Read the Fine Print

nihilist_1137 writes: "This story is about how MS changed its EULA and you just gave them control of your computer. In the section on Windows XP Professional, 'Internet-Based Services Components' paragraph says in part, 'You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer.'"

I can just see it now

[yobbo]

*Scanning software*
Netscape.exe
*1 Upgrade Found*
Applying Opera 6.01.exe

Okay, I can only wish :)

Re:I can just see it now

[eburns]

Unfortunatly given Microsoft's past behavior the more likely scenerio is: *Scanning software* Opera 6.01.exe *1 Upgrade Found* Deleting Opera 6.01.exe Applying IE6.0.exe

Maybe the users want it

[shaunak]

"may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer."

If you would consider the average user for a moment. He does not give a damn about most issues you would start campaigns for. All she/he cares for is whether he can watch movies, listen to music and basically create word documents. So would he not like automatic fixes of bugs? From his point of view, it would be convenient.
It's about time you took note of the average userbase Microsoft are aiming for with XP.

Re:Maybe the users want it

[Discoflamingo13]

The problem isn't the "average user." The problem is the end-user who doesn't want software installed automatically, for stability/interoperability reasons. Our XP lab at school used to auto-update new patches and fixes, until most of the functionality for accessing the Linux/Solaris servers was completely shot, and several UI problems came up. Things that used to work (like the Zip drives) suddenly didn't. Just because Microsoft updated the software doesn't mean it got any better.

The other big issue is the DRM software Microsoft, or its partners/subsidiaries, will install. Even with prompting, if you don't upgrade, then you have no access to a content provider's new media. All in all, this sounds like a giant headache for everyone that isn't Microsoft.

Re: Maybe the users want it

[Black+Parrot]

If the users want it, why is it in the EULA instead of the television commercials?

Re:Maybe the users want it

[mikethegeek]

" The other big issue is the DRM software Microsoft, or its partners/subsidiaries, will install. Even with prompting, if you don't upgrade, then you have no access to a content provider's new media. All in all, this sounds like a giant headache for everyone that isn't Microsoft."

The only winning move is not to play. Media that requires or uses "DRM" should be vociferously boycotted and allowed to rot unsold on the shelves just like what was done to Divx.

If DRM enabled media sells, we will be stcuk with it. The DMCA makes it easy for IP cartel jackboots to squash those who try to undo DRM, and the SSSCA will make it equally illegal to essentially make a system that give true "root" access to the system owner.

Re:Maybe the users want it

[BlackGriffen]

Read that again. "Automatically" is the problem. In order to do it right, it should automatically check (giving the user the option to shut down checking, of course), notify the user, and only upgrade if the user clicks on "Ok." Basically, I read this as M$ getting sick of users not getting the latest security patches (which they shouldn't have needed in the first place), so they want the option of forcing the user to upgrade. God I'm glad my computer is 100% MS free.

BlackGriffen

Re:Maybe the users want it

[nhavar]

The options are:

• Download the updates automatically and notify me when they are ready to be installed.
• Notify me before downloading any updates and notify me again before installing them on my computer.
• Turn off automatic updating. I want to update my computer manually.

I think that the portion of the EULA being quoted is designed to cover possibly the first option and also possibly some of the web installers and activeX controls that get installed. Additionally it may help to cover the initial setup which can also automatically check for updates to the setup files themselves so that you have the most up to date setup package. I think people get confused with the phrase "automatically" because they assume that automatically means ZERO user intervention. It doesn't. Assume that I go to get a coke from the vending machine, is that an automatic or manual process? 1 step is manual, me putting money into the machine, the rest is automated and thus happens "automatically", meaning the machine does the rest of the work to actually dispense the purchased product. In XP's case it's automating what was a manual process and although there is some user intervention it is still for the most part considered an "automatic" process. This EULA allows for MS to cover their ass for when stupid people who can't RTFM or even take a simple tour decide that they "got screwed" and the only way to fix things is "format and startover". When some hotshot lawyer decides he can make some cash with a class action lawsuit for all those people who were unduely inconvenienced by Windows Update then MS can fall back on their EULA. Understand also that the EULA has not been proven legally binding in the past, I'm sure that the legallity of the EULA would be called into questioned and could be thrown out (and has been in the past). Primarily it's just an honor agreement so that when the lawyers come knocking the company can fend off all but the most serious people.

Re:Maybe the users want it

[Jens]

This is somewhat like saying "Hey, I wanna be able to eat, drink and have fun, I need the money, and I don't care what those strange powder-filled small metal pellets I am manufacturing in the steel company are for. And anyway, we have much better parties, AND more women, as you and your alternative way of living have."

Yes! I know many users are like that. I know many just don't care. For all I care they can rot in the same hell as MS will, if they had their own world to destroy.

But it's our world, and just like frankly I don't give a damn about some weird insects in the rain forest, I realize that it (and them) are a vital resource for our future on this planet and so I advocate campaigns whose goal it is to do something.

(Read 'Brave New World' if you can. I think it comes quite close to what companies like Microsoft dream of: Everybody is happy, because if someone complains, he is just pumped full of drugs and locked into a room until he behaves 'compliant' again.)

This reminds me of an old Dilbert cartoon...

[Xpilot]

... where Dilbert installs some obnoxious program on his computer that scans his hard drive, steals his credit card number and automatically purchases software IT thinks HE needs. At that time, it was a joke. Now it's a chilling reality.

At least with previous ones...

[jpellino]

You could refuse - ditto MaOS - if this is no longer the case, they could be on very shaky ground. You cannot be successful in the long run by simply writing agreements that obviate existing rights, such as privacy.

Is is so drastic?

[Glorat]

Is this such a bad thing? OK so you have to trust Microsoft here but how else can Windowsupdate work?

Windowsupdate scans your computer for required updates and, depending on your settings, it downloads the appropriate updates and presents a notification on the taskbar that they need to be installed. One click and the updates are installed.

In principle, this system works great for your average Joe User. Of course, for this system to be "allowed", you need to grant Windowsupdate control of your computer hence this section in the EULA.

Now of course, this part of the EULA does open the possibility of Microsoft being malicious but I guess I would trust Microsoft just enough not to deliberately screw over all home consumers in this way

you can turn this off i think

[irishmikev]

Doesn't this just refer to the option to have XP auto-update your pc? You can turn that option off on the desktop if you don't want it, and the first time it runs it prompts you for what it's default behavior should be.

Hmmm

[Xawen]

Seems to me that this only applies to the volume licenses. Any company large enough to require a volume license will almost certainly have some manner of firewall. If they have a hole large enough for MS to get in to do things like this, they have bigger problems than someone just scanning thier Windows versions.

On the other hand, it does set a very bad legal precedent...

Re:Hmmm

[sqlrob]

Any company large enough to require a volume license will almost certainly have some manner of firewall.

Ever hear of port 80? Web services?

MS doesn't need a big hole. SOAP would do fine.

What's the difference.....

[mickwd]

.....betweeen a Microsoft Product and a Virus/Trojan ?

The EULA.

Re:What's the difference.....

[Black+Parrot]

> .....betweeen a Microsoft Product and a Virus/Trojan ?

Viruses usually work as intended.

Re:What's the difference.....

[os2fan]

Viruses and trojans work as uintended, generally.

Microsoft products generally do not work as intended.

Case in point:

Write a script for a interpreted language (eg perl, rexx), and then try to pass parameters to it (eg REXX MYCALC 3+3). The thing works, and displays the result, which you can just see as the window closes. This is documented in Technet for Winnt 3.1, it is still there in NT4, 2K, and presumably, XP.

Re:What's the difference.....

[Bastian]

Viruses usually work as intended.

Given the price of Microsoft tech support, I'm inclined to think that the sad truth is that Microsoft products really do work as intended.

This is in the PRO version...

[jpellino]

They're aiming for PROs, eh? Should be a lttile more enlightended than your base XP user, right? Unless of course "Pro" doesn't refer to IT or TECH pro features - but instead is a label designed to entice users to spend extra bucks for the "Pro" version...

Re:This is in the PRO version...

[thing12]

The major difference between Home and Pro is that Pro can join domains. It's that simple. They wanted to differentiate the product for use in businesses (hence PROfessional).

Re:This is in the PRO version...

[tburkhol]

They're aiming for PROs, eh? Should be a lttile more enlightended than your base XP user, right?

Every time a new worm exploits some vulnerability in an MS product, we see (right here on /.) calls for competence in MSCEs. At least if the OS magically patches itself, there would be fewer boxes vulnerable to known holes.

Re:This is in the PRO version...

[Tony-A]

Business, right. You have to pay to get screwed.

Once again, Slashdotters want to have it both ways

[mblase]

We've been complaining on this site for months, if not years, about Microsoft's security. They have a bug? We want a patch right away. We complain about downloading patches? Microsoft makes the system able to download and install them itself. All the user has to do is set up auto-install of new updates.

But that's not good enough, because too many users/sysadmins are too stupid to turn this on or check it regularly. So we complain that Microsoft isn't doing enough -- that they need to make the OS download security upgrades automatically, whether or not the stupid user asks for it or not. This, we argued, is the only way Microsoft can stay ahead of security holes and make sure we take them up on the patches.

So Microsoft does this. But because doing so requires the user to agree to let Microsoft access and update their system, they have to add it to the EULA.

And then Slashdot complains that MS is taking too much control.

The mind boggles.

Software auto-update is common

[Merry_B.Buck]

Google's Toolbar does the same thing, according to their official-until-we-change-it legalese:
"Periodically, the Google Toolbar contacts our servers to see if you are running the most current version. If necessary, we will automatically provide you with the latest update to the Google Toolbar."

Re:Software auto-update is common

[NumberSyx]

Google's Toolbar does the same thing, according to their official-until-we-change-it legalese

The difference is Google only checks for a single piece of information on a single piece of software and my system does not depend on this software to run. I have never had a Google Toolbar update screw up my entire system or even introduce another bug or open security holes. Google also has a pretty good privacy policy for which it has an excellent track record for following. In short, Google has earned my trust, Microsoft has proven time and time again they can not be trusted and it will take more than setting aside 28 days out of the last 20 years to fix problems to restore that trust.

XP antispy Program

[linzeal]

This program controls how your computer "interacts" with M$. Damn fine german engineering

From the website
"XP-AntiSpy is a little utility that let's you disable some built-in update and authetication 'features' in WindowsXP. For example, there's a service running in the background wich is called 'Automatic Updates'. I don't know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these function manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour."

Re:XP antispy Program

[Reziac]

If the site's wonky overload of javascript is giving your browser fits, try this direct link to download the utility:

http://www.xp-antispy.de/XPAntiSpy3-English.zip

Nothing more than Windows Update

[jerw134]

This is nothing more than the automatic Windows Update feature which IS NOT EVEN ON BY DEFAULT!!! It specifically asks you whether or not you want to enable the feature, and explains exactly what it is used for. This is nothing new. Just the typical "IT'S MICROSOFT SO IT MUST BE EVIL" attitude of /.

Re:Nothing more than Windows Update

[iceT]

OK. YOU need to re-read that sentence from the EULA... Windows update is an ACTIVE process. You have to enable it. You have to run the update. You have to select/agree the downloads.

This little 'phrase' is saying that they reserve the right to make those decisions FOR YOU.

And THAT is a bad idea, if for no reason other than their track record of patch management and hidden 'features' in their patches.

Re:Nothing more than Windows Update

[praedor]

Get it through your skull. This is MAINLY about M$ spying on you and the software you use. It is about labeling you a pirate who is guilty until proven innocent. They are NOT just nicely checking your system out to see what needs updates, they are spying on you to make sure you are absolutely obeying their bullcrap license terms.

If I buy software I OWN it, I did NOT buy a license, no matter what they say, I bought SOFTWARE that I can do with as I please...it's frickin' MINE.

Re:Nothing more than Windows Update

[praedor]

Ah, but that is what M$ thinks and I flat-out deny. I do not buy a license or simply a right to use software, I buy software. That means it is mine to do with as I please. I can put its CD in the microwave if I want and watch it spark when I turn it on, I can give it to my Da, I can sell it to my friend, and I can install it on multiple machines. M$ may not agree or like it but tough doo-doo. I own it.

Re:Nothing more than Windows Update

[Sycraft-fu]

Perhaps you might try using XP and seeing how it works, then you'd better understand. Normally, to update XP you have to go and click on Windows update, search for updates, download them, etc just like past versions of Windows. However it offers you the OPTION (it askes during setup and can be changed later) fi you'd like it to grab and install updates automatically. If you answer yes, it will update itself for you, and then just let you know.

The phrase in the EULA is a CYA measure on their part. They don't want someone enabling this, and then trying to sue them for it. However, I repeat, this is voluntary. You can leave it in the classic mode where you must instantiate an update.

