Slashdot Mirror
What's Really Broken with Windows Update - Trust
Be Cool writes "According to ZDNet, Microsoft has steered itself into a real trust tarpit with Windows Update: 'See, here's the problem. To feel comfortable with having an open channel that allows your OS to be updated at the whim of a third party (even/especially* Microsoft ... * delete as applicable) requires that the user trusts the third party not to screw around with the system in question. This means no fiddling on the sly, being clear about what the updates do and trying not to release updates that hose systems. While any and all updates have the potential to hose a system, there's no excuse for hiding the true nature of updates and absolutely no excuse for pushing sneaky updates down the tubes. Over the months vigilant Windows users have caught Microsoft betraying user trust on several separate occasions and this behavior is eroding customer confidence in the entire update mechanism.'"
I don't see the update mechanisms for the major Linux distros having the same kind of problems and their users are much more vocal and much less forgiving than Windows users.
The fact is Microsoft has been caught a few times implementing stealth fixes or trying to force major updates (eg. IE7).
Some of what I say is fact, some is conjecture, the rest I'm just blowing out my ass...you guess.
I'm not suprised. When looking at what is being downloaded (either automatically or manually) you have little idea of what you're actually downloading. All you get is a strange ID number for the update and an extremely generalized discription of what is being fixed (or unfixed). As the updates pile up, the process takes longer and longer. When there is an update it insists on interrupting whatever you are in the middle of. When it downloads it sucks up CPU time. And when it's finished it will not leave you alone until you restart the computer.
"Ice? You want ice? There's never been any ice! Ice is just a myth!"
Two things:
1. Hardware suppliers are supposed to give you the exact same hardware for each of the "same" system you order--makes regressing problems easier, and eases management issues. Your supplier didn't--maybe they used a different video card that had the same chipset but different manufacturer. If you installed Windows on a hundred computers, with the exact same hardware, the results should be exactly the same except for the odd crash. This doesn't sound like a "Microsoft being stupid" story as much as a "hardware supplier slipped in some greyware video cards to unsuspecting educational enterprise" story.
2. Windows Update isn't an enterprise-class solution. Again, makes regression impossible. Push your own solution with the Microsoft-provided hotfix packages, or sneakernet them.
A NYC lawyer blogs. http://www.chuangblog.com/
Or, to put it differently, there already is very little trust in Windows Update anyway (even though, from a technical perspective, their track record is nothing but spectacular).
Let's go with this a minute. To have a comparison, I will use Synaptic on Ubuntu. Both are consumer oriented. Both allow you to do unattended. Both allow you to get user aproval before patching. (Other then the WGA update, point to Ubuntu)
Ubuntu has had several spectacular failures that have resulted in a system that will not boot to the desktop. Microsoft has had a few good ones that call you a pirate and shut off functionality. The Ubuntu fix was within hours. The Microsoft fix was within days. On paper they are quite close, but in the real world MS is hated. Why this is should be the first priority at MS before more people realize just how viable Ubuntu is for many people.
Actually the complaint is about the auto-update service automatically updating itself. There's no k/bs about that.
> Funny I always thought OS X was based off of BSD
Except for all the graphics parts, all the objc APIs, all the system resource stuff, all the device drivers...
You probably think Windows is based off of BSD because it includes nslookup, traceroute, and ftp.
1. For most users, when Automatic Updates is enabled, it installs them in the middle of the night, and rebooting is not a problem. It makes sense, as it doesn't impact the user.
2. Hibernate.
3. And it's 4 hours on Vista, not 30 seconds.
Some granularity to the configuration process could be used, though. It sounds like you can change one setting and solve all your problems (that is: "Download updates but let me choose whether to install them" - it won't interrupt you only to tell you it has new updates. And it does that once).
Wait - I don't understand... you have linux machines, you use linux machines, and you think PuTTY and WinSCP are great tools keeping you from using linux?
I assume you mean that there is a lack of graphical utilities under Linux for SCP/SSH? Konquerer has an scp agent built in (fish://user@host/path/to/dir), Gnome allows you to mount a server via ssh/scp, OSX has Fugu, and if you want a graphical SSH then kssh is pretty much identical to PuTTY (though personally, I like my shells to be simpler).
Now, the other arguments (number of sales/downloads etc) I can't argue. I have to admit in my own development I see far more OSX downloads than Windows, and more Linux than OSX. Of course, what I write is primarily server monitoring apps and dashboard/konfabulator stuff so that would be logical.
An operating system should be like a light switch... simple, effective, easy to use, and designed for everyone.
Windows update breaking healthy system? Virtually never, Linux on the other hand...
:( I've hand updates that just break gnomes "task bar" so bad I had to swtich to KDE to continue using that install till I could reinstall the entire thing. Functionality erodes at the rate that after 6-12 months any linux install I've ever had that I put updates too (some I do and some I don;t as required by my job pf maintaining some kernel and X drivers) THe install becomes so hosed it's useless and I have to reinstall from the latest didks for that distro. (Some merely cut off support completely after 12 months)
This happens with EVERY linux distro I have ever installed within 6-12 months of use. The only way to keep a linux install from breakign is to NEVER update after a clean install.
