Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Blocks Pirates From Security Essentials Software

Posted by samzenpus on from the not-for-you dept.

CWmike writes "Microsoft will block users running counterfeit copies of Windows from installing the free Security Essentials antivirus software, said Alex Kochis, director of Microsoft's Genuine Windows team, in a post to a company blog. On-again, off-again debates about the wisdom of blocking security-oriented downloads like patches or defensive software have centered around the argument that Microsoft should protect all users, including pirates, since hijacked PCs threaten the entire Windows ecosystem. In this case, though, one analyst isn't buying that line. 'I can't see any justification for making Microsoft give away Security Essentials [to counterfeit Windows users],' said John Pescatore, Gartner's primary security analyst. 'Those people have many other choices, including free. There are plenty of alternatives to Security Essentials,' he said, adding that that makes a difference. Windows patches, on the other hand, aren't available from anyone but Microsoft."

21 of 291 comments (clear)

  1. Herd immunity by shipbrick · · Score: 5, Informative

    With vaccination, this is known as herd immunity. Basically, even if an individual is not vaccinated (or virus/malware/etc protected in this case), by virtue of others being vaccinated, there is less chance the non-vaccinated will become infected since there are less people who they are coming into contact with who are harboring the virus. Following with this, the greater the number of immune, the less likely the unprotected will become ill.

    I strongly suspect the same concepts would apply to computers, and allowing pirates to have this protection would indeed provide greater security to ALL the unprotected windows users. Thus, the choices for MS are 1) increase security for all users (paying or not) by allowing even pirates to download in order to increase the protection via herd immunity or 2) increase company profit by trying to coerce hackers into buying a copy by not allowing them this download. Since the latter will never happen, all MS is really doing is simply missing an opportunity to increase security because they *think* they can increase profit. Alternatively, maybe they think they are simply teaching those pirates a lesson, but sadly it would be at the expense of others.

    1. Re:Herd immunity by blackraven14250 · · Score: 4, Informative

      What?

      More infected machines = more machines doing said attacking

      If you have 1 machine infected, you have 50 connections. If you have 10, you have 10 fold the number of connections, which makes it easier for them to find the 25% of machines (that's a steady number) that are unprotected. Reducing the number of machines able to be infected reduces spread rate, which increases security since those who do get infected can get rid of it before it finds another host more often.

      In biology, that would be the equivalent of changing the time between the symptoms' appearance and the patient's becoming contagious, assuming symptoms come before someone is contagious. If you have a longer timeframe, the virus is more likely too be killed before it infects someone else. The same applies here, in exactly the same way.

    2. Re:Herd immunity by Jurily · · Score: 4, Interesting

      The biology equivalent would be if someone sneezed in Beijing and you got the flu in Denver.

    3. Re:Herd immunity by Anonymous Coward · · Score: 4, Interesting

      Yeah, i keep hearing that repeated. "you are more likely to be infected using cracked software"

      I've pirated (and bought) a large variety of software in the last 15 years. And the one time i have ever been infected. it came from a piece of commercial software right on the cd.

      The 'pirates' and cracked software are WAY more trustworthy than any company out there. It only takes one or two bad comments to make people avoid using that cracked piece of software. With commercial software it takes thousands of bad installs before it makes the news and people avoid a bad piece of commercial software.

      Just having a more tech savy audience the cracked software will be subect to far more scruntity than anything you'd buy off the shelf.

    4. Re:Herd immunity by DJRumpy · · Score: 4, Insightful

      You're implying that cracked software could be evaluated by the 'tech crowd'. I've never seen a cracker release the source code for their cracks.

      You are essentially trusting a complete stranger (from the internet no less) with no responsibility, visibility, or accountability, and running an unknown executable. That is not safe.

      Even the cracker/warez websites themselves are typically loaded with malware, spoofing/phishing attempts, etc.

      They have a bad reputation for a reason.

    5. Re:Herd immunity by girlintraining · · Score: 4, Interesting

      Reducing the number of machines able to be infected reduces spread rate, which increases security since those who do get infected can get rid of it before it finds another host more often.

      You forget that geometric progressions don't much care for the spread rate. Let's assume a few things:

      1. We want to query every single IPv4 address space (brute force and stupid, since only a little over 2^27, 75%, is actually in use in some fashion).
      2. We're going to say that 90% of the machines out there run Windows. Actual estimates vary.
      3. If an infection is timed correctly, even an out of band emergency patch will hit less than half of all machines. So, a worm has 30 days to spread between Patch Tuesdays.
      4. For the sake of simplicity, I'm going to assume everyone's bandwidth is a mere 10KB/s bidirectional.
      5. Also for the sake of simplicity, I'm going to say that it takes 10KB of data to probe a machine to see if its infected.
      6. At any given point in time, I'm going to say only 5% of machines on the internet are accessible (turned on, and can receive connections). I have no factual basis for this -- it's an assumption.
      So based on 4 & 5, I can make 1 probe attempt per second.
      Last, a disclaimer -- I do not know much about statistics. If I made a mistake, sorry.

