Slashdot Mirror
Microsoft Links Malware Rates To Pirated Windows
CWmike writes "Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches. 'There is a direct correlation between piracy and the malware infection rate,' said Jeff Williams, head manager of the Microsoft Malware Protection Center. Highlighting research that showed worms to be the most prevalent computer security problem today, Williams said the link between PC infection rates and piracy is due to the hesitancy of users of pirated software to use Windows Update. China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate — as defined by the number of computers cleaned for each 1,000 executions of the MSRT — of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."
So malware is Microsoft's fault for not patching pirated machines? Or did I miss something...
Including Windows Genuine Validation is the likely culprit for this.
wow, no one wants to touch this one?
I'm not hesitant of MS patches because of piracy, I'm hesitant because i use this machine to do all my Photoshop work and the last 4 auto patches crash Photoshop roughly every 6 min rendering my computer completely useless for it's primary purpose.
Suppose it was possible to apply security patches without installing Windows Genuine Advantage (malware by anyone's definition except Microsoft's). Would that make a difference? Perhaps what they are seeing is really just a choice users make between Microsoft malware and "aftermarket" malware.
Well, China is behind an all encompassing firewall.
And the French refuse to install malware written in English.
And users (with both legit and pirated copies) are leery of applying patches because of Microsoft Genuine Advantage and its ilk. Does this come as a surprise to them?
Sent from my iPhone
. . . people would be "leery" of installing "security patches," MS having pushed down things like WGA as a "critical updates." Of fscking course the people running dodgy copies of Windows are going to assume that each new wave of patches might come with a copy protection trojan, in light of the fact they've done it before. So in fact, Microsoft has caused the problem they're bellowing about in the name of attempting to inhibit piracy of Windows.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
Block unauthorized copies from receiving patches, and unauthorized copies have more malware.
Who'dda thunk it?
Sent from my PDP-11
They're pirates. Of course they're going to run malicious software.
What the hell else would pirates do with a computer, donate to charity and solve world hunger? No, they're going to use it to look up www.saucywenches.com or download illegal treasure maps, or perform DDoS attacks on Royal Navy ships. They'd use a pirate version of Quicken to count their doubloons and inventory their treasure chest. They'd be looking up suspicious sites for syphilis treatments. They'd manually edit the Windows Registry with nothing but a cutlass and a corkscrew.
... and then they built the supercollider.
Average users who don't pirate software traditionally also don't have the knowledge required to keep their computers clean from such things.
You missed the bit about it being the pirate's fault for having a pirated copy. After all, if their copy wasn't pirated, it wouldn't stop working when they applied the security patches.
Wouldn't those pirating an OS be less likely to have infected computers simply because they would be more likely to be more computer literate than your average user? Granted, it is not hard to get and install pirated copies, but your average user who falls for Nigerian scams and self-installing anti-virus malware probably wouldnt be doing much downloading besides some music, if at all. I would assume that someone downloading a pirated version of Windows probably does not use IE, and probably follows safe browsing guidelines as well.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Wouldn't the rates of infections be severely affected by how long the machine stays online? Because that increases both — the opportunity to infect the machine, and its value for the hijacker (as a spam-relay)?
With many organizations simply blocking the entire A- and B-class networks from China, even an always-connected server in China is not as hot a target as the one in US.
Also, one would expect, the machine owners' expected wealth to be a factor — some viruses blackmail the owner by threatening to delete their files... The poor Chinese may not even have a Paypal account to pay off the scumbags, so why go after them?
Accounting for all this may change the published statistics quite a bit...
In Soviet Washington the swamp drains you.
I just recently returned from a trip to India and found that many of the cyber cafes and family homes that I visited were not running the latest service-packs for Windows. I would attribute that to mostly being because although they had "broadband" their speed even during off hours were more around the range of 64 to 128 Kbps with high latency due to over subscription. Can any of you imagine downloading Windows XP SP3 over that kind of connection? (Setup a speed limiter on your next bit torrent download at about 5 KBs/40 kbps and see how long that file takes to transfer) Along with the problem that most computers are purchased as cheaply as possible so they frequently run with the minimum amount of ram possible, making the use of Antivirus software and the latest Service packs way too slow to even browse the web.
Security patches and Anti-virus updates that are several megabytes a piece are fine for someone with a lowly 512 kbps broadband connection, but understand that most people in these countries like China and India still have very large modem and slow DSL that is extremely over subscribed at the ISP.
Even here in the US there are many people that have dial-up even if other options are available because they don't feel the broadband options provide a good cost/performance ratio. $40 for 512kbps WISP connection or $10 for a cheap dial-up connection. $480 + install for the first year, or $120 for a year of dial-up over a phone line they already have...
