Oh, come on... |
Author: |
Message: |
lopardo
Veteran Member
Posts: 1395 Reputation: 33
38 / /
Joined: Nov 2002
Status: Away
|
O.P. Oh, come on...
This page is full of crap! I tried to contact the author, but couldn't find any contact information... (I wonder why )
quote: From http://inetexplorer.mvps.org/data/messenger_plus.htm
POTENTIAL SECURITY AND PRIVACY RISK
Archived conversations and the 'show contact on desktop' options cause contact names and email addresses to be stored in the Windows Registry in readable format under HKEY_CURRENT_USER\Software\Patchou for the current user, and HKEY_Users/S-I-5-****/Software/Patchou. If you do NOT want other computer users to know who you are talking to when using Messenger, or which contacts you have displayed on your desktop, do not use Messenger Plus!!
OK, it's true that Plus stores e-mail addresses and only custom names -not "contact names" as stated above- unencrypted in the following registry keys:
HKEY_CURRENT_USER\Software\Patchou\MsgPlus2\<user>\Archive
HKEY_CURRENT_USER\Software\Patchou\MsgPlus2\<user>\Contacts\CtcDetach
I agree that it should be encrypted (as in HKEY_CURRENT_USER\Software\Patchou\MsgPlus2\<user>\Contacts), but, how can that be such a high risk? If you're gonna be so paranoid, then stay away from computers... You also shouldn't use MSN Messenger's logging feature, as it doesn't allow you to encrypt them (which I think is more a privacy issue than having unencrypted e-mail addresses in the registry) and it also stores part of the address in the file name... Come on...
quote: From http://inetexplorer.mvps.org/data/messenger_plus.htm
IE-SPYADS will add the msgplus.net and msgpluszone.com to your restricted sites zone:
https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD
quote: From http://inetexplorer.mvps.org/data/messenger_plus.htm
Microsoft Giant Anti-Spyware detects Messenger Plus as an Adware Bundler (and rightly so)
http://www.neowin.net/comments.php?id=26501&category=main
That program is still a beta and detects Plus even if the sponsor isn't installed (not to mention all the false alarms it gives - one guy renamed a program "a.exe" and MS Anti-spyware detected it as spyware).
BTW, there are registry entries for every user in HKEY_USERS, HKEY_CURRENT_USER is a copy of the entry in HKEY_USERS for the current user... A MS MVP should know that, right?
|
|
01-21-2005 03:29 AM |
|
|
Weyzza
Veteran Member
SoCal sunset > *
Posts: 1170 Reputation: 29
– / / –
Joined: May 2003
|
RE: Oh, come on...
quote: From http://inetexplorer.mvps.org/data/messenger_plus.htm
POTENTIAL SECURITY AND PRIVACY RISK
Archived conversations and the 'show contact on desktop' options cause contact names and email addresses to be stored in the Windows Registry in readable format under HKEY_CURRENT_USER\Software\Patchou for the current user, and HKEY_Users/S-I-5-****/Software/Patchou. If you do NOT want other computer users to know who you are talking to when using Messenger, or which contacts you have displayed on your desktop, do not use Messenger Plus!!
That's the same thing like "If you don't want someone knows your high score for Minesweeper, don't let your friends use your computer."
Registered 7849 days, 8 hours, 44 minutes, 49 seconds ago.
Happy Birthday, WDZ
|
|
01-21-2005 03:34 AM |
|
|
MC.POP
Full Member
the DJ that hits the limitz
Posts: 270 Reputation: 12
36 / / –
Joined: Aug 2004
|
RE: Oh, come on...
thats wt happens when people dont know wt they are talking about.
|
|
01-21-2005 04:30 AM |
|
|
Patchou
Messenger Plus! Creator
Posts: 8607 Reputation: 201
43 / /
Joined: Apr 2002
|
RE: Oh, come on...
pfff... again, Sandy doing what she does best: writting crap about my software. In the idea, she is partly true (but you do have to use logs or floating windows for emails to be written in your registry, it's not like it's done automatically). It's just that as usual, instead of posting onthis forum or sending me a nice email about that, she just quickly adds a whole paragraph in bold/red on her page.