      So, in a day, a single machine can probe 86,400 IPs, probing the space in a random fashion. Of those, 64,800 (75%) are "in use" in some fashion. 58,320 (90%) of those run Windows. And 2,916 are turned on and receiving connections. 1,458 (half) are unpatched for the first 30 days of the spread. It manages to infect 2 machines in the first hour it runs (rounded down; is actually about 2.5) The next hour, 6.25 machines are infected, and so on and so forth. In 24 hours, 3.5 billion machines have been probed and infected.

      Geometric progressions like this are the reason why statistics like "An unpatched windows machine directly connected to the internet is compromised within 8 minutes" exists. The premise "Reducing the number of machines able to be infected reduces spread rate, which increases security" is not valid -- because the spread rate is almost completely irrelevant. Even if I say only 1 machine per hour is infected, in just over 30 hours we have the same number of infected machines -- even though we cut the rate from 2.5 to 1.

      If you want to make a difference -- reduce the window of opportunity; PATCH NOW. The rate is wholly irrelevant.

      --
      #fuckbeta #iamslashdot #dicemustdie
    6. Re:Herd immunity by Zedrick · · Score: 5, Insightful

      Crackers have a reputation to uphold. I trust some cracking groups more than Microsoft, Apple and Symantec. I've "known" some of them since the Amiga-days, and know that they would never risk their reputation by releasing stuff infected with malware. Shady companies do that, not well-known crackers. Fairlight, Razor 1911 and Skid Row has very good reputations, I'd trust them over Google any day.

      These "cracker/warez websites" you mention is a different matter, they have nothing to do with the actual crackers - no reputable cracking group has a website where they release their (illegal) stuff, everybody knows that. On a site like that you're just as likely to find infected OSS, anything that they think clueless newbies will download will be infected.

  2. I sort of agree by sabernet · · Score: 5, Insightful

    John Pescatore makes a good point. AVG, Avast, etc... are all free antivirus. When MS withholds patches, it can lead to stronger botnets and ID theft. However, antivirus applications are plentiful and the money MS will be investing in this thing makes them justified in not wanting to simply give it away.

    As much as I hate to say it, I won't blame Microsoft for this move.

  3. Who exactly are the going to be blocking? by mister_playboy · · Score: 4, Interesting

    Anyone running pirated versions of the OSs eligible for MSE will probable have cracked WGA, and will be able to install this if they wish.

    --
    Do what thou wilt shall be the whole of the Law ::: Love is the law, love under will
  4. Piracy love/hate by jmorris42 · · Score: 5, Insightful

    The problem is microsoft has a love/hate relationship with the pirates. They have an absolute need for piracy to be possible but not to become attractive enough (in the first world) to become popular enough to eat into their profits overmuch.

    Think about it, Microsoft could eliminate 99% of piracy overnight by using harsh copy protection combined with mandatory Genuine Advantage plus a couple of targeted logic bombs launched against a few of the more flagrant pirate copies. Problem is most pirates these days either built their PC from scratch (else they would have been force fed a license) or bought a PC from a pirate. The DIY crowd is too influential to piss off and what they are doing already stops the bulk of the chopshop pirates in the developed world. If they make pirate windows too unstable in the third world where it is popular they simply can't pay so would be driven to look for alternatives.... and would find them.

    So this move is easily understandable, it gives the pirates a nudge but won't overly annoy any of the major groups who pirate. The DIY type who pirates Windows because those guys pirate everything just for fun will have little trouble finding cracked copies of whatever they have been using. At all appearances nobody in the secondary markets updates anything on their damned machines already, considering how much crap spews out.

    --
    Democrat delenda est
  5. OH NO! by Murdoch5 · · Score: 4, Insightful

    Wait I run Linux, thank god I'm already safe!

    1. Re:OH NO! by apoc.famine · · Score: 4, Insightful

      Probably not. At bare minimum, this means more botnets members available to spam whatever email accounts you use.
       
      Directly safe? Sure. Same as myself, and a lot of others. But indirectly, this doesn't help anyone but people running botnets. It's far more work to deny security updates to some users than it is to just give them to all users. And it's strategically a poor decision because of the INCREASED risk to the protected machines due to the attacks from the unprotected ones.
       
      If this works, and you push it to everyone, you cut down on spam, attacks on your protected machines, and overall, you make the internet a little better place. And before anyone beats me to it, I know damn well that MS and "make the internet a little better place" don't belong in the same paragraph. Bitterly, I wonder if their goal of destroying the internet had any basis in this decision.

      --
      Velociraptor = Distiraptor / Timeraptor
  6. Re:*Takes stolen car to dealership for a repair* by maugle · · Score: 4, Insightful

    Except it's not the pirates with pwned machines that suffer, it's whoever the machines are currently targeting. Denying pirates security just increases the size of some Russian guy's botnet and makes life a little nastier for everyone, but it doesn't affect the pirate himself very much.