Please keep in mind that although 5+ Mbps broadband is available in most Metro markets there are still a lot of people that have much slower connections making many online services out of reach (Steam, hulu, and to some security patches).
Perhaps these pirates just feel such extreme guilt for copying Windows that they are rejecting patches and virtually flogging themselves with malware.
This sig is exactly seventy characters long and a real waste of space!
Wait a minute. They can hardly rely on data from the MSRT, given Microsoft's own assertion that users running pirated Windows don't use Windows Update.
Of course the infection rate as reported by the MSRT will be low, if it never gets run on the pirated (and therefore infected) machines.
Williams said the link between PC infection rates and piracy is due to the hesitancy of users of pirated software to use Windows Update.
Make Windows free.
There is no reason for there to be any high level of virus spread amongst pirates. Simply because pirates are often trapped together on a boat with no women for perhaps weeks or months at a time shows nothing. Is Microsoft slandering the pirate community, hinting at homosexual rendezvous? I for one am offended and suggest we 'make im walk the plank, yarrr'
Obviously Microsoft doesn't want to acknowledge the large portion of their licensed users who set Windows to do their updates automatically but have never touched an antivirus or security software. I've worked in IT and with the Joe Public users and that was by far the biggest problem out there.
People would often call in with viruses/malware they've just been living with on a 2 year old computer, and when you asked them about what they use for antivirus, they wouldn't have a clue. "I used that link that was on my desktop when I bought it," they would say. Well, that 30 day trial will get you into more trouble than not applying your windows updates, especially when they're opening up all those emails from disposed Nigerian dictators.
Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches.
When you purposely push out "security patches" that only disable copies of Windows that are pirated, then yes, they are leery of using them, and rightly so (Assuming their goal is to run Windows without paying, and not buying Windows or using another OS)
This is the exact situation Microsoft has stated they wanted to happen.
And before anyone starts, I am not suggesting Microsoft change their rules on supporting pirated copies of Windows.
It's theirs to choose how to support how they want.
Just that this is the only conclusion one could expect from their current choice.
I think that's a valid point. To be fair, a more "intelligent" pirate would try to keep up to date manually or with an external application (AutoPatcher comes to mind but I believe it's dead). The "torrent kiddiez" probably aren't going to bother. The "computer smart" grandkid who throws together a PC so Gramps and Gran-Gran can send email to the family isn't going to bother showing them how to do updates.
I can buy that... but don't report on something that you yourself can FIX Microsoft! I'd like to see a report from Microsoft on how many copies of XP were sold because of WGA nag screens. I would bet it's a fairly low percentage. (If anybody can find it please share it, i'm too lazy to look right now) Getting rid of WGA would be a good start. It may be hard to work through the fear of Windows Update that users of a pirated copy of Windows have, but it's a start.
Apparently those few XP sales generated by WGA are more important than their own reputation as the Kings of Malware.
Count me as one of those leery afraid to apply patches because there's never any indication in the update applet about whether they'll force a reboot or not.
So I can ignore useless (for me) "malicious software removal tool" patches and play it safe, or I can apply a patch and hope that I don't have to manually stop the Windows Updates service to prevent an undesired reboot.
Guess which one I pick?
(Posted from a legit win7 licensed box that gets rebooted when storms knock out my power..)
but lets give MS the benefit of the doubt. After all, haven't they earned our trust? I'll take them at their word that stealing windows = malware. Fortunately, I don't have to steal windows anymore, a guy from nigeria says I'll be rich soon.
I guess Im a lucky pirate then I have been running copies of 7 and Vista that generate their own OEM serial numbers.
couldn't you legally force them to give updates to pirated copies? I mean leaving it like this puts other people at risk! thats like a (CAR ANALOGY FTW!!!) car manufacturer who goes and cuts stolen cars' breaks!
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate -- as defined by the number of computers cleaned for each 1,000 executions of the MSRT -- of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."
How can Microsoft possibly conclude that Malware is a greater threat to pirated PCs from the previously quoted data? Obviously the US has a higher infection rate than China, with the US being at 8.2 per thousand and China only at 6.7.
If it were me analyzing the data I'm afraid I would have to conclude that users who use windows update more often and use official copies of windows(US users) are more likely to receive a malware infection than users on pirated copies without using windows update(China).
I guess I deserve a job at Microsoft if I'm able to better comprehend the statistics than they are, assuming the numbers from this article are even true.
