Microsoft Blocks Pirates From Security Essentials Software

CWmike writes "Microsoft will block users running counterfeit copies of Windows from installing the free Security Essentials antivirus software, said Alex Kochis, director of Microsoft's Genuine Windows team, in a post to a company blog. On-again, off-again debates about the wisdom of blocking security-oriented downloads like patches or defensive software have centered around the argument that Microsoft should protect all users, including pirates, since hijacked PCs threaten the entire Windows ecosystem. In this case, though, one analyst isn't buying that line. 'I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users],' said John Pescatore, Gartner's primary security analyst. 'Those people have many other choices, including free. There are plenty of alternatives to Security Essentials,' he said, adding that that makes a difference. Windows patches, on the other hand, aren't available from anyone but Microsoft."

Herd immunity

[shipbrick]

With vaccination, this is known as herd immunity. Basically, even if an individual is not vaccinated (or virus/malware/etc protected in this case), by virtue of others being vaccinated, there is less chance the non-vaccinated will become infected since there are less people who they are coming into contact with who are harboring the virus. Following with this, the greater the number of immune, the less likely the unprotected will become ill.

I strongly suspect the same concepts would apply to computers, and allowing pirates to have this protection would indeed provide greater security to ALL the unprotected windows users. Thus, the choices for MS are 1) increase security for all users (paying or not) by allowing even pirates to download in order to increase the protection via herd immunity or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download. Since the latter will never happen, all MS is really doing is simply missing an opportunity to increase security because they *think* they can increase profit. Alternatively, maybe they think they are simply teaching those pirates a lesson, but sadly it would be at the expense of others.

Re:Herd immunity

[Jurily]

I strongly suspect the same concepts would apply to computers

Unless there are viruses around that attack random IP's. There's no biology equivalent to that. And with p2p (and implicitly pirating) these attacks might not even be detectable. If your computer makes and receives 50-100 network connections per minute legitimately, who's going to notice a couple more?

Re:Herd immunity

[magarity]

Herd immunity works in biology because the distance to travel to another unprotected host is too far or takes too long for the virus to survive floating around. But with networked computers that isn't really an issue, is it? It might take a little longer to scan ports on more addresses but for an automated virus in a computer whose owner isn't patching it anyway, this isn't a big deal. Everyone who thinks they know better feel free to contradict me, I'm just speculating:

Re:Herd immunity

[AnotherUsername]

Perhaps those without security(who are paying) should increase their security by simply installing something like AVG. Even its free antivirus program is better than most pay-for security suites by other antivirus companies(especially those which rhyme with 'imantec' and 'iccaffee'). While dedicated pirates will never pay for software, those who do pay have plenty of options(many of which are free) which they can protect themselves with. While I think that it would be in Microsoft's best interest to include security software for all people(legitimate and stolen), the expense of not including it because of non-protected people having a harder time is not something I am particularly sympathetic about.

Re:Herd immunity

It's not a perfect analogy, sure. But the basic fact remains: the more infected hosts, the more crap (eg, DDoS) that can affect the rest of us.

Re:Herd immunity

[mysidia]

I don't think it works very well, when the bad guys have an understanding of the herd's defenses.

If Microsoft's security software becomes de-facto standard, the blackhats will design their attacks specifically to circumvent or disable Microsoft's security products.

It's hard to elude a slew of thousands of different security products used by different people, but if everyone's using the same one, a bad guy really just has one type of defense to defeat, then...

And once the exploit sedates the MS security product, all the malware has free reign...

Re:Herd immunity

AVG free better then most pay-for? Not a chance! People promote free; free sounds better then pay to most people, but it does not make it better. Check out http://www.av-comparatives.org/comparativesreviews/main-tests
Avira free (Yes I know the paid version was tested) blasts out AVG and heck you can get a free 1yr McAfee which if I recall took third place by just googling around enough.

Re:Herd immunity

[yurtinus]

I can't agree with this ideology. The fact of the matter is that MS developed a product, have had it pirated, and really should be under no moral or legal obligation to support the pirates. They already *do* provide vital security patches to pirated versions of Windows, asking that this be spread to antivirus and antimalware software just seems greedy. This is *especially* the case when there are plenty of alternatives, many free and many open. This story seems meant to drum up some anti-MS backlash where I really don't think it is warranted.

I would also argue the effectiveness of herd immunity on a medium in which any one machine is capable of connecting directly to any other machine in quick succession. The Internet is one damn big herd and for whatever percent of it this software benefits won't be significant enough to reduce the risk for those that aren't. Plus, I'd imagine a great number of people running pirated Windows are aware of the security risks.

Re:Herd immunity

[blackraven14250]

What?

More infected machines = more machines doing said attacking

If you have 1 machine infected, you have 50 connections. If you have 10, you have 10 fold the number of connections, which makes it easier for them to find the 25% of machines (that's a steady number) that are unprotected. Reducing the number of machines able to be infected reduces spread rate, which increases security since those who do get infected can get rid of it before it finds another host more often.

In biology, that would be the equivalent of changing the time between the symptoms' appearance and the patient's becoming contagious, assuming symptoms come before someone is contagious. If you have a longer timeframe, the virus is more likely too be killed before it infects someone else. The same applies here, in exactly the same way.

Re:Herd immunity

[blackraven14250]

It also means that if it takes an infected computer 2% longer to find another host, there's a greater likelihood that it will be killed before it finds that host to jump to. It makes it easier to get rid of the virus from the whole network.

Re:Herd immunity

[DJRumpy]

Keep in mind though, that people willing to use hacked or pirated versions of windows are far more likely to encounter malware just from using cracked software.

If they did it once...

Re:Herd immunity

[Jurily]

The biology equivalent would be if someone sneezed in Beijing and you got the flu in Denver.

Re:Herd immunity

[ande1216]

This can only hurt MS. Of course they will try this coercion method, it's what they 'have to do' to show threy're being tough on piracy. MS probably knows this wont work but will anyway just to stay on the anti-piracy bandwagon; it's the 'right thing to do' from a corporate perspective. Anyway, those smart enough to steal windows are also smart enough to avoid windows programs such as Internet Explorer like the plague. Open source is the future of PC applications and MS should embrace it instead of whining. MS is an OS provider, not an OS dictator; the quicker MS realises this, the quicker people might actually consider paying for it.

Re:Herd immunity

Part of why herd immunity works is that an illness in one person can only reach the people that come into close contact. So if a high enough percentage of the population is immune, an infected person can't infect others.

Obviously the internet is nothing at all like that. An infected PC can try to reach out and touch everything on its local network and almost every IP address.

Re:Herd immunity

Yeah, i keep hearing that repeated. "you are more likely to be infected using cracked software"

I've pirated (and bought) a large variety of software in the last 15 years. And the one time i have ever been infected. it came from a piece of commercial software right on the cd.

The 'pirates' and cracked software are WAY more trustworthy than any company out there. It only takes one or two bad comments to make people avoid using that cracked piece of software. With commercial software it takes thousands of bad installs before it makes the news and people avoid a bad piece of commercial software.

Just having a more tech savy audience the cracked software will be subect to far more scruntity than anything you'd buy off the shelf.

Re:Herd immunity

[thejynxed]

I dunno...your theory and his theory are both kind of made not true by AIDs, the one disease that does -exactly- what you two suggest they don't do/can't do.

The only difference is, with only a half-working, non-human tested vaccine, I hold no hope that it'll be remedied anytime within the next 20 years.

Re:Herd immunity

[DJRumpy]

You're implying that cracked software could be evaluated by the 'tech crowd'. I've never seen a cracker release the source code for their cracks.

You are essentially trusting a complete stranger (from the internet no less) with no responsibility, visibility, or accountability, and running an unknown executable. That is not safe.

Even the cracker/warez websites themselves are typically loaded with malware, spoofing/phishing attempts, etc.

They have a bad reputation for a reason.

Re:Herd immunity

not to mention the people who pirate windows also know how to make it pass WGA and they can still download this software and any other microsoft crap that requires validation. this only really affects the noobs (and people who have unknowingly been sold counterfeit copies of windows)..

Re:Herd immunity

[mlts]

There is no way MS's security software is going to sweep over the market. Even 15 years ago when Microsoft put in MSAV into their release of DOS, it did not dent sales in Norton's product. In fact, it actually helped the industry because Microsoft set the baseline that all other AV programs have to leapfrog.

MSE also doesn't cover all bases that third party vendors do. For example, if I have to deal with someone's PC that is infected and they don't have any media with them, there is a good chance that with both a manual go through via RegEdit and the filesystem, then a subsequent install of some popular AV/anti-malware software, that the system will have a high chance of being clean. (Of course, I rather recommend a backup and complete reinstall under the lines of nuking from orbit, the only way to make sure, but often, people don't have media for their OS.)

All and all, everyone benefits from this software. Users benefit because they have a basic level of protection that is updated constantly and can figure out in some time period what an unknown threat is, and how it is spreading. Other users and companies on the Internet benefit because it means fewer machines that are compromised and sending out spam or being used as bases for subsequent attacks. Microsoft benefits because fewer major breaches gives less mud for detractors to sling at them. Even other AV companies benefit because they will end up having features that users will want and expressly buy their product for. For example, Symantec has as one of the big sales points the enterprise managability that SEP offers on the business end. On the consumer end, they offer backup software and such.

Re:Herd immunity

"...and really should be under no moral or legal obligation to support the pirates."

Replace moral with ethical (not the same thing) and I see your point.

Morality is about doing the right thing regardless of the rules
Ethically is about following the current accepted standard - no matter if they are morally right or wrong.
Legally is about following the current accepted standard - no matter if they are ethically right or wrong.

Do you see how a few layers of abstraction take the argument completely off target yet?

Re:Herd immunity

[tlhIngan]

I've pirated (and bought) a large variety of software in the last 15 years. And the one time i have ever been infected. it came from a piece of commercial software right on the cd.

The 'pirates' and cracked software are WAY more trustworthy than any company out there. It only takes one or two bad comments to make people avoid using that cracked piece of software. With commercial software it takes thousands of bad installs before it makes the news and people avoid a bad piece of commercial software.

Actually, the past 2 or 3 years, the number of infested cracks is probably close to 99% or so. Cracks these days are an excellent infection vector. I find it hard to believe that you're not currently infected, unless you have direct access to the cracker releases yourself.

Once the cracker releases it to the wild, tons of malware authors grab it, wrap their little downloader trojan around it, then release it and use SEO to ensure that every google search will turn up their infected version. Or, some people make a trojan that does zip (other than display an error message), but then installs an infection vector. They then copy the file 10,000+ times and rename them to various names suggesting they are official cracks.

The infected crack ones tend to propagate via webpages, but also torrents - they do work, but they also install a little something extra. Finding "clean" stuff gets more and more difficult, especially since these minor downloaders tend to be extremely quiet. Considering how easy it is to write a downloader, wrapped cracks almost never trigger any antivirus warning. It's only when they start installing old stuff that's detected will the user even know. Sometimes it can be months because the distribution of the malware is so slow, no one notices.

Heck, even OS X gets infected this way - I believe various popular applications often include in the installation hidden install bundles that install the trojan alongside it. The latest release known to have it would be torrents of Snow Leopard, especially those that appeared before the official release date.

Re:Herd immunity

[indiechild]

What sites are you visiting? If you're getting malware/trojans, it's because you're visiting the sites of spammers/scammers who just happen to be offering hacked versions of other people's cracks as a come-on, much like some fake porn sites. Their sole aim is to rip people off and make money.

Real hackers/crackers don't put trojans and viruses in their releases, obviously.

Re:Herd immunity

[herojig]

I think a distinction needs to be made here between hackers and users. You say "... or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download." The number of hackers using pirated software must be 1 in 100,000 or less. In hundreds of thousands of cases in Nepal alone, ordinary people who don't even have a clue what a hacker is, buy "quasi-legal" copies of XP and Vista or have them installed on PCs that they purchase here. They are clueless that this software is not legal (after all, they bought the disk from a licensed, tax-paying retailer). When they get WGA notifications, they simply ignore them. I don't think you can call these villagers "hackers" as they barely know how to install an anti-virus package. China, India, Burma, Sikkim, Pakistan, Afghanistan (all of SAARC) is in the same boat. Users here just live with rootkits and other baddies, and make up the huge botnet or whatever is out there. Even if given the option to buy the software, there is no way they can (the cost of the license is over one month's salary and/or they have no credit cards, as US currency is illegal to hold by natives). It seems since MS helped create this mess, they should do something to help fix it. I suppose it needs UN intervention at this point to bring about herd immunity in developing countries.

Re:Herd immunity

"I strongly suspect the same concepts would apply to computers, and allowing pirates to have this protection would indeed provide greater security to ALL the unprotected windows users. Thus, the choices for *Symantec* are 1) increase security for all users (paying or not) by allowing even pirates to download in order to increase the protection via herd immunity or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download. Since the latter will never happen, all *Symantec* is really doing is simply missing an opportunity to increase security because they *think* they can increase profit. Alternatively, maybe they think they are simply teaching those pirates a lesson, but sadly it would be at the expense of others." - Fixed

Symantec (or McAfee, or any others) should give it's best software away for free, according to this logic.

Re:Herd immunity

[TheVelvetFlamebait]

That happened to a cousin of a friend of a close friend of mine!

Re:Herd immunity

[Penguinoflight]

AIDS(the S is for syndrome, it's not a plurality) is only unique due to it's spread (as HIV) in bodily fluids. How does this make it's spread different?

It could be argued that there are no individuals who are immune to HIV. The number of cases of HIV are centered around Africa, and there aren't enough cases for ruling out the possibility of immunity. Either way, one could consider proper education a form of immunity.

Re:Herd immunity

[girlintraining]

Reducing the number of machines able to be infected reduces spread rate, which increases security since those who do get infected can get rid of it before it finds another host more often.

You forget that geometric progressions don't much care for the spread rate. Let's assume a few things:

1. We want to query every single IPv4 address space (brute force and stupid, since only a little over 2^27, 75%, is actually in use in some fashion).
2. We're going to say that 90% of the machines out there run Windows. Actual estimates vary.
3. If an infection is timed correctly, even an out of band emergency patch will hit less than half of all machines. So, a worm has 30 days to spread between Patch Tuesdays.
4. For the sake of simplicity, I'm going to assume everyone's bandwidth is a mere 10KB/s bidirectional.
5. Also for the sake of simplicity, I'm going to say that it takes 10KB of data to probe a machine to see if its infected.
6. At any given point in time, I'm going to say only 5% of machines on the internet are accessible (turned on, and can receive connections). I have no factual basis for this -- it's an assumption.
So based on 4 & 5, I can make 1 probe attempt per second.
Last, a disclaimer -- I do not know much about statistics. If I made a mistake, sorry.

So, in a day, a single machine can probe 86,400 IPs, probing the space in a random fashion. Of those, 64,800 (75%) are "in use" in some fashion. 58,320 (90%) of those run Windows. And 2,916 are turned on and receiving connections. 1,458 (half) are unpatched for the first 30 days of the spread. It manages to infect 2 machines in the first hour it runs (rounded down; is actually about 2.5) The next hour, 6.25 machines are infected, and so on and so forth. In 24 hours, 3.5 billion machines have been probed and infected.

