Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Links Malware Rates To Pirated Windows

Posted by kdawson on from the wishful-self-interest dept.

CWmike writes "Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches. 'There is a direct correlation between piracy and the malware infection rate,' said Jeff Williams, head manager of the Microsoft Malware Protection Center. Highlighting research that showed worms to be the most prevalent computer security problem today, Williams said the link between PC infection rates and piracy is due to the hesitancy of users of pirated software to use Windows Update. China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate — as defined by the number of computers cleaned for each 1,000 executions of the MSRT — of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."

31 of 348 comments (clear)

  1. So.... by Anonymous Coward · · Score: 5, Insightful

    So malware is Microsoft's fault for not patching pirated machines? Or did I miss something...

    1. Re:So.... by dgatwood · · Score: 5, Insightful

      So malware is Microsoft's fault for not patching pirated machines? Or did I miss something...

      Yes and no. It is true that by limiting patches to "legitimate" copies, they are making the odds of malware infection worse, and in doing so, are contributing to the botnet problem that creates truckloads of spam, wasted bandwidth, DOS attacks, and other nightmares that hurt everyone including their legitimate users. So I think they're utter morons for acting the way they do.

      That said, this is not the whole story. A large percentage of malware comes from people installing pirated software. People who pirate Windows are... wait for it... more likely to pirate other software, too. Therefore, you'd expect a strong correlation between malware rate and pirated copies of Windows even if Microsoft did everything they could to keep pirated copies of Windows patched. Their "Genuine Advantage" crap is merely compounding the problem.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    2. Re:So.... by P0ltergeist333 · · Score: 5, Insightful

      You're not applying the proper spin. They are trying to spin it so the pirates look like the problem, when in reality they are holding everyone's security hostage in hopes of scaring a few users into buying a legit copy of Windows.

      --
      One of these days I'm going to cut you into little pieces. - PF
    3. Re:So.... by MakinBacon · · Score: 2, Insightful

      To be totally fair, people who don't pay for their software (pirates) aren't actually customers, and Microsoft has no responsibility towards people who aren't their customers.

    4. Re:So.... by initialE · · Score: 2, Insightful

      Look at it this way. You pirate windows, your box joins a botnet, and who suffers? Some other poor SOB. Somewhere there's a corporate site to DDOS, somewhere there's an account to brute-force, and Microsoft's reputation takes a fall. Remind me where's the genuine advantage in that again?

      --
      Starbucks, Harbuckle of Breath.
    5. Re:So.... by ozmanjusri · · Score: 2, Insightful
      people who don't pay for their software (pirates) aren't actually customers

      I've paid for my Microsoft software and I still get a shitload of botnet-posted spam. Likewise, I have to do routine tech support for friends laptops with malware infested Windows installs despite the laptops having legit versions of Windows installed by the manufacturer.

      So are you suggesting that Microsoft has no responsibility to myself and my friends, or are you saying that they're incapable of fulfilling that responsibility?

      --
      "I've got more toys than Teruhisa Kitahara."
    6. Re:So.... by MakinBacon · · Score: 2, Insightful

      I fail to understand your point. Are you trying to say that Malware on your computer is caused by some guy on the other side of the world neglecting to run Windows Update?

    7. Re:So.... by yukk · · Score: 3, Insightful

      To be totally fair, people who don't pay for their software (pirates) aren't actually customers, and Microsoft has no responsibility towards people who aren't their customers.

      That's not totally true. If all those pirates were to dump Windows for some other O/S, then Microsoft's market share would drop, weakening their near monopolistic hold on the market which allows them to sell other things and force wretched terms on vendors.

      --
      The trouble with the rat race is that even if you win, you're still a rat." Lily Tomlin
    8. Re:So.... by Totenglocke · · Score: 3, Insightful

      Oh, I have paid for legit student copies of MS products. But they always come hamstrung with things like a 1 install limit, so if you reformat you're SOL. That's why you have to resort to piracy to be able to use what you actually paid for.

      --
      "The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." ~Thomas Jefferson
    9. Re:So.... by bashmohandes · · Score: 1, Insightful

      If you walk into a store and you found a $1000 suit, and you can't afford it, you can't just take it and say they are over pricing it, this doesn't make sense especially if accross the street you can find the thrift store that has a reasonable suit for free!

    10. Re:So.... by Mhtsos · · Score: 3, Insightful

      Go go gadget car analogy..
      This is like saying a car company isn't liable for faulty brakes in case of an accident where the car is driven by someone who stole the car. The victim of faulty brakes isn't always the driver.

    11. Re:So.... by Carewolf · · Score: 4, Insightful

      Also, as you note, installing pirated software, including Windows, is a risk in itself as much pirated software has been prepackaged with malware.

      True, but funny enough pirated software contains much less malware than the original packages, which is one of the its many advantages.