First, I'm not even a user of Microsoft stuff (see my sig), and I'm not posting because I think I know what Microsoft should do. This is not a rhetorical question on my part, but just a plain question. As I understand it, when a machine is infected it makes trouble for everybody (becomes part of an army of botnets or whatever). So, helping pirates who, except for pirating Microsoft Software are pretty much minding their own business, to keep their machines virus free would help everybody wouldn't it? They try to give junkies clean needles not to help them be junkies, but to try to prevent the spread of disease. Have I got that right? If I do, then, isn't it a similar situation with Microsoft?
In theory, theory and practice are the same; in practice they're different. (Yogi Berra & A. Einstein)
The fact that there's a "Great (Fire)Wall" separating the Chinese from the rest of the internet? Chinese culture being less individualistic may simply not produce as much malware, and since most citizens are restricted to their own countrymen, there's a bias. That such a sampling bias exists should disqualify it from being included among the other countries, or at least warrant further research before lumping it in there.
Microsoft has a financial incentive to make people fear running unauthorized copies of Windows.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
This problem has already been solved: www.windowsupdatesdownloader.com
Foiled again by bad navigation skills!
If Microsoft can demonstrate a causal link between known pirated copies of it's flawed insecure OS, then why can't MS prosecute those pirates?
If I can't prove that any particular infected copy was pirated then it's merely spouting rubbish to defend the poor security of it's software.
Problem solved. Link proven. That's what passes for innovation at Redmond these days.
These posts express my own personal views, not those of my employer
YMMV, but as an experiment, I chose the "alternate validation" thing long ago on a legitimate installation of Windows. Copy pasted the code into the window, then pasted the code into an email. Went to a pirated copy of Windows, ran the "alternate validation" thing again, and posted the prior code into the little window. This machine had failed WGA validation at least 2 times, but when I pasted that code into the window, suddenly it was good. The two installations were on similar, but not identical, hardware - which may mean anything, or nothing. It was an experiment that worked at least once, and may work for you.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I have an allergy to B.S. This sounds, at best, very suspect. You don't need a Windows computer to write viruses for Windows. You can compile binaries intended for Win32 on a Linux or BSD machine. Heck, you could even use PHP, PERL, or other to take advantage of a security hole in Windows.
.
Bill: We make it so complex and insecure that we'll constantly have to patch, leaving anyone who doesn't have a legitimate copy in the cold!
Steve: Great idea, boss!)
It would explain a lot which otherwise makes almost no sense. ~Hal
Maybe I'm just tired and sleepy - but your post makes me think that if Gate's daddy had used a dirty needle and a condom, we wouldn't be so worried about getting Bill's viruses today. Hmmmm. I'll sleep on that idea......
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
The actual spin is that "it's not MS's fault" for perpetuating the outdated distribution method of selling/shipping unpatched versions of Windows to end-users and expecting them to patch up to the latest version. Sure, people can do rollups but it's OPTIONAL.
NO other security-conscious application these days dares to publish anything but the latest security-patched version.
If every OS image being installed was at least the latest "image" from one quarter ago, we definitely would have less problems as time goes by with new systems going online almost fully-patched and old patched systems go offline.
Pirating software is, wait for it, WRONG! Whether it is illegal or not, it is wrong. The argument that it is Microsoft's fault for the malware due to them trying to protect their products is the dumbest thing I have ever heard. That mentality is the same as a burglar suing a homeowner if they hurt themselves while robbing a home. Or blaming the owner of a car for an accident caused by someone stealing the car. It is not Microsoft's responsibility to ensure that software works perfectly whether it is pirated or not. Blame the pirates, not Microsoft.
http://en.wikipedia.org/wiki/First_Amendment_to_the_United_States_Constitution
When I pick up clients I make sure their "licensing"[sic] is brought into compliance. It's amazing how many PCs are in small-to-medium-size businesses where IT folk install "pirated" ("Yar! yo ho ho and a bottle of rum") corporate editions. I bring them into compliance but I use policies and now WSUS to restrict patches for days to weeks after release to learn of reports of patches breaking systems. They're always behind firewall appliances and running some sort of antivirus and anti-malware software. Why I am I so wary? I've seen many instances where Microsoft patches have broken software, ranging from being able to mount Microsoft Exchange info stores to rendering Windows itself unbootable. For clients on the go (notebooks, etc) I'll tell them sure, go ahead and update when prompted, keeping in mind that the patches haven't been proven in the field yet.
It's not just counterfeit license users who avoid patching; many delay patching until the updates have been proven "safe," or if the IT budget allows (it rarely does), testing them in a staging environment.
