If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Microsoft to force Windows updates?
Excerpts from Ed Foster's Gripelog - =================== It's a depressing irony, but the creep who wrote the Blaster worm may very well have done Microsoft a tremendous favor. After all, what better argument could the folks in Redmond have been handed to do what they've always wanted to do - namely, force users to accept automatic Windows updates. Earlier this week, the Washington Post quoted Mike Nash, Microsoft corporate vice president, as saying the company is "looking very seriously" at requiring at least home users to have their operating system automatically updated when Microsoft sends out a fix. Another Microsoft security official was quoted as saying that having home and small business users automatically receive and install software fixes "would help the safety of a lot more customers." As the Blaster worm demonstrated, what Microsoft is saying is quite true. Security would most certainly be enhanced if everyone automatically received the fix when one is available for a known security hole. But at what cost? Even if Microsoft's motives were as pure as the driven snow, one price that would be paid comes from the tendency of Windows updates to break things. Windows is simply not a robust platform, and it has the added vulnerability of being used in a multitude of diverse environments filled with ill-behaved applications and devices. Few business users choose to install Windows updates now without carefully testing them first, and the prospect of Microsoft making changes to the OS on its own would cause a rebellion. No doubt that's why Microsoft officials for the time being are only talking about forcing home users and small businesses to get automatic updates. What could be an even bigger price tag on automatic updates is the fact that you'd get them whatever Microsoft's motives are in sending them out. Given the ability to make changes to the software whenever they please, would Microsoft restrict themselves to only providing critical security updates? I don't think so, and Microsoft's biggest fans probably wouldn't either. Remember, from the day XP was introduced, the Microsoft's license agreements have given it the right to make automatic updates to the operating system. So far, Microsoft has kept Windows Updates voluntary, but Redmond lawyers were planning long ago for the day it wouldn't be. Remember also that the type of automatic downloads the EULA language usually refers to are updates of DRM (Digital Rights Management, or Digital Restrictions Management, depending on your point of view) modules in the OS. The ability to instantly put copy protection on any Windows system whenever it wants would be a dream come true for Microsoft. Not only could Microsoft then function as the restrictions manager for its own software, but for other software companies and eventually perhaps even the movie and recording industries as well. Automatic Windows updates could therefore lead to all manner of usage restrictions on a variety of product and services. As we've all learned from the war on terrorism, security is a funny thing. The dangers in not having enough security are all too real, but there are also dangers in letting the need for security overrule all else. The terrorist who sent out the Blaster worm might have thought it would harm Microsoft, but its real victims are Windows users who will have to choose between too much security and too little. |
#2
|
|||
|
|||
One thing you fail to note. Since this is about security ....
If my OS vendor can change my system at will -- so can anyone else who chooses to pose as my OS vendor. Wonderful security there ... Steve wrote: Excerpts from Ed Foster's Gripelog - =================== It's a depressing irony, but the creep who wrote the Blaster worm may very well have done Microsoft a tremendous favor. After all, what better argument could the folks in Redmond have been handed to do what they've always wanted to do - namely, force users to accept automatic Windows updates. Earlier this week, the Washington Post quoted Mike Nash, Microsoft corporate vice president, as saying the company is "looking very seriously" at requiring at least home users to have their operating system automatically updated when Microsoft sends out a fix. Another Microsoft security official was quoted as saying that having home and small business users automatically receive and install software fixes "would help the safety of a lot more customers." As the Blaster worm demonstrated, what Microsoft is saying is quite true. Security would most certainly be enhanced if everyone automatically received the fix when one is available for a known security hole. But at what cost? Even if Microsoft's motives were as pure as the driven snow, one price that would be paid comes from the tendency of Windows updates to break things. Windows is simply not a robust platform, and it has the added vulnerability of being used in a multitude of diverse environments filled with ill-behaved applications and devices. Few business users choose to install Windows updates now without carefully testing them first, and the prospect of Microsoft making changes to the OS on its own would cause a rebellion. No doubt that's why Microsoft officials for the time being are only talking about forcing home users and small businesses to get automatic updates. What could be an even bigger price tag on automatic updates is the fact that you'd get them whatever Microsoft's motives are in sending them out. Given the ability to make changes to the software whenever they please, would Microsoft restrict themselves to only providing critical security updates? I don't think so, and Microsoft's biggest fans probably wouldn't either. Remember, from the day XP was introduced, the Microsoft's license agreements have given it the right to make automatic updates to the operating system. So far, Microsoft has kept Windows Updates voluntary, but Redmond lawyers were planning long ago for the day it wouldn't be. Remember also