Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dodol Bali (dodolbali_at_hotmail.com)
Date: Tue Sep 17 2002 - 20:56:59 CDT
Hmm ... actually you have to enable XP's UPnP services, it's not enabled
by default. You might try:
1). Enable XP's internet connection firewall (ICF)
2). Do not enable XP's UPnP (or disable it if you have it on)
3). Activate XP
4). Install SP1
5). Re-enable XP's UPP if you need it.
From: Max Kennedy [mailto:mxkennedyfuse.net]
Sent: Friday, September 13, 2002 3:18 PM
Subject: UPNP protocol problem (was) Windows XP Service Pack1 problem
(UPNP problem mentioned third paragraph down. I believe its the
first public attempt to talk about it)
"I would challenge you to show me another business that is required to
provide fixes for a product that you have stolen. They are limiting the
updates to legitimate licensees. If said licensee has decided to (for
whatever reason, good or bad) modify the code and / or files so that the
software does not 'function as designed' (Product Activation...), can
not expect that there is a possibility that the patch/update won't
Fixes are not "benefits" to the customer, they are required so you are
rightfully sued by the customer or thrown in jail for negligence. I was
about the wording of a Microsoft document, not the fact that they are
to limit downloads to customers. It shows the same lack of being
on Microsoft's part. I throw back your challenge to you in your face.
who make baby buggies don't replace them on recalls for the benefit of
customer, they do it because it is required of them in a lawful society
because it is the right thing to do.
Case in point: It was mentioned earlier this year that the universal
play discovery modules had buffer overflows, problem fixed, and a
'weakness' in its protocol, problem still unfixed.
My system was essentially compromised *on install* because of it.
activation attempts to connect to the internet. Win XP on bootup also
out a general *broadcast* upnp message on startup. (outlook also sends
messages by default, but they aren't general broadcast messages but
specifically to the router). On lats run by an isp where you have an
local ip address whether you are logged on or not, that essentially
your broadcast message is attempting to connect to the whole city, and
Windows XP goes out an attempts to connect to other upnp devices, which
namely are other windows systems since nothing else is really using that
protocol. If the system is running as a gateway, your system may
automatically try to use it as your router. And so it did. With
systems on my lat.
You can say that you can turn upnp off but remember, this occurred right
on install, right out of the box, before any updates were applied, as
Microsoft's required product activation was being connected to on the
And it would be still be attempting to bridge to upnp gateways if
I hadn't turned off a bunch of stuff. And as near as I can tell, not
these attempts are even hack attempts. Windows xp mucks things up,
and goes out as a hack on its own.
Although a weakness in the upnp protocol was mentioned last year,
this is the first public message I am aware of that actually mentions a
real life example of it.
As far as Microsoft's wording, this is just an example of a moral
problem in our society, where x is not under the same standard as
y, because x is more powerful and a hypocrite.
FYI: The problem mentioned with the service pack not returning
an error message earlier is probably a bug. According to the
documentation linked, it supposedly sends an error message out to those
it deems to be a pirate. Surely it ought to have returned an error
message in my case as well, a real customer. Alas, it didn't, and
I had to figure out how to prove my innocence to Microsoft on my own
so I could get the product I bought to work. Prove my innocence,
that remind anyone of a legal principle?