Geometric progressions like this are the reason why statistics like "An unpatched windows machine directly connected to the internet is compromised within 8 minutes" exists. The premise "Reducing the number of machines able to be infected reduces spread rate, which increases security" is not valid -- because the spread rate is almost completely irrelevant. Even if I say only 1 machine per hour is infected, in just over 30 hours we have the same number of infected machines -- even though we cut the rate from 2.5 to 1.

If you want to make a difference -- reduce the window of opportunity; PATCH NOW. The rate is wholly irrelevant.

Re:Herd immunity

[MacWiz]

Since Microsoft is the world's largest software company, wouldn't the best course of action be to simply make software that doesn't require constant security updates?

Re:Herd immunity

[kdemetter]

These days , there is barely a difference in protection between free and paid versions.
They use the same virus databases.

The only difference is the interface , and the rate of updates.

AVG works fine for me.

Re:Herd immunity

[bemymonkey]

I was actually surprised that Security Essentials found two trojans that both AVG Free and Avast! missed - so I suppose a single free scanner probably isn't going to be enough.

Re:Herd immunity

[Zedrick]

Crackers have a reputation to uphold. I trust some cracking groups more than Microsoft, Apple and Symantec. I've "known" some of them since the Amiga-days, and know that they would never risk their reputation by releasing stuff infected with malware. Shady companies do that, not well-known crackers. Fairlight, Razor 1911 and Skid Row has very good reputations, I'd trust them over Google any day.

These "cracker/warez websites" you mention is a different matter, they have nothing to do with the actual crackers - no reputable cracking group has a website where they release their (illegal) stuff, everybody knows that. On a site like that you're just as likely to find infected OSS, anything that they think clueless newbies will download will be infected.

Re:Herd immunity

[razvan784]

In the case of computers the herd is the whole Internet and distances between nodes are not measured in miles. You can measure them in number of hops or whatever, but from the software's standpoint they're really short and equal.

Re:Herd immunity

[Mr.+Freeman]

Thank god someone got it right. Enough with these flawed analogies. People, THINK for ten seconds before you make one. Not everything can be related to what APPEARS to be a similar concept.

Re:Herd immunity

[L4t3r4lu5]

But that game trainer site said they've scanned all of their submitted apps with an up to date virus scanner, and that if your AV scanner shows an entry for a keylogger or trojan, you should turn it off!

It's like inviting a trojan to your PC. (Note; I'm not stating that game trainers are trojans, just that trusting somebody with no culpability with some of the most precious information you have is extraordinarily daft.)

Re:Herd immunity

[dominique_cimafranca]

It has happened. H5N1 avian influenza outbreaks in the mid-2000's come to mind. It's just that you have longer latency via airplanes compared to fibre-optics, but oh, they'll get there.

Re:Herd immunity

[dhavleak]

But you're missing the main point of TFA and getting lost in the analogy.

That main point being: There are other sources of AV software (free or otherwise) -- and they have whatever business models they have, and these business models sustain them. So why should MS cater to people who are pirating windows -- these people have other alternatives -- they're not being hung out to dry. They can get protection from a bunch of other sources, and that would provide the herd immunity you speak of.

Re:Herd immunity

I imagine if you set out to get infected from a crack you could do it really quickly. I'll grant there are many infected sites out there and tons of infected cracks.

But when i look for a crack for a piece of software i take a few extra minutes to do a little checking. I go into it expecting they will try to infect me. And that point of view has always kept me safe. Or maybe i'm just incredibly lucky.

You could also be one of the unlucky few people who were one of the first ones to get a new crack that was infected. But when that happens most times they will comment or complain somewhere about it. If a few hundred people have gotten the crack with no problem i feel pretty safe that it's ok. But still expect it might be infected. And just a little bit of checking will usually turn up if its good or not tho. It's not even a long involved process. 10 minutes tops to find a legit working crack for just about any piece of software you could ever want.

I guess if you walked into it blind and took the first thing you saw you'd be hosed pretty quick. But anyone with any clue really wont have that problem at all.

And those without a clue? Well. hopefully they will learn a valuable lesson quickly. Or it would just be another small mistake in a long series of computing blunders for them.

I guess its a matter of paranoia and cynicism. With FREE software, cracks, ect... you go into it looking for the catch.

With paid software you dont. You paid. that was the catch. and that allows things to slip by you easily.

Re:Herd immunity

[thexile]

I need a car analogy.

Re:Herd immunity

[uninformedLuddite]

Thus, the choices for MS are 1) increase security for all users (paying or not) by allowing even pirates to download in order to increase the protection via herd immunity or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download.

I am not quite sure just what ' hackers ' have to do with this

Re:Herd immunity

[uninformedLuddite]

and you didn't even mention butterflys!

Re:Herd immunity

[RiotingPacifist]

Finding out if a computer is up and receiving connections is an almost instant tasks that takes no bandwidth (96b/request) and can be threaded effectively, so it's easy to find 86400 running machines, this gives 38880(unpatched windows ones) to probe.

All of this is wholly irrelevant as we are talking about malware not just viruses, large botnets do various evils that can be used to attack anybody, DDOS, brute force, send spam, etc, you don't need to be part of a botnet to get hurt by one

Re:Herd immunity

[drsmithy]

Unless there are viruses around that attack random IP's. There's no biology equivalent to that.

Huh ? What do you think happens when someone sneezes on a train ?

Re:Herd immunity

[jonbryce]

Yes, but if you put an unprotected Windows 98 machine on the internet, it will probably be OK. That's not because Windows 98 is any more secure than Windows XP, it is a lot less secure, but they are vulnerable to different types of attack, and there aren't enough Windows 98 machines out there now for it to be much of a risk.

Re:Herd immunity

[stephanruby]

You're implying that cracked software could be evaluated by the 'tech crowd'. I've never seen a cracker release the source code for their cracks.

I have. Some crackers publish extensive instructions for decompiling software. And it's not like they change much, they'll flip a bit here, or a bit there. So if you have an original copy of the image they used, like the trial copy, or whatever, it's super easy to compare. Plus, it's not like you can't run some applications in sandboxie, or vmware, and use a firewall, a sniffer, filemon, and/or some other sysinternals diagnostics tools to see what's going on in the background.

You are essentially trusting a complete stranger

Not really. If I use (digitally signed) software from the same person for the last ten years, they're not really a stranger to me anymore. The same goes if a friend of mine trusts the same person for the last ten years, and if I trust my friend to vouch for that guy, then that guy no longer remains a complete stranger to me. This is probably the same way you'd hire a babysitter if you ever needed one. You'd ask your friends for the contact information of their long-time babysitter, and if they gave it to you, that babysitter would no longer be a complete stranger to you (also, their reputation would be on the line if anything went wrong with you, you'd be sure to tell your friend who made the original recommendation about it).

Re:Herd immunity

You know, uh... that's utter bullshit. Period.

Out of 10 serial key generators (keygens) I scan with a good antivirus, about 90% of them contain a Trojan. You can lie to yourself about this, but don't lie to the others.

Illegal software today is one of the surest way to get infected. Seriously.

Re:Herd immunity

The biology equivalent would be if someone sneezed in Brazil and you got the flu in Madagascar.

FTFY.

SHUT... DOWN... EVERYTHING!

Re:Herd immunity

Crackers have a reputation to uphold

No, they don't. Microsoft and other big companies do.

The only thing crackers have to uphold is their level of income they generate using botnets they create.

Re:Herd immunity

[hesaigo999ca]

Yeah, I don't think you can compare this to a herd of animals though, maybe a viral population infection, where once the disease is caught it is multiplied exponentially, and if you use a viral infection comparison, you need to use one which can evolve and also can be caught again, not because you had it once, you can't catch it again...same with computer viruses.
Also if you have 1 infected pc on the network while you are trying to get rid of it, it's an impossible task, you have to disconnect the pcs from the network, fix all of them , then reconnect else you just keep re-propagating the virus.

Re:Herd immunity

[GameboyRMH]

Shady companies do that, not well-known crackers. Fairlight, Razor 1911 and Skid Row has very good reputations, I'd trust them over Google any day.

+1 I'd trust their binary blobs over those from ANY corporation. Installing Microsoft software is a MUCH riskier endeavor in my experience.

Re:Herd immunity

[SleazyRidr]

If more people drive safely, anyone driving on the road becomes safer, because there are less people likely to cause an accident.
 
Then again, it could be more like: I have airbags in my car, but that does bugger all for you in your '59 Bel-Air.

Re:Herd immunity

Unless there are viruses around that attack random IP's

There are all kinds of worms out there that attack random IP addresses.

Re:Herd immunity

[asdfghjklqwertyuiop]

And how do you know if a binary that claims to be from one of those cracking groups really came from them?

Re:Herd immunity

[gad_zuki!]

Right, not to mention there are 3 or 4 other free AV products out there. Yesterday we have a story from the slashdot editors about how MSE isnt very good. Now we have whining from the same editors that it doesnt run on pirated machines.

The less reasonable the editors's whining the better MS is doing. If this is the worst they can find then its probably safe to buy Win7 and use MSE.

Re:Herd immunity

put an unprotected Windows 98 machine on the internet, it will probably be OK.

You are actually wrong on that. W32.Blaster and other worms that affect Win98 are still out there in force. You might not notice it or hear about it but the are there. Connect your computer directly to your modem without a router between them, set up Wireshark and sit back and watch. There are all kinds of old worms still out there. You would be surprised.

Earlier this year I went to a charter school to set up some new switches and their classrooms were full of old Windows 98 machines that were all infected and spewing crap all over the LAN.

Re:Herd immunity

[PYRILAMPES]

How does this fit? So you stole a car(windows OS) and that car has lots of holes in it that let rain and mud seep into the engine and transmission(virus and spy-ware) and then you want to install the duct tape(generic quality) on the holes(some of them) using the assistance of the person you stole the car from(MS) then you get angry when the duct tape won't stick on the holes? I would have to say either buy a sporty new car that is free of the holes(Mac) or take a free one that may not have a shiny coat(Linux) jeep style and live on.

Re:Herd immunity

[rtb61]

Likely it is the better alternative as well. I can't help that feel that the only reason it is being given away free is wasn't selling all that well and as for all security software it installs itself as a boot level driver. Hmm, methinks this software is more about catching out pirates (ballmer's always had paranoid delusions about the billions of dollars that pirates are stealing from him) than securing M$'s errant operating system. Likely the software will continually seek to auto 'validate' the software at each security update and kick multiple licence number copies as they occur into the future.

Re:Herd immunity

How do you know if stuff from your favorite cracker isn't just malware with their name on it. If you can't trust the site you download from, how can you trust the text file claiming who did the cracking?

Re:Herd immunity

You are so naive.

Re:Herd immunity

Here's the problem. It's not that they have a moral or legal obligation to support the pirates. It's that they are undermining their PAYING customers by not doing so.

Re:Herd immunity

Oh look. He dropped names! He's definitely old-school, yo!

Grow up. If you honestly think that there aren't groups out there putting malware in their releases then use that fucking special little "street cred" of yours, fire up IDA Pro and start looking at the stuff for yourself. You don't know what the fuck you're talking about.

Re:Herd immunity

[mysidia]

This must be a result of the internet being a series of tubes, instead of being like the telephone.

You're going to be effected when someone sneezes into the tube enormous amounts of material, enormous amounts of material.

Re:Herd immunity

[mysidia]

Use of AV software does more than reduce the spread rate, it also reduces the size of the pool. The total number of systems that can possibly be infected. If only 10,000 PCs in the world can be infected, it doesn't matter if the progression is geometric, the number will never reach billions. The sequence of progression is irrelevent

If you want to make a difference -- reduce the window of opportunity; PATCH NOW. The rate is wholly irrelevant.

No, it's not irrelevent. You see, worm spread is not generally a geometric progression, there are dependencies and other factors that slow it down; the geometric progression is an upper bound for the expected rate of spread (assuming no intelligence is involved in the selection of IP addresses to probe).

In the first hour: maybe 2 machines are infected. Maybe 6 are even infected in the second hour.

But by the third and fourth hour, the probability that multiple infected machines are scanning some of the same IP addresses is higher. The rate that unique IPs are scanned drops, due to multiple hosts querying the same IPs. Also, infected hosts get turned off and on much like uninfected hosts do, just b/c a host is infected, doesn't mean it will run 24 hours scanning, sometimes the infection will be detected and cleansed entirely, too.

Even if it were a geometric progression, the rate of infection still matters.

You could determine the number of infected hosts after n hours by S[n] = r*(1-r^n)/(1-r)

Where 'r' is the proportion of hosts each host infects every hour, VS the previous hour.

If it's 2 new hosts per hour, then yes 33.5 million hosts are infected after 24 hours. (2*(1-2^24)/(1-2))

On the other hand, if only 0.25 hosts are infected per hour, so r=1.25 (an 8-fold reduction in the spread rate), then a total of 1,053 hosts are infected after 24 hours. 1.25* ( (1 - 1.25^24) /(1-1.25) )

The "90% windows machine" rate of IPs is a fairly unlikely assumption. There are commonly other things like internet routers, that utilize IP addresses for routing, network ID, subnet broadcast addresses, NAT'ed IP addresses, and firewalls, that ward off infections, and even make probing slower. There's a large proporition of IPs that probing will be fruitless than have been accounted for; 75% of IPs may be assigned to organizations and routed, but that doesn't necessarily mean workstations or individual computers. Routers, virtual hosts, and others, very likely utilize more than 10% of the IP space.

IP usage model doesn't account for the popularity of broadband routers that NAT user IP addresses and 'protect' windows machines from probing. Or of corporations that utilize corporate firewalls.

Re:Herd immunity

[Dishmopo]

My opinion in the reason it is being given away for free is that charging for it would just piss off antitrust regulators even more. They'll see it like we would see it: creation of a completely new revenue stream with minimal effort (transfer people working on making windows more secure to a department that makes the security essentials software--essentially the same purpose).

Re:Herd immunity

[Dishmopo]

I suppose they'd be getting it directly from them. P2P and WWW are not the only two methods of communication on the internet.

Re:Herd immunity

[Lokitoth]

Consider that his IDA Pro is probably cracked too, so he could hit a lot of false positives, if it is the IDA crack that is bad...

Re:Herd immunity

[Cyanara]

"or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download. Since the latter will never happen, all MS is really doing is simply missing an opportunity to increase security because they *think* they can increase profit."

Ok, 2 points there:

1) Since when are hackers the only ones with illegitimate copies of Windows?

2) Will *never* happen? Really? Big claim, no evidence.

I agree with Pescatore, but...

He's right in that many people who have the tech-savvy to pirate a copy of Windows will know what their options are regarding anti-virus.

On the other hand, how much does Microsoft actually stand to lose when it comes to giving this away?

I'm willing to bet that they ran the numbers... "how much will the bandwidth cost us" vs "how much do we lose in good will by weakening the herd immunity".

Now that would be an interesting (read: evil) spreadsheet to look at :D

Re:I agree with Pescatore, but...

[Fluffeh]

I don't know about you, but it seems that people who pirate windows would be the IDEAL people to give this to. I mean, it's a partial market segment you have right there. On one hand they aren't convinced that they want to BUY your product, but on the other hand they are using it - meaning that they are already identified as a very potential customer. I know I may be a bit utopian in my thinking, but wouldn't giving these users a good customer experience (as Microsoft calls it) the best way to convince them that they should in fact go out and buy the software - perhaps not even now, but the next time they upgrade their systems?