The best practice is to set up a WSUS server and push the updates out from your own servers, controlling when and where the updates get rolled out to client workstations (and other member servers). The sad thing is that almost no businesses value best practices until having experienced at least one catastrophic failure. Heck, getting smaller companies to accept even a reasonable backup regimen is like pulling teeth.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
You are absolutely correct if the goal is the public good.
Corporations, on the other hand, are not about the public good.
t would be nice if Microsoft cared, but Microsoft is a corporation. A publicly traded corporation, no less; publicly traded corporations are required, by law, to be self-serving and to maximize profit over other considerations. If they don't, they can be sued by shareholders for not doing it.
So, nice as it would be, unless you can come up with a way to convince Microsoft to convince Microsoft shareholders that the goodwill would turn into profits that exceed the profit available with the current, selfish strategy, I think it's not so likely to happen.
There's really no excuse for you copyright violators to become bots as well.
Very true in my experience. There hasn't been a machine which I've had which at some point I stopped doing updates on because some sequential update killed the machine irreversibly. Rarely, one can roll back or uninstall some update or go back to a restore point, but most of the time the only thing to do is to back up data and do a sys repair/reinstall/ghost.
For example, I got me one of them awesome Gateway P7805u notebooks a while ago and it came with a Vista SP1 license. I installed some stuff and then remembered that I can do updates. So I decided to go to SP2. Long story short, it fucked up some essential drivers and no amount of rolling back would help. Restoring from image was simple, but imagine having to do so with a vast array of installed apps and whatnot just because an update killed it all.
Hence, this is why I can't see a reason for actually buying licenses. I mean, the IEEE gives me oodles of them to use, so everything's all legal and nice...but if they didn't, I'd have no problem installing a Pro build 2600...
XP is now 2 gens behind flagship right? Make it free to the world. It will really hurt Linux in the free domain and transition a lot of pirates to something with legit updates. The world would open up to Microsoft. Same concept as medicinal marijuana. It's better to get your supply from a safe place because who knows what the corner dealer is putting into it. I used a pirated version of XP for about 2 years. I hated not getting updates and always feeling like I was being used in a botnet. It was like a weight was lifted off my shoulders, it was the best purchase I ever made. Now, every system in my house is legit and I feel sorry for people who have pirated copies.
having the latest patches and updates do not protect you from all viruses just specific ones. Microsoft cannot code Windows updates to prevent all virus and malware infections as Windows is "defective by design" with security holes and bugs that allow malware and viruses to be installed even if the system has the latest updates and a few AV programs as well as a firewall.
Pirated Windows can still apply the Windows updates and pirated Windows have a way around the Microsoft WGA checks as they redirect WGA checks to files within the operating system that have been patched to always return a genuine check, instead of going to Microsoft's servers. The only people that get WGA 'You may be a victim of counterfeiting" are legit Windows users who suffered from a "false positive" because their AV or Firewall detected WGA as Spyware and prevented it from connecting to Microsoft's servers.
Actually third world nations get virus infections because the economy is bad and many of their citizens turn to writing viruses to make money by infecting other systems and stealing their identity and bank accounts, but they just don't infect systems within their nation, but all over the world it is just that people in a third world nation cannot afford the tech support services to remove the viruses and malware or aren't educated enough to do it themselves and suffer with malware and virus infections. Not to say that people in rich economies like the EU and USA don't write their own share of viruses and malware, just that Geek Squad and other companies charge $300 (or more or less) to do a virus/malware cleanup using a MRI Boot CD with several virus scanners on it and pay some high school or college student or drop-out minimum wage to do the virus scan.
I myself clean up the Windows systems of friends and relatives, and their Windows is genuine and patched and updated to the latest versions and they paid for AV software and firewalls, but still get infected. Until Windows adopts a Unix like security system and uses a design that makes it hard for viruses and malware to exist or infect system files as Unix, Linux, Mac OSX, *BSD Unix etc have, we are going to see "Ghostbuster" type numbers of virus and malware infections all around the world. Now that is a big Twinkie!
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
The "computer smart" grandkid who throws together a PC so Gramps and Gran-Gran can send email to the family isn't going to bother showing them how to do updates.
Actually we give them Ubuntu and show them how to type in the root pw when the auto-update notifies them of needed updates.
May I suggest you do 4 partitions & quad boot? Partitions: 1- 40 GB for XP, 2- 10 Gb for Linux stable, 3- 10 Gb for Linux bleeding edge, 4- linux of the moment. All 4 computers here are done that way. One final bit; never boot partition 1. Your M$ Office argument does not make sense when Open Office is free & better. My shuttle & my Thinkpads all require drivers from Shuttle, Nvidia & IBM for Windiz. Every Linux distro i"ve tried finds all drivers at first update. Hows is that for your Linux "lack of driver" argument from last millenium?
