Slashdot Mirror
Microsoft Security Updates for Pirated Windows?
zachlipton writes "DSL Reports has an interesting question posted: should users with pirated copies of Windows be allowed to download security updates, such as for Sasser? Apparently, without a valid CD key, users cannot download these updates. Do they get what they deserve, or should they be allowed these updates through Windows Update in order to reduce the impact of these worms on the rest of the net? Should security updates only for worms be made available to pirated users, or also updates for issues that while not posing a risk to other internet users, would open the pirate up to a security hole?"
I am pretty sure MSDN version of windows XP don't have activation keys and such. Does that mean they can't upgrade?
Pirates should get updates as much as they get support from any other product they stole: Zero.
Want software without paying for it? Use Free Software. Theres heaps of it.
If they can pirate the operating system, why can't they just pirate the patches too?
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
Whatever they decide will no doubt be best for everyone. Afterall, they have the resources to really look into the questions while all we can do is speculate.
If they cant download the updates, and havoc is all the more extreme because of poor MS coding, it only shines a brighter light on alternative operating systems.
Ive been saying forever that the year MS perfects its anti-piracy technique really WILL BE the year of the linux desktop, and this (at least in my eyes) is a step closer to that.
the EULA attached to the security patches, even when you are legitimate owner of a copy of Windows!
Bull. I update my pirate copies of XP all of the time.
Its microsofts perogotive, theyre not in any way required to support pirated versions of their software, and why should they bother. On the other hand, these worms negativly effect everyone. Although if your smart enough to pirate windows (there are some tricks joe sixpack wouldn't know right away) you should be savy enough to get a keygen of kazza or something. Not that thats how i got XP SP1 or anything...
"Sic Semper Tyrannosaurus Rex."
Not saying I pirate windows or anything of the sort. But jsut because they dont get patches doesnt mean they wont pirate. It just means that when worms come out, it will be that much worse. Pirates tend to be a lil smarter, and actually keep their systems up to date.
I would hate to see sasser or code red hit the large percetage of people that pirate, and CANT patch. Internet go byebye!
snowulf.com
I've seen several "corporate" XP cds floating around, as well as some beta versions which contain all XP functionality once patched through Windows Update.
Microsoft disables some CD keys already which are known to be pirated, but I wonder how many valid corporate group cd key installations there are which have been pirated. In that case, it really wouldn't be feasible for MS to disable that cd key, as it would disable that entire company, etc.
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal
It is fundamentally a companies sole responsibility to ensure that any flaws within its products are fixed. By using their own mistakes as a punishment for people who pirate that are propagating flawed copies of their software. Microsoft should allow any user of their products regardless of if they have a right to it to have updates. They can fight piracy in more responsible and effective ways, for there are other people who use the network.
Why should it have to pay for the bandwidth to support pirated copies? There is no benefit to them.
Most if not all infected Sasser users around here had legit but hadn't bothered to update. Real crackers use the corporate version of Windows that apparently doesn't require a CD key for updates.
Trollem mirabilem hanc subnotationis exigiutas non caperet
Support is Free ... duh, not like they have to pay for all that bandwidth or anything. They may be able to afford it, but why would any company (ala: Redhat) be forced to maintain something that wasn't purchased? All real property vs intellectual property ideals aside, that's like blaming Ford that your stolen car can't be serviced.
I have been of the oppinion that App level firewalls at the ISP level (hell even port blocking during worm-storms) is a necessary function. During the Nachi outbreak ISPs were killing ICMP just because of the sheer mass of pings flying around were bring down gear.
At the very least, ISPs should be responsible for the prevention of outbound malicious traffic, automated or manual (aka: crackers, kiddies etc.)
When they knowingly ignore the traffic traversing their network and wreaking havoc on others, I am always disgusted.
Not that my shit don't stink, but if I got a line spewing worm, it gets pulled till it's clean. Thank goodness for the public sector.
It's probably in everyone's interest to give out patches to all, even those that Micro$oft knows are illegal copies, as it probably impacts the spread of viruses such as Sasser more than it does their pocketbook.
no.
Uhhh, you can still download updates with a pirated version of Windows Xp. There are many programs that anyone can easily download, that will generate, and put to use a new serial number that will allow you to use Windows Update.
Company profits vs. general good of the internet. I really wonder which one they'll choose.
(note that I left out writing better software)
SecondPageMedia - Wha
Maybe it's something you could get used to.
Frank: Hey Bob, could I burn a CD on your computer?
Bob: Yeah sure.
Frank: Uhh. It says it's going to shut down in 60 seconds.
Bob: Yep. Gotta work fast.
Give people more incentive to use linux instead of a pirated copy of XP.
The latest build( released in the last 4 days ) of the xp service pack2 beta, blocks a whole range of keys. People who have been using the corporate version of xp, using a keygen will find it will find it needs activating when the apply service pack 2.
The keygen(a very very very popular one) generates product keys in the range 640-645. SP2 turns activation back on when it detects this.
