Slashdot Mirror
NTBUGTRAQ Bashes Windows Update
BigBadBri writes "Russ Cooper, keeper of the NTBUGTRAQ list, has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
← Back to Stories (view on slashdot.org)
← Back to Stories (view on slashdot.org)
Since when did we trust Microsoft / Windows?
Please direct all bug reports to
If you can't trust the New York Times, how the heck can you trust a shady corporation like Microsoft?
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
It is a feature to keep you aware of other features. Unfortunately it has a feature in itself which keeps the feature from featuring.
Siggy Say, Siggy Do
This shouldn't surprise anyone at all. Anyone involved in computer security or stability is going to have doubts about any sort of update technology, especially if it's from Microsoft. All it takes is a 'minor' 'bug', like the one in the article, and we could be facing a much lerger numbers of CodeRed targets, or zombie machines, or who knows what else.
Oh, by the way, youre car is just fine. No, no recalls at all for it. Well, one, but it's only important if you actually drive, so you're fine, I'm sure...
It's been proven time and time again that people don't patch their systems by hand. Windows Update is at least a step in the right direction, even if it does have some flaws. I can only imagine the outcry if M$ DIDN'T have a Windows Update. It would be an evil scheme or something.
--- Don't be a player hater: I meta-mod ALL negative mods as Unfair.
Bugtraq hasn't trashed Microsoft Windows - just the Microsoft Windows Update.
"has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
Good.
If you keep throwing chairs, one day you'll break windows....
To sum up the last few posts: Electronic Voting can't be trusted, NVidia can't be trusted, Microsoft Update can't be trusted... that's enough for one day. I'll go to sleep right now.
The site www.ntbugtraq.com is running Microsoft-IIS/5.0 on Windows 2000. p. So, close.
Get your own free personal location tracker
I've read a number of depressed perspectives on how we've got to accept a broken technology because it is patent-encumbered, closed source, or whatever, and I wonder "Where's your initiative, people?" To use a cooking analogy: the Koreans and the Dutch couldn't be much more different geographically, but at approximately the same time in history they faced a similar crisis involving an abundance of fuel and a pittance of foodstuffs -- the Koreans invented stir-frying, which allowed a maximum amount of heat in a minimum amount of time to sear their food, while the Dutch came up with the Dutch Oven, which is an ancient European equivalent of the Crock-Pot where food was cooked in its own vapors in a covered environment at a low temperature over an extended period of time.
This is only one of a number of similar examples throughout history of almost-parallel development. People have constantly had to reinvent the wheel for any number of reasons, but most importantly the process was influenced by cultural and social factors that ultimately lead to different approaches towards the same problem. Thus we can choose from the solutions the one that is most efficient or most effective... the strength of Open Source.
I guess the point is that there is almost always more than one way to solve a problem, and generally it's the optimists that get to it. I see too many good ideas sunk by naysayers that won't give a concept a fair shake; irregardless, who could have predicted the computer, air travel, or the mysteries of the atom a mere century ago? Hope for even the best of the future and it will yet exceed your expectations.
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
I'll voice an opinion that'll surely prove to be unpopular around these parts: I like Windows Update.
Sure, like any given piece of software, you may run into glitches and bugs at some point. But, overall, Windows Update has provided me with an extremely easy and painless way to keep my systems updated.
Even my Mom can use it, which says a lot. It's better than any alternatives I've seen which require too much geek knowledge to operate. (Admittedly I've never seen how MacOS X handles updates.)
-Teckla
Man it seems like every day we find out how to define the 'trustworthy' in "trustworthy computing"
:)
First Windows, then the Outlook bugs, then the Hotmail bugs, now the Windows Update security issues - not to mention the Shatter Exploit (fundamental unfixable Win API flaws)
Mmm I love days like today.
-- -=innocent ramblings from the mind of an insomniatic programmer=-
I have had windows update tell me that i'm clean, when i've only just done a fresh install, but i don't take it personally, you'd only complain if it examined every bit of your disk to ensure that it got it right... make your minds up people!!
Last week I spent all day downloading patches for an XP laptop that we are evaluating. Today we (my notoriously adorable assistant) received a notification that there are (surprise!) more patches to download. When I looked at the list, some of them were going back to Feb of 2002. We looked at what patches and Q#'s show as installed, and several of these are the same ones WUS show as needed. Needless to say, we are yanking the XP OS and going back to W2K. Oh, that we could use Linux in our production environment!!!!
