AR-Online 

Posted Monday, July 22, 2002


Quick navigation

Alphabetical index (text)  

I recall reading about one guy -- a real sleazeball mobster -- whom some government organization was after. So what they did was to implant a stealth program that recorded his keystrokes -- computer expert

[Website note: Ad-aware is a free multi-spyware removal utility - the best on the Net! http://www.lavasoft.nu/]

 

How to avoid or delete "RealPlay"™ spy implants

Martin Webster writes:

I GOT two responses arising from my bulletin which drew attention to the fact that the American 'RealPlay' software, which the BBC's web site requires punters to download in order to access its broadcasts, has implants which enable the RealPlay company to monitor the activity of all those computers world-wide which have its software installed (when they are online). These responses appear below and are self-explanatory.

P.S. I'm not quite sure where all this advice leaves me, since I live on Planet Mac. If anybody has any relevant info, I should be glad to receive it.


1: To: Martin Webster

July 18, 2002

WE are aware of the RealPlayer software you mention produced by RealNetworks Inc. And can offer RealPlayer V7 & V8 users the following advice to protect their privacy.

In the absence of expensive packet-sniffing software and the technical knowledge to understand the data such software produces, it is impossible for the average RealPlayer user to know precisely what the software actually sends to RealNetworks.

The user is therefore has take all necessary measures to prevent RealPlayer from contacting RealNetworks.

Measures the user can take to make sure the software behaves itself.

  1. When the installation process is complete RealPlayer will ask if you would complete a registration form. It goes without saying the user should not.
  2. When the software is installed, two additional applications are also installed; RealJukebox, and RealDownload. Unfortunately users are not given the option as to whether these applications are installed. Only when the installation process is complete, are users able to uninstall both.
       RealJukebox has received extensive coverage in the computer press (An informative article can be found at http://www.theregister.co.uk/content/archive/7586.html) for surreptitiously logging of MP3 files stored on a user's hard-drive, and connecting to RealNetworks to upload the data. Get rid of it.
  3. RealPlayer by default creates a 'shortcut' in the (C:\WINDOWS\Start Menu\Programs\StartUp), which will cause RealPlayer to connect RealNetworks, when Windows connects to the Internet.
       Fortunately this can be prevented simply and safely by deleting this 'shortcut'.
  4. The RealPlayer user can by further operations protect his privacy by selecting certain Options:

 

  • Under: View > Preferences > Support: remove ticks for (i.e. de-select):
    • Send connection-quality data to RealServers
    • Send RealPlayer GUID to Real Servers (GUID stands for Globally Unique Identifier)
    • Send configuration info when connecting to technical support
    • Enable cookies

 

  • Under: View > Preferences > Proxy > HTTP options: select:

    "Manually configure HTTP proxy." Under "Proxy server" users should enter the following URL. http://anon.free.anonymizer.com/ (This may no longer work, but is worth a try)

 

  • Under: View > Preferences > General > StartCenter > Settings:

    Users should make sure the "Enable StartCenter" option is not selected.

 

  • Under: View > Preferences > Content > Channel > Settings:

    Users should make sure the 'Enable automatic Channel headline update' option is not selected. In addition, the 'Enable automatic scrolling for Channel headlines' option should not be selected.

 

  • Under: View > Preferences > Upgrade:

    Users should Click the "Turn off notification for 30 days" button.

5) One of the most important tools defence against RealPlayer and other Spyware is the Firewall. Firewalls do not only prevent hackers gaining entry to a user's PC/Network, but can prevent unauthorised outboard communication. A good piece of free software is ZoneAlarm. ZoneAlarm users can; specify to always allow, always disallow, or to ask individual permission each time for any outgoing communication. It is the last option which is recommended, and can be used to stop RealPlayer from phoning home (Look for any attempted communication with any address at the real.com domain.

6) Lastly 'WebWasher' available from (http://www.webroot.com/) and 'Evidence-Eliminator' -- both these includes options to clean the playlist log of RealPlayer 7 & 8, as well as other software.

We hope the above is of use. Please feel free to distribute the above to any interested parties.

Pete
British Nation Webmaster


2: From: [email protected]

Date: Wed, Jul 10, 2002, 6:57 am

To: Martin Webster

Subject: Re: 'Real Play' surveillance software implants

Yes, it's true that Real Player is spyware. But so are newer versions of Windows (2000 and XP). (I use Windows 98SE.) Generally, they use the data for marketing/advertising, but what you want to know is could they abuse this? Certainly, it's possible.

If you've got a high-speed Internet connection, some FireWall software is a good bet. (I don't have a high-speed connection myself, though I have the software, which is then useless because it bogs down my system too much.) There are programs that let you know when some sort of spyware is being used. You can probably find some at www.webattack.com .

Personally, every time before I log on the Internet, I make sure I right-click beforehand on my Explorer icon, select Properties, then select the tabs Security and Privacy, setting them to the maximum. Make sure you hit the button Apply at the bottom. (You may have to lower the security settings for downloads or to view certain sites, but put them back up afterwards.) Also, in the General tab, regularly select cookies and delete them. And change your web page history to a day or two. Your "index" webpage file cannot be deleted to the best of my knowledge. (I'm sure it can, but not sure how. This is the file that also keeps track of web pages and is found by doing a Start-Find-Files and then typing in "cookies"--in that folder. While it cannot be destroyed, you might be able to do a "save as" some type of file that will cause it problems such as an Excel file. Also, you might want to search for any "applets" while you're at it and delete them.) As an added precautionary measure, you might want to encrypt your trash before deleting it out.

After doing that, before I log on, I hit CTRL-ALT-DELETE simultaneously and then close all the programs running in the background of my computer (and RealPlayer is one of them) one at a time (this is done several times in a row) EXCEPT Systray and Explorer. (You can still open any programs afterwards after having done this, but this might cause problems if you do it while you're online.)

Now, keep in mind that Big Brother might have implanted a stealth program too. (And while you're at it, when you do the CTRL-ALT-DEL, if you do this while you're online, check to see if RNAAPP is running, as I never noticed this program running until recently on my computer. And I think it's transmitting my personal data to someone, not that I have anything to conceal. Of course, I'm paranoid, too, so this might be part of it.) A stealth program would monitor all your keystrokes, where you go, what you say, and report it back to someone. Usually, such programs operate while online, but this isn't always the case. I "think" a good FireWall would prevent this, however.

I recall reading about one guy -- a real sleazeball mobster -- whom some government organization was after. So what they did was to implant a stealth program that recorded his keystrokes and such, and then they used that to determine his password for his encrypted documents. (On that matter, I've been told that US software engineers are required to put in a back door for Big Brother, though I don't believe that this is applicable to German software engineers.) A free encryption program by a German company can be found at www.utimaco.com if needed. Also, if you use www.hushmail.com (which is also free), you can get a secure encrypted line for e-mail, which if used with other encryption software might make it somewhat impregnable.

Hope this answers your questions.

 

Related items on this website:

 Surfwatch internet filter of ADL
 Martin Webster discloses secret surveillance role of software installed by BBC website
The above news item is reproduced without editing other than typographical
 Register your name and address to go on the Mailing List to receive

David Irving's ACTION REPORT

© Focal Point 2002 F Irving write to David Irving