    12. Re:So.... by 0ld_d0g · · Score: 2, Insightful

      Do people actually install those updates?

      Yes, people who care about having 1 less bug to deal with in their OS, generally run each update.

      There is nothing like those updates to bring your system to a crawl.

      What?

      The only updates I install when using Windows are Service Packs and Antivirus updates.

      Service pack just means a cumulative pack of all the updates released so far. (Most of the time)

    13. Re:So.... by nutshell42 · · Score: 3, Insightful
      No it's like a car company providing free brake checks and maintenance to car owners and thieves alike but the thieves don't use it because they're afraid the company's gonna call the cops (which they don't afaik but I never checked) and they don't get it done by anyone else either.

      They also drive with the handbrake engaged all the time (not behind firewall, anti-virus, whatever) so it's shot and use wheels that are known to overheat brakes (lots more pirated stuff).

      Damn that car company does their nefarious schemes know no bounds? Oh the humanity!

      Suffice to say your analogy fails harder than their brakes.

      --
      Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
  2. Just suppose... by ichbineinneuben · · Score: 3, Insightful

    Suppose it was possible to apply security patches without installing Windows Genuine Advantage (malware by anyone's definition except Microsoft's). Would that make a difference? Perhaps what they are seeing is really just a choice users make between Microsoft malware and "aftermarket" malware.

    1. Re:Just suppose... by grcumb · · Score: 4, Insightful

      Suppose it was possible to apply security patches without installing Windows Genuine Advantage (malware by anyone's definition except Microsoft's). Would that make a difference?

      Quite likely, but Microsoft is definitely within their rights to insist that people pay for their software. You and I may find it to be unwieldy, intrusive and obnoxious, but that's our problem, not theirs.

      If people don't want to deal with the mess and hassle of keeping their Windows machines clean and up to date, they have alternatives. They can pony up for a Mac or they can install Linux. Heck, if they're absolutely committed to using Windows without paying, they can run it in a snapshotted VM on Linux.

      Just last week I wrote a newspaper column advocating Ubuntu Karmic over Windows 7, so I'm no fan of Windows whatsoever. But as someone who writes a fair amount of software, I fully respect Microsoft's right to license it - and enforce that license - as they see fit.

      The fact that they're doing so in such a way as to drive the world away from them is just gravy, as far as I'm concerned. 8^)

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    2. Re:Just suppose... by zonky · · Score: 3, Insightful

      Downloading and applying patches from non-authoritative sources, i.e torrents, without some sort of checksum assurance sounds like a very bad idea.

    3. Re:Just suppose... by hedwards · · Score: 3, Insightful

      If they want to do that fine, but they should be liable for the times when they misidentify a copy as pirated.

      Also, I take it that you haven't actually bothered to read the EULA that comes with Windows because it's an absolute joke. Worse still is that it changes regularly when doing updates and I'm willing to bet that if I call them and say that I'm rejecting the new version that they won't let me have my money back for the copies I've paid for.

  3. Users are leery of applying patches because? by CmdrPorno · · Score: 3, Insightful

    And users (with both legit and pirated copies) are leery of applying patches because of Microsoft Genuine Advantage and its ilk. Does this come as a surprise to them?

    --
    Sent from my iPhone
  4. Gee. I wonder why . . . by base3 · · Score: 3, Insightful

    . . . people would be "leery" of installing "security patches," MS having pushed down things like WGA as a "critical updates." Of fscking course the people running dodgy copies of Windows are going to assume that each new wave of patches might come with a copy protection trojan, in light of the fact they've done it before. So in fact, Microsoft has caused the problem they're bellowing about in the name of attempting to inhibit piracy of Windows.

    --
    One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
    1. Re:Gee. I wonder why . . . by Anonymous Coward · · Score: 1, Insightful

      You know, there's one more step in the causality chain. If they hadn't installed a pirated copy, then WGA wouldn't have been a problem.

      I really don't have much sympathy for somebody with a non-legitimate copy being burned by WGA, nor for anybody who avoids security patches so that they won't be affected by WGA.

      As an analogy, consider a prison full of murderers. Is it the fault of the police that the jail is full of murderers? Note for the moronic here: I'm not saying that pirating software is on a moral level with murder; clearly there's a vast difference.

      My sympathies are for people with legitimate copies that have been burned. But pirates being leery of installing patches is the *pirates'* fault, even if Microsoft released an update that explodes and kills everybody in the room when they update a pirate copy. Note for the moronic here: Microsoft releasing such an update would be considerably worse than software piracy, and Microsoft would be at fault for deaths in that case, but the pirates are still responsible for being leery of patches.

  5. Imagine that... by mirix · · Score: 1, Insightful

    Block unauthorized copies from receiving patches, and unauthorized copies have more malware.
    Who'dda thunk it?