We need to create an environment where piracy is looked down upon, not encouraged. Giving them updates is simply encouraging pirate behavior.
If an infected machine becomes such a problem that they're affecting other people, ISP's should simply revoke a users access until they upgrade to the latest patches and remove the virus. A pirated version of Windows wouldn't be able to get the updates and therefore would probably keep on getting the virus, costing them a great deal of inconvience every time their internet is shut off. Not to mention the knowledge that thier machine is going to be swamped with viruses and that their computer will be completely insecure.
The best way to get rid of pirates is to make the cost of pirating greater than the cost of buying the software (or finding a legit alternative).
The simple answer is yes.
For the common good of the internet, as well as for the sake of protecting Microsoft's already spotty image, they should be allowed to download hotfixes... after all, they wouldn't need them if Micrsoft had done it right in the first place.
The corporate answer is no.
They didn't pay for the software and are therefore ineligible for updates.
My opinion?
For the common good, Windows should go away. But until then, everyone running it, legally or not, needs to have access to emergency patches and fixes.
-- This sig for rent.
I'm pretty sure that most copies of pirated XP floating around (the keyless corporate versions) will let users install everything but service packs. I don't know a lick about international piracy, but I imagine it's the same software.
I downloaded the patch to Win XP against Sasser, and it never even asked me for a CD key. (Which, given that I don't know where mine has gotten to now, is a good thing.)
Editor Emeritus and Senior Writer, TeleRead.org
Of course the initial response is to think that those who have pirated copies must not receive updates.
As with all things though it's seldom that simple.
When a company such as Microsoft gain a significant share of the market (yes... monopoly), then the damage that saying no could be could actually threaten the stability of that society were their software to fail sigificantly.
i.e. If machines cannot be patched with at least the bare security updates, and those machines then assist in the even wider propagation of a virus or worm such that it affects the infrastructure of the Internet as a more general thing.
Then in those cases, would it not have been a civic duty upon the company to protect the wider Internet and society (of their original shortcomings in allowing the vunerability to exist) regardless.
So I'm more of the opinion that No should be the answer for all bells and whistles things... such as Media Player. But that all security patches should be installed on every machine possible... regardless of whether that is a machine without a legit key or not.
Interesetingly, this is probably opposite Microsofts view. As to be able to manipulate market forces they need critical mass in areas suh as Media Player. So I think from their perspective they would probably wish to allow the whistles, but to encourage/force the upgrade to a legal version would probably wish to disallow stability patches (read: security) so that legit systems are more stable.
You don't deserve the software update.
Granted, these people not getting the software updates will cause problems for the rest of us, in that they're propagating some sort of virus.
My solution to that is to shut off the users. If the ISP of this user can prove that the user's PC is infected and sending out the virus, then it should be simple for the ISP to say, "patch it, or we're shutting you down".
I'm not really fond of ISPs snooping in on my traffic to determine whether or not to cut me off, so they should base it on a complaint system - if somebody complains that you're spreading the virus, then the ISP investigates (I recall lots of people with logs of Code Red attacks). If they find proof that you're spreading the virus, then you're forced to patch, or if you can't, you're shut down.
Extreme, perhaps, but the only way that people will properly maintain their machines.
-- Joe
On the one hand there is piracy. Even if you say it's an advantage for Microsoft because of more dependency, the truth is that it isn't what they want people doing with their product, and it is illegal. If you want the support you should fork over for the product; after all Windows is about as Not-Free-Software as you can get. Perhaps if it wasn't such as widespread, costs to cover piracy would come down, and Windows would be cheaper and thus more easily availible. A rock and a hard place, people will need to buy before they can afford, and the numbers on actual piracy are way out of the realm of possible statistical analysis.
That being said, not getting security updates can cause problems for the Internet as a whole, not to mention for valid Windows users as pirate machines which can't be patched propigate viruses. That is more than just a problem for the people with bootleg'd copies themselves, that causes network congestion and performance problems for valid users as well. I know my Apache logs are still crammed with exploit attempts...
It's a question of responsibility vs. assisting lawbreakers. My (personal, humble) opinion is that Microsoft should allow security patches to all copies of Windows as it defeats expliots and worms/virii much quicker, but as for feature upgrades and bug fixes which are not a security issue, Microsoft should withold those unless the user has a valid serial key. True seriousness about security means defeating the problem for more than just customers, it means providing a better enviroment for everyone. This, I believe, is the root of the problem in the Microsoft attitude, and it's kind of sad that the largest software company on Earth can't see far enough past their bottom line to make such a move.
No one is (or should) ask them to give away anything more than saftey.
CAn'T CompreHend SARcaSm?
.. download the patches form Windows Catalogue? Or do even they not work? What about service packs?
Why are we even discussing this stuff here? There's always going to be a way for people to change their pirate keys, just like there is now in order to install SP1 under XP. So, big deal! charlos
Its microsofts perogotive, theyre not in any way required to support pirated versions of their software, and why should they bother.