Re:I agree with Pescatore, but...

[LinkX39]

I know I may be a bit utopian in my thinking, but wouldn't giving these users a good customer experience (as Microsoft calls it) the best way to convince them that they should in fact go out and buy the software - perhaps not even now, but the next time they upgrade their systems?

No, it would more likely convince them that "hey, I got this great customer experience without even ever spending a dime, why spend money for what I can continue getting for free?" Not that I disagree (or agree for that matter) with allowing pirated users the option to use the software, I just think your logic is off.

Re:I agree with Pescatore, but...

[Stray7Xi]

He's right in that many people who have the tech-savvy to pirate a copy of Windows will know what their options are regarding anti-virus.

Yes because only computer geeks have pirated copies. There's a lot of people out there who don't know that they even have a pirated copy. Computer illiterate people often find help through shady repairmen, friends or relatives. These people come in find that Grandma didn't keep her license key or CD's, but the computer obviously came with XP. So they do her a favor, by reinstalling a pirated copy of windows but they're not there for longterm support.

Re:I agree with Pescatore, but...

[runningman24]

I've never purchased a copy of Windows before, but the experience I got from Windows 7 Release Candidate caused me to buy it. I'm certainly not the only one. There are definitely a nonzero amount of customers that can be gained by giving users something they don't feel cheated in paying for.

Re:I agree with Pescatore, but...

[Fnord666]

Computer illiterate people

What the hell does that mean? They can't read the screen?

Re:I agree with Pescatore, but...

[kurzweilfreak]

That's exactly what it means. Have you never helped your mom when she has a computer problem?

"This message came on my screen, I don't know what to do!"

"What does it say?"

"I don't know, I just clicked ok!"

Re:I agree with Pescatore, but...

[prockcore]

I'm not sure what your point is. I'm using the RC Windows 7 right now. It was free, but it's also supported. I installed MSE yesterday.

We're talking about pirates who aren't using the free RC. We're talking about habitual pirates who pirated windows 7 in the face of a free release candidate. They deserve to get a virus.

Re:I agree with Pescatore, but...

nah, the pirates are likely running pirated anti-malware (how ironic)

This is a non-issue really. The only thing microsoft gets as a benefit is less support costs by not giving it away to the pirates.

Re:I agree with Pescatore, but...

[the_womble]

I have paid for Mandriva in the past.

It helps if you limit something to paying customers. PCLinuxOS (stupid name, not a bad product) has a faster repo to which updates are rolled out first for those who pay. I quite like that model as a customer, but none of the other distros do.

Re:I agree with Pescatore, but...

[the_womble]

Living in a country where no-one (not even corporate users) pays for Windows it is certainly true that its not only geeks who have pirated copies. I doubt most users even think about it.

Expecting end users to keep license keys is not reasonable. They do not understand what they are or how they work.

Re:I agree with Pescatore, but...

You're right, of course. But that's why I said "many" rather than "all."

The interesting thing is that those grannies are possibly the *only* people hurt by this...taking advantage requires cracking WGA and again, those people don't need it in the first place.

The thing is, in my experience it's not people who flat-out don't know better, it's people who can read English and who see the prompts but just don't give a crap. So they'll get zombified and just find some IT guy to bug about it...

Re:I agree with Pescatore, but...

[TheThiefMaster]

I've never purchased a copy of Windows before, but the experience I got from Windows 7 Release Candidate caused me to buy it.

Same here.
Timeline roughly like this:
Parents' systems with DOS
Parents' systems with versions of Windows from 3.1 up to '98
Own (built) system with pirated Win2k
Own (built) system with pirated WinXP
Switch to Uni's MSDNAA copy of WinXP x64
5 years later...
Try Win7 Beta and then RC on my 2nd-hand Linux eeepc (which had pirated XP on it when I got it)
Buy two pre-order copies of Win7 Home Premium.
Near future...
Change the OS on my home PC away from XP for the first time in 8 years.

If they hadn't released 7 I wouldn't have bought Vista, it's just ended up with too bad of a reputation. My free copy of XP x64 has worked through so many hardware changes it's ridiculous, the fact that it still works so well is incredible. I think the only part of my PC unchanged from when I got XP x64 is my PSU, and that doesn't need OS support.

Re:I agree with Pescatore, but...

[bakawolf]

if only there were some way you could print it out, and then perhaps affix it to the computer in some fashion...

Re:I agree with Pescatore, but...

[IorDMUX]

how much do we lose in good will by weakening the herd immunity

Good will? Maybe... But actual weakening of the "herd immunity"? You aren't going to achieve that in an internet-world.

You can picture herd immunity using the following simplistic example: Imagine a grid (hexagonal, say...) of people. Each person can only infect those who are adjacent to them. Also, a virus has some finite probability of actually being able to infect each adjacent victim. If a victim makes their 'saving throw', they are safe (for the purposes of this thought experiment). You can clearly see here how having a good portion of people on the grid immune to receiving and transmitting the virus can prevent it from spreading across the board, as the virus is very limited in its connections.

On the internet, though, such a limitation does not exist. Each computer can (discounting firewalls, NAT's, proxys, etc.) contact 2^8.2^8.2^8.2^8 = 2^32 other IPv4 addresses... i.e., all of them. It doesn't matter if a huge subset of computers are 'vaccinated' against the computer virus, as the super-connectivity allows a malicious program to seek out and attempt to infect any computer in the world. Increased patching and protection will slow the spread of the software, but even then only by a small amount due to the geometric progression of infection. (Both (2^x)*10 and (2^x)/10 will cap out at the total number of computers in a similar amount of time.)

Increased proliferation and use of anti-virus and related programs will reduce the size of botnets, spamnets, and the like--which is certainly a good thing--but the concept of herd immunity simply doesn't apply to our modern-day internet.

Enlightened self interest

[iamacat]

Microsoft would be just protecting their own reputation when unknowing users of pirated installs are complaining less about Windows instability and others see fewer attacks from zombie farms. If you created a problem such as IE6, you should do everything in your power to solve it rather than ranting about others. Good for karma, good for pocketbook.

Re:Enlightened self interest

[Zerth]

Exactly. MS gives out free security tools, we don't sue them for making the stuff insecure in the first place when the zombies DOS our servers.

Re:Enlightened self interest

[0ld_d0g]

So, you're telling me if you hand me an executable to run on Linux, Linux would tell me before hand if that the executable is going to delete my /home directory? Great, how do I use this feature ?

If not, how do I sue RedHat/Novell/Cannonical/+++ for hiring programmers that made Linux insecure?

Re:Enlightened self interest

[Captian+Spazzz]

It asks you for your root password or for SUDO access. If your not smart enough to know or take the time to find out why this program should or should not be needing those permissions then you frankly do not qualify as a "tech savy" user and your just as dumb as the people who install malware infested crap on their PC. But this then brings us back to the real cause for a lot of malware and virus problems in general. It all comes back to the ID10T error.

Re:Enlightened self interest

Since one doesn't need superuser permissions to delete your home directory, you frankly do not qualify as a "tech savvy" user and you're just as dumb as the people who install malware infested crap on their PC and the morons who confuse "your" and "you're".

The best things in life are free!

But "the free Security Essentials antivirus software" isn't actually free anymore.

Wait does this include Windows 7 RC?

I sort of agree

[sabernet]

John Pescatore makes a good point. AVG, Avast, etc... are all free antivirus. When MS withholds patches, it can lead to stronger botnets and ID theft. However, antivirus applications are plentiful and the money MS will be investing in this thing makes them justified in not wanting to simply give it away.

As much as I hate to say it, I won't blame Microsoft for this move.

Re:I sort of agree

John Pescatore makes a good point. AVG, Avast, etc... are all free antivirus. When MS withholds patches, it can lead to stronger botnets and ID theft. However, antivirus applications are plentiful and the money MS will be investing in this thing makes them justified in not wanting to simply give it away.

As much as I hate to say it, I won't blame Microsoft for this move.

I don't really care what Microsoft does here, but this line of thinking is flawed: If Security Essentials is better than $FREE_ANTIVIRUS then everyone is better off that even the pirates use it and keep their machines out of the botnets. On the other hand, if it isn't in any way better than the alternatives, then why did they bother creating it?

Re:I sort of agree

[sabernet]

It's called an "incentive to purchase".

Re:I sort of agree

[ChangelingJane]

On the other hand, if it isn't in any way better than the alternatives, then why did they bother creating it?

So that John Q. MySpace User who doesn't know enough about antivirus software to go looking for AVG or Avast will essentially have it delivered to his doorstep? Some protection is better than none, and people who know the least about security issues are the most at risk, really.

Re:I sort of agree

[Dhalka226]

However, antivirus applications are plentiful and the money MS will be investing in this thing makes them justified in not wanting to simply give it away.

They are giving it away, just not to pirates. I don't see the distinction as particularly meaningful.

If the analyst's comments are indicative of Microsoft's thinking, I'm not sure I understand it. "It's important to protect PCs from viruses that harm everybody, so we're going to go ahead and give patches to pirates of the product we're selling. BUT WE DRAW THE LINE AT THE PRODUCT WE'RE GIVING AWAY FREE!!"

Not that it matters much anyway. The pirates will just pirate Security Essentials if they want it that much. Chances are they even have a cracked version of WGA to let them get it "legitimately" from Microsoft, making the whole exercise even more silly.

Microsoft's free to do whatever they want in both regards (Windows and Security Essentials), I don't really care either way. It just doesn't seem like a consistent position. Keeping PCs safe, even if they're running pirated versions of your software, is important or not. AV is an important step in that process, even if there are alternatives. What are they trying to accomplish, really?

Re:I sort of agree

[lukas84]

For those who still haven't understood an important distinction about pirates, i'll explain it again.

There are, let's call them, enthusiasts. Basically, people that enjoy working with their computer for some reason or the other. Some of these pirate software, in order to get the latest and greatest and spend more money on new hardware or something. These guys can easily circumvent WGA or the Vista/7 activation using a BIOS-Emulator or a modified BIOS. From time to time, these patches need to be renewed, so it can be a hassle, but it can work reasonably well. These guys are able to install MSE, and they're not those targeted by these Microsoft decisions.

And there are the real criminals - people that sell Windows PCs without licenses. Which, in my opinion, is much worse then the above. Some customers may be aware of the shady business they're getting into, but not all of them. And that's where WGA is targeting - to ensure that these people learn that they were victims of a crime.

Re:I sort of agree

[alexo]

AVG, Avast, etc... are all free antivirus.

So here's a question:
How does MSE compare to a combination of free AntiVirus and firewall (say, Avast! + Comodo)?

Get Microsoft out of the free OS market.

[WarJolt]

Pirating is illegal.
Pirates are only ones really complaining.
Pirates switch to Linux
End of problem and it will takes windows out of the Free OS market.

Re:Get Microsoft out of the free OS market.

[initialE]

Pirates do it for games and movies. Good luck with that.

Re:Get Microsoft out of the free OS market.

Unless pirated copies come with the master key, it's more of a risk than pirating a game or a movie - breaking the drm of these doesn't risk turning your computer into a zombie.

Re:Get Microsoft out of the free OS market.

[joocemann]

Yeh but good PC games really only work well in windows; not that I want it that way, but its reality. (I run linux, guys. Please don't tell me about the poor-ass shabby junkjob programs that resemble games on linux.. i've tried them and they generally suck).

I'm very glad to see the console market consuming gaming; it will have a noticeable impact on the number of MS OS installs in the future for sure.

Re:Get Microsoft out of the free OS market.

[selven]

I'm pretty sure Linux is 100% capable of playing all standard movie formats. As for games, maybe they'll realize that there's more to gaming than top of the line multimillion dollar physics engines.

Re:Get Microsoft out of the free OS market.

[AK+Dave]

I don't believe that Microsoft considers itself to be part of any "Free OS" market at all. Maybe they should be. I can't speak for all linux users, but I hardly consider myself to be a pirate. I use a legal OS: GNU/linux. But, alas, I'm certain that Microsoft would hasten to point out how the license code for the copy of XP that resides in a Virtualbox guest is actually the license code that came with the copy of XP which was OEM'd onto the laptop that hosts that guest and that the EULA was for XP to run on a real laptop, not a virtual laptop. Which makes me already a pirate in their eyes.

Re:Get Microsoft out of the free OS market.

[fishbowl]

>Yeh but good PC games really only work well in windows

The existence of "good PC games" is a matter of opinion.

Re:Get Microsoft out of the free OS market.

Making copies without explicit permission of the copyright holder is also illegal under Copyright law.

Re:Get Microsoft out of the free OS market.

[Brain+Damaged+Bogan]

yes, but receiving a copy isn't.

Re:Get Microsoft out of the free OS market.

[markdavis]

But using it after receiving it would be

Re:Get Microsoft out of the free OS market.

[mysidia]

Pirates aren't complaining. They'll circumvent this just as easily as any of the WGA checks, most likely.

This will hurt joe clueless user who for some reason got a Windows install (maybe even a genuine one) that won't pass WGA.

In other words, like almost all anti-piracy measures, it will hurt the paying customers, and have very little effect on the pirates, in the long run.

Re:Get Microsoft out of the free OS market.

[westlake]

Pirates switch to Linux
End of problem and it will takes windows out of the Free OS market.

Someday - and it can't come too soon, to my way of thinking - the geek will understand why OSX and Windows own 99% of the desktop.

The pirate gets his free OS.

The honest Joe who shops for Windows or the Mac is in the market for a household appliance or an office workhorse sold under warranty.

The attractive OEM hardware and software bundle. Factory tested. All hardware and software issues resolved before it ships.

No googling for solutions - it works out of the box or it goes back to the store.

Re:Get Microsoft out of the free OS market.

I would be tempted to say Uplink and Penumbra were good PC games... oh, right.

Re:Get Microsoft out of the free OS market.

[Captian+Spazzz]

Yea, I had that exact argument with them on that once. I finally told them to stick their overpriced bug ridden software where the sun don't shine.

Re:Get Microsoft out of the free OS market.

Who said real pirates want this? It's free. Pirates want Pro stuff. Preferably "Enterprise". Why bother with the handout if you get something similar with a hefty price tag on it? Maybe NOW they want it just because MS says you can't have it... wait a minute, that might be the real reason behind it: market share.

Re:Get Microsoft out of the free OS market.

I find it odd as some one who may or may not have once been a windows pirate. First thing I may or may not have done is installed an application layer firewall so that windows could not talk back to microsoft any more then a botnet could talk back to it's master. I have never understood the point to windows updates when your system is secured before you connect to the Internet. Meh oh well... 3 years on linux and going strong.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

Opinions are just like assholes. Everyone has one, they all stink, and the biggest assholes stink the worst. Unless you have a fetish, and happen to like big asses.

millions of opinions != and !> my personal opinion

Linux rocks, windows sucks, and precious few games have ever been published that were worth ten bucks, let alone the sticker price. For guidance, Age of Empires was worth about 7 bucks, and AOE sequels might be worth a dollar each.

Re:Get Microsoft out of the free OS market.

[ChangelingJane]

Yeah, Gnometris is the future.

...Sorry, couldn't help myself. Even the less bleeding-edge games (indie, casual, downloadables) are mostly on PC, aren't they? I know more are seeing Mac releases, but I haven't heard much on Linux versions.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

"Making copies without explicit permission of the copyright holder is also illegal under Copyright law."