So, another way to look at the data is that Windows malware outbreaks cause a corresponding surge in migration away from Windows and towards systems like Linux or OpenSolaris.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
It's almost like M$ keeps moving the holes around and re-hiding them, but never fixing them. That would certainly permit the known holes and backdoors to be available for exploit but make it harder for 'unauthorized' (you did read the EULA, right?) entities to use them.
That is, however, only when M$ can be assed to patch in the first place. Not like they've dropped patches for versions they still claim to support.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
...but there's a big whole in that argument, which, I'm sure, MS doesn't like being mentioned. IMHO, one of the biggest holes in security is the clueless user. We all know 'em. "Oooh, pretty cursors, and they're free," "I'll just email my username & password to someone so they can login to my account for *miscellaneous-reason*, and yes, that's over unencrypted email" "I just store all my info in My Documents," (including textfiles with usernames/passwords, personal info including credit card/bank account info, etc), "Bah! I can't view this crazy website properly! I'll just turn off the firewall/anti-malware program," "Oh, nifty IE toolbar! Sure I've never heard of this website/company/group/whatever providing it, but it looks pretty cool so I'll install it," "Internet cache? What's that? Defrag? Virus Scan? Fooey!" "Huh. I don't know who this person that emailed me is, or why they're emailing me about (insert tragic/horrific/frightening/miraculous/ridiculous or whatever urban legend/trope/myth/etc here), but I think I'll pass this email on like it says to. After all, if I don't send to at least 10 people in the next 5 minutes, then (insert promise of disaster/catastrophe or great happiness/wealth here, conditional on them forwarding spam)" "I made my password, 'Password'! Isn't it clever? No one will think it'll be that!" And so on, and so forth. Or how about the cluess admin that leaves a username or password of "admin" on a server or other network profile? "1-2-3-4-5? That's amazing! I've got the same combination on my luggage."
If they're drawing conclusions like this already, I can't help but wonder if they plan on hiding behind this when they roll out some new, more restrictive anti-piracy scheme. I'm not advocating piracy by any means, but MS seems to spend more time and money conniving how to get everybody to fork over a hefty chunk of cash for the "latest and greatest" version of their OS or software, rather than trying to fix bugs still in the last version. That, and trying to brainwash people into believing they're the only legitimate option. I hope they realize, if they think the Win7 release buys them enough good will to start monkeying around, that it only goes so far, which isn't far at all after infecting the World with Vista.
Odi profanum vulgus et arceo
/sigh. I learned the computer trade with C, VI, and Unix. I make a living with Microsoft products. Press releases revealing the obvious, like this, are typically followed by an add for Mcnasty, Sympathetec, or Crapware's next generation intrusion botnet prevention corporate packet inspectercating firewall, built on open slource *nixware atom processor spinnage. I think it's time to join that cult I read about following in the foot steps of the unibomber ...
A tad off topic but still relating to patching Microsoft stuff. We run WSUS at work to patch machines. I absolutely despise approving the Microsoft Office security updates and service packs, especially with OEM versions of Office. Every time I do so, it seems to screw up registration on Office XP and Office 2003 installations. I have a handful of users who can't get into office after the application of updates. Fantastic. In most of those cases when I try to do the internet registration it fails and I have to spend the time to call the phone registration system. This can take 10 minutes or so per machine. Absolutely irritating. And yes, all of our software is legit.
This article is absolutely true. Pirates are afraid to let their computer phone home for updates, including security updates.
It is NOT WORTH IT. They sit there with an outdated copy of windows instead of shelling out a few bucks for XP, using a freebie like Ubuntu, or just letting their pirated copy update itself.
Stupid people doing stupid things. They make up a good portion of the idiots not smart enough to have an Internet connection.
Get the facts Jeff. Malware is rife on Windows and has been since Win 98 because of the antiquated security model employed in Windows.
Shifting the blame instead of solving the problem seems to be the norm for Microsoft, so those that have to use Microsoft products just accept that their PC will never be entirely clean and malware free.
No mention that the Alexa spyware is installed on every brand new PC due to the fact that it's incorporated into Windows.
Malware is a problem caused by Microsoft. Not only is it a direct result of an inadequate default security level, it exists because they invented the problem by wanting to spy on users to sell the data and through proprietary web formats like activeX, Which never caught on outside of Windows due the vast array of security holes it opens.
