Slashdot Mirror
NTBUGTRAQ Bashes Windows Update
BigBadBri writes "Russ Cooper, keeper of the NTBUGTRAQ list, has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
← Back to Stories (view on slashdot.org)
← Back to Stories (view on slashdot.org)
Since when did we trust Microsoft / Windows?
Please direct all bug reports to
I don't trust Microsoft either. More often than not, their "patches" break more than they fix anyway.
If you can't trust the New York Times, how the heck can you trust a shady corporation like Microsoft?
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
It is a feature to keep you aware of other features. Unfortunately it has a feature in itself which keeps the feature from featuring.
Siggy Say, Siggy Do
When we had the story that XP SP1 hogged memory.
Will a major company fix an expensive flaw for the masses and distribute it for free?
--------
Free your mind.
It's already /.'ed with only 2 comments under the story :(
This shouldn't surprise anyone at all. Anyone involved in computer security or stability is going to have doubts about any sort of update technology, especially if it's from Microsoft. All it takes is a 'minor' 'bug', like the one in the article, and we could be facing a much lerger numbers of CodeRed targets, or zombie machines, or who knows what else.
Oh, by the way, youre car is just fine. No, no recalls at all for it. Well, one, but it's only important if you actually drive, so you're fine, I'm sure...
It's been proven time and time again that people don't patch their systems by hand. Windows Update is at least a step in the right direction, even if it does have some flaws. I can only imagine the outcry if M$ DIDN'T have a Windows Update. It would be an evil scheme or something.
--- Don't be a player hater: I meta-mod ALL negative mods as Unfair.
Bugtraq hasn't trashed Microsoft Windows - just the Microsoft Windows Update.
"has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
Good.
If you keep throwing chairs, one day you'll break windows....
To sum up the last few posts: Electronic Voting can't be trusted, NVidia can't be trusted, Microsoft Update can't be trusted... that's enough for one day. I'll go to sleep right now.
I've read a number of depressed perspectives on how we've got to accept a broken technology because it is patent-encumbered, closed source, or whatever, and I wonder "Where's your initiative, people?" To use a cooking analogy: the Koreans and the Dutch couldn't be much more different geographically, but at approximately the same time in history they faced a similar crisis involving an abundance of fuel and a pittance of foodstuffs -- the Koreans invented stir-frying, which allowed a maximum amount of heat in a minimum amount of time to sear their food, while the Dutch came up with the Dutch Oven, which is an ancient European equivalent of the Crock-Pot where food was cooked in its own vapors in a covered environment at a low temperature over an extended period of time.
This is only one of a number of similar examples throughout history of almost-parallel development. People have constantly had to reinvent the wheel for any number of reasons, but most importantly the process was influenced by cultural and social factors that ultimately lead to different approaches towards the same problem. Thus we can choose from the solutions the one that is most efficient or most effective... the strength of Open Source.
I guess the point is that there is almost always more than one way to solve a problem, and generally it's the optimists that get to it. I see too many good ideas sunk by naysayers that won't give a concept a fair shake; irregardless, who could have predicted the computer, air travel, or the mysteries of the atom a mere century ago? Hope for even the best of the future and it will yet exceed your expectations.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
Now slashdot has a few concerns about your webserver....
Let me guess, NT right?
Fell the powah of the slashdot effect!
Everybody has a purpose in life, maybe mine is to lurk in slashdot.
I'll voice an opinion that'll surely prove to be unpopular around these parts: I like Windows Update.
Sure, like any given piece of software, you may run into glitches and bugs at some point. But, overall, Windows Update has provided me with an extremely easy and painless way to keep my systems updated.
Even my Mom can use it, which says a lot. It's better than any alternatives I've seen which require too much geek knowledge to operate. (Admittedly I've never seen how MacOS X handles updates.)
-Teckla
Man it seems like every day we find out how to define the 'trustworthy' in "trustworthy computing"
:)
First Windows, then the Outlook bugs, then the Hotmail bugs, now the Windows Update security issues - not to mention the Shatter Exploit (fundamental unfixable Win API flaws)
Mmm I love days like today.
-- -=innocent ramblings from the mind of an insomniatic programmer=-
Who is "WU" and why is M$ picking on him?
Seems to me that the much respected NTBUGTRAQ can't even defend themselves against the common Slashdot Attack...
I have had windows update tell me that i'm clean, when i've only just done a fresh install, but i don't take it personally, you'd only complain if it examined every bit of your disk to ensure that it got it right... make your minds up people!!
Last week I spent all day downloading patches for an XP laptop that we are evaluating. Today we (my notoriously adorable assistant) received a notification that there are (surprise!) more patches to download. When I looked at the list, some of them were going back to Feb of 2002. We looked at what patches and Q#'s show as installed, and several of these are the same ones WUS show as needed. Needless to say, we are yanking the XP OS and going back to W2K. Oh, that we could use Linux in our production environment!!!!
See for yourself how much michael sucks
Something tells me that wasn't in the original...
Does that mean that people are reading the article before posting??
no not a rip off but a list with less scope (just MS stuff.
.......
Spawned a few years ago by people want to get the NT stuff only and not general stuff. Works well.
AS for WU - remember most of its audience is the home user. It tries to do a worthwhile job, but from experience unless you've got a fat pipe it takes ages (10MB isn't unusual) and it craps over your settings, it DOES scan and return info on what's on your machine
Nice try M$ but a grade F.
Umm... Err... as the master said,
*ducks*trustno1 ?
hey, I was just joking.
And I was not insulting you directly, just the closed-mindness that sometimes permeates this forum. My apologies if I offended you.
I wish that as geeks we wouldn't jump so quickly to conclusions or label everything as black and white.
AS for WU - remember most of its audience is the home user. It tries to do a worthwhile job, but from experience unless you've got a fat pipe it takes ages (10MB isn't unusual) and it craps over your settings, it DOES scan and return info on what's on your machine .......
This is very true, and if anyone doubts it, grab yourself a copy of vmware for linux systems (ironicly, thats the ad at the top of this page) and fire up windows XP, then, do a tcpdump on the interface that vmware is using, run strings on the data inside the packets....its quite interesting what you see when you reassemble all the packets going to v4.windowsupdate.microsoft.com.
This is also true when win98 is run within VMware, and windows update sends that nice message box saying "this is done without sending data to microsft"
Windows, its whats for dinner
I was low on disk space on a box and therefore deleted out the $NtUninstallQxxxxxx$ archives created by WU to save disk space. Bah, that through WU into a tizzy, thinking I hadn't installed some of the patches whose uninstall archives I had deleted.