"More often than not"? Really? That hasn't been my experience. In fact, I haven't experienced a single problem due to a Windows update.
Please give your basis for that statement. How many updates have you installed and how many things have broken because of those updates? Are you speaking for yourself only or the population at large? If what you state is true then others must have the same problem, that more things are broken than fixed by Windows updates. Certainly there must be more on the web about this - can you provide any links to supporting information?
Hmmm....
www.netcraft.com sez:
--
no not a rip off but a list with less scope (just MS stuff.
.......
Spawned a few years ago by people want to get the NT stuff only and not general stuff. Works well.
AS for WU - remember most of its audience is the home user. It tries to do a worthwhile job, but from experience unless you've got a fat pipe it takes ages (10MB isn't unusual) and it craps over your settings, it DOES scan and return info on what's on your machine
Nice try M$ but a grade F.
BS BS BS BS BS BS BS
BS BS BS BS BS BS BS
Yes, their patches do on occasions break things. Not defending that, they need to be more careful sometimes...
But "MORE OFTEN THAN NOT" is FAR from the truth, and I am sure you know this. But, with your M$ $ucks patch sewn directly on your forehead, you kinda hafta make remarks like this, right?
On the few occasions things break they are rarely of the "blow up the server" variety, and MORE OFTEN THAN NOT *grin* they are of the "when the stars align" kind that you HEAR about in bug reports but don't experience first hand.
---"What did I say that sounded like 'Tell me about your day?'"---
Although I haven't had many problems with them, installing Win2k SP3 on a Vmware image causes it to fail to boot. Microsoft has a knowledge base article on it, but in order to receive the patch, you need to *call* them, which is damn expensive.
AS for WU - remember most of its audience is the home user. It tries to do a worthwhile job, but from experience unless you've got a fat pipe it takes ages (10MB isn't unusual) and it craps over your settings, it DOES scan and return info on what's on your machine .......
This is very true, and if anyone doubts it, grab yourself a copy of vmware for linux systems (ironicly, thats the ad at the top of this page) and fire up windows XP, then, do a tcpdump on the interface that vmware is using, run strings on the data inside the packets....its quite interesting what you see when you reassemble all the packets going to v4.windowsupdate.microsoft.com.
This is also true when win98 is run within VMware, and windows update sends that nice message box saying "this is done without sending data to microsft"
Windows, its whats for dinner
Is it better? Here's a quote from the article:
Let me put it this way. Since the inception of Windows Update millions of computers have been infected with Trojan's that are today allowing individuals to conduct en-masse DDoS attacks. Read that how you want, but its a fact. Here's another. Since the inception of Windows Update Microsoft has gone to producing patches almost every week. Few if any business' have found Microsoft trustworthy enough to permit automatic updates
Many people will also tell you that a false positive is far worse than a false negative. For example, if Windows Update is misconfigured and tells you that you're up to date when you're really not, that's arguably worse than not being up to date and knowing that you're not up to date. (Because in the latter situation at least you can do something about it)
Even if technically windows update is better than nothing, it's utterly pathetic that this is the best one of the richest and most powerful corporations on the planet can do for their customers.
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
Well, I'm sure Russ is a MS customer like everyone else, so it's MS' responsibility to fix the problem.
I mean, if my headgasket in my GM blows, I don't go to Goodwrench with the schematics for a new design.
If "windows update" is so bad, then how to expect everyday people to update/patch thier computer(s)?
I think its a win/lose/lose type of situation.
+++ David Watts 5495 0.0 0.5 1888 884
Not a Windows update per se, but SP3 for SQL Server broke one of our applications and we had to roll back. That was not pretty at all.
And once you get one bad patch that throws your systems into chaos, you get real wary of other ones in the future.
http://www.ntbugtraq.com/default.asp?pid=36&sid=1& A2=ind0305&L=ntbugtraq&F=P&S=&P=45 05
Date: Wed, 14 May 2003 16:42:10 -0400
Reply-To: Windows NTBugtraq Mailing List <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
Sender: Windows NTBugtraq Mailing List <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>
From: Russ <Russ.Cooper@RC.ON.CA>
Subject: Windows Update is a dog, again!