This is what the "IP owners" would like you to believe. In fact, it is legal to make a backup copy, or more accurately, a "working copy" for use at the desk, then put the original disk into storage for safekeeping. This helps to protect against theft, amongst other things. Someone steals my disk, I just go to storage, make a new "working copy", and put the original back where it belongs. In storage. This is part of reasonable use.

Re:Get Microsoft out of the free OS market.

[shutdown+-p+now]

The existence of "good PC games" is a matter of opinion.

Don't look at "good" then, look at the sales figures and/or player base - those are objective, and will tell you all you need to know.

Re:Get Microsoft out of the free OS market.

[gzipped_tar]

!>

This gem is the funniest operator I've seen ;)

On the other hand, replace all occurrence of "<=" with "!>" certainly makes tastier linenoises.

Re:Get Microsoft out of the free OS market.

[gzipped_tar]

The attractive OEM hardware and software bundle. Factory tested. All hardware and software issues resolved before it ships. No googling for solutions - it works out of the box or it goes back to the store.

You must be new to computer purchase. Welcome aboard.

Re:Get Microsoft out of the free OS market.

[the_womble]

Most people are not gamers. The most popular computer game by far is Solitaire.

Re:Get Microsoft out of the free OS market.

[selven]

Which happens to have a port for pretty much every OS in existence.

Re:Get Microsoft out of the free OS market.

[pandrijeczko]

IANAL but I'm not sure it is "legal" to make a backup copy, but it may come under "permissive use" which I don't believe has been challenged too much in the court system.

Re:Get Microsoft out of the free OS market.

[lukas84]

MSE uses the same scanning engine as Forefront Client Security v2 will be using.

As such, it's a very good product without all the bullshit consumer version of Symantec or McAfee AV bring.

Re:Get Microsoft out of the free OS market.

[ciderVisor]

In fact, it is legal to make a backup copy, or more accurately, a "working copy" for use at the desk, then put the original disk into storage for safekeeping. This helps to protect against theft, amongst other things. Someone steals my disk, I just go to storage, make a new "working copy", and put the original back where it belongs. In storage. This is part of reasonable use.

Not in the UK, unfortunately. There is no 'fair use' exemption to infringement over here.

Re:Get Microsoft out of the free OS market.

[talking_walnut]

I think you're missing the point. The point is that the less infected machines out there, the less the chances of being infected. The people who know what they're doing won't care because they'll find ways around it. They generally won't get infected anyway. It's the people who don't know computers that have a version of Windows their nerdy friend installed for them for free (probably cause they already had a virus on it) that'll get caught. Their computer will then be used as a jumping off point for attacking other computers. I'm not actually agreeing or disagreeing with Microsofts decision here. I'm lucky enough to have legal copies of all my OS's provided so this kinda thing doesn't effect me. Just pointing out it's not as straight forward as it might seem.

Re:Get Microsoft out of the free OS market.

[joocemann]

I guess I should have said 'good games relative to widespread public opinion' as a precursor and then we wouldn't even be having this nonsense conversation.

And with that condition, then you outliers can stop pretending that 'good games' is a matter of opinion (with the implicit statement that your one outlier lemon opinion somehow trumps millions of the contrary)

You guys argue like children.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

"with the implicit statement that your one outlier lemon opinion somehow trumps millions of the contrary"

Odd. Somehow, you failed to pick up on the real implied statement. Gaming is an unimportant aspect of computing that appeals to the juveniles amongst us. It has, after all, been noted by a number of people that our society coddles children today all the way through their '50's. I've read a number of articles in which women bemoan the lack of mature men who are willing and able to commit to supporting a family. How many neo-geeks live in their mama's basements, but own (tens of) thousands of dollars worth of games and gaming equipment?

Think about that for a bit, before responding, alright?

Re:Get Microsoft out of the free OS market.

[joocemann]

That's a pretty far stretching and unfounded postulation you've made there. Gaming is a part of recreation and entertainment; something that is essential in human life at all stages. The liberal arts are here to expand our lives and give us purpose beyond survival.

And, contrary to your false generalization, there are loads of people like me that are approaching 30, have been gaming since the 80s, and still do so in place of other entertainment such as TV and/or sports events. And believe it or not, we have our own homes, meet and mate with women, and raise families. Video games were for children when children were the only people interested; but many of us have grown up now and we still like them for entertaining diversion.

It's too bad you assume facts from '...a number of people...' that do not share the same enthusiasm for recreation that most adults do. I would call them sour lemons, but for some reason the sterile halls and walls of arrogance is beholden to some (you). Am I not adult for the fun that I have? Learning to enjoy life to its fullest is also a feature of maturity; get with it.

Re:Get Microsoft out of the free OS market.

[joocemann]

Oh, and back to my main point: with respect to massive public opinion as evidence, the best PC games are generally only for windows.

I'm sure i can google up a million links to support this. It's so funny to watch the linux fanatics scrape and scramble for validity in arguments where there really is none (such as this one). Go ahead, point to the improbable, defer to the 'subjective', or in this last case 'belittle the topic alltogether'. In the end I'm right and there is nothing you can do about it. The sky is blue and good PC games are on windows. Period.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

All that effort to make a point, which I dismiss as irrelevant, and frivolous. Uhhhh - hello, Earth to gamers - our economy is in serious trouble right now. It's time to put the games away, and do something meaningful with your lives. Those millions (billions?) of dollars worth of games and equipment in your basements aren't going to feed you, or improve anyone's quality of life.

Re:Get Microsoft out of the free OS market.

[joocemann]

How is stalking me on slashdot any different? You're not doing anything but harassing me for lack of better means of entertainment. And you said that gaming is childish, lol.

Get to work, goon. Walk the walk of the talk you talk. You need to give up on the things you enjoy RIGHT NOW and get back to work. Oh wait, your fascist assumptions to how people ought allot there time do not apply to you.

By the way, my point is amazingly relevant because it relates to this whole lineage of discussion that you've been trying to take part in. The funny and ironic thing being that your counterargument to 'the good PC games are on windows' is that 'gaming is for kids'. Lol. Eat more lemons sourpuss. So caught up in your attempt to berate me you've found yourself without a relevant argument.

Hello, earth to Runway, we're talking about what OS good games are on and the petty attempts of linux-fanatics to defer to subjectivity as sufficient evidence to devalue massive public opinion. Yes, we lightly discussed the value of gaming as entertainment/recreation for people, but only because you've never had a relevant point to start with.

Your life must be pretty boring with all those lemons and pride holding you back.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

Stalking you on slashdot . . .

You most definitely have an overinflated sense of importance in this universe..........

As for the rest of your rant, and your insults, pack 'em where the sun don't shine. Maybe, just maybe, some day you will become relevant. Til then.

Re:Get Microsoft out of the free OS market.

[joocemann]

A series of replies that are coming less than an hour (and down to 13 minutes) is most definitely e-stalking; or maybe you've got nothing better to do with your time. Aren't you supposed to be workin per your fallacious rhetoric?

Ad hominem won't make your argument make any sense. Sorry, bud. It just doesn't make sense to use 'games are for children' as a supporting argument against windows as the major OS for good games on the PC.

I'm gonna go play some video games and have a blast with friends. Enjoy your lemon salad, frownboy. Get to work, hypocrite.

Re:Get Microsoft out of the free OS market.

[Runaway1956]

Your friendly neighborhood stalker will be watching over your shoulder.

Running a pirated Win 7 x64 copy, no problems

Just installed on a pirated Win 7 x64. Installs and scans without problems.

Re:Running a pirated Win 7 x64 copy, no problems

microsoft is giving windows 7 away right now lol, its not pirated buddy

Re:Running a pirated Win 7 x64 copy, no problems

[mister_playboy]

It is if you are running the RTM and aren't part of the limited group (MSDN, etc.) that has legitimate access currently.

Who exactly are the going to be blocking?

[mister_playboy]

Anyone running pirated versions of the OSs eligible for MSE will probable have cracked WGA, and will be able to install this if they wish.

Re:Who exactly are the going to be blocking?

[metalcoat]

Translated article: MSE will use WGA checks in order to verify it is a legit copy. If you can bypass WGA or crack it this will not effect you.

Re:Who exactly are the going to be blocking?

my win7 with the supposed blacklisted leaked key got it fine.

Re:Who exactly are the going to be blocking?

[apoc.famine]

That, and those running legitimate versions of Windows who had to crack WGA due to false positives. I've helped fix a couple of installs now, which I KNOW were legitimate, but which got the black counterfeiting desktop of doom. One was an HP just out of warranty, run by a clueless user who hadn't done anything other than surf, email, and play solitaire.
 
When I get calls from a panicked friend because they did everything right, had a good AV, anti-spyware, used firefox, and never did anything risky, there's a big problem. When I can apply a crack in a matter of 2 minutes and fix it, that's a double WTF directed towards MS.

Re:Who exactly are the going to be blocking?

[adolf]

Further translation, with a subtraction of sensationalism:

Even the betas of this software performed a WGA check at installation.

That the released version continues to perform WGA checks does not constitute news.

So there's really nothing to see here.

confused about "have to" vs "should"

"I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users],"

Neither can I, but I can see how Microsoft might make more / lose less money by doing so.

I don't give a damn about the "Windows Ecosystem," but if I were trying to sell Windows to a 500-seat corporation, I might want to assure my potential customer that the botnets attacking them, are about to get weaker.

If I were trying to sell them Linux, though, I would hope Microsoft does just what they are doing: avoiding closing the holes. Let the pirates not only suffer, but let them bring down Microsoft's paying customers with them.

Pushing out "Security Essentials" isn't going to really protect anybody, but it might slow things down enough that the winmins can keep up with all the wipe/reinstall jobs.

A good way to punish pirates

...and allow for the propagation of viruses at the same time.

This OS will self destruct in 5, 4, ...

[piripiri]

Knowing that, any user of a counterfeit version of Windows will not be fool enough to install such an application, isn't it ?

Windows XP

[Brain+Damaged+Bogan]

elephant in the room... what if I want to run XP Pro?
my only option if I don't already have a legitimate copy is to pirate it, given that you can no longer purchase it.

(granted I could still buy Vista with downgrade licence... but I don't want to pay for something I will never use)

Re:Windows XP

[Totenglocke]

granted I could still buy Vista with downgrade licence.

Granted I could still buy Vista with a upgrade license .

There, fixed that for ya!

Re:Windows XP

[brian_tanner]

I'm not aware when the plan to change things is, but you can still buy Windows XP from my local PC component shop. I saw a guy buy one on Sunday.

It was really funny actually, he bought the OEM version, which is $179 CAD. The clerk guy told him due to licensing restrictions, he could only sell the OEM version with a piece of internal hardware. The clerk suggested a SATA cable ($5). Deal done.

Re:Windows XP

[Jaysyn]

http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=2571830&CatId=672

That took all of 3 seconds to find.

Re:Windows XP

[dupeisdead]

elephant in the room... what if I want to run XP Pro? my only option if I don't already have a legitimate copy is to pirate it, given that you can no longer purchase it. (granted I could still buy Vista with downgrade licence... but I don't want to pay for something I will never use)

You can still buy Windows XP OEM from computer builders. You cannot go into a big retail box store and grab it, no. But to me, that's like saying you cannot goto your corner drugstore and grab a book that came out 2 years ago. For that, you would goto a book store. I think the same idea applies here.. XP is still available, however it may not be available at your favourite shopping location or as an option on the exact computer you want. That's life sadly. Or, like you say, you can purchase Windows Vista Ultimate/Windows Vista Business, you get free downgrade rights to Windows XP Professional.

Re:Windows XP

[TheRaven64]

You don't even need to look at a specialist shop. Even Amazon.com is still selling XP licenses. If you really want one and can't find it then you probably shouldn't be using a computer.

Piracy love/hate

[jmorris42]

The problem is microsoft has a love/hate relationship with the pirates. They have an absolute need for piracy to be possible but not to become attractive enough (in the first world) to become popular enough to eat into their profits overmuch.

Think about it, Microsoft could eliminate 99% of piracy overnight by using harsh copy protection combined with mandatory Genuine Advantage plus a couple of targeted logic bombs launched against a few of the more flagrant pirate copies. Problem is most pirates these days either built their PC from scratch (else they would have been force fed a license) or bought a PC from a pirate. The DIY crowd is too influential to piss off and what they are doing already stops the bulk of the chopshop pirates in the developed world. If they make pirate windows too unstable in the third world where it is popular they simply can't pay so would be driven to look for alternatives.... and would find them.

So this move is easily understandable, it gives the pirates a nudge but won't overly annoy any of the major groups who pirate. The DIY type who pirates Windows because those guys pirate everything just for fun will have little trouble finding cracked copies of whatever they have been using. At all appearances nobody in the secondary markets updates anything on their damned machines already, considering how much crap spews out.

Re:Piracy love/hate

[selven]

And they don't want to give Linux a 300 dollar competitive advantage.

Re:Piracy love/hate

[NotBornYesterday]

I've long said that piracy was one of the big reasons for widespread MS adoption in the '80s and '90s, and therefore why they are successful today.

Re:Piracy love/hate

[Fnord666]

The DIY crowd is too influential to piss off...

You're kidding, right? The whole DIY crowd could disappear off of the face of the earth tomorrow and Microsoft wouldn't even notice.

Re:Piracy love/hate

[indiechild]

Agreed, Microsoft are like Adobe, they have a love/hate relationship with warez pirates. Adobe actually tolerates piracy to a certain degree, as long as you buy licenses if you do commercial work. When it comes to personal use and learning their products at home, they tend to turn a blind eye. It's good business sense.

Re:Piracy love/hate

[madcow_bg]

Disappear - yes, they may not notice. Start telling everyone that WinXP is insecure and actually have a proof - damn they will care.

Re:Piracy love/hate

The DIY crowd is too influential to piss off...

You're kidding, right? The whole DIY crowd could disappear off of the face of the earth tomorrow and Microsoft wouldn't even notice.

Well sure, if they disappeared off the face of the earth, then they wouldn't be very influential to anyone. All that would be left are the OEM vendors and buyers, and they're content in keeping the status quo. That's very different from the DIY crowd (of which I am a part) dumping Microsoft, which would happen if they get sufficiently pissed off. I dabble a bit in Linux operating systems, but my main computer is running a legit copy of XP that I got free from the MSDN Academic Alliance. I am probably not alone in that demographic (though others may have pirated their OS instead of going legit).

The point is, the DIY crowd is going nowhere, and if they swore off pirating Microsoft products, pirated or otherwise, you better believe that Microsoft would be shitting bricks. They'd rather people pirate their software than allow GNU/Linux or BSD to gain momentum.

Re:Piracy love/hate

[PYRILAMPES]

So you stole a car(windows OS) and that car has lots of holes in it that let rain and mud seep into the engine and transmission(virus and spy-ware) and then you want to install the duct tape(generic quality) on the holes(some of them) using the assistance of the person you stole the car from(MS) then you get angry when the duct tape won't stick on the holes? I would have to say either buy a sporty new car that is free of the holes(Mac) or take a free one that may not have a shiny coat(Linux) jeep style and live on.

