Slashdot Mirror
What's Really Broken with Windows Update - Trust
Be Cool writes "According to ZDNet, Microsoft has steered itself into a real trust tarpit with Windows Update: 'See, here's the problem. To feel comfortable with having an open channel that allows your OS to be updated at the whim of a third party (even/especially* Microsoft ... * delete as applicable) requires that the user trusts the third party not to screw around with the system in question. This means no fiddling on the sly, being clear about what the updates do and trying not to release updates that hose systems. While any and all updates have the potential to hose a system, there's no excuse for hiding the true nature of updates and absolutely no excuse for pushing sneaky updates down the tubes. Over the months vigilant Windows users have caught Microsoft betraying user trust on several separate occasions and this behavior is eroding customer confidence in the entire update mechanism.'"
The problem is that MS is under the gun. Sometimes they release too soon, and blam it bites them in the butt.
Of course, there are folks that say, "If they would have designed it properly the first time..." But, you know what, a project the size of an OS, kernal, Office app is very hard to weed out all the problems. So, updates are needed. But, you have to balance the quick release versus good release. Too slow and you get a bunch of wonks screaming about "no fix yet", too fast and those same wonks scream, "broken apps".
You can have it:
But, you can only choose 2 of the above.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
This may have been a bad move, but Microsoft knows that in actuality there's nothing the users (corporate and private alike) are really going to do about this. They may complain a bit; write some unpleasant articles in some online sites/blogs, but at the end of the day you're still going to be using their stuff. Effectively saying "just suck it down and shut up". And in reality, this is what 99.999999% of Windows users are going to do.
If you have an effective monopoly, trust really doesn't matter.
-USR1
In order to break trust, you must first have trust.
So, Microsoft is not trusted anymore? Boo hoo. What exactly have they done to deserve any sort of trust at all?
Making laws based on opinions that stem up from false informations leads to witch hunts.
Anyone who trusts Microsoft after the past two decades of dirty behavior is a fool.
"I've got more toys than Teruhisa Kitahara."
I don't think 95% of Windows users care if Microsoft is untrustworthy or not as long as they feel it keeps their computer from getting hacked.
+1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
Even without TPM, even without CPU serial numbers, if the update software has to change my computer without telling me, it is operating out of bounds. I can't trust it in enterprise; I can't trust it at home; I can't trust it as an install or development environment.
kris_lang
as long as you've got powerpoint and can read the Word documents you're sent in the mail?
So far, in my experience, it's never been fast (with patches taking months), nor cheap (300 bucks for an OS?), nor good (do I have to explain?).
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
manually, you can select what updates you want to apply and which you don't. As for hosing a system, MS has no monopoly on that. I updated my ATI drivers on Friday and I lost my 3D capability until I rolled my drivers back. Had similar things happen with Adobe stuff until I switched to Foxit. Frankly none of the software companies impress me with their auto updates. I trust none of them.
I was working as as PC tech for a university at one point, and it was policy to install all critical Windows updates on the university-owned computers. On one computer, I accidentally checked the hardware updates as well as the critical updates. For some reason, Windows update decided that the video card (an Nvidia TNT2-based card) needed to be updated with the old, Microsoft-provided, French-language video drivers. This computer was using English Windows XP, and there were no language packs installed or anything. Anyway, Windows blue-screened when coming back up. I had to start it in safe-mode and remove the drivers to get it to work again. I remember thinking that if a "normal" user had installed that update, they would have been screwed into having to pay $100 for a "professional" to fix Windows. After that, I started paying attention to the hardware updates. And I noticed that on approximately 5/100 of their computers, Microsoft listed the French-language Nvidia driver as an appropriate hardware update.
I'm not suprised. When looking at what is being downloaded (either automatically or manually) you have little idea of what you're actually downloading. All you get is a strange ID number for the update and an extremely generalized discription of what is being fixed (or unfixed). As the updates pile up, the process takes longer and longer. When there is an update it insists on interrupting whatever you are in the middle of. When it downloads it sucks up CPU time. And when it's finished it will not leave you alone until you restart the computer.
"Ice? You want ice? There's never been any ice! Ice is just a myth!"
I totally agree with the tag that reads "editorsdontgetit". The problem with having this stealth update capability in the first place is that it's a clear and obvious vector for attack and p0wn4g3.
If somebody figures out how to hack these stealth updates (and now that people know the capability exists they will definitely try), then we can all look forward to the time when a rootkit or other exploit is pushed down to machines and installed with the blessing of the OS and the complete ignorance of the person whose machine just got screwed. And it'll look like a legitimate update as far as all parties are concerned after the fact.
The author claims that it's a "Bad Thing(tm)" when people eventually decide to pull the plug on Windows Update, and I agree given all the legitimate patches that have been made available this way. But on the other hand, what choice do we have? Do we leave a door open that has been proven to be used in an untrustworthy fashion by the very people that are telling us to trust them and that they're making our machines better/safer/++?
Will somebody please start writing games for Linux so I can be free of this nonsense?
C
The Sun is proof that we can't even do fire properly.
How long it will take to someone to figure how to make they own updates using the door open by Microsoft in they OS ?
If I was a hacker, I have begun to work on this door as soon has the "feature" has been released.
Imagine, using Microsoft Update to update your virii or you Troy, that a nice "feature".
Ceci n'est pas une Signature !
People can easily switch to Linux, right? Right?
[ think ]
From the article:
"Some people feel that stealth updates and pushing WGA to users under the guise of a security update is paving the way for all sorts of nasty and restrictive DRM mechanisms to be pushed down the system. While I personally don't take this view, it's easy to see where these extreme ideas come from"
Yeah, anybody's experience with Microsoft's increasing paranoia, intrusiveness, and FUD is where such non-extreme and very sensible ideas might come from.
I don't see Microsoft doing anything different with Windows Update than Apple has been doing with their iPhone firmware update. They're simply asserting their control over their operating system. Whereas I don't think it's an idea or appropriate way to manage things, this has not been an uncommon practice in the past.
As has been said before, "Absolute power corrupts absolutely." The solution is to take the control out of Microsoft's hands. There are services/sites out there that allow you to manually download the necessary updates. Most, however, are too lazy to do such a thing.