Re:Nothing more than Windows Update

[bnenning]

I do not buy a license or simply a right to use software, I buy software.

Exactly. We need to focus on this point, rather than debating about which terms in a EULA are reasonable or not. EULAs are not contracts. In any context other than software they would be laughed out of court (and have been, in the case of books). When software that I own puts up a dialog box with pages of legal drivel, and I click a button that says "I Agree", that is of no significance whatsoever, since I can lie to my software if I want to.

Re:Nothing more than Windows Update

[praedor]

Say whatever you want. It is of no interest to me in the slightest what Gates and Co think or want. I do what I want with MY software and I DO install it on any or all machines I own. Of course, I wouldn't pollute one of my pristine machines with any M$ OS, though I have used the OSes now and again to play certain games - yet I do this without ANY money going to Gates (what does THAT mean?!) EVER. I install whatever on any and all machines I own. They and the software on them are MINE to do with as I see fit. It doesn't matter what M$ or anyone else thinks or likes or wants. That is the way it be.

Re:Nothing more than Windows Update

[bnenning]

Even Open Source software and Free Software still deal with licenses

Unlike EULAs, the GPL does not pretend that you must accept its terms in order to simply use the software, because you don't have to. The GPL only comes into play when you redistribute the software. Under standard copyright law you can't do that at all; the GPL grants you the right to do this provided you fulfill certain conditions.

This will continue to be the case until RMS gets his communistic fantasy world, where programmers never get paid

False dilemna. "All software must be free" and "Anything put into a EULA constitutes a valid contract" are not the only alternatives. Standard copyright law is entirely adequate to protect the rights of software publishers.

Re:Nothing more than Windows Update

[bnenning]

Now, if we were dealing with a GPL app, and you suddenly decided you wanted to modify it, distribute your version, and not release source, you'd raise hell. But if we were dealing with a proprietary app, and you decide you want to run it on your notebook, home machine, and work machine, most slashdotters wouldn't care. They're the same thing -- you're breaking the license.

In the GPL scenario, you are redistributing the software, which would normally be forbidden by copyright law. Your only defense to copyright infringement is the GPL, which you can't claim if you don't accept it. With proprietary software, you can perform actions which do not violate copyright law (modification, reverse engineering, resale), which are only (allegedly) forbidden by the EULA. The GPL and other open source licenses only give you additional rights, EULAs only remove your existing rights.

My point was that until RMS gets his Candy Land dream, end users will never "own" the software they run

Agreed, but that's the case with all intellectual property. When I buy a book, I don't own the actual words, but I can do whatever I want with it as long as I don't violate copyright law. Long ago, publishers tried to impose EULA-like conditions on book sales, and they were laughed out of court.

Re:Nothing more than Windows Update

[praedor]

Yes, and JUST like cars...I buy a car from chevy and it is MINE. Chevrolet doesn't get to restrict my use of MY car. They sold it to me and now it is ALL mine to do ANYTHING I want to with it. Same with M$ software (or anyone else's). If I buy it, it is MINE to do with as I see fit. I don't give a f*ck what they THINK people should do with it.

If I buy a painting (art), I can do whatever the hell I want with it. Copy it, give it away, etc. M$ and Gates don't get to redetermine what ownership/buying/selling means just because Gates can't handle not having control. PROVE you own YOUR software. I hope to HELL you kept every receipt or obtained receipts from those who gave it to you as gift. If you cannot absolutely PROVE beyond any doubt that you actually paid for your "license" (bullshit) then you are a pirate (by the way, that is the M$ position you so love and respect).

Re:Two Perspectives

[JanneM]

Two is that people are stupid if they don't read those agreements.
Now that's something else. I wouldn't call myself stupid. I have actually read the Windows 98 EULA, but all the software that's downloaded and tried through the years' EULAs, I don't bother to read. I mean, how many people actually read EULAs?

If they don't, they are getting what's coming to them. Anytime someone enters a legal agreement it is their duty to make sure they know what their agreement actually is. Would you take a loan, buy insurance, rent an apartment or buy a book from Amazon without knowing the terms of the deal?

This is even worse, though, as it is about the volume licensing for companies. Sure, I can understand that someone buying a game for their kids don't bother with the EULA (consumers do have a layer of legal protection against onerous agreements), but this is about companies not even bothering to find out the terms of use for software that's expensive and critical for their operation. That is stupid.

/Janne

Lack Of Knowledge The Key

[Self+Bias+Resistor]

Possibly, but I think you're missing the point here. Read this post to see what I mean. The point is that the average user doesn't know and/or care about these things. As long as he/she can play music, games, get his/her spam from Hotmail ;-) and write Word documents he/she couldn't care less because either they don't understand how this would work or consider it important. Hence, if your audience is ignorant of these things, you can get away with a hell of a lot under the impression that "it's for your convenience/benefit" because most people don't have the time or knowledge to question these actions. We (the technically literate) need to educate the rest of the community ourselves and not leave it up to Microsoft to utilise user ignorance to get away with such things.

Re:Pretty reasonable

[egreB]

You're damn right. This is Microsoft's software, not yours.
Agreed. Whatever they do or do not do to (wow) there software is their buisness.
If you don't like it, then don't install it.
*duut!* Not agreed. How many computers do you see in sales WITHOUT Windows? How many users would know what an OS is? Are the users given a choice? Nope - they have to stick with Windows. That's what's bothering me. And it all ends up in MS' marketing strategy - "if you sell ALL of your computers with Windows, we'll give you a BIG rebate!" Not many computer-sales-companies says no to that.

We have of course our beloved Macintosh, but that's a different story..

Re:Two Perspectives

[gdiersing]

I wonder how many people have read the EULA and then clicked cancel and returned the product...... oh wait nevermind, since most people get it preloaded they never had the chance.

strawman

[coltrane99]

(1) I have not seen any credible posts demanding that auto-download and install of patches be on by default on Windows systems. There have been buggy patches before for Windows, could be again.
(2) Slashdot isn't a unitary entity. If you make the mistake of expecting every J. Random Poster's comment taken together to represent a coherent position on anything, you will be disappointed.

Re:strawman

[tshak]

(2) Slashdot isn't a unitary entity.

But the vast majority is. Just see my journal of a little experiment I did not too long ago.

Re:strawman

[scrytch]

> Slashdot isn't a unitary entity

Slashdot's editorial position tends to be. To the point of producing snide commentary in the body of the articles submitted by someone else. Minor version of software for Linux get announced with great fanfare, but nary a peep whenever there's a new development in the Windows development world, because after all, "real geeks don't do windows".

Thankfully the backlash of respondents against the knee-jerk bill-bashing is getting stronger...

Re:strawman

[dvdeug]

Slashdot's editorial position tends to be. To the point of producing snide commentary in the body of the articles submitted by someone else. Minor version of software for Linux get announced with great fanfare, but nary a peep whenever there's a new development in the Windows development world, because after all, "real geeks don't do windows".

There's a quote a radio station I used to listen to used: "You get what you pay for. And you're listening to us . . . for free." Slashdot is a pro-Linux site. I don't go on MSNBC and bitch about it not covering Debian's new release - why do you come here and bitch about Slashdot not covering new developments in the Windows world? It's not Slashdot's job - if you want that, go elsewhere.

Re:strawman

[scrytch]

There's a quote a radio station I used to listen to used: "You get what you pay for. And you're listening to us . . . for free."

I don't pay, so slashdot is free to be worthless? As for your radio analogy, turn the dial sometime, and except for some hold-out college stations, you get crap, crap, crap, endless regurgitation of audio pablum, More Of The Same everywhere you go. Is that all you expect of slashdot?

I post because I actually give a damn about this this so-called community, I identify with it despite all the crap. Perhaps I should simply vote with my feet and find a more reasonable atmosphere, but I prefer a bustling community to an empty one. It just saddens me to see that the focus of discussion is getting hijacked by the articles themselves, away from meaningful news and toward hot-button flamebait.

Where is the moderation for articles? How about cumulative votes for "objective" vs "opinionated" or "accurate" vs "inaccurate"? How about some reputation points for submitters and editors along these lines?

Slashdot is a pro-Linux site.

No, it seems more to be an anti-MS site. Perhaps I wouldn't mind so much if it focused on actual news instead of continually grinding its editorial axe. Removing the snide commentary from the article bodies and moving it to the posts to stand and be moderated along with the rest of us plebians would be a great start.

It Makes Me Angry

[Alien54]

It is this sort of this that angers me. It angers me deeply and profoundly.

This Type of survics should always be an opt-in.

Most US law is on the basis of the ordinary citizen is automaticly opted-out of things unless they opt in. People do not have to opt out of buglary, rape, robbery, murder, slavery, etc.

Businesses now assume that you should be automatically want what they offer, and that we should automatically agree to any condition they impose. Microsoft is one of the largest sinners in this regard.

May Bill Gates be tortured by the demons of all worlds religions in the after life. May he be forced to suckle from the 16 poisoned leathern teats of Gophahmet, Whore of Betrayal, until he bursts from an unwholesome engorgement of curdled bile. And may many other such joys await him as well.

Don't mind me. I'm pissed, it's early, and I haven't had my coffee yet.

Re:It Makes Me Angry

[Tony-A]

Under whose control?
I do not run unknown binaries and resent anything that attempts to run them for me without my consent or knowledge.

Re:It Makes Me Angry

[Tony-A]

How? A little extra attached to the next solitaire game. Many ways.
Fear Uncertainty Doubt
What will Microsoft do to your computer today?

Re:It Makes Me Angry

[SuiteSisterMary]

I do not run unknown binaries and resent anything that attempts to run them for me without my consent or knowledge.

So you don't use apt-get, BSD ports, Ximian Red Carpet or Red Hat Network, and only install RPMs, Solaris PKGs, and other things that have been digitally signed by somebody that you trust, and who's signature you've personally verified against said signature? Oh, and when you download something from source, you painstakingly go through it, line by line, looking for maliciousness? No? Then you're running unkwown binaries, and there may be attempts for things to run without your consent and knowledge. Or are you saying you delegate your trust? BSD ports, for example, is probably a fairly safe place to get things from. Fine. So what you're saying, instead, is that you only run binaries from sources that you choose to trust. Great. Go nuts.

Re:It Makes Me Angry

[Tony-A]

Nope. Far too lazy to take that much effort.
Download RPMs from random mirrors. Might check dates or file sizes or that duplicates are really duplicates. Investigate if I spot something that looks fishy.
Much safer. Much less effort. (I'm not the only one doing a bit of looking)

Re:Once again, Slashdotters want to have it both w

[belroth]

And what about the patches that cause bigger problems than they fix? I don't download most new patches immediately (unless it's a major bugfix), I wait until the dust settles.
MS have been known to release service packs that do just this.

Same legal team

[cluge]

Straight from the article : MS says "...is not intended to force upgrades on customers."

This is the same team that told the DOJ that MS isn't a monopoly and if they were they wouldn't do anythign illegal. Yeah I believe them, don't you?

Re:Once again, Slashdotters want to have it both w

[Thomas+Marsh]

Microsoft makes the system able to download and install them itself. All the user has to do is set up auto-install of new updates.

But that's not good enough, because too many users/sysadmins are too stupid to turn this on or check it regularly.

On the contrary, sysadmins are advising that users disable automatic updates on XP because the tendency of the auto update facility to replace, for example, working drivers with faulty ones, as well as not providing information on which packages are being downloaded. (Read that in an article somewhere. Never used auto update myself.)

I do see this as a privacy concern, because it is only with XP that windows update does not say "this is done without sending any information to microsoft." All other versions of windows use the anonymous facility, so they already have a working production update system which they've replaced with this more invasive version. -Coinciding with the EULA changes.

Whether it is an intentional attack on privacy/piracy or simply that MS decided the old mechanism wasn't efficient enough over a slow connection (or some other technical reason) is speculation.

Re:Once again, Slashdotters want to have it both w

[crawling_chaos]

And who says that this will be used only (or even primarily)for security upgrades? It would be just as easy to introduce subtle file incompatibilities in Word or major differences in the .NET environment to screw potential competitors. How long before an automatic download kills MP3 playback and suggests conversion to Media Player?

A lot of us lost all trust in Microsoft a long time ago. Once lost, trust is a very difficult thing to regain.

Re:Two Perspectives

[DrSkwid]

C> someone who want's to know what they are agreeing to before proceeding

I almost always at least skim through EULA's (and the GPL/LGLP/BSD licences make this easer, read once agree anywhere).

I certainly take the time to read the TOC of the web services I sign up to to see what they are going to do with my info etc.

Why do companies tolerate this?

[Phil+Wherry]

[IANAL, so consider these comments accordingly]

I'm really quite surprised that there hasn't been a big backlash from the legal departments of corporate customers over the text in the license agreements from software makers like Microsoft.

