Slashdot Mirror

← Back to Stories (view on slashdot.org)

Samsung Cripples Windows Update To Prevent Incompatible Drivers

Posted by Soulskill on from the that's-not-how-this-works dept.

jones_supa writes: A file called Disable_Windowsupdate.exe — probably malware, right? It's actually a "helper" utility from Samsung, for which their reasoning is: "When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates." Too bad that the solution means disabling all critical security updates as well. This isn't the first time an OEM has compromised the security of its users. From earlier this year, we remember the Superfish adware from Lenovo, and system security being compromised by the LG split screen software.

26 of 289 comments (clear)

  1. What? by DanJ_UK · · Score: 5, Insightful

    You've got to be fucking shitting me?

    --
    - Dan
    1. Re:What? by mwvdlee · · Score: 4, Interesting

      Does their warranty cover hacked laptop?

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    2. Re:What? by DanJ_UK · · Score: 4, Funny

      That'll be one hell of a class action lawsuit, I'm almost tempted to buy a Samsung laptop and just leave it plugged in until it's compromised so I can join the compensation gravy train.

      --
      - Dan
    3. Re:What? by taustin · · Score: 4, Insightful

      Second semester law school: unconscionable contracts are unenforceable.

      Aside from any contractual obligations between Samsung and Microsoft that would affect this, and you can bet there are some.

      The lesson here, boys and girls, don't get legal advice from first semester law students. Consult a real lawyer.

    4. Re:What? by fuzzyfuzzyfungus · · Score: 4, Insightful

      It's especially insane because, while grabbing drivers from Windows Update is the default behavior, you can turn that off without disabling Windows Update.

      "System Properties" -> "Hardware" -> "Device Installation Settings". There's not even any registry grovelling or other esoteric nonsense involved.

      Things just get worse because, even if enabled, the Windows Update provided drivers will only be applied if no drivers are available locally(if drivers are available; but Windows Update has newer ones, they'll be listed as optional updates; but only installed with manual user intervention). So all Samsung has to do is add their drivers to the OS driver store (pnputil -a, not very hard) and the OS will apply them before even heading out to check for new ones, unless there is something egregiously wrong with them(if memory serves, unsigned drivers are treated as lower ranked than signed drivers when determining 'best driver available', and drivers that don't list the PCI/USB PID/VID, but have been forcibly applied, may also rank lower than drivers that do specify the matching PID/VID).

      So, in summary and conclusion, this whole thing is an unbelievable clusterfuck and it isn't even clear why Samsung would think it necessary in order to ensure the drivers that they want installed get installed; much less how they could possibly think that the security consequences were worth it. Only its finite complexity saves this situation from fractal stupidity.

    5. Re:What? by taustin · · Score: 5, Informative

      I am not, in fact, a lawyer, but I do know how to use Google (unlike so many here). For instance, I can, without any adult help, open up my web browser, and type in http://www.google.com/ and go to a convenient search engine. In the search box for that search engine, I can type in "eula struck down as unconscionable" and click on the button labeled "Search." And get results such as

      this, which talks about Bragg v. Linden Research, Inc., in which Linden's TOS (specifically, the arbitration clause) is struck down as unconscionable not once, not twice, but at least three or four different times and ways ("procedural unconscionability" and "substantive unconscionability" in two different ways, and then again on the latter after Linden amended it).

      Wired also covers Gatton v. T-Mobile, again on an arbitration clause, and ruled unconscionable both procedurally and substantively. Also unconscionable for prohibiting class action lawsuits, because "that form of litigation is often the only means of stopping and punishing corporate wrongdoing." It also discusses Douglas v. U.S. District Court, which is about changing the terms of a contact after it has been signed, and which was ruled unconscionable. Gatton is often cited as recognizing that all click-wrap license have an element of unconscionability that must be considered by the court.

      This has a link to this", which is a ruling on McKee v. AT&T, ruing their arbitration clause unconscionable.

      Note that these are the first three results on the search, and the fourth is on McKee v. AT&T again.

      Also note that these are all different courts, state and federal, all over the country.

      Unconscionability is an affirmative defense - the defendant has to demonstrate why the contract is unconscionable, but it does, in fact, happen, and more importantly, it took me, literally, less than ten seconds to find example (and five of that was waiting for the browser to open.)

      To quote the third link, you may now feed my cats for a week.

  2. Terrible twos by Impy+the+Impiuos+Imp · · Score: 5, Insightful

    Samsung: You're terrible programmers!

    Microsoft: No, you are terrible programmers!