M$ Windoze is an expensive OS. By way of comparison, SuSe Linux for the desktop is less than half the price and comes with many, many more useful applications.
So, out of the three options you have presented, "cheap" has already been eliminated. That means I should get "fast" and "good," right?
The other side is that a lot of people don't see it that way. I still trust Microsoft to not mess up my machine, even if they're pushing stealth updates to their software. I'm usually anti-stealth anything, I hate software DRM for that reason (don't go patching my CD rom driver to play your game) but in this case it's a good idea to have Microsoft able to stealth update the windows updater, it's one piece of software on your machine that doesn't really interact with the others all that much.
:P.
I know a lot of people are going to clammering slippery slope here, claiming that MS will use this to destroy everyone's life, but I just don't see it that way. Yes the computer's mine, and yes I should know everything that's installed on it, but if MS really wants to stealth patch their updater then yay for them, all that means is I won't have to go through the whole 'Windows Updater must update itself to receive Windows Updates from the Windows Update Site' nonsense again. So long as Microsoft stays within that box of only stealth updating the updater, and I have no doubt they will, I trust them.
Doesn't mean I don't still want to get Linux running though
There are two kinds of fool One says 'This is old therefore good' Another says 'This is new therefore better'- Dean Ing
I call bullshit on this alarmist blog. 99% of the world's Windows users don't give a shit about the updates, and will click anything that pops up on their PC. Most of them likely have no clue what "Windows update" is. The 1% that know what their doing have likely never trusted Windows/Microsoft for anything in the first place. To say that "Trust in windows update is eroding" is just a bit fud-dish.
You have one company holding every networked Windows PC on the internet at the capability of doing whatever they want the PC to do: update, spy, DRM, etc.
If they do not begin to communicate and be more open, I'm afraid the consumer base is going to feel it is more and more like "1984."
Microsoft is in a unique position and yet they cannot do any of it right.
I've been quite happy with Windows Update, leaving it on Automatic all the time and frequently authorising "Optional" updates when I was prompted that they were available. That lasted until Windows Update felt the need to install a new display driver while I was logged in, rather than when I was, say, restarting my PC. End result: 15 minutes of twiddling my thumbs and blind-typing to my IM contacts as my PC struggled install the new driver (I got a black screen, then a tiny-resolution, screen, then a full-resolution screen with no mouse pointer, then nothing but the mouse pointer...) and eventually fell over. Anyone else got some fun stories on that front? The majority of end-users simply don't trust their computers to do as they're told, as we've seen with stories of people checking and double-checking file copies to make sure they've actually "stuck", and any disaster can reset that trust. By handing such a potentially dangerous process (as far as users who can't find the Device Manager and revert things are concerned) over to the computer, Microsoft's making a big gamble.
No kidding!!! What do you say at this point?
Trust isn't something you got by default. You have to give me a reason to trust you.
Unfortunately MS has shown time and again that their primary concerns are not their users but their business partners. Which does not mean their customers, though.
Now, an update to an OS can alter it considerably. The OS sits between me and my data, it controls all input and output my machine generates, it controls all data received and transmitted, can alter, generate or suppress information, in both directions. So the technical possibility is there for MS to decide that certain data is no longer to be displayed, or that certain data is to be transfered without my consent out of my machine. I don't say that MS would do that, only that they have the technical means to do just that, and I could not interfere with it (unless I put a filtering router between the machine and the internet).
What's more a problem is that you usually get very limited information about the "patches" that are about to hit you. If anything, you get a cryptic citation of some KB article that may or may not be relevant for you. More often than not, you don't get any information about the changes that are about to happen in your machine. Also not necessarily a move that builds trust. Do I get all the information necessary to decide whether I need an update? Worse, there are "updates" you cannot decline. They are pushed to your machine without asking. Could there be one that "breaks" my machine, or makes it behave in ways that I do not like? That disable my MP3 collection because it contains no DRM, or that doesn't let me install certain programs for "security reasons"?
If there was reason to trust MS that they wouldn't even think about doing something like that, it would be a non-issue. I have no reason to trust MS, though. MS has shown me no compelling reason that they are on "my" side, but they've shown me time and again that they don't care about me, their customer. So, why should I trust them that they will not change something in the system that is unfavorable for me, without even asking me first?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I guess I can see why they made this a 'stealth' update on Windows XP/Server 2003. I had to perform a fresh install of Windows Vista last week, and the first time I fired up Windows Update, it gave me a prompt which ran something along the lines of:
"Windows Update needs to download an update so that it can update to provide you with updates".
I felt so dizzy trying to comprehend that, I just clicked 'OK'.
Yes i have.
"What do you mean you don't use Apache as your webserver?!?!?! Doesn't everybody?!?!?! What else would you POSSIBLY USE?????"
It may be obvious to us, but not to the general population. Remember that this is a ZDNet article. People reading ZDNet are in the majority, Windows users who don't know Microsoft's evil tricks as much as we do. I'm glad that columnists write these articles once in a while, to make people realize Microsoft is not the "quality assured" company they pretend to be.
If we want to evangelize about open source/gnu linux, articles from "relatively neutral" parties such as this one are a very good resource.
Coming from someone who doesn't capitalize and uses weird language like "can't read the damn thing in the first stance", that doesn't mean much. Stance? Do you even know what the word means?
For everything bad you can say about Windows Update (and I certainly do), for the vast majority of users (and if you can somewhat accurately consider yourself technically competent, you're not in it) it's by far the lesser of evils.
1) Didn't even think about rebooting my box by itself, regardless of configuration
2) Installed updates when I turned my computer on, not off - if I'm turning it off, then any second I'm going to be slinging the machine in my backpack, and jumping on my motorbike. Last I heard, Microsoft didn't possess the magical mystical powers required to ensure a hard drive works perfectly in these conditions.
3) Fucked off when I press the "I don't want to reboot now" button, instead of pestering me every 30 seconds like a bloody 4 year old.
None of these should require registry tweaks or policy hacks - they should all be *defaults*.
Two points...
/.