Most of the large organizations that I've worked with have relatively paranoid legal departments. The average person cannot, for example, sign a non-disclosure agreement, vendor contract, or do anything else that binds the company without having the document scrutinized in excruciating detail by the company's legal department. And, as anyone who's ever been through this process knows, excruciating is the correct word for this situation.

Yet people install software all the time that binds the company to ridiculously one-sided terms: This software is ours, not yours. Unless it breaks: then it's yours, not ours--and we're obligated to do everything up to and including nothing to help you.

It seems to me like two possible explanations exist--neither of them pleasant:

• Legal departments aren't challenging shrink-wrap licenses because they feel they're not really enforceable contracts. This seems to fly in the face of things like UCITA, though, which allow the software vendor to say "W3 0wn j00" in their license agreements with the force of law to back them up.
  
  
• Legal departments aren't challenging shrink-wrap licenses because they realize that most of the time they're dealing with a powerful monopoly--and that the choice is to accept unconscionable terms or simply be unable to perform essential functions. Most legal departments don't understand open-source software, and I think Microsoft's done a good enough job with its fearmongering campaign about the GPL that there will be a lot of hesitation even if the light bulb ever does come on.
  

There's also the issue of who's allowed to "sign" these things. In most corporate-user situations, the user doing the software installation (and therefore "agreeing" to the click-wrap terms) isn't a corporate officer or someone who's been delegated the authority to bind the company to a set of terms--no matter how reasonable. This seems to me to be pretty dangerous. In the case of a dispute with the vendor, it could potentially put the user at personal risk for representing they had the authority to bind the company when, in fact, they did not. While the economics of pursuing an individual over a company's breach of the license "agreement" probably don't make sense, this remains at least a theoretical risk.

Re:Why do companies tolerate this?

[praedor]

Minors cannot legally sign a contract. I say, to avoid ALL claims by M$ or anyone else that you are bound by a bullshit EULA, have an underage child handle all the initial parts of your software installs. YOU never saw, nor clicked on any "I Agree" button and the child is not legally bound by such.

Re:Why do companies tolerate this?

[jsse]

Seriously I've been thinking of this to evade legal trap by hiring a group of teenages to install software. However, my company lawyers told me it might not work as we hire them for intended purpose thus we are still binded by the contract. Oh great.

Joy

[The+Pi-Guy]

Just wait until their servers get hax0red...

A patch that is supposed to fix an Outlook virus becomes a virus? Methinks I'm gonna turn off autoupdate and tell it to warn me first...

--pi

One small difference

[Dark+Paladin]

There is a difference here. There are two ways to do this:

1. The operating system logs into a remote site, and checks for new files. It then checks a local list/database/registry/etc and decides "Ah, that's a new patch. I need that." See Windows 98/2000/Sierra Auto-Update.
   
2. A remote server logs into a workstation computer, scans a database/files/MP3's (yes, fear on the last one, but it's always fun to take these to the far extreme), then recommends upgrades.
   

The difference between the two is who has access to my files. Right now, with my Windows 98 machine that I use for games and video capture, I don't mind hitting the auto-update as long as that message saying "We're not sending any information to Microsoft" stays on.

As soon as I sit down to my computer, and it by itself says "Oh, Hi, I just checked your stuff, and we noticed that you need patches. And while we're at it, we checked your MP3 list, and we don't think you legally own 'Rinbo Revolution'."

Extreme? Yes. But it's no different in my mind between letting the plumber in to fix my pipes, or giving him a key and saying "Come in whenever you like and just look around and tell me what I need." I don't trust anybody (except my wife ;) well enough to just give them the key to my house. Or my computer, for that matter.

Re:One small difference

[gimpboy]

well in theory when you installed windows xp you went through the online registraton. at this point your personal information is in a database somewhere at microsoft. when you installed office xp you will go through the same registration process. then they know you installed it there (on computer A). now you go and install the same products on some other computer (computer B), call microsoft and tell them you got a new computer and you need to move your licenses. your old computer (computer A) is still running, and microsoft decides to contact it when it's online and they discover that you are using your copy of xp twice. since you registered they know your name, phone, address, etc. they call them bsa and i think you can figure the reset out.

are you breaking the law? sure. are they allowed to search through your computer? sure you clicked "ok". do i want to deal with this? no. imagine if you moved into a neighborhood and you had to agree to have your house searched whenever some private organization wants to.

if that private organization only used the information they were allowed to it probably wouldnt be that bad. i personally dont trust microsoft to have my best interests at heart, so i wouldnt agree to such things.

Re:Two Perspectives

[PhotoGuy]

So what if I don't like the license agreement? By the time I've seen it, I've already paid for the damn product.

There should be a law requiring the EULA to be printed or summarized on the box, or published on the web site, so people can know before-hand. Once you've bought the product, what are you gonna do, try and return it because you didn't like the EULA, or put it on the shelf?

Once again, consumers need to spread the word about such EULA's, and kick up a stink about them, and let it be known what's going on. Simply clicking "disagree" isn't going to save the next poor bugger, nor yourself. :-)

-me

Re:Once again, Slashdotters want to have it both w

[iCEBaLM]

We've been complaining on this site for months, if not years, about Microsoft's security. They have a bug? We want a patch right away. We complain about downloading patches? Microsoft makes the system able to download and install them itself. All the user has to do is set up auto-install of new updates.

The problem is when you not only tell it you do NOT want auto-updates but also you STOP THE AUTO UPDATE SERVICE and then, when your computer becomes unbearably slow and unresponsive you check the process list and, uh, what's that, autoupd using all my CPU time?! But I told it I didn't WANT auto updates! ARGH..

It really happens... You cannot turn off auto updates in XP.

-- iCEBaLM

A Bridge too far?

[mikethegeek]

" Several readers were also worried that Microsoft's broad assertion of its right to access their computers would force their companies into noncompliance with government security guidelines and various privacy laws. This concern was exacerbated by additional PUR language in the same Windows XP section. In terms of "Security Updates," users grant Microsoft the right to download updates to Microsoft's DRM (Digital Rights Management) technology to protect the intellectual property rights of "Secured Content" providers. It says Microsoft may "download onto your computer such security updates that a secure content owner has requested that MS, Microsoft Corporation, or their subsidiaries distribute." In other words, it would seem Microsoft's idea of a security update is one that protects the property rights of vendors, not the security of customers' systems."

What Microsoft is preparing us for is the next step: No root access to a machine.

This is scary ass stuff. Note that MS's EULA gives them the right to change these license terms on a whim. Your license with MS is one sided, MS can change anything they like, and you have no rights other than those MS chooses to grant you.

Running a business on such a system to me would see m an unwarranted risk, especially given MS's pathetic record when it comes to security related bugs and holes.

What MS is saying is that they have "root" access to your machine and can read anything or install anything at will.

This is clearly over the line. NO OTHER industry in the USA can sell a product and attatch the kinds of "strings" to it's use, while disclaiming any and all liability for defects as the software industry.

MS and other proprietary software vendors have had it totally their way for too damn long. We need some sort of law limiting what can be in a EULA, restoring the "first sale" doctrine, and at the very least, a right to "opt out" of new license changes made AFTER the sale.

The best solution is to use Linux or other OSS software. Sooner or later, Microsoft and their goons will go a step too far, and the business world will realize the danger of allowing such meglomaniacs THAT kind of control over their information system arteries.

If this little nugget isn't it, WHAT will be?

Re:A Bridge too far?

[oni]

Sooner or later, Microsoft and their goons will go a step too far

isn't that like saying that drug dealers will go too far and the addicts will stop using?

call me cynical, but I just see the corporate world as too depentant on microsoft (on the desktop anyway) to give them up even if they wanted to.

Re:A Bridge too far?

[mikethegeek]

"On the one hand you claim we need government intervention, on the other you claim the market can straighten it out!"

I want both to happen. The government has a moral and legal obligation to protect the rights of users of proprietary software, just as it does users of other products.

GM or Ford couldn't escape liability for a design defect in their trucks that causes them to explode, taking with it a company's assets. They would be FULLY liable not only for the actual damages, but for compensatory damages.

This liability tends to discourage such horrific defects.

There is no such liability in software. You can EULA away all responsibility, even if you KNOW the product is defective. A company's data can be totally screwed by a defective software product, and the software company be totally non-liable.

The market SHOULD decide that OSS software is less expensive, less legally risky, and more secure, but this is not going to happen overnight. I believe in the long run that it will. This is why the proprietary IP cartel is pushing such new laws as the SSSCA that would essentially make it a felony to produce an open system.

Re:A Bridge too far?

[drudd]

the Open Souce world has devised a system that MS can never destroy.

I only wish you were right here. Microsoft themselves can never destroy open source, this is true. Partnering with the hardware manufacturers, however, makes this all too easy:

Step 1: include digital rights management at the hardware level which only is supported by proprietary software (and to reverse engineer it is illegal by DMCA)

Step 2: stop producing hardware without these restraints (you'll have the content creator's lobbies on your side with this one). If you're really ambitious, make it illegal to own/produce etc. hardware or software which doesn't have this digital rights management system.

Step 3: Free software dies since no new hardware is produced which can be used with free software.

This is the key point... as long as hardware specs remain open, free software will flourish. If microsoft can ever extend it's monopoly to hardware (all it really needs is a gentlemen's agreement with the hardware manufacurers, not direct control) then it can kill free software.

Sure there will be people who still use free software on older hardware, but they'll be a dying minority, all but ignored by the rest of the computer industry.

Now I'm not saying this plan would be easy to implement by Microsoft, or that they will be able to do so, but it is certainly the direction they are pointing. They know that they can't compete with free software on an equal setting... certainly not dispose of it altogether. At best they can try to contain it through marketing, which is what they're currently doing.

Doug

Re:A Bridge too far?

[Malcontent]

"My guess is that Microsoft added this to the EULA to avoid having silly people (or companies) turn on the auto-update feature and then sue MS when something breaks, whether it's really Microsoft's fault or not."

My machine updates itself. My machine breaks. In what universe is this not Microsoft's fault? And why shouldn't they be held responsible for it?

Re:A Bridge too far?

[GSloop]

Sheesh - do you know what a tort is?

tort Pronunciation Key (tôrt)
n. Law
Damage, injury, or a wrongful act done willfully, negligently, or in circumstances involving strict liability, but not involving breach of contract, for which a civil suit can be brought.

This is what you sue civially for...not loss of life etc. Your definition of liability wouldn't cover my crashing into your car, as long as you didn't die, or have the real possibility of dieing. [Sheesh]

Every, let me say it again! EVERY company should face liability for the products it makes. This is an essential part of a free market system. Everyone is free to make a product, but by participating in a system where everyone is free to create suttf, the maker must ALSO agree to be responsible to a court system.

The court system is where mistakes in the creation of the product are adjudicated. If the maker/creator was negligent in the eyes of a jury, and caused damage to a party, then the creator/maker must "make it as if the damage never occured." Software makers should also suffer this liability.

Now, the hue and cry will be "Oh, software will be so expensive, if we have to eliminate most bugs - software is ALWAYS buggy!" Bah! Software _will_ cost more, if we demand a higher standard. But, that's not such a bad thing. What companies like MS (and others who make shoddy, feature laden, rather than solid software) do is shift the cost burden.

Instead of SuperDuper Wordprocessor costing $800, it only costs (up front) $250. Then the company that buys that software then spends way more fixing problems, and lost documents etc. So, the software really cost $1500 say, but mgmt thinks it only cost $250. Now mgmt should realize this, and probably they eventually will. That will change the system.

But to say that we don't need the legal system is stupid. If I produce a crap lawn-mower that wrecks your lawn, I should be liable. If I produce crap software that tells you to apply 100 Lbs of fertilizer / sqare foot, and that wrecks your lawn, I should be liable. (Free software would probably need some waiver.) What's so different there. There might be some slight modifications needed for software, but if software manufacturers were liable on a "sale of goods" basis for damage from the software, then I expect we would see some serious improvement in the quality of our software. I would be that or die.

Just my thoughts.

Cheers!

Re:A Bridge too far?

[Ig0r]

Here's a fairly large one:
http://slashdot.org/articles/00/11/04/1437226.sh tm l

Re:A Bridge too far?

[bero-rh]

A company's data can be totally screwed by a defective software product, and the software company be totally non-liable.

Which is a good thing, to an extent.
If there were any law to the contrary, just imagine what would happen to some Open Source projects.

Say you're a 16 year old student who hacked up some PHP board to run his own website, and you're thinking it may be useful to others.

Right now, you simply GPL it and put it up for download.

With a liability law, you'd run the risk of being sued over any defects - and since you typically wouldn't have any income at all, you'd think several times before releasing the code in any way, probably coming to the conclusion that you can't release it at all.

