Slashdot Mirror
Microsoft Security Updates for Pirated Windows?
zachlipton writes "DSL Reports has an interesting question posted: should users with pirated copies of Windows be allowed to download security updates, such as for Sasser? Apparently, without a valid CD key, users cannot download these updates. Do they get what they deserve, or should they be allowed these updates through Windows Update in order to reduce the impact of these worms on the rest of the net? Should security updates only for worms be made available to pirated users, or also updates for issues that while not posing a risk to other internet users, would open the pirate up to a security hole?"
Bull. I update my pirate copies of XP all of the time.
I've seen several "corporate" XP cds floating around, as well as some beta versions which contain all XP functionality once patched through Windows Update.
Microsoft disables some CD keys already which are known to be pirated, but I wonder how many valid corporate group cd key installations there are which have been pirated. In that case, it really wouldn't be feasible for MS to disable that cd key, as it would disable that entire company, etc.
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal
XP and Longhorn-beta are special that way. Most other packages (2000 included) have generic MSDN keys.
I write code.
The latest build( released in the last 4 days ) of the xp service pack2 beta, blocks a whole range of keys. People who have been using the corporate version of xp, using a keygen will find it will find it needs activating when the apply service pack 2.
The keygen(a very very very popular one) generates product keys in the range 640-645. SP2 turns activation back on when it detects this.
I'm pretty sure that most copies of pirated XP floating around (the keyless corporate versions) will let users install everything but service packs. I don't know a lick about international piracy, but I imagine it's the same software.
I downloaded the patch to Win XP against Sasser, and it never even asked me for a CD key. (Which, given that I don't know where mine has gotten to now, is a good thing.)
Editor Emeritus and Senior Writer, TeleRead.org
They can still download security updates from download area. You don't have to use windowsupdate.com to get updates. Go to technical bulletins, select one that you want to patch, download stand-alone fix.
MSDOS: 20+ years without remote hole in the default install
Even better than that is "Reset5". Updates are allowed for unactivated XP installs that are still in the first 30 days. Reset5 is a little service that runs at startup and magically keeps that 30 day grace period timer set at 30 days. This is actually more than just a handy tool for pirates. I personally use it on my legitimate copy of XP Pro because the stupid piece of crap DE-ACTIVATES ITSELF if I change more than a couple pieces of hardware (something I do with remarkable frequency).
If a job's not worth doing, it's not worth doing right.
Go to the Microsoft download center. Use the Microsoft Network Security Hotfix Checker Tool
Or better yet, use the Microsoft Security Baseline Analyzer Tool which includes Hfnetchk.exe.
Windows Update actually deletes downloaded updates once they're installed. You can try to retrieve them before they're installed. But it's easier to just download them from the download center. That way you can qchain 'em if you do a reinstall.
http://www.microsoft.com/technet/security/tools/mb sahome.mspx
"I'm Feeling Lucky", even.
Since when is it their responsibility?
Since they started distributing software that interferes with the stability of everyone else's networks, of course.
If you're a zombie and you know it, bite your friend!
Corporate versions are easy to find. I use one at work constantly. Although we have a valid license for every system (who knows when the BSA may come knocking), I keep it for upgrades to the systems or re-installs. Wasting my time for 1/2 hour to get a new registration number is just not productive.
Funny thing about that: although Microsoft claims that they will allow 2 (or 3??) automatic registrations over the 'net without calling, I have found that not to be the case. Since XP was released, reg process for win2k or office2k always reports server down or too busy and then I must call. I haven't gotten any flack from the flunkies passing out reg numbers, but the 1/2 hour wasted is a pain. Microsoft has forced me to pirate a copy of their software to use valid licenses.
I'd like to point out to everybody that this is a moot point. You CAN get the update regardless of version a regardless of whether you have pirated your copy of XP. Just see: this to download the appropriate version of the update.
Who modded this flamebait tripe as "insightful"?
Perhaps you were ignorant of the fact, but:
- according to the Business Software Alliance.Won't work... the keys on preinstalled windows are OEM keys. They won't work on a copy of windows that you install from a retail disk, or indeed, install at all. They only work with "restore discs" from your manufacturer.
You've never been to Asia, apparently. I've talked to several people who have been there, and they were just amazed. There are stores operating openly in malls there that carry NOTHING but pirated software and music. They say everything's a buck a disc. You want The Matrix DVD? $1. Microsoft Office? $1. A music CD? $1.