Oh well, the world is made of all sorts of people I guess. Note to Sandy, if you're reading this: for future reference, HKEY_CURRENT_USER is an alias of HKEY_Users/S-I-5-****/, it's not like I write in two keys, they are just the same keys. Also, I never saw any trace of Gator on this forum, I don't knwo what you are talking about. And last thing, please, before you do that kind of announcement, why don't you email me about it so that we can try to find a sollution together instead of doing what you just did?
This post was edited on 01-21-2005 at 06:41 AM by Patchou.
|
|
01-21-2005 06:37 AM |
|
|
WDZ
Former Admin
Posts: 7106 Reputation: 107
– / /
Joined: Mar 2002
|
RE: Oh, come on...
In Windows XP (dunno about other versions), you can't access the private registry keys of other users unless you're an admin with sufficient privileges and you specifically load the registry of another user into regedit. HKEY_USERS does not list every user of the PC, only the current user. The keys with short names like S-1-5-18 are special service accounts, not user accounts.
Therefore, it's unlikely that others can/will read your registry keys if your PC is secure. If your PC is not secure, then others can read your files and everything else, so Plus! is the least of your worries.
Also, it's not like Plus! is the only program that stores private data in the registry.
What about HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs? Every URL you've recently typed into Internet Explorer's address bar!
Or HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList? Every video file you've watched recently!
So, STFU.
|
|
01-21-2005 07:02 AM |
|
|
user13774
Disabled Account
Posts: 1119
Joined: Apr 2003
Status: Away
|
|
01-21-2005 01:55 PM |
|
|
CookieRevised
Elite Member
Posts: 15517 Reputation: 173
– / /
Joined: Jul 2003
Status: Away
|
RE: Oh, come on...
quote: Originally posted by Markus
How can a person like that be a Microsoft MVP
Because she has many friends....
Actually she has provided usefull info to the communities (except for the "Plus!"-part) in the past though.
But also because she has many (MVP) friends who believe her strait away in everything she does/reports because she's MVP -neverending cicrle here- (and also many enemies; she isn't sarcastically called "the queen" for nothing. And whenever new MVP's arrive they automatically have a bad name among certain groups of people because of her and her flok doings in the past. but this forum isn't the place to discuss that and it is an old issue anyways and I tend to look more to the things she has published before all this twisted "Plus!"-stuff.)
So back to objective info, Sandi is an MVP in Internet Explorer and Outlook Express and concentrates on fighting malware these days. MVP profile (photo on site is very old though, more recent photo can be found here)
She has written many good articles about malware (which is almost a must to read by people). But as said, her fight against malware is good, but because of that she overreacts when it comes to "Plus!" and because of her status, many people tend to believe her of course.
This post was edited on 01-21-2005 at 03:02 PM by CookieRevised.
.-= A 'frrrrrrrituurrr' for Wacky =-.
|
|
01-21-2005 02:49 PM |
|
|
user13774
Disabled Account
Posts: 1119
Joined: Apr 2003
Status: Away
|
RE: Oh, come on...
Yeah you're right. I checked a few of the articles on her site about software and there is a lot of useful info in it.
Is fighting malware good enough for being a Microsoft MVP?
quote: Originally posted by Patchou
pfff... again, Sandy doing what she does best
Again...? Something like this happened before apparently
Btw... look what I just found on the MS MVP site
It's cookie
|
|
01-21-2005 08:11 PM |
|
|
andrey
elite shoutboxer
Posts: 795 Reputation: 48
– / /
Joined: Aug 2004
|
RE: Oh, come on...
quote: Originally posted by Markus
It's cookie
pssht Markus...I don't think that Cookie wants everyone to know his full name.
Googleing even reveals his (old?) address and that he is playing/played a well known australian musical instrument
|
|
01-21-2005 09:18 PM |
|
|
user13774
Disabled Account
Posts: 1119
Joined: Apr 2003
Status: Away
|
RE: Oh, come on...
Well.. If Cookie doesn't want his real name posted on the forum i'll remove the link Cookie, you got my msn, so just tell me
[off-topic]
* user13774 is google-ing....
What is this supposed to be?
http://members.lycos.nl/cookierevised/crap/pictures/ (check me_geekpower.jpg )
On how many forums are you a member I get almost only forums in google...
[/off-topic]
|
|
01-21-2005 10:56 PM |
|
|
Pages: (2):
« First
[ 1 ]
2
»
Last »
|
|