First, most people don't really trust their computers anyway, because they don't understand them. So the "trust degradation" of giving Microsoft free rein is minimal, maybe even negative, because "At least Microsoft understands my computer, and if anyone can keep it running, they can." Basically it's responsibility transferral for something they don't understand.
Second, there are cases where trust is absolutely required. A few I can think of are medical/HIPPA, military, and media. In a way, the first 2 embody opposite requirements from the 3rd. The first 2 absolutely require data integrity and system control, and the machine owner is central, in control, and responsible. There seems to be quite a difference between medical and military usages, and IMHO it's because medical usage grew out of IT departments, where such things were understood. It appears that military usage grew out of command/control and procurement, where they weren't. As a result, there's no shortage of people waiting to see the fireworks between Microsoft an HIPPA for the former, and the Win-Yorktown and all of our current cyber-security fears for the latter.
As for the 3rd example of trust mentioned above, you can find DRM arguments all over on
The living have better things to do than to continue hating the dead.
http://technet2.microsoft.com/windowsserver/en/library/797e56e1-a611-4f36-8bfe-99f8e6af26cf1033.mspx?mfr=true
FTA - "How can I be sure that updates are safe to install?
Windows uses Secure Socket Layer (SSL) to encrypt the transfer of system information and updates between your computer and the Windows Update Web site. Each file that you download using Automatic Updates has a digital signature from Microsoft. Digital signatures are designed to ensure the authenticity and integrity of signed files. Automatic Updates will not install files that do not contain the correct digital signature."
throw new NoSignatureException();
Don't get offended, but anyone trusting Microsoft is the best next thing to a fool. It may only be my humble opinion, but it was drawn from experience of many people. Sometimes it's just best to put the damn update service to disabled.
All the sexy babes want me... to fix their PC.
...that developers from MS Gold partners are telling you to shut down automatic updates because they can/may/will ruin the $1 mill. .NET based project they are developing for you.
I have heard this from several different MS partners in the past years.
Auto updates are the work of Satan's own bum.
Seriously.
I have Thunderbird, Firefox, iTunes, VMWare and Adobe Acrobat Reader installed. In their default "automatically hassle user for updates every time they're available", you'd be lucky to go more than a few days without discovering that something needed to be upgraded and therefore restarted.
Vista, by default downloads updates, installs them AND reboots!
This happened to me.
The difference isn't the time it takes. The difference is what the time is spent for.
At MS, engineers argue who has to do the fixing.
With Linux, geeks argue whose fix is more elegant and better.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I think they were talking about how you do not have to pay for the patch.
I don't have to pay for my Linux patches. Where is that going on? I'd like to see that scam in action.
Microsoft has a company to run.
They offer the least possible features that the market allows for the highest possible price they can fetch. Indeed, Microsoft is a Marketing company that employs a legion of developers. The product, for the most part, is testament to that. No innovation to speak of and more license restrictions in the next product.
Let's unwind the propaganda a bit.
1. The average useful OSS project is not a headless zombie with a bunch of peace-loving anarchists running around it. There's somebody that has FULL control of the project. In fact they all have better organization than all of the big companies I've ever worked for.
I know that Microsoft in particular has quite a bit invested in spreading the headless-zombie-anarchy idea around but it's just not true.
You are paying too much for what Microsoft offers and have been for over a decade. Please take a step back and examine the situation with a little more rationality. You'll be much better off without Microsoft.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Actually the complaint is about the auto-update service automatically updating itself. There's no k/bs about that.
We've actually had windows updates that pretty much crippled our autodesk batch printing systems and cost us nearly 2 weeks worth of man hours to fix. Our final workaround was to have a machine totally unpatched that just simply does autodesk batch printing.
An article on that subject by someone above the blithering blogger level would be useful. This subject needs coverage in the Wall Street Journal or Business Week. There are some real issues here. If you're a bank, what do bank examiners think of Microsoft having a backdoor into your systems? If you're a health care provider, is there a HIPPA compliance issue? If you're a law firm and some of your clients are adverse to Microsoft, is it a breach of your duty to your clients to let Microsoft control your systems? If you're a defense contractor, is that back door permissible?
Many such companies run background checks on anyone who potentially has access to their data, and audits of what's happening within their own business. Who's auditing Microsoft for security? Who actually has access to the master keys that allow pushing an update? How many people have access to those keys? Are they US citizens? Do they have security clearances? Are they bonded?
Now those are the questions to be asking.
TFA was about M$ lying about their updates and forcing unnecessary updates on the luser.
Patents Drive Free Software as Hurricanes Drive Construction Industry
What Would Mister T Say?
The usual same thing he always says: "I pity the fool..."
Well, Microsoft has billions of dollars and more labor than some of the smaller countries in this world. It's true that these projects are very complicated, but similar things have been done with far fewer resources...
++ Solaris
++ SkyOS
++ ReactOS
It's not so much that these projects are hard but that it's hard to co-ordinate all the people involved to use their resources as effectively as possible. Take for example the story about the resources MS dedicated to their Vista shutdown menu. It's true that the said button is an aspect of the system, but a comparatively negligible one; those 5+ programmers employed for that same period of time could accomplish a great deal. For example, they could have optimized the network stack sufficiently that it may not have been necessary to throttle it when music plays. In essence it's no longer a question of difficulty but a question of efficiency.
How do you kill that which has no life?
I have to use Windows for one single heavy duty application, so I have no choice. But I loaded a new hard drive with Win XP Pro XP2, the updates at that time (2 years ago or so) and the application.
The Dell has never been back on line since then, and has never sufferred a BSOD, nor any update issues, and has stayed up virtually 100% of the time, performing flawlessly.
All work on the web is done on my MacBook Pro, thank you, and it has never suffered any downtime, either. Well it didn't until I filled up its hard drive and needed a larger one.
I am seriously tempted to repeat Win XP SP2 install on a new Dell to take the next version of the application I must run. The last thing I want is crap from the web shutting me down for various crapo reasons.
This is a problem that the western world has. I'm 45 these days and I believe society is changing, while I can't be 100% sure, as I am getting older and changing as well, but apathy and disregard for our rights and freedom is growing at such an alarming rate.
