Sorry to throw a wrench in here, but the hard drive part has been misrepresented. Yes, she had it replaced, but it was after the investigation from MediaSentry had been concluded but before she got her letter from the RIAA saying what a naughty girl she's been.
Just for clarity. Oh, I know I'm late to the party but I do like all the facts in the clear. Having said that, the defense really didn't do anything here and it wasn't surprising she lost.
Yeah, I'm going to have to disagree with you on a couple of points here.
Have you seen the offerings in the single rack of PC games they have? Most of it is not so good. Not a lot of PC titles coming out. I realize that there are different challenges for writing games for PC as the architecture of the hardware can be so varied where as the console you have set hardware requirements and no worries for compatibility. Maybe it's a problem of the industry concentrated to make games to take advantage of the technical capabilities of the platform rather than making them fun...I won't speculate (although I have ideas about that very theory). Still, stores like Gamespot are console centric.
And even though WoW has eight million subscribers and climbing, unless the broader PC game buying numbers go up, it's a localized phenomenon. I know a lot of people who play WoW and only WoW, never branching out to other games, nor even to other MMOs. Still, that isn't so bad as long as you have engaging games that provide new content as PC gaming trends further and further towards MMO play.
There was a time, way back when, I thought that for all of the problems I had with MS's OS, I thought that their other divisions dealing with apps were pretty solid, especially when it came to games.
Take Age of Empires. Great game, decent single player, fun multi-player modes...best of all is that they didn't seem to have to patch it that much. One major patch, if I remember correctly (as well as some minor ones, but overall not that many). Flight simulator was the creme de la creme when it came to flight sims and set the bar awfully high.
Now it's all centered around the consoles and I just can't bring myself to get one. It baffles me that simultaneous releases don't happen, especially with MS property. And I saw the other day that Shadowrun is a Vista-only game, immediately ruling out that I will get it. Who can get all that excited about DX10 when all of their other software is filled with bloat?
On a side note, IANAP(I am not a programmer) so I don't know the ins and outs of what goes into making a game nor why people choose different APIs, but I'm wary about EVE online going to DX10 and the excitement they seem to have about it. I wish they would use something less proprietary so I wouldn't have to rely on the community to port their product to other platforms. Just seems like they shoot themselves in the foot by doing this.
The question is why we put up with it...that's the real question. Every time MS does this, we have to wait for them to get so many bug reports back, release SP1, roll out patches to fix what SP1 broke, keep patching until SP2 and faster hardware comes out.
I think that so many of us are sick of being snakebit by MS, having them tell us how great their OS is and then spending the next eight months trying to get used to it. I'm trying to think of something, anything that I couldn't have done on an XP (or even Win2k) box and I can't think of a one. However, I don't make the purchasing decisions. Ideally, in a user environment, I'd virtualize everyone or run them from a term server and call it a day.
Regardless, there are performance problems with Vista, and it's not all about Aero either. I seem to remember some fancy nonsensical arguments from MS about streaming audio not too long ago.
My company foisted Vista on me because we thought market penetration was going to be higher and we had to learn the system to support it. A "for the clients" thing, and being intrigued and seeing what we do is support IT for our clients, sounded like a good idea.
I think I'm going to have to go with the "abysmal failure" part of your essay. And this isn't on old hardware. Brand spanking new T60 Thinkpad stacked with RAM and video.
I have to say that Vista gives me more time in the morning...while I'm waiting for it to boot, never a problem with my XP box. At least I have time now to get coffee while the damn thing loads up after I log in. The general feeling in the office is to wipe the new laptops and put XP back on to it so we can get our functionality back.
So, I'm not speaking without experience. Networking was a pain, drivers were an issue, security was a pain, performance was terrible...and for what? A sidebar? New user interfaces and every system tool moved somewhere else? Gah, Vista is a dog.
Unfortunately, following your advice is impossible. The official WU program that is shipped with a Genuine Copy of Windows XP and Vista has been proved to be a Rogue Program by this episode. The only reliable protection appears to be, to disable Windows Update completely, and depend on the antivirus program to do a better job of protecting and securing the system.
*sigh* I'm not sure that AV companies want to bring the wrath from the beast from Redmond if they flag their update system as rogue software. If Windows updates its systems through WU, then that's how MS wants it done...unless you want to install everything manually or write a script for every patch that comes out.