that the type of automatic downloads the EULA language usually refers to are updates of DRM (Digital Rights Management, or Digital Restrictions Management, depending on your point of view) modules in the OS. The ability to instantly put copy protection on any Windows system whenever it wants would be a dream come true for Microsoft. Not only could Microsoft then function as the restrictions manager for its own software, but for other software companies and eventually perhaps even the movie and recording industries as well. Automatic Windows updates could therefore lead to all manner of usage restrictions on a variety of product and services. As we've all learned from the war on terrorism, security is a funny thing. The dangers in not having enough security are all too real, but there are also dangers in letting the need for security overrule all else. The terrorist who sent out the Blaster worm might have thought it would harm Microsoft, but its real victims are Windows users who will have to choose between too much security and too little. |
#3
|
|||
|
|||
....and those that didn't install the Security/Critical updates - =
automatically or manually when offered - have now found themselves in = deep doo-doo. Luckily some of the MS-MVPs - too many to mention - have = managed to help these poor unfortunates. MS don't make updates = available just for the sheer Hell of it - not like your posting. I'm = still trying to find a sensible question in it - or is it a general dig = at MS - as a lot of postings ATM are - the posters not really knowing = the 'ins and outs' of a specific problem. Will "Steve" wrote in message = ... =20 Excerpts from Ed Foster's Gripelog - =20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D =20 It's a depressing irony, but the creep who wrote the Blaster worm may very well have done Microsoft a tremendous favor. After all, what better argument could the folks in Redmond have been handed to do what they've always wanted to do - namely, force users to accept automatic Windows updates. =20 =20 Earlier this week, the Washington Post quoted Mike Nash, Microsoft corporate vice president, as saying the company is "looking very seriously" at requiring at least home users to have their operating system automatically updated when Microsoft sends out a fix. Another Microsoft security official was quoted as saying that having home and small business users automatically receive and install software fixes "would help the safety of a lot more customers." =20 =20 As the Blaster worm demonstrated, what Microsoft is saying is quite true. Security would most certainly be enhanced if everyone automatically received the fix when one is available for a known security hole. But at what cost? =20 =20 Even if Microsoft's motives were as pure as the driven snow, one price that would be paid comes from the tendency of Windows updates to break things. Windows is simply not a robust platform, and it has the added vulnerability of being used in a multitude of diverse environments filled with ill-behaved applications and devices.=20 =20 Few business users choose to install Windows updates now without carefully testing them first, and the prospect of Microsoft making changes to the OS on its own would cause a rebellion. No doubt that's why Microsoft officials for the time being are only talking about forcing home users and small businesses to get automatic updates. =20 =20 What could be an even bigger price tag on automatic updates is the fact that you'd get them whatever Microsoft's motives are in sending them out. Given the ability to make changes to the software whenever they please, would Microsoft restrict themselves to only providing critical security updates? I don't think so, and Microsoft's biggest fans probably wouldn't either.=20 =20 Remember, from the day XP was introduced, the Microsoft's license agreements have given it the right to make automatic updates to the operating system. So far, Microsoft has kept Windows Updates voluntary, but Redmond lawyers were planning long ago for the day it wouldn't be. =20 =20 Remember also that the type of automatic downloads the EULA language usually refers to are updates of DRM (Digital Rights Management, or Digital Restrictions Management, depending on your point of view) modules in the OS. The ability to instantly put copy protection on any Windows system whenever it wants would be a dream come true for Microsoft. Not only could Microsoft then function as the restrictions manager for its own software, but for other software companies and eventually perhaps even the movie and recording industries as well. Automatic Windows updates could therefore lead to all manner of usage restrictions on a variety of product and services. =20 =20 As we've all learned from the war on terrorism, security is a funny thing. The dangers in not having enough security are all too real, but there are also dangers in letting the need for security overrule all else. The terrorist who sent out the Blaster worm might have thought it would harm Microsoft, but its real victims are Windows users who will have to choose between too much security and too little. =20 =20 =20 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/2003 |
#4
|
|||
|
|||
A properly firewalled computer in combination with a good ant-virus and a
lot of common sense, is not in dire need of updates. Testy "Will Denny" wrote in message ... ....and those that didn't install the Security/Critical updates - automatically or manually when offered - have now found themselves in deep doo-doo. Luckily some of the MS-MVPs - too many to mention - have managed to help these poor unfortunates. MS don't make updates available just for the sheer Hell of it - not like your posting. I'm still trying to find a sensible question in it - or is it a general dig at MS - as a lot of postings ATM are - the posters not really knowing the 'ins and outs' of a specific problem. Will --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003 |
#5
|
|||
|
|||
They already have an autoupdate program that keeps you updated.