Because infected and unpatched instances of their software generally continue to operate for the user while clogging the net with viral traffic, serving as zombies for DDoS attacks and acting as spam forwarders.
This is damaging to legitimate customers of Microsoft's products, users of competitors' products, users of open-source products, and operators of the network infrastructure, as well as the users of unlicenced copies of their product.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
It is called the Microsoft Baseline security analyzer. It will tell you which updates you need to get and even point you to the security bulletin page to download it
did you forget to take your meds?
Say there is an outbreak of a highly contagious disease in your country, which can spread simply by breathing or something. Do you only inoculate your citizens, and skip the illegal immigrants? Only if you want to kill off your population.....
My Favourite Meme
It depends on what you call a "pirated copy of Windows". If you buy a new PC, it's probably preloaded with some version of Windows. At some point, you may decide or need to reinstall Windows, and you may not have the restore cd/dvd handy when that time comes. If you install a cracked version of Windows, same edition as the one you had before, are you a pirate? Nobody's going to steal a copy of Windows XP Home edition when they have the option of choosing any edition they want, unless they already had a legitimate right to use the Home edition and wanted to keep their conscience clean.
/.*[ui]x|.*BSD/ thing everyone's talking about."
And the Microsoft monopoly adds an interesting spin to the issue of piracy. People no longer use Windows because they want to, but because Microsofts tactics have ensured that they'll probably need to. Microsoft is actively attacking legal alternatives to Windows, through investments in litigious bastards, software patents, and false advertising campaigns. They left the realm of capitalism and the free market years ago. They took choice out of the hands of the consumer and now they get free money. I personally respect their IP but it's getting harder and harder to blame Windows pirates these days. All the other pirates can go #### themselves, but stealing Windows is like stealing water from a company that poisoned your well.
Microsoft should definitely be able block updates to pirated copies of Windows if they wish. I think if they do it'll just fuel the switch to alternative operating systems, which their other commercial offerings won't run on. If they're confident that everyone that pirates Windows pirates the rest of their stuff as well, and they don't think giving alternative operating systems a foothold is going to be bad for their future, then they should go ahead.
But if you think about it, the most monopolistic action they could take would be to ALLOW pirated copies of Windows to be updated. It'd slow the adoption of alternative operating systems, and help keep estimates of worm and virus infection rates that so often make the news as low as possible. If the rates of Windows exploitation increases dramatically, people aren't going to think, "Oh, those are mostly just pirates who are being affected," they'll think, "Windows is looking less secure than ever before and look, I just got another dozen virus infected emails over my lunch break, maybe I should try this
I run XP unpatched with no Antivirus and no problems.
You sound like the people in the porn industry who try to justify having sex without condoms.
If you have no antivirus software, how can you be so sure that there are no viruses?
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
This is a public policy issue.
The fact is that piracy levels are there. If updates against these critical security issues are not publically available, then the infected pirated machines are a social nuisance. These people are unlikely to buy a legitimate version anyway.
However, it should stop at critical issues: anything related to bug fixes or performance or reliability issues only available to licensed users.
Look at some of the AV companies: they do provide free disinfectant tools for critical issues: you can download and use these even if you are not the AV customer. However, if you want true AV support, then you do need to buy the product for the licensed updates.
Go to the Microsoft download center. Use the Microsoft Network Security Hotfix Checker Tool
Or better yet, use the Microsoft Security Baseline Analyzer Tool which includes Hfnetchk.exe.
Windows Update actually deletes downloaded updates once they're installed. You can try to retrieve them before they're installed. But it's easier to just download them from the download center. That way you can qchain 'em if you do a reinstall.
I know people with pirated windows, and they download all the security updates, straight frmo microsofts site. MS makes them available to everyone. You just can't get them off windows update. You can still find them by searching through the site the old fashoined way though.
this seem only fair since providing service to pirates will only encourage piracy and shrink their market share. On the other hand since you get value out of not being bombarded with viruses and virus spawned spam you of course are happy to pay this small fee even if you install linux.
what do you think? How much would you pay to get MS to do this?
Some drink at the fountain of knowledge. Others just gargle.
http://www.microsoft.com/technet/security/tools/mb sahome.mspx
"I'm Feeling Lucky", even.
So we have it folks. People on here pretty much saying its Microsofts (oops...sorry...M$) fault for people stealing their software, and somehow they should be made to pay for it. Look, this software is STOLEN. Microsoft owes these thieves nothing.
I have a better idea. Microsoft should set the updates to automatically remove the operating system from anyone who is not a legit user. Not touching the data, just the system files. That way these thieves will not be able to spew forth more worms onto the net. That way they reclaim their stolen property.
I bet you dont start bleating away when a flaw is found in Apache or sshd do you? Oh no...these products have been produced insecurely so they must be made to PAY, must they not? Why dont you bleat about Red Hat not providing support to those not on RHN? These people got a Red Hat product, they should be supported by Red Hat? No, of course not, different rules for FOSS isnt it?
