> From: Matt Curtin <cmcurtin@interhack.net>
> Date: Thu, 28 Feb 2002 17:26:58 -0500
> To: <bugtraq@securityfocus.com>
> Subject: PCFriendly DVD Backchannel
...
> Numerous DVD titles from major movie producers between 1996 and 2000
> come enabled with ``PCFriendly,'' an application developed by
> InterActual Technologies that tracks DVD usage. The system is
> designed to identify users persistently, without using an HTTP
> cookie, thus bypassing any privacy-enhancing technologies like
> cookie management software or browser configurations. The
> identifying token is persistent through product registration and
> PCFriendly use.
It's always seemed to me that one good way to deal with this sort of
problem would be a personal firewall that sat around in the background
and popped up with questions like this:
Greetings. It may surprise you to learn that the program XYZ.EXE
which you are running is attempting to connect to port 80 (http) at
web3.wespyonyouallthetime.com (198.61.143.20). Do you want to let it
do that? Last time I asked (3 days ago), you selected "Today only".
Pick one of: Never
Not this time
Always
Just this Once
Just for the next hour
Just for today
Until XYZ.EXE terminates
Answer is for: This host only
Any host in wespyonyouallthetime.com
Action: Refuse the connection
Time out
Pretend to connect, return no data
Allow the connection, log first 512 bytes
Programs like BlackIce get almost all the way there, except they seem to
be only port-based, not address-based. To avoid each user having to
make all the choices, one might distribute configuration files with
known unresirable locations already listed. It might also be possible
for the warning to "score" the warning in some way (e.g., if the program
is not a known browser, it's somewhat more suspicious for it to be
talking to a web server).
Have I missed sme great piece of software that does this already (Linux
or Windows), or is this an unmet need?
Thanks -- Olin Sibert <wos@oxford.com>