    --
    Sent from my PDP-11
  6. Re:WGA could be at fault by Renraku · · Score: 5, Insightful

    The very same program that's well-known for marking valid copies as pirated and then holding people's data/work environment hostage until they cough up another $200+. Yeah, I'm leery of that kind of thing too. Why should I let them install a program that takes up a good 20MB of RAM when it's running to make me prove that I'm not a pirate?

    --
    Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
  7. Broadband speed might be more of an issue by TheCow · · Score: 4, Insightful

    I just recently returned from a trip to India and found that many of the cyber cafes and family homes that I visited were not running the latest service-packs for Windows. I would attribute that to mostly being because although they had "broadband" their speed even during off hours were more around the range of 64 to 128 Kbps with high latency due to over subscription. Can any of you imagine downloading Windows XP SP3 over that kind of connection? (Setup a speed limiter on your next bit torrent download at about 5 KBs/40 kbps and see how long that file takes to transfer) Along with the problem that most computers are purchased as cheaply as possible so they frequently run with the minimum amount of ram possible, making the use of Antivirus software and the latest Service packs way too slow to even browse the web.

    Security patches and Anti-virus updates that are several megabytes a piece are fine for someone with a lowly 512 kbps broadband connection, but understand that most people in these countries like China and India still have very large modem and slow DSL that is extremely over subscribed at the ISP.

    Even here in the US there are many people that have dial-up even if other options are available because they don't feel the broadband options provide a good cost/performance ratio. $40 for 512kbps WISP connection or $10 for a cheap dial-up connection. $480 + install for the first year, or $120 for a year of dial-up over a phone line they already have...

    Please keep in mind that although 5+ Mbps broadband is available in most Metro markets there are still a lot of people that have much slower connections making many online services out of reach (Steam, hulu, and to some security patches).

  8. Liscensed but uneducated users really at fault by elvis15 · · Score: 5, Insightful

    Obviously Microsoft doesn't want to acknowledge the large portion of their licensed users who set Windows to do their updates automatically but have never touched an antivirus or security software. I've worked in IT and with the Joe Public users and that was by far the biggest problem out there.

    People would often call in with viruses/malware they've just been living with on a 2 year old computer, and when you asked them about what they use for antivirus, they wouldn't have a clue. "I used that link that was on my desktop when I bought it," they would say. Well, that 30 day trial will get you into more trouble than not applying your windows updates, especially when they're opening up all those emails from disposed Nigerian dictators.

  9. Seems to be what microsoft wanted by dissy · · Score: 4, Insightful

    Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches.

    When you purposely push out "security patches" that only disable copies of Windows that are pirated, then yes, they are leery of using them, and rightly so (Assuming their goal is to run Windows without paying, and not buying Windows or using another OS)

    This is the exact situation Microsoft has stated they wanted to happen.

    And before anyone starts, I am not suggesting Microsoft change their rules on supporting pirated copies of Windows.
    It's theirs to choose how to support how they want.
    Just that this is the only conclusion one could expect from their current choice.

  10. Re:safer users by Anonymous Coward · · Score: 1, Insightful

    So you're saying the people who fall for phishing scams and untrusted unvetted code overlap significantly with the ones who run Windows? Whodathunk? ;)

  11. What!?!? by sourICE · · Score: 2, Insightful

    China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate -- as defined by the number of computers cleaned for each 1,000 executions of the MSRT -- of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."

    How can Microsoft possibly conclude that Malware is a greater threat to pirated PCs from the previously quoted data? Obviously the US has a higher infection rate than China, with the US being at 8.2 per thousand and China only at 6.7.

    If it were me analyzing the data I'm afraid I would have to conclude that users who use windows update more often and use official copies of windows(US users) are more likely to receive a malware infection than users on pirated copies without using windows update(China).

    I guess I deserve a job at Microsoft if I'm able to better comprehend the statistics than they are, assuming the numbers from this article are even true.

  12. should it be like giving clean needles to junkies? by shoor · · Score: 2, Insightful

    First, I'm not even a user of Microsoft stuff (see my sig), and I'm not posting because I think I know what Microsoft should do. This is not a rhetorical question on my part, but just a plain question. As I understand it, when a machine is infected it makes trouble for everybody (becomes part of an army of botnets or whatever). So, helping pirates who, except for pirating Microsoft Software are pretty much minding their own business, to keep their machines virus free would help everybody wouldn't it? They try to give junkies clean needles not to help them be junkies, but to try to prevent the spread of disease. Have I got that right? If I do, then, isn't it a similar situation with Microsoft?

    --
    In theory, theory and practice are the same; in practice they're different. (Yogi Berra & A. Einstein)
  13. Re:should it be like giving clean needles to junki by John+Hasler · · Score: 3, Insightful

    Microsoft has a financial incentive to make people fear running unauthorized copies of Windows.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  14. Sure, but... by Rix · · Score: 4, Insightful

    If I walked out of that store, and someone offered to give me an exact copy of that suit for free, I wouldn't complain.