Much the same goes if you apply it for companies only. Take Red Hat:
We do a lot of testing on every release before it's called a release, but of course we don't have access to every piece of hardware in the world that Linux supports.
It's certainly possible that some version of an officially released kernel can cause massive filesystem corruption when the MyFOO ISA SCSI adapter is used.
We'd release an errata update for this type of stuff, but that's pretty much all we can do about it.

With a law holding software companies fully responsible for everything they ship, we'd probably have to disable all drivers that don't get loads of testing (basically all non-standard hardware), and also remove quite a few packages.

The difference between the software and the truck exploding is that you can use the software on very different hardware combinations (and no company in the world has the resources to test on all of them), causing potentially very different results.

Defining the limits of reasonable liability for software bugs would be a very hard task even for an engineer (my take would be something along the lines of "Vendors of proprietary software can be held responsible for data loss and damage caused by bugs in their software if the problem can be reproduced on the hardware recommended by the software vendor and the software is used in its intended way. Makers of Open Source Software and non-profit Software can never be held responsible."), and probably undoable for a (clueless) government.

Re:A Bridge too far?

[GSloop]

Oops...Final sentance.

_It_ would be that (fix the software) or die!

Cheers!

Re:A Bridge too far?

[Tony-A]

First, you say free software needs a waiver. Why? Why should free software have a waiver?
My word-processor has never crashed on me - but if it did I'd be fine with it because of the cost.
Looks like you answered your own question.

Re:A Bridge too far?

[Tony-A]

Huh?
The only thing similar I've seen was with Microsoft's bastardized "Java", ant that was due to Sun's restrictions.

Re:A Bridge too far?

[Fjord]

First, you say free software needs a waiver. Why?

Tort law, indeed, does give different levels of liability to commercial entities than to noncommercial ones. It's been decided in law and case law that is an entity is making money off of you, they have a higher duty of care. In fact, there are even good samaritan laws lowering liability for people who are doing something for the community without direct benefit to themselves (and an ego boost is considered an indirect benefit).

Of course, I don't think that it is true that free, as in libre, software should have a waiver. After all, if I have a suppot contract with RedHat then I expect that to be enfored. However, free, as in gratis, software shouldn't be held to the same regard (even if closed source) since the authors aren't profitting off of you.

IANAL, but my wife used to go to law school

Re:A Bridge too far?

[Tony-A]

I've also got access to the sources and diagnostic tools. If there is a problem I'm not totally dependent on the vendor to find and fix the problem. By withholding the sources, it seems that the vendor is assuming responsibility for what the customer could do if the customer had the sources.

Re:A Bridge too far?

[Phroggy]

What Microsoft is preparing us for is the next step: No root access to a machine.

It is generally recommended that when using a desktop system, you NOT be logged in as root, for security reasons. Use root for system administration when you must, but in general, stick to your own unprivaleged user account. This is for two reasons: first, to prevent bugs in the software from wiping out the system, and second, to prevent the user from wiping out the system by mistake at 3am (rm -rf / var/tmp/junk - whoops, there was an extra space there...).

Most Windows systems are desktop systems. Is having a "System" account with more privaleges than "Administrator" really a bad thing? Maybe, if you are prevented from doing things you want to do. How often do you find that to be the case?

Mac OS X is set up in a similar way. There is a root account, but there's no password (it's set to * so logins are disabled). Administrators have group write access to folders like /Applications and /Library, and can authenticate in System Preferences or the Installer to make changes and install software, but /System is owned by root and cannot be modified.

However, anyone in the admin group automatically gets sudo access to run anything as root, so sudo tcsh gets you a root prompt. I'm pretty sure Windows doesn't give you that ability.

(By the way, if you really want to enable root logins: /Applications/Utilities/NetInfo Manager, Domain -> Security -> Enable Root User. I haven't found a good reason for doing this yet.)

Re:A Bridge too far?

[gorilla]

Except that software can, and does kill.

not really

[gimpboy]

most of the stuff i use is released under one of the following:

gpl

bsd

apache

by reading the above licensing terms (the bsd one is trivial)
it would cover about 85-90% of the software i use (close to 95% of the stuff i have installed). the rest are some variation of the above. while it might be a pain in the ass your still making a legal agreement. weather or not you care to read what you are agreeing to is not really that important your still responsible for your actions (disclaimer: if you are an adult in the united states)

i would expect that most home users wouldnt be using windows 2000 professional, and i would expect the IT people of a company to be a little more accountable than the average home user. i'm a grad student and i manage computers for my advisor. when i install software, i check out the licenses. most of it is gpl'ed so i dont have to worry too much. it's my responsibility since i'm his IT person. i'm not a lawyer or in need of psychiatric help (i suppose you could argue about the latter).

Re:not really

[fossa]

With software under the gpl, bsd, etc., I don't have to read the license or agree to it to use the software. Once I legally obtain a copy, I am free to do as I wish as long as I do now violate copyright law. Only when I wish to do something which is not allowed by law (e.g. redistributing) must I follow the license (gpl, bsd, etc.).

This is very different from an MS style EULA which attempts to limit what I can do with my copy of the software over and above existing laws.

You are correct that it is easier to deal with software that is mostly under common licenses, but do not make the mistake that the free software licenses are anything like standard commercial EULA's.

This can be done without the EULA.

[Crixus]

I think the most important issue here is that MS can have its OS's download and perform upgrades WITHOUT having to have this kind of language in the EULA.

All it would need to do is have an automatic wizard pop up ever week (or month) or so and ask your PERMISSION to check for and download the latest updates. The Wizard can even provide a lengthy explanation of what it's about to do for those who want more information.

That is all that's required for REAL updates.

This language in the EULA sounds like it might be giving them EXTRA permission to do other things. Checking version numbers of WHAT software? As someone else pointed out, will this include OfficeXP? Is it checking for pirated warez?

So despite all of the people up here screaming that ONCE AGAIN the /. crowd will do anything to bash MS, there is something to be concerned about here.

Rich...

Re:This can be done without the EULA.

[Crixus]

Oh GOD NO! Not features for an OS that help people protect the products they're trying to sell! HOW EVIL!

You're not thinking. How far are you willing to let corporations of law enforcement peer into your home to check for these violations?

What else will MS be checking for? Will they be looking for Open_PGP keyrings? (secret keys in particular). We have no idea WHAT they're looking for, and without being able to audit their code we have to take their word for it.

I don't trust them OR law enforcement to tell me the truth.

Do you think "Digital Rights Management" would have been such a big thing, do you think the DMCA ever would have been created if piracy wasn't as mainstream as it is today?

I have no idea. I am trying to think of an example where theft or piracy isn't rampant in an industry, yet they vigorously protect it anyway. I am still thinking. I'll get back to you on this.

However, your question implies that you think it's OK if this "feature" in the new EULA does this (checks for warez), when it says it's doing something else.

Everyone always says "read the fine print" but when a slashdotter actually does this and raises a red flag about a potential... POTENTIAL privacy issue, they're criticized for it.

Yes, MS is an EASY target, but just because they're being attacked does not mean they do not deserve it.

Do you run Windows yourself? If you do, (and be honest about it) did you buy it?

I'm not sure what I do is anyone's business.

And if you didn't, do you have the right to complain?

I will always defend my right to protect my rights and consumer rights. Just as I argue vehemently against those who say I lose my right to free speech if I choose not to vote.

Rich...

Heh heh... cute. Likely false, but cute.

[jpellino]

It's a basic principle of tort law, but I'd love to see the original reference if this is true.

There is a difference

[internic]

It's true that for Windows Update to work, it must determine what versions of what programs are on your computer; however, in the past is explicitly said that no information was transmitted to MS in the process, presumably because all the checking was done client side. Now, obviously, if MS looked at what you downloaded they could make a guess at what you have, but such snooping could at least be said to be an invasion of privacy. Now they have made you explicitly say that such snooping is ok. Moreover, in this snippet of the agreement, at least, it does not say such snooping will always be for the express purpose of system upgrades. Finally, you always had the option of not using Windows Update, but it sounds like you have to agree to this now just to use the OS. So I think this is new, different, and shitty.

Re:There is a difference

[Zico]

Now, obviously, if MS looked at what you downloaded they could make a guess at what you have, but such snooping could at least be said to be an invasion of privacy. Now they have made you explicitly say that such snooping is ok.

Where in that snippet does it say that checking is no longer done client side?

Moreover, in this snippet of the agreement, at least, it does not say such snooping will always be for the express purpose of system upgrades.

The snippet Slashdot has reads "may automatically check the version of the Product and/or its components that you are utilizing [...]" So yes, it sounds like checking is done for the express purpose of system upgrades — The Product and/or its components. There some other snippet you were referring to? Because that one shows you to be pretty much 100% wrong.

Re:Two Perspectives

[Flower]

It does seriously put a new spin on the phrase "How much is your time worth?"

Other Content Owners?

[Spuggy]

[From the Article:It says Microsoft may "download onto your computer such security updates that a secure content owner has requested that MS, Microsoft Corporation, or their subsidiaries distribute."]

Does this mean that if say a music distributor reaches an agreement with MS to send music over WMA that they can request MS to check for non-licensed files? Or can they request MS to implemented some form of CrippleWare into Media Player? (granted your own fault if you're listening to music on it with all the published concerns regarding privacy and the software)

Like everyone else has pretty much said, the Windows Update Feature doesn't really bother me much, but allowing updates requested from other Vendors kind of does--especially if it is a background process that I don't know about.

MS didn't think anyone would notice ANYTHING

[jpellino]

My original point stands - you can't just walk all over what people need and think that can simply go on endlessly... MS spent years engineering a system that took away options - and they got their head handed to them, and the recent revelations show that plain old people DO care. MS is possibly getting off only for political reasons - but they seem to be going back to their old arrogant ways. MS is the irish potato of the computer world - monoculture on which not only does their well being depend, but so does the wellbeing of 90% of computer users. The crop goes bad and lots of users / businesses go dark. They may just creep up on enough small indecencies so that someone calls them on it. MS has an achilles heel somewhere - and the people who depend upon them better hope no-one finds it. This is not original - Nick Negroponte has laid this out in detail with several real possibilities. Someone needs to dope slap the folks who Ok these little things.

Re:MS didn't think anyone would notice ANYTHING

[i_am_nitrogen]

What about OEM installs of Windows? People who buy a computer from Office Max or Wal-Mart don't ever get the "Agree/Disagree" prompt. Usually there's a little book that says "For distribution only with a new PC." inside the box, but does it ever say anywhere "Read me or die a horrible death?"

EULA != legal contract

I don't know what the laws in your country are, but here in EU, EULAs can be totally ignored. I don't actually sign them, and clicking a button (or whatever the program asks me to do) doesn't count as a valid contract.

They could ask for my soul in the EULA, I really don't care, so why bother reading beyond first line?

Re:EULA != legal contract

[gimpboy]

ianal: i believe here they are legally binding. here being the united states of course ; ). it would be nice to move towards what you guys have. be careful though. organizations like the wipo will probably start lobbying your government to do things to legally enforce eulas.

Re:EULA != legal contract

[mgv]

I don't know what the laws in your country are, but here in EU, EULAs can be totally ignored. I don't actually sign them, and clicking a button (or whatever the program asks me to do) doesn't count as a valid contract.

So if I buy my software in the EU where the EULA doesn't count, can I use it in the US where they do? If you didn't buy it in the US, and didn't agree to the EULA, at what point did you break a US law?

Michael

Re:EULA != legal contract

[mgv]

There are countries where it is legal make, sell and buy pirated software, but it is still illegal for me to import it to the UK and use it here.

So if I am a european citizen and I have a laptop with microsoft products on it, I can't use it in the US?

And conversely, if I have a US laptop, might it be illegal to use it in certain ways in Europe because it affects the EULA (although this is probably less of an issue)?

When you get your computer in the US or the EU, you don't get a disclaimer saying that it can't be used in another country - surely a common issue for any laptop sale?

Michael

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Red Hat's up2date

[gimpboy]

up2date and windows update

1-> i connect to a server and get a list of stuff thats updated. then my computer makes a decision.
the eula above

2-> their server can connect to mine and poke around at will.

up2date is a choice and not required by the installation. you must register your computer to use up2date. up2date is not something you explicitly agree to when you install the operating system.

to me there is a big difference.

Re:Two Perspectives

[xonker]

So what if I don't like the license agreement? By the time I've seen it, I've already paid for the damn product.

Not only have you paid for it, but if you buy it at a typical store like Best Buy you're stuck with it even if you don't agree to the license -- as soon as you open the shrinkwrap, it's non-returnable. Conveniently, you can't even read the full EULA until you've opened the product. M$ should have to print the entire EULA and attach it to the outside of the box.