Content-Type: text/plain; charset="iso-8859-1"
Well, looks like Windows Update has once again shown how untrustworthy Microsoft can be. For at least the past several days Windows Update has been providing consumers with false information. WU users would connect, initiate the scan, the scan would complete and inform the user their system needed no patches. Wonderful, a clean bill of health, or so the consumer thought.
In reality, some flaw in the Windows Update process has led it to conclude that a system, in need of critical security patches, is instead clean and good to go on the Internet. In other words, if the security check fails, tell consumers they're just fine and don't need anything.
It's good that we don't need elaborate checklists and voodoo mojo security tools to check our systems; we only have to make a quick visit to Windows Update to be sure. Finally, with the introduction of Automatic Updates, we no longer even need to make that visit manually, we can trust that Microsoft will supply us with a properly tested security patch within 24 hours and patch our systems for us (unless we're running Windows XP and got MS03-013 when it was released to WU.)
A year ago I complained about Windows Update, with its registry only checking and myriad other problems. At the time Microsoft was distributing Shavlik's HFNetchk, and so at least with tools from Microsoft we could see the error of Windows Update's ways. That cry of disgust caused Microsoft to yank HFNetchk, because they hadn't licensed it and didn't have a formal agreement for its promotion. "Consumers be damned, make darn sure they're not getting conflicting information from us" seemed to be the rallying cry at Microsoft.
I questioned the Trustworthy Computing Initiative's value then because of that debacle. When asked by the media at the new year how I felt the Trustworthy Computing Initiative had progressed, I gave it an "F", or failing grade. Some wondered why, and pointed to things which the public hadn't seen as justification for TCI's benefits. Seems too many never bothered to read Bill Gates' memo. They failed to grasp the fact that TCI was in response to a public perception that Microsoft was not sufficiently trustworthy.
Has Microsoft done anything to change that perception? No, absolutely not I say! (emphatically)
Let me put it this way. Since the inception of Windows Update millions of computers have been infected with Trojan's that are today allowing individuals to conduct en-masse DDoS attacks. Read that how you want, but its a fact. Here's another. Since the inception of Windows Update Microsoft has gone to producing patches almost every week. Few if any business' have found Microsoft trustworthy enough to permit automatic updates. So since the inception of Windows Update Microsoft has increased the number of times an Administrator needs to patch every Windows system in his/her company. Since Windows Update Microsoft has made it increasingly difficult for an Administrator to avoid Windows Update. Despite the fact that at no time has Windows Update ever proven itself trustworthy, Microsoft continue to force you to use this unreliable mechanism more.
If anyone is wondering why Windows Update is a dog, again, consider the posts this week to NTBugtraq. You wouldn't believe the number of individual experiences I received regarding problems with Windows Update. No doubt Microsoft receives far more than I do. I can't believe that huge corporations are having the problems they are, nor can I believe they haven't received a reasonab
Yea, more often then not they don't break something, but they NEVER fix everything.
Click here to crash IE with a 6 line valid HTML document.
Or how about some arbitrary vb scripting that opens your cd-rom. Here you go.
Yea, Microsoft, pinacle of stability and all that.
The key to the enjoyment of pop music is to replace any instance of "love" with "C.H.U.D."
if you dont like error reporting - turn it off.
1.Start>Run
msconfig.exe
2.Goto Services tab and uncheck the error reporting service there.
Siggy Say, Siggy Do
Win2K SP3 broke my FireWire webcam...when a filter graph that used it closed, the computer bluescreened. (I eventually found that you could copy ohci1394.sys from a SP2 system into %systemroot%\system32\drivers and use the camera under SP3 that way...but SP3 shouldn't have broken it to begin with.)
20 January 2017: the End of an Error.
I haven't experienced a single problem due to a Windows update.
I have. My Wife's XP system stopped booting after a Windows Update. It's a semi-random thing - 75% of the time, after POST (and the "Windows failed to start properly last time" screen) we get a blank screen, black, forever. Power down and try again. Another 10% of the time, we get a black screen with white bars across the bottom. Power down and try again. Maybe 15% of the time, XP boots cleanly.