*Takes stolen car to dealership for a repair*

[maharb]

Everyone can blab on about herd immunity etc but this seems like denying a stolen car a repair under warranty. Systems are going to be used for attacks, it might as well be the pirates systems and not mine. Security these days is more about running faster than your peers, not outrunning the hackers. Microsoft doing this will put paying customers closer to the front of the race. And I am not a microsoft fanboy so don't write some bs about that.

What will everyone want next? Metadata updates for your stolen music from the record companies? As much as I hate some things about companies, you have to draw a line somewhere.

Re:*Takes stolen car to dealership for a repair*

[maugle]

Except it's not the pirates with pwned machines that suffer, it's whoever the machines are currently targeting. Denying pirates security just increases the size of some Russian guy's botnet and makes life a little nastier for everyone, but it doesn't affect the pirate himself very much.

Of course, this is all assuming the pirated copy didn't come pre-infected...

Re:*Takes stolen car to dealership for a repair*

[selven]

When damaged cars can spread their damage to other cars just by being on the same highway, then your analogy might work.

Re:*Takes stolen car to dealership for a repair*

[joocemann]

Oh no you didn't. You didn't just say that people should actually pay for things they want on slashdot, did you?

That is absurd and you will be modded appropriately.
------

You want to know what I always wonder? There are probably thousands of people on slashdot that use linux/FOSS, but work for companies coding software for windows only. I always wonder why the workplace turns these big proponents into cowards and they never do anything to make real changes happen that they could *actually* be a part of.

But lets be honest here... the linux pride really only kicks in when we're not afraid to talk.

Re:*Takes stolen car to dealership for a repair*

[Totenglocke]

If you know how to pirate Windows, you either 1) know how to get free AV software, 2) know how to fool WGA into thinking your system is legit (and can use MSE) or 3) know someone who got you the pirated Windows who can get you one of the first two options.

Re:*Takes stolen car to dealership for a repair*

[NotBornYesterday]

If your damaged inner tie rod end breaks while you pass me, you just might inflict a lot of damage on my car.

I get your point, but I'm just sayin ...

Re:*Takes stolen car to dealership for a repair*

The funniest part is the second some company even so much as THINKS about infringing on the GPL, then the world is ending. Angry, fallacy-ridden rants line the comments page of the post. But those same commenters have no issue with people infringing on the copyrights of Microsoft or the music/movie industry at large. They don't see their own hypocrisy here. It is very much an entitlement mentality.

What makes it even better is the fact that oftentimes they are NOT running Linux. They're just running their mouth off about how great it is and how their employer forces them to use Windows. That, my friends, is the face of true oppression.

Re:*Takes stolen car to dealership for a repair*

It may be stolen, but why does every new vehicle off the assembly line require "repair".

Re:*Takes stolen car to dealership for a repair*

[selven]

Or Joe's Cheap Computer Shop pre-installed it with a cracked version of Windows, so the purchaser doesn't even know his Windows is non-legitimate.

Re:*Takes stolen car to dealership for a repair*

[mysidia]

Okay.. let's say the dealer refuses to repair a problem, e.g. "bad brake lights" or "randomly shoots fireballs out the exhaust pipe". And for some reason, that problem constitutes a safety hazard on the road.

Damaged cars can indeed "spread their damage" when they are operated, and the malfunction causes an accident on the road.

Re:*Takes stolen car to dealership for a repair*

[Totenglocke]

Never, EVER heard of this happening. I call internet myth.

Re:*Takes stolen car to dealership for a repair*

[maharb]

Then what is the issue. The system either has AV software and it stops the attackers, or it doesn't and they get in. Regardless it is not affecting a paying users system.

Re:*Takes stolen car to dealership for a repair*

[Laughing+Dog]

There are probably thousands of people on slashdot that use linux/FOSS, but work

Doubtful.

Re:*Takes stolen car to dealership for a repair*

[m.ducharme]

I've heard of it happening, and I've heard of shop owners who've gotten busted for it.

Re:*Takes stolen car to dealership for a repair*

[rohan972]

I've had customers bring in machines like that.

Re:*Takes stolen car to dealership for a repair*

[the_womble]

The problem is that it is usually 3, and the person who got you the pirated Windows does not care, and you are a naive user who does not understand the problem.

Even is anti-virus is installed, the vast majority of people happily click past a warning, telling them that the virus database is out of date, every time them boot up.

Re:*Takes stolen car to dealership for a repair*

[TheRaven64]

I've seen it happening, at a shop where I worked briefly as a student. It closed recently, but for years every machine they sold came with a pirated copy of Windows and Office (and, often, any other software they found lying around). They also installed a dial-up Internet connection using a testing account with one of the big ISPs, so every one of their customers had the same ISP account. (This was back around 2002, and their target market was people who couldn't afford - or didn't want to pay for - a new PC, so probably weren't going to pay for broadband.)

Re:*Takes stolen car to dealership for a repair*

Except that I do own the car. I just disabled the "feature" that spontaneously shuts the car down every time I make a significant tweak to the engine or other modifications, because A) I'm tired of having to phone the manufacturer for an "activation code", and B) it's an unnecessary point of failure that does no good to me at all.

mind play?

[postmortem]

Giving this software free to pirates is almost a promotion of piracy - if you get same stuff when you pirate, then there is no downside to do it.
ll
Also, few pirates might feel bad about the fact that their copy is not 'genuine'. And some owners of valid copies might feel satisfied knowing that people who got free ride didn't get the whole package.

Re:mind play?

[Spy+der+Mann]

Giving this software free to pirates is almost a promotion of piracy - if you get same stuff when you pirate, then there is no downside to do it.

There's an obvious flaw with that thinking. Pirates and crackers often work together. Why do you think many people prefer cracked/pirated versions of software (or DVD's) to the originals?

When Windows product activation punished me for reinstalling Windows, I decided to get a cracked copy with no product activation/genuine advantage shit. It was so much easier.

And it's practically useless to restrict security updates from "pirates". Pirated windows users who really care about security, just pirate a copy of your-favorite-antivirus product.

The people who really are hurt with this are Joe users who for some reason have a pirated Windows on their PCs. They either don't know, or don't care.

I'm pretty sure this security decision is just a PR-facade to tell MSFT shareholders that they're not promoting piracy.

Re:mind play?

[DAldredge]

"Why do you think many people prefer cracked/pirated versions of software (or DVD's) to the originals?" Because they don't have to pay for it.

OH NO!

[Murdoch5]

Wait I run Linux, thank god I'm already safe!

Re:OH NO!

[selven]

I think you missed a critical update.

http://www.linuxgenuineadvantage.org

Re:OH NO!

[apoc.famine]

Probably not. At bare minimum, this means more botnets members available to spam whatever email accounts you use.
 
Directly safe? Sure. Same as myself, and a lot of others. But indirectly, this doesn't help anyone but people running botnets. It's far more work to deny security updates to some users than it is to just give them to all users. And it's strategically a poor decision because of the INCREASED risk to the protected machines due to the attacks from the unprotected ones.
 
If this works, and you push it to everyone, you cut down on spam, attacks on your protected machines, and overall, you make the internet a little better place. And before anyone beats me to it, I know damn well that MS and "make the internet a little better place" don't belong in the same paragraph. Bitterly, I wonder if their goal of destroying the internet had any basis in this decision.

Re:OH NO!

[TheRaven64]

Depends. Remember that SCTP vulnerability from a few months back? No reason an attack using that couldn't have been launched from a Windows botnet. Are you running any applications that have been ported to Windows? A vulnerability in one of those could be used for some cross-platform malware (it's relatively simple to issue a couple of system calls to check which OS you're running on and then jump to the relevant part of the code).

Obligatory analogy

[Norsefire]

If Ford said they would install free car alarms in every Ford, do you think that would apply to cars that had been reported stolen?

Re:Obligatory analogy

Horrible analogy that is logically different:

Ford = Microsoft
Ford car = Windows
Car alarm prevents theft = Anti virus prevents viruses
Stolen = infected

If Microsoft said they would install free antivirus in every Windows, do you think that would apply to windows that had been reported infected?

You are confusing the issue. Besides, this is about protecting the ecosystem which goes beyond Windows. Infected machines are used to build botnets & perform other various illegal activities. I would argue that as a responsible company, Microsoft should release it, perhaps with a warning that it was an unauthorized installation, thereby notifying at least unsuspecting users of any problems. This at least reduces the infection vectors that attackers can exploit.

Re:Obligatory analogy

[Sparton]

If Ford said they would install free car alarms in every Ford, do you think that would apply to cars that had been reported stolen?

Then some jackass wanders into the conversation and states that the cost to Ford for making the car alarms and hiring people to install them is not equal to the cost of just letting people download something you're effectively giving away for free (or at a very small loss, if you're thinking about bandwidth costs).

And if it isn't about the cost of adding this on, then why would Microsoft be disallowing this? To feel like they're on moral high ground?

Re:Obligatory analogy

[mysidia]

Yeah, it would... but when someone brought in a vehicle reported stolen, i'd also expect that dealer to contact law enforcement immediately, when the dealer discovered the report.

Re:Obligatory analogy

[univalue]

If Ford said they would install free car alarms in every Ford, do you think that would apply to cars that had been reported stolen?

Can I go in to the local copy place and copy me a new ford?

Re:Obligatory analogy

Another crappy analogy. Stolen cars having alarms fitted would benefit only the thief, and would cost Ford money. Pirated Windows having MS's anti-malware suite installed would benefit non-pirated Windows users and essentially cost MS nothing.

Wrong title

[Vexorian]

"Microsoft attempts to block pirates from security essentials software"

No big deal

[Hatta]

If the pirates want it, they can just get it from wherever they got their pirated copy of Windows.

Pirated AV is much more detectable

[dallaylaen]

An antivirus is useless without constant updates, which makes it relatively easy to reveal cracked copies and/or duplicate serial numbers.

In fact, I see a number of people here in Russia who pay for the AV but not for Windows, Office, or e.g. Photoshop. Why? They are tired of constantly searching for cracks and getting infected in the meantime.

Now those freeloaders are given a choice: a pirated OS and paid-for AV, or a paid-for OS and a free AV.

Smart move.

Re:Pirated AV is much more detectable

[theCoder]

Now those freeloaders are given a choice: a pirated OS and paid-for AV, or a paid-for OS and a free AV.

Or they could choose a free OS with no need for AV and plenty of free software. But that's the kind of a crazy idea that I'm sure would never work.

Re:Pirated AV is much more detectable

[dallaylaen]

I started out with Slackware in 2000, and run Linux exclusively since 2005.

However, the specific social group I'm talking about is probably the hardest to switch.

They have enough knowledge to feel confident with Windows -- but not with FOSS; they seldom pay for software -- no "but it's free" argument.

Help Eliminate Software Piracy

[janhct]

The whole argument about software piracy is driving the world crazy. If Microsoft are serious about the elimination of piracy of their licensed software here are a few pointers they might consider:

1) Demand that all governments institute extremely severe penalties for every instance of copyright or license violation. At least that will ensure that the subject gets taken more seriously. (I can't advocate the death penalty, but something close to it would help make a resounding statement.)

Also, show zero mercy, otherwise the message will not be strong enough! (PS: The RIAA and MPAA should take hint also to help educate the public that use of proprietary copyrighted material is a VERY serious matter. Eliminate any concept or form of "fair use" - there is no room for it in a DRM locked up world.) It is only reasonable to make the consumer aware that organizations that pursue such controls really do not want customers, they want prisoners. Prisoners have no rights! It is time to come out of the woods and into the clear!

2) Eliminate the bundling of Microsoft products from all computer sales.

Microsoft should insist that the consumer must obtain duly licensed software (operating system and applications) and must comply with well published and clearly presented licensing terms. The current practice of bundling MS Windows with laptops and desktop systems is a source of endless confusion for the consumer. Microsoft are the primary cause of end-user confusion.

The purchase of a bundled system requires the consumer (or user) to enter into a compulsory contract (EULA) with a third-party who is NOT involved in the purchase transaction between the purchaser and the supplier of the hardware (laptop or desktop system). This is a patently unjust business practice because the user is coerced into a contract with a company that interferes with the purchase transaction between buyer and seller. Separating out the purchase of an operating system would clearly separate the business and licensing transactions, and thus will create greater awareness of the responsibility to comply with licensing terms.

3) Governments should insist that under freedom of information conditions all consumers must be made aware of the alternatives they can choose from when faced with a need to select an operating system and application software. The consumer should be made aware of the existence of free software so that the consumer is not coerced into an unnecessary financial or legally oppressive relationship.

4) Microsoft should educate their users that the original license to use a product they supplied applies only to the originally supplied product. In other words, all modifications made to the operating system, or to application software, as a result of a maintenance process is a sub-license of the original license and can not be severed from the original license. Please help loyal Microsoft users to keep the consumer honest.

Too often IT people are approached by someone who received a second-hand computer from which the original purchaser had erased the MS Windows operating system, but left the activation key sticker on the machine, only to be asked to install some version (any version) of MS Windows because they do not have original installation media, and yet believe that the activation key sticker is a license to any version of Windows since they can not use the computer without an operating system installed.

Microsoft, please help us to eliminate these myths! Why should Microsoft's loyal supporters make themselves out to be the bad guys? Gentlemen, the confusion does not belong to those of us who respect licensing terms. Most open source software advocates are zealous to ensure that the terms of use of open source software are fully complied with. With the right leadership from Microsoft they can be just as zealous to help educate Microsoft's customers of the importance of compliance with Micrsoft's EULAs. After all, this would be only reasonable. Right?

- A Concerned Licensing Advocate

Re:Help Eliminate Software Piracy

[mysidia]

but left the activation key sticker on the machine, only to be asked to install some version (any version) of MS Windows because they do not have original installation media, and yet believe that the activation key sticker is a license to any version of Windows since they can not use the computer without an operating system installed.

It's the OEM versions of Windows that have these stickers.. The license is permanently tied to the computer and cannot be re-assigned to another computer (per the OEM EULA).

The purchaser has failed to live up to their obligations under the license, and surrender the media when surrendering the sticker.

Anyways, the sticker is confusing. Basically, Microsoft should either stop making the dubm stickers, or print a unique URL on each sticker to permit download the License and backup media corresponding to that copy of Windows (for a nominal download fee, to pay for bandwidth, of course).

Not all pirated copies are being blocked yet ...

Machines validated using the leaked Lenovo OEM product key validate properly when attempting to install MSE, at least those that actually use a patched SLIC 2.1 BIOS (the alternative is a boot loader that soft-patches the BIOS on the fly but which may be more detectable).

Re:Who exactly are [they] going to be blocking?

[tqk]

That's the saddest part of this. MS ought to be going out of their way to rid the net of every Win* based bot, if only to protect its valued customers (from each other).

The only non-legit Win* users who will be able to protect themselves are those who can crack MS tech (hardly rocket science, but my Mom's not going to get it).

BTW, don't get me started on the relative usefulness of various AV Windows tech. It's a scam. I use FLOSS. I'm amazed MS has managed to get away with this !@#$ for this long.

Anyone remember when MS tried to steal tech from the father of ethernet? Redux, i4i anyone:

10/97--Alacritech files first provisional U.S. Patent application 60/061,809 on SLIC Technology ...

Not hurting leet hackers, but fools and poor folks

[farbles]

I don't see that many pirated Windows installs but the ones I do see are all from poor people who were given a bootleg XP or Windows 2000 disk with no product code and no questions asked. I mean, fair is fair and Microsoft is selling a product as a business not giving away their OS as a charity but in my experience the people they're hurting are the ones least able to help themselves.

