Slashdot Mirror
Microsoft Installs New Software Without Permission
Futurepower(R) writes "Even though I have Automatic Updates turned off, on August 28, 2007, between 3:49 and 3:51 AM PDT, Microsoft installed new files on my Windows XP computer." Nine files are updated on Vista and on XP SP1, a different set of on each, relating to Windows Update itself. Microsoft-watch.com's Joe Wilcox and ZDnet's Adrian Kingsley-Hughes confirm the stealth update.
Block M$ from having an interwebs connection and update from windiz, works even if they decided to ignore your settings.
They fitted George Orwell's coffin with rollers so he could turn over more easily years ago.
That's the proprietary software world for you.
The solution is simple, install Ubuntu.
Under cygwin, you can type:
/cygdrive/c/windows/system32/wuapi.dll | grep 7\.0\.6
strings
If you get back something like:
7.0.6000.381
7.0.6000.381 (winmain(wmbla).070730-1740)
7.0.6000.381
then Microsoft has secretly updated you.
My blog
because a large majority of people dont patch windows and i need to test my software with the least common demoninator to ensure it works on all systems
TFAs only mention XP and Vista, but I have Windows 2000 (it will be the last Windows I ever own, and I'm just keeping it running until my end-of-year trip to the USA, when I'll buy a Macbook) and was surprised when I woke up one day this week (either the 11th or 12th of September) and found my computer showing the "got restarted and waiting for somebody to log in" screen. Before I had a UPS, that happened now and then, but since getting a UPS, that shouldn't happen unless we get a major power failure that lasts longer than the several minutes my UPS's battery gives me. That hasn't happened since I got my UPS, and I noticed that other things around the house showed no signs of power loss, despite my computer having been restarted. /., I thought I might have discovered what happens, but TFAs only talk about XP and Vista.
When I logged in, Windows Update informed me that it had installed updates. That's hard to understand, since I've had Windows Update configured for a long time now to ask me before installing anything. When I saw the item on
So was what happened to my computer (running Win2K) the same thing? Did others with old versions of Windows have the same experience?
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
Actually, I got the question if I wanted to install it. Maybe you just klicked by, as usual in windows?
its entirely inaccurate to claim that you own your Linux copy.
Firstly, copyright is not ownership. If you buy a copy of software, you own that copy.
Secondly, you don't need a license to install and use software. Copyright does not cover copying that is necessary in order to use software.
Thirdly, you do not have to agree to the terms of the GPL in order to use GPLed software. You already have the right to use it. The GPL grants you the right to distribute copies to others.
There's so many people out there just wildly assuming what the law is or going on hearsay. Read the fucking law and the licenses before spouting off with your uninformed opinion please.
Why not have a cron job that does apt-get update && apt-get -y upgrade?
Not quite. Almost all distros of linux have *no* EULA. The license" you refer to (licenses, actually) govern redistribution. Because of said redistribution rights, the moment you receive Linux from someone exercising those rights you can now do whatever you want with linux. The moment you choose to distribute it to someone else, the license comes into effect.
This is generally very different from the "licensing" you talk about with Windows. In fact, even though it is all based on the same copyright law, these are, for the user, very different things.
I do in fact own Linux as much as copyright law allows. Something that the Windows EULA never allows.
This was definitely without my permission, and raises the question about who has control over my computer, me or Microsoft. If Microsoft can put files on my computer without my knowledge, then it is really Microsoft's computer, which is control that I find extremely objectionable.
It seems like its just a few updated DLL files. Programs throw dlls around all the time. These do not seem to have harmed anything. However, it does not sound right. How did these updates get installed, that is kinda my question. Is Windows programmed to ocassionally phone home, and when it did, these updates got applied, or did MS have some bot that like scanned IP addresses looking for copies of windows and push these, or what? Kinda strange.
I somehow doubt, though, that the intent is malicious. While Microsoft may play dirty politics, and turn off pirated versions of Windows, I seriously doubt Microsoft would intentionally push software out that would screw up their own software. Chances are, this is just either an oversight on someone's part, or an improperly deployed update. Or it could be how Microsoft is planning on blackscreening vista users.
Not really. If a company is using Windows Update, its the COMPANY that is in violation, not the software vendor. Anyone worried about Sarbanes-Oxley compliance should have better controls in place for client computers than Windows Update.
http://en.wikipedia.org/wiki/Begging_the_question
Please read.
The only thing that Automatic Updates, updates is itself, the AU service can be disabled, and this doesn't apply to computers running under WSUS (read: every corporate network machine, so only applies to home computers).
So it's not brilliant of MS to do this, but not the end of the world either.
Ok ok! There's no excuse, you're right.
throw new NoSignatureException();
Only if your theory is deficient.
http://outcampaign.org/
the article says that computers configured to update via WSUS were not affected. I can confirm that my computer wasn't updated. Most companies that pay attention to their updates probably use WSUS to manage them.
-- "Freedom is the right of all sentient beings" -Optimus Prime
Rubbish.
It's just as accurate to say you own a copy of Linux as it is to say you own a copy of a book.