If you have a "valid" corp key for you no Activation corp copy of XP.
.... but I doubt they can stop it totally.
as soon (or slightly before if memory serves?) their was a number of work arounds for the 'keys' m$ disabled with SP1,
I have a large number of 'friends' running XP pro with corp 'keys' and all have been able to use windows update without much difficulty.. other than changing keys for SP1 but no biggie.
of course for the slightly less 'advanced' warez copy users out there they may have difficulties.
As long as all the people in China and other SE Asian countries refuse / can't afford to pay M$ prices for software 'fixes' for m$ anti piracy efforts seem likely to presist. M$ can 'raise the bar' for how much work it is to successfully pirate and then update their os
actually I am happy to see you, however that is in fact a banana in my pocket.
It it's clear that MS has no obligation to support stolen software. If you steal property you should be ready for some kind of problems.
Yet I see that the point is that MS is making a mistake in not giving security fixes to everyone.
Here's why: There will be millions of pirated XP's also in future. They will have trouble in fixing their system. During that period they are harming the network experience of all of us. And they do have a significant effect, because of their huge amount. Finally they find a solution from firewalls or installing other OS's, such as Linux or OS/X !
If 50% of worlds PC's carry pirated XP and 10 % of those will end up in moving to Linux, we will have quite a boost for Linux ! I don't mind that..
If the Microsoft PR machine is smart they'll withhold security updates from pirated copies. Then they can blame the spread of viruses and worms on the evil software pirates who are running the insecure systems.
How many people have valid licenses but don't use valid cd keys? For instance, does Dell give cd keys for their products? Having an invalid cd key does not necesarily mean the product is pirated.
Since when is it their responsibility?
Since they started distributing software that interferes with the stability of everyone else's networks, of course.
If you're a zombie and you know it, bite your friend!
Believe or not, the NT server product key will accept all 1's. I don't know why Microsoft did that, but it seems to contradict anti-piracy tactics. It almost seems intentional. But if you don't believe me, just give a try.
95% of Windows installations here in Latvia are from pirated CD. WindowsUpdate works fine for them. Installing and updating of pirated software is eevryday duty of 95% of IT-people in eastern europe.
So: Would we treat somebody in a hospital because he caught an infectious disease while doing something illegal? Yes. Then, the same should be true for patches.
This question's answer is really quite obvious if you move it into a real-world scenario:
"Should drug users be allowed to receive treatment in a hospital (public or private) even if treatment is due to drug-related illness or injury? Or do they get what they deserve and have to fend for themselves?"
People who pirate do it for a myriad of reasons. How about the poor inner-cities child whose family can barely afford the $299 Wal-Mart PC and has no chance of a retail priced copy of Windows and Office? How about the elderly grandmother whos well-meaning grandson hooked her up with the latest copy of XP Home because it had larger fonts and buttons than her legally licensed copy of 95 did?
Support for Windows should be user agnostic. I've said many many times in the past, someday the laws of this country will recognize that computer professionals need the same legal protection that priests and doctors currently enjoy. People who have computer problems need to know they can get them fixed without worrying about the tech turning around and reporting them to the BSA or DOJ. Otherwise, they will sit on the problem and contribute to a greater harm.
If Microsoft wants to exclude pirates users from receiving assistance, then they should be legally liable for any further or collateral injury that occurs as a result of this...the same way a doctor or nurse would be liable for turning away a mental patient complaining of "voices telling me to do bad things" who then goes on to murder someone.
The simplest thing for Microsoft to do is drop the whole cockamamie "Windows Update" bullcrap and just post the damn updates on an FTP or website where people can download them without handing over Product IDs (and from other operating systems as well). If they don't want to do this, well, then let's make sure they they are responsible for whatever happens.
- JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
I would have thought that Microsoft actually like to have pirated copies of windows out there. If everyone is running windows, then it will be very hard for other operating systems to get a foot hold, where as, if they alienate everyone not running a legit copy of windows, then they will either have to pay, or turn to an alternative. If they stop using windows, then windows stops being the defacto standard and that is currently microsoft's big advantage on the market.
Should they provide support to people that pirate their products? No. But if it means losing out on their user base; shouldn't they?
Comment removed based on user account deletion
What if I stole a ford explorer and then took it to the dealer to replace the tires because they were recalled? I'd look like an idiot. I could say to the dealer "well me driving on the road with these bad firestones is unsafe to everybody" and he'd retort back "yeah...and you stole this car!" Just because everyone hates microsoft, doesn't mean they should be expected to support products that are stolen. Even though we're dealing with software and the cost to them for stealing is zilch, they still have to pay for the bandwidth and servers to host windows update.
(not the same AC, btw).
He said he doesn't have ethical problems. He never said he didn't have legal problems with it.