The poor people I'm talking about here are usually seniors with little computer knowledge using out of date hardware and single parent families with few resources. They're not buying new computers and $150 for a Microsoft OS is too steep for their budget.

They're not leet hackers laughing at Microsoft, they're simple folk. One little old lady who had her computer in was completely horrified when I told her that her Windows was pirated, she literally had no idea. Our policy is we don't help you once we discover your Windows is pirated for the simple reason that we have no way of knowing what has been done to the OS or what has been corrupted or is missing. In that case she came in a couple of months later with a legal Windows disk she'd saved up and bought and I installed it for her gratis. I know the price tag hurt her though but she would have no truck with illegal Windows.

Anyway, my point is that these folks are for the most part clueless and are ripe targets for botnetting since they lack the knowledge to acquire and keep an AV updated on their own. Free Avast and Free AVG are available to them but without handholding they'd never figure out how to jump through the hoops to download, install and set these up. The beauty of Microsoft Security Essentials is that they've made it pretty much self-running and idiot-proof. Like I said in my post yesterday, I'd push it out to everyone not already running an AV if I were Microsoft. It increases the general health of the Windows eco-system, makes Windows more secure and run better as a result, which in turn makes the Windows experience better for everyone and increases the likelihood of Windows purchases down the road through good word of mouth.

The leet hackers have the tools to look after themselves. If it were just them running pirated Windows, I'd agree with Microsoft and say stuff 'em. It's not though and things look a lot different on the bottom of the food chain; it's those most unable to protect themselves who get hurt the most.

Re:Attack the problem, not its results.

[AnotherUsername]

"If you don't purchase this software, you can't use all the features that come with it in its fully purchased form." This is done every day by thousands of companies and developers all over the world. This is nothing new. Tell me, have you ever used a trial version of software before? You haven't paid for it, so it doesn't come with all the features. Companies use this tactic to get people to purchase the software, so they can use all the features.

Before anyone goes on a 'free software' rant, remember, companies don't make software so people can use all the features and feel good about it, companies make software to make money. And if people think that the pay-for-software world doesn't affect the free-software world, just remember, hardware innovation would be years behind without those big flashy pay-for software programs that require more and more processing power. Whether it is the latest FarCry game or the newest version of 3d Studio Max, powerful software requires powerful hardware. Companies like Crytek aren't going to give away their software for free. It just won't happen. Free software is great, but pay-for software is great too. They each have their own pros and cons.

Okay, so that was more rantish than I was hoping for, but its been a long day, and I have to listen to a free software zealot earlier who had no concept of pay-for software usefulness, and would not listen to any reason at all. Forgive my ranting.

Re:Herd mentality

[uassholes]

Perfect for MS users.

Many Legal Users

[Eadwacer]

If my experience is any guide (two different PC's with OEM installs flagged as pirated), the false positive rate on the WGA is so high that a significant number of legal users will be blocked. It's OK to be hard-nosed, with zero tolerance, as long as you make zero mistakes. WGA isn't even close.

Norton a pirates best friend

Nice ring to it.

Woah! Really?

[Civil_Disobedient]

Those people have many other choices, including free.

Wait, so we can use the free versions? Aww, thanks, man! And they said MS is full of jerks.

Non-WGA does not mean counterfeit

[markdavis]

"Microsoft will block users running counterfeit copies of Windows..."

No, try this rewording instead:

"Microsoft will block users not running WGA certified copies of Windows..."

It can be non-counterfeit and yet not registered or certified by the Windows Genuine "Advantage" stuff. It can even be non-counterfeit and REJECTED by WGA.

Re:Non-WGA does not mean counterfeit

You are right in the "It can even be non-counterfeit and REJECTED by WGA" part, but I am running a "non-counterfeit and yet not registered or certified by the Windows Genuine "Advantage"" and using Security Essentials.

I have to rearm soon...

Re:Non-WGA does not mean counterfeit

My concern exactly. The word 'pirate' is tossed around too easily, and it would be a mistake to let MS define the word. Non-WGA-certified is the more accurate term.
WGA fails, we all know that. I am on my 2nd machine that fails WGA because too many hardware changes led to requiring re-activation, which just plain fails. I don't pretend to know what goes on inside the WGA software; all I know is, defeating it is often easier than working with it.

That said, I think making the distinction between this anti-malware package and a patch of the OS is valid.

Re:Non-WGA does not mean counterfeit

[wiredlogic]

That's a real slap in the face of legitimate customers who have intentionally and legally rejected the installation of WGA on their computers.

Re:Non-WGA does not mean counterfeit

[Some+Bitch]

That's a real slap in the face of legitimate customers who have intentionally and legally rejected the installation of WGA on their computers.

Yeah, both of them.

Re:Non-WGA does not mean counterfeit

[smoker2]

There is no such thing as counterfeit Windows. Nobody is building their own OS and trying to pass it off as Genuine Windows. The Windows that "pirates" use is the same as the Windows that sells in the high street shop, or gets supplied by Dell. What is at issue is whether it is a legally licenced copy, not whether it's a genuine or fake copy.

Re:Non-WGA does not mean counterfeit

[david_thornley]

I did; who's the other one? I'd like to meet him or her. We've got something in common.

Pirates?

[twocows]

True pirates will use Avast! anyway.

Re:Pirates?

True pirates will use Avast! anyway.

Joke asides, that's true.

So pirated copies of Windows won't have access to their "security" software?

That means pirates will keep using Avast, AVG, Avira, Superantispyware, Malwarebytes Antispyware, and all the other FREE and effective programs that are available whether you are using a legitimate or pirated copy of windows.

In the end, pirated Windows will still be more secure that legitimate installations.

No big deal.

One problem

Can Microsoft actually tell if a user is pirating Windows if a BIOS SLIC mod is done? What about the BIOS emulator that I've seen run on every startup on Vista before? What about the Windows XP WGA and AntiWPA hacks that seem to have no side effects?

By all means, I agree they are fully allowed to not let pirates use their free alternative virus protection, but I wonder what the point is if they can't defeat these ubiquitous hacks (to my knowledge). Mostly anyone who can figure out where to download a copy of windows and find a legitimate cd-key for it is probably also at least clever enough to run some possibly malware ridden (but possibly not, as well) WGA/WPA/BIOS hack, rendering this protection useless against them.

Anyone else who is not clever enough to find these hacks probably also don't realize the need for virus protection and updates in windows (unless Microsoft points it out), and these people COULD affect legitimate users as can be understood with botnets and the like.

So?

Who gives a shit what Gartner has to say about anything? They are wrong far more than they are right.

Only the dumb pirates will be affected

Windows 7 has to be the easiest OS to pirate. Microsoft really fucked up letting it self activate by just reading some bytes in the BIOS.

What if it was your daughter...

[Anonymatt]

What if some dope was screwing your daughter and there was nothing you could do about it, but somehow you could magically make him wear a condom. Wouldn't you put the condom on him (magically)?

I've got one

[sootman]

'I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users],' said John Pescatore

How about this: MS owes it to the world for putting out such a shitty, vulnerable operating system for so many years. Since 80% of spam comes from botnets, maybe, just maybe there would be less spam in the world if there weren't so many shitty, easily-exploited Windows boxes out there. Not only should MS give this away, they should make it available for all XP users as well, legit or not. Bill Gates said in 2004 that spam wouldn't be a problem in two years. He had the power to do so all along, he just never did. I'm sure he thought it would be an interesting solution, involving artificial intelligence and cool 3D worlds like in Hackers and Swordfish and Johnny Mnemonic, and lasers and magnets and sharks and God knows what else... not something boring like cleaning up the mess made by his own shitty products.

Re:I've got one

Yes, Amen, Right on, Alright

Re:I've got one

Not nearly as shitty as what comes out of your mouth.

Re:I've got one

[cdrguru]

Unless I am completely mistaken, most botnet infections occur because of user action, not because the computer is allowing remote connections. Linux would be equally vulnerable if unqualified users were using it and installing software on it. When the software they are installing asks for the root password, they would obviously supply the root password, because they are unqualified.

That explains the situation for Windows. Plain and simple, these people using Windows have no business administering a computer, period. I assure you that a botnet infection program can be written for Linux and simply ask the user to do whatever is required during installation. You may discount these because YOU wouldn't do what was requested, but that has nothing to do with what your average Windows-using grandmother would or would not do.

Sorry, you can't make a computer secure that is (a) administered by someone unqualified to do so, and (b) allows software to be installed on it. I would claim an iPod is completely secure. So is a clock radio. If you give a computer user that cannot administer their machine an appliance that cannot have other software installed on it, you can have a secure computer for unqualified users.

A general-purpose programmable computer that requires administration cannot be secure unless it is administered by a qualified person. This is why a lot of corporate systems are indeed secure even through they are running Windows. It is also clearly why other corporate systems are completely insecure and have botnet infections.

Re:I've got one

[rdebath]

We have the source, it is possible to make a Linux distribution that lets a normal user defend themselves.

The first look would probably be something like Puppy Linux. This boots off of secure storage (a CDR) to which it adds another session just before you power off. This very simple technique gives the user the ability to throw away a session by just turning off the machine. Puppy also keeps the sessions independent on the disk so you can go back to a known good session but still collect user data from later sessions.

Think carefully, the problem isn't that the administrator is "unqualified" the only qualification they need is the ability to notice that something is wrong. A that point Puppy linux would allow them to go back or start with a clean CDR. It's still a bit of a pain to recover later changes from the old setup though.

That's the key. It's called the factory reset button, it puts the machine back to the state it was when you bought it. Complete with all the extras you bought for it. It leaves the machine ready to continue working with your stuff. Don't miss that bit; it must only delete code that's made itself part of the OS not your passive documents.

That's actually it; the core is that simple, you need to have a trusted boot and protect that boot from any 'untrusted' code that runs later and give the user the ability to stop that untrusted code from running. This trusted 'zone' also has one other job; protect the user data, make sure it cannot be damaged by anything once saved. That bit's called a versioning filesystem.

Microsoft are trying to do this, but they are severely hampered by years of crap code, bad installation management tools and horrible APIs. Linux OTOH has the Unix history of solid multiuser protection, it's got a lot less further to go.

Ho-ho-hold on, hold on one second.

Re:I've got one

[IceFreak2000]

Think carefully, the problem isn't that the administrator is "unqualified" the only qualification they need is the ability to notice that something is wrong.

But that's the problem isn't it? Most clueless users that I know (they're only clueless in the IT sense, and regard their computer as a tool and possibly something to play a few games on as well) would have no idea that something was wrong with their machine. It could happily be running as part of a botnet, but they'd be blissfully unaware of the fact.

Re:I've got one

[sootman]

Wow, I went from a +3, informative, down to 0, flamebait. Nice. Despite the swearing, everything I said was true, and you are wrong. LOTS of Windows malware has spread WITHOUT user interaction, thanks to a slew of MS apps that execute code willy-nilly, for example Klez ("The text portion [of the email] consists of either an HTML internal frame tag which causes buggy e-mail clients to automatically execute the worm...") and Sasser ("Sasser spreads by exploiting the system through a vulnerable network port...") and the Kak worm ("...a VBScript worm that uses a bug in Outlook Express to spread itself.")

Your argument about administering Linux and Windows boils down to "Neither Linux nor Windows can be secured 100%, therefore they're equally bad" and that is NOT the case. If Linux or Mac OS X were dominant they'd have SOME problems, but not the amount that Windows has.

That aside, I agree with you when you say security is not an easy thing. However, security comes in layers, and having an OS that's not equal parts mashed potatoes and swiss cheese is a good start. LOTS of the technologies that could have stopped the spread of MOST malware were WELL KNOWN and EASILY IMPLEMENTED at the time needed but MS just sat on their hands and did NOTHING for YEARS. Buffer overflows can take some work to find but MS has made COUNTLESS stupid decisions over the years, like having Outlook Express automatically execute code sent IN ATTACHMENTS (besides displaying/executing bad HTML/JS/etc in EMAIL CLIENTS) and having lots of services OPEN BY DEFAULT.

Botnets are an example of how MS's shoddy code has made everyone's--not just Windows users--lives worse. So, like I said, MS owes it to the world. Again, the guy in the article is saying "I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users]..." but MS is already giving it away for free to registered users so it's not like they're losing sales. All they'd had to pay for would be bandwidth, and there are already a zillion sites that give away bandwidth to deserving downloads--universities, ISPs, etc. Don't you think every single school in the world would host a copy (AT LEAST for their internal users) to keep their own networks safe? Same for every ISP. Large companies would also distribute it internally. There is NO WEIGHT WHATSOEVER to this inconsiderate asshole's* argument. (-1, here I come!)

* just to be clear that I'm not flaming the wrong person: "this inconsiderate asshole" refers to John Pescatore as quoted in the summary, not the poster to whom I'm replying.

Re:I've got one

You have something that is not at least five years old?

Re:I've got one

[sootman]

Do I need to? There are still MILLIONS of unpatched (legit and not) XP pre-SP2 boxes out there causing LOTS of trouble, and plenty of malware out there still works on XP SP2, 3, and Vista. My one and only point is, MS should make up for all the years that they sat on their hands, ignoring obvious good (not even "best") practices.

The freedom is not free.

[Max_W]

The problem is that Windows is intentionally designed to be easy to crack, as a marketing tool. They wanted it to spread as wide as possible. In former Soviet Union about 99% of Windows are cracked versions.

Now they stop critical updates because they want the bot-nets to grow and make the Internet unusable, because they are losing in the Internet to Google. So they destroy the Internet, and the world is returning to the Desktop.

It is quite possible. For example, I cannot already use the torrent, if I use it, then my provider disconnects me next day for several hours. Crime and punishment.

I begin to see a new meaning in the words: The freedom is not free.

Re:The freedom is not free.

[Max_W]

Microsoft does not need a fast functional network where billions of users can collaborate, use various web-applications.

They need a wild unsafe broken environment, where computers of honest and lucky licensed users will be like Desktop castles in an ocean of evil and malware.

As they stopped critical updates, the bot-nets will find a way to use it to their advantage. It takes two to dance.

Re:The freedom is not free.

What in the fuck are you rambling about and how is insane enough to mod you up?

Re:The freedom is not free.

[shutdown+-p+now]

The problem is that Windows is intentionally designed to be easy to crack, as a marketing tool.

This used to be true in older days, and even XP WGA was a half-assed attempt which was trivially cracked, but it seems that things have changed somewhat since Vista.

I recall trying to find an activation crack for Vista that would also enable Windows Update (i.e. let you pass validation online) about two months after Vista was released ... and yes, they were there - but installation was quite messy, requiring bootloader hacks and such. I didn't really see it improve for a few more months - in fact, some of the existing cracks stopped working with new Vista updates (and then I rolled back to XP for a year, and didn't track the crack progress any further).

Re:The freedom is not free.

[UBfusion]

In a sense I agree with you - most software (and not only operating systems) were initially (and most still are) designed to be easy to crack. Most software that we call now "industry standards" have started this way.

Piracy became *necessary* because the market *requires* from users adequate knowledge of the industry standards even before applying for a job: you will never get a job in any DTP company if you already are not an expert in Photoshop - they will not give you a copy and allow you three months to learn it (as was the case 15 years ago). The same principle applies to any computer-related business: graphic design, multimedia production, architecture or engineering. Ask any professional how he learned the software tools of the trade and he'll tell you that he learned them at home using pirated copies.

