Reliable Answers - News and Commentary

Microsoft Registry Profile exposure

Microsoft "User Information"

This sample application demonstrates the availability of Microsoft's user information section for registered Microsoft software, which is stored in the registry, freely available to any application you run.

MS Privacy Info Sample (privacy.exe, requires VB6 runtimes, use at your own risk)

If you run this sample and it tells you that there is "No privacy information found" then the hive has not been populated (meaning either you deleted it or have not registered any Microsoft product). If it has several values that don't have any "privacy" information then chances are you haven't registered any Microsoft products. If you have it should list a great majority of information you filled out in the registration process.

As a developer it upsets me that Microsoft would make this information so easily available to any application with registry access (completely available to all apps on Win9x). I don't like having this information available, however, through informing the public I urge you to write Microsoft and complain that this information is stored accessibly in the registry, and to delete it from your computer.

The application posted here does *not* remove this information from your registry. It will simply alert you to whether or not any rogue application is capable of reading it. If you have any Microsoft software loaded on your computer I do not doubt that this info is there.

If you would like to remove this information from your registry, open RegEdit and drill down to [HKLM\Software\Microsoft\User information]. If you don't know how to get there, find someone that does as the registry is *not* a toy. I recommend backing up this group ("File">"Export Registry File", save it somewhere you can find it) before deleting it. I have not had any problems since removing it (over a month ago), but I do not guarantee that you will not. Remove the entire Section "User Information".

The file above is a sample of what information can be obtained through the typical application on your computer. Yes, ActiveX controls "marked as safe" can access this information, and so can any scripts (web-site scripting as well) that uses the "Windows Scripting Host" technology. I would think a company of their size would be a little more responsible about the information they collect from their customers.

The following quote was taken from the Microsoft's privacy statement on 2000/05/30.

Q: How can I quit a registration wizard before finishing, and what happens to the information I've already typed in?

A: If you begin a registration form, then decide you don't want to finish it, just click the cancel button on the bottom of the page. You will be delivered to the entry page of the Profile Center. None of the information entered on the page where you quit the wizard will be saved. However, information entered on previous pages of that wizard, if any, will be saved in our database.

(Quoted from: http://www.microsoft.com/info/privacy.htm) [emphasis mine]

Looks like whether or not you cancel, any info you've entered in up to that point is stored regardless.

Regards,
Shawn K. Hall


Take me to the top

There is absolutely *no warranty*, express or implied for any content on this site. Any files you download or any actions you perform after reading any of this site are *At Your Own Risk* and neither I (Shawn K. Hall) nor any site, business, or individual associated with me will be held responsible if it does not work as described or otherwise does not suit your needs.

[SmokedFish] - smoked fish recipes, preparation, questions and answers

Take me to the top

Your Ad Here?

Contact our Marketing department for information about advertising on this domain.


Take me to the top

We invite you
to visit:

Professional Web Hosting and Design Services: 12 Point Design Local Homeschool provides the most up-to-date support group listings in a geographical and searchable index Budget Homeschool Kidjacked -- To seize control of a child, by use of force SaferPC dispels security misunderstandings and provides you with a solid understanding of viruses and computer security Reliable Answers - developer information, current news, human interest and legislative news Twain Harte Photo Gallery - Twain Harte, CA - The closest you can get to Heaven on Earth Cranial Laser & Neurolymphatic Release Techniques (CLNRT) - Experience dramatic pain reduction At Summit Chiropractic our mission is to improve your quality of life - We know that health is much more than just not feeling pain Visit UniveralPreschool.com to learn about your preschool options. Dave's Quick Search Deskbar
Reliable Answers.com/privacy/msreg.asp AddThis Social Bookmark Button
Google