Re:Two Perspectives

[Stary]

Would you take a loan, buy insurance, rent an apartment or buy a book from Amazon without knowing the terms of the deal?

No, just like I wouldnt buy, say, Windows XP from Microsoft without knowing the terms of the deal. But I would read the books from Amazon without reading through the intro pages of copyright info, and I don't see why I should need to read 25 pages of EULA to read a book, or use a piece of computer software.

Now let's just look at it: Do you really expect people who think copy-and-paste is difficult to read and understand the EULAs? The paragraph quoted in the article probably sounds perfectly fine to Joe User... should I have to hire a lawyer to use Windows XP?

Microsoft's most desired flaw

[Mozai]

Microsoft's most desired flaw is that they do exactly what they're asked to do. The complaint around here is that what they're asked to do isn't the right thing to do -- which you can distill to "users are stupid."

I'm a sysadmin at a small company -- 60 employees, few million dollars is revenue. A reoccuring problem I have is employees who open file attachments from strangers. I've written policy; I've had meetings and presentations. Hell, the CEO said to me once "good thing I use a Macintosh because I double-clicked on that gone.scr attatchment, eh?"

Updating virus protection, and applying patches on every desktop machine is a must. After a particularily scary security announcement about IExplorer.exe, I got the patch off of Microsoft, posted it to our local file server and sent out a letter to the entire staff [insert something here about office politics and loosing face for scaring people] saying "install this patch immediately." Little did I realize that the patch was broken and replaced later the same day on the website with a functioning one. So, I expected everyone would come to me and say "I tried but it did _this_ instead."

Two people came to me to complain. Two people of 59, when I said it was important to install this patch. Of the two people, one of them is a suit who hates using email (kudos to him for reading it).

Some sysadmin, as frustrated as I am, must have asked for this 'MS will upload patches to you whether you ask for it or not' feature. Hell, I've had suits whine to me about "can't you just update my virus software for me, automatically?" and I think to myself "I guess I should, since when I say 'DO THIS, it's very important,' you ignore me."

Uproar is not over the current mechanics...

[Karl+Cocknozzle]

...But over the wording of a license agreement that allows MS to do anything they want to your computer.

Is this such a bad thing? OK so you have to trust Microsoft here but how else can Windowsupdate work?

Windowsupdate scans your computer for required updates and, depending on your settings, it downloads the appropriate updates and presents a notification on the taskbar that they need to be installed. One click and the updates are installed.

There's no justification for needing legal authority to install anything, as the system functions today. To "need" this level of authority, Microsoft would have to argue that THEY, not you, are in fact installing the software in question. In my opinion, (not a lawyer) that's crazy.

In order for the software to be installed, you (a person of sound mind and body) have to take the active step of saying "Yes." You're doing it. It's one-click installation, but you made the choice.

Unless future versions of Windows Update will automatically install things? I don't know whether to laugh or cry.

Got Code Red Part 44 after the Code Red Part 43 patch auto-installed? "Sorry, you agreed we could install anything we want, including buggy, poorly-tested code."

After all, Microsoft would never release a patch that opened up new holes in the feature it was supposed to fix. (Or in other random products.) Anyone claiming contrary will be burned as a witch.

Slashdot logic

[Reziac]

And what would you be saying if every linux distro had a license agreement which stated "At any time we can root your box and replace any packages we want" ??

This isn't about "having it both ways", it's about whether or not YOU own your box and whether or not YOU control what is done with it. Let's not drag other issues into it.

Re:Slashdot logic

[Tony-A]

if a linux distro had a license agreement which stated "At any time we can root your box and replace any packages we want"
I would expect to be paying several thousand a year minimum for the privilege. And have copies of the exact same software on several other boxes for which I pay nothing and they do not have access.

Re:Well, Does 'Random Joe' *like* his auto-update?

[reality-bytes]

Microsoft isn't exactly gonna state that XP uses a 'Consistency' protocol (why is it called that) in their help pages. It ensures that if Microsoft want to force an update down your throat they can take 100% of your bandwidth away from you at the drop of a hat.

Don't always believe what you read......

And next time you would like to call me ignorant - try doing some research outside Microsoft's information circles.

FUD and idioticy

[SilentChris]

I can't believe this drivel even made it onto Slashdot. This paragraph (and the paragraphs around it, which the article is clearly not referencing for shock value) talk about a feature that has to be *turned on* to be used. In fact, the OS asks you early on if you even want to enable Automatic Updating, and IT administrators (like myself) can easily turn it off on a whole host of machines simply by using Group Policy: remove the option to automatically update.

This is a tech "shock" article, designed to get zealots in an uproar, and it should not even be bothered to be read.

Re:FUD and idioticy

[SilentChris]

Am I missing something? Or perhaps you are?

I set up all of my users to download the Group Policy setting "Don't automatically download" from my 2000 server. This, alone, should prevent them from upgrading patches I don't want them to.

I then check the traffic on the firewall to see if any are trying to go out on the Windows Update port. So how is Windows going to suddenly "magically" change its settings to automatically download the software? Going to some rogue IP that I know nothing about? This is foolish X-file stuff!

There *are* alternatives to automatic downloads, but you don't have to go to free software, or necessarily and other OS, to have them. All you have to do is make sure your users (and yourself) don't make negative decisions, than enforce it by checking your network traffic. So far, from several months of traffic, I have seen NOTHING on the port (and no calls to Microsoft sites on the DNS outside of www.microsoft.com and www.msn.com).

Re:FUD and idioticy

[SilentChris]

If there was ever an OS that refused to allow me to control network traffic, yes, we would switch to something else. No one's done that yet, and quite frankly I don't think any software maker would (corporations like to keep close tabs on their workstation's configurations - lose that and we'll stop buying).

Re:FUD and idioticy

[SilentChris]

In the tech world (as in all capitalism-based industries) there is a very basic solution if a piece of software no longer manages your "criteria" for acceptable. If an OS decided to upgrade itself, and *didn't* give me the option to turn it off (which, as I stated before, XP does), I wouldn't buy it. Simple solution to a simple problem.

Re:FUD and idioticy

[dhogaza]

The point you're missing is that while it is optional now, the wording in the license makes it possible for MS to make it non-optional in the future.

And you are already bound by that agreement to let them do so if they decide to do so (if you're buying in bulk under that license).

The article is about the *license*, not about existing versions of the operating system.

Will they ever take advantage of this change in license? No one knows, least of all you.

Re:FUD and idioticy

[Alsee]

Will they ever take advantage of this change in license? No one knows

Hmmm. You're right. I don't know.
We should look for an informed oppinion on this issue. It's all legal gobbly-gook, so we need to ask someone familiar with the law. Not just any lawyer though. We need to ask someone in a position of power and authority. We need to ask the government! Hmmm, what branch of the government handles lawyer stuff? Oh yeah! The DOJ! We should ask the DOJ if they think Microsoft will abuse this!

Yes! that's it!
I can tell you, it would be a real load off my mind if the DOJ told me that in their oppinion Microsoft wouldn't abuse this EULA clause, and that they didn't think Microsoft would abuse their monopoly position!

-

Because ...

[AftanGustur]

And then Slashdot complains that MS is taking too much control.

Freedom is about choises, freedom is about having options and beeing able to choose (even if you don't do it).

Having so-called "upgrades" and "patches" showed down your throat, is not freedom.

That's why the /. crowd is complaining !!

Re:Because ...

[rseuhs]

Having so-called "upgrades" and "patches" showed down your throat, is not freedom.

That's why the /. crowd is complaining !!

Exactly.

And we all know that freedom is unamerican and communist. (Thanks go to Microsoft for pointing that out).

unboggle your mind

[markj02]

The issue is not with Microsoft making available technology and web services that lets people upgrade their machines. The issue is not even with Microsoft turning this on by default. The issue is that Microsoft claims a legal right to do this unconditionally, whether you want it or not, whether you have disabled it or not. And they don't just claim that right for security-related updates but also for verifying license compliance.

Besides, one might well ask why Microsoft is shipping software with gaping security holes in the first place. In 2002, there is no excuse for any company or group to ship software with buffer overrun-related security problems (yes, this also means open source software).

Re:Pretty reasonable

[smcv]

And it all ends up in MS' marketing strategy - "if you sell ALL of your computers with Windows, we'll give you a BIG rebate!"

I thought it was even worse than that - more along the lines of "if you sell any computer with some OS that's not Windows, we won't sell you Windows at all"?

If it was some other company doing this (something the size of Adobe, say, for the sake of argument), that would be bad, but at least people would have the opportunity to "vote with their wallets" and go elsewhere for their software. Since Microsoft basically has a monopoly on desktop OSs, office software and miscellaneous other things, there isn't really that opportunity (I help my more hackerish friends install Linux, but much as I hate to say it, I don't think pushing non-hackerish people into leaving Windows is necessarily justified yet).

Personally I'm OK at the moment with Linux for most stuff and Win98 first edition for games, but I'm not sure what I'll do when stuff stops supporting Win9x (I don't mean Microsoft "support", I mean apps/games which will only run on an NT-based Windows, so I've probably got a few years yet). I'd better hope WINE are still making progress, I suppose.

Good and Bad

[JWSmythe]

Well, this could be a very good, or bad thing..

From the good point of view, they're taking responsibility to fix things. The end user with 1 XP machine that coudn't even figure out how to spell "windowsupdate.microsoft.com" is saved from potential problems. Never more will we have to ask/tell the customer, "Go update your software."

Now think about the admin with 400 XP servers on his network. Once a week, he doesn't have to install patches on each and every one. I've had fun before watching a team of 3 guys updating software on 150 NT4 servers. I didn't even ask what the problem was, but I know that we completely reinstalled and reconfigured 16 Linux machines (fresh OS installs, replaced some hardware, set up the sites, and had them running again) before they were anywhere close to done.

The XP admin will love this, assuming they do implement it. The EULA is just saying right now that they have permission to do it.

There is a downside. NT4 SP6 (not SP6a). Anyone remember that one? I believe it was the one that when you installed and rebooted on a Compaq built server, it would fail to boot. The only fix (from Microsoft) was to reinstall Windows.. How many companies use those nice expensive Compaq servers, which would be automatically killed off.

I have a computer at my home, with an i810 chipset, and an Intel Pro10/100 NIC. Windowsupdate insists that there is an update for it. I installed it (point, click, let it run). When it came back up, no more network. The new network driver doesn't recognize my network card. But, Windows automatically identified it as the new and updated driver..

The scenerio of the XP admin with 400 machines under his control. Now he has to go to each and every one, and try to fix the network driver. How long would you think it would take to fix 400 machines? How long if the update happened to come on Friday at 5:30pm, 30 minutes after he left for a weekend vacation.

We have a policy at my office, no changes on Friday. Maintaince stuff is fine, but no changes that will potentially make people work over the weekend. If Microsoft is calling the shots on updates, it's on their timetable. Maybe the day they call to update my network driver is the same day that all the Admins from my office are at a conference, meeting, or something..

We all know stuff never happens at the right time, but we don't really need an extra variable of random events.

I'm all for the updates. Maybe if they have it the way the WindowsUpdate notification works now, it would be very good. it says "There's an update available", they click the button, and it does them.. I'll be interested to see how they implement it, if they do..

Of course, we don't run XP for damned good reasons (We're a 90% Unix shop). NT survives for our legacy sites. I'll watch the comments fly when M$ kills off a few hundred thousand users with a flawed update. :)

Re:Good and Bad

[Todd+Knarr]

Now think about the admin with 400 XP servers on his network. Once a week, he doesn't have to install patches on each and every one.

I'll think about the home user. You know, the one who, unlike the corporate admin, doesn't have clue 1 about backing out a bad patch. You outlined the problems corporate admins have had with bad Windows updates. What's a clueless home user going to do when things start breaking and he really didn't do anything to the system?

Re:Good and Bad

[Todd+Knarr]

Yup. And guess what gets reinstalled as soon as he hooks up his network connection. And around and around we go...

Where's the friggin' EULA?

[taliver]

I've been hunting for the past hour on microsoft's site and on google looking for the XP EULA, and I can't find it. I'm awaiting delivery of a laptop with XP on it, and I want to see if I need to delete everything or not when it shows up.

Where the hell did microsoft hide the EULA?

Re:Two Perspectives

[Sir+Holo]

Two is that people are stupid if they don't read those agreements. They are so used to clicking next that anyone who has agreed to this deserves to give thier info to M$

OK, my ex-girlfriend is a lawyer, but I am not. She talked specifically about this sometimes. The Ex says:

(1) One thing that is always considered in legal issues is, "What would a reasonable person do?" Well, no "reasonable person" can read every EULA they get. Therefore, it is not clear that any non-standard stuff that you "agree to" can be enforced, because it has not been tested in the courts (when we discussed this).