Um, if they are just uninstall archives, and I have no plans of uninstalling the patch, they should be able to be deleted. Why WU relies on the existence of the Uninstall directories to determine if a patch is installed, I have NI, but it is terrible practice. And of cours, only some* of the patches whose archives I deleted acted this way, in typical MS inconsistency.
Now I have to keep around tons of worthless archive data I don't want or need for no good reason. Thanks MS.
Freedom Is Universal
Linux-Universe
Russ complains a lot, but he never offers any solutions to the problem.
Is it better? Here's a quote from the article:
Let me put it this way. Since the inception of Windows Update millions of computers have been infected with Trojan's that are today allowing individuals to conduct en-masse DDoS attacks. Read that how you want, but its a fact. Here's another. Since the inception of Windows Update Microsoft has gone to producing patches almost every week. Few if any business' have found Microsoft trustworthy enough to permit automatic updates
Many people will also tell you that a false positive is far worse than a false negative. For example, if Windows Update is misconfigured and tells you that you're up to date when you're really not, that's arguably worse than not being up to date and knowing that you're not up to date. (Because in the latter situation at least you can do something about it)
Even if technically windows update is better than nothing, it's utterly pathetic that this is the best one of the richest and most powerful corporations on the planet can do for their customers.
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
Well, I'm sure Russ is a MS customer like everyone else, so it's MS' responsibility to fix the problem.
I mean, if my headgasket in my GM blows, I don't go to Goodwrench with the schematics for a new design.
Dunno, what do you reckon the % of Windows users with properly licenced and registered products is...?
If "windows update" is so bad, then how to expect everyday people to update/patch thier computer(s)?
I think its a win/lose/lose type of situation.
+++ David Watts 5495 0.0 0.5 1888 884
http://www.ntbugtraq.com/default.asp?pid=36&sid=1& A2=ind0305&L=ntbugtraq&F=P&S=&P=45 05
Date: Wed, 14 May 2003 16:42:10 -0400
Reply-To: Windows NTBugtraq Mailing List <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
Sender: Windows NTBugtraq Mailing List <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
From: Russ <Russ.Cooper@RC.ON.CA>
Subject: Windows Update is a dog, again!
Content-Type: text/plain; charset="iso-8859-1"
Well, looks like Windows Update has once again shown how untrustworthy Microsoft can be. For at least the past several days Windows Update has been providing consumers with false information. WU users would connect, initiate the scan, the scan would complete and inform the user their system needed no patches. Wonderful, a clean bill of health, or so the consumer thought.
In reality, some flaw in the Windows Update process has led it to conclude that a system, in need of critical security patches, is instead clean and good to go on the Internet. In other words, if the security check fails, tell consumers they're just fine and don't need anything.
It's good that we don't need elaborate checklists and voodoo mojo security tools to check our systems; we only have to make a quick visit to Windows Update to be sure. Finally, with the introduction of Automatic Updates, we no longer even need to make that visit manually, we can trust that Microsoft will supply us with a properly tested security patch within 24 hours and patch our systems for us (unless we're running Windows XP and got MS03-013 when it was released to WU.)
A year ago I complained about Windows Update, with its registry only checking and myriad other problems. At the time Microsoft was distributing Shavlik's HFNetchk, and so at least with tools from Microsoft we could see the error of Windows Update's ways. That cry of disgust caused Microsoft to yank HFNetchk, because they hadn't licensed it and didn't have a formal agreement for its promotion. "Consumers be damned, make darn sure they're not getting conflicting information from us" seemed to be the rallying cry at Microsoft.
I questioned the Trustworthy Computing Initiative's value then because of that debacle. When asked by the media at the new year how I felt the Trustworthy Computing Initiative had progressed, I gave it an "F", or failing grade. Some wondered why, and pointed to things which the public hadn't seen as justification for TCI's benefits. Seems too many never bothered to read Bill Gates' memo. They failed to grasp the fact that TCI was in response to a public perception that Microsoft was not sufficiently trustworthy.
Has Microsoft done anything to change that perception? No, absolutely not I say! (emphatically)
Let me put it this way. Since the inception of Windows Update millions of computers have been infected with Trojan's that are today allowing individuals to conduct en-masse DDoS attacks. Read that how you want, but its a fact. Here's another. Since the inception of Windows Update Microsoft has gone to producing patches almost every week. Few if any business' have found Microsoft trustworthy enough to permit automatic updates. So since the inception of Windows Update Microsoft has increased the number of times an Administrator needs to patch every Windows system in his/her company. Since Windows Update Microsoft has made it increasingly difficult for an Administrator to avoid Windows Update. Despite the fact that at no time has Windows Update ever proven itself trustworthy, Microsoft continue to force you to use this unreliable mechanism more.
If anyone is wondering why Windows Update is a dog, again, consider the posts this week to NTBugtraq. You wouldn't believe the number of individual experiences I received regarding problems with Windows Update. No doubt Microsoft receives far more than I do. I can't believe that huge corporations are having the problems they are, nor can I believe they haven't received a reasonab
if you dont like error reporting - turn it off.
1.Start>Run
msconfig.exe
2.Goto Services tab and uncheck the error reporting service there.
Siggy Say, Siggy Do
Russ complains a lot, but he never offers any solutions to the problem
Well...I think the solution is obvious. If the problem is that errors in scanning for updates returns "no updates needed," then the OBVIOUS solution is to change it so that it reports an error code with a link to a manual update site. Just because he didn't spell out the answers doesn't mean they weren't there.
OMG! Wau!
they ARE trying to make a profit, so they must have good intentions in mind, and that absolves them from any mistakes they might make.
And if you don't agree with that, you're an anti-corporate college-boy pinko commie! And if you're not typing this on a computer you wove out of cotton you grew in YOUR OWN FIELD, from seeds that you gathered out of the forest, then you are a fucking hypocrite as well!
This isn't related to NTBUGTRAQ's problem as I'm sure they are using legal license of Windows, however: blacklisted, warezed Windows don't update. If you run Windows update and don't get any service packs at all (even at clean install) you have illegal license of Windows, or at least your s/n has been blacklisted.
And this is something new? OF COURSE they can't be trusted!!
Well, that's not entirely true....
they ARE trying to make a profit, so they must have good intentions in mind, and that absolves them from any mistakes they might make.
No one disagrees with that, my medicated friend.
BTW:
I stole this computer, you bastard; and I am using an extension cord plugged into the post office's outside outlet (which I labeled "Please do not remove") using a wireless card to rip off someone's connection.
