Slashdot Mirror
Microsoft wants Automatic Update for Windows
Edward Dao writes "After the embarassment of last week's blaster worm, Microsoft is weighing the possibility of automatic update. Microsoft not only wants to upload the latest patch on to users' computer but also installing it for them." This will work out really well for everyone I'm sure. Yikes! Can I at least press 'Ok' first?
Of course, this will be implemented in such a way that implantinga fake RR for windowsupdate.microsoft.com into a local name serverallows Windows to download and run any file with a certian file name. This should make it far eaiser to fool Windows Update into installing Linux.
This will make Linux rollouts a breeze after buying all those Dells.
Imagine the possibilities!
Then again, the Microsoft Tax is cheaper then the SCO tax.
If you RTFA you'd find that Microsoft is only "looking very seriously" at this idea,
that it would not apply to business users of XP (since they want careful control
of the patching of their machines), and that it would be possible to opt-out from
the automatic updates.
So if you are a business user you don't get automatic updates, if you are a home
user of XP that is technically savvy you can turn it off, and if you are a home
user who is not computer savvy then you are going to get automatic updates. This
latter group seems like the ideal set of people to get automatic protection.
John.
they want to reboot my computer without informing me?
Harder.. Better.. Faster.. Stronger
... how they will get people to activate the TCPA/Palladium features.
Now we know: MS will do it for you. How kind of them!
I know broadband usage is on the rise but really ... I use a modem. You know ... the kind that attaches to a phone line? Everytime I get online with my low bandwidth solution, I don't want my bandwidth eaten up by patches.
... no thanks.
Granted, by the time this is incorporated into the OS, phone line users may be in the minority but until then
KARMA TAG! You're it.
if someone breaks into MS WindowsUpdate servers, he could install ANYTHING on millions of computers!
wow... scary...
Some of us are still on dialup, and an automagic update of Windows via 56K modem would literally take HOURS if the connection even holds at all. I don't think I should be forced into high-speed access just so I can update my Windows partition periodically.
Be excellent to each other. And... PARTY ON, DUDES!
You can do this already with Windows XP if you set it up to do so. In the system properties go to the Automatic Updates tab and then click on the radio button next to the bottom option, "Automatically download the updates, and then install them on the schedule that I specify".
Of course you'd have to be out of your gourd to do this regarding MS's history of untested patches. Also I noticed that MS is including driver updates in the critical updates as well (nVidia driver). I've NEVER installed a driver from MS on my computer and every time a customer of ours does it, it seems to totally screw up everything.
Duris MUD - The best pkill MUD. Ever.
In the past MS has packaged EULA updates along with software updates. I really wouldn't have too much trouble with this as long as they don't try to push EULA changes along with the update.
Sure, some people might want to turn it off, but by and large I think there would be less damage with it on. I rarely meet a person who even knows what MS Update *is* let alone have used it.
I wonder how well this would work on dialup though? It seems like the world is really leaving dialup folks behind. I have cable myself but know a lot of people on dialup either because high speed is not available to them or because they really don't need a fulltime connection, and are getting by just fine on a $5/month dialup plan.
MSBlaster wasn't an embarrasment for MS, but for the lazy sysadmins who, with a month's prior notice and the patch to fix it, were still hobbled by the bug. If people who are in charge of systems and security spent more time patching and paying ATTENTION to things like Bugtraq and less time complaining about MS the world would be safer.
How is this bug more of a bummer than how gnuftp was compromised and potentially more damaging? Oh, don't hear people moaning about that on here now do you...?
The tale is telling, is it not?
"I have always been a fierce enemy of the Microsoft update feature, because I just don't like the idea of someone else -- particularly Microsoft -- controlling my system," said Bruce Schneier, co-founder of Counterpane Internet Security Inc. "Now, I think it's great, because it gets the updates out to the non-technically savvy masses, and that's the majority of Internet users. Security is a trade-off, to be sure, but this is one trade-off that's worthwhile."
And that concludes our evaluation of Counterpane's security consulting services. Have a nice day. Don't let the door hit you on the way out, Bruce.
Edith Keeler Must Die
1) WindowsUpdate needs to become MicrosoftUpdate. This would scan and offer patches for all MS software (OS, Exchange, SQL, IIS, Office, Visual Studio, ....). Also extend SUS to do the same.