I was indeed a sysadmin of a company that had just over 500 users, and as I remember, we initially had WSUS setup to do these updates over the network. After chaotic times, we got Symantec's antivirus program; and we disabled Auto Updates completely on every single desktop. Had I continued in that position, I think I'd have been Vice President - Enterprise Antivirus or something similar by now.
WSUS still uses the WU service for deploying the update...so I'm not really seeing the point of this, but keep reading.
This scenario is purely hypothetical, because the Auto Updates would be disabled, and the patches would be pre-aproved by Symantec, and deployed through THEIR PROGRAM, not Windows Update. I don't recall the name of this program though... it's been a while since I left.
There are a number of programs that do this, ZenWorks and Patchlink come to mind. Problem is still this. It makes little sense for AV companies to flag a major component of Windows as rogue software, especially when MS promotes WSUS 3.0 or SMS. Turning off WU will be the solution for some, but not for all. I would argue not even for most people, companies, etc. Most will want to use it's functionality.
The problem still lies with Microsoft for pushing a stealth update and not telling anyone. I still am not sure why AV companies would be culpable for this at all.
I think the best you can hope for this is an optional log file generated from the AV program. Why optional? Because anything that logs changes in system files is 1) going to eat away a tiny chunk of your CPU, which may not be a big deal, but 2) end up having a massive, bloated, quickly enlarging log file on your drive.
Ah yes, good point. But still moot as Windows Update would end up being on the trusted list almost immediately.
However, turning that around, Windows Update isn't on the blacklist. Why should it be logged as changing the files? Even AV programs that do heuristic scanning aren't really going to notice WU doing it's job.
If WU is a rogue program, your machine is compromised. Wipe and start over.
Just try to go with me on this and pretend your a system admin of about, oh, say a small-medium company of around 500 users. You have your brilliant AV that tells the user at every time any process or user (system or otherwise) tells you of updated system files. Well, get ready for the flood, because besides every update you want to push to your users, they call in and hammer your help desk for a week with calls about an alert that their "system files were changed" every patch Tuesday (if you do automatic updates) or every time that you need to push a critical update to the users. These ALWAYS affect system files. Not to mention that there are some system files that are altered every day. What then?
Well, what if you leave it up to the users to install your critical updates? Nope. They never do. The worst threat a sys-ad has is not from the outside, but it's what your users do...or don't do in a lot of cases. Casual users just do see the need to install an update because then they have to reboot, and God forbid if they do that.
MS was wrong by not publishing this update, for not allowing their users the choice to install or not install this update. But saying that AV companies are liable for what is clearly a MS problem is ridiculous. Again, this is MS's fault.
And how do you propose to do updates if the AV flags every system update? What MORE can the AV program do? Windows has chosen this way to update their files. The AV doesn't care if Windows Update tells the user if it's okay to install the program. All it cares about is that what is being done is happening with a trusted service by a trusted user.
As far as I remember, BITS had an exploit that was patched when discovered. Not saying that it can't have more or less, but how do you propose that updates get installed on Windows, because MS isn't giving you any options. What exactly are the AV companies supposed to do then? Stop WU from doing it's job? You'll have system admins going nuts because their scheduled roll-outs are being stopped by the AV program.
Ugh, I hate doing this...makes me sound like a MS apologist.
I know that BITS had some flaws, though I can't remember them right now...if you could provide info on that, it's appreciated.:-)
But BITS is essentially a downloading program where Windows Update is there to...update Windows. Updating system files is a part of it's M.O. (modus operandi, for those not in the know).
Monitoring system accounts and special accounts is the first job of any antivirus software. Viruses, worms and trojans run with full system access, not restricted user access.
If a virus or trojan has that access already, you're screwed anyway. Might as well wipe the box and start over. However, to get that access, they usually need an exploit or to run an executable to grant them that access.
I don't think you have a very good understanding of what a virus program is expected to do. If a system account isn't allowed the power to update system files, then why have it in the first place?
So, does an antivirus program run as a normal user process or system user process? If it is the latter, then how is it that the stealth update managed to escape attention??
And if antivirus s/w firms do not know systems programming, why do they exist at all? Looks like most anti-virus programs have been configured / patched NOT TO REPORT this particular stealth update... I cannot see any other logical explanation for this lapse
Like I mentioned, it seems that you have not ever been a Windows admin, nor have ever dealt with a large roll-out of a system patch.
