[Bush2000]

Glad you brought that up. I have demonstrated under Windows XP that Media Player contacts no less than five web servers when it comes up -- without playing any content -- and certainly any one of those servers could be collecting the unique identifier and the IP address and building a cross reference. And later, when content is played, any of these servers could be collecting an inventory of the purchased or purloined works that get played by that unique player installed at that particular IP. Can MS or RIAA/MPAA tell whether the work is purchased or purloined? MS won't let anyone look at the protocol, so only MS really knows.

You're creating a non-issue. Sure, MediaPlayer could also be sniffing for nude pictures of your grandmother. Or possibly your credit card numbers. Or your Quicken data. But the likelihood is pretty low. The privacy statement clearly spells out what it collects. If you still want to wear your tinfoil hat, go right ahead. But you're spewing dubious speculation, at best.

It's a fundamental truth that, if you're connected to the Internet, you need a firewall. There are plenty of choices for the average consumer that make it easy to decide what to allow to pass through and what to stop. If you don't trust the kernel, get an external hardware firewall. Do the filtering on the external box. You're going to have to find a new mantra: People just aren't worried by your scare tactics anymore.

[TechJunkYard]

You're creating a non-issue. Sure, MediaPlayer could also be sniffing for nude pictures of your grandmother. Or possibly your credit card numbers. Or your Quicken data. But the likelihood is pretty low.

I doubt MS would be interested in that information, particularly since that would indeed constitute an invasion of privacy.

The privacy statement clearly spells out what it collects.

Doesn't say all that much. Only the blurb about "collects no Personally Identifiable Information from you"... it doesn't really enumerate what it collects. And since it concerns DRM, MS isn't likely to spell that out IMHO. I've told you that I consider an IP to be personally identifiable and I've told you why; if MS doesn't think a particular datum is personally identifiable, then it can collect whatever WMP throws at it and still make that declaration.

It's a fundamental truth that, if you're connected to the Internet, you need a firewall. There are plenty of choices for the average consumer that make it easy to decide what to allow to pass through and what to stop. If you don't trust the kernel, get an external hardware firewall. Do the filtering on the external box.

Don't act naive, dude. You know as well as I do that on a NAT firewall, an outgoing packet opens up that port to receive anything coming back from the destination address/port. A properly adjusted firewall is essential, but it is not going to save you from every bad thing -- as many who have been burned by remote-access-trojans and spyware will tell you. The safest thing to do is to turn that box around and unplug the network cable, but how many people are going to do that? Especially when playing content from the Internet?

You're going to have to find a new mantra: People just aren't worried by your scare tactics anymore.

Don't tell me it can't be done.