    Kids, kids, you'really both terrible.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  3. Wow ... by gstoddart · · Score: 5, Insightful

    So, basically they have shit hardware or shit drivers, and the only way they can think of to fix this is to prevent your operating system from trying to apply updates?

    This sounds like incompetence all the way around, and is on-going proof of why I hate OEM laptops. Because they fill them with so much garbage.

    It seems like every time I hear anything about Samsung, I find myself thinking "nope, I would never buy their crap".

    And, once again, corporations put their own crappy "innovation" ahead of the needs of their customers.

    Pathetic.

    --
    Lost at C:>. Found at C.
    1. Re:Wow ... by gstoddart · · Score: 4, Insightful

      If the hardware doesn't work with default Windows or Linux distribution, it's shit. (think clean install).

      Years ago at work, we got some new desktops.

      The desktops had 4GB of RAM, but the Windows XP Pro on them could only see 3GB. One of the guys decided to put Windows 2003 on the machines to get access to all the RAM.

      It turns out there were NO drivers for that hardware which existed for Windows 2003, and even getting back to XP Pro proved exceedingly difficult because ... it was almost impossible to find the drivers again as they basically weren't published anywhere. Essentially this machine could only work with the OEM image made up of drivers and other custom crap which were almost impossible to find.

      To add insult to injury, whatever idiot had ordered them got us some new-fangled wide screen monitors. The problem was that while the actual resolution of the monitor was a 4:3 aspect ratio ... the actual pixels were flattened so that in its native resolution the screen drew circles as flattened ovals.

      I 100% agree with you. Because non-standard crap from vendors makes for utter garbage machines.

      --
      Lost at C:>. Found at C.
    2. Re:Wow ... by rjmx · · Score: 4, Funny

      > They still get the fewest complaints on NewEgg for much of their stuff for a reason

      The reason being that nobody can keep one of them running long enough to file a complaint?

    3. Re:Wow ... by mlts · · Score: 4, Interesting

      Windows 2003 had a 64 bit version, but Windows 2003 mainly was 32 bit. If you used the /PAE option on the 32 bit edition, you could get past the 4GB barrier on that OS... but the caceat was only if you had the enterprise or data center editions (which got you to 32 GB or 64 GB respectively.)

      So, I do agree with the parent... the ability to get past 4GB did exist, but required a bunch of flaming hoops to go through.

      As for monitors, I've seen lots of screwy, nonsensical stuff, stuff (such as a glitch on a SCSI card causing the monitor to tint green), so I wouldn't be surprised if this was the case.

    4. Re:Wow ... by MachineShedFred · · Score: 4, Insightful

      This one is completely on Samsung.

      There is nothing stopping them from getting WHQL certification of their OEM drivers and submitting them to Microsoft. If their drivers are written properly (with proper hardware identification strings for PCI / USB / ACPI devices) then they will apply before generic drivers, and this isn't even a problem.

      Funny how we don't hear about this from Acer / Dell / HP / Lenovo / etc...

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  4. If true then Samsung is dead to me by sjbe · · Score: 5, Insightful

    If true then I guess I won't be buying any Samsung computers anytime soon. A company that stupid simply isn't worth doing business with. Add this to the Samsung TVs that listen to your living room and the bloatware on their Android devices and I pretty much can't see any reason to buy from Samsung these days.

    1. Re:If true then Samsung is dead to me by DontBlameCanada · · Score: 4, Insightful

      Its an issue because Samsung's voice recognition wasn't done on the TV. They shipped the captured audio to servers in their back office, unencrypted iirc. So your intimate small-talk with your partner is recorded live and sent out to some nameless destination free for all to listen to. I don't know about you, but I consider that an incredible invasion of privacy.

    2. Re:If true then Samsung is dead to me by NatasRevol · · Score: 4, Informative

      Ya, it did, at least the unencrypted part.

      http://www.theguardian.com/tec...

      Ya, it did, at least the recording private conversations part.

      http://www.cnet.com/news/samsu...

      --
      There are two types of people in the world: Those who crave closure
  5. I've lost track of how many times I've been burned by msobkow · · Score: 5, Informative

    I've lost track of how many times I've been burned by a driver update from Microsoft that turned out to be incompatible with my hardware, likely because Windows Update misidentified my hardware as compatible with the driver. I no longer install any drivers through Windows Update, but instead go to the vendors sites and get them straight from the source.

    Fortunately, the drivers are always optional updates, so you can just flag them as hidden and ignore them.

    --
    I do not fail; I succeed at finding out what does not work.
  6. Re:Hardware or driver's issues? by jones_supa · · Score: 4, Interesting

    I can think of two solutions on how to solve this problem.