Whether or not the AV program runs under a user process (highly unlikely) or a system process, it doesn't matter. You're ignoring what AV programs are looking for anyway. If a trusted process and service (windows update) run by a trusted user (SYSTEM), the chances that the AV program is even going to log such activity is doubtful. As far as the AV program is concerned, the service (Windows Update) is doing it's job...which in a way, it is. Windows Update has the control to change system files. No big secret there.
You seem to think that every time a system file gets updated by whatever process, that should be flagged and prevented. It's not some rogue program that is being run to update the files, it's the WU service that's on every single XP (and other MS OS's) machine out there.
Like I said, I'm not defending MS on this...no one I bitch about more. But to say that the AV companies have culpability on this, that's off the mark. A trusted Windows service did what it was built to do. Nothing to see here. Move along.
A dozen system files have been updated as part of this undocumented stealth update... and yet not a single antivirus software reported this. Why?
How do these antivirus programs know for sure that these updates were 'harmless' and 'normal behaviour'.
In light of this revelation, I think corporates must now take action against these antivirus firms for not preventing this breach. Let's see what Microsoft has to say to this 'harmless' update that allows users to 'know and be informed of further updates'. A Media Defender style expose' of internal communications on this issue would be very interesting indeed.
Updates are run under the system user process. If you had ever been a Windows admin, you'd know that there are all sorts of ways to hide updates and the like from users...which means that there's something in the process that MS can enable to hide it from their users. The reason no AV caught it is because it was using an update service already approved by the AV program and was running it under the already accepted system user.
I'm not saying that I approve of their actions, I don't. But just because an AV program didn't pick it up isn't surprising, nor should they have.
Seems to me that this is something the democrats like to do. They'll whine about this kind of thing for political points but then as soon as they have control of a situation, they'll use the threat of force and application of excessive force to deny civil liberties. This is not too surpising given their voting record on unconstitutional legislation to destroy civil liberties.
Wow, thanks for the stupidest comment I've heard all day. Now I know I can go the rest of the day and not hear anything as asinine as that...it's like the rest of my day is free!
Seriously, this was a police matter, not the dems in a back room saying "go get that guy". The real point that should be taken here is that tasers are used too often in situations where it's largely under control by the police who think they will not cause any harm to the perpetrator.
Just as a clarification, that's 200k on one continuous world. WoW is conveniently broken up into several servers to handle the load. A more apt comparison would be a universe (EVE) compared to a multiverse (WoW).
I'm pretty sure that WoW doesn't have 200k on just one server. They'd only need 40 servers then.
I don't think you've even played EVE, and that said, you need to play it to understand that this isn't just some regular MMO economy. It's not like the economy on WoW which is different server to server but largely predictable, especially with certain plugins to track some transactions during the day.
EVE has a very, very different player economy. It is almost entirely player driven. No NPCs to sell to, no standard items that you get for "questing".
Notice that this first report was on mining only. Mining and the minerals that are bought and sold are the ground base of a player economy. Without those materials, you can't build anything from the simplest frigate to the massive quantities you need for carriers. Not to mention individual components you need to equip on these ships as well.
Just because he didn't mention any "ISK farmers" (to use the correct terminology) doesn't mean they don't exist, but because EVE's skill system is so radically different from other MMOs, players can't really power-level anyway because all skills take time, not resources to develop. Because he focused on one vital component of the economy and showed a number of trends, showing the supply and demand needs of various areas of space, that was a huge step. You treat this as an "end-all/be-all" economic report. He's just scratching the surface.
The reason that this is such a focused report is because of the immense complexity of EVE as a single world economy, stretching dozens of systems with tens of thousands of players, all interacting, all selling, all buying...no help from an NPC that you can dump unwanted items somewhere.
Is that even relevant? You phone still associates with the nearest tower even if you're not talking. They could glean congestion data purely from that.
Yeah, see that's what happens when 1) people take me too seriously and 2) technical people look at the facts and get all "strokey-beard" on me and say "but it could work!"
I just thought it was funny that more cell phones==more traffic. And in other news, the sky is blue.