This might explain why currently most Computer Science university departments tend to degenerate into software user training centres. This trend is inevitable, because on the one hand graduates must find a job and on the market side the requirement for a university degrees has become part of the workforce selection mechanism.

Therefore, piracy is inevitable as it is an essential prerequisite for both the evolution of the species (the marketplace) in the computer-related capitalist ecosystem and the survival of the fittest among the workforce. This is the essence of "knowledge society" and we must all be forever indebted to Microsoft for making Windows so easy to crack, because otherwise 90% of us /. readers would have a different job today...

Re:The freedom is not free.

[chip_s_ahoy]

I predict that in two years you will invent Timecube.

Re:The freedom is not free.

And exactly how much of the gasoline-tainted vodka did you huff before you wrote that gem, comrade?

Enough with the bad Yakov Smirnoff impression you tool, it's quite clear from your rather poor writing style that you're "faking it," so to speak. I mean it's clear that you're trying to be comical with some of this stuff, but you're just failing miserably, man. Case in point:

"do not explode the moon (Score 1) on Wednesday June 17, @09:34AM
by Max_W on Wednesday June 17, @09:34AM (#28360691)
Attached to: NASA To Trigger Massive Explosion On the Moon In Search of Ice
We know by now that nature is vulnerable. Moon is relatively small. Why make a big explosion on it? One can use drilling for research.

The system Earth-Moon can be destabilized by such explosions."

Jesus. Fucking. Christ. Did you actually type that with a straight face, or were you giggling and yelling out each word in a bad impression of Chekov at the same time? "Do not explode the moon?" What are you going for, it's so bad it's good?

Re:The freedom is not free.

Are you fucking nuts?

Re:The freedom is not free.

Go back to Chernobyl you radioactive infertile piece of shit.

Piracy - good for windows, bad for linux?

[h00manist]

Is piracy good for microsoft, and bad for linux? If *indows wasn't "free", in practice, would linux have seen more adoption? Should Linux users then help Microsoft denounce piracy, go for the piracy snitch rewards?

Re:Piracy - good for windows, bad for linux?

[ancientt]

I have firm and plentiful opinions about Microsoft and in particular the free antivirus, but this stops me and makes me think. Certainly I would have more success in promoting Linux and certainly there would be a stronger community. Would the current system even resemble the one that would have evolved if piracy had been effectively stopped? Would the system that is evolving now be better or worse if Windows were very difficult to pirate?

I'm not able to really guess at the answers to those questions with any degree of certainty, but I do have guesses about how a MS free antivirus will affect the IS industry.

1. The bar for what an antivirus company must do in order to be profitable is raised. This is a good thing. We use Kaspersky and Clamwin, and have abandoned Symantec and Trendmicro, but I'd be thrilled if those companies could focus more on making the product reliable and good rather than staying at the front of the detection game.
2. Less proliferation of viruses and malware can be expected because even a moderately applied antivirus is an improvement over the current system.
3. More brainpower can be devoted to other endevors. Centralizing an antivirus system means that there will be less jobs for IT inclined professionals and, while it may hurt raw employment numbers, I have faith that those people still employable can put their skills toward production instead of defense.
4. With a more productive and reliable IS industry will come better software and better systems for the majority of people, people who don't care about security generally, but who are able to spend more time being productive.
5. Nobody can protect Windows like Microsoft. At least, nobody should be able to protect Windows as well as Microsoft should be able to. Antivirus vendors have to put in place things that weren't explicitly designed for and always have to guess whether a particular component is acting as it should where MS should be able to know, even before updates and changes are released what is correct behavior and what is malicious. At worst they should be able to identify which files are legitimate MS files and which aren't.

Microsoft can mess up, but if they do a half decent job, in a year there should be less successful viruses, more productivity for the average user and more available IT resources for production (since those resources that were previously in defense should move to production.)

Whether this will be a boon to free software as more people are inclined to find systems that don't need antivirus remains to be seen. Whether the production side will move to Linux or other FOSS systems remains to be seen. Whatever happens, I cannot help but believe that MS releasing free antivirus, for whatever motivation, is a good thing. If by doing so they create an environment where piracy can be addressed, and the real options of FOSS or closed source get a fair comparison doesn't really matter so much to me as whether it makes the computers that the industry uses better.

Heh

[NotQuiteReal]

When MS withholds patches, it can lead to stronger botnets and ID theft.

And, if your hacked bootleg Windows system went online to pay for a legitimate key, that would be "priceless".

If I were a Pirate...

[NotQuiteReal]

I'd be raping and pillaging on the high seas... or any number of things that are at least 3 or 4 definitions above anything that has anything to do with the word "Linux".

And the same folks that abuse the word "pirate" get all bent out of shape on the whole "stealing vs copyright infringement" argument.

Re:If I were a Pirate...

[HellFeuer]

This usage of the word "pirate" dates to 1603 at least (citation on wikipedia). If you start contesting 400 year old definitions you might have to throw out half the dictionary.

Correction

[pha3r0]

since Windows PCs threaten the entire Windows ecosystem.

The fixed it for yah :)

well...

im sure someone will hotfix the problem soon enough.

ms doing the pirates a favor

[mookiemu]

Judging by MS track record when it comes to security, they are doing the pirates a favor. Now the pirates have to go out and get security software that is undoubtably better than whatever MS provides...

Re: Give them the AntiVirus

[xiando]

No antivirus on the Windows also leads to "lead to stronger botnets and ID theft". My personal GNU/Linux "other choices" does not help me when I am under attack by zombie botnets. If Microsoft would simply prevent those who are have illegitimate Windows copies from using the Internet, or simply prevent them from using them at all, then that would be great for the rest of us who are (ab)using the Internets. Half-assed attempts at encouraging people to pay for their product by withholding those parts of the software who make having Windows-users on the Internet bearable for the rest of us is just bad.

Wait. What?

[Torodung]

Nevermind the pirates. They get what they paid for. Giving them nothing makes good sense.

What the hell happened to Windows Live OneCare? You know, paying customers?

What does the MSE release say to the people who paid for that Microsoft AV program, among other OneCare services?

The message is pretty clear: "Pay Microsoft and get screwed." Get your OS software for free, because it is nearly free when you buy a new PC. The entire expectation they are building into the market is "Our product and our word is worthless." Releasing this almost seems like an admission that they can't fairly compete in AV products.

Which also says to me "Illegal product dumping." Symantec and CA should sue them silly. This is definitely not a fair way to enter the AV market, not even for the "free" AV's because it absolutely kills their upsell business. I expect DOJ action, or a joint lawsuit on this. A class-action from the OneCare people wouldn't be out of the question either, if they aren't offering refunds to recent purchasers. This release is criminal, in my mind, and utterly undermines the concept of proprietary software that you pay for because it is worth it.

The message to the end-user is: "Our software is not worth buying." The message to the entire security sector is: "Thank you for covering our backsides for all those years, now piss off."

Ugly. This kind of bad faith could (and IMO should) hurt Microsoft. I don't know what they're thinking out in Redmond. They need to rally around the Windows 7 release, not insult vendors and their paying customers.

--
Toro

Re:Wait. What?

If MS do not bundle this product with Windows (which they are not doing) or 'promote' it through Windows Update or similar (they may or may not try this on), then they are *not* using their OS monopoly** to unfairly compete in another market and will not be subject to competition law action on this matter. If they do use Windows update to promote this product in any way, then they probably will face competition law action at least in the EU. The major AV suppliers will be watching MS like hawks.

I'm pretty sure the 'dumping' case cannot be made on its own since despite the 'upselling' point you make, it's still a fact that you can already get free non-MS anti-malware software which is highly functional and performs on a par with the paid versions.

**Monopoly: Legal definition, not necessarily 100% blah blah.

Re:Wait. What?

What the hell happened to Windows Live OneCare? You know, paying customers?

What does the MSE release say to the people who paid for that Microsoft AV program, among other OneCare services?

The message is pretty clear: "Pay Microsoft and get screwed."

They get to use OneCare until their current subscription runs out. No-one's getting screwed.

Re:Wait. What?

[Torodung]

Product dumping doesn't require a monopoly. It simply requires you to have enough capital reserves to run everyone else out of a market by deliberately selling your products at a loss.

This is clearly product dumping. It's not a tiered model like other "free" AV providers. They are putting money into a product and dumping it at a loss they have no hope of recovering.

When that kind of behavior runs competitors to the unemployment office, it is not altruism or quality control. It is "altruism and QA" out one side of their mouth, and a "f___king burial" for an entire industry out the other.

That is illegal.

I don't like it one bit. I'm no great Microsoft hater, but I can read the writing on the wall, and Microsoft has decided they're a security company. I've seen them do this before. They will keep system internals a secret so their AV "just works better" and run everyone out of Dodge. Both in cost, and with inside-track advantages.

This is DOJ material for "fair trade" abuse, not monopoly abuse. No one can begin to compete with them if they decide to dump a "free" AV product to combat exploits, and they keep the exploits a secret.

--
Toro

Re:Wait. What?

[Torodung]

If you bought a new car, and the next day the same company started giving them away for free, and it was clear to you that they had full knowledge of that plan, didn't tell you, and wouldn't take a refund, you wouldn't feel screwed?

Really?

Clearly, there is a huge price difference in this case and the time frame isn't as drastic. Malice and foreknowledge is not clear, but the principle is the same. People who recently purchased OneCare have reason to believe they are entitled to a refund, if only as a matter of "good faith" customer service.

This is at least unprincipled. Absent malice, it's totally legal, Caveat Emptor, but it stinks to high heaven. If it can be proven in a court that it was malicious and willful, then it is actionable as fraud.

So I'm sorry, but I take a rather dim view of your analysis. Consumers are entitled to a refund when they find out that they paid for something that they were told was useful and necessary, but turned out to be worth nothing.

It doesn't matter that it does what it's supposed to, if someone's holding out on you in a commercial transaction of this sort, that's wrong.

--
Toro

Re:Not hurting leet hackers, but fools and poor fo

[the_womble]

She is highly unlikely to be reliant on any industry vertical software or anything obscure like that (she probably just wants a web browser and email client), and would be much better off with a free OS.

There is no "cracked software"

[UBfusion]

Let's clarify one thing: the so-called "cracked software" is seldom distributed as already cracked - there are the installation files and a crack. The installation files are 99.9% of the cases clean (they are the company's originals) while the crack itself is sometimes infected by a malicious uploader and distributed in public p2p sites. In the original "scene" releases the cracks are clean, because they are tested beforehand by the distribution mechanism.

If the "crack" in fact is a serial, there are minimal chances of getting infected.

Therefore one does not get infected by "using cracked software" but by attempting to crack it.

This Pescatore guy ....

[heffrey]

seems a bit fishy to me ....

My XP computer was fucked by WGA

[aepervius]

It was in an infinite loop of "you already have a valid licence" and "please enter a valid licence". I googled to no result for a solution, then thought of installing anti-WGA, I even downloaded it. Instead I jumped the gun and installed Ubuntu. After having used it for quite a long time now, I can definitively say it is not user friendly (try changing owner without going in the CLI...). But that is not the point. Now as a normal user I got fucked out of a valid functionning (OEM) PC. So this step of not serving patch or enhancement to "pirate" software can even hurt normal buying user of the software. WGA is not 100% functionning, and that is a fact.

OK, let me get this straight

[cheros]

MS, the company that makes code that is so deficient it's a wide open door to virus infections, stops people that use an illegal copy (or simply refuse to allow WGA on their system for reasons that really don't need repeating) to download the software that is alleged (not proven yet) to make the system more secure. Thus, of course, exposing those that play by MS' rules exclusively.

Hello WGdA (Windows Genuine disAdvantage), your makers found a new way to ram it down people's throat. Not sure it will work, because at least the anti.virus market will still have somewhat longer to live. Expect MS to buy one of them soon.

You know, I also use Linux. Seems a safer bet day by day. Hell, I may even buy a Mac..

Yes, I'm in the "let them have it" camp. Botnets are made out of unsecured systems.

Every time!

Everytime MS do something new they go through this dance.
And then someone points out that their OS is such a lame piece of shit that to do this is tantamount to denying a section of the population from needful protection which in turn puts everyone else at risk and the whole thing goes out the window again.

Why do they bother?

A way to defuse the security criticism on Windows?

[golodh]

There might be another, less charitable, explanation for Microsoft's decision. I know nothing certain about Microsoft's real motives so I will be speculating a bit as follows.

Everyone knows that MS Windows is the main host of botnets, zombies, and general malware on the Internet. Hardly a month passes without Microsoft patching yet another "critical vulnerability". Unfortunately there are reasons why MS Windows is more vulnerable than e.g. MacOs, Unix, FreeBSD, or Linux. For one thing, MS Windows (until Vista) was never designed from the ground up for multi-user operation, security was ever tacked on as an afterthought, the architecture of MS Windows with its miriad add-on's (that tend to carry out _system_ tasks) and the (deliberately) tight coupling between MS Windows and MS applications conveniently makes for multiple points of attack, and once a process is suborned by an attacker there is nothing in MS Windows architecture that's designed to contain it or stand in its way. That's why we see so many infected Windows PC's on the Internet.

Oh yes, there are those who hold that e.g. Linux would suffer the same level of penetration had it had the same level of penetration on the desktop but the fact that about 60% of all Internet traffic is handled by Linux machines (which are far less often compromised) pleads against that. It's not exposure that does it but architecture (and the quality of administration, but that's another issue).

So that being the case, what would benefit Microsoft more than to be able to cast doubt on tales of machines being infected and taken over as "Probably pirated copies; legal Windows versions are protected by MS security updates."?

That would give Microsoft a good reply when called out over the insecurity of MS Windows (e.g. when a large organization is considering what OS it should use in the next 10 years).

What do you think? Might I be anywhere near the mark?

Why are you whining?

[GeekDork]

Let's put this straight: This is about people running software that they're not entitled to run. Simple as that. Yes, they made a choice to do so. First, everybody was whining when Microsoft tried to more or less disable those systems, so MSFT stopped the practice. Now you're whining because MSFT is not handing out free software to those leeches? Get a fucking grip on reality! In my opinion, everybody complaining about things like those is more part of the problem than anything.

Re:Why are you whining?

Never been WGA-bitten I see! When you are, remember--don't whine--just pay again!

So what?

[Arancaytar]

I think IP law is in need of heavy reform, and I can even understand (though not condone) people downloading creative works which have no direct alternative. But... Windows? Why steal crap when the free stuff is better? Even if your company forces Windows onto you, your employer could buy it for you.

Sorry, I really see no reason to run counterfeit Windows that makes sense even disregarding the law.

XP Downgraders = Pirates?

[CuteSteveJobs]

Many people wiped their more expensive copy of Vista with XP. Microsoft only allowed some customers to do this "legally". Does Microsoft consider the other XP Downgraders to be pirates?

Newsflash: Pirates dont care.

This is NOT what happens:
1. Pirate steals windows.
2. Pirate thinks, oh crap, no anti-virus, must buy windows.
3. Pirate not a pirate any more.

This IS what really happens:
1. Pirate steals windows.
2. Pirate steals commercial anti-virus software.
3. Yahrr, drinks rum.

