Slashdot Mirror
What's Really Broken with Windows Update - Trust
Be Cool writes "According to ZDNet, Microsoft has steered itself into a real trust tarpit with Windows Update: 'See, here's the problem. To feel comfortable with having an open channel that allows your OS to be updated at the whim of a third party (even/especially* Microsoft ... * delete as applicable) requires that the user trusts the third party not to screw around with the system in question. This means no fiddling on the sly, being clear about what the updates do and trying not to release updates that hose systems. While any and all updates have the potential to hose a system, there's no excuse for hiding the true nature of updates and absolutely no excuse for pushing sneaky updates down the tubes. Over the months vigilant Windows users have caught Microsoft betraying user trust on several separate occasions and this behavior is eroding customer confidence in the entire update mechanism.'"
manually, you can select what updates you want to apply and which you don't. As for hosing a system, MS has no monopoly on that. I updated my ATI drivers on Friday and I lost my 3D capability until I rolled my drivers back. Had similar things happen with Adobe stuff until I switched to Foxit. Frankly none of the software companies impress me with their auto updates. I trust none of them.
I was working as as PC tech for a university at one point, and it was policy to install all critical Windows updates on the university-owned computers. On one computer, I accidentally checked the hardware updates as well as the critical updates. For some reason, Windows update decided that the video card (an Nvidia TNT2-based card) needed to be updated with the old, Microsoft-provided, French-language video drivers. This computer was using English Windows XP, and there were no language packs installed or anything. Anyway, Windows blue-screened when coming back up. I had to start it in safe-mode and remove the drivers to get it to work again. I remember thinking that if a "normal" user had installed that update, they would have been screwed into having to pay $100 for a "professional" to fix Windows. After that, I started paying attention to the hardware updates. And I noticed that on approximately 5/100 of their computers, Microsoft listed the French-language Nvidia driver as an appropriate hardware update.
How long it will take to someone to figure how to make they own updates using the door open by Microsoft in they OS ?
If I was a hacker, I have begun to work on this door as soon has the "feature" has been released.
Imagine, using Microsoft Update to update your virii or you Troy, that a nice "feature".
Ceci n'est pas une Signature !
Linux sites have a far wider array of configuration differences than Windows systems do: Not the least of which being multiple cpus and generations of systems, Windows in the enterprise is kept solely single-use because Windows admins know maintainability is hard, but Linux in the enterprise tends to have a larger number of functions because the Linux admins know maintainability is a solved problem.
The reason both is true is a social effect of getting software from "third parties"- that is, a cloud of developers that do not communicate with eachother. Whenever one of them does something "tricky" or "wrong", generally speaking nobody else in the cloud knows that they are doing it (When they do, it's called a "known incompatibility").
Linux distributions don't have "third parties"- most Linux admins get all of their software from the distribution itself. That means there's no cloud where "that's a problem with your other vendor", or "that's a problem with running Microsoft Exchange on the same server as IIS", and so on. The buck stops immediately, it gets resolved and everyone benefits.
Historically, other unix suppliers have had the same problem, and a lot of people just assumed it was (practically) unsolvable until groups like Debian and Red Hat- looking to solve a particular technical problem (of managing the necessary modularity of a GNUish system) also built up the social framework necessary to solve this very social problem.
Microsoft simply cannot do this. It's not a matter of "just making better patches", they need to be the sole supplier of software in order to solve this problem, and their users need to be able to patch and redistribute that software. Not just legally, but actually encouraged to do so.
OS X has nearly every feature found in Vista Ultimate yet only costs $129.
So tell me again how much MSFT has to pay people? Features are easy to do once you implement a straight forward properly designed system.
Yes I know that MSFT makes all of it's own cool toys, but that's only because it's the MSFT way or nothing inside MSFT. If MSFT stopped duplicating everyone else's work poorly maybe they could release a good OS.
i thought once I was found, but it was only a dream.
...that developers from MS Gold partners are telling you to shut down automatic updates because they can/may/will ruin the $1 mill. .NET based project they are developing for you.
I have heard this from several different MS partners in the past years.
Totally offtopic, but who cares?