And I know it's two hours later, but I had to respond back on this. If we could get real-time stats on where there was a high collection of Motorola Razrs in local bars, that would be handy info of knowing where not to go because (as a poster pointed out and I'm going to steal) there's a high collection of assholes there.
Slashdot Mirror
I think some people with those nasty blinking red lights would prefer mediocre.
Sorry to throw a wrench in here, but the hard drive part has been misrepresented. Yes, she had it replaced, but it was after the investigation from MediaSentry had been concluded but before she got her letter from the RIAA saying what a naughty girl she's been.
Just for clarity. Oh, I know I'm late to the party but I do like all the facts in the clear. Having said that, the defense really didn't do anything here and it wasn't surprising she lost.
Are you surprised? I mean, where's our flying cars? Aren't we supposed to have those? And push-button jobs. And robotic maids.
Yeah, I'm going to have to disagree with you on a couple of points here.
Have you seen the offerings in the single rack of PC games they have? Most of it is not so good. Not a lot of PC titles coming out. I realize that there are different challenges for writing games for PC as the architecture of the hardware can be so varied where as the console you have set hardware requirements and no worries for compatibility. Maybe it's a problem of the industry concentrated to make games to take advantage of the technical capabilities of the platform rather than making them fun...I won't speculate (although I have ideas about that very theory). Still, stores like Gamespot are console centric.
And even though WoW has eight million subscribers and climbing, unless the broader PC game buying numbers go up, it's a localized phenomenon. I know a lot of people who play WoW and only WoW, never branching out to other games, nor even to other MMOs. Still, that isn't so bad as long as you have engaging games that provide new content as PC gaming trends further and further towards MMO play.
I digress. Bleah. I'll get off the soapbox now.
There was a time, way back when, I thought that for all of the problems I had with MS's OS, I thought that their other divisions dealing with apps were pretty solid, especially when it came to games.
Take Age of Empires. Great game, decent single player, fun multi-player modes...best of all is that they didn't seem to have to patch it that much. One major patch, if I remember correctly (as well as some minor ones, but overall not that many). Flight simulator was the creme de la creme when it came to flight sims and set the bar awfully high.
Now it's all centered around the consoles and I just can't bring myself to get one. It baffles me that simultaneous releases don't happen, especially with MS property. And I saw the other day that Shadowrun is a Vista-only game, immediately ruling out that I will get it. Who can get all that excited about DX10 when all of their other software is filled with bloat?
On a side note, IANAP(I am not a programmer) so I don't know the ins and outs of what goes into making a game nor why people choose different APIs, but I'm wary about EVE online going to DX10 and the excitement they seem to have about it. I wish they would use something less proprietary so I wouldn't have to rely on the community to port their product to other platforms. Just seems like they shoot themselves in the foot by doing this.
Oh I know, but I can't help piling on sometimes by bringing up BOB. It's a default punchline for me.
The question is why we put up with it...that's the real question. Every time MS does this, we have to wait for them to get so many bug reports back, release SP1, roll out patches to fix what SP1 broke, keep patching until SP2 and faster hardware comes out.
I think that so many of us are sick of being snakebit by MS, having them tell us how great their OS is and then spending the next eight months trying to get used to it. I'm trying to think of something, anything that I couldn't have done on an XP (or even Win2k) box and I can't think of a one. However, I don't make the purchasing decisions. Ideally, in a user environment, I'd virtualize everyone or run them from a term server and call it a day.
Regardless, there are performance problems with Vista, and it's not all about Aero either. I seem to remember some fancy nonsensical arguments from MS about streaming audio not too long ago.
My company foisted Vista on me because we thought market penetration was going to be higher and we had to learn the system to support it. A "for the clients" thing, and being intrigued and seeing what we do is support IT for our clients, sounded like a good idea.
I think I'm going to have to go with the "abysmal failure" part of your essay. And this isn't on old hardware. Brand spanking new T60 Thinkpad stacked with RAM and video.
I have to say that Vista gives me more time in the morning...while I'm waiting for it to boot, never a problem with my XP box. At least I have time now to get coffee while the damn thing loads up after I log in. The general feeling in the office is to wipe the new laptops and put XP back on to it so we can get our functionality back.
So, I'm not speaking without experience. Networking was a pain, drivers were an issue, security was a pain, performance was terrible...and for what? A sidebar? New user interfaces and every system tool moved somewhere else? Gah, Vista is a dog.
