Slashdot Mirror
Microsoft Blocks Pirates From Security Essentials Software
CWmike writes "Microsoft will block users running counterfeit copies of Windows from installing the free Security Essentials antivirus software, said Alex Kochis, director of Microsoft's Genuine Windows team, in a post to a company blog. On-again, off-again debates about the wisdom of blocking security-oriented downloads like patches or defensive software have centered around the argument that Microsoft should protect all users, including pirates, since hijacked PCs threaten the entire Windows ecosystem. In this case, though, one analyst isn't buying that line. 'I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users],' said John Pescatore, Gartner's primary security analyst. 'Those people have many other choices, including free. There are plenty of alternatives to Security Essentials,' he said, adding that that makes a difference. Windows patches, on the other hand, aren't available from anyone but Microsoft."
Anyone running pirated versions of the OSs eligible for MSE will probable have cracked WGA, and will be able to install this if they wish.
Do what thou wilt shall be the whole of the Law
The biology equivalent would be if someone sneezed in Beijing and you got the flu in Denver.
I've never purchased a copy of Windows before, but the experience I got from Windows 7 Release Candidate caused me to buy it. I'm certainly not the only one. There are definitely a nonzero amount of customers that can be gained by giving users something they don't feel cheated in paying for.
Yeah, i keep hearing that repeated. "you are more likely to be infected using cracked software"
I've pirated (and bought) a large variety of software in the last 15 years. And the one time i have ever been infected. it came from a piece of commercial software right on the cd.
The 'pirates' and cracked software are WAY more trustworthy than any company out there. It only takes one or two bad comments to make people avoid using that cracked piece of software. With commercial software it takes thousands of bad installs before it makes the news and people avoid a bad piece of commercial software.
Just having a more tech savy audience the cracked software will be subect to far more scruntity than anything you'd buy off the shelf.
The problem is that Windows is intentionally designed to be easy to crack, as a marketing tool. They wanted it to spread as wide as possible. In former Soviet Union about 99% of Windows are cracked versions.
Now they stop critical updates because they want the bot-nets to grow and make the Internet unusable, because they are losing in the Internet to Google. So they destroy the Internet, and the world is returning to the Desktop.
It is quite possible. For example, I cannot already use the torrent, if I use it, then my provider disconnects me next day for several hours. Crime and punishment.
I begin to see a new meaning in the words: The freedom is not free.
Reducing the number of machines able to be infected reduces spread rate, which increases security since those who do get infected can get rid of it before it finds another host more often.
You forget that geometric progressions don't much care for the spread rate. Let's assume a few things:
1. We want to query every single IPv4 address space (brute force and stupid, since only a little over 2^27, 75%, is actually in use in some fashion).
2. We're going to say that 90% of the machines out there run Windows. Actual estimates vary.
3. If an infection is timed correctly, even an out of band emergency patch will hit less than half of all machines. So, a worm has 30 days to spread between Patch Tuesdays.
4. For the sake of simplicity, I'm going to assume everyone's bandwidth is a mere 10KB/s bidirectional.
5. Also for the sake of simplicity, I'm going to say that it takes 10KB of data to probe a machine to see if its infected.
6. At any given point in time, I'm going to say only 5% of machines on the internet are accessible (turned on, and can receive connections). I have no factual basis for this -- it's an assumption.
So based on 4 & 5, I can make 1 probe attempt per second.
Last, a disclaimer -- I do not know much about statistics. If I made a mistake, sorry.
So, in a day, a single machine can probe 86,400 IPs, probing the space in a random fashion. Of those, 64,800 (75%) are "in use" in some fashion. 58,320 (90%) of those run Windows. And 2,916 are turned on and receiving connections. 1,458 (half) are unpatched for the first 30 days of the spread. It manages to infect 2 machines in the first hour it runs (rounded down; is actually about 2.5) The next hour, 6.25 machines are infected, and so on and so forth. In 24 hours, 3.5 billion machines have been probed and infected.
Geometric progressions like this are the reason why statistics like "An unpatched windows machine directly connected to the internet is compromised within 8 minutes" exists. The premise "Reducing the number of machines able to be infected reduces spread rate, which increases security" is not valid -- because the spread rate is almost completely irrelevant. Even if I say only 1 machine per hour is infected, in just over 30 hours we have the same number of infected machines -- even though we cut the rate from 2.5 to 1.
If you want to make a difference -- reduce the window of opportunity; PATCH NOW. The rate is wholly irrelevant.
#fuckbeta #iamslashdot #dicemustdie