    Of course, this is all assuming the pirated copy didn't come pre-infected...

  7. Re:I agree with Pescatore, but... by Fluffeh · · Score: 4, Insightful

    I don't know about you, but it seems that people who pirate windows would be the IDEAL people to give this to. I mean, it's a partial market segment you have right there. On one hand they aren't convinced that they want to BUY your product, but on the other hand they are using it - meaning that they are already identified as a very potential customer. I know I may be a bit utopian in my thinking, but wouldn't giving these users a good customer experience (as Microsoft calls it) the best way to convince them that they should in fact go out and buy the software - perhaps not even now, but the next time they upgrade their systems?

    --
    Moved to http://soylentnews.org/. You are invited to join us too!
  8. Re:I agree with Pescatore, but... by LinkX39 · · Score: 5, Insightful

    I know I may be a bit utopian in my thinking, but wouldn't giving these users a good customer experience (as Microsoft calls it) the best way to convince them that they should in fact go out and buy the software - perhaps not even now, but the next time they upgrade their systems?

    No, it would more likely convince them that "hey, I got this great customer experience without even ever spending a dime, why spend money for what I can continue getting for free?" Not that I disagree (or agree for that matter) with allowing pirated users the option to use the software, I just think your logic is off.

  9. Not hurting leet hackers, but fools and poor folks by farbles · · Score: 4, Insightful

    I don't see that many pirated Windows installs but the ones I do see are all from poor people who were given a bootleg XP or Windows 2000 disk with no product code and no questions asked. I mean, fair is fair and Microsoft is selling a product as a business not giving away their OS as a charity but in my experience the people they're hurting are the ones least able to help themselves.

    The poor people I'm talking about here are usually seniors with little computer knowledge using out of date hardware and single parent families with few resources. They're not buying new computers and $150 for a Microsoft OS is too steep for their budget.

    They're not leet hackers laughing at Microsoft, they're simple folk. One little old lady who had her computer in was completely horrified when I told her that her Windows was pirated, she literally had no idea. Our policy is we don't help you once we discover your Windows is pirated for the simple reason that we have no way of knowing what has been done to the OS or what has been corrupted or is missing. In that case she came in a couple of months later with a legal Windows disk she'd saved up and bought and I installed it for her gratis. I know the price tag hurt her though but she would have no truck with illegal Windows.

    Anyway, my point is that these folks are for the most part clueless and are ripe targets for botnetting since they lack the knowledge to acquire and keep an AV updated on their own. Free Avast and Free AVG are available to them but without handholding they'd never figure out how to jump through the hoops to download, install and set these up. The beauty of Microsoft Security Essentials is that they've made it pretty much self-running and idiot-proof. Like I said in my post yesterday, I'd push it out to everyone not already running an AV if I were Microsoft. It increases the general health of the Windows eco-system, makes Windows more secure and run better as a result, which in turn makes the Windows experience better for everyone and increases the likelihood of Windows purchases down the road through good word of mouth.

    The leet hackers have the tools to look after themselves. If it were just them running pirated Windows, I'd agree with Microsoft and say stuff 'em. It's not though and things look a lot different on the bottom of the food chain; it's those most unable to protect themselves who get hurt the most.

  10. Non-WGA does not mean counterfeit by markdavis · · Score: 4, Informative

    "Microsoft will block users running counterfeit copies of Windows..."

    No, try this rewording instead:

    "Microsoft will block users not running WGA certified copies of Windows..."

    It can be non-counterfeit and yet not registered or certified by the Windows Genuine "Advantage" stuff. It can even be non-counterfeit and REJECTED by WGA.

  11. Pirates? by twocows · · Score: 5, Funny

    True pirates will use Avast! anyway.

  12. Re:I agree with Pescatore, but... by runningman24 · · Score: 4, Interesting

    I've never purchased a copy of Windows before, but the experience I got from Windows 7 Release Candidate caused me to buy it. I'm certainly not the only one. There are definitely a nonzero amount of customers that can be gained by giving users something they don't feel cheated in paying for.

  13. The freedom is not free. by Max_W · · Score: 5, Interesting

    The problem is that Windows is intentionally designed to be easy to crack, as a marketing tool. They wanted it to spread as wide as possible. In former Soviet Union about 99% of Windows are cracked versions.

    Now they stop critical updates because they want the bot-nets to grow and make the Internet unusable, because they are losing in the Internet to Google. So they destroy the Internet, and the world is returning to the Desktop.

    It is quite possible. For example, I cannot already use the torrent, if I use it, then my provider disconnects me next day for several hours. Crime and punishment.

    I begin to see a new meaning in the words: The freedom is not free.

  14. Re:Not hurting leet hackers, but fools and poor fo by the_womble · · Score: 4, Insightful

    She is highly unlikely to be reliant on any industry vertical software or anything obscure like that (she probably just wants a web browser and email client), and would be much better off with a free OS.