...
2) Critical Update notification should be done the way OSX does it (with a little configging) -- instead of a tiny little innocuos icon in the system tray, put an obnoxious pop-up in the middle of the screen, with a big "Go Ahead and Install" button, with lots of skull & cross-bone icons.
3) Create patches using their own packaging structure: MSI. This allows for much simpler deployment and management, via Active Directory. No need to pay for SMS simply for patch deployment.
4) Supply MUCH MORE documentation to end users, discussing the importance of keeping one's machine patched.
5) Stop producing such buggy software! =}8v)
Just my $0.02
10b||~10b -- aah, what a question!
Microsoft is also considering whether to make the Auto Update mandatory earlier, through an interim upgrade known as a service pack.
This is a huge mistake. Talk about a support nightmare. I recently spent several hours trying to find out why my machine was freezing intermittently, only to find that Update 811493 was to blame. I uninstalled it and everything worked perfectly-- if they make it mandatory, and have a similiar problem what do we do? (Switch to Mac or Linux, right?)
For the record, there's still no way to tell Microsoft I NEVER want this update. If I use "auto update" at all it downloads it and wants to install. So, now I'm stuck using manual update or my machine might freeze up again.
Just great.
if (company_trusts_microsoft_code())
{
use_windows_OS();
allow_auto_updates();
}
else
use_some_other_OS();
/*
junk code
bitch();
moan();
flail_arms_wildly();
*/
Banu
Circa Windows 2000, service pack 3.
By default, this already happens.
The story here is that Microsoft backed off when privacy groups thought this was a crummy idea (especially with the EULA of SP3 and XP SP1, big-brother visions abound).
Now they are saying they'd consider giving you more control over this, and to, by default, accept security-relevant patches in this manner by default.
Also, (big item), they'll ship the machines with the firewall enabled. That alone is probably the best idea they've adopted under recent community pressure.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
* Check for warez/serialz -- disable them and alert the vendors. Vendors can subscribe to "MS Auto Alert" program.
* Check for downloaded MP3s (from a database of known MD5s) -- disable them and alert the record distributors. RIAA can subscribe to "MS Locked Tunes" for service.
* Check for P2P programs -- disable them and alert local gov't authorities. Gov'ts can give big grants to MS for this as part of their "Anti-Terror-and-Pro-Business-Computers" bill.
* Check for web/ftp/irc servers -- disable them and alert ISP as to uploading violations. ISPs can join the "MSN One-Stream" network.
* Check for NAT -- diable and notify ISP... part of the push towards "MS-IPv6-PLUS!"
* Check for competitors' products (DRDOS, Java, Mozilla, OpenOffice, etc) -- disable them and alert user that their software was incompatable with the latest service pack. This one is free for end-users!
Anyone remember NT4 Service Pack 6? The first one? The one that broke tcp/ip?
I'm not sure who these customers are that want this...but to me this amounts to saying "our customers are lazy and stupid". Maybe I'm trolling, but...the "kinds of threats" that are out there are caused by microsoft writing vulnerable code in the first place! Sure everyone has bugs, but maybe, just maybe, they'll write a buggy patch too! I don't see how anyone could even be considering this as the default. If these people want microsoft to automatically update their computer...they can turn it on right now!
I know you hear this a lot here, but people need to either
a) have a working knowledge of their computer/operating system, including how to maintain it.
b) have their computer regularly maintained by another live human being.
This isn't that hard. People have this perception of computers as the same as their television or washing machine in terms of support - don't touch it unless it's obviously unusably broken. They don't work that way, they're much closer to cars. Sure, some people don't maintain their cars either, but those people aren't in the majority.
I'm rambling at this point, but really this is a disaster waiting to happen. What, are we going to end up testing EULAS in court finally when microsoft breaks ten million computers automagically and then says "well, you clicked the agreement"? I guess that could be agreeable. Please, I know most people here know what they're doing with their computers, but this problem is not just caused by microsoft. Educate everyone you know about the needs for computer mainenence! Make them pay you, I don't care, do something. Of course, the stupid IT department here got the worm too, so maybe it's completely hopeless.