I may be a hipocrite (notice the spelling, smartiepants), but at least I'm aware of it.
Go suck on a corporate tit, you swarmy fascist.
oh my god! the link doesnt work! call jesus!
Sounds like a suggestion for a solution to me.
funny munging
Isn't the security aspect, its the fact that MS hasn't gotten patching down yet. Patches from Microsoft CONSTANTLY slow down and screw up peoples computers. Every time you download a patch its like playing russian roulette.
I just experienced this two days ago. My friend had me reinstall XP on his laptop so I started with a disc that had XP SP1 included. Now considering the huge list of known problems SP1 causes both he and myself were happy with how the system preformed after install. It seemed snappy and worked well. But then after I ran windows update and pulled down like 15 security updates, boom instant slowdown. I'd say its about 15-20% slower now. I might as well have pulled out his PIII900 and dropped in a PIII600. (And yes I specifically avoided 811493)
When will MS stop having to reissue patches and stop slowing down and screwing up systems because they can't figure out how to make software with some decent security built in? I mean screw the security track record of other OS's, Microsoft is the one with 40 billion in the bank. They are also the ones who still don't get it and are just now telling their programmers that security needs to be considered when designing software. For about the fact that OSS exists, I still can't believe people can people can have faith in a company like that.
If you wanna get rich, you know that payback is a bitch
Windows Update came around in the early days of mass internet adoption. Before that there really wasn't a need for the service as most machines were not connected to the internet.
That's it -- just dismiss all faults as MS bashing. See how much easier it is?
Both with very smart updaters, apt-get, deselct and up2date, and even graphical clients! It's simply amazing!
You can work for the Borg if you want, but why bother? They were supposed to make life easy for you but have only made it more difficult than it has to be.
My synopsis of all of this is that M$ wants to use windows updater to reduce their larger customers TCO. To get there, they are making thier slaves look bad so they will be fired. Releasing "patches" every two weeks so their slaves have to run all over the place? HA! As the NTBugtraq noticed, none of these patches has done anything for actual security. It all stinks of making someone's life hell before shit canning them. Combined with talk of making the admin extinct, can this be far off? It will never work because M$ has not fixed the problems that require all the extra administration and they never will. It's nuts and it will only get worse.
Still think those alternatives above are silly?
Friends don't help friends install M$ junk.
Gee, must be using auto update on msn, it's down
http://www.msn.com
" Sorry, due to heavy traffic on the network, the page you're trying to reach is temporarily unavailable.
You can:
Wait a few minutes and try again.
Click your browser's Refresh button now to try reconnecting.
Click your browser's Back button to return to the previous page.
Error type 500 - Server Too Busy "
I liked it too, it came preconfigured, it's easy to use, a few clicks, a little waiting, the inevitable reboot and whoopdedoo updated System.
I like it a lot less, now that i learn that it's easy to use because anytime it encounters any trouble it misinforms me and tells me everything is fine when it is not.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.
C:\>msconfig
'msconfig' is not recognized as an internal or external command,
operable program or batch file.
You fail it, just like everything else.
The only way to be sure is to packet-sniff your network using products where you can see all the source code.
....but failed it. Badly.
I have a few concerns (to put it mildly) with the bandwidth and server capacity of NTBUGTRAQ.
...that joke is SO PLAYED. Oh, that's here. Get new material loser.
think you went into the command prompt. MSconfig is not in the path and you get that message. just go Start>Run and enter msconfig.exe directly there in that box. It will work.
Siggy Say, Siggy Do
Is that after about 3 months of running only Linux I tried running windows XP again for a week. At the end of the week it was still only 70% done downloading all the piled up updates. Either way I'm back in Linux :)
I stole this Sig
Sorry, but I tried it from Start->Run and was unable to run it. Are you sure it's in Win2k?
Do you know what you're talking about? Start->Run inherits the same path as cmd.exe. Just to humour you, Start->Run->msconfig results in a dialog saying: "Cannot find the file 'msconfig' (or one of its components). Make sure the path and filename are correct and that all required libraries are available." I think what you'll find is that I'm running Windows 2000, and msconfig doesn't come with it.
I still wish that my linux system had www.linuxupdate.com
... you simply cannot trust Americans. All they think about is money, money, money, how to get it, how to keep it, how to get more, how to take it away from others.
Not to excuse M$ for shoddy work but I've had problems with other OS updaters (for example, OSX 10.2.5 kernel panics when I use my Griffin USB hub and iMic.)
M$ certainly doesn't have a monopoly on pushing bugs out to customers. (Cisco, Sun, others have a long history of shoddy patch releases that introduce more bugs than they fix.)
'course, when you're pushing out a "critical update" every couple days, the likelyhood of pushing out a buggy one is much higher.
One disturbing "feature" of these automatic updaters it the lack of a "rollback" in case a fatal flaw is introduced. (Imagine, for example, that an update hosed your network connectivity...Kinda hard to get the next update that patches the problem.)
Let us replace the "s" in Microsoft with a dollar sign, so that we remember that they are business who put profit first. Oh, how they do not fit in our idealized view of the world. They almost annoy as I sip on my Coke and adjust my Gap pants while I sit in my Herman-Miller chair.
Thats funny, and probably true (and definately shouldn't have been modded to -1), but thats missing the point a bit.
Its not a bad thing to be about profit, but it is a bad thing to put profit ahead of other concerns, especially when you are an industry leader. I think that the outcry would be the same way if Ford knew that a part was faulty, and they supressed the knowlege or downplayed it in the press. How about Boeing? Should either of these companies put their corporate reputation and profit ahead of safety? Of course not.
Now, you might say, whatever - nobody ever died because of a Microsoft trojan horse. And I would agree - but they have caused hundreds of millions of dollars of damage and hundreds of thousands of wasted man hours - all beacuse they are unwilling to reveal themselves for what they are - human.
First, they need to admit that they make the occasional mistake. Secondly, they need to make an easy and trustworthy way of recovering from those mistakes. And thirdly, they need to make it seem like they care more about about the security of their existing customers than trying to gain new ones. Its that easy.
Do you have Linux and a DotPal? Click here now!
I never visit windows update anymore, one too many times of it installing an update that hosed my system. Shavlik still develops HFNetChk, http://hfnetchk.shavlik.com/, and it's still free. Just run it and then go to http://www.microsoft.com/security to get the updates it says you need. A bit more of a pain, but a lot more piece of mind.
... and steal one that Just Works.