How else would Microsoft partners be able to sell security software subscriptions to paranoid consumers for extortionate amounts of money? They wouldn't.
So wouldn't the RESPONSIBLE thing for Microsoft to do, be to allow everyone to run the updates ?
MICROSOFT is just a machine heading at "Creating a world of opportunities"... for "strategic partners" (not for end-users).
SYMANTEC, a bunch of crappy developers making sub-standard "security" software crippled with vulnerabilities that open new holes on the machines they are supposed to "protect" is now the 5th worldwide software publisher!
This would have never happended without MICROSOFT's assistance (mixing executable code and data in word-processing documents, databases, spreadsheets, emails, web pages, etc.).
Those who pretend that this is "accidental" are either idiots or part of the problem.
The only real question is why MICROSOFT is not sanctionned for all its tricheries.
And the answer is not pretty.
why is he modded as flamebait?
i was about to say the same thing, and he's right. i've also once had a windows reject its correct license key, i just phoned the support, and they provide you with a working key.
Thing is, WGA doesnt stop pirated copies of Windows (XP at least) from using Windows Update.. There are various "Activation cracks" that will pass WGA and let you update to your hearts content, so I dont think it necessarily matches up that "pirated = trojaned"..
I never update my pirate Windows as it slows down my XBox 360 torrents!!!!
If I walked out of that store, and someone offered to give me an exact copy of that suit for free, I wouldn't complain.
...we'd all still be downloading versions of Win/ Office/ Server/ Whatever and using keys of off mscracks.com (or the like) - then ranting about how good they were when at work, meaning the company would then have to legitimately buy copies to use so that they wouldn't get in trouble when audited. And we wouldn't be dealing with mal/spy/crapware when running a crack just to reinstall a copy of Windows simply because the motherboard blew up rather than spend another £100 that M$ do not need *or deserve*.
Before anyone starts shouting, this was the way of things for *over a decade* - and I don't remember seeing Bill Gates (or anyone from M$) in the dole queue during that time. Of course, OEM copies of Windows/ Office were still being sold with new PC's, so it was only the geeks/ friends & family of geeks that didn't pay. It was only once they decided that they weren't quite earning enough profit that the whole 'genuine' path was taken - and now here we are...with M$ in exactly the same situation as the music/ movie companies - every time they try to protect their obscenely overpriced products, they get leapfrogged by cracking crews, and it's they alone who pretend that somehow one day these cracking crews are going to go away by bringing out multiple versions of their Genuine Advantage Guff (while simultaneously pretending that their products were always good value for money - how many times did the music industry get investigated for overpricing CD's?), which in turn make folks avoid updating, and oh look....the number of viruses has gone up. Curse those users who won't pay another £100 for software they already bought with a machine!
I've always considered M$ to have no moral ground whatsovever anyway, due to their licensing system - if I pay for two pieces of software for two seperate machines, I consider it morally wrong to then demand money to allow them to talk to each other; something M$ have no trouble in doing with their stupid and labyrithine client licensing system. Symantec are the same with Backup Exec - the functionality is built in, but they see nothing wrong with demanding thousands for a key to allow you to actually use it. Imagine if you bought a car with an MP3 player built in, but you were only allowed to look at it until you paid the car company more money...that's what's accepted in the software industry these days, but it's gone on for so long people have gotten used to it :-(
I must have installed versions of Windows at least a thousand times in the last twenty years, in many cases for testing (where it was deleted afterwards). Is anyone seriously going to suggest that I should have paid for every single copy? And don't give me the Technet excuse either - every time I install, I'm increasing M$'s user base, and encouraging the companies I have contracted for to use M$ software (which they *have* to pay for). I have never, and will never accept that I have to pay M$ in order to sell their products for them :-)
Since Vista, Microsoft have made it much easy to slip-stream apps & customizations into the install process for OEM / system builders and such like.
It just so happens that works for hackers too; your Windows torrent comes pre-rooted quite often - it is a very popular download after all.
Also, WGA does not prevent your from downloading critical patches.
throw new NoSignatureException();
In my limited experience, casual pirates practice very little "software hygiene", i. e. they tend to install all kinds of dodgy programs, including pirated software from p2p networks. That might be an important infection vector.
Can someone make a fitting analogy to STDs?
"Beware of he who would deny you access to information, for in his heart he dreams himself your master."
why the hell should they?
You steal something, then expect tech support?
You are on your own if you decide to take something commercial without compensating the creator.
Suck it up.
get malware? stop the presses!