Using the different boot options doesn't help, either - same results, if you're bringing up Windows and not a command prompt. Rolling back the system to two weeks prior to the behavior starting didn't fix it, either. Now, when she gets it to boot, she leaves it on (and hopes it doesn't crash and shut down when she changes users to let our daughter play Barbie games), and we fight through multiple attempts when we reboot.
Someday, she'll get upset enough to let me reimage it for her and reinstall XP (yes, she has to use MS-only software for her job). Until then - we try, try again....
I love vegetarians - some of my favorite foods are vegetarians.
This isn't related to NTBUGTRAQ's problem as I'm sure they are using legal license of Windows, however: blacklisted, warezed Windows don't update. If you run Windows update and don't get any service packs at all (even at clean install) you have illegal license of Windows, or at least your s/n has been blacklisted.
FUD. Plain and simple FUD. I've required several patches that you have to call in to get. When the support person (I would normally say droid, but MS is the sole exception here - I have never spoken with anyone at MS that does not know what they're talking about - they know what they're supposed to and will tell you if they don't know what you ask) answers the phone explain that a KB article says you have to call in for a patch. They will ask for the article number, your name, phone number, and email address, and will send you a link and password for the file. Often, someone will call back a few days later to make sure you got everything okay. They've never asked me for billing information.
funny munging
Isn't the security aspect, its the fact that MS hasn't gotten patching down yet. Patches from Microsoft CONSTANTLY slow down and screw up peoples computers. Every time you download a patch its like playing russian roulette.
I just experienced this two days ago. My friend had me reinstall XP on his laptop so I started with a disc that had XP SP1 included. Now considering the huge list of known problems SP1 causes both he and myself were happy with how the system preformed after install. It seemed snappy and worked well. But then after I ran windows update and pulled down like 15 security updates, boom instant slowdown. I'd say its about 15-20% slower now. I might as well have pulled out his PIII900 and dropped in a PIII600. (And yes I specifically avoided 811493)
When will MS stop having to reissue patches and stop slowing down and screwing up systems because they can't figure out how to make software with some decent security built in? I mean screw the security track record of other OS's, Microsoft is the one with 40 billion in the bank. They are also the ones who still don't get it and are just now telling their programmers that security needs to be considered when designing software. For about the fact that OSS exists, I still can't believe people can people can have faith in a company like that.
If you wanna get rich, you know that payback is a bitch
""More often than not"? Really? That hasn't been my experience. In fact, I haven't experienced a single problem due to a Windows update."
You want examples? Try using Win2K and WebTrends Web Analyzer (and don't change the subject by suggesting a different log analysis tool - this is required by the company).
Somewhere, after a raft of updates last winter, the damn system kept locking-up in the middle of analysis. So we rip it down, build it back up fresh and remove anything that could cause issues. Same problem. The machine's a Dell Optiplex PIII 450, with 384MB of RAM and 40GBs of drive space - and it can't reliably run a logfile of 2MB without locking-up hard. And so we do it again. And again. Feh!
We're all baffled. Anything else can run, and WebTrends says they'e compatible but quietly acknowledges (via a help person) that Win2K people have been having update issues. I've spoken to others so this bit of anecdotal information strikes a nerve.
WinXP has given me issues with media player codec problems, window redraws, explorer.exe running wild (climbing to 99% of processor time) after servicepak 1.
Windows sucks. Period. We all know it. We're the smart ones, but the other 90% of the user base is either too frightened/lazy to change to something that works, or too cynical to even consider change. The damn system is mystery to most users - they just pray it works, and when it doesn't, all they can do is rip it out and start over.
This is not the way it's supposed to be.
Lucky you.
You can keep your faith in M$ but, speaking from experience, when you install a seemingly innocuous update then get BSOD on boot and have to rebuild the box from scratch you tend to loose your trust in them. It is probly half the reason that people don't patch and end up being hacked. So either way you loose.
I've had my fair share (well I think more than fair...) of BSODs following the installation of a patch or service pack. But overall, things are much improved. This sort of thing happens MUCH less freqeuently in Win2K than it did in NT4 (which itself was better than 3.51). It's infrequent enough that I don't worry myself to much when doing MS-Update or SP installs. (I still always have an up-to-date System State backup, and a parallel install of Win2K to boot into).