Sorry, I couldn't help myself...
To a Lisp hacker, XML is S-expressions in drag.
a 2 second search will reveal that win2000 excluded msconfig, but you can take msconfig from any other windows and drop it on you Win2000 Box and it will work. Wipe your eyes and blow your noses...sheeesh
Sehr geehrter Toilettenbenutzer!
I believe MSCONFIG is not present in W2K, at least in the W2K machines I have used. There is winrep.exe (Windows Report Tool) but everytime I execute it and run the collection agent, I get "winrep.exe has generated errors and will be closed by Windows", figures..
Bad boys rape our young girls but Violet gives willingly.
What's the figure-of-merit for dwarves?
I love vegetarians - some of my favorite foods are vegetarians.
Windows NT 4 was the most unstable OS I have ever had the misfortune of having to maintain. Every single service pack for NT4 broke SOMETHING of importance. By the time we ditched NT4, there were still gaping security holes and instability problems that we couldn't patch because it broke too much.
Sticking feathers up your butt does not make you a chicken - Tyler Durden
Providing the solution is not his job. In a more general sense, the people who are best suited to notice and complain about problems are by definition not the people who are best suited to fix them. This is why programmers don't do all of their own QA. "This is broken" is a completely legitimate thing to say, even if you're not going to be the one to fix it.
MSCONFIG copied from an XP machine does work on W2K.
oops, assumed you went through by using command.com on Run (which doesnt include the path).
was guiding you blindly from winXP. Just found out from the other poster that they took it off in win2k !
Siggy Say, Siggy Do
The trick is to download service pack 1 and install it. After you do this, windowsupdate will start giving you updates to install.
And discover that RedHat has the same problems and W2K requires you to download 3 times more patches. :0)
I've had no problems with any update/patch, with one exception, and it was a doozy: I saw a driver upgrade for USB. After installing it, my keyboard and mouse no longer functioned, which made logging on pretty darn difficult. Now THAT was a major inconveniance!
I don't see you fixing Windows either.
ass.
I'm quite happily booting MS Windows 2000 sp3 on VMWare 3.2 and don't microsoft not charge when your issue is a bug?
--- Nukes don't kill people psychopathic megalomaniacs do.
If you're running XP, you can also right-click on "My Computer", click the "advanced" tab, click on "error reporting", and select "disable error reporting".
If MS sold directly to consumers, more consumers would have a case against them the next time they get busted for monopoly practices.
"... making BAD quality software"
The times of "innocent till proven guilty" don't seem to run anymore, so why make an exception with Microsoft?
Thanks for the HTTPS tip. I was wondering why a brand-new install didn't need anything updated.
Mail? Put "slashdot" in the subject to pass the spam filters.
Russ complains a lot, but he never offers any solutions to the problem.
Hmmmm, is Russ a Democrat?
Heh, same goes for you. Please explain how do you think he could give a solution to that. I mean, this isn't Open Source. He can't just download the tar.gz and make a patch for it. All he could do is perhaps call MS, *paying for the call*, and hope that somebody there fixes the problem.
In Open Source, complaining like this might be frowned upon sometimes. After all, we understand that not every OSS developer works for IBM, and has time and resources to fix every bug.
However, this is commercial software, and closed source to boot. Why should anybody solve Microsoft's problems? Isn't that why people pay for work being done for them in the first place? I think he's doing pretty much the best thing he can do, complaining in public. That's the one thing that seems to work pretty well to get the attention of large companies.
Knowing how much trustworthy is Microsoft, the only trojan that it will sucessfully remove will be the one named "LILO"
Uh, that would mean I have another versiin of Windows, right? Wrong. Not such a simple task is it?
Did you read the article? The underlying theme was trust, or rather a lack thereof. The problem with Windows Update is that after running it, you really don't know what your current state is. Windows Update can fail in a number of ways and give a false indication of being up to date when the system is actually unpatched, out of date, and vulnerable.
And this is where this system really fails. A technical user aware of these issues will understand the situation and maybe even be able to take the initiative to double-check. The problem is that the non-technical user will take Windows Update at face value, comfortable in their knowledge that they are updated and secure. Or so they think.
When the next big worm, virus, IE exploit, etc. comes along, our favorite non-technical user is likely to ignore it. After all, Windows Update says they're all patched up.
Or are they?
If you were running Mandrake you would have a great update feature right at your fingertips. It is a graphical wrapper around Mandrake's updating utility and it is even simpler than Windows Update.
You also get more control...you can specify that something NOT get patched if you know that the patch will break something. Unlike Red Hat Up2Date you don't have to subscribe to anything to get the functionality. It is SWEET.
This is why I have a MDK9.1 DVD winging its way to me from France (yeah, yeah, I know, sue me for supporting a French company) via DHL. It should get here within the next few days. Yeah, they have a tendency to beg and cajole for money (damn Vulture Capitalists leeching them into bankruptcy court!) but they sure as hell deliver the goods.
Mandrake is desktop Linux done RIGHT.
Knowledge is power. Knowledge shared is power multiplied.
I have seen HFNetChk mentioned several times, but I have not seen BigFix (http://www.bigfix.com/) mentioned. This is another free product that will attempt to determine what updates Windows needs it also checks other software installed for updates.
to your computer so you can keep them around/move to other computers etc.
If he vanishes and Gates claims he was finshing we'll need to dredge the bay.
Command.com doesn't exist in NT prior to WinXP. It appears on some systems that have been exploited though ;)
;)
Cmd.exe picks up the environment including the path when launched from Run. One would expect it to.
When giving advice, you can't make assumptions about what versions of Windows other people are using, nor that they are all the same.
and "apt-get update;apt-get upgrade" is hard?
So, if I notice you have a flat tire, but don't know how to fix it, I should keep my mouth shut?
My copies of Windows 2000 Professional, Server, and Advanced Server, are all from an MSDN subscription. None of them require a serial to install, and all of them update without issue.
My biggest complaint with Windows Update is the inconvenience of having to sort the wheat from the chaff: many of the recommended updates do not concern me.
Error Message:
Demo service for server 1002675484 limited due to high load
Error Class Code: 51
Error Class Info:
Demo service currently disabled due to high load. If you would like
to see Red Hat's policies on Demo service, or find out how you can
purchase a subscription service and receive priority download access,
please go to http://rhn.redhat.com/preview/index.pxt
At least Windows Update is free.