This is a bad idea on soooo many levels
First of all is their patches. They sure as hell aren't 100%. So one day your favorite program might work, and the next day it might not. All wihtout you doing anything. This is why businesses take a while to evaluate patches.
Secondly, what if there is an exploitable bug(and there will be at least one). Every windows machine out there might be downloading viruses instead of updates. If someone were to reverse engineer the network interface, and hack a couple DNS servers, they could have all those users downloading whatever they wanted, even illegal things, or viruses, hacks, anything.
Plus there's the privacy issues. I konw that right now windowsupdate could send MS anything anyway, but if we all expect it to update any time it wants, we have no controls at all on our system, MS could send an update to lock you out of your own system if they suspect you of something, or just for the hell of it.
While I don't expect this to actually go through, its important to be wary of just how abusive such a system could be.
P.S. I, for one, welcome our new windowsupdate.microsoft.com masters.
From the article:
"The company is 'looking very seriously' at requiring future versions of Windows to accept automatic software fixes unless the user specifically refuses to receive them..."
So yes you can "at least press Ok first." Although I'm sure CmdrTaco has nothing to worry about, since he doesn't run Windows any more, which I suppose is why he didn't read the article.
Personally, I think that this would probably be a responsible move on their part (and Bruce Schneier apparently agrees with me). I especially like the fact that they're going to start shipping Windows with the firewall enabled. As far as I'm concerned, no one should be worried as long as you can disable automatic updates and disable the firewall (though I think they should make it slightly non-obvious how to do so, so that the people this is intended to benefit won't turn it off). After all, you don't leave Windows exactly as it comes off the CD, do you? Hopefully, you'll also be able to create corporate install CDs with these features disabled if need be.
There are only two things that concern me:
1. Broken patches: What if, as has happened in the past, an update breaks the auto-update mechanism? Then they'll be pretty well stuffed. I'm not sure what to say about that other than "don't do that."
2. Dial-up users: As the article mentions, SP1a is big. Really big. I mean, you might think that the OpenOffice download is big, but that's just peanuts compared to...right. However, that was a combination of many small patches, and just like many other things in life, if people had updated incrementally as they should have, they wouldn't have a need for a giant update. Hopefully, MS will be able to keep the patch size down, and we can watch 2003 to see if they can keep the frequency down as well.
(Yes, I now have to care about Microsoft products again, which is annoying, but I might as well make the best of it).
WMBC freeform/independent online radio.
Let's assume for a moment that everyone's fine with Microsoft deciding you need to patch your system. Your home machine downloads the patch and installs it and your machine reboots - you're patched.
Those of us that work as sysadmins/netadmins/DBAs at various companies know that when Microsoft puts a patch out on Windows Update, it's not necessarily tested out to completion. That's part of why patches take so long to proliferate - dependable administrators test them in-house, instead of depending on MS's testers. Let's face it...if Microsofts Quality Assurance team were so sharp (or listened to - it can't ALL be their fault), many of the after-the-fact patches wouldn't be necessary.
Is Microsoft going to take responsibility for auto-installed patches that a) don't work b) make situations worse? Or are they going to take the stance of "The user could've refused our auto-install, but they didn't - they knew the risks."
We all know how hard it can be to opt-out of spam - how difficult will Microsoft make it to opt-out of auto-installed patches...and for those of us that can't/don't, how sure are we that it won't make things worse?
Actually, it's quite good. You'll note that it's emulating only the X11 libraries, really even only the X11 server itself. The slowdown of having X apps pass through that layer also occurs on Linux, *BSD, or any other OS. KDE and GNOME may be open standards, but they're not as nice-looking as Aqua, and the WindowServer that runs Apple's windowing system, is, AFAIK, part of Darwin, and thus open.
Darwin is not a kernel, Mach is the kernel. You'll note that it's the same micro-kernel that GNU Hurd uses, and if Hurd isn't Unix, what is (nowadays)? Darwin may be based on FreeBSD, but the kernel is Mach, which isn't. Also, you seem to be overlooking that most Linux programs are compiled for Intel processors, not PowerPCs. Thus, they wouldn't run anyways. However, most do compile with little or no modification. Netinfo is never used directly. Requests are handeled by lookupd, which uses Netinfo, but searches flat files (/etc/passwd, /etc/hosts, etc.) first. Netinfo also allows networks that share common printers, hosts, network configuration, users, mounts, etc. to be constructed easily. Unlike the registry, Netinfo is documented, and has manipulation utilities, for both the command line and the GUI. And, it's never gotten fscked up (for me.) Mac hardware may be expensive, but- it's better. Even the Linux people who use Linux on Macs agree it's faster, better, etc. on a Mac. Macs are more durable, featureful, more standard, and "just work" more and don't work less.
