The Self-Modifying EULA?

An anonymous reader asks: "Years ago, when I first installed Windows 2000, I accepted its EULA. Despite serious defects in the product, I resisted installing Service Packs because they modify the original EULA. Now even Homeland Security is on my back to upgrade and install a fix. I would be happy to install SP4 and all the security patches BUT ONLY IF IT IS DONE UNDER THE ORIGINAL EULA. Otherwise, Microsoft has made me an unwilling zombie. The clear fact is that Microsoft delivered a defective product- should not allow them to redefine our agreement. I cannot think of any other market that successfully browbeats its customers in this manner. Can this be legal? Has it been tested in court?"

Re:It's Legal

[Money+for+Nothin']

How is security a "reasonable" (yes, define that word, please) expectation in the computing world?

First, a security tautology: there is no such thing as 100% security. Any newbie in computer security can tell you this. Thus, the expectation of *perfect* security is not reasonable (whether it is expected of Microsoft or OSS or Apple, or any other software or software vendor).

Secondly, empirical evidence. Look at Microsoft's very-long list of security flaws. They are so numerous and widespread that even non-technical joes-on-the-street can tell you that Microsoft's products are insecure. Thus, again, on the basis of Microsoft's history, it cannot be expected that they will produce better security, until they actually begin doing so.

Thus, whether "reasonable" is defined as:
* "based on the wisdom of experts", or
* "empirical historical evidence", or
* "the word of the man on the street"

...it is regardless *clearly* unreasonable to expect secure software from Microsoft.

*Attempts* at providing security is a reasonable expectation. *Security*, is not.