...are both divergent, but equally valid solutions to the same problem: scarcity of fuel for cooking. You either cook something very fast at very high temperatures or very slowly in a closed vessel. Either way, you maximize your resources. Either way, you save fuel. And either way, if you have the skills, you can cook a damn fine meal.
Knowledge is power. Knowledge shared is power multiplied.
Yes, you're right. He should get out his source distribution of Windows and whip out a solution right away.
He has the source to Windows right? Like everyone else?
What else can he do but complain?
--- It is not the things we do which we regret the most, but the things which we don't do.
Actually I found getting my FreeBSD system up to date easier than Windows Update.
At one time, it seemed the Windows Update site was having problems - but the messages I got and the apparently relevant MS knowledgebase docs weren't helpful, so I thought the problem was with my system and wasted many hours because of that.
And as Russ points out, even if you run Windows Update successfully, you shouldn't be surprised if your system isn't really up to date.
With FreeBSD once I synchronized sources and rebuilt, I could be pretty certain what I had sitting on my HDD, AND so could others. If I have a problem, I can state the release I synced to, and the devs will know what I'm talking about. That makes support easier.
But with MS, the process is such that you can't really be sure esp when there are problems. Even if you can it may take so much time to be sure that you might as well wipe and reinstall everything.
Trustworthy? Not. Convenient? Yes.
Um, arn't MS Windows users paying MICROSOFT to figure this out? MS does have the in-house talent to come up with a solution for this, they just choose not to address the problem. They just go on pretending that everything is fine.
What Russ is attepting to do is tell MS to wake the hell up and fix it, and that if you are a Windows user that you should know that Windows Update is basically a pile of shit and that you can't trust it.
So I guess don't quite understand you beef. Is MS paying Russ to solve Windows Update problems and he isn't doing the job or something?
As an end-user to commercial software, your job when it comes to bugs is to report them. Not fix them.
Bugtraq didn't trash anything. This all happened on ntbugtraq which is not affiliated with bugtraq.
Run windows update and apply all critical patches.
Download the Microsoft Baseline Security Analyser, and run it. You'll find that it finds lots of "critical" patches not yet applied.
In some cases these patches suddenly appear on Windows Update. Many have to be manually downloaded and fixed.
Sehr geehrter Toilettenbenutzer!
Until now, that is. While helping my 16-year-old son (also an avid Slashdot reader) do research for a term paper on technology and journalism, I stumbled across some information that made me change my views about Slashdot completely. In a nutshell: Slashdot, and more accurately, its parent company VA Software, has deep and mutually influential ties to the Microsoft Corporation. In fact, Slashdot's own editors are paid (albeit indirectly) out of the coffers of Microsoft.
Yes. It's hard to believe. At first I couldn't believe it. But a few simple Google searches and 45 minutes' research on Lexis-Nexis (as well as a couple of phone calls to a friend of mine at the SEC) revealed the following:
At first I was more amused than shocked; I mean, the technology industry is notoriously incestuous and its leaders, even those who are in competition, often sit on the same boards and are members of the same organizations. So what if a few board members of Slashdot's parent company are also directors of a company funded by Microsoft? Well, it gets more interesting.
As it turns out, in May of 1999, VA Software submitted to the SEC Form 5506-D, Application for Direct Non-Ownership Subsidization. This is the form that a corporation will submit to the SEC when it wants to directly fund a subsidiary from its own parent corporation. (It's basically a tax shelter for companies with a lot of subsidiaries) The application was approved in July 1999. The applicant name? OSDN. In other words, Form 5506-D basically eliminated the middleman between OSDN and Murberry-Slocomb. Following the money, I now saw that OSDN was being funded directly from an infusion of captal that Murberry-Slocomb has received from Microsoft!
Weird. I know. But what does this all mean? Honestly I have no idea. I'm not the custodian of any privileged information. A look at VA Software's web site and a Google search is all anyone needs to find the same information that I found. Are Slashdot's staff being paid through Microsoft? I sincerely hope not. But the facts are there and it sure looks like it. More importantly, what does this mean for the future of Slashdot? Can any grain of objectivity or journalistic ethics be preserved? What happens when the company you are bashing, nay, the very company that you preach the loudest against, Microsoft, is the same company that signs your paycheck? Could there be a deeper link still? Who knows. As far as I'm concerned, I'll never look at Slashdot the same way, ever again.
Ok, I'll bite. Solutions:
- Move away from Windows by converting to Apple's MacOS/X-based systems
- Move away from Windows by converting to IBM's Linux-based systems
- Move away from Windows by converting to Sun's Java-based systems
- Move away from Windows to Sun's Linux-based systems (not yet released, AFAIK, but still a viable plan for the future)
- Move away from Windows to a white-box dekstop on which you install whatever you please
Or were you asking about solutions that Microsoft could implement? If that was what you were asking for, then I have no real recommendations other than they should issue a press release advising their users not to visit non-MSN Web sites for fear of finding out what a mess they've gotten themselves into by running Windows in the first place. Is there a good reason left in the world to run Windows? For the most part it seems to be all momentum-based. MS-Office apps for MacOS lag because MS sells less units for Mac-OS. Replacement apps for Office lag on other platforms because there's no one putting a billion dollars into funding developers to work full-time on it (though IBM has spent that much overall on all of Linux, no one spends this much on just the office apps, which are, next to the browser, and mail client, the most important for desktops). That money isn't flowing because there are a lot of inter-dependencies that lock people to Windows. For example, I'm going to have to run Windows under VMware so that I can talk to my new phone once a day. I run XP at home to play a video game. It's not an OS, it's a legacy app-platform much like DOS was for a decade (and still is to some extent).As migration (that has already begun in dozens of niches) away from Windows begins to pick up steam, more of these dependencies will be met for other platforms. Linux has had amazing ramp-up in that area over the last 5 years. I'm always stunned to see major hardware and software vendors coming into the fold and making their stuff work right with Linux. Now the business-side of that is starting to gain ground, and for example, Fujitsu is partnering with Red Hat. I see MacOS coming out on top though, but there's always going to be a much bigger piece of the pie allocated to other OSes than Microsoft ever had to deal with while it was on top. This is a good thing. We should never go back to a world so dominated by one vendor's software. Software has become too important for that.
Once MS can't rely on self-sustaining market-share to keep them going, they'll be forced to make substantive changes to the way they view customers. This too is a good thing. Who knows, perhaps in 20 years, we'll all be happily running Windows 2XXYbeta1, and it will work well, have real standards compliance, open specifications for key OS features and APIs and actaully be supported. It could happen, and if anything is going to make it happen, it will be compeition.