*cough*
Windows BOB
*sigh* I'm not sure that AV companies want to bring the wrath from the beast from Redmond if they flag their update system as rogue software. If Windows updates its systems through WU, then that's how MS wants it done...unless you want to install everything manually or write a script for every patch that comes out.
I was indeed a sysadmin of a company that had just over 500 users, and as I remember, we initially had WSUS setup to do these updates over the network. After chaotic times, we got Symantec's antivirus program; and we disabled Auto Updates completely on every single desktop. Had I continued in that position, I think I'd have been Vice President - Enterprise Antivirus or something similar by now.
WSUS still uses the WU service for deploying the update...so I'm not really seeing the point of this, but keep reading.
This scenario is purely hypothetical, because the Auto Updates would be disabled, and the patches would be pre-aproved by Symantec, and deployed through THEIR PROGRAM, not Windows Update. I don't recall the name of this program though... it's been a while since I left.
There are a number of programs that do this, ZenWorks and Patchlink come to mind. Problem is still this. It makes little sense for AV companies to flag a major component of Windows as rogue software, especially when MS promotes WSUS 3.0 or SMS. Turning off WU will be the solution for some, but not for all. I would argue not even for most people, companies, etc. Most will want to use it's functionality.
The problem still lies with Microsoft for pushing a stealth update and not telling anyone. I still am not sure why AV companies would be culpable for this at all.
I think we'll just have to agree to disagree.
I think the best you can hope for this is an optional log file generated from the AV program. Why optional? Because anything that logs changes in system files is 1) going to eat away a tiny chunk of your CPU, which may not be a big deal, but 2) end up having a massive, bloated, quickly enlarging log file on your drive.
Ah yes, good point. But still moot as Windows Update would end up being on the trusted list almost immediately.
However, turning that around, Windows Update isn't on the blacklist. Why should it be logged as changing the files? Even AV programs that do heuristic scanning aren't really going to notice WU doing it's job.
If WU is a rogue program, your machine is compromised. Wipe and start over.
Just try to go with me on this and pretend your a system admin of about, oh, say a small-medium company of around 500 users. You have your brilliant AV that tells the user at every time any process or user (system or otherwise) tells you of updated system files. Well, get ready for the flood, because besides every update you want to push to your users, they call in and hammer your help desk for a week with calls about an alert that their "system files were changed" every patch Tuesday (if you do automatic updates) or every time that you need to push a critical update to the users. These ALWAYS affect system files. Not to mention that there are some system files that are altered every day. What then?
Well, what if you leave it up to the users to install your critical updates? Nope. They never do. The worst threat a sys-ad has is not from the outside, but it's what your users do...or don't do in a lot of cases. Casual users just do see the need to install an update because then they have to reboot, and God forbid if they do that.
MS was wrong by not publishing this update, for not allowing their users the choice to install or not install this update. But saying that AV companies are liable for what is clearly a MS problem is ridiculous. Again, this is MS's fault.
And how do you propose to do updates if the AV flags every system update? What MORE can the AV program do? Windows has chosen this way to update their files. The AV doesn't care if Windows Update tells the user if it's okay to install the program. All it cares about is that what is being done is happening with a trusted service by a trusted user.
As far as I remember, BITS had an exploit that was patched when discovered. Not saying that it can't have more or less, but how do you propose that updates get installed on Windows, because MS isn't giving you any options. What exactly are the AV companies supposed to do then? Stop WU from doing it's job? You'll have system admins going nuts because their scheduled roll-outs are being stopped by the AV program.
Ugh, I hate doing this...makes me sound like a MS apologist.
I know that BITS had some flaws, though I can't remember them right now...if you could provide info on that, it's appreciated. :-)
But BITS is essentially a downloading program where Windows Update is there to...update Windows. Updating system files is a part of it's M.O. (modus operandi, for those not in the know).
If a virus or trojan has that access already, you're screwed anyway. Might as well wipe the box and start over. However, to get that access, they usually need an exploit or to run an executable to grant them that access.
I don't think you have a very good understanding of what a virus program is expected to do. If a system account isn't allowed the power to update system files, then why have it in the first place?
