interesting and scary if true

[snakebite1967]

Web Rumors: ATI Catalyst contains spyware

Posted by fury on Tuesday, January 21 @ 06:20:49 CET (9 reads)

Topic ATi

The latest Catalyst drivers have been reported to allegedly open up a connection to the internet when D3D games are initialized and or accessing the display properties. Sparking a web forum frenzy, people are complaining of ATI adding spyware for whatever reasons. Adding to the hype, the connection tries to contact a Microsoft URL! In a response to these rumors, ATI writes:

"In no way is ATI responsible for using or installing any spyware or other monitoring services as part of CATALYST.

We recognize that customers may be experiencing these symptoms and ATI is working directly with these customers to resolve the issue. ATI has developers working to track this issue. Furthermore, ATI have started engaging with Microsoft to see if they know anything about this situation as it appears that the IP it is trying to connect to seems to be a Microsoft site for CRL (Certificate Revoked List).

ATI will provide an update as soon as the resolution is discovered. But once again, this is not an ATI specific activity that is causing these events."

Stay tuned to hear what the developers have to say...

this is probaly not true but still a scary thought

[Stinger]

Ahhh...nVidia

[snakebite1967]

after some further reading on another site this seems to explain it

Internet Rumors that 'ATI Drivers Are Spy Ware' Are False

During the past week, discussions have abounded on Internet sites that suggest ATI's Catalyst Driver package has a type of "spy ware" embedded into it. In the last day or two, suggestions from Microsoft appear to point to a root cause for these discussions. The cause, according to Microsoft (which ATI is working to verify and/or dispel), suggests that when a certain flag value is set for one of the DirectX interfaces, Windows will try to download updated Windows Quality Hardware Labs (WHQL) certificates. ATI is actively analyzing its code to determine the validity of this claim.

Microsoft has pointed out that when the activity of updating WHQL certificates takes place, no information is retrieved from the user's system. (We should hope so, considering that users abhor spy ware, and 'Gator,' in particular, comes to mind....)

The hypothesis is that something in the ATI driver

triggers an action similar to what would happen if 'DXDiag' is set to "Check for WHQL Signatures." 'DXDiag Help' has a high-level description of what happens in that case. Here is an example:

"Checking for WHQL digital signatures:

When you verify that your drivers are digitally signed by the Microsoft Windows Hardware Quality Labs (WHQL), the DirectX Diagnostic Tool may try to connect to the Internet to download new WHQL certificates. During this process, no information is retrieved from your system. [emphasis is ours]. The tool will ask you for permission to connect to the Internet the first time you run it. This will only be asked once. To change your answer, go to the System page and select or clear Check for WHQL digital signatures.

This can also be changed by typing the following at the command prompt:

dxdiag [/whql:on] [/whql:off]

In this command, /whql:on allows the DirectX Diagnostic Tool to check for WHQL digital signatures, and /whql:off does not allow DirectX Diagnostic Tool to check for WHQL digital signatures."

ATI says they are continuing to seek the source of the potential problem. At this time, we do not believe the rumors alleging that ATI's drivers contain 'spy ware' bear any validity. When we have more information, we will report it here.