You do understand that the original complaint was written by the NTBUGTRAQ list owner and maintainer? A guy who has shown again and again that he clearly understands the MS world? A guy who was (don't know if he is or not at this point) a self professed Microsoft admirer when he started NTBUGTRAQ?
I don't know about you but I've had a ton of windows updates fail. Of course, they usually fail by saying they succeeded, but then the next day it wants to download the update again. This has happened to me with a number of updates. In each case they eventually fixed the patch installer and the problem went away.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Let us replace the "s" in Microsoft with a dollar sign, so that we remember that they are business who put profit first. Oh, how they do not fit in our idealized view of the world. They almost annoy as I sip on my Coke and adjust my Gap pants while I sit in my Herman-Miller chair.
Thats funny, and probably true (and definately shouldn't have been modded to -1), but thats missing the point a bit.
Its not a bad thing to be about profit, but it is a bad thing to put profit ahead of other concerns, especially when you are an industry leader. I think that the outcry would be the same way if Ford knew that a part was faulty, and they supressed the knowlege or downplayed it in the press. How about Boeing? Should either of these companies put their corporate reputation and profit ahead of safety? Of course not.
Now, you might say, whatever - nobody ever died because of a Microsoft trojan horse. And I would agree - but they have caused hundreds of millions of dollars of damage and hundreds of thousands of wasted man hours - all beacuse they are unwilling to reveal themselves for what they are - human.
First, they need to admit that they make the occasional mistake. Secondly, they need to make an easy and trustworthy way of recovering from those mistakes. And thirdly, they need to make it seem like they care more about about the security of their existing customers than trying to gain new ones. Its that easy.
Do you have Linux and a DotPal? Click here now!
I never visit windows update anymore, one too many times of it installing an update that hosed my system. Shavlik still develops HFNetChk, http://hfnetchk.shavlik.com/, and it's still free. Just run it and then go to http://www.microsoft.com/security to get the updates it says you need. A bit more of a pain, but a lot more piece of mind.
Please give your basis for that statement. How many updates have you installed and how many things have broken because of those updates?
In my case almost certainly more than you have since I worked on the Windows Update team at MS. I know how well they tested the updates, what kind of things were bugged and not fixed and in general their level of quality control.
More often than not patchs installed via WU will work fine, but I've seen them cause BSOD that require a reinstall to fix often enough that I don't use it.
a 2 second search will reveal that win2000 excluded msconfig, but you can take msconfig from any other windows and drop it on you Win2000 Box and it will work. Wipe your eyes and blow your noses...sheeesh
Sehr geehrter Toilettenbenutzer!
Providing the solution is not his job. In a more general sense, the people who are best suited to notice and complain about problems are by definition not the people who are best suited to fix them. This is why programmers don't do all of their own QA. "This is broken" is a completely legitimate thing to say, even if you're not going to be the one to fix it.
The trick is to download service pack 1 and install it. After you do this, windowsupdate will start giving you updates to install.
Well, since this has generated a bit of controversy and even accusations of my own anti-Microsoftery, I will elaborate on a few of my experiences. And yes, these are all my personal experiences, not something I've picked off of a website. Perhaps I should have said patch, Service Pack, or any software drivel coming from Redmond. My point is that I look upon anything from them with suspicion, and not because I'm any sort of linux zealot. First of all I'll describe the (original, since upgraded) system. Three Compaq NT4 machines providing proxy, mail, and print serving to a school district of 3000 students/faculty, spread across six buildings through a T1 WAN. Install one or the other "security updates" for NT4. Boy what a wonderful day, the Primary DC won't boot. Solution...restore from backup tapes, and find ways to work around the security problems without installing their update. Later, we upgrade to Win2K Server. Everybody's happy and fine. Install SP1...wow isn't that nice, the Primary DC for the entire district suddenly won't go beyond a blue-screen on boot. Restore from tape, live with SP(null.) Now I'm in another district with no Windows servers. Three Netware 6.0 machines, and two Linux boxes that are slowly invading their formerly-held territory of proxy, web, print and e-mail. I never said Novell patches weren't crap either, or their operating system. But we won't go into that. As far as non-server Windows stuff, I have long since turned off any auto-updating in the district or my personal machines, for fear Microsoft will pass something down the line that will screw something up. I will also use the case in point of SP3, which breaks the EULA, of all things. I work for a grocery store chain that also has a pharmacy...they are scared to death of HIPAA and Microsoft's SP3 for Windows 2000. When you see things like Microsoft gaining the ability to change things on your computer, in the litigation-crazy medical industry you start wondering. My point is that Microsoft patches, SP's, whatever is always like Russian roulette. And half of the chambers are loaded, in my experience.
