Microsoft routinely and remotely monitors the security health of PCs running its OneCare Live security service by collecting a wide range of information from users' computers, including a machine-specific identifier.
It's a policy the software giant does not attempt to hide, but it is a practice that is nonetheless unsettling to some users. It's also a more extensive data collection system than that practiced by Microsoft's rival in the managed security space.
According to an entry posted this week to the OneCare team's blog, the service has "noticed a slight increase in the number of people turning off their firewall, with a corresponding decrease in the number of green machines." (OneCare, a collection of anti-virus, firewall, tune-up, and backup tools, displays the overall security status as with 'green' for good or 'red' for bad.)
"Through a combination of surveys, emails and customer communication, we maintain a close watch on the 'health' status indicators, such as, percent of users with anti-virus out of date, or the ratio of customers that are regularly backing up files," wrote the unnamed blogger.
Only one of the comments linked to the blog was from a user worried about privacy issues. "Should user [sic] be concerned that Window Onecare is sending information back to Microsoft regarding status of customers’ machines, red/green percentage and other stuff that were [sic] not aware of?" wrote someone identified only as "Nick."
"Can you guys explained [sic] what other information are you receiving? I'm pretty much worried about privacy and in the later version will we have a chance to disable this?" Nick added.
Actually, OneCare Live has a very extensive privacy statement on its site that spells out what data is collected, and how often that data is gathered from users' PCs.
Microsoft collects such things as the frequency of backups, changes to the firewall, viruses encountered, and the overall 'health' of the system, as well as a computer-specific identifier that's generated by OneCare.
In another online document, Microsoft goes into even greater detail on what it collects, when, and how often.
The PC's security status, for example, is transmitted to Microsoft daily, while the status of OneCare's anti-virus service -- whether it's on or off -- is sent monthly. Whenever you set the Windows OneCare Firewall to allow or block a program, Microsoft is told, essentially giving it a list of programs on the PC that access the Internet. OneCare transmits not only the name of the program, but also the version number and the program's maker. Other OneCare information, which Microsoft dubs "performance data," that's collected include notice of every successful backup and every file type backed up that's not included in the default file extension list of the service.
Security rivals don't collect the kind of information that OneCare gathers. "No information is sent back to Symantec servers," said Vincent Weafer, the senior director of the company's security response group. "One thing you really have to watch in security is the privacy rights of your users. Any desire to improve users' security has to be balanced with privacy, and used solely for that purpose [of enhancing a security product]."
Symantec's current consumer security suite, Norton Internet Security 2006, does not collect data. Nor, said Weafer, will the next version, scheduled to debut sometime later this year.
Microsoft did not respond to a request for comment on OneCare's data collection.
UKFast is not responsible for the content of external Internet sites.