(2) Contractual obligations cannot supersede the law, and you cannot sign away your rights. For example, "You agree to enslave yourself to Bill if he decides he wants that," would not be enforceable.


Remember, this is second hand, but it seems applicable here. Perhaps a law-talkin'-guy can expound.

Re:Maybe the users want it: Yeah, Right

[technomancerX]

I'm sure the users want a system that by default only gives them 85% of the bandwidth because it reserves the rest for talking to Microsoft's servers (this is an XP out of the box default).

On another note they've used auto-update of the OS through MSN for a while and a few of the people I know stopped using MSN because of compatability problems caused by the updates... updates that they couldn't turn off... One person actually had to reinstall her machine because one of the updates completely hosed her system... updating core OS dlls without checking with the user is a BAD idea...

Then again I'm sure the argument from Microsoft will be if you're only using our apps compatibility isn't a problem =)

In general having a system that tells you an update is available and provides an automatic method for installing it is good... but it should also provide a way to find more information if you're a technical user and let you know of any potential problems and let you decide what to do...

They can download, but they can't execute.

[Tetravus]

Throughout the rest of the licensing agreement Microsoft is careful to differentiate between simply having information on a computer and actually executing that code.

This agreement doesn't say that MS can execute the new code that they force onto your workstation. So, if they did automatically execute it, they'd be stealing computing resources from your company.

hehe
~Tetravus

Re:Two Perspectives

[Stary]

Define "agreeing". If I first edit the installer to make the button say "I disagree", does that help me? Where does it state clicking a button in a computer program is agreeing to a legal contract? What if one person installs a program, and another person is the actual user?

Honestly now, if I released a program with a long long legal-mumbo-jump-like text saying "you have to pay me 25% of your salary every month you use this program", and then sue my users when they refuse to pay up... What would you say my chances of winning in court are?

Maybe thats a far-out example, but I think you see the point. It could just as easily say "We have the right to use any information as sent to us by this program in any way we see fit. Further the program may look at files on your disk." I could then enjoy the benefits of credit card information, selling email addresses for spam, and what-not.

Face the facts: People do not read legal mumbojumbo presented on a computer monitor when installing "Splatterfest XXI: The Massacre" to play. What if a video tape had the text on it "By pressing the play button on your video player, you agree to send $1000 to the maker of this movie." Is that a legal contract all of a sudden as well?

Now, maybe where you are corporations rule and buy their own laws left and right but that's not the way it is all over the globe. I have a feeling that in many countries the court would just say "if you want people to understand it then write so that they can."

Microsoft's EULA is irrelevant

[defile]

End User License Agreements, also known as "shrink-wrap licenses" or "click-through licenses" are not legally binding.

Here's a page that explains further, including citations of court cases where the judge found that they weren't legally binding.

Microsoft updating their EULA means about as much as Steve Ballmer having MSN carry his latest round of whinings and what they wish the world really was.

Re:Of Contracts and Lawyers

[nagora]

The task of any lawyer or group of lawyers is to zealously protect the rights of their client

No, a lawyer's primary task is to make money for their firm. Just as a prostitute's primary task is to make money for her pimp. In both cases it is often, though not always, a good tactic to make the client happy, but that's just a by-product. Also, in both cases law and morality are non-factors.

TWW

Re:Maybe IT wants it

[shokk]

I can see this being extremely useful in IT, but only if you can point it at a local server where you select what patches are OK. IT tends to want to deploy service packs are they are verified to work with certain known software packages. For a home user, I would want to verify this myself, so I would hope that they would make this optional. Otherwise, I will not be buying Windows XP.

Additional Threat: Service Packs

[no_such_user]

Something else to consider -- Service Packs.

Let's say MS updates their DRM policies and you don't agree with them, and they distribute an "update" to their customers. You disabled auto-updating, and you decide against applying this patch. Now WMP can't play some recently released media, but no biggie, you can find other ways of playing media.

Now let's say a massive bug/hole is discovered and Microsoft is responsive and develops a fix. What's to say they won't release this patch ONLY as a Service Pack, which contains this patch and also includes the DRM patch (and who knows what else!)?

They have been trained, but there is hope.

[Erris]

They don't get it yet, and those that do are embarassed.

Everyone sees those service packs and weekly "anti-virus" updates. A few of them know that M$ is changing everything under their feet all the time. Some of them have even figured out that M$ is not the only program they have that calls home. They have been beat down with FUD and convinced that they need that "automatic" hand in there fixing things. To them this is the same feeling they get when they pay for a $100 oil change. They feel ripped off, but don't see a way out.

The people who know the most are the most embarrased. Here it is, laid bare, all those evil things the free software people have been telling them for years. The MicroTurds have led their companies down the rosy path all this time, ignoring poor perfomance and increasingly ugly control from M$. The waste of ever shifting formats was a demoralization they were willing to live with because they thought it would end one day. Now they look around and see the chains. The latest changes in document formats came as a huge shock to them because they know of no other applications than M$ for Windoze. So it is now obvious that the changes will never end and that they are being used as the upgrade train. Last thursday a co-worker told me that M$ was shifting all of their licensing to XP and rental only by next June. He was really shocked. IT is demoralized completely, especially the die hard M$ pushers. "What can we do?" they wonder.

People I work with are now interested in Linux and other free software. These are rank and file engineers who, as one of them put it, "use software like toilet paper, I use what's on the roll." I'm amazed. What I've told a few people about the concepts of free software, its motives licenses and current state, sunk in.

I have three old computers that I'm lending to people so they can see for themselves. I've warned them that I'm NOT a CS or IT dude, and that the machines could be better configured by someone that knew better or cared for things like noise, TV and movies. What I lend them are basic Debian machines with Gnome applications, Netscape, Mozilla, a few window managers and some kind of network connection. This way they don't feel like Free software robbed them of anything (I leave that to dying M$ junk), and I don't have to spend hours at their house figuring out their computer. In short, I try to give them the tools they use for 95% of their work and let them know that there are better tools available for people who really need them, like Latex for typesetters, databases and noise makers.

Trust?

[90XDoubleSide]

We can debate all day about whether the ability to get John Q. Public's computer security patched so it stops DDoSing your web server outweighs the value of having full control over your machine, but honestly, if you don't trust a company enough to have confidence in simple software updates, should you really be running their stuff in the first place?

Re:Trust?

[Teun]

Well, however distrustfull I am of downloadable software, I do (OK, did) trust Microsoft's security fixes.

The problem here is they now publicly state such a download might be more than a simple fix of a deficiency and even take away previous functionality.

Re:Maybe the users want it: Yeah, Right

[Radrik]

"I'm sure the users want a system that by default only gives them 85% of the bandwidth because it reserves the rest for talking to Microsoft's servers (this is an XP out of the box default)."

This was a lie propagated by people who are too lazy to hit F1 and find out more information about the checkbox that they were un-checking. But, I guess once we've found something to badger MS about, it doesn't really matter whether it's true or not. After all, this is SlashDot, not some sort of forum for open thought.

-Mark

i am confused

[BigBir3d]

is it not true that most people out there do not have broadband? won't you know when Microsoft tries to downlaod something onto your machine? besides, a computers true usefullness has nothing to do with an internet connection. go ahead, buy Windows XP with Office XP, and use it as it was desinged for; stand alone with no access (no pun intended) to the outside world. without that LAN/modem connection, you are fine. IMHO.

If cars had this kind of EULA...

[Sanity]

...we wouldn't own the car we had just purchased. We wouldn't have any rights against the manufacturer if there was a problem with the car. The manufacturer would have control over where we could drive with the car (and have the capability to arbitrarily add new restrictions without our knowledge). The manufacturer would be able to control where we purchase gas for our car, and arbitrarily increase the fuel consumption of our car without our knowledge just so their "preferred" oil company could make more money from us.

So, here is the question: We in the software industry have quite a high opinion of ourselves, so why have we allowed things to get to this point?

Re:If cars had this kind of EULA...

[base3]

Except Microsoft wants to do this when you buy (that's right, buy, not "license") windows. Of course, MSs wet dream is to have you have to pay for Windows like a lease. They get as close as they can by "obsoleting" versions and encouraging vendors to do the same. Didn't work with XP, thankfully.

Windows Update has ALWAYS included other vendors.

[tshak]

Actually, "other Vendors" are already part of Windows Update. For example, if you have a 3Com 905-C and you are running an old driver, Windows Update will get the driver from 3Com for you.

Re:Pretty reasonable

[donutello]

thought it was even worse than that - more along the lines of "if you sell any computer with some OS that's not Windows, we won't sell you Windows at all"?

Nope. You're wrong. Manufacturers were always able to buy Windows at retail price to install on the computers they wanted. But that was not what they (IBM) wanted. They wanted Windows before it became available publicly. They wanted it at a cheaper price. You really should read some of the depositions in the case so that you don't sound so clueless. The problem, of course, is that the issues get exaggerated with every telling.

Smoke'n Logic, Batman!

[Erris]

Yeah, I guess it would take a half hour to click the radio button that says "Disable all automatic updates" the first time you run XP.

Radio Button says, "Disable", but License says "Screw you all day long!" I wonder which one will really hold force? I also wonder just how good this fine program will be at turning off the kill feature of XP so that your computer will continue working after you disable this "feature." Forget it, the slavery is made manifest and the number one condition of any oppresive EULA is the company saying that they can terminate your license and destroy your work at will. This is really that clause put into action.

Yes, it really is the best windows ever. I don't like it and I don't use it. I have one surviving windows 98 box that I've tried to make blind to the network. It never really worked that well, but I expect the EULA that came with it to reamain in force that way. XP, "Hunh, have you ever been eXPerienced?!" Not me.

Re:Once again, Slashdotters want to have it both w

[haruharaharu]

It really happens... You cannot turn off auto updates in XP

Sure you can - you just need to perform some registry surgery. Anybody know the keys in question?

Boo Fucking Hoo

[donutello]

This world would be a much better place if it were not so filled with paranoid loonie. When faced with ambiguity, I usually assume incompetence rather than malice.

This clearly sounds like a case of some lawyer getting lazy and writing a too-restrictive EULA just in case. As the article states, they needed some language in the EULA to allow for automatic update when the user chose to turn it on in order to protect MS from someone turning it on and then getting pissed off that it was happening.

Yes, this is FUD, for the most part.

[tshak]

The problem is, even though it has to be turned on, the EULA is still bad. However, the EULA is there because of MS's legal team being "over careful" about the feature. It's to protect themselves incase a user turns it on and sues them because they claim MS was spying on them. The real issue is that we live in the United Litigations of America. Do I like this section of the EULA? No - I don't want an EULA on any of my software. Nevertheless, I agree that the primary goal of this article was FUD, not an intelligent discussion of EULA's and why corporations keep taking them to the next level.

Re:Yes, this is FUD, for the most part.

[Tony-A]

FUD.
Fear, Uncertainty, Doubt.
What is Microsoft doing to your computer today?
That's FUD alright!

At least they acknowledge they do this.

[Pinball+Wizard]

I usually don't like to hawk commercial products, but I've been awfully fond of Zone Alarm ever since I started using it.

I'm actually appalled at the number of applications that "phone home" while you're on the internet - sending back to the companies that created them information about themselves and the computer they are running on. Were it not for Zone Alarm, they would be doing this in secret without me ever knowing it.

At any rate, at least MS says that they do this. There are a lot of others. Even if you are using an Linux or BSD firewall, as I do, those probably are set up to allow you do send any sort of communication out without checking. Something like Zone Alarm will tell you what applications are trying to access the internet by themselves. Its been highly enlightening ever since I started using it.

In the case of something that runs over port 80 like IE, I'm not sure how you could use the internet while preventing it from sending back info to its parent company. I guess you would have to use something that promises not to have spyware built into it.

Re:Two Perspectives

[rseuhs]

Now, maybe where you are corporations rule and buy their own laws left and right but that's not the way it is all over the globe. I have a feeling that in many countries the court would just say "if you want people to understand it then write so that they can."

For example in Germany the whole EULA is completely void, that's why there are no longer OEM-licenses in Germany. (Courts said that users could use them everywhere, not just on the computer it came on)

The funny (or sad) part is that Microsoft also does not follow their own EULA in Germany: You don't get any refunds.

But they still ship everything with the EULA...

Let's treat MS software like cigarettes!

[smagruder]

Attorney General's Warning: Removing the shrinkwrap could very well endanger your sanity, but that's only for starters. You agree to have Microshaft inspect your system at any time to ensure you have the latest daily security "fix", and also to prove you're not a criminal. You agree to only install this software on one PC, even if you're a home user who happens to have multiple PCs. And you grant Macroshaft the right to guarantee this stupidity. Last, but certainly not least, you agree that it's okle-dokle to work with bug-infested crap as a Premier Microshaft Beta Tester.

Freedom of Choice.

[Alien54]

You missed the point. Boy did you miss the point

It is about being able to opt out or opt in as you like.

It is about freedom of choice.

If they want to offer this as aservice fine. And maybe I might recommend it for your first time shopper, buying their first computer at the CompuMaximus Grotesguerria. But then maybe MS does know what the best choice would be for everyone in the country.

For Myself, I have sufficient experience that I would dare to have actual opinions about my choice of configuration.

For this I may well by relegated to that worse possible of all Microsoft hells. A world without Microsoft. Sign me up.

This is really just a piece of a larger issue.....

[King_TJ]

Personally, I think this article was written just for the sake of sensationalism and to nit-pick at some details of a EULA. As it has been repeatedly pointed out, MS still asks you in Windows XP how you'd like to handle auto-updates. You can A) disable them completely, B) just have it alert you that a new update is available, and let you decide if you want to download it, or C) let MS auto-download them all to you. Some people (normally *home* users) would like to choose option C, so MS wanted to have a clause in their EULA allowing them to offer this option to you without legal issues coming up.

What's really going on here is a larger issue which has been around with *all* of the Microsoft products since day 1. Everything is still designed around what makes the individual home user happy. Corporate environments are much different. Security is tighter, and they're usually run in a more authoritarian manner. "We, the sysadmins, will tell you what you can and can't run on your PC."

Despite MS trying to develop two flavors of Windows XP (home and corporate), even the corporate edition is chock-full of potential security issues that are only there because they made concessions to what the home consumer would think was "cool" or "worth upgrading for". If their "Professional" edition was truly aimed at corporate America, they'd remove all of the Internet media playing crap, never even consider letting the product auto-update itself, remove the default installation of the MSN messenger, ditch most of the cutsie wizards, and stick with a more clear-cut security model. (Try sharing the root of your C: or D: drive out under Windows XP. All you get is a warning that it's risky, security-wise, followed by it asking if you still wish to do it. If you do, you're not even sure what sort of permissions it placed on that share - or whether or not it is allowing it only for the local LAN, or for the whole Internet.) At least Windows 2000 gave everything to you straight. You just clicked the security tab and saw which options were on and off. Makes much more sense than trying to "user-friendly up" the security with simplistic prompts and questions.

How would you know unless you download?

[Ars-Fartsica]

This is a chicken and egg problem. How would you ever know that these bugs would crop up other than to download the code? Don't tell me "reading BugTraq" because we all know damn well that maybe 0.5% of /. users and even network admins read it

Re:Once again, Slashdotters want to have it both w

[praedor]

Is autoupd an executable-driven function or is it part of the kernel? If it is merely an executeable that gets activated now and again, or a daemon, can it be deleted? Is there an "autoupd.exe" or some such that one can delete and make this whole thing moot?

What port does M$ violate your privacy through? If you setup a nice firewall, could you not block all access to this port and prevent spying M$ eyes from getting in?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

WinXP is already known to be spyware

[AntiNorm]

'You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer.'

I already refuse to upgrade to WinXP because of all its WPA junk. This is just one more reason why I won't be making that upgrade.

Re:Simple solution to a growing complexity

[scrytch]

> I realize that Slashdot is being composed of more and more pro MS supporters.

No, just more and more people have grown sick and tired of reading juvenile MS-bashing rants on slashdot in lieu of actual news, and perhaps even resent the fact that in this economy, these people still get paid for this slipshod level of journalism.

A couple of points that I'd like to reinforce

[rben]

1. Most people will get Windows XP Professional pre-installed on their computer. They won't have the option to change their minds because of the EULA, they'll just have agreed by buying the computer.
2. This feature should be turned off by default at the very least. It's not. Since the OS will be pre-installed, and updates are not announced unless it's a DRM modification, if I read the article correctly, they won't know anything is going on.
3. Our current admnistration recently called on the software industry to do more to protect computers from viruses. This change could conceivably be interpreted as a response to that call. Unfortunately, that means that we probably won't get a lot of help from this administration on this issue.
4. This has happened before, back in the days of Ma Bell you couldn't even attach a piece of equipment to the phone network without explicit permission from Ma Bell. You weren't even allowed to own your own telephone. That kind of arrogance can only exist when a company has a monopoly. The only way to fix it is to eliminate the monopoly.
5. Microsoft has a long history of making changes in software that break the compeitors software. This change in the EULA gives them a way to automatically distribute such "fixes" without alerting people that its even being done. How long will it be before MS decides that in order to better secure the digital rights of their partners, they should disable any software, such as Gnuetella clients, that might infringe on those rights.

Hopefully, this will cause a backlash from the big corporate buyers that will cause MS to change the EULA, at least for a while. Perhaps we should change the name of the EULA to the Edict of Unlimited Arrogance!

Tech support headache

[ruvreve]

When every week Microsoft supplies a large update to all the dialup users, people will start calling in saying my streaming porn movie is very choppy fix it. And most likely they will only have one phone line so they will disconnect half-way through the update to call tech support and when they get back online for awhile it'll be fine until the update starts over.....then they will call tech support again. This wouldn't be very funny except I guarantee it will happen. Just like the cdrom coffee cup holder probably happened because the funniest things come from real life.

Re:Windows Update has ALWAYS included other vendor

[Pfhreakaz0id]

do you expect them to HELP you download a driver that isn't certified, so when it doesn't follow the standard and crashes the OS you can blame Microsoft? Gimme a break...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Two Perspectives

[AntiNorm]

Anytime someone enters a legal agreement it is their duty to make sure they know what their agreement actually is.

But are EULAs really legal agreements?

No laws are clear on it, and it hasn't been tested in court yet. But the widespread suspicion is that a court would rule that an EULA is NOT a legal agreement.

Funny thing is...

[tcc]

I am still forcing everyone in the company which I am working as IT admin, to stay on Win2k. When I buy win2k licenses these days, it's a bit more expensive than BEFORE winXP came out... which is odd. Anyways, Win2k is the best OS MS ever did, and it's the first time I am not missing my old amiga's OS. XP on the other hand is great for home users for the look and ease of use, but it's basically just 2K with a buttload of useless (for professionnals) services added, decreasing overall performance, and killing your privacy. I'd like to see the sales figures of XP pro compared to win2k in corporate environments because I'm sure I'm not the only one who had reserves buying that after evaluating it.

Re:Once again, Slashdotters want to have it both w

[Osty]

On the contrary, sysadmins are advising that users disable automatic updates on XP because the tendency of the auto update facility to replace, for example, working drivers with faulty ones, as well as not providing information on which packages are being downloaded. (Read that in an article somewhere. Never used auto update myself.)

Which is 100% completely wrong. The auto update facility of Windows XP will only download updates that are marked as "critical" (ie, they fix a major bug or security problem). As well, they are not installed by default, simply downloaded (okay, so you can configure it to install by default, but the default is to download and then ask you what to do. Read the EULA -- it says "download", not "download and install"). When a new update is downloaded, a little text bubble pops out of the systray, and you can pop up a dialog that lets you install the updates now, install them later, or forget about it. At this point, you can also get details on what updates were downloaded, or just go to the Windows Update site and have 100% total control over everything.

I do see this as a privacy concern, because it is only with XP that windows update does not say "this is done without sending any information to microsoft." All other versions of windows use the anonymous facility, so they already have a working production update system which they've replaced with this more invasive version. -Coinciding with the EULA changes.

Really? Because the Windows XP Windows Update page explicitly says this:

Note Windows Update does not collect any form of personally identifiable information from your computer.

So it's a bit different from not sending any info to Microsoft, but it still protects your privacy (well, unless you're a tin foil-wearing conspiracy nut that thinks Microsoft is out to get you).

Whether it is an intentional attack on privacy/piracy or simply that MS decided the old mechanism wasn't efficient enough over a slow connection (or some other technical reason) is speculation.

More likely, it's simply you (and the rest of Slashdot) jerking your knee at a benign change to a useful tools (Windows Update), integrating it into a good OS (Windows XP, believe it or not) to make the users' lives easier. Don't want it? Turn it off. Microsoft can not turn it back on remotely.

The real reasom (was: Re:You can turn it off.)

[MaggieL]

Quit trying to make everything MS does into a "Big Brother" issue.
We will when they do.

You know, if this provision wasn't in the "Program Use Rights" (nee EULA), what they're proposing to do would be computer crime under existing law.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Minors cannot enter into a contract

[limited]

If you are a minor in the US (under 18), you can't legally enter into a contract without your parents permission. That's why your parents have to sign everything with you. An interesting case in court would be one in which a student installs software, say XP then sues Microsoft for accessing their info. If there was no licensing agreement between the two parties, then would MS have the right to look at the hard disk?
Another comment: I would assume that MS's right to update is contingent on responsible use of the procedure. If someone was to hack the system and change everyone's start up screens to the Playmate centerfold, do you think that MS would be able to retain the right to complete future updates?

Re:Just block microsoft.com

[i_am_nitrogen]

I did this once on my network. Within two days, my /var filled up with logs from all the Windows machines on the network. They were trying to download http://windowsupdate.microsoft.com/ident.cab every 30 seconds constantly. No Windows Update feature had been activated on any of the machines. This ident.cab file, when extracted, contains a single text file with some interesting information in it. Microsoft is already doing stuff behind our backs. Unfortunately I've not been able to rid myself of the need for Windows-only software yet, but hopefully my employer, or some other group will be able to change that.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Maybe the users want it: Yeah, Right

[technomancerX]

Wow, you can finally change drivers without rebooting? Cool. One of my most hated things about windows was needing to reboot because I installed a new driver or changed my network settings...

Anyways, I don't consider pointing out that they've fucked up trying to do this kind of technology before to be FUD. Thank you for the additional info on the technology involved (and I'd be interested to see if the DLL conflict management actually works...)

Re:So?

[SuiteSisterMary]

My understanding is that it acts the way it's always acted; you can tell it not to check, to check, then prompt you for download, or check, download, then prompt you for application.

attention Microserfs, MS 0wNz U

[BroadbandBradley]

you have always been under control of the evil giant, only now, they going ahead and covering thier tracks by making you agree to it. Unless they are stopped, it's only going to get worse.

Please people, think of this as 'Star Wars', MS is the 'Evil Empire' so join the 'Rebel Forces'.

USE THE SOURCE LUKE

We're keen on bringing peace to the universe and preserving freedom of this and future generations.

Hmm..

[DarkProphet]

Seems to me by the looks of that paragraph, that if you agree to the EULA, you permit MS to check your WinXP version info, and upgrade any old components. Thats all. If those updated components contain any sort of 'spyware', that is, collecting personal information, then I am pretty sure MS will get in trouble for invading thier customers' privacy without the customers' explict consent to do so. The EULA does not give MS the right to do this.

Okay, so it can be argued maybe you don't want your components upgraded (say because MS is breaking a standard), but hell, why not? If you're running XP, you've already ditched your old OS for a new one, so whats the difference? I'd rather hope that once in a while MS will sneak a _good_ update in, so that some bug that crashes my computer finally goes away. I have no problem with MS sending my computer updates, as long as thats ALL they're doing.

It would be unwise for MS to try to do anything much else, because if they were, and it was illegal, the court would have to sapoena (sp?) MS source code to bring a case against them. MS does not want that, believe me.

Besides, what does MS need your personal info for? MS doesn't depend on advertising cash, as it still has a strong foothold in the PC/Server OS markets. While even if MS did get caught doing something they weren't supposed to, the US must have a domiation in the computer industry (good for the economy), we can't let microsoft crumble till they'res a formidible player to take its place, so they just get a slap on the hand. They won't get in trouble, but they will be forbidden to do it again. Microsoft doesn't really want to lose the government's favor (when you start messing with the population's privacy rights), but they will do as they please until they are told not to.

Which begs the question, then, would we really be better off without MS? I could understand and agree with both sides of that.

And if MS fell, who would take its place? Linux? Uhm, what Linux company? *BSD? Who's going to run the company to distribute it? If we are to stay near the top of the tech industry, we need a company large enough to handle global marketing. You can have all kinds of little companies sparring with each other, but hey, RedHat Linux has an install base of what? A hundred thousand? Half a million? MS has an install base of what? A lot more, and thats for a reason. Marketing is a big part of the game. Not just marketing doublespeech, but I mean as in advertising, distribution, support, classes, etc.

Sorry, this got wayyy offtopic, but who'd be a suitable replacement (as a company) for microsoft? I'd love to see that poll. ;-)

Re:Hmm..

[TeddyR]

Has anyone else noticed that the windows update with XP no longer says what the 98/2000 versions used to say something along the lines "does not send any information to microsoft" while checking the installed updates.. This has changed to "Windows Update does not collect any form of personally identifiable information from your computer."...