We have rights, we do, but we need to fight for them or people, politicians, and corporations will simply assume we will be lazy fucks and taunt "nah nah nah nah nah" and take them away.
We have the right to own our machine. We have the right to tell companies "I won't open a word document, send it to me in ISO ODF or PDF or text." We have the right to remove Windows from our system. We have the right to sell our OEM Windows licenses.
Without even getting into politics or the growing U.S. police state, corporate america needs a dope slap. We, ALL OF US! have to stand up to corporate shit. We do not stand against it in great numbers, then nothing will ever get done.
Call tech support when shit happens, keep them on the phone for a long time, it costs them money. Send products back, it costs them money. Tell people to avoid products that suck, it costs them money. When the shit that comes from China has lead in it, sue them, it costs them money. The government isn't going to do anything for you, the politicians represent the corporations. It is only when bad corporate policy costs them money, will they change and not one minute sooner.
Start RETURNING computers, WHOLE COMPUTERS, because vista sucks. If Windows is part (as OEM's claim) of the computer, the the WHOLE COMPUTER is defective. That will make the Dells and HPs start to offer new options. Seriously, if 10% of the slash dot readers went out and bought new computers at the big retails stores tomorrow and returned them the next day siting that Vista does not work and is not reliable. It would make a HUGE impact on the industry. No one could ignore it.
But, no, no one will do that because they ARE to fucking lazy.
Surprise, surprise.
As Bruce Schneier points out, the problem is not that Microsoft can install updates on your computer without asking, but as soon as it gets cracked, then soon every script kiddy on the planet will also be able to do so.
Then you're really going to be screwed.
-mike
-- "So, what's the deal with Auntie Gerschwitz et all?"
As far back as windows 2000 i've had ambiguous updates completely hosed healthy, working systems. Nothing new to see here
Have a squat over at the hobo house.
I can't understand why anybody would allow a company to have free access to their OS. How much more likely are you to get nailed by an evil-doer if you wait a couple of days before installing an update to make sure there's no problem with it?
I look at all the bloat-ware Microsoft seems to believe I want or need on my system, add in all the stuff they want to install for their own reasons, and I have no intention whatsoever of allowing them unsupervised access. If you had some heirlooms in your house, would you hand over the keys to a cleaning agency with a record for occasional carelessness?
I've calculated my velocity with such exquisite precision that I have no idea where I am.
I have four updates to install right now. Out of the four, one is for Outlook Express which I don't even have installed. Another update is for Windows Malicious Software Removal Tool, which I never install and in addition always tell it not to bother me with any more updates but they still keep appearing.
I guess the problem is control. If you want to retain control of your machine, you end up fighting against the system and have to watch it very closely. The alternative is to drink the kool-aid and allow updates to take over your machine ceding control to Microsoft. For me, I'd rather try to retain at least the semblance of control over the machine I use on a daily basis.
Once I was a four stone apology. Now I am two separate gorillas.
Hear me out. I'm getting sick of hearing about how windows has all these "closed, secret updates". News flash, if you're a major corporation, you know EXACTLY what MS is pushing out, and often times have access to the source via an NDA for what is being pushed out. Now, this article may be very valid for joe schmoe user, but at the end of the day, linux is no better. SO WHAT if my grandpa can look at the code to the update being pushed to him. For him, that update is just as much of a black box as anything that MS pushes out. It is just as likely, if not more so, to break something, than any MS update. I have had FAR, FAR more updates on *nix* boxes *break EVERYTHING* than MS. Yes, I was able to work around it, which is great for me, because I know what I'm doing. If it were my grandpa's machine, he'd be paying someone to fix it, just like if his windows machine broke. So no, I don't think linux updates are in any way any better for the average user. I would be pressed to say that it's any better for the LEGIT power user either.
Let's be honest here, the people with the biggest issues with MS update are those with pirated copies of windows. Ya, sucks for them, but let's not cry about the fact that you got caught with your hand in the cookie jar.
"alarmist blog'? 'fud-ish?'
:-)
This after Balmer calls Linux 'communist' and threatens law suits for alleged patent/copyright violations? (But doesn't seem able to carry through to court, where they want proof.)
To claim that "99% of the world's Windows users don't give a shit about the updates, and will click anything that pops up on their PC" sounds like somebody's having a bad day.
But then I am a Mac user on 3 boxes, Linux on another and XP(SP2) on a third, cowering behind a firewall (or two.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
While rhetoric like "betraying user trust" and "eroding customer confidence" make for great fodder on sites like slashdot, the sad truth is that Ma and Pa Sixpack are oblivious to all of this. As long as their dusty old Dell still gets onto the intarweb, they're happy. They just click "OK" every time the systems asks them anything, and don't really care WTF windows update does.
Slashdot: come for the pedantry, stay for the condescension.
ssh://user@host/path/to/dir works great in gnome for me without having to mount anything
as does
smb://windowsuser@windowshost/sharename/path/to/dir for windows hosts
One thing I'd really like but haven't been able to figure out is how to get it to translate windows links my colleagues send me (s:\path\to\shared\file.doc) to something nautilus understands (smb://usernameforSdrive@HostForSDrive/ShareForSDrive/path/to/shared/file.doc) - seems non trivial but would be a real timesaver.
I have XP SP2 and did install the OS "fixes" before turning off the windows update completely.
However, I did not install any of the security updates. nothing, nada, zilch.
This machine runs just fine without them. My firewall and virus checker do the security functionality for me.
That box has worked flawlessly for 4 years now and is continuously connected to the net.
Having an array of software that analyzes the system for problems seems to do the trick.
Some of the better "cleanup" tools I use are:
- regrun2
- autoruns startup manager (free)
- webroot spysweeper
- registry mechanic
I'll admit this may be a little tinfoil-hattish but it makes me wonder if MSFT is the only player in this saga. Just supposed in the wake of 9-11 hysteria that someone in the administration had the brainy idea to slip a traceable...something...in PC's to track terror suspects. Not something that reported to a third party...too easy to spot the traffic. Something that relayed the data through MSFT so the destination would remain hidden. Now the forced updates are wiping out whatever it was.