It's called a testing environment, then go live.
What is even more maddening, is that in the test environment (different hardware, I know in a perfect world it would be identical) it worked fine.
Thanks for the HTTPS tip. I was wondering why a brand-new install didn't need anything updated.
Mail? Put "slashdot" in the subject to pass the spam filters.
Heh, same goes for you. Please explain how do you think he could give a solution to that. I mean, this isn't Open Source. He can't just download the tar.gz and make a patch for it. All he could do is perhaps call MS, *paying for the call*, and hope that somebody there fixes the problem.
In Open Source, complaining like this might be frowned upon sometimes. After all, we understand that not every OSS developer works for IBM, and has time and resources to fix every bug.
However, this is commercial software, and closed source to boot. Why should anybody solve Microsoft's problems? Isn't that why people pay for work being done for them in the first place? I think he's doing pretty much the best thing he can do, complaining in public. That's the one thing that seems to work pretty well to get the attention of large companies.
Knowing how much trustworthy is Microsoft, the only trojan that it will sucessfully remove will be the one named "LILO"
I have seen HFNetChk mentioned several times, but I have not seen BigFix (http://www.bigfix.com/) mentioned. This is another free product that will attempt to determine what updates Windows needs it also checks other software installed for updates.
and "apt-get update;apt-get upgrade" is hard?
So, if I notice you have a flat tire, but don't know how to fix it, I should keep my mouth shut?
My copies of Windows 2000 Professional, Server, and Advanced Server, are all from an MSDN subscription. None of them require a serial to install, and all of them update without issue.
My biggest complaint with Windows Update is the inconvenience of having to sort the wheat from the chaff: many of the recommended updates do not concern me.
Actually I found getting my FreeBSD system up to date easier than Windows Update.
At one time, it seemed the Windows Update site was having problems - but the messages I got and the apparently relevant MS knowledgebase docs weren't helpful, so I thought the problem was with my system and wasted many hours because of that.
And as Russ points out, even if you run Windows Update successfully, you shouldn't be surprised if your system isn't really up to date.
With FreeBSD once I synchronized sources and rebuilt, I could be pretty certain what I had sitting on my HDD, AND so could others. If I have a problem, I can state the release I synced to, and the devs will know what I'm talking about. That makes support easier.
But with MS, the process is such that you can't really be sure esp when there are problems. Even if you can it may take so much time to be sure that you might as well wipe and reinstall everything.
Trustworthy? Not. Convenient? Yes.
Um, arn't MS Windows users paying MICROSOFT to figure this out? MS does have the in-house talent to come up with a solution for this, they just choose not to address the problem. They just go on pretending that everything is fine.
What Russ is attepting to do is tell MS to wake the hell up and fix it, and that if you are a Windows user that you should know that Windows Update is basically a pile of shit and that you can't trust it.
So I guess don't quite understand you beef. Is MS paying Russ to solve Windows Update problems and he isn't doing the job or something?
As an end-user to commercial software, your job when it comes to bugs is to report them. Not fix them.
I doubt it. I've had a similar problem on laptop where things acted haywire after a windows update. I restored a Ghost image from a month prior and everything was okay. Just to confirm I ran windows update again and installed the same patches I did before. Things started going nuts again.