Slight wording differences.. but still... what is "personally identifiable information "? For the longest time, an IP address did not fall into that category.. but as anyone knows... an IP address can id quite alot...

The privacy policy for windows update has:

-----start quote..

Windows Update Privacy Statement
Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of information from your computer. This information includes:

Operating-system version number
Internet Explorer version number
Version numbers of other software
Plug and Play ID numbers of hardware devices

Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information. The information collected is used only for the period of time that you are visiting the site, and is not saved.

To provide you with the best possible service, Windows Update also tracks and records whether the download and installation of specific updates succeeded or failed. Windows Update records the ID of the item that you attempted to download and install, and information about your operating system version and Internet Explorer version. The information that is stored cannot be associated with anything that is unique or personally identifiable about you or your computer.

------ end quote

Kwitcherwhinin!

[dillon_rinker]

If you've already deployed XP, sorry; this doesn't apply to you. If you haven't, I recommend that you point this clause out to your PHB. if you are the PHB, I recommend that you contact your local MS sales rep and let them know that you will not be considering an upgrade until this issue is resolved to your satisfaction.

In other words, if this bothers you, don't whine; just threaten not to buy the software. I guarantee you that my 900-user law firm will not be upgrading to XP this year as planned until this clause and any software that supports it are eliminated.

Re:Kwitcherwhinin!

[base3]

I guarantee you that my 900-user law firm will not be upgrading

Wow. Bill's going to miss that 0.00000000000000000000000001 percent of annual sales.

Really, I agree with your sentiment, but it's better not to throw around numbers unless you have some big ones.

~~~

Re:Kwitcherwhinin!

[dillon_rinker]

Did I say to complain to Bill? DID I? Then KWITCHERWHININ! :) You're completely correct that Bill won't care. However, my sales rep will care - 900 licenses is not small potatoes to him. Get enough people to care at his level and maybe you can get a regional sales manager to care, etc. etc. The alternative is to shut up and take it. It's the age-old gamble - if I do nothing, I'll get nothing. If I do something, I still might get nothing. But I might not...

Many users do not want it! Cannot tolerate it!

[rufusdufus]

I worked on the original Windows Update in windows 98. Before I left the project in disgust. Many people wanted to make it do automatic updates, and I adamantly opposed it, for all the obvious reasons. Cooler heads won the day. Apparently all the cooler heads went away and now only the Bozos are left.

Automatic updates is impossible to do without destroying some percent of the the machines. Windows configurations can be very complicated, and very customized. Many many people use precise bit images of their machines to ensure reliability, repeatability, and consistency. If this automatic update thing kicks in against their will, chaos will ensue.

The light at the end of the tunnel I can see is that this clause will not free Microsoft from responsibility of destroying data. Which will happen. Then I think they can be sued willy nilly.

Ironic Coincidence

[llywrch]

> One is that Microsoft sucks for doing this... I think most people can agree to that.
>
> Two is that people are stupid if they don't read those agreements. They are so used to clicking next that anyone who
> has agreed to this deserves to give thier info to M$

As I read this, I noticed at the bottom of the page was this ``quote of the moment" from the folks at /.:

> If you had any brains, you'd be dangerous.

Geoff

Re:So?

[SuiteSisterMary]

Except for the fact that EULAs are not contracts.

Trolls.

[GiMP]

You do realize that the GPL, BSD, and many other licenses you love.. also allow this. You can think of a software license like a firewall.

Microsoft has a default deny policy, and then states what rights they and you have.

Most open source licenses have a default accept/allow policy, only denying few things. When you agree to a GPL or BSD license, you are agreeing to the same thing as you have no warrenty.. just restrictions on what you may do with the source.

All this is saying is that Microsft software is one step more 'free'.. Oh, how the slashdot trolls are afraid of their government removing their freedom, but more afraid of giving Microsoft some.

Hipocrites. People make me laugh.

Re:Trolls.

[rabidcow]

Uh, no.

This is about Microsoft forcing you (so to speak) to give them permission to access your computer. Open source licenses do not force you to agree to allow the author/distributer to do anything with your computer. Open source licenses generally have no terms related to actual *use* of the software, they only apply to redistributing modifications to the source code.

I think it pretty much all comes down to one thing: "Don't touch my stuff!"

Maybe some don't

[Sloppy]

If you would consider the average user for a moment.

Average schmaverage! This is the same EULA the people in my civil government and military are probably agreeing to!! Medium or large businesses, which can afford to hire a computer dude to deal with updates (they have to hire someone anyway, just to clean up messes), have no need for this feature.

What is wrong with having "convenient" features be optional? There is no good reason that something like this should be a requirement for using that product. Hopefully, people will find out about this and Just Say No.

Re:Two Perspectives

[arkanes]

"its components that you are utilizing" may be considered, for example, any dll on your system. Arguably, any program that makes any system calls at all could be considered a component. While I think it's perfectly possible that this is, in fact, intended as a CYA with regards to auto-update, you should note that the language doesn't mention the windows update service - meaning this clause would hold even if you disabled windows update. Which could mean you're in violation if you don't, for example, download the latest patch to the DRM utlities.

You can't buy Windows...

[Sanity]

...you can only license it. That is why they call them "End User *License* Agreements". It is a legal hack to get around the obligations the software companies might normally have when one sells something to someone.

Re:Once again, Slashdotters want to have it both w

[Tony-A]

The mind boggles.
It's a lot easier to fix these things before they get let loose.
Afterwards, Microsoft is between a rock and a hard place. Nothing they can do will make everything all right again. Everything Microsoft does and can do will have problems and concerns. Do you really expect /. to keep quiet about such?

Re:Once again, Slashdotters want to have it both w

[Tony-A]

Says.
Does.
Microsoft quite often says one thing and does another. And does not say what it is doing.

Remember the time-bomb in the auto-update feature of Red Hat 7.0. Did anyone actually get bitten by it?

Re:Once again, Slashdotters want to have it both w

[Bronster]

It really happens... You cannot turn off auto updates in XP

Sure you can - you just need to perform some registry surgery. Anybody know the keys in question?

More to the point, you probably want to find the executable and replace it with the moral equivalent of /bin/true. That way the system will happily think it's running it. Maybe /bin/sleep 500 would be a better option (if it wants the program to run for a bit).

Nah, this one's close to legit

[werdna]

Sure, M$ has it in mind to overreach on this one, but I gotta tell you, a lawyer advising M$ who didn't advise her client to get express permission to check and pass data to a server risks claims of Computer Fraud and Abuse. I'm here to tell you that CFAA class actions have been asserted for far less.

Since CFAA claims today can result in severe civil liability and serious criminal responsibility, I'm actually inclined to cut Microsoft a break this time.

Re:Once again, Slashdotters want to have it both w

[Tony-A]

I had IIS running on NT4.
Did not get Code Red.
Not patched.
Not firewalled.

(no gateway)

Re:And......

[Tony-A]

And where else would we get timely and useful info on the latest Microsoft wormage?

Re:Well, Does 'Random Joe' *like* his auto-update?

[Tony-A]

Now, do you always trust Microsoft?

Re:downloaded eh

[Tony-A]

It's a matter of who is in control.
Up.
Down.
Master.
Slave.
Up is the controlling entity.
Down is the controlled entity.

"that will be automatically downloaded to your Workstation Computer."
Not only are you outranked, but you have no say in the matter.

Re:downloaded eh

[Tony-A]

An X-client! Actually many X-clients.
It's sure not an X-server.

Re:no

[Tony-A]

(Systems can now be atched quite quickly).
Precisely!

Re:"Does Microsoft Have No Clue?"

[sallen]

"If the user elects not to update the security component, he or she will be unable to play content protected by our DRM from that point forward, although content previously obtained would still be usable."

Something is confusing here. If one doesn't update their DRM, it says you cannot play any newly downloaded material. That seems to define one of two things. Either EVERY distributer of media for WMP must upgrade to always be current (or the existing DRM Should play from any source which hasn't upgraded)

-OR-

Windows and their Media player require a connection to a microsoft type site which is verified at every point prior to a download. This seems more likely, as in a .NET strategy.

Now THAT sounds absurd. Let's see.. wasn't the Billy Gates 'trustworthy computing' memo something about privacy and security. That's going to be great privacy when they track everything you obtain via WMP, and probably send you ads based on what you download. Real nice. What crap. They'd better state that very very plainly up front if that's the case.

The interesting part becomes the vendor of the media. If one has a subscription service? They'll have to put in as part of the subscription that you MUST activate that automatic upgrade, or you will have services paid for but not available. This is going to get very very messy from the vendor standpoint, not just the consumer. Real Networks certainly has something to take advantage here if they play their cards right. I know too many places that'd never permit any type of automatic downloads for anything.

Re:Once again, Slashdotters want to have it both w

[markmoss]

The EULA does not say that Microsoft can automatically upgrade if you want them to -- it says that simply by running XP you give Microsoft permission to enter your computer and upgrade your software. This could even be construed as you agreeing not to turn off the auto-upgrade...

Oh yes, and if the "upgrade" fscks your system, it's your problem, not Microsoft's.

If the intention is really just to give MS legal cover for auto-upgrade when the user selects that, the proper place for the legalese is not in the EULA, but in the dialog window that enables auto-upgrade.

Re:Correction

[SealBeater]

"These people honor me with their lips,
but their hearts are far from me.
They worship me in vain;
their teachings are but rules taught by men"

That's the best. Thanks, I have commited that to memory. I know a few born again Christains that I am just waiting to try me to use that one on.

SealBeater

You can turn it off in the legalese

[gotan]

Or, to be more precise, the legalese applies anyway, if you have the autoupdate on or not. So if MS has another hidden backdoor (maybe not now, but a few years down the road) the legalese allows MS to fiddle with your system, and even turn it into a quake-server if they see fit (or maybe let it sniff your net for unlicensed software). The Article sums it up quite nicely, asking, why Microsoft didn't make these terms specifically apply to the autoupdate, if that really is what they intended (as they say), i can believe their lawyers are incapable of doing it right the first time.

I think it just the tactic to push the boundary as far as it can go, and maybe trace back a step when caught on it. And had noone pointed it out and raised a ruckus, Microsoft would happily have it left unaltered, and in a year or so with the next version of Windows or another update you wouldn't find an 'off' button for the autoupdate feature, and, when complaining about that, find out, that you allowed it long ago.
--

Especially since *they* could be screwed

[gotan]

The article mentions, that some firms have legal contracts with their customers (which might even be the government), which conflict with this EULA/PUR. So if i where a customer, i could drag them to court over the fact, that due to their contracts with microsoft they can't grant me the rights i have due to my contract with them (like confident handling of my information).

While there's nothing to win in this, someone might just do it to see the shit hit the fan, and i think the FSF should just use that approach, if only to draw more attention to how restrictive software licenses have already become. Also any big corporation using software with such license agreements shold consider how they're open to legal attacks through this: anyone could drag them to court, and even if that only results in bad publicity, that's already a lot of damage.

Since Microsoft would laugh anyone privately challenging them over their EULA out of court it's only wise to use some large corporation as a lever.
--

Re:Two Perspectives

[gimpboy]

you bring up a very good point and i dont have any problem with what you suggest. i was simply stating what i thought people were legally responsible for. if you disagree with the law then that's ok by me (i dont really agree completely either). there is a difference between disagreeing and simply ignoring that the law exsists.

for example, i once spent over an hour trying to convience someone that downloading copyrighted material (mp3s) that you have no claim to (having never purchased the cd's) is illegal. he simply refused to admit that it was illegal.

Good Point

[Self+Bias+Resistor]

In that case, maybe I should change it back to the original slogan of "There is no problem that can't be solved without the proper application of high explosives", eh? ;-)

Re:Red Hat's up2date, and a size 13EE up the butt.

[nagora]

Now, as to whether or not this is legal, I don't know, I get a minor to install my software.

Another issue is: can you enter into an agreement with a machine (which is asking you to agree), and even if you can is your computer a duly-appointed representative of MS? Mine isn't, and if it was I'd get a new one.

TWW

Re:Once again, Slashdotters want to have it both w

[Keith+Russell]

There's a difference between stopping a service and disabling it. Check the Services console (Control Panel\Administrative Tools\Services). If the Startup Type on "Automatic Updates" is set to Automatic, it will restart every time you reboot. To stop it permanently, double-click it, and set Startup Type to Disabled.

Re:And......

[lkaos]

I keep track of all the EULAs I've agreed to. Fortunately, none of them have been provided by MS. That is why I do not run Windows, I do not agree with MS's licensing terms.

Re:Just block microsoft.com

[i_am_nitrogen]

If IE is unable to load ident.cab, it retries every thirty seconds. So, with only two Windows machines on the network, the logs filled up the /var.