Probably out there but a few years ago suspecting the phone companies of listening in on the phone calls of millions of Americans without a warrant would have been really out there.
And before that was the revelation that printers were spitting out identifiable information in the background.
It's a sad testimony that wholesale spying on PC users is not out of the realm of the plausible for the current administration to attempt or Microsoft to cooperate.
It may be years from now before we find out the whole truth. What we know today should send a shudder through every freedom loving person in this country. I'm mildly surprised so many hard-core right wingers are okay with the government spying on them.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
I've long thought the same. Looking at the US situation, that method of government (american style democracy (i'm usian, btw)) (oh and I like scheme;) works really well in small groups with common interests. And it *still* works well in the right scale: small towns, social groups (neighborhood associations, PTG's etc) but rapidly loses effectiveness as you move up in scale. In fact I think the number, at least for governed populations, is much smaller than 1e7. You really need to know at least a sizable portion of your fellow citizens to develop a situation where you give a damn about the rest of the population. Once you get to a "them" mentality, its all over because who cares if it hurts "them" so long as "we" get what we need/want. I think that if the local level is working well, then it will carry up the government ladder to regional and even national levels because the local effectiveness keeps people involved. If you, as a citizen, have access (I mean *real* access) to your elected representatives, and those representatives have some clue who you are, then government will work for you. If not, then apathy sets in.
Probably the same for capitalism as well. Capitalism works great when everyone knows everyone else, or at least most everyone else. I, as a retailer, know my customers and my customers know me. I'm happy to sell to them for a reasonable price that supports me in a reasonable manner and they are happy to buy from me knowing that they're not being screwed. They know this because they know me and know my lifestyle, at least somewhat. Once you no longer know your customers, then you begin to view them as objects with money that you want to get. It's sort of inevitable (I know, I own retail businesses). Likewise, if you as a customer don't know the producers/retailers of goods and services you purchase then you objectivize(?) those people and no longer care about their living and working conditions, you begin to just want the stuff as cheap as you can get it.
It is my opinion, based purely on anecdotal experience, that the system breaks irrevocably once the scale of the local population gets above some number of thousands (maybe 10-50, at a guess) and the population at large is also sufficiently large (a few million?).
man, I feel like mold.
Is laziness. In well over 50% of the cases we run in to at work where someone shut it down, the reason is because they didn't want to bother with having to reboot their computer. They want to be able to run simulations over night and can't bother to have them save state once a week. Sad, but that really is the #1 reason we run across.
What peeves me is how often I see people unnecessarily double clicking on hyperlinks, dialog boxes, error messages, start menu, close button, etc... Their only luck when it actually makes a difference is that so many people don't have the coordination to hold their mouse still when they click that their second click misses entirely. I havn't gotten a single person to pay attention to their actions, let alone "switch" their minds to be aware of what they are doing with their HIDs. If you can't switch people to using single clicks on hyperlinks, how do you switch them to linux? They don't even care when it doesn't work. Amazingly, Ubuntu has managed to address the *cough* "average" user.
Want Big Business out of government? Take away the incentive and start by getting government out of big business!
Not only that, but the grandparent post deliberately, I suppose, obscured the issue. The issue is trust, not honest mistakes.
Microsoft's recent sneaky update has caused severe problems: Microsoft Stealth Update and Windows XP repair don't mix. If Microsoft weren't sneaky, at least customers could deal with the mistakes more easily.
Quote from the ZDNet article: "The overall impression that I get as someone who deals directly with the company is that Microsoft believes that it is right and anyone making a fuss is ultimately wrong". It's not surprising to me that billionaire virtual monopolists would have developed arrogance.
However, that's not the REAL problem, in my opinion. The real problem is that people think that Microsoft is a software company that is routinely abusive. But it isn't. Actually, Microsoft is an abuse company that uses software as a means of delivering abuse. I think a lot of people agree that, if you look at it that way, Microsoft is excellent at what it does.
Any time I see that particular update appear in the hardware updates, I always hide it from the user. I have only had it successfully work in a very small handful of cases. It has failed so many times, I shudder when it shows up. It has failed so bad on two occasions that a rollback didn't fix it. I had to replace the video card to get XP working properly after installing that piece of malware.
Updates on windows latelly are not really upgrades for your computer
but change lincenses and windows validation of authenticity.
Personally, I cant blame them, YES it may be frustrating for microsoft pirates.
Sorry guys.... time to buy your original copy of windows
I've often wondered with the slow Vista uptake whether MS would torpedo XP via updates that actually degrade performance or break things deliberately. It's weird, I have a number of XP boxes with very good reliablity, but in the last 3 months I have had a number of software related failures on nearly all of them - most requiring re-installs. The drivers haven't changed, usage hasn't changed, the only thing that has changed is the MS updates. No hard evidence, but many fellow admins I know have seen similar oddities occur (esp after the stealth update)...
It could just be coincidence as it would be a very dangerous move by MS, yet I wouldn't put it past them. Users who are having to fuck around are surely more likely to consider switching OS. For the bulk of desktop users that would be Vista.
The best fastest way to get people out a building is to set it on fire...
So a boom of mac lovers came from Apple giving away lots of computers to schools, like cigarette companies giving away cigarettes during the war (all of them). Both became an addictive disaster. Microsoft made shady deals that would make the devil squirm to make stores and prebuilt computers Windows only. There will never be a switch to Linux. There IS going to be a new generation of computer users. From OLPC to all the (for now) poorer schools and countries adopting/mandating Linux into public education, and other businesses unwilling to submit to the Microsoft tax (approaching 100 percent?) Average users / morons are going to use Linux because it is what they are used to, and the pay to switch will be a luxury once Microsoft actually has to be competitive (look as OSX or the history of Apple OS in general). 5-10 more years for Linux to reach middle class schools in the US, and other other countries, plus another 20 years for the generation born into that world to reach the work force. Software of the future CAN'T continue to be developed the way it was/is done in the past/now... Unless everything ends up Macromedia/Java... And if that happens, just throw me in front of a freakin train. Remember all those companies / people that didn't think computers were the thing? They didn't switch, they died. :)
Want Big Business out of government? Take away the incentive and start by getting government out of big business!