Okay, find music for that cheap on Linux (while still supporting the artisit. It's hard. The music industries wouldn't stand for a service without DRM, and you'll note Apple is pretty darn nice. Unlimited CD burns (but no more that 10 for the same playlist), 3 computers, unlimited iPods. Plus, AACs are MPEG-4, which is darn good quality, and darn small file size. I would never use Windoze, and always like Linux. But for me, Mac OS X is a great UNIX, and is all I need it to be.
It would seem youhaven't taken a close enough look at Mac OS X.
Moderators: Mod me down troll all you want, but mod the parent down troll as well.I have several people who use a web based service from my company that runs on Windows 2000 Server. I check for patches daily and install them as soon as I do a full backup (in case it shits out the whole system).
My users kept calling saying "You have that Blaster Worm on your system because every time I try to connect my computer dies!". So I explain to them my systems have been patched for that exploit for over a month and I have run all the proper testing software to verify. I then ask if they have AntiVirus software installed and their reply is "I don't know.". Lol, I don't know, so it must me my server! I immediately tell them to invest in a copy of Norton Antivirus and Norton Firewall.
Ah, the world of windows.
The funny thing is if these same people were running linux they would be logged in as root and still execute whatever script someone sent them. I'm not too sure Linux would be any more secure than Windows because in windows you can also run as just a User. However, when doing that a significant number of poorly designed programs will not work.
What's likely to happen? Microsoft will screw up a few times, to great embarrasment, then they will by economic necessity learn how to make reliable patches. After all, their only alternative is the greater embarrasment of rampant worms and viruses. The rest of the industry (including free software) will see that it is possible, and be pressured to do the same. It may be rocky for a while, but the end result is that millions of naive users will have reasonably secury systems. This is a huge improvement over today.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
well, technically you give permission when
i agree that not knowing what's getting put on your machine is irksome, but this idea has sprung from two problems that everyone here is very aware of:
now, having said that, i hate the idea on principle... but i can understand why redmond thinks it's a good idea. they're taking a beating in the press over security and they've determined that the real problem (rightly or wrongly) is the end user - so now they have a "solution"
2 1337 4 u!
Idiot proof everything, like the way the standard RedHat install sets up all basic command line functions to be verbose by default. And then as you learn more about what you're doing you can set these preferences to something else.
Don't forget, people, in general, hate to A) Read and B) Learn
Then, as the user becomes more proficient, s/he can set things up the way they like.
Think about it, if you don't know enough about something to know how to turn it on or off, do you really think you should be able to choose if it's on or off?
"Whadda'ya watchin'?"
"Angry Monkey."
"That HORRIBLE monkey."
but i can understand why redmond thinks it's a good idea. they're taking a beating in the press over security and they've determined that the real problem (rightly or wrongly) is the end user - so now they have a "solution"
I don't want to stick up for MS or anything but the problem is the user. If there is a patch availiable and the user doesn't install it then it is the user's fault (even if the user is ignorant).
The way I see it there are two obvious solutions...
1. Force the update on people.
2. People should have to have a licence to own a computer and take a test so that they understand security issues. Now I realise that sounds a little extreme but if you take into account the the cost in bussiness that worms cause then it might be a good idea. It would certainly get rid of the ignorance defense.