The pirates better watch-out...

[Shamenaught]

...or they might miss the chance to infect lots of computers with malware! Seriously, it's not like people are going to stop pirating windows.

The pirates who seed the software, or the people who run the tracker, could conceivably log the IPs of the people who download their windows torrent.

Scroll forwards a month or two to the next SMB2-grade bug: Bam, the hackers have a list of ip addresses for people who are likely to be using un-patched versions of windows.

As if they can block them

[Lord+Lode]

MS also blocks pirates from installing an illegal copy of Windows, but yet they do it. I'm sure they can also install an illegal copy of the Security Essentials Software. If they want to.

Updates are socialism...

software innoculation for pirates is SOCIALISM.

Say no to islamo-fascist, socialist/communist nazi software updates for pirates.

Vote Republican

Oh, how nice!

[Hurricane78]

Then I don't have to manually deselect them from the crap folder in windows update. :D

And the payers as usually are the punished ones.

Re:Oh, how nice!

[pandrijeczko]

But perhaps you'd like to manually go get yourself a backbone so that you can demonstrate some strength of character...

Don't like Windows or don't want to pay for it? Then don't use it, get off your backside and spend some time learning about a free alternative like Linux or BSD.

Smart-mouthed idiots like you just give the evil corporations the justification they need to stick on DRM and all manner of protection that make it bad for legitimate users as well.

So please don't expect me to be impressed because when it comes down to it, if you're a pirate then you're a jerk.

Re:Oh, how nice!

God, nerds are fucking pathetic.

Seriously, read that out loud to yourself and try not to feel like a fucking embarrassment to humanity. Think before you write. "Please don't expect me to be impressed," indeed. I suppose I shouldn't expect much of a personality out of a guy who actually describes HIMSELF as "a middle-aged, overweight fat computer bloke," I'm guessing neither you nor a woman have seen your dick in the last ten years. That have something to do with your little attitude issue, maybe? Or are you one of those arrogant douchebags who looked up Asperger's on Google and decided that it excused you for being an insufferable prick?

Re:Oh, how nice!

[pandrijeczko]

Wow, you have some serious anger issues, my friend.

Not that I care what you personally think about me, least alone the fact you lack the backbone to post under anything other than AC, but just for your information, I've now been with my woman for 18 years and we're still happy and in love.

Perhaps if you yourself had any kind of sense of humour or intelligence, then you would recognise that my describing myself as a "middle-aged, overweight fat computer bloke" is perhaps just me poking fun at myself a little, because I have enough personality to be able to take criticism as well as dish it out.

And I managed to type all of that without needing to fire any abuse back at you as well - so I guess that makes me better than you and gives me a victory.

Seeya.

Hurt pirates? Who have it helped so far?!?

[MartinSchou]

Seriously, how long has Microsoft Security Essentials been on the market? Ten hours? Twenty?

How the hell can a piece of software that hasn't been on the market for more than a day or two have helped anyone, let alone hurt others?

WGA is not flawless...

[guabah]

Real pirates know how to fool WGA and still get WSE.

They will remove this restriction like last time

They tried this before by blocking windows updates / patches, and also on IE versions.

They quickly unblocked them :)

They will do the same here again, history repeats.

Re:Not hurting leet hackers, but fools and poor fo

You actually let her save up and waste her money on a Windows License? And you think you were being KIND by installing it for free?

You could have just taken a small amount of time to show her this new thing... it's called Linux and it's free and easy to use. Talk her through what she normally does (I doubt an old lady NEEDS Windows in the same way some people do)

Jeez. She could have saved the money for her Winter fuel bills or something.

Blocked? I don't get it.

[SuseLover]

I just went to the MS site and simply downloaded the MSSE from a Linux system. Is there something in the installer that will not let it install on a non-WGA system?

WGA doesn't detect correctly anyways.

Real pirates will simply use a Volume Licence key, that WGA doesn't block. And if your network is mixed with genuine licences, then a botnet could infiltrate those comming from the one without security software. So they should include it for all.

Exactly how the WoT works

[fast+turtle]

Great Analogy/explanation of the Web Of Trust for Joe Sixpack/Soccer Mom. I'm going to steal it for the classes I teach on basic computer usage. Maybe I'll finally be able to get some more folks to digital email certs.

I agree with MS

I agree with MS on this. AV software in the scheme of virus and malware protection is low on the list of how to protect a pc. It is patching that keeps a machine from being vulnerable in the first place and MS does allow any machine to receive patches, pirated or not. So if you have a pirated copy of windows and you are keeping it patched, then you should (if you want) purchase your own AV solution, whether it's MS Security Essentials or one of the other free or paid AV applications.

No they couldn't!

Think about it, Microsoft could eliminate 99% of piracy overnight by using harsh copy protection combined with mandatory Genuine Advantage plus a couple of targeted logic bombs launched against a few of the more flagrant pirate copies.

"Harsh copy protection" does nothing but annoy legitimate users. The pirates can easily remove it.

The rest of that sentence shows a total lack of understanding of the realities of large-scale software development and deployment. If Microsoft put out a deliberate logic bomb onto tens of millions of machines, it is *virtually guaranteed* that some of those machines would be legitimately licensed copies that were bought and paid for by their users (or a corporation). There are thousands of possible Windows configurations, and if there was even one false positive (and I assure you, there would be) then Microsoft would be fucked because their innocent victims would sue them back to the Stone Age. At the very least, the class action lawsuit would extort a huge pile of settlement money from them and dissuade them from ever trying something so brazen again.

Re:No they couldn't!

[jmorris42]

> "Harsh copy protection" does nothing but annoy legitimate users. The pirates can easily remove it.

Of course the hard core pirates would remove it. Wouldn't matter. That step is only intended to stop casual duplication of the media. OEM preloading has already stopped 90% of owners from ever getting a clean install disc, this would stop another few percent. Just an incremental step. A windows install disc is something a legit user might need a dozen times in the life of a version of Windows so the reliability hit from the copy protection won't harm a legit user. The original media isn't likely to go defective, unlike a game that usually needs to be inserted every time you run it.

> The rest of that sentence shows a total lack of understanding of the realities of large-scale software
> development and deployment. If Microsoft put out a deliberate logic bomb onto tens of millions of machines,
> it is *virtually guaranteed* that some of those machines would be legitimately licensed copies that were
> bought and paid for by their users (or a corporation).

Ah, but follow the logic I laid out. The copy protection stops the supply of casual copied media forcing pirates to the 'bay... or whatever replaces it now that it is going tango uniform. Microsoft itself just supplies a good percentage of the high quality pirate copies through black ops. Good stuff, clean cracks, sure to get a good reputation and be widely downloaded. Or they just download the cracked copies others release. Then identify the changed bits and build a database of changes in files that they can ensure NEVER appear in official pressed copies or masters given to OEMs. Then release updates that identify one of them and go FOOM! Release new game titles[1] that during installation and/or runtime identify one or more known bootlegs and release a time delayed kaboom so that the source of the bomb isn't easilly identifiable. Put keygens out that make good keys but with 100% identifable flags and after a suitable delay Kaboom!

Make sure every bomb goes off in a way that it is obvious that it detected a pirate copy so as not to just increase the reputation of Windows as unstable. By going at it this way the false positive rate would be as close to zero as possible, and even then it would be dealers selling bootlegs, rogue IT folk installing booteg copies, often just to get around the scarcity of official media.

Copy protection on a game fails and annoys the legal user because the use pattern is very different from an OS. Excepting games with extensive online content (and they aren't pirated often) the vendor gets few opportunities to detect piracy after the sale. An pirated OS can be detected every time a new executable is installed, at every errata update, etc. It would be fairly easy to scare most people away from a bootleg copy. Microsoft COULD reduce piracy to a single digit problem but they would be fools to do it. Because if they make the price of piracy high enough it won't force many people to buy a copy, instead they will install something else and that idea is the most horrible thing they can imagine.

[1] Especially when done in cahoots with third parties. Whether they know or not, how many games include updated .dll files or new DirectX versions, etc.

Re:Not hurting leet hackers, but fools and poor fo

[farbles]

I did suggest it. Seniors in my experience rely a lot on other seniors for support and while I agree with you that Linux is a good solution, in this case, it doesn't have the market penetration in this demographic it would need to in order for all her friends to be running it. Also, and I speak from experience here, setting up dialup internet access on Linux is a freaking nightmare since it is all but impossible to set up the vast majority of modems. Linux works great if you have highspeed but if you can afford highspeed, you can also afford Windows and new hardware.

It also needs to be said that support for Linux bites hard. When it's been set up properly and works great it's wonderful. When it isn't working properly it can be very user-hostile and difficult to trouble-shoot, especially for the novice computer user who already has a hard time grasping the difference between left and right mouse clicking, let alone figuring out using terminal and finding and typing in long strings of arcane commands.

I had this very conversation yesterday with a senior who insisted that left mouse is the one that always double clicks was too complicated. They said it was easy for people like me who knew computers but for someone like them it was impossible to grasp. I should send them to RTFM and decypher man pages? R-i-i-g-g-h-h-t But hey, maybe you know a sharper class of seniors than I do.

I'm not trying to start a Linux-Windows flame war, but Linux is not a one size fits all solution, at least not yet.

Logic Fail

[bitspotter]

'I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users]'

Kind of like you can't see any justification for making Microsoft give a away... say... Windows?

And yet, pirates continue to manage getting copies of it.

Before you explore arguments about why to do or not do something, maybe you better work on the HOW first.

Re:Woah! Really?

[zlogic]

You can download the software without any problems. Validation is made during installation, so a crack would still be needed.

How often do you miss the point?

[Uberbah]

Let's put this straight: This is about people running software that they're not entitled to run. Simple as that.

Hardly - it's about the Windows ecosystem. Legitimately purchased (but vulnerable) Windows PC's can get viruses from pirated copies of Windows just fine. If pirated copies can be patched, it will mean fewer hassles for Microsoft's paying customers.

It's sort of like if Republicans wanted to deny flu vaccines to illegal immigrants - it's cutting off one's nose to spite one's face.

Re:How often do you miss the point?

[GeekDork]

Hardly - it's about the Windows ecosystem. Legitimately purchased (but vulnerable) Windows PC's can get viruses from pirated copies of Windows just fine.

I kind of see what you tried to do there... but if your fully patched legitimate copy is vulnerable, then how would a fully patched illegitimate copy help anyone?

Re:How often do you miss the point?

[Uberbah]

I kind of see what you tried to do there... but if your fully patched legitimate copy is vulnerable

Because not every legit copy is fully patched? You have users who never update, users who can download hundreds of megabytes of updates on slow connections, and users who don't install updates because they don't want to patch production machines unless they have to.

And aside from all that, there's the issue of spam. How much time, bandwidth and money does Microsoft waste filtering out spam on Hotmail that originated from compromised PC's?

Re:A way to defuse the security criticism on Windo

[Uberbah]

Oh yes, there are those who hold that e.g. Linux would suffer the same level of penetration had it had the same level of penetration on the desktop but the fact that about 60% of all Internet traffic is handled by Linux machines (which are far less often compromised) pleads against that. It's not exposure that does it but architecture (and the quality of administration, but that's another issue).

The best example is Microsoft's IIS, back in the day. It had far more exploits than Apache, even though Apache had far larger market share.

Re:Updates are socialism... [Free updates anyway]

[ancientt]

Capitalists believe in doing what makes the most sense financially. Smart capitalists believe in doing what makes the most sense financially for the long term. Capitalists want you to give them your money for whatever reason, socialists take your money because they deserve it.

Microsoft has been accused, sometimes justly, sometimes unjustly, of being greedy. Their best business decision is to spend as little as possible to make as much profit as possible. In Windows 3.1 they didn't need to care about security to make as many sales as possible. In Windows 95 and 98 they did need to care, but convenience was far more important to the average user. (Ignoring ME* since everyone else did.) By the time they released Windows XP, security was an issue that they had to care about, but they also had to try to avoid alienating their customer base, so they tried to keep the convenience of previous versions. Windows Vista was the first version where security was placed ahead of convenience and it cost them a tremendous amount of public support, but it did change the expectations placed on software developers. With Windows 7 they are gambling that enough has changed so that the security of the system is mature enough to minimize inconvenience and that the inconvenience of the system will not be significant to the average user.

Now Microsoft is poised to release their new more secure operating system model, with some maturity thanks to Vista, at the same time they are trying to push consumers away from their older convenience model. They need the average consumer to see the remodeling of the operating system as a benefit rather than an inconvenience. Releasing an antivirus makes the news, it catches attention and creates a need for security in the consumer, one that they can partially satisfy with the addition of an antivirus product from the company they already trust (observation of opinion, not observation of merit.)

Now the average consumer who never wanted to think about security is given a push to think about it because to do otherwise is to reject a free product from a company they trust. Once they start thinking about it, they have a need that Windows 7 can be marketed to.

Whether this helps the IS ecosystem is irrelevant to the profit margin. The average buyer of MS products doesn't know about or care about the IS ecosystem. The fact that this improves the ecosystem doesn't affect profits, but providing it to non-potential customers would.

Vote Republican - increase Microsoft's ability to focus on profits
Vote Democrat - increase Microsoft's ability to game the system
Vote Libertarian - be ignored by Microsoft and most everybody else**
Vote otherwise - be ignored by absolutely everybody else
Don't vote - thank you for your tax dollars, your opinion means nothing

* - ME is ignored as it was, like Vista, a maturity stepping stone toward a later goal.
** - I voted mostly Libertarian last election because I hate the system and would rather make a tiny difference toward improvement than none at all.

Re:Wait. What? ohhh shiny!

[ancientt]

Most people weren't aware of OneCare. The message didn't change, it is and was "Buy Microsoft, everybody else does."

Most people don't think... that's it. Most people don't have an opinion on Microsoft's word or whether it is worth buying or how their decision to purchase a new PC with Windows affects anything. Most people don't know anything about security, don't care and don't want to do either one.

Free antivirus creates an interest in people who weren't aware of a need. Windows 7 satisfies that need, and if it comes with free antivirus, all the merrier.

Microsoft doesn't care about your personal opinion of them because your opinion has an effect measured in the hundreds at best and they're worried about sales to millions. What they care about is giving people a reason to buy something, in specific Windows 7, and caring even a tiny befuddled bit about security helps solidify that reason.

I am Soooo sorry Micro$oft...

I am so sorry Micro$oft. You software did run on my pirate copy of Windows, but didnt do a good as job as my free solutions, so I deleted it, and reinstalled my free solutions.

Microsoft totally *missed* a trojan horse waiting to happen! Saweeeeet! Got it in time, thanks to a another free solution.

You see, If microsoft actually ACOMPLISHED something in say the way of security, instead of overcharging for medocire products, they would never have to either deal with pirates, ( I would have purchased the software IF it was well made. Hell, I spend at least $400/mo on Adobe Products! ), and they would have a much more loyal customer following.

My server also runs Red hat, is supported by the vendor (HP) and has never needed either anti-virus software or any crap like that. I installed tripwire off the distrubution CD, and never ever had a security problem, and probibly never will. ( btw, RedHat also came with a great tee-shirt! )

Screw U micro$oft and the horse you rode in on. ( btw, I distrubute all patches that require validation... so No, pathces are available else where... ). Now jump back on that POS and ride it back to where you came from.