That being, piracy and people passing on upgrades.
/. who like an OS that purrs like a pussy. Business gets an acceptable OS, over time. Home users get a cheap and good enough OS. OEMs & Dell/HP get their $ from new hardware sales. Microsoft gets what its illegal monopoly has allowed them to swindle.
When people download Windows, Microsoft doesn't get money. When people stick with an older version of Windows, Microsoft doesn't get money. So, they provide a crap OS (XP or Vista) and then update the thing to a passable state.
Result? (1) The OS becomes "OK" over time but (2) becomes a bear to install & update on a new computer due to the number of patches (& reboots) so home users and tech shops won't even bother or will charge for it (putting it out of reach as an option), and (3) becomes a bear for the average techie to install on their custom box, due to a dearth of drivers and the long install time, to the point where it is cheaper in time & energy to buy it installed on a new computer.
Everyone wins in this situation, except people like the majority of those on
Now, if Microsoft actually delivered a good OS (e.g. Win2000) they would majorly shoot themselves in the foot. No need to call home to register product. Easy to crack/copy/install...forever. Half decent techies can re-install Windows for their neighbors. Corporate world doesn't need subscriptions, and even gets a little "careless" about installs. Microsoft loses on every front.
So, is Microsoft's behavior really all that surprising? And if not, is it worth complaining about? Accept the way things are or go for an alternative.
I come here for the love
http://www.happypenguin.org/
http://www.linuxgames.com/
Sure, you can say they're inferior, but you can't say they don't exist. At the end of the day it's a question of whether you value your freedom more than the latest whizbang games.
While most end-users get their software from their distro, where do you think the distros get it from?
The vast majority of packages are maintained separate from any distro, and they're pulled into each distro by the distro maintainers. The real reason why the the linux updates are more reliable is that the developers can _talk to each other_. Most packages have mailing lists, newsgroups, forums, etc. and solutions can be developed in cooperation with the other developers.
As for the buck-passing thing...it happens with linux too. The application team blames the platform team which blames the distro which blames glibc, and they in turn say that the distro needs to upgrade to the latest version, which isn't compatible with the distro's compiler....and so it goes.
"You get one of the above, and only on one product".
Cheap - Base OS on OEM. So cheap that it irritated the DOJ just a little (but not enough.)
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
I originally trusted MS with Windows updates, but as usual with matters concerning Microsoft, it was a huge mistake.
The updater got greedy and decided to update my MS Office. I don't have outlook installed, since I never use it. The updater however somehow failed to detect that and started downloading a "critical update" for Outlook without permission. It then started asking me if it's ok to install, but naturally the install always fails, as the files are not where it thinks they are, so it cancels and later again asks me whether it's ok to try. I've been seeing that wizard ever since for a few months now. The solution? I can think of two actually:
1) Reinstall the OS (preferably to something Open Source)
or
2) Get used to the thing.
That's how it always is with Microsoft - the bug is there for so long that everyone knows about it, and then it's not a bug anymore. It's a "feature"...
There are two kinds of people - those who are radioactive and those who have already decayed..
Doesn't the typical Windows user trust almost everyone, anyway? Most of them rely on blacklists to make the decision about whether or not to execute some code that you email to them! If McAfee's 27-month-old database doesn't say it's malware, then it's ok to run it with full admin privs and direct access to the hardware.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Great sarcastic troll! Kudos!
I would definitely mod you funny if I had points.
The cesspool just got a check and balance.
What's really broken with Windows - trust. Not even Windows Update, but Windows in itself. Windows Update is just another add-on that tries to install crap onto your machine, like that "Malicious Software Removal Tool".
And of course the whole crappy spyware and trojan ecosystem, but that's not directly caused by MS.
I finally gave in and bought a Mac - I want Photoshop, and I can't have that on Linux (and no, forget The Gimp for what I'm doing).
I knew Windows Update was dodgy, but this is far beyond the so-called red hand of guilt -- MS would have to be some kind of anti-Pict with its whole body dyed red for this expression to apply in this instance. Got me thinking more and more about simply sucking up the hit in productivity from missing *nix software and making the jump, regardless of required apps that I can't get to run under Wine. Part of smart business is reducing your exposure to risks, and MS is looming ever larger...
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
I'm assuming the OP was letting us know the number of machines he was dealing with, which I found to be useful information. Now if he did indeed mean 5 percent of an undisclosed number of machines, I'm with ya.
Never let a lack of data get in the way of a good rant.
and then there's "switch" as in changing your OS and being able to do everything you previously could on your old OS after the switch.
It is for this reason that I think Microsoft should be broken into an OS company and an applications company. There is no reason why an application, like a word processor, should care which OS it is run on. The world could use a programming model like the networking OSI model.
When our name is on the back of your car, we're behind you all the way!
Man, what a great quote. I'm going to be forwarding that around!!!
No one gets to talk to my machine without my say-so.
And I stopped Windows updates right after XP-SP2. There's a hardware firewall AND a software firewall. And I'm often running one of the unixes rather than XP.
No trust! None at all!
Comment removed based on user account deletion
I don't suck at anything. :-)
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
I discovered the when Windows Update wants to download something, it seems to dominate the network bandwidth of the machine, despite MS claiming that it plays nice with bandwidth. On my own machine this has meant that some applications could not connect or ran slowly during Windows updates. When I share a slow wireless network with other machines, I found that things got nice and slow when WU kicked in on those machines.
So I turn it off, and hope I remember to update when I have time to wait for it to do it's thing. I have noticed that some MSI files turn it back on again as part of the install. My machine slows to a crawl so I notice what has happened pretty quickly.
cmon, I trust Microsoft just fine. Vista certified drivers? I trust those. I trust everything MS does, actually. I'm not a tool, I promise, but I have no reason to distrust them.
It's more of a "nothing to hide, nothing to fear" situation. I don't see any of you losing millions (yes, millions) of dollars arbitrarily because some snotnosed middle schooler doesn't think he wants to pay for the product you developed. So how does microsoft get those millions back? They have to impliment security measures, just like the RIAA, Game companies, and every other industry who is suffering from rampant thievary. So no. I have not been "betrayed."
we'll have comments made similar to those revealed in the Enron trial about "grandmother"
She just wanted to use her lights.