I have a rather exotic rig at home, mostly built from stuff I had lying around. A couple different network cards, an uncommon Intel mobo, a surround sound card, a USB microphone and 1/4 jack interface for recording, five or six hard drives of all sorts, and a MIDI card I found in a bin somewhere. Couple that with an NVidia card, and I pretty much expected Ubuntu to choke -- and choke hard -- on it.
But it identified all my hardware perfectly, and it all works. Now I'm using Rosegarden and Sooperlooper and Audacity and Hydrogen to produce my music (with Jack: sweet vishnu what a nice/confusing program). I'm running XP in a virtual machine. There's only one program I use (Notion, notation/symphonic playback software) that requires Windows.
For me, the most complicated setup on this entire rig was getting the virtual machine working. Which wasn't hard at all.
[ think ]
I totally agree with the tag that reads "editorsdontgetit". The problem with having this stealth update capability in the first place is that it's a clear and obvious vector for attack and p0wn4g3.
Exactly! All they need are the private keys MS uses to sign the updates.. oh wait.
I have to use Windows for one single heavy duty application, so I have no choice. But I loaded a new hard drive with Win XP Pro XP2, the updates at that time (2 years ago or so) and the application.
The Dell has never been back on line since then, and has never sufferred a BSOD, nor any update issues, and has stayed up virtually 100% of the time, performing flawlessly.
All work on the web is done on my MacBook Pro, thank you, and it has never suffered any downtime, either. Well it didn't until I filled up its hard drive and needed a larger one.
I am seriously tempted to repeat Win XP SP2 install on a new Dell to take the next version of the application I must run. The last thing I want is crap from the web shutting me down for various crapo reasons.
This is a problem that the western world has. I'm 45 these days and I believe society is changing, while I can't be 100% sure, as I am getting older and changing as well, but apathy and disregard for our rights and freedom is growing at such an alarming rate.
We have rights, we do, but we need to fight for them or people, politicians, and corporations will simply assume we will be lazy fucks and taunt "nah nah nah nah nah" and take them away.
We have the right to own our machine. We have the right to tell companies "I won't open a word document, send it to me in ISO ODF or PDF or text." We have the right to remove Windows from our system. We have the right to sell our OEM Windows licenses.
Without even getting into politics or the growing U.S. police state, corporate america needs a dope slap. We, ALL OF US! have to stand up to corporate shit. We do not stand against it in great numbers, then nothing will ever get done.
Call tech support when shit happens, keep them on the phone for a long time, it costs them money. Send products back, it costs them money. Tell people to avoid products that suck, it costs them money. When the shit that comes from China has lead in it, sue them, it costs them money. The government isn't going to do anything for you, the politicians represent the corporations. It is only when bad corporate policy costs them money, will they change and not one minute sooner.
Start RETURNING computers, WHOLE COMPUTERS, because vista sucks. If Windows is part (as OEM's claim) of the computer, the the WHOLE COMPUTER is defective. That will make the Dells and HPs start to offer new options. Seriously, if 10% of the slash dot readers went out and bought new computers at the big retails stores tomorrow and returned them the next day siting that Vista does not work and is not reliable. It would make a HUGE impact on the industry. No one could ignore it.
But, no, no one will do that because they ARE to fucking lazy.
Switching off the TPM makes you, by default, untrusted. The ultimate aim of Microsoft/IBM/Sun/Apple (and basically all tech companies) is a TPM in every machine. No TPM... we no trustee you senoir, and we no talk to your machine. Switching on TPM = machine not owned by you.
Damned if you do, out in the cold if you don't. Welcome to the world of Trusted Computing.
Just because Microsoft hasn't switched on this feature in its software yet means nothing. The hardware was designed for this purpose. Buy a machine with a TPM in it, and you advance their agenda -- everything after that is simply a software update away. It's that simple.
Last time I goofed around an OSX commandline, all of the commands did exactly what I expected, the kernel is where the BSD code comes into things. And it would be inane to suggest that if an OS used a Windows kernel that it wasn't based upon Windows. Same goes if a substantial part of the kernel were to come from an OS, the new OS would still be based upon the one providing kernel code.
They graphic bits and the drivers are going to be done by Apple. The graphics are going to have to be done by Apple unless they want everybody to have them, and the drivers are done by Apple because many hardware manufacturers still don't allow for drivers beyond windows and mac.