I'm sure these customers didn't know they had a problem with their PCs. That was the first fact that caused the worm to be a problem. The fact that the computers weren't patched was secondary. Instead of pushing the patches, why not be more aggressive about notifying customers, and giving us better tools to patch and scan? Asking millions of users to pull updates ALL THE TIME, or turn on an automatic pull where there are only 3 configuration options is a real lack of choice. There are lots of things in between that can be tried. If I were a home XP user, and I saw a notification, "Message from Microsoft Security: Due to a problem recently found in WinXP, You are at high risk of being hit with an intrusive virus or worm. Here is a web site with details. Here is a 1-800 number with details. To correct the problem now, press Ok." Supposing MS did give home users this easy to use scan, notify, patch utility, the only reason they would not use it is if the EULA were too scary. This is easy to fix. Put a big splash screen with "Absolutely no Information is gathered and Sent to Microsoft. To see how this tool works, click here. Microsoft will never change this policy without your consent. (Like we did with WindowsUpdate)" We shouldn't have to wait long to see an analysis of Blaster, but I am going to guess that the majority of infection vectors came from business or academic Win2000 installations. WinXP systems crashed so much, they weren't efficiently spreading the worm. So corporate tools to fill this middle ground need to be improved. The hard to learn and use tools like IIS lockdown, hfncheck, etc need to be seriously overhauled. At work, I would love to have a non-web-based WindowsUpdate SCANNER, and a separate PATCHER. They'd be easy to use with a GUI, but also have command line options so they could be used in scripts. (SUS isn't what I'm talking about, because it is browser based, and the process is still a pull. The only way you can push an important update is to go to each server, or set the servers auto-pull frequency really high) I also wonder if MS is afraid that making system maintenance too easy might cut in to their SMS server sales?
Clearly the technology's simplicity is oversold. "Anyone can use it!" Hey, how about some intelligence/knowledge requirements for voting? Right now, just anyone can vote.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
What I find really odd is that we threat computers so differently from the real world. If a real product is found to have a defect then a recall notice is published in all major newspapers (in europe don't know about rest of world) and you can return the faulty product for either a replacement or your money back.
Granted if software companies had to do it this way they would all have gone bust. Or maybe they would invest in real testing. Real testing is not to see if something works but to see if you can break it. When I hear excuses like people using the product wrong as an explantion for bugs I get pissed off. You are not supposed to bite the nose of a teddy bear and then swallow it. Nonetheless this is exactly what is tested against. A product should be safe to use or clearly labelled to indicate who it shouldn't be used by.
I think it says it all that unlike almost everything we buy in the netherlands, software is not tested by a goverment/indepedent organisation. Everything else is. Clothes, cars, books, movies, toys, furniture, food etc etc. But software and hardware are not.
Think this is a strange notion to test software by a central organisation? This what all the consoles do for their software. Oh and please don't mention MS certification, this are just logos you can buy.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
SP 6 broke Lotus Notes servers thus 6a came out.
Even worse, SP 2 installed over a network failed. Failed badly. It did something horrible to the ntfs.sys file IIRC. This meant that the box would blue screen on boot and be irrecoverable if you had an NTFS partition.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
If I have to reboot my servers every time a major bug hits (3 times/year) for 5 minutes, that's bad enough. (99.9971% availability) If I have to reboot the servers every week, now we're down to 99.95% uptime.
This, of course, doesn't count downtime or technical support issues caused by workstations missing their server connections, or the patches that didn't happen in time, or any of the various other factors that help kill capitalism, and endanger our National Security.
--Mike--
If 90% of the consumers cant drive the new CarX is the fault in the consumers or in the car?
If 90% of the users don't know how to make a call in their new cell phone is the fault in the users or in the cellphone?
If 99.99% of the users cant read a book written in latin should we:
a) Translate the book
b) Teach everyone latin
Only people who would even consider option b are computer engineers.
If you don't like the fact that most people are ignorant about inner life of computers? Go back to BBSes. Oh wait, they dont have the content, the people, the cheap connectivity? Has it occured to you that those exist because internet is full of people! You cant have it both ways.
If companies think being on the internet is dangerous who forces them to put critical services there? Maybe they are there because the gains outweight the benefits?
And before you throw in the facts about traffic laws... Majority of drivers are in favor of some sort of laws existing, I'd even bet that they support the majority of the current laws. What you'd want is a law supported by the few, benefitting the few, paid by the majority (in work hours wasted studying computer security).
I guess it depends on what you're calling a defect. If someone comes along and pours sugar into your gas tank your car won't keep running right. Is that a recallable defect?
If someone sends a particularly malformed request to a process on your machine it won't run right. Is that a recallable defect?
I'd say no in both cases.