Oh but in those cases, we have a PSC in place to protect consumers whether they know anything about electricity or not. They are just paying idiots right? They just flip a switch and hope lights work or their respirator functions?
And who really cares if most of your fortune 500s are running some form of their critical apps on MS operating system with no real way to turn off these hidden updates. With the recent alarm called to SCADA based systems, I would hate to know that Balmer was calling the shots at updating a corporations servers without their knowledge. I suspect this could be grounds for suit in a DHS investigation if a botched patch brought down a grid. I don't think Balmer ready for anything like that.
Trust? Sure, but Windows Update was broken well before these stealth updates became apparent, and a reinstall of XP Pro the other day reminded me how much so:
* Using a browser to patch the OS
* Having to update the updater before updating
* WGA
* Non integrated service packs (SP2 is a separate download/installer)
* Multiple reboots (6 to bring the OS up to date)
* Slow (3.5 hours lapsed from start to completion)
* Over abundant tray notifications (Your system may be at risk! Turn on auto updates!)
Yes, I used PuTTY on Windows and liked it a lot. That's why I installed it on this Ubuntu box. It works just as well for everything I've done with it (like any great Unix tool, PuTTY has lots of functionality I've never used)
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
At the recent 50th Anniversary of Medical Genetics here at the UW, multiple presenters, researchers who flew in from around the world, spent a lot of time trying to tell Windows not to reboot, just so they could use Powerpoint to show their presentations.
...
Microsoft had, of course, downloaded updates and refused to stop asking if it could reboot.
On a laptop.
Which part of "Wait until I shut down my laptop at the end of the day" don't they get?
-- Tigger warning: This post may contain tiggers! --
Isn't that why they call it Anti-trust?
You are confusing updates vs. Backports.
Updates are small security patches in the form of a DIFF file that are applied to an existing peice of software. Backports are entirely new versions of software. Fedora makes no distinction between Updates and Backports. In CentOS and RHEL, Backports are not allowed. In Mandriva, Backports and Updates are Segregated into Main Updates, Main Backports, Contrib Updates and Contrib Backports. Backports are more likely to break something than an update will, Ubuntu also Segregates Updates and Backports.
Your mistake is to say something here on this website that is negative about any *NIX variant OS there is: It is grounds for IMMEDIATE DOWN MODERATION, here on /. (the home of pro *NIX based FUD/Anti-Microsoft FUD).
Is you were modded up as "funny"...
I just bought a Ubuntu Dell instead. Sends pretty much the same message and is a lot less hassle.
"Be grateful for what you have. You may never know when you may lose it."
Fixed the title for you...
When you're sitting on a bot-net that can beat members of the top-100 supercomputers on processor count and mips, factoring those large numbers may only take a few years. And it sure would be worth it!
For some actual values: RSA-640 (bits) was factored in appox 30 2.2GHz Opteron years. A botnet of 1000 'bog standard' machines at a 16th of the CPU speed would reach that in 6 months. RSA-200 (decimal digits, ~663 bits) was factored in approx 75 2.2GHz Opteron years. The same botnet would reach that in 1.2 years.
Somehow, though, I feel that there are botnets out there with much more than 1000 nodes...
Microsoft betraying user trust on several separate occasions and this behavior is eroding customer confidence in the entire update mechanism.'
I think there are probably a lot of people on Slashdot that got burned early by WindowsUpdate, and never trusted it again. I've been burned a few times, and now I leave automatic updates off unless I have a good reason to leave it on. Nevertheless, I really believe that Microsoft is making a mistaking screwing around with this particular sacred cow, although I'm sure the temptation to abuse it was just irresistible. As Wally from Dilbert put it, "What would be the other reasons for having power?"
Still, if our good friends Joe Average and Joe Sixpack get it into their heads that WindowsUpdate has a significant chance of blowing away their systems, they're going to just turn it off and to Hell with patches and fixes. And you know what? They'd be right to do so. This is a stupid, dangerous game that Microsoft is playing.
The higher the technology, the sharper that two-edged sword.
Oh keewriste! Will you mac fanatics just shut it!! Someone mod the parent Off-Topic *Please*
And people don't like to trust Microsoft. But really, can you categorically and scientifically prove that Apple, as a private company with a structure similar to Microsoft for all intents and purposes (ie, make money, leverage one arm of the business to sell another, push price as hard as possible, generally anticompetitive where practical to be), can be trusted to the same extent? (And yes, people will immediately say, well Microsoft have gotten caught for these practices and Apple hasn't gotten caught yet so evidently they are more trustworthy).
Can you likewise trust the producers of your most beloved Linux distro? They may not be a profit minded company, but does that mean the quality of their updates will as a result be higher?
Or, as we have just demonstrated, if you can't trust the company you get your updates from, should automatic updating be stopped altogether?
I am government man, come from the government. The government has sent me. -- G.I.R.
Some people actually trusted Microsoft? When? Where? Who? I thought it was just viewed as a necessary evil if one wanted the convenience of auto-update... Doesn't the click-through license MS provides pretty much grant MS the right to do as they wish? I'm still confused about where trust enters in.
Wasn't it Bill Gates who said that "if you run someone else's program on your computer, it's no longer your computer"? By allowing Microsoft to run auto-update services, could MS reason that by running "their program" on your computer, you acknowledge that it's no longer, strictly, your computer?
I'm not sure if Wine is even in Ubuntu, but I know the version there lags behind real Wine development...
So WineHQ hosts their own repository. You can add that to your list, and thus automatically update both Ubuntu and Wine, both through Synaptic, or the system tray thing, or Adept if you're on Kubuntu.
This isn't limited to adding one package at a time, or adding stuff not really in the normal Ubuntu. Medibuntu provides all the codecs and such, of questionable legality, which are needed to make an Ubuntu box play modern media. Add one repository, update, and install maybe three or four packages, and you've got DVD playback, win32codecs (not that they're needed much), and so on.
