roughly 1 year ago we had to install some hardware on our equipment, so the DOD had a clear connection that was always on. I checked with some other ISP's in my area and they had to do the same thing. So the problem does not lay in Vista but rather with your ISP. Unfortunately there is nothing that can be done about the situation."

...and from the replies

"I worked IT for a University, and we faught our asses off to make sure we did not have to install this hardline to the DoD. We tried to tell everyone, get in the newspaper (we were bound by a gag order) and a number of other things. We finally beat them at their own game by declaring ourselves a private network and implementing a few protocols to back that up.

And its not called Carnivore... quit watching swordfish and alias... it falls under the phone tapping laws of the 70's"

"they most likely just put the tap on your provider's equipment, that's what they did to us. I can't believe this isn't mentioned anywhere in the comments, but lots of organizations are doing this to attempt to comply with CALEA.**"

**CALEA -Communications Assistance for Law Enforcement Act

...also this interesting link to an article from Jan 2006 about something called MICE (Meta Image Code Execution)
"Which versions of Windows have MICE?
Microsoft introduced Metafile Image Code Execution (MICE) in Windows NT4. Every version of Windows starting with NT4, including their not-yet-released Windows Vista (aka Longhorn), incorporated this code. As soon as clever hackers discovered it, Microsoft released patches to remove it. Also remember that any fresh installation of Windows will initially be vulnerable to MICE exploitation until it is patched to eliminate this behavior.

...Was MICE added to Windows intentionally?

Software engineers who have looked closely at the Windows code that enables the MICE capability have concluded that, for whatever reason, it is operating exactly the way its designers intended it to.

Mark Russinovich, well known professional developer at SysInternals, performed his own examination, the results of which he sent to both Microsoft and me (which you can read in full here). Mark concluded:

"The bottom line is that I'm convinced that this
behavior, while intentional, is not a backdoor."

Mark agreed that Windows MICE behavior was intentionally incorporated into Windows. I respect the fact that he chose not to characterize it as a "backdoor", since that term carries such malicious connotation, and no one believes (myself included) that Microsoft would act in a deliberately malicious manner. But despite Mark's wishing to avoid characterizing this intentional facility as a "backdoor", the entire personal computer industry freaked out as much as it ever has when the power of MICE became public knowledge.

It was certainly usable as a "backdoor".

Another professional developer and industry associate with a great deal of reverse-engineering and low-level systems programming experience wrote to me, which I quote with his permission (emphasis is his):

"I've learned more and talked this over with peers. I think your argument is MUCH more convincing than Microsoft's explanation; though if this back door is intentional, the Microsoft guys answering the accusations likely don't know anything about it wink.

The idea of it being intentional has met considerable resistance by people when they first hear of it, and even I was originally resistant. But when people learn all the facts they grow surprisingly less resistant wink. One guy said, "its not like it's a jmp eax".. which is ironic, since that's EXACTLY what it is."

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king"
Bob Dylan


If it is the ISP, then the problem is general. But MICE and so on indicates something else. I personally have no doubt that Microsoft would put in some spy components if asked to, the same as the telecoms turned over records. (Well, more than that, they assisted in the spying.) I was wondering about Firefox and the other "alternatives". Seems that the government would be particularly interested in them as many "dissidents" use those systems.


McJ's picture

Every Which Way They Can

I guess it means it doesn't matter what operating system you are running, they can spy on you. Perhaps Microsoft has just made it easier with Vista?? I'm wondering now about the PeerGuardian program and if it works with Vista - what exactly it protects you from and do you need to be a techy to run it? I may just check into this when I get some time, unless of course someone else has this info and can pass it along for us.

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king"
Bob Dylan

I said NO to Vista

I had heard this about Vista so the last time we had to buy a new computer I said NO to Vista - my husband was in agreement for that and several other reasons - Bugs for one, Icon-based for another. Let's face it - the gov't is now heady with its newfound control and position nearly above the law.

Check out this website ... ... granted this guy is a little bit antagonistic towards the police, but he has documented some serious issues & infringements of our civil liberties.

Also: Wiretap case against lawyer under advisement

The felony wiretapping trial of a Boston lawyer who graduated at the top of his New England School of Law class in 2006 has been delayed while a judge considers whether to grant a defense motion to dismiss.

Attorney Simon Glik, 31, was a defendant in Boston Municipal Court Tuesday as his lawyer, June E. Jensen of Wayland, asked a judge to dismiss wiretapping, disturbing-the-peace and aiding-a-prisoner-escape complaints, which were issued against him last fall.

Jensen told Judge Mark H. Summerville that Glik was arrested in Boston on Oct. 1 for allegedly using his cell phone to record the arrest of a 16-year-old juvenile in a drug case.

She said the Moscow-born lawyer was walking through the Boston Common at 5:30 p.m. when he used his phone’s camera to videotape three police officers investigating the teen.

“If you look at the police report, the sole allegation is that Mr. Glik put out his arm, held out his cell phone and attempted to record the arrest of [another] individual,” Jensen told Summerville. “There aren’t a lot of state cases on this, but the statute requires secretive behavior, and there was nothing about the conduct here that was secretive.” ~~More~~

The case has gone to court and the judge did dismiss the case [wow! good for the judge!] but I think he was LUCKY considering the Roving of our courts.

This is a really good article that goes in-depth with link to follow-up after dismissal of charges:

Hmmm - so HTML format codes don't seem to work for me here. I'm missing something, eh? Any tips appreciated laughing out loud

Truth is by nature self-evident. As soon as you remove the cobwebs of ignorance that surround it, it shines clear.
Mohandas Gandhi

McJ's picture

No To Vista

Thanks for the links.
I'm not sure how the ordinary citizen will be able to abide by the laws as they twist and turn to accommodate the needs of the police state. It is certainly scary stuff.
I'm wondering if the same 'spying' is going on with XP and other versions of Windows. I have also read that there is a 'backdoor' into the new iPhones but don't know if that is true.

Re: HTML codes

Under your comment post you should see the link "Imput Format". Click it and you will see at the very bottom another link that says "More Information About Formatting Options" where you can find information about HTML.

NJT is just getting this sight running (and learning as he goes...I believe wink ) so I'm sure there is lots of tweeking he needs to do to get it all running smoothly.
Use [br/] (only with angle brackets <> instead of square brackets [] ) when you want a line break. You don't need to open/close it like other HTML tags, just use it once where you want the line break (or twice if you want more than one line break).
Hope that makes sense.

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king"
Bob Dylan

admin's picture

OK I *think* line breaks are fixed / automated now

Finally had a minute to read some documentation and I think I've got line breaks showing up on their own so we don't need to type < BR > every time you want a

space between paragraphs! woo-hoo rockin out


admin's picture

Big, Little, any brother...

Old news I just stumbled upon along the same lines.
AOL releases sensitive user data to the public!

Welcome Arry & Bob in Prague! - thanks for stopping by and feel free to pitch in with a blog post or comment, suggestion, whatever you've got, thanks!


McJ's picture

Info Still Out There?

Interesting, the Mirror Site link is still active even though this article is from 2006. It looks to me like anyone could still download those text files.

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king"
Bob Dylan


A college student studying for a graduate degree cracks the encryption code for millions and millions of RFID smart cards. These smart cards act as high security keys that permit entry into highly restricted areas such as airports, military installations, industrial, commercial, research, and top secret spaces.

Do we really want RFID chips to be used to store our most private personal information, then implanted under our skin to be read at will by who knows who. They say limited and authorized access - well yes - provided someone doesn't hire a college kid to hack right beyond the encryption access code - then do who knows what with your highly private and personal information.


RFID hack could crack open 2 billion smart cards

March 14, 2008 (Computerworld) A student at the University of Virginia has discovered a way to break through the encryption code of RFID chips used in up to 2 billion smart cards used to open doors and board public transportation systems.

Karsten Nohl, a graduate student working with two researchers based in Germany, said the problem lies in what he calls weak encryption in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors. Now that he's broken the encryption, Nohl said he would only need a laptop, a scanner and a few minutes to get the cryptographic key to an RFID door lock and create a duplicate card to open it at will.

And that, according to Ken van Wyk, principal consultant at KRvW Associates, is a big security problem for users of the technology.

"It turns out it's a pretty huge deal," said van Wyk. "There are a lot of these things floating around out there. Using it for building locks is the biggy, especially when it's used in sensitive government facilities — and I know for a fact it's being used in sensitive government facilities."

admin's picture

z you should post these as blog posts

I've been slow in posting new material, & I appreciate your contributions.

if you want an account so you can have a cool avatar i will see that you get approved wink


McJ's picture


Did you read that? You get to have a cool avatar!!
Free Image hosting by ImageSnap

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king" ~~Bob Dylan~~

z-z-Z's picture



McJ's picture

I like that one!

I like that one!

"They say that patriotism is the last refuge to which a scoundrel clings. Steal a little and they put you in jail. Steal a lot and then they make you king" ~~Bob Dylan~~

Post new comment

The content of this field is kept private and will not be shown publicly.
By submitting this form, you accept the Mollom privacy policy.