In neither case do you own the copyright for the item in question, but you do own the copy you have.
You own books, don't you?
Why doesn't the gene pool have a life guard?
The consumer never had the choice.
While the specific merits of Be's anti-trust case against will never be known, in its lawsuit Be did allege "the destruction of Be's business resulting from the anti-competitive business practices of Microsoft." http://siliconvalley.internet.com/news/article.php/3073811"I've got more toys than Teruhisa Kitahara."
"If not for MS, somebody else would be making cheap, consumer-grade software "
http://www.windowsmarketplace.com/details.aspx?view=info&itemid=3268636&WT.mc_id=0107_54
In my world, $260 for an operating system is not cheap. In the Macintosh world, for $130 you get the same thing, and for $200 you can install it on every computer in your family (within reason). In the Linux world, that's pretty expensive.
At one time, MS software was cheap, but once they wiped out all the competition, the price rose dramatically. I used to be able to get upgrades to MS Office for $130. I used to be able to get Windows for $79. Microsoft software is now expensive, and now I find out that the damned thing will upgrade itself even when I tell it not to. What else is MS not telling me?
Microsoft will no longer get money from me. Maybe from some other person is not well informed, but I can't see how anybody would voluntarily submit to this behavior.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
You are completely wrong. You don't have to agree to any license to use linux at all. You can do whatever you want with it within the bounds of copyright law without agreeing to anything at all. The only time the license applies is when you want to do something copyright law prohibits. That's COMPLETELY unlike the windows licensing situation.
It is completely accurate to say that your copy of linux is completely yours. So is your copy of windows for that matter, it is just a question of wether or not the creators of the software acknowledge it and try to restrict your usage later with extra license terms you are promted to agree to at install time.
From microsofts own webiste.
List of know applications that service pack 2 broke
Untest updates are always bad for business.
OL Toolbar 1.13.2 AOL 32-bit and 64-bit (NX) http://www.aol.com/ The Information Bar blocks access to the tool's edit boxes.
PhotoShop CS 8.0 Adobe 64-bit (NX) http://www.adobe.com/products/photoshop/main.html Program installs, but will not start.
BlackICE 3.6 crj Internet Security Systems 64-bit (NX) http://www.iss.net/ When you use this program, you may receive a Stop error that causes the program to quit.
BootSkin All Stardock 32-bit and 64-bit (NX) http://www.stardock.com/ When you restart your computer during the Windows XP SP2 Setup program, a Stop error occurs. For more information, see the following Microsoft Knowledge Base article: http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;873159.
Command Antivirus 4.9 Authentium 32-bit and 64-bit (NX) http://www.authentium.com/ This program does not start.
Encyclopedia Britannica 2000 Deluxe 1 Encyclopedia Britannica 32-bit and 64-bit (NX) http://www.britannica.com/ Java rendering does not function after you install this program.
eTrust EZ Armor 1 Computer Associates 64-bit (NX) http://www.ca.com/ The EZ Firewall part of this program generates a Stop error during installation.
Freedom Force 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ When you start the program, a message appears that points you to the following EA Web site: http://techsupport.ea.com./
Kaspersky Anti-Virus (German) 4.5 and 5.0 Kaspersky Labs 64-bit (NX) http://www.kaspersky.com/ Real-Time scanning does not work in version 4.5 or 5.0. The vendor's Web site has available product updates that are designed to address this issue.
Live Motion 1 Adobe 32-bit and 64-bit (NX) http://www.adobe.com/ This program displays various errors that prevent typical operation.
MapSend DirectRoute 1.0 Magellan 32-bit and 64-bit (NX) http://www.magellangps.com/ When you start the program, a message appears that points you to the following Web site: http://www.magellangps.com/en/support.
MPEGcraft DVD All Canopus 32-bit and 64-bit (NX) When you try to save an MPEG file, you receive a "Failed to Edit" error, and the file cannot be saved.
NBA LIVE 2000 1 Electronic Arts 32-bit and 64-bit (NX) http://www.ea.com/ This program does not start in certain systems.
NOD32 for Microsoft Windows 2.000.11 Eset 64-bit (NX) http://www.eset.com/ When this program is started on an AMD64-based computer, all network connectivity is lost. To resolve this issue, upgrade to NOD32 version 2.12.2 or higher.
Norman Personal Firewall 1.4 Norman 32-bit and 64-bit (NX) http://www.norman.com/ Norman Personal Firewall Assistant will not start.
Norman Personal Firewall 1.4 Norman 64-bit (NX) After this program installs and restarts, the desktop does not load correctly
Norton AntiVirus 2003 Symantec 32-bit and 64-bit (NX) http://www.symantec.com/ At system startup, Scheduled Tasks in Norton AntiVir
I've usually heard it as, "In theory, there's no difference between theory and practice. In practice, there is."
--
Promoting critical thinking since 1994.
Well... you are wrong. The license to the software (not to its distribution medium) says that you are virtually renting it. You are paying a fee for using it, but you do not own it. From the EULA:
3. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to you in this EULA. The Software is protected by copyright and other intellectual property laws and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Software. The Software is licensed, not sold.