In other words:
Ubuntu already includes a massive repository of stuff to update, from your web browser and OS (which Microsoft bundles together) to your bittorrent client. Windows Update can be "upgraded" to Microsoft Update, which will then handle all Microsoft products (provided they are new enough) -- but it will not handle any non-MS products.
Third-parties can provide their own repositories, which you can mix and match with the official ones. On Windows (and OS X), the system-wide update is vendor-specific, meaning each vendor has to go reinvent the wheel and provide their own package management system, and many don't. (Case in point: on Windows, my only indication that there are new nVidia drivers is when Steam tells me, and Steam didn't come from nVidia. On Linux, they get installed automatically. Video drivers are kind of important to keep updated.)
Net result: On any decent Linux, updating is a one-stop shop. Maybe not one click, but maybe three.
On Windows and OS X, critical updates are near-automatic, but if you're like me, there are still anywhere from five to twenty additional free apps that need to be updated individually, by checking their website, downloading a new installer, uninstalling the old version, installing the new one, etc. Slightly easier on OS X only because installation/uninstallation is faster -- for SOME apps.
Don't thank God, thank a doctor!
Should be mentioned that the latest Unreal, Quake, and Doom are always ported fairly quickly.
Also should be mentioned that quite a lot of games work under Cedega, or even vanilla Wine. I believe WoW is like that -- stock WineHQ will work fine.
Don't thank God, thank a doctor!
OSX automatic updating, always asks permission before downloading, specifying what the downloads are for and allowing you to choose only a selection of them. Security related downloads are in separate packages and clearly marked. At any rate no installation can take place without the user giving the root password. This is far from being a bother to me, it raises my trust in the updates and allows me to forgo updates I really don't want, which are never the security updates. A blogger who worked on the vista GUI said they had an OS box on their table throughout the process of designing the vista GUI, why didn't they learn from it?
That's the first question. On my Ubuntu, updates never break anything that wasn't broken already, but sometimes they fix things. What you want is a stable distro, not "kernel line", so that you know that a kernel update (from your distro) won't break a driver update (from your distro).
About your GNOME update: Did you try creating a new user? Sure, not easy to do, but you managed to install KDE. In fact, if you were going to reinstall, you might as well have just done "rm -rf ~/.gnome", and reset your entire environment.
Not easy, but did you even bother to ask anyone, on IRC or something?
Try Ubuntu. You get 12 months of support for the short version, which is released every six months, and 3 years of support for the LTS version. You can also get discs of the new version shipped for free, assuming the upgrade doesn't "just work".
This, by the way, is actual support you can buy from Canonical. Chances are, the community will support you as long as you like, and again, no cost for upgrading -- with Windows, if Microsoft decides not to support Windows XP anymore, you're stuck with Vista, AND the $200 upgrade fee (or more).
Microsoft does not include full source code. They barely include a changelog. Sorry, but you lose this one.
Maybe you just don't know where to look? Did you ask?
On Linux, I have everything update automatically, through the same interface. It updates from a distro, which generally tests for incompatibilities between various software, so I don't have to. On Windows, Microsoft products update through Microsoft Update (assuming you enabled it instead of just "Windows Update"), and everything else updates through its own update service, or not at all -- there's likely a dozen programs I have to check manually. OS X isn't any better.
Don't thank God, thank a doctor!
I guess trust should work both ways. MS does not even trust its customers.
Lets not forget that Bill Gates got Microsoft started by ripping people off, stealing technology and other borderline criminal activity that business people call, well, "business". So it takes no small effort to consider that this mentality is embedded in the very company that he created. So if that is what it is all about, well, the customer is, well, simply "trash". Simply put, Microsoft doesn't care and they don't need to care. They already have your money anyway. Will...
We NEED to be able to address the trustworthyness our computing platform and platform updates. Any automatic update process has the potential to be abused. If a hacker or spy-agency can gain control of an update process then all sorts of security issues arise. This is true for any software that pushes updates not just Microsoft. We have many clients who have every legitimate reason to need secure and reliable computing platform, some are law enforcement, legal, medical, mental health care agencies and ordinary people. Historically a reasonable option for a trustworthy platform has been offered by microsoft software along with a healthy dose of best practices configuration. Most problems occur when the best practices are ignored. What can we tell clients about the trustworthyness of the update process? Namely what assurances are in place that prevent the application of some federal order telling Microsoft or redhat or some other vendor to distribute an update that exposes client information without the knowledge of the systems administrator(s)? We need to address this concern somehow. Thank you, Matthew Joy Bright Solutions Inc.
Then, thinking back to when XP launched, I seem to recall Windows 98 having similar "all of a sudden it's broken" issues... perhaps there *is* a link - Microsoft launches a new OS, and the previous flagship OS is sent a "kill switch" that causes it to write random data to random places? Say, one bit every umpteen or so cycles? Thereby guaranteeing that the previous "best thing EVAR" is no longer stable and reliable...
Hmm.
Perhaps we should all look to the EU's response to Vista, and switch to linux instead of switching to Vista.
Perhaps we should all stop supporting Windows in any way, shape, or form.
On a side note, if anyone wants to support me and my family while I forget my Microsoft indoctrination and learn linux well enough to make money supporting it, feel free to drop me a mail.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
Dear Beautiful Mackenzie (an Actual Girl):
I'd like to sneak up behind you and start fondling you violently and then as you struggle to try to escape I'll take a scientifically-proven magic petrification ray from my bag and zap you with it, and it would first disintegrate all your clothing, leaving you gloriously naked, then it would start the process of transforming your body into marble, inducing in you a massive magically-induced which would be captured eternally as your body is turned into solid stone from the feet up to the head gradually, freezing your final moan of ecstasy as you become a beautiful, cold lifeless statue, but with your mind still alive inside the statue, aware of everything that happens to you. I would put you in display in art museums so that everyone could admire your spectacular naked & petrified teen body, then I would put you on a pedestal in my apartment and admire you constantly, and climb up on the pedestal and make love to your stony form, getting my penis raw & red from the friction, and covering your beautiful hard marble skin with my spooge, my beloved naked-and-petrified queen.
(NOTE: This is just a fantasy; I would not actually do this.)
p.s. I like masturbating to your Blogspot picture1