I only have Linux machines and I was able to download the updates from Microsofts own security advisary pages without any problems (links found through earlier slashdot story).
I have then made CDs containing Symantecs Sasser removal tool and the hotfix for both Windows 2000 and XP and made copies to pass around to friends and family that still run Windows.
So even if Windows Update requires a valid key for Windows XP users, the updates are still readily available. Albeit, not quite as easy as Windows Update, but if you run pirated software, you deserve to suffer just a bit.
I'd like to point out to everybody that this is a moot point. You CAN get the update regardless of version a regardless of whether you have pirated your copy of XP. Just see: this to download the appropriate version of the update.
Who modded this flamebait tripe as "insightful"?
Perhaps you were ignorant of the fact, but:
- according to the Business Software Alliance.Q: If I steal a car, and some defect in that car leads to my injury, can I sue GM and win?
A: Definitely Yes.
Why is this different?
I know it's different because right now we can't sue MS for any damages even if we didn't steal Windows.
It seems to me that if they apply a double standard to products acquired legally vs. products that aren't legal, they are opening themselves up to some sort of implied warrantability for the legal product. Which of course they don't want to do.
It has gotten *really* bad with all the spyware, malware, and viruses these days. It's starting to look like the "death of a thousand cuts" we hear so much about. I wonder how many of these worms, etc. are put out there with the goal of bringing MS down?
Personally, if I were a PR at Microsoft, I'd be giving those patches away. The less overall damage systems running Windows would get because of security exploits, the best the PR. Furthermore, it would allow me to give the possibility to give the "we care" speech...
On the other hand, as an Open Source advocate as I am, I believe these issues should be exploited to the maximum. Not only is most Open Source software more immune to such problems but the patching speed is of critical importance for most enterprise users, and as far as I'm concerned, that would be the main entry point into the household.
Many "pirates" can not afford to buy the music/software that they download.
(I'm not saying that this gives them any right to infringe on others' copyrights.
I'm just saying that the BSA's figures are exaggerated.)
Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
I wouldn't have sex with a new partner without a condom
;-)
Well it's lucky you're a Slashdot reader and don't have to worry about such concerns anyway
If, as a software pirate, you believe yourself to be on some moral crusade against the "scourge of Microsoft" or the high prices of commercial software in general, then the best way to hurt those comapnies is to not buy their products - it REALLY is that simple.
The problem is that for a lot of computer users, software has become a "fashion accessory" just like a pair of designer jeans or a new mobile phone - everyone HAS to have the latest version of the latest package without stopping to think about whether there is actually a need for those additional features that the latest version provides. Right down from the warez crackers on the Internet to the end users, piracy is simply about peer pressure, nothing more.
The majority of computer users need to grow up and join the world of adults rather than sit in front of their PCs with the attitudes of schoolchildren.
There is a wealth of good quality free software for any operating system that you choose to run and while it may not, on some occasions, match up to commercial offerings, it IS free and will get better if you take the trouble to voice your dislikes and likes about it to the people that program it.
Pirates achieve one thing and one thing only - they create an excuse for large corporations to restrict the rights of ALL users in making fair use of products that they own and for those corporations to push through DRM, copy protection etc. on the basis of revenue loss and the honest users just end up paying more.
Gentoo Linux - another day, another USE flag.
He didn't exactly have an answer, other than to say they were still looking at the problem - but from what he did say MS is acutely aware of the problem.
I think my solution would be to allow security updates only. During this trip I had a long discussion with a pile of MS executives about community and /. came up more than a couple of times in the conversation ;-)
we see things not as as they are, but as we are.
-- anais nin
I don't understand. Why do you need XP pro for gaming?
Besides you are not forced to buy windows together with hardware. There are vendors that offer hardware without os.
I do so like arguing with people whose sole experience with Linux is based on hearsay and what they read on the Internet. :-)
Anyway, to correct you - you can download free versions of SuSE, Red Hat, Mandrake, etc. from the appropriate web sites; you can then download (probably limited) updates from their sites or get what you need elsewhere on the Internet.
You can also pay these companies for service contracts and get everything you need from them that way. The choice is yours because that's how it is with Linux.
But it would bring a bit more honesty to the debate of the cost of running Windows vs. Linux/BSD ;-)
There is no debate because debate assumes two sides interested in arguing a point. The Linux community does not care about "TCO" because there are far too many variables to put forward a valid comparison anyway - for example, what you spend on supporting any OS depends on what in-house skills you do or do not have.
"Cost of running" is simply a Micrsoft marketing ploy to sell more of their products, nothing more. Let's face it, they can hardly make Windows - Linux comparisons on the security or stability issues, so they might as well go for the "Windows is cheaper" option :-)
SuSE is (currently) very lax with regards to the licensing of their Enterprise-products. They have a "We trust you not to do silly things"-attitude.
SuSE does not make money making a Linux distro, it makes money from support contracts and Linux deployments. It therefore does not have too many concerns about who runs their distro unless they can sell services with it. Standard business practice.