    1) Pin the installed OEM drivers, so that Windows understands that no other drivers should be installed for these device IDs.

    or

    2) In the PCI device ID, add extra information that this device is a special Samsung variant, and then Windows knows that the generic driver for that device is not compatible.

    I'm not sure if these solutions are possible, if someone knows more then please let me know.

  7. Re:well done. by NoNonAlphaCharsHere · · Score: 4, Insightful

    I'm trying to calculate just how much Kool-Aid you have to drink until "the OS decided to reboot all on its own" becomes acceptable behavior.

  8. My Samsung Laptop by MPAB · · Score: 4, Interesting

    I bought a Samsung laptop. i5, 6gb ram, Hybrid NVIDIA and Intel graphics, 750gb HDD, DVD burner. It is light, well powered and cost efficient back in 2011. Windows 7-64 bit. Problem is: Even the keyboard hotkeys such as screen brightness, WiFi, etc. work only through a "Control panel" that takes ages to load. Volume keys don't work within a game and sometimes the trackpad stops working after sleeping. And also I don't dare installing Linux on it because I read about severe cases of linux bricking the UEFI and rendering the laptop completerly useless.

    Alas, after you start it up (either from off or sleeping) and wait the 10-15 minutes for the HDD to calm down (after stripping down the startup, defragmenting, ccleaner and the such) it runs really well.

  9. Re:Not exactly like Superfish by idontgno · · Score: 4, Insightful

    This is not malicious. It is stupid and ignorant, but not malicious.

    Any sufficiently advanced incompetence is indistinguishable from malice.

    --Clark's corollary to Hanlon's Razor after Clarke's 3rd Law

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  10. Re:Unfortunately, they're right by neilo_1701D · · Score: 4, Insightful

    If I allow Windows Update to "update" the driver for my Bluetooth stick, it doesn't work any longer.

    I've seen that problem before on a Bluetooth stick. The real issue was that I had purchased some Chinese ripoff clone of another product (I didn't know at the time that's what I was doing. We learn.); and the original company had released updated drivers to Microsoft. These new drivers worked just fine with the oem product, but something in the ripoff product didn't work with the new drivers, and the stick stopped working. I had to back the drivers out, re-install the original drivers and mark that particular update as "do not install".

    I've no idea if the original company (who had their gear ripped off) spiked the driver deliberately or simple broke it by accident.

  11. Re:Uhhhh by H0p313ss · · Score: 5, Informative

    "Sign in to the dashboard with your Microsoft account,"

    No, go fuck yourself. Give me control over my updates/drivers inside the OS and don't make me sign up for your fucking spam in order to have a WORKING operating system.

    The linked page was for hardware developers to submit their drivers to Microsoft so that they can be included in updates.

    But I'm sure you realized that...

    --
    XML is a known as a key material required to create SMD: Software of Mass Destruction
  12. and I thought Linux had driver issues by davydagger · · Score: 5, Informative

    Linux might have some slight incompatiblity with an ever shrinking list of now obscure hardware. But when it works, it works. There is nothing this fucked up about linux drives. At worst, a few of them simply don't have the features we'd like, but nothing catastrophic.

  13. Tha's a tough one there... by Minwee · · Score: 5, Insightful

    Surely there must be a way to have avoided this.

    Maybe Microsoft should set up some kind of... Lab. To certify the Quality of Hardware for Windows. And maybe they could make it really simple for vendors like Samsung to send them copies of drivers for certification so that Windows Update would be aware that they existed.

    And maybe, instead of demanding millions of dollars in fees for this service, they could charge something simple up front like just $250 and then not cause any more problems. Then Samsung would have been able to run through a quick certification process and avoided all of this trouble.

    Man, why does Microsoft make it so hard for vendors to get their devices supported?

  14. Re:This is why Microsoft by mlts · · Score: 4, Informative

    Look at the Vista fiasco. OEMs had to be dragged, kicking and screaming, to the privilege model (which has been in the UNIX world for decades, and was in the Mac world for at least five years) where they don't have all their stuff run with admin rights. Then, when MS added some fundamental security features like ASLR, forcing drivers to be rewritten, OEMs shipped alpha-quality code, then blamed the crashes on MS.

  15. Re:well done. by myowntrueself · · Score: 4, Informative

    I'm trying to calculate just how much cheap moonshine you have to drink until a prompt where the computer asks if you want to reboot now, or not counts as "the OS decided to reboot all on its own".

    Microsoft update WILL reboot on its own. It'll pester you for a few days then it literally reboots your computer without giving you a choice.

    --
    In the free world the media isn't government run; the government is media run.