I'll admit this may be a little tinfoil-hattish but it makes me wonder if MSFT is the only player in this saga. Just supposed in the wake of 9-11 hysteria that someone in the administration had the brainy idea to slip a traceable...something...in PC's to track terror suspects. Not something that reported to a third party...too easy to spot the traffic. Something that relayed the data through MSFT so the destination would remain hidden. Now the forced updates are wiping out whatever it was.
Probably out there but a few years ago suspecting the phone companies of listening in on the phone calls of millions of Americans without a warrant would have been really out there.
And before that was the revelation that printers were spitting out identifiable information in the background.
It's a sad testimony that wholesale spying on PC users is not out of the realm of the plausible for the current administration to attempt or Microsoft to cooperate.
It may be years from now before we find out the whole truth. What we know today should send a shudder through every freedom loving person in this country. I'm mildly surprised so many hard-core right wingers are okay with the government spying on them.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
I've long thought the same. Looking at the US situation, that method of government (american style democracy (i'm usian, btw)) (oh and I like scheme;) works really well in small groups with common interests. And it *still* works well in the right scale: small towns, social groups (neighborhood associations, PTG's etc) but rapidly loses effectiveness as you move up in scale. In fact I think the number, at least for governed populations, is much smaller than 1e7. You really need to know at least a sizable portion of your fellow citizens to develop a situation where you give a damn about the rest of the population. Once you get to a "them" mentality, its all over because who cares if it hurts "them" so long as "we" get what we need/want. I think that if the local level is working well, then it will carry up the government ladder to regional and even national levels because the local effectiveness keeps people involved. If you, as a citizen, have access (I mean *real* access) to your elected representatives, and those representatives have some clue who you are, then government will work for you. If not, then apathy sets in.
Probably the same for capitalism as well. Capitalism works great when everyone knows everyone else, or at least most everyone else. I, as a retailer, know my customers and my customers know me. I'm happy to sell to them for a reasonable price that supports me in a reasonable manner and they are happy to buy from me knowing that they're not being screwed. They know this because they know me and know my lifestyle, at least somewhat. Once you no longer know your customers, then you begin to view them as objects with money that you want to get. It's sort of inevitable (I know, I own retail businesses). Likewise, if you as a customer don't know the producers/retailers of goods and services you purchase then you objectivize(?) those people and no longer care about their living and working conditions, you begin to just want the stuff as cheap as you can get it.
It is my opinion, based purely on anecdotal experience, that the system breaks irrevocably once the scale of the local population gets above some number of thousands (maybe 10-50, at a guess) and the population at large is also sufficiently large (a few million?).
man, I feel like mold.
Microsoft is a U.S.A company, right? Wrong. Microsoft is a multinational company.
Now imagine they move HQ from Redmond to Shanghai. If you're an USian, would you still feel the same way when your deactivated auto-update program suddenly automatically updates something unknown (according to Microsoft, just itself)?
</tinfoil hat>
To be, or not to be: isn't that quite logical, Slashdot Beta?
Always put up with it? To a point, but soon that hurdle of switching to something else seems worth it when time and time again MS does something to make computing more difficult for the end user. And that hurdle is getting smaller all the time. And I am not talking theoretical nonsense. I work for a library at a large university and it is become unbelievably hard to maintain a large fleet of public computers. Genuine Advantage has broken our update scripts causes massive manual updates to be needed, and they continue to change this, with no guarantee that the next patch Tuesday will or will not require a different process. On top of that, to build an image using MS's own sysprep, has about a 80% failure rate! It can take up to two months to fulling update an image that we know will always boot up correctly on all the computers we use (and we only have three different models). Then there is vista. Right now, hardware requirements aside, it is not ready for mass use. It isn't stable enough for 4 guys to keep 150 public machines running. We would probably need about 15 people. And if SP1 fixes these issues, there is still the hardware side. Maybe we have been spoiled with the fact that 5 year old computers could use the newest software, but that is the way it is set up now. We use computers that are 5 years old, and older for specialized systems, and we can't go back to the university and say, "oh, well MS needs more hardware, so we need to double the computer funding." So as Vista stands now, it would be about 3-4 years before the entire group of computers will run it well enough that busy college students can use it. MS has stated quite clearly that XP will not be supported that long. So soon we may not have any choice but to leave windows. And it may not be that long. I have already been handed a project to evaluate the ability for linux to be used on public computers. The requirements are IE7 and Office 2007 working as well as "All media in books in the library are readable." The last requirement isn't going to be hard. But even if the only way to do that is to set them up with VMware that runs a downloaded workstation of windows, it will probably be much easier to send out a new workstation file than do the updates required from MS. And when linux is running for free on all the public desktops, albeit in the background, how long it is going to be before wine can get IE7 and O2007 working along side the free variants and the university says "Why are we paying a Windows site license?"