Linux lesson ended for today - thank you for your time...
Gentoo Linux - another day, another USE flag.
You HAD to do nothing. You SHOULD have bought your laptop elsewhere and explained to the original vendor you were not buying their product because XP Home was installed and you did not want to pay for XP Home. Then, if a lot more people did that, the laptop vendor would realise that to stay in business, he needs to give his customers what they want.
Instead, what you did, was got screwed over by the laptop maker and Microsoft because most other people do exactly the same thing you do.
Things change for the better because you take direct positive action BEFORE handing over your money rather than whining AFTER you've handed it over.
Gentoo Linux - another day, another USE flag.
Well we're at it, why not do warranty repairs on stolen vehicles.
This is ridiculous, you have no right to use the software. What sort of obligation does ANYONE have to help you maintain it.
If MS in the future decides that patches are a premium-service (with premium license-fees), then so be it. I also think that anyone who uses MS-software should pay their price.
If you don't like their prices or their conditions turn to the alternatives.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
I *would* agree with ya in a perfect world. But in our real world there are dialup user, free/anonymous ISPs over dialup, sometimes BIG corporate nets may get infected, and they do not have an 'ISP', instead they have some fat pipes going out, so no luck enforcing some TOS... etc etc.
I used to be a nasty pirate myself, until I saw the light. MS enforcing their 'rights' can only be a good thing, since it will shy people (at least people from poor countres) away form their products, thus making the internet safer. But for now it is simply wiser to give updates to the pirates.
cheers.
``If a program can't rewrite its own code, what good is it?'' - Mel
Giving all patches to illegal users except those which wouldn't affect the rest of the net, but could still cause a security hole.
But any hole is a risk to the rest of us - if it's writeable, it can be used to create another spamming, DDOS'ing, crap-flooding zombie. If it's read-only, then it can either be used to find a writeable hole, or it increases costs by increasing, say, credit-card theft (chargebacks aren't totally free), ID theft (which could be used to hurt those people who know the user, or those who do business with the user), etc.
No security hole is a benign security hole.
MS should detect update attempts from pirated software and offer the opportunity to: 1) pay a fee and obtain a retroactive license; 2) get a code to access and apply the updates; 3) receive an effective amnesty for the piracy.
-- Slashdot: When Public Access TV Says "No"
Funnily enough, I get that message despite the fact that I run Win2K. I do, however, use a proxy server that strips out my HTTP User-Agent headers.
should users with pirated copies of Windows be allowed to download security updates?
My answer: No.
As much as I do not like the price of Windows (too high for what one gets for the money) you have to either try to restore competition in this particular market (which will lover the price of Windows to some real numbers) or change your demands and use something else (Mac, Linux, ...) or something else. It's maybe unfair there is no alternative producer of Windows but stealing does not make that better, quite contrary (helps Microsoft keep the monopoly while they have 90%+ market share also thanks to those users with illegal copies).
If users of illegal copies (they) get (with permission from Microsoft) those patches, they wont be stealing (patches) from Microsoft. But they will have screwed comparison tables "Windows vs. ProductX" in a way as "Windows are for free (0 monetary cost)". It will make them unwiling to switch (either to legal copy of Windows or legal copy of some other product be it free or commercial). Thus it'll help Microsoft to keep their unfairly acquired monopoly much longer and screw the market/economy/people/... much more. If Microsoft is going to give permissions to users of illegal copies of their products to use patches, I'll consider it anticompetitive and illegal move from them.
If [they] will be allowed to use those patches, market/economy/people may mistakenly see it as a move to the right direction (from security point of view) while the true right move - more OS diversity on desktop PCs - will be pushed away. Security will hurs, market/economy/people will hurt.
For sure, there will be short-range benefits in allowing [them] to use those patches, but in the long term I do not see it as good decision (good for market/economy/people).
hany
I have a pretty strict view of this. If one willfully (and/or knowingly) pirated an operating system: they should get no support from the manufacturer at all.
/.-ers think of Microsoft as an evil empire, there are a lot of hard working programmers working for them who do deserve to get paid. The liquid asset of that company is immaterial.
Since unpatched and vulnerable systems can wreak havoc on legitimate customers, I think the best solution is to simply disable the offending product. If you stole the OS, you have no right to use it. Force it to shut down. Don't destroy the drive or any data, just make it the ultimate in nag-ware: continually prompt on boot for a legitimate proof of purchase.
Of course, that gets into all kinds of 'big brother' bull. The end of the story is the same: pay for it. In spite of the fact that the majority of
"But what if I'm using it in a lab environment?" Well, you should have paid for your license. Don't want to pay? Microsoft offers 120-day evaluations of many of their products. These are fully functional products and can even be updated in most cases (rare exceptions such as ISA exist).
I can't believe this question even deserves attention
YOU DIDN'T PAY FOR WINDOWS hence they DON'T OWE YOU SHIT for support, why is this so hard to understand.