I've seen articles where they interviewed shop owners, and they just didn't understand what the problem was. They considered the *DISCS* to be the product, not the content, and said they didn't understand, they bought the discs for x, they sell them for x*2, they're doing nothing wrong, what's the problem?
Another friend said it's about the same in Russia, though less open. For about $15, you can buy a CD pack containing Windows, Office, and a selection of games and stuff. Even when someone has the legitimate software, they sometimes use the "pirate pack" because the pirates take the time to have the properly localized versions of everything already set up. I think the Russians know that what they're doing isn't considered "right" though.
Certainly there are big pirating operations everywhere, but in some countries, pirating is the norm, and nobody thinks twice about it.
My textbook says, "In one form of dumping, a company sells products abroad at prices below its cost of production. In another, a company exports a large quantity of a product at a lower price than the same product in the home market and drives down the price of the domestic product." (Contemporary Business, 11e). Dumping is an illegal pratice. Of course, that's never stopped Microsoft before. They come from the school that believes laws are just "guidlines" and use their huge cash reserves to pay off any indiscretions.
-1, Clueless.
That isn't a point of contention, read at *least* the summary before going off the handle. This is not about security updates for the benefit of the pirate end user, but the impact of having pirate end users incapable of getting security updates propogating worms that make the rest of the good community suffer.
On remote-exploit security updates, now that I see this circumstance, I think they should apply no matter what. Now feature enhancements and reliability fixes for the end user, those should be denied. Those fixes not being applied are far more annoying to the typical end user anyway, so MS would improve the community by fixing even the pirate systems in the ways that impact the community, but keep things hard for the pirate users by leaving their system extra buggy (even above and beyond the normal Windows experience).
XML is like violence. If it doesn't solve the problem, use more.
I wiped the XP offering from this box too (with Debian). So here's my useless key for you to enjoy:
XVJW8-DB93F-2R2XD-XGB3D-3788D
To illustrate how crap things have become with preinstalled doze, my Sony didn't even come with a CD!
Okay, here, I'll slow it down a bit for those that don't grok the problems here...
Say I want to test a piece of software with 10 PC's simultaneously for 3 months without reformatting them. That's fine by the license - just activate each and go for it.
Now say I get two new machines in with completely different hardware that is supposedly having an incompatibility with the product. I remove XP on two of the old machines that have proven to work well with the product and do a format, then send them off to IT to be used for whatever. The licensed software has been removed - you'd think one could install it on the two new machines now and run for three more months without problems, yes? No, because of the stupid activation limitations. That's scenario 1.
Now, howabout a situation where there are 2 developers, each with his own MSDN license. Both are working on a single project, but their testing needs are different. Developer A needs to do a lot of different OS/configuration testing, but the actual hardware doesn't matter that much - let's say he's the apps guy. Developer B needs to test on every variation of hardware he can possibly get his hands on, because he's the driver guy working on a USB device. Because of the large variety of USB implementations out there (many of which are flawed in their own special way), he really needs to do hard-core, long term testing on several different machines. So, Developer A and Developer B pool their resources - both are working on the same project within a single room, so it makes sense that they should be able to do that. A gets 5 machines, B gets 15.
Now, combine the two situations and add more developers over a longer period of time. What you have now is a clusterfuck. Despite the fact that your team has legitimately purchased enough licenses to run on all the machines they have at any one time, you now have a definite possibility of a license shortage and you're forced to keep a list of all of the developer keys with tallies on how many times each has been used so you'll have known keys available when it comes time to remove old/broken/obsoleted test machines and bring in new ones.
Now, to add another issue in the mix - if you renew your subscription, you keep the same key and don't get additional reinstalls. So, either you beg your representative to refresh your key or give you a new one, or you're even more limited on test machines unless you cancel your MSDN subscription and buy a new one - getting 10 more installs in the process.
Got it?
I write code.
It's actually a little more complicated - at one time (I don't know if this is still true), EVERY major OEM and most minor ones had Windows OEM licenses. The agreement for that license (which got you Windows priced cheap enough to be competetive) required that you pay MS for every PC you sold, whether Windows was shipped with it or not. Therefore, the price for pretty much every PC you could buy included the price for an OEM copy of Windows. THAT was the "Windows Tax" and it was an issue in the antitrust case.
There was anther (or this may be the same one you're thinking of) involving adobe, where a company bought bundles of Adobe software, cut them open and resold the individual titles. Adobe got pissed off and sued, but the court decided that right of first sale and lack of a formal agreement basically meant that Adobes EULA didn't apply. This was in a CA district court, not federal.