Prey521
03-18-01, 06:07 AM
LockerGnome:
Tonight's report includes an anonymous email I received earlier this evening speculating as to what the RPCSS.EXE file is being used for by Microsoft without your knowledge. Please note that I cannot confirm ANY information contained herein, but after receiving several emails concerning this topic, I felt that addressing it might prove helpful to others that have heard rumors regarding this issue. Please be sure to take into account that it did come from an anonymous source (unknown to me) and that none of this has been proven true to date:
As a former employee of Microsoft in the know(?), I can testify that the Distributed COM (Component Object Model) Services are used to profile product key and other registration data as a future means to enforce software piracy laws that have yet to be adequately enforced at a Federal level.
Microsoft has been compiling a massive database of names, registration codes, product keys, and linking them with data pulled from e-mail addresses stored in Outlook, Outlook Express, etc. as well as the serial numbers that can now be easily obtained from any Pentium-III CPU.
Microsoft has been coordinating their efforts clandestinely with other software manufacturers and predict law enforcement will be to a point where they can finally enforce copyright and anti-piracy laws by around 2005.
Needless to say, anyone who hasn't disabled RPCSS.EXE as mentioned above(?), has already been added to the database, via data that is encrypted and randomly submitted back to Microsoft upon access of the Internet. Offenders will eventually be notified if any of their software's serial codes or product key numbers match the central database of legitimate codes which there should be no duplicates of.
If you feel this is an invasion of your privacy, you'd better reconsider. You GAVE UP your privacy when you agreed to the EULA (End User Legal Agreement) at the beginning of the install of all Microsoft products. By voluntarily using Microsoft's copyrighted intellectual property, you give Microsoft the permission to track registration and product key info of its products.
First, I would NOT simply disable the Remote Procedure Call Service that is based on RPCSS.EXE!! This service has many functions beyond the alleged clandestine behavior. If you have a Windows 2000 machine handy, check out the dependencies that exist for this service... that should be proof enough that you don't want to muck with it.
There have been reports of this service causing an Internet connection to be initiated by this service, though the reasons aren't clear. If you're truly concerned about this, there are firewall/security products that will notify you when an application attempts to access the Internet.
Again, I need to stress the fact that this is pure rumor at this point and should not be considered as fact. I feel that the recommendation to simply disable RPCSS is irresponsible due to the impact that this can have on OS and/or software function. Any installed applications that rely on Distributed Component Object Model (DCOM) would effectively be crippled. There are a number of sources on the Internet that are making claims about this issue, while no proof exists.
Tonight's report includes an anonymous email I received earlier this evening speculating as to what the RPCSS.EXE file is being used for by Microsoft without your knowledge. Please note that I cannot confirm ANY information contained herein, but after receiving several emails concerning this topic, I felt that addressing it might prove helpful to others that have heard rumors regarding this issue. Please be sure to take into account that it did come from an anonymous source (unknown to me) and that none of this has been proven true to date:
As a former employee of Microsoft in the know(?), I can testify that the Distributed COM (Component Object Model) Services are used to profile product key and other registration data as a future means to enforce software piracy laws that have yet to be adequately enforced at a Federal level.
Microsoft has been compiling a massive database of names, registration codes, product keys, and linking them with data pulled from e-mail addresses stored in Outlook, Outlook Express, etc. as well as the serial numbers that can now be easily obtained from any Pentium-III CPU.
Microsoft has been coordinating their efforts clandestinely with other software manufacturers and predict law enforcement will be to a point where they can finally enforce copyright and anti-piracy laws by around 2005.
Needless to say, anyone who hasn't disabled RPCSS.EXE as mentioned above(?), has already been added to the database, via data that is encrypted and randomly submitted back to Microsoft upon access of the Internet. Offenders will eventually be notified if any of their software's serial codes or product key numbers match the central database of legitimate codes which there should be no duplicates of.
If you feel this is an invasion of your privacy, you'd better reconsider. You GAVE UP your privacy when you agreed to the EULA (End User Legal Agreement) at the beginning of the install of all Microsoft products. By voluntarily using Microsoft's copyrighted intellectual property, you give Microsoft the permission to track registration and product key info of its products.
First, I would NOT simply disable the Remote Procedure Call Service that is based on RPCSS.EXE!! This service has many functions beyond the alleged clandestine behavior. If you have a Windows 2000 machine handy, check out the dependencies that exist for this service... that should be proof enough that you don't want to muck with it.
There have been reports of this service causing an Internet connection to be initiated by this service, though the reasons aren't clear. If you're truly concerned about this, there are firewall/security products that will notify you when an application attempts to access the Internet.
Again, I need to stress the fact that this is pure rumor at this point and should not be considered as fact. I feel that the recommendation to simply disable RPCSS is irresponsible due to the impact that this can have on OS and/or software function. Any installed applications that rely on Distributed Component Object Model (DCOM) would effectively be crippled. There are a number of sources on the Internet that are making claims about this issue, while no proof exists.