Who else has noticed that the latest wave of Microsoft shills say "I use linux all day at work programming", but at home, my personal machine is Windows. I just LUV my windows box."?
What's really broken with Windows - trust. Not even Windows Update, but Windows in itself. Windows Update is just another add-on that tries to install crap onto your machine, like that "Malicious Software Removal Tool".
And of course the whole crappy spyware and trojan ecosystem, but that's not directly caused by MS.
I finally gave in and bought a Mac - I want Photoshop, and I can't have that on Linux (and no, forget The Gimp for what I'm doing).
I think he just explained that.
.NET. Now they just need to do it with something that matters to the average user. It's not a matter of "if", but of "when".
Mac OS X "just works" out of the box.
Linux, not so much. Even Ubuntu requires that I fiddle around with some stuff before it's properly usable. Here's a sample of the idiotic config crap necessary:
- twiddle the X config file to get certain mouse buttons working - I have a 5-button mouse. Only 3 buttons are supported by default, so I have to go add a couple more buttons to the mouse in the config file. How hard is it to just have a nice HID manager that polls the device for its button/axis count and binds everything to a set of commands? Really, it shouldn't be that tough. Mac OS X calls them Button1..ButtonN. Windows does the same but calls them Joy1..JoyN. Motion axes are handled similarly.
- get "special" video drivers to do anything that requires hardware acceleration - To be fair, this one is slowly going away as the Damned Hippies (you know the type) lose control of the community. Ubuntu at least gives you an easy interface to get this if you want it. But to be completely fair, there's not even an issue with this if you use Mac OS X or Windows.
Oh, and before you say "but you can compile your own stuff under Linux and customize it however you want", 1) you can do that on Mac OS X too, and with mostly the same tools, 2) with several distros (Ubuntu, I'm looking at you) the tools aren't included and you have to track them down along with their dependent libs/tools/etc. (again, no different from Mac OS X), and 3) that doesn't meet the definition of "just works out of the box" in even a small way.
You're right in that there's no reason why Linux couldn't work the same way as Mac OS X. But it doesn't. And it won't until the Damned Hippies are removed from the equation. They are now the fly in the ointment. They've contributed a lot, and they deserve the credit for that. But they need to stop dicking around and get things to the point where it "just works" (and the word "completely" really should be added to that) or Linux will never catch on with the masses. And the longer Linux takes to catch on with the masses, the longer Microsoft & Friends have to keep trying until they get something right. They've already done it in the dev community with
.....Also, OS X cannot play Blu-ray movies.....
But on OSX10.4 you can MAKE HD movies, such as you get on Blu-ray. All you add is one of the new HD camcorders to take the original footage. Then you get can edit and produce your great creative work in DRM free HD video. It all comes for free with your Mac. As soon as HD burner prices come within reason, burning HD disks, of whichever format finally wins, will be part of the iDVD program that comes with every Mac.
If all you want to do is PLAY commercial HD movies, just get a new player. It doesn't cost much more than just the VISTA software alone.
OSX can run Windows under Parallels along with all Windows programs, including VISTA and Office 2007. In something they call "coherence" mode, the Windows desktop disappears and all you see is the Windows program running in your OSX. Windows and all its apps is just like any other program running in OSX.
Some Mac vendors sell Parallels for $10 when you buy a new Mac. I bought an OEM copy of Windows VISTA Home Premium which had no problem installing on my Macbook.
All theory is gray
Just wait until the weekend to install the updates unless there's a really hot patch that you need on Tuesday. By then you should have seen it on Slashdot if there's any nastyness going around.
thegodmovie.com - watch it