Maybe they should start programming the viruses to check for valid CD keys ;-)
I STILL don't get why people think downloading is their right and stealing is OK.
The question posed has striking similarities to the question of public healthcare. In the US, the EMTALA (Emergency Medical Treatment and Active Labor Act) requires hospitals and clinics to give life saving and stabilizing care to anyone, regardless of proof of insurance and/or ability to pay.
This is primarily a welfare service for the individual but has corporate benefits as well such as the reduction of communicable disease from those who would otherwise go untreated.
Without getting offtopic into the US healthcare system, I think the article brings up a similar point. If a software update is meant to benefit the end user only, in that it fixes or enables a new feature, that is one thing, but for the health of the public Internet, security patches that prevent malicious and communicable computer virii should be publicly available...by law.
It is more important to keep the Internet available to individuals, businesses, and research institutions as well as governments that rely upon it every day for communication and control of critical systems, than to ensure that a small percentage of the population is not illegally pirating software.
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
Should security updates only for worms be made available to pirated users
We can pirate people now? Cool... how do I burn me a Britney?
If you come into my house to burglarize it, and I shoot you in the legs to stop you, I'm liable for your loss of future income earning potential. Think it sounds farfetched? I remember a case when I was in HS that revolved around that exact scenerio, and the burglar won.
Faulty products are faulty products. If Microsoft fails to offer a repair to a product it knows is defective. Unlike the stolen Ford, our pirate friends may have tried to get the patch and were denied it. Microsoft now has knowledge of a defective instance of the product and has knowingly refused to make the necessary safety corrections. Regardless of the legal status of the ownership, the product liability remains. The fact that the "product" is digital is what makes it not quite fit the traditional product mold. All the disclaimers won't help either,as known defects _will_ make you liable no matter what. As a PE, if I say in my contract "that's not my responsibility" but the "not by me" design is clearly faulty, I'm still liable.
If they can prove it has been stolen from them, they should notify the autorities of the theft and have the product returned to them for repair or destruction.
(I'm not advocating piracy - I have legal copies of XP - but making a patch unavailable is wrong. How would you get the sasser patch if your inet connex was down due to sasser? My parents couldn't, because I couldn't get the patch and write it to disc for them, and they own a legal copy of XP home.)
Is it just my observation, or are there way too many stupid people in the world?
should users with pirated copies of Windows be allowed to download security updates?
My answer: No.
Your answer is not smart.
If you want to deny SW pirates access to new versions of Windows Media Player, Windows Movie Maker, or drivers for their video card, that's fine. But denying them security updates is harming people and businesses who did nothing wrong. Why should my domain be blasted with traffic from infected PCs running pirate copies of Windows XP? Why should my ISP have to bear the burden of traffic from those infected PCs? Why should someone playing a multiplayer FPS game get fragged because network congestion from infected PCs is causing packet loss and latency? Why should some guy who buys a new laptop at Best Buy find it infected within one minute of connecting to the net because there are countless infected machines looking for some particular flaw that his yet-to-be-patched PC has?
What you're advocating is analogous to companies refusing to fix natural gas leaks because the consumer is behind on his gas bill. Explain that to the neighbors when his house blows up and takes out their homes, cars, or family members.
Your "security through OS diversity" suggestion shows your lack of understanding of computer security. It is just a thinly veiled version of "security through obscurity." If your ISP has boxes running Windows Server 2003, FreeBSD, RedHat Linux, Suse Linux, and Windows Server 2000, a flaw in any of those could, depending on network configuration, cripple the network or render services unavailable. Every one of those boxes could be a hole through which an intruder could enter. Keeping all of those OSs up-to-date is a major chore that is likely to be neglected at times.
I bought a new HP notebook 18 months ago. Of course, due to Microsoft's anticompetitive OEM marketing agreement which has been adjudicated as illegal, I was forced to buy a copy of WinXP that I didn't need because I run Linux. Of course, I can't sell my WinXP to someone who wants to upgrade from Win98 because it's some bastardized OEM version that only works on a model of notebook PC that already shipped with XP. I'm sure they didn't do that on purpose (bastards).
I suspect there are about as many Windows pirates in the US as there are Linux notebook PC users who have a virgin Windows license. I think I'll register www.Pirate-MS-Licences.com as a place where Linux users can donate their unused licenses to pirates. When Microsoft sues me, my defense will be, "I was forced to buy this thing, and now I can't even GIVE it away? How is that not a Microsoft Tax on notebook PCs?"
>> My ultraviolent Linux switch video.
I wiped the XP offering from this box too (with Debian). So here's my useless key for you to enjoy:
XVJW8-DB93F-2R2XD-XGB3D-3788D
To illustrate how crap things have become with preinstalled doze, my Sony didn't even come with a CD!
Microsoft has no obligation whatsoever to provide any freebies to folks with illegally copied (the P word - "pirated" - seems to be politically incorrect here at Slashdot) versions of Windows.