The updates come almost DAILY. Kernel updates come in "stable" kernel lines that break the ABI and cause perfectly installed and functioning hardware to stop working until you hand rebuild and hand re-install the drivers for them.
People complain about Windows version upgrades but Linux routinely breaks itself with point point releases in "stable" lines
I have ZERO trust in ANY update I do with Linux now, Microsoft has 100 times as much information about their updates than any Linux distro (even if it isn't 100% complete) and the non-breakage trust is about 100 times higher for Windows than Linux (pick any distro, I've installed moret of them).
An awful lot of these posts really seem more like freudian slips than anything informational. Unconsciously everyone KNOWS what a shabmbles the Linux update situation is so to try to stave off some kind of guilt about it they find ways of picking no their enemy for the same thing instead.
It's REALLY EMBARASSING GUYS!
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
ssh://user@host/path/to/dir works great in gnome for me without having to mount anything
as does
smb://windowsuser@windowshost/sharename/path/to/dir for windows hosts
One thing I'd really like but haven't been able to figure out is how to get it to translate windows links my colleagues send me (s:\path\to\shared\file.doc) to something nautilus understands (smb://usernameforSdrive@HostForSDrive/ShareForSDrive/path/to/shared/file.doc) - seems non trivial but would be a real timesaver.
I can spare MS the work... When Ubuntu fails, that is due to an error, and it doesn't call the user a pirate. When Windows fails to validate, that is dues to MS thinking the user is a pirate (and being quite verbal about it).
Rethinking email
Your windows machine downloads a catalog xml file with all the patches, file vers, hashes, etc. Your local machine does the comparison and requests the updates.
and if you want a graphical SSH then kssh is pretty much identical to PuTTY
Or they could just run the Unix version of PuTTY itself.
http://www.tecchannel.de/ueberblick/archiv/402064/index15.html
When information is power, privacy is freedom.
I originally trusted MS with Windows updates, but as usual with matters concerning Microsoft, it was a huge mistake.
The updater got greedy and decided to update my MS Office. I don't have outlook installed, since I never use it. The updater however somehow failed to detect that and started downloading a "critical update" for Outlook without permission. It then started asking me if it's ok to install, but naturally the install always fails, as the files are not where it thinks they are, so it cancels and later again asks me whether it's ok to try. I've been seeing that wizard ever since for a few months now. The solution? I can think of two actually:
1) Reinstall the OS (preferably to something Open Source)
or
2) Get used to the thing.
That's how it always is with Microsoft - the bug is there for so long that everyone knows about it, and then it's not a bug anymore. It's a "feature"...
There are two kinds of people - those who are radioactive and those who have already decayed..
Have you never done any reading or research about this?
This stuff only applies to consumers using AutomaticUpdates or WindowsUpdates/MicrosoftUpdates.
Businesses use (or should be) WSUS or other systems so that they have complete control over the patching.
If businesses dont do this, then they are making a choice to not have control over updates to their system.
No one is forcing anyone to go this route.
Now, mind you, MS should never have been doing silent updates without full disclosure. But its not like they made you use this system to do updates. There are other free options.
"America" properly refers to the entirety of two continents. Our country is not called "America", it is called the "UNITED STATES of America". "Of America" = "located on the American continent".
"American" only became the common word to use for a US citizen in some languages out of convenience. It's easier than "United Statsian" or whatever. Even this is far from universal, though... we are "norteamericano", for example, in Spanish. This is still a bit of a misnomer but much closer.
With Linux, you get all three
It would be a lot more difficult to do with a singed piece of code
That is an amazingly huge understatement. I suggest learing more on how software is signed.
One of the first crude examples of this is the old MSDOS.SYS file. It contained a number of Xes in them to keep the file length a certain size so windows could check to see if it had been altered as would be a sign of a virus
Actually, that was file padding for backwards compatibility, not virus detection.
Actually, I was referring to situations where a person wanted to install Linux on a box that was currently running Windows (and I was talking about more than a few years ago). It may be hard to believe if you are relatively new to Linux, but there was a time when installing it was complicated enough that LUGs would hold "Install-fests" for the uninitiated. If the box you were about to help the newbie put Red Hat (or Slackware) on had a working installation of Windows, you could save yourself a lot of headaches by booting it up and carefully noting the items listed in Device Manager, before formating the hard drive and selecting packages.
Of course, things have changed a lot with the advent of better hardware detection (and Google, which also didn't exist back then), to the point now where the best way to find out what is "under the hood" of that beige box you found in the corner of you closet is to pop a Ubuntu CD in it and boot it up. It may not identify everything, but it will certainly be a lot more successful than an XP SP2 disc, which was kinda the point I tried (but apparently failed) to make in my first post.
I don't care why you're posting AC
Making an update DVD with ctupdate will allow you to go from a fresh install to fully-patched without picking up any of the malware Microsoft has been pushing out lately. WindizUpdate is good for incremental updates, and it works with Firefox.
20 January 2017: the End of an Error.
I repair a ton of computer systems every day, from companies and from home users, and none of them are ever patched. The only reason? People do not care and they do not understand. Stuff starts giving them annoying dialogs, and they just click whatever they believe gets rid of it fastest.
As long as the computer seems to be working okay, they believe their actions were correct. They do not understand computers. This is the only problem.