One thing I always found interesting was that pirates do update their software though it is usually done on a monthly basis with some pirate group releasing a up to date version of MS windows. eg: (August Edition)
I agree with many of your points, one thing you forgot to mention is the activation limits too.
You can only activate XP five times, even if you buy the retail box version. After then you have to buy it *again*.
Hehehe y you're right!
How about the MS Active Partner program (it's called something like that, anyway) - £130 a year, and you get all their s/w to run in a non-business environment - until, of course, you stop paying, at which point all your active/ in use licenses expire; at which point I advised M$ that I'd be going back to procuring them from an alternative source :-)
On a side note, it's also interesting how, once again, I get a score of 1 by making legitimate statements, when a reply that agrees gets a score of 2. Makes the whole 'karma' thing a bit pointless, really.
Tired of malware, either from Microsoft or elsewhere? Get Linux. Pick a distro and don't look back, don't blink.
For some reason, I'm now associating Microsoft with the Dr. Who episode "Blink". And if you haven't seen that episode, sad for you.
See, once again, it is the user's fault that there are so many infected machines out there. But now it is because people are stealing Windows, not only because they stupidly open every e-mail attachment sent to them.
But never, never, NEVER Microsoft's fault for making a product with security loopholes out the wazoo, inadequate security testing and poor security programming practices.
I dislike Microsoft upgrades because they often do things you do not wish, or are not disclosed. My windows media center laptop just started giving me threats about it being a pirated copy of windows. Interestingly, WGA was installed by Microsoft using auto-update. Something I had turned of, but was apparently turned back on by a 'security' update. Some security when you are changing basic settings on a machine and opening a pathway for malware.
Malware is the infected OS fault for not being a good system from the get go, and M$ is guilty of that for sure, but also, we know Linux is free and no one wants to pay for this stuff, so if M$ really wanted to force a whopping move and force to shut down all pirated copies, you would have an overnight movement so big towards linux, that the market shares would probably be more like 50/50.
For all the pirated copies you still take those into consideration for counting market shares (M$ does), then you add to the fact , these people doing this do no want to spend money or else they would have legal copies, says they probably would not buy a copy of windows, but download linux.
If M$ was smart, they should offer for 19.99$ a one time transfer of all patches and updates, to all users that need them (obviously the pirates) and say no strings attached, then once they have the emails, and had their money , send not only the patches that make the internet safer for EVERYBODY, but also be able to use their emails to advertise why they should buy a legal copy of windows...hell, if they came out with cool stuff all the time like Apple IPhones, Windows would sell itself, no?
Problem is M$ is too greedy. Think about it, all pirated version are now patched and M$ has 19.99$ * each pirated copy, for future development. That would get them easily a 10 million copies of windows * 20.00 = 200 million easy...without doing anything but making the internet safer.
Balmer sucks, that's why M$ is the way they are.....stop throwing chairs, and start thinking with your head!
Well, Microsoft seems to be arguing that malware rates would shrink if they gave Windows away for free.
That Microshit has done it again. Boy remember all those fun little excuses for why Vista sucked bawls? Why was it? Rushed, in complete, need more time, and Ballmer is a raging asshole...YOU DON'T SAY! Just another reason to switch to Linux and play with wine -> you learn something and that pain in you asshole suddenly disappears. Well, here's to stating the obvious. CHEERS!
Do people on car forums provide computer analogies to their car issues?
Believing "user education" will lead to better security is like believing aggressive patching will create bug free software. Education and aggressive patching are useful and do improve the quality of the system but mistakes happen for people and software. You can have people read security documents forever and continually patch and machines will still get exploited because neither is perfected.
Beyond that, regular users don't have time to read security bulletins and twiddle with scanners. Instead of blaming the user, how about we blame the software systems that help create this mess? Why is it so difficult to configure and user and inspect the status of AV software? Why should any OS have AV software in the first place?? These seem like problems with the software design not the user. Or if anyone needs a hint on what the real problem is: It is very hard for a user to tell the difference between AV software and malware. That should tell you something is weird about the system where if the user could tell the difference we wouldn't need the software in the first place.
100% of Malware I've seen is on machines where I've given the end user admin/root access.
Wait a minute. We are using the MSRT stats to debunk the idea that piracy and not running Windows Updates results in more malware. MRST is usually run as a part of Windows Update...so the people not running WU don't run the tool and aren't even a part of the stats. Whether Microsoft is right or wrong, this argument is flawed.
It interrupts their work in a major way, frequently sucks up an hour of productive time (contrary to MS's lame human factor studies) and forces them to reboot to get anything done, followed by that *stupid* message about seeing what was updated (Golly Gosh, I'm so excited about the latest Windows update, I can hardly wait!).