The word you are looking for is "copy". Every copy is illegal to the eyes of MS.
Anyway, "pirate" is a stupid word to use for someone who copies a piece of software. Pirates attacked ships, robbed, raped, killed. There is a difference. Using the word "pirate" is making the assumption that making unauthorized copies of software is equivalent to killing, raping and robbing. It's just a marketing thing that was used by record companies, and it just worked. Now we are using a word that describe a killer, to talk about a person who copies a CD. Think "diamonds are forever", that's a marketing thing that just worked, even though it's not true. It sounds good, and most people who don't know better, believe it's true, while it's just a marketng thing. The problem with the "P" word is that if we keep saying that copying CDs is as bad as raping, killing and robbing, people who don't know better start to believe it's true. That's the power of the language.
In Uruguay, my country, people who don't know what they are buying, get a computer with a copy of Windows preinstalled (that trend is changing), for which Microsoft gets no money, and know nothing about licenses. I'd rather not call them pirates, just stupid.
Because the people most likly to pirate Windows, are those who are more likly to do their own installs. Therefore they are the people with a little more tech savy. Therefore they are the people MOST likly to update their systems. Not that they all do, probably, but there is a reason why they would, when people who would never try anything with a computer their dell tech support representitive didn't tell them to do, would not.
Little Brother, watching the watchers
Nope, it's not Microsoft bugs trashing the net. It's some asshole somewhere who thought it would be really cool to have lots of computers rebooting all the time (or whatever crap the latest virus does to your machine).
That's true. But it's also irrelevant.
Once the exploits are out there, the only ways to make them STOP trashing the net (short of taking out the machines) is to apply the patch. Blocking distribution of the security patch to unlicensed copies insures there will be a much larger number of infected machines chattering away than if it is open.
Selling millions of copies of software that is susceptable to infection and expecting them to remain uninfected is like laying out millions of uncovered petri dishes full of culture medium and expecting them to remain sterile. If nothing else, Microsoft bears some of the responsibility according to the doctrine of "attractive nuisance".
In case you're not aware of it: Consider a chemical company that keeps concentrated sulphuric acid in an uncovered, unfenced, outdoor tank that looks like a swimming pool. Is it the chemical company's fault if, some summer afternoon, some neighborhood kids jump in and/or push each other in? In US law: Absolutely!
By deploying a massively virus/worm susceptable system Microsoft has created an attractive nuisance. Yes the primary responsibility for damage when it is exploited rests with the exploiters. But when they "light a fire" that starts an ongoing process of consuming the neighborhood, it's Microsoft's responsibility to help put it out.
And it's in Microsoft's interest to do so, before somebody wises up and starts using the attractive nuisance doctrine to make them pay for the damage.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
How about this: No!
Furthermore, Microsoft's next/future service packs (or possibly Windows Update itself) should check your key against their database to ensure that you do have a valid installation of Windows. It amazes me that they haven't gotten to this point yet.
If it was up to me, I'd generate a "hotfix" for pirated copies that wipes the product key info, and pops up that little key icon in the system tray with a balloon saying "You are using a pirated key. Click here to purchase a valid one.", and linking to Microsoft's store. Perhaps a timer is also in order, giving you 30 days(?) to set things right before networking no longer works, or the system won't go past the login screen. That sort of thing.
Yes, I'm very serious.
Let's say I steal a newer car. The manufacturer of the car discovers a fault in the hood latch; it can randomly let go of your hood-- and that would be a bad thing, especially if it happens while doing 55+ on the freeway. I go to the dealership and demand they fix the fault for free. But wait, the car is stolen! The owner called the dealership and reported it as such. Does the dealership just shrug their shoulders and fix it and send me on my way? I think not. They call the police, or simply deny me the fix.
Not All Who Wander Are Lost
Can I bum a sig? I left mine at the office.
I have always seen to it that the software on the networks I admin was properly licensed. Sometimes, on taking up a new job, the task was enormous.
We still got audited. So we had a double penalty of staff time: fix the problem before the audit, then prove it was fixed. Neither case advanced the organizational mission. It was pure loss, friction . All the time I was doing that, I wasn't fixing things that were broken. I wasn't making the net more secure. I wasn't installing new things.
I will grant that a company can set the terms of use for their products as they wish. They should be aware that hamfisted, user-hostile enforcement mechanisms like this are driving customers like me away. At comparable functionality, even with higher costs, I prefer the Free as in Speech solution.
Should I experience a difficult implementation due to lack of developer/test resources in an Open Source project, I experience necessary pain. That is to say, any problems I have with getting it working are a natural result of the state of the project I'm working with. Licensing friction is unnecessary pain. It's the unnatural result of the developers going out of their way to put up obstacles.
Unnecessary pain hurts way more than necessary pain for similar stimulus levels.
Gotta say, props to the commercial software outfits that have simple concurrent licensing setups that actually work. It's the ones that suck that cost you future business.