The reason behind this is to prevent the first sale right defense (you bought it, you own it, you can do whatever you want with it) so it makes illegal to reverse engineering, and all the rest.
Conclusion: no, you do not have first sale doctrine rights.
btw, reading the eula on windows XP I found something I believe more disturbing: 2.1 Digital Rights Management.... A list of revoked DRM Software is sent to your computer whenever you download a license for Secure Content from the Internet. You therefore agree that Microsoft may, in conjunction with such license, also download revocation lists onto your computer on behalf of Secure Content Owners. ...
I know that this is done for DRM purposes, but it is phrased so wide open, that allows them to revoke software that I have in my computer under the excuse that they are protecting secure content, this can be easily abused.
Just highlight the said file in explorer, then Alt-Enter and Control-Tab. The version number is right there.
I'd only check this via strings if I were already booted into Linux.
Ha, my confirm-you're-not-a-script is "cleverly"!
In one of TFA the author mentions looking through at least the Vista license and failed to find anything in the license giving MS permission to perform updates without user consent. So, no, it's not in the license, and they did not have permission.
Curiosity was framed, Ignorance killed the cat.
Sorry for replying to my own post, but further reading suggests this isn't nearly as bad as TFSummary makes out. If you follow the links to the stories on the other sites, and read the comments and links given there, a lot of people are suggesting that this is only updating Windows Update files when you visit the Windows Update site, and not in fact a push of arbitrary changes at all. There's so much hype and FUD flying around this discussion that it's hard to see the wood for the trees.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Well, I can anyhow. You've apparently bought into the entirely retarded idea that criminal organizations are free to impose any sort of demands on you at a whim and you're somehow magically bound by them.
The fact is that nobody is bound by the deluded crap MS puts in their EULAs unless they choose to bind themselves.
Ratchet back the aggression level there.
And there are plenty of cases that hold that you are free to enter into a license agreement with a company when you pay them money for software. See the long list of "shrinkwrap agreement" cases. For example, ProCD v. Zeidenberg http://en.wikipedia.org/wiki/ProCD_v._Zeidenberg ("The issue presented to the court was whether a shrink wrap license was valid and enforceable. Judge Easterbrook wrote the opinion for the court and found such a license was valid and enforceable."). In other words, software companies make their product available according to the license. If you buy it, you've voluntarily chosen to enter into those terms and you are bound by them.
It's the same as buying a car. Yes, you are free to go buy a car from a dealer with no terms and conditions attached if you can negotiate that deal with the dealer. Or, if the dealer says "look, this is a brand new concept car that's not available for sale yet -- you can buy it, but you have to keep it in a closed garage and you can't take the bib and diaper off it until we tell you" then that's also a completely legal contract if you agree to buy that car. You don't get to tell the dealer "yes, I'll follow your terms" and then turn around and say "I own the car, I can do whatever I want." You entered into an agreement with the dealer and you are bound by it.
The courts have said the same is true for software. If you don't like the license terms then don't buy the software. You can argue that copyright should trump contract, but that's not how the law has worked so far. Maybe your argument is even the better one -- but it's just not how the US courts have worked. Find a client and try to change the law.
With your example of purchasing a prototype vehicle, I would fully expect some sort of physical contract that would require notarized signatures and copies of the completed contract for both parties before anyone would allow the buyer to leave with the vehicle. I consider that a legal and binding agreement and no verbal agreement would be sufficient. Simply clicking a picture on a screen does not meet the minimum requirements for a "legal and binding" agreement in my book. As a counter example, web sites like amazon.com do not ship a product to the buyer simply because someone clicks on a picture of a product. If they did, they would never be able to win a case against the buyer in court. There are certain requirements that should be met. I think we all agree that expecting payment for a product simply because someone clicked a picture on the computer screen is extremely naive and foolish. Why would we think any differently of clicking to agree to a EULA? By Microsoft making the requirements so ridiculously easy, the company seems to imply that they don't care if people break the agreement. Otherwise, there would be more strict requirements.
Ouch! The truth hurts!
You're right. MS has posted a blog here which pretty much confirms what you said. What I am really interested to see is if Slashdot will post a correction.
This space for rent.
> You do realize that (although I do not agree with it) you are licensing the software for use from Microsoft right? Read the terms in their acceptable use policy. If you did not, it's your fault for not knowing this.
No you're not, you're licensing the right to do some of the things that copyright law reserves for the copyright proprietor. The software, however, is sold and is mine. I know this because if I go into PC world and say "I'd like to buy a Windows Vista for my computer, please, it has currently got a Linux inside it and I want to switch.", they say "Certainly sir, that'll be pounds, please", then I give them the money and they give me the software and a receipt for it.
Fortunately, in the UK, copyright law allows me to use the software if I own it, and I do, even without a license for any of the reserved rights because using the software for what it is made for and advertised/sold for is not reserved - and rightly so - so I don't even need a license. That also means that the EULA is technically an extortion.