.
Maybe, it's like having a regularly scheduled blue screen of death instead of a random one. Not much of an improvement.
Maybe *that's* why they're leery of patches. At least the viruses try and stay out of the way.
Please do not read this sig. Thank you.
Most users of any M$ OS are (and should be!) leery of updates, as there have been far too many times that updates have caused trouble for users of legally purchased copies of Windows. And if M$ properly programmed their OSs in the first place, there would not be nearly as much need for security patches and updates!
Somebody also tried to establish a relationship between homosexuality and AIDS. There are two differences, though. It was not Microsoft. And actually MOST windows copies are pirated.
Where are the numbers?
What was left out?
Who is gaining something from this?
Why is MS bringing this up?
When were the updates released that would have protected them?
How was the statistics information obtained?
I'm sure we can ask a lot more questions that will never get answered that would explain what is really going on.
Fuck you Steve Ball Licker.
FUD. I have copies of XP and Vista from my MSDNAA account that I've re-installed numerous times. Nice try, F$F shill.
If I do, then, isn't it a similar situation with Microsoft?
What does your junkies and needles analogy have to do with cars?
You say that Microsoft finally admits that their upgrade/patch policy actually increases the number of malware infected computer? ... interesting.
Thank you. This kind of "it doesn't cost anyone anything" logic is bullshit and needs to end. Piracy is ultimately theft and anyone that wants to try and argue otherwise will fail in the face of logic. If everyone decided to stop paying for software companies would stop developing it. Even the best "free" effort, Linux, has been driven by millions of dollars in development by, oh, say IBM and Red Hat and Novell and etc.....imagine a socialist operating system.....russia sure had some real gems of computing in the 70s.......
zosxavius photography
...but there's a big whole in that argument, which, I'm sure, MS doesn't like being mentioned. IMHO, one of the biggest holes in security is the clueless user. We all know 'em. "Oooh, pretty cursors, and they're free," "I'll just email my username & password to someone so they can login to my account for *miscellaneous-reason*, and yes, that's over unencrypted email" "I just store all my info in My Documents," (including textfiles with usernames/passwords, personal info including credit card/bank account info, etc), "Bah! I can't view this crazy website properly! I'll just turn off the firewall/anti-malware program," "Oh, nifty IE toolbar! Sure I've never heard of this website/company/group/whatever providing it, but it looks pretty cool so I'll install it," "Internet cache? What's that? Defrag? Virus Scan? Fooey!" "Huh. I don't know who this person that emailed me is, or why they're emailing me about (insert tragic/horrific/frightening/miraculous/ridiculous or whatever urban legend/trope/myth/etc here), but I think I'll pass this email on like it says to. After all, if I don't send to at least 10 people in the next 5 minutes, then (insert promise of disaster/catastrophe or great happiness/wealth here, conditional on them forwarding spam)" "I made my password, 'Password'! Isn't it clever?
BINGO!!! This sums up a big part of the real problem... coupled with a lot of unfixed holes in the OS... like the recent .NET maybe-fix just released (it is the 6th major attempt - the previous 5 failed). To continue this example with documentation to prove the point:
Here's just ONE similar exploit and patch:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/ms07-040.mspx
When that obviously failed to address nothing but specific methods for such attack vectors, that patch was replaced by this one:
http://www.microsoft.com/technet/security/bulletin/MS09-061.mspx
And that was after 3 earlier service packs for .NET didn't fix these issue. This thing is like a boat with a hundred holes. patching 2 or 3 at a time doesnt solve the core problem... water is still able to pour right in. Thats somewhere around SEVEN YEARS of trying and not fixing the .NET issue.
So... take the "clueless user" factor, and add the "Microsoft somtimes (often?) takes YEARS to properly fix various of the serious exploits and you have a recipe for disaster that has nothing at all to do with software piracy.
Then they make idiotic claims (like again, for instance, regarding the latest .NET fix): "First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates."
Really? This time, finally, for real, they promise, users "are protected, regardless of the attack vector." - somehow I doubt that. But regardless, there have been tons of other similar scenarios (look at IE's track record and the slew of patches released, numerous for the same issue that was not properly resolved with the previous one (or ten)). Thus, again, that has nothing to do with piracy.
Until Microsoft can truthfully claim that piracy creates "clueless users" and also prevents them from properly fixing their code (their promises of such to the contrary), then piracy is not nearly as large a part of this equation as they want people to believe.
StarTrekPhase2 - The Five Year Mission Continues!