Prevent email address forgery. Publish SPF records for y
Ok, I'll bite. Solutions:
- Move away from Windows by converting to Apple's MacOS/X-based systems
- Move away from Windows by converting to IBM's Linux-based systems
- Move away from Windows by converting to Sun's Java-based systems
- Move away from Windows to Sun's Linux-based systems (not yet released, AFAIK, but still a viable plan for the future)
- Move away from Windows to a white-box dekstop on which you install whatever you please
Or were you asking about solutions that Microsoft could implement? If that was what you were asking for, then I have no real recommendations other than they should issue a press release advising their users not to visit non-MSN Web sites for fear of finding out what a mess they've gotten themselves into by running Windows in the first place. Is there a good reason left in the world to run Windows? For the most part it seems to be all momentum-based. MS-Office apps for MacOS lag because MS sells less units for Mac-OS. Replacement apps for Office lag on other platforms because there's no one putting a billion dollars into funding developers to work full-time on it (though IBM has spent that much overall on all of Linux, no one spends this much on just the office apps, which are, next to the browser, and mail client, the most important for desktops). That money isn't flowing because there are a lot of inter-dependencies that lock people to Windows. For example, I'm going to have to run Windows under VMware so that I can talk to my new phone once a day. I run XP at home to play a video game. It's not an OS, it's a legacy app-platform much like DOS was for a decade (and still is to some extent).As migration (that has already begun in dozens of niches) away from Windows begins to pick up steam, more of these dependencies will be met for other platforms. Linux has had amazing ramp-up in that area over the last 5 years. I'm always stunned to see major hardware and software vendors coming into the fold and making their stuff work right with Linux. Now the business-side of that is starting to gain ground, and for example, Fujitsu is partnering with Red Hat. I see MacOS coming out on top though, but there's always going to be a much bigger piece of the pie allocated to other OSes than Microsoft ever had to deal with while it was on top. This is a good thing. We should never go back to a world so dominated by one vendor's software. Software has become too important for that.
Once MS can't rely on self-sustaining market-share to keep them going, they'll be forced to make substantive changes to the way they view customers. This too is a good thing. Who knows, perhaps in 20 years, we'll all be happily running Windows 2XXYbeta1, and it will work well, have real standards compliance, open specifications for key OS features and APIs and actaully be supported. It could happen, and if anything is going to make it happen, it will be compeition.
I don't think he specified Windows 2000. Works on XP just fine. (I use it all the time)
No reason to lie.
Now before you rebut saying that example refers to a dual boot machine, you're still running a XP exe on a 2K, and if the EULA forbids that then their "tech tip" is illegal
Sehr geehrter Toilettenbenutzer!
Is there are specific reason why they wont just give direct access to the patches on their site?
Slashdot attracts a much more broad audience than you imply - not all nerds are open source advocates. For instance, at work I use Windows 2000 and NT exclusively. My friends all run Windows 98 on their gaming machines. Therefore we are all familiar with Windows and its shortcomings, and enjoy bitching about it. I think open source is a great idea, I use Mozilla whenever I can (tabbed browsing rocks), and I'm working hard on kicking the MS habit in other areas.
It's called NTBUGTRAQ, not NTBUGFIX.
"The objective of securing the safety of Americans from crime and terror has been achieved." -- John Ashcroft
You must be referring to that memory management scenario that doesn't affect everybody and therefore isn't listed as a Critical Update, requiring you to actually ask Microsoft for the patch because it is so uncommon.
But to you, it suddenly becomes "XP SP1 hogged memory."
Next.
"Sufferin' succotash."
Or perhaps people are just growing tired of the childish banter that a subset of Slashdot users seem compelled to beat a dead horse with.
You have exactly 314 seconds to come up with a less retarded plot.
Actually, I have made suggestions as to how Windows Update could be better. The second link in my post pointed to an article I wrote last year to NTBugtraq with suggestions. That message was discussed widely within Microsoft according to people there I have spoken with, yet despite that, WU continues to suck.
Almost everything I said in this recent message is a suggestion. They need to be more informative about the activities of the application. What's the point of doing a scan and saying you need no patches if it failed in the process and recorded a message in an obscure log on your machine? The suggestion is it shouldn't do that, it should say on the web page that the scan failed, and, provide something more of an explanation than an 8-digit error message.
Read my message again with that mindset and I think you'll see many suggestions.
Cheers,
Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Throwing a tantrum?? Come on, how many times must one be diplomatic before you can get fed up? How many messages must I receive from subscribers indicating their unhappiness over the problems before I speak out on their, and my, behalf?
I've spoken with many people at Microsoft about Windows Update for over 5 years now, none of that has worked. Wait until Longhorn is released and Windows Update Next Generation gets released. You'll see it addresses many of the problems I've outlined. My complaint is that in the meantime we suffer with what they've given us. Instead of building something for the next OS, deliver the solutions to our problems with this version.
Of course we know Microsoft doesn't do that, which is why the Trustworthy Computing Initiative is failing, IMNSHO.
Cheers,
Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor