Slashdot Mirror
NTBUGTRAQ Bashes Windows Update
BigBadBri writes "Russ Cooper, keeper of the NTBUGTRAQ list, has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
← Back to Stories (view on slashdot.org)
← Back to Stories (view on slashdot.org)
It is a feature to keep you aware of other features. Unfortunately it has a feature in itself which keeps the feature from featuring.
Siggy Say, Siggy Do
Bugtraq hasn't trashed Microsoft Windows - just the Microsoft Windows Update.
"has a few concerns (to put it mildly) with the trustworthiness of Microsoft's Windows Update."
Good.
If you keep throwing chairs, one day you'll break windows....
The site www.ntbugtraq.com is running Microsoft-IIS/5.0 on Windows 2000. p. So, close.
Get your own free personal location tracker
I'll voice an opinion that'll surely prove to be unpopular around these parts: I like Windows Update.
Sure, like any given piece of software, you may run into glitches and bugs at some point. But, overall, Windows Update has provided me with an extremely easy and painless way to keep my systems updated.
Even my Mom can use it, which says a lot. It's better than any alternatives I've seen which require too much geek knowledge to operate. (Admittedly I've never seen how MacOS X handles updates.)
-Teckla
Is it better? Here's a quote from the article:
Let me put it this way. Since the inception of Windows Update millions of computers have been infected with Trojan's that are today allowing individuals to conduct en-masse DDoS attacks. Read that how you want, but its a fact. Here's another. Since the inception of Windows Update Microsoft has gone to producing patches almost every week. Few if any business' have found Microsoft trustworthy enough to permit automatic updates
Many people will also tell you that a false positive is far worse than a false negative. For example, if Windows Update is misconfigured and tells you that you're up to date when you're really not, that's arguably worse than not being up to date and knowing that you're not up to date. (Because in the latter situation at least you can do something about it)
Even if technically windows update is better than nothing, it's utterly pathetic that this is the best one of the richest and most powerful corporations on the planet can do for their customers.
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
I haven't experienced a single problem due to a Windows update.
I have. My Wife's XP system stopped booting after a Windows Update. It's a semi-random thing - 75% of the time, after POST (and the "Windows failed to start properly last time" screen) we get a blank screen, black, forever. Power down and try again. Another 10% of the time, we get a black screen with white bars across the bottom. Power down and try again. Maybe 15% of the time, XP boots cleanly.
Using the different boot options doesn't help, either - same results, if you're bringing up Windows and not a command prompt. Rolling back the system to two weeks prior to the behavior starting didn't fix it, either. Now, when she gets it to boot, she leaves it on (and hopes it doesn't crash and shut down when she changes users to let our daughter play Barbie games), and we fight through multiple attempts when we reboot.
Someday, she'll get upset enough to let me reimage it for her and reinstall XP (yes, she has to use MS-only software for her job). Until then - we try, try again....
I love vegetarians - some of my favorite foods are vegetarians.
Heh, same goes for you. Please explain how do you think he could give a solution to that. I mean, this isn't Open Source. He can't just download the tar.gz and make a patch for it. All he could do is perhaps call MS, *paying for the call*, and hope that somebody there fixes the problem.
In Open Source, complaining like this might be frowned upon sometimes. After all, we understand that not every OSS developer works for IBM, and has time and resources to fix every bug.
However, this is commercial software, and closed source to boot. Why should anybody solve Microsoft's problems? Isn't that why people pay for work being done for them in the first place? I think he's doing pretty much the best thing he can do, complaining in public. That's the one thing that seems to work pretty well to get the attention of large companies.
Actually, I have made suggestions as to how Windows Update could be better. The second link in my post pointed to an article I wrote last year to NTBugtraq with suggestions. That message was discussed widely within Microsoft according to people there I have spoken with, yet despite that, WU continues to suck.
Almost everything I said in this recent message is a suggestion. They need to be more informative about the activities of the application. What's the point of doing a scan and saying you need no patches if it failed in the process and recorded a message in an obscure log on your machine? The suggestion is it shouldn't do that, it should say on the web page that the scan failed, and, provide something more of an explanation than an 8-digit error message.
Read my message again with that mindset and I think you'll see many suggestions.
Cheers,
Russ - NTBugtraq Editor
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor