Slashdot Mirror
MS To Limit Security Fixes to Legal Copies of Windows
rufey writes "An Associated Press artcile on MSNBC is reporting that Microsoft is going to start restricting access to security updates from pirated copies of its Windows operating systems. Starting in mid 2005, if you have a pirated copy of Windows, the only way to obtain security updates will be through the automatic updates mechanism. And even that method may be restricted at a future date. The article is light on details about what versions of Windows this will affect. Parts of the system to check for a valid copy of Windows is already used when downloading software (such as Media Player) from Microsoft - except that validation is currently optional." EnderWigginsXenocide points out Reuters' version of the story.
The main gist is that people who have their Windows Update set to automatically download the latest critical patches (through the Windows Security Center - insert oxymoron comment here) will not be affected at this time. If you manually go to Windows Update you will need to provide some sort of credentials (allow software to snoop on yer box or provide your key) to access content. I myself bought a copy of XP recently from Newegg for this exact purpose. I like Linux a lot and if I didn't game, I'd use it exclusively. Since I do game, Windows is a necessity, and I don't want to have a haxxored box because MS tightened down on allowing pirates (which I freely admit I was one) to patch their systems. Newegg has copies of XP pro for about $150.00 with the purchase of any hardware, which is a far cry from their $300.00 MSRP.
"As the intrepid kobold companion continues his journey, he begins to wonder... if priests raises dead, why anybody die?
Folks will just start distributing these patches through other arenas (torrent, newsgroups, web sites, etc.), or will develop methods (as they always have) to work around the system checks.
This is just a ruse to get folks to pay less attention to the fact that the MS OS is generally less secure for most people than it should be...
Many people pirate Windows, for many reasons. Cost, availability, etc.
But imagine now if it's becomes a nuisance to crack everypart of the OS which phones home. People will go elsewhere... legal perhaps.... but what about the people who wont pay.
With Linux now coming of age, it seems about right that a significant market share would now drift in the direction of OpenSource operating systems.
Why should they be expected to support copies of Windows that people didn't pay for? Sure, this is an issue of customer support. But then, the people with 'pirated' copies of Windows aren't Microsoft's customers.
"Ask not what your country can do for you." --John F. Kennedy
Awsome simply awsome the tighter they make their licensing the quicker the uptake for Linux. Hell I don't really know anyone other than some companies that buy legitimate copies of windows. Hopefully they will put a check in Office that will not let you run on a pirated system as well.
Short term revenue gain, long term loss.
Got Code?
How many more people would start taking a hard look at FOSS if they couldn't get their 'free' MS products?
They can still get their "free" MS products. They will continue to get their "free" MS products. Those people will just not update their systems through Windows Update. I imagine that plenty of people that paid for Windows in some form or another still don't bother to update their systems because they don't know or don't care to know.
All this is going to do is create an even more dangerous computing environment on the Internet and give more and more backing to "trusted computing".
Oh look, see, everyone pirates and the pirates are causing all the worms to propagate! Look! DRM will stop that!
I remember reading a Crypto-Gram article on this a while back. Here's some great, relevant commentary from Schneier. The original link is http://www.schneier.com/crypto-gram-0406.html#4.
The security of your computer and your network depends on two things: what you do to secure your computer and network, and what everyone else does to secure their computers and networks. It's not enough for you to maintain a secure network. If everybody else doesn't maintain their security, we're all more vulnerable to attack. When there are lots of insecure computers connected to the Internet, worms spread faster and more extensively, distributed denial-of-service attacks are easier to launch, and spammers have more platforms from which to send e-mail. The more insecure the average computer on the Internet is, the more insecure your computer is.
It's like malaria: everyone is safer when we all work together to drain the swamps and increase the level of hygiene in our community.
This is the backdrop from which to understand Microsoft's Windows XP security upgrade: Service Pack 2. SP2 is a major security upgrade. It includes features like Windows Firewall, an enhanced personal firewall that is turned on by default, and a better automatic patching feature. It includes a bunch of small security improvements. It makes Windows XP more secure.
In early May, stories were written saying that Microsoft would make this upgrade available to all XP users, both licensed and unlicensed. To me, this was a very smart move on Microsoft's part. Think about all the ways it benefits Microsoft. One, its licensed users are more secure. Two, its licensed users are happier. Three, worms that attack Microsoft products are less virulent, which means Microsoft doesn't look as bad in the press. Microsoft wins, Microsoft's customers win, the Internet wins. It's the kind of marketing move that businessmen write best-selling books about.
Sadly, the press was wrong. Soon after, Microsoft said the initial comments were wrong, and that SP2 would not run on pirated copies of XP. Those copies would not be upgradeable, and would remain insecure. Only legal copies of the software could be secured.
This is the wrong decision, for all the same reasons that the opposite decision was the correct one.
Of course, Microsoft is within its rights to deny service to those who have pirated its products. It makes sense for them to make sure performance or feature upgrades do not run on pirated software. They want to deny people who haven't paid for Microsoft products the benefit of them, and entice them to become licensed users. But security upgrades are different. Microsoft is harming its licensed users by denying security to its unlicensed users.
This decision, more than anything else Microsoft has said or done in the last few years, proves to me that security is not the first priority of the company. Here was a chance to do the right thing: to put security ahead of profits. Here was a chance to look good in the press, and improve security for all their users worldwide. Microsoft claims that improving security is the most important thing, but their actions prove otherwise.
SP2 is an important security upgrade to Windows XP, and I hope it is widely installed among licensed XP users. I also hope it is quickly pirated, so unlicensed XP users can also install it. In order for me to remain secure on the Internet, I need everyone to become more secure. And the more people who install SP2, the more we all benefit.
Ha, ha! Nobody ever says Italy.