I don't think he specified Windows 2000. Works on XP just fine. (I use it all the time)
No reason to lie.
"Any other windows" includes variants that have a completely different architecture from NT5. Your suggestion is prima facie absurd.
A Pirate and a Puritan look the same on a balance sheet.
It's illegal under the EULA to do that.
Freedom Is Universal
Linux-Universe
*paying for the call*,
Microsoft offers free e-mail support. I've e-mailed them with issues, and gotten prompt solutions within 24 hours.
Most major companies try to make you jump thru hoops to get information, robotic voice machines parroting useless info, clueless tech support,and many other iditic blocks to solutions.
Hell, one time some guy with an Indian (the country) accent told me I had to move my computer 9 meters from where it was to get rid of a crackling noise from my speakers When I informed him that I would then have to visit my neighbors apartment to use the computer, he ionformed me I needed to find a way to move it away from the electrical interference the wall was magically generating. (turns out it was dust in the speaker plug).
In any case - I would be upset about the phone charge only if they didn't offer free e-mail support, and supply value for the money paid to talk on the phone.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
At this point, there can be no argument that Windows Update supports systems longer than RHN, to the shame of Red Hat.
Whether its support is better is another debate entirely.
In my case, I am updating my systems to OpenBSD. I am looking forward to a kernel and c-library that I don't have to patch once every three months like clockwork.
From this perspective alone, OpenBSD is worth the $40 for the CDs; a year's subscription to RHN is not.
It seems that Windows patches are dependent on upgrades that are not included with the downloadable SP3 upgrade.
I installed Windows 2000 SP2Free (eg, W2K pre-patched to SP2) on a VMware virtual machine, (legal copies of both), ran Windows Update on the VM.
The more 'major' updates since W2KSP2 include Internet Explorer/Outlook Express 6 and, of course, Service Pack 3. Of course I went directly to getting those first since they should do redundancy checks to make sure that nothing is missing and prepatch anything that is necessary. (Certainly SP3 should!) However, then, when I went to install more 'critical updates' after installing SP3, and I always got errors. Unilaterally. MAYBE one more update installed but none of the rest would. This doesn't happen on the computer's actual W2K install, nor does this happen to another computer in the house that has W2K installed on it (heh heh, it's still legal, it's a "1-2 processor license" *eg*), that has been kept "current" (as far as Microsoft is current) with the release of Windows 2000 patches. Also, that computer used the standalone installer for SP3, now that I think about it, and not Windows Update (it was still on a modem at the time).
[insert witty comment here]
He was a sick, sick man.
*sigh*. Why didn't you say that? You were making a point that a search on Google reveals that msconfig wasn't part of Windows, but that you can use a copy from another version of Windows. The way you linked to it was as if you were providing supporting evidence. I believed you, so why would I follow the link?
I don't know about holding hands, but you need to learn how to communicate better.
Now before you rebut saying that example refers to a dual boot machine, you're still running a XP exe on a 2K, and if the EULA forbids that then their "tech tip" is illegal
Sehr geehrter Toilettenbenutzer!
ah the joy of having spent a few hours downloading all the service packs, critical updates, and upgrades until I'm met with a pleasing
O - critical updates
0 - windows 2000 updates
system secure...yes?
no!
a week later that system was serving up the latest harry potter
And it would seem you need to stop jerking the chain of people that are trying to help others out ,as far as my communication goes, yes, I suppose I needed to spell out all the possible options for you that ,again, were in the link provided, just in case you are too lax to click it. Agreed!
Sehr geehrter Toilettenbenutzer!
that's awesome, a troll hiding right in the article repost, modded to 5. did no one else notice?
Buffalo buffalo Buffalo buffalo buffalo buffalo.
Powered by Web3.5 RC 2
It's called NTBUGTRAQ, not NTBUGFIX.
"The objective of securing the safety of Americans from crime and terror has been achieved." -- John Ashcroft
I'll assume you're talking the win98 msconfig? :D
Gasp!!, it does work, sure you won't be editing config.sys and autoexec.bat (since its not there), but yes, it will work. It appears your suggestion is prima facie-ier absurd
Sehr geehrter Toilettenbenutzer!
We use both Mac and PC in prepress (preparing digital files for high-res output at a print shop) and so both have pretty high volumes. One day I saw the Windows Update flag in my system tray so I said, "I'll update." Update ran, restarted--and Blue Screen of Death. I had never seen it before--Windows 2000 does okay by me as far as crashing is concerned (there are file system quirks that pop up every now and then and force me to restart, but nothing major). Restart. Blue screen. Restart safe mode. Blue screen. Holy crap. I've got three jobs that need to be output on the PC.
I had no time to fix it myself, so I called a client of ours that does networking and consulting. He came and picked it up and said he'd try his best. Two days later--after re-installing 2000, copying the harddrive to a new one, reformatting, reinstalling 2000 and recopying the data--it was back. With a bill, of course. He told me it might be a good idea to disable Windows Updater. No shit. We had to send our PC files out to a service bureau for output those two days. Screw Windows Updater.
Thanks for the chance to vent.
Danke tres mucho, tovarishch.
...so he can present a real, live example of its ongoing stream of problems.
AFAIK nobody trusts NTBUGTRAQ. That article is FUD but most of slashdot is too blind to see it.
Corporate Management and elected officials should be required to follow a very strict and severe honor code, much like the Japan of old had. Bring shame to your company or yourself and you're required to kill yourself. Hell, I'll be generous and say you can do yourself in painlessly too, even though ritual disembowling has a certain flair to it that can't be denied.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I feel like such an idiot because I just saw some updates in WU and started updating...woops!
One thing I hated about windows update was the need to restart after nearly every patch... there was always something that couldn't be downloaded separately.
Mac OS X does restart after most major updates but thankfully you can download them all in one shot and there is no confusion between critical updates vs recomended updates (recomended by who?) vs non critical updates..
Mac OS X just throws everything into one file-eg. 10.2.7 or something. Rarely you'll find small security patches that need to get out quickly, they are very simply labled as: "security update 05-15-03"; which doesn't create the same update confusion seen on Windows Update- Most of the descriptions often left me wondering if they would apply to my configuration, or just simply break something.
So yes, Mac OS X update is easier- and was blasted for being insecure, but as far as I know Apple fixed it fairly quickly.