1. Microsoft releases a patch a month before a virus hits.
2. People do not install the patch.
3. The virus hits affecting thousands of machines.
4. Microsoft comes under heavy criticism.
5. Seeing that a lot of people won't install patches manually, they look into automatic updates so that they can avoid wide-spread virus infections in the future.
Seems like MS is in a catch 22. People will criticize them for having manual patches available or for automatic updates. It seems like they would have to create the world's first flawless OS for everyone to be happy.
All OS's require security patches at some time or another. It just so happens that Windows has such a large customer base that their viri have a wide-spread effect while viri for another OS might not be as major. So I ask, what can MS do realistically to announce and distribute security patches?
"Oh dear, she's stuck in an infinite loop and he's an idiot" -Prof. Farnsworth (Futurama)
If the software update is a new version of Windows Messenger or iTunes, users should be able to say no. But what if the update prevents your computer from attacking other machines? Maybe your right to ignore software updates ends when your PC attacks my network!
At some point, we're going to have to make security updates mandatory. They would be downloaded and installed automatically, whether the user wants them or not.
The user might be able to say, "Not right now," but should not be permitted to reject security updates altogether. After a reasonable period of time, the system could be programmed to prevent all network access except to get the security update.
I'm not entirely comfortable with this idea, but I suspect that's where we're headed. I have no doubt that Microsoft will introduce something like this in the next XP service pack (or sooner).
Here's what's needed to make such a system succeed:
- Version 3.0 Quality
- No Tricks!
- Updates For All
- CD Distribution
I don't have much confidence in Microsoft's ability or desire to make a system that works this way, but I think that's what is needed.Most users and sysadmins have been burned at least once by beta-quality patches that do more harm than good. Every "Security Update" should be thoroughly tested before it's released. If a crisis makes a quick-and-dirty security fix necessary, a high quality fix should follow ASAP.
Any mandatory update system will fail if the updates are perceived to be unnecessary, unreliable or self-serving for the OS vendor.
In the past, Microsoft has used the Windows Update system to force unwanted Microsoft software on users. (If I remember correctly, IE6 was released as a "Critical Update" to IE5.) No more.
Also, system updates must be kept separate from application updates. (i.e. Disabled versions of Messenger should not mysteriously reappear after a system update.)
If one machine is insecure, we're all insecure. If Microsoft adds a security update system to Windows XP (or introduces this as a feature in "Longhorn"), a compatible system must be made available for older systems, including (at least) Windows 2000, Win98 and WinMe.
Although software downloads are relatively cheap and convenient for the OS vendor and for high-speed Internet users, dial-up users should be able to get the latest software updates on CD promptly, for a nominal fee.
Maybe there's a viable alternative to mandatory security updates, but I don't see one. Clearly, the current system doesn't work, and it's costing us all time and money.
And as my father, a mechanic, will tell you, most people do not check the oil, coolant, power steering fluid, tire pressure, etc. The more careful ones bring in the car if it makes a funny noise long enough. Many people only think about the car when it won't run anymore. Putting gas in the car is pretty much the only thing "end-users" do reliably, and even that doesn't happen often enough sometimes (did you know that it's better for your car to not allow it to get below 1/4 tank, because then junk on the bottom of the fuel tank gets sucked into the engine?)
The frightening bit is that my mom, a Physician's Assistant, will tell you the same thing about people and their bodies. She gets in all sorts of cases where people have had horrible things wrong with them and haven't bothered to come in for a week, or the guy who drank 3 40-oz. beers a night, and his main concern was wondering why he had to wake up to go to the bathroom so often.
(as for dishwashers, most of them require you to at least scrape your plate before you put it in, and my father, having cleared out a dishwasher that pretended you didn't have to do that, will tell you that they ALL require this.)
WMBC freeform/independent online radio.
What a *retarded* idea. Windows XP has automatic updates turned on by default, so there isnt much difference.
;)
Ok, I can see the logic in making Windows Update fully transparent (and for the majority of users, this would be a good idea).
Regardless, for users like me running on a 56k connection, downloading a couple of meg worth of useless patches, this is *not* an option. My firewall is a better preventative measure than patches upon patches, so i'd rather not bother.
And if the "functionality" is put in anyway? Well, there will be cracks - hey, my firewall will probably block it anyways
Of course, its all the more reason to convert to linux.