And if antivirus s/w firms do not know systems programming, why do they exist at all? Looks like most anti-virus programs have been configured / patched NOT TO REPORT this particular stealth update... I cannot see any other logical explanation for this lapse
Like I mentioned, it seems that you have not ever been a Windows admin, nor have ever dealt with a large roll-out of a system patch.
Whether or not the AV program runs under a user process (highly unlikely) or a system process, it doesn't matter. You're ignoring what AV programs are looking for anyway. If a trusted process and service (windows update) run by a trusted user (SYSTEM), the chances that the AV program is even going to log such activity is doubtful. As far as the AV program is concerned, the service (Windows Update) is doing it's job...which in a way, it is. Windows Update has the control to change system files. No big secret there.
You seem to think that every time a system file gets updated by whatever process, that should be flagged and prevented. It's not some rogue program that is being run to update the files, it's the WU service that's on every single XP (and other MS OS's) machine out there.
Like I said, I'm not defending MS on this...no one I bitch about more. But to say that the AV companies have culpability on this, that's off the mark. A trusted Windows service did what it was built to do. Nothing to see here. Move along.
How do these antivirus programs know for sure that these updates were 'harmless' and 'normal behaviour'.
In light of this revelation, I think corporates must now take action against these antivirus firms for not preventing this breach. Let's see what Microsoft has to say to this 'harmless' update that allows users to 'know and be informed of further updates'. A Media Defender style expose' of internal communications on this issue would be very interesting indeed.
Updates are run under the system user process. If you had ever been a Windows admin, you'd know that there are all sorts of ways to hide updates and the like from users...which means that there's something in the process that MS can enable to hide it from their users. The reason no AV caught it is because it was using an update service already approved by the AV program and was running it under the already accepted system user.
I'm not saying that I approve of their actions, I don't. But just because an AV program didn't pick it up isn't surprising, nor should they have.
I hope one of their goals is to get bigger tubes for this new "inter-web" thing.
I hear it could be big.
Somebody tell Darl. Apparently somebody still uses Unix.
Wow, thanks for the stupidest comment I've heard all day. Now I know I can go the rest of the day and not hear anything as asinine as that...it's like the rest of my day is free!
Seriously, this was a police matter, not the dems in a back room saying "go get that guy". The real point that should be taken here is that tasers are used too often in situations where it's largely under control by the police who think they will not cause any harm to the perpetrator.
Just as a clarification, that's 200k on one continuous world. WoW is conveniently broken up into several servers to handle the load. A more apt comparison would be a universe (EVE) compared to a multiverse (WoW).
I'm pretty sure that WoW doesn't have 200k on just one server. They'd only need 40 servers then.
I don't think you've even played EVE, and that said, you need to play it to understand that this isn't just some regular MMO economy. It's not like the economy on WoW which is different server to server but largely predictable, especially with certain plugins to track some transactions during the day.
EVE has a very, very different player economy. It is almost entirely player driven. No NPCs to sell to, no standard items that you get for "questing".
Notice that this first report was on mining only. Mining and the minerals that are bought and sold are the ground base of a player economy. Without those materials, you can't build anything from the simplest frigate to the massive quantities you need for carriers. Not to mention individual components you need to equip on these ships as well.
Just because he didn't mention any "ISK farmers" (to use the correct terminology) doesn't mean they don't exist, but because EVE's skill system is so radically different from other MMOs, players can't really power-level anyway because all skills take time, not resources to develop. Because he focused on one vital component of the economy and showed a number of trends, showing the supply and demand needs of various areas of space, that was a huge step. You treat this as an "end-all/be-all" economic report. He's just scratching the surface.
The reason that this is such a focused report is because of the immense complexity of EVE as a single world economy, stretching dozens of systems with tens of thousands of players, all interacting, all selling, all buying...no help from an NPC that you can dump unwanted items somewhere.
Talk about clueless.
Yeah, see that's what happens when 1) people take me too seriously and 2) technical people look at the facts and get all "strokey-beard" on me and say "but it could work!"
I just thought it was funny that more cell phones==more traffic. And in other news, the sky is blue.
And I know it's two hours later, but I had to respond back on this. If we could get real-time stats on where there was a high collection of Motorola Razrs in local bars, that would be handy info of knowing where not to go because (as a poster pointed out and I'm going to steal) there's a high collection of assholes there.
...shut up and drive?
Just a thought.