->Here's a simple idea for Microsoft, work with McAfee or Norton and bundle a virus/trojan scanner with all versions of windows- not only can you use your monopolistic powers to get it for virtually free... you could also reduce alot of the issues and risks associated with Windows, and perhaps use less resources when dealing with these issues.
command.com is in all version of Windows, from 1.0 through XP, including the NT branch. On NT/2K/XP, this is part of the WoW (Windows-on-Windows) sub-system that allows you to run DOS and Win16 apps on NT.
... and enhanced, more functional replacement/reimplementation of command.com.
cmd.exe is the 32-bit Win32 command-line interpreter
You're right about command.com. I've only encountered it on exploited servers and got away with ignoring it elsewhere. Whatever, it picks up the path when launched from Run ;)
Windows Update is like an AIDS test that gives you hepatitis.
- and if you want to ask the nurse what happened you have to pay to talk to her.
You must be referring to that memory management scenario that doesn't affect everybody and therefore isn't listed as a Critical Update, requiring you to actually ask Microsoft for the patch because it is so uncommon.
But to you, it suddenly becomes "XP SP1 hogged memory."
Next.
"Sufferin' succotash."
3. Ensure I don't have a network share connected which has more capacity than the drives on my own machine.
o oooooooooooooooooooooooooo EXECUTIVE SEMINAR: "Information Security and the Disappearing Perimeter"
/. news and all it is, is the usual soap-box ms bashing. perhaps if the author stated his problems with windows update in a less "i am the demi-god of all security, and you all suck" fashion, then maybe it would be taken a little more seriously by the industry (and analysts
--
on a side note...
a few years back i had an out the box redhat linux installation exposed on the network running an exploitable FTPD. i got hacked. great. i haven't had a look at anything past RH 8 - but as far as I know, out the box, linux doesn't have the same feature. i know it has red carpet, which i use frequently, but it doesn't encourage the update as MSN does with the systray-based notification out-of-the-box. does any unix do this? i don't remember freebsd doing this (yes it has the ports tree, blah blah, but same point about it not being as in your face).
anyway, my point is...
this dude makes this post that basically just gives himself props (1) and makes childish comments (2) about the whole scenario:
(1) - A year ago I complained about Windows Update - well done mate, what a hero.
(2) - ooooooooooooooooooooooooooooooooooooooooooooooooo
so, my point is so often the *nix (sorry SCO!!) community has this holier-than-though attitude towards microsoft's efforts and they don't actually consider that their own back yard is littered with a large amount of problems as well. so this post makes front page
but hey its fine, lets continue to shoot ourselves in the foot.
But I don't know about your statement that "It's better than any alternatives I've seen..." it just sounds like you haven't seen many alternatives.
Maybe you'd be surprized how much Microsoft could learn?
Quack, quack.
I put the commands in a shell script, too much typing :-)
nosig today
I tried to find these "apt-get update" and "apt-get upgrade" utilities you speak of in my KDE menu, but can't find them. Could you please elaborate.
I was astonished to find that if you install the Office XP Tablet PC pack on a Tablet PC, you are urged to "ALWAYS" trust Microsoft's installation components. This has to do with loading the components into Windows Journal.
To do otherwise, means you sift through "Installation" warnings every time you launch Journal.
Ignoring the purchase of a Tablet for a second, for a company that claims to be more-than-ever concerned about security, this is highly insecure. Certificates are forged all the time.
Is this security through idiocy?
If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
Yes, typing apt-get update then apt-get upgrade causes me to bang my head against the keyboard and foam out the mouth.
Do you ever actually _do_ anything or do you spend all day finding things to bitch and moan about? Get a real job where you actually are expected to deliver _real_ results.
[no text here]
[are you getting the idea yet?]
"I triple guarantee you there are NO PROBLEMS with Windows Update! They are not even within 100 miles of Redmond. That is an illusion. I must now inform you that you are too far from reality."
The parent post is not flamebait. I guess the Microsoft professional apologist slashdot posters have made it to the moderator pool.
...donuts are GOOD!
Hmmm...well, the binaries in Windows are kind of hard for me to figure out what exactly is going on.
How about if I start patching Windows with random i386 instruction codes instead of Windows Update?
I'll let you know as soon as I get something good working.
"Provided by the management for your protection."
As long as the system restore features are enabled in windows XP, for the most part I've found that it automatically creates a restore point before applying the automatic updates which makes it quite easy to remove an offending update (gotta be careful on using this feature though as it *can* corrupt the catalogue files in winXP). So at least where Windows XP boxes are concerned, it seems your worry about lack of rollbacks should be alleviated.
In case ntadvice.com gets /.ed ...
there will be a complaint about the unreliablity of the OS/webserver that runs the site that complains about the OS' updates mechanism.
Win2k: updates broke McAfee AV 6.0
Win2k: updates and McAfee AV ate the machine
Win2k: SP3 would not install on three machines via windows update. Did it manually.
WinXP: SP1 sucked. SP1a was faster.
WinXP: SP1 broke PC-cillian (came with the machine)
these are just from the logs I had.
You can not copy any part of windows from one machine to another.
Freedom Is Universal
Linux-Universe
Running and copying our two different things. *sigh* It talks about creating a SHORTCUT.
Freedom Is Universal
Linux-Universe
Wipe your eyes and blow your noses...sheeesh
So, M$ removes a useful but undocumented management feature in Win2k, but we are stupid for not knowing to go get it so we can munge around with whatever it does? WTF?
Are you saying it's normal and advisable behavior to go get ahold of some tool for NT4 that fucks with the registry and god knows what else, and run it willy nilly on win2k or XP? Does this really seem reasonable to you, or have you been forced to deal with shit like this from commercial software for so long that you don't even know what it is like to be free?
Actually, I have made suggestions as to how Windows Update could be better. The second link in my post pointed to an article I wrote last year to NTBugtraq with suggestions. That message was discussed widely within Microsoft according to people there I have spoken with, yet despite that, WU continues to suck.
Almost everything I said in this recent message is a suggestion. They need to be more informative about the activities of the application. What's the point of doing a scan and saying you need no patches if it failed in the process and recorded a message in an obscure log on your machine? The suggestion is it shouldn't do that, it should say on the web page that the scan failed, and, provide something more of an explanation than an 8-digit error message.
Read my message again with that mindset and I think you'll see many suggestions.
Cheers,
Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Although he is doing it in a very undiplomatic manner.
There are a number of people at Microsoft who are very responsive and willing to push to get problems fixed, but instead of contacting them, or asking for contacts, Russ appears to be throwing a tantrum.
Yup, you're right, that wasn't in the original. The line should read; "See for yourself, have a look at my previous musings and then tell me what's been fixed or improved." Shame someone at Slashdot can't correct it for accuracy, no doubt someone's going to eventually tell me I said what was posted here...;-[ Cheers, Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Throwing a tantrum?? Come on, how many times must one be diplomatic before you can get fed up? How many messages must I receive from subscribers indicating their unhappiness over the problems before I speak out on their, and my, behalf?
I've spoken with many people at Microsoft about Windows Update for over 5 years now, none of that has worked. Wait until Longhorn is released and Windows Update Next Generation gets released. You'll see it addresses many of the problems I've outlined. My complaint is that in the meantime we suffer with what they've given us. Instead of building something for the next OS, deliver the solutions to our problems with this version.
Of course we know Microsoft doesn't do that, which is why the Trustworthy Computing Initiative is failing, IMNSHO.
Cheers,
Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Mandrakes Update app can't be any easier. Enter the root password, confirm you want all updates, and that's it. It downloads and installs everything, no more questions asked. I don't have to worry it'll change the features of my system. With Windows Update you need to read every non-critical choice because you may need it or you may not want what'll change. Mandrake is far easier.
Developers: We can use your help.
That's personally identifiable data, not data. Obviously you are sending data to them, like at the very least a GET request?
Why don't you share what you found in those packets? I don't think I have ever met any a Slashdotter who doesn't have time to explain why M$ is t3h sux0r, but I have met a few who make unfounded claims.
Their revised EULA also says it's not so cool to do a .NET benchmark without their blessing... YEAH UCITA, I'M SO HAPPY MY STATE VOTED YOU AS LAW.
Most major companies try to make you jump thru hoops to get information, robotic voice machines parroting useless info, clueless tech support,and many other iditic blocks to solutions
That doesnt vindicate any of them for treating their customers like shit.
Darth --
Nil Mortifi, Sine Lucre
Debian has one called apt-get. ... though you need to pay for it.
Mandrake has one called urpmi.
Red Hat has one called up2date
Ximian has one...it used to be called Red Carpet, but I think now it may be called rcd (red carpet daemon).
SuSE has one...
Gentoo has one... but you need to compile the changes.
True, they don't depend on http...
I think we've pushed this "anyone can grow up to be president" thing too far.
You'd be better off subscribing to security mailing lists.
You can allways use the gpedit.msc to set anything you want or not in win2k. Just type gpedit.msc and go to user config/administrative templates/windows components/windows update..
m
Watch out for the semantics, the speak aske you like Yoda Q: Disable autoplay?
A: Enable disable.
Dohhhhhhh....
A like i found very useful running win2k:
http://web.ukonline.co.uk/cook/Win2000.ht
nb: [from the slashdot legal^H^H^H^H^Hsilly dept]: you do realise you've violated your slashdot licence.
in my life God comes first.... but Linux is pretty high after that
Francis Smit
If you'll notice, most service packs are NOT force-fed through Windows Update. It is up to you to select them, since they are not considered "critical updates." They are optional.
For that matter, even the critical updates (which Automatic Updates pester you about all the time) are "optional" in the sense that you can tell the update wizard not to install them...
I like yum -y update
May we never see th
Oooh, A strawman! Weee!
I wasn't trying to vindicate them. I was pointing out that the phone call stab was baseless.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
It is up to you to select them, since they are not considered "critical updates." They are optional.
Not true. At least, when I go to windows update, it is *constantly* trying to give me XP SP1. Even more annoyingly, it selects a bunch of updates INCLUDING SP1, and then tells me I can only install SP1 and then reboot and return to windows update for the others.
Also, the top option in windowsupdate is called "Critical updates and service packs".
No, he's technically saying you are all idiots for not doing some REALLY simple homework via Google.
Dumbass.
Dumbass. You're one of those people who doesn't RTFA either, aren't you?
"Wait until Longhorn is released and Windows Update Next Generation gets released. You'll see it addresses many of the problems I've outlined."
Good. So what was your rant about again?
Why not do some simple Google searches, or *gasp* look at all the stuff MS has released and see if it applies to your situation? It's really very simple stuff.
I've come to the understanding that software is never 100% reliable (even Linux) and sometimes you should double-check to make sure your'e getting what you need to get (in relation to Windows Update).
If all you have is a hammer, everything looks like a nail.
But my premise presumes knowledge of illegally copying msconfig from one windows operating system to another, and instead concerns itself with whether it is reasonable to actually do it based only on whether some random fucktard (this would be a superset of Microsoft tech support representatives, mind you) happens to tell you to do it on a web site.
I know that, but there are people who think all updates SHOULD be force-fed. And they'll probably continue to advocate same, until someday they let it autoinstall an update that hoses their system!
~REZ~ #43301. Who'd fake being me anyway?
(Warning: do not visit the URL above, especially if you're using Windows! It appears to contain a virus.)
As a Linux user it was obvious to me the mail was a fake, but aside from its content being in ALL CAPITAL LETTERS, I can easily see Windows users believing it, especially with all the heat Microsoft's taken for its stance on security lately.
Three cheers for social engineering, or something.
Gentoo has one... but you need to compile the changes.
/usr/portage stuff)
That's a little misleading. Gives the impression
that it's anything but the easiest thing in the
world. The process goes something like this:
emerge sync (updates all your
emerge -up world (test emerge to see what's getting
installed)
emerge -u world (does all the actual work,
including compiling all packages and dependancy
packages with optimizations specific to your
hardware making a much more stable system with
as much as a 20 percent increase in speed)
Alternately, you might have to run etc-update
to see if any config files changed. It's a utility
that takes the pain out of merging them and
updating them.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
That cry of disgust caused Microsoft to yank HFNetchk, because they hadn't licensed it and didn't have a formal agreement for its promotion.s cid=kb; en-us;303215&sd=tech#1/ 7/e57f4 98f-2468-4905-aa5f-369252f8b15c/mbsasetup.msi
;)
Its still here:
http://support.microsoft.com/default.aspx?
and downloadable here:
http://download.microsoft.com/download/e/5
Thanks for the "heads up" though
Microsft Trusts You
The Singularity is closer than you think
Quant
Up2date is free. You do have to "register" to use it, and having multiple machines can be a bit tedious, but you do not have to pay to use it.
I agree with you that it is shitty that MS plays around with stuff like that and that you have to munge around to get answers....
Sehr geehrter Toilettenbenutzer!
I the case listed her you have a Legal copy of both on the same machine. This Might Not be Legal if you moved the msconfig.exe from XP to 2000 Machine as the 2000 Machine might not be Lincensed(sp?)