WAKE UP! "Steve" wrote in message ... Excerpts from Ed Foster's Gripelog - =================== It's a depressing irony, but the creep who wrote the Blaster worm may very well have done Microsoft a tremendous favor. After all, what better argument could the folks in Redmond have been handed to do what they've always wanted to do - namely, force users to accept automatic Windows updates. Earlier this week, the Washington Post quoted Mike Nash, Microsoft corporate vice president, as saying the company is "looking very seriously" at requiring at least home users to have their operating system automatically updated when Microsoft sends out a fix. Another Microsoft security official was quoted as saying that having home and small business users automatically receive and install software fixes "would help the safety of a lot more customers." As the Blaster worm demonstrated, what Microsoft is saying is quite true. Security would most certainly be enhanced if everyone automatically received the fix when one is available for a known security hole. But at what cost? Even if Microsoft's motives were as pure as the driven snow, one price that would be paid comes from the tendency of Windows updates to break things. Windows is simply not a robust platform, and it has the added vulnerability of being used in a multitude of diverse environments filled with ill-behaved applications and devices. Few business users choose to install Windows updates now without carefully testing them first, and the prospect of Microsoft making changes to the OS on its own would cause a rebellion. No doubt that's why Microsoft officials for the time being are only talking about forcing home users and small businesses to get automatic updates. What could be an even bigger price tag on automatic updates is the fact that you'd get them whatever Microsoft's motives are in sending them out. Given the ability to make changes to the software whenever they please, would Microsoft restrict themselves to only providing critical security updates? I don't think so, and Microsoft's biggest fans probably wouldn't either. Remember, from the day XP was introduced, the Microsoft's license agreements have given it the right to make automatic updates to the operating system. So far, Microsoft has kept Windows Updates voluntary, but Redmond lawyers were planning long ago for the day it wouldn't be. Remember also that the type of automatic downloads the EULA language usually refers to are updates of DRM (Digital Rights Management, or Digital Restrictions Management, depending on your point of view) modules in the OS. The ability to instantly put copy protection on any Windows system whenever it wants would be a dream come true for Microsoft. Not only could Microsoft then function as the restrictions manager for its own software, but for other software companies and eventually perhaps even the movie and recording industries as well. Automatic Windows updates could therefore lead to all manner of usage restrictions on a variety of product and services. As we've all learned from the war on terrorism, security is a funny thing. The dangers in not having enough security are all too real, but there are also dangers in letting the need for security overrule all else. The terrorist who sent out the Blaster worm might have thought it would harm Microsoft, but its real victims are Windows users who will have to choose between too much security and too little. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003 |
#6
|
|||
|
|||
"Testy" wrote:
A properly firewalled computer in combination with a good ant-virus and a lot of common sense, is not in dire need of updates. Thing is, the people most likely to have properly firewalled computers with good antivirus protection, and who have good common sense in their computing practices, are also those that, if they use Windows, are most likely to keep their Windows security/critical updates up-to-date. The facts of life are that each time something like msblaster jumps off, we find the internet hampered by virus-driven traffic because thousands upon thousands of machines, run by people who should certainly know better [IOW, not just your Grand-Uncle Ben nor your Great-Aunt Mary, who barely know how to turn their computer on], *don't* use protective measures like proper firewalls, up-to-date virus protection, or taking advantage of MS-provided patches. I have found that, after a high-degree of initial skepticism and careful toe-dipping, that using the Auto-update feature of WinXPPro, properly configured to ask permission both before downloading and then before installing, to keep current with critical/security updates is neither sinister, intrusive, nor privacy-compromising. For reasons of my own, I have not chosen to, nor has auto-update tried to foist on me, install XP SP1. However, MS has, separately, issued every critical/security update that was included in SP1. IOW, I've gotten the crucial stuff without having to deal with fluff before I'm ready to. OJ III |
#7
|
|||
|
|||
"Testy" wrote in news:OJt6jAMaDHA.2344
@TK2MSFTNGP09.phx.gbl: A properly firewalled computer in combination with a good ant-virus and a lot of common sense, is not in dire need of updates. Testy Absolutely correct and the real issue of the blaster worm was simply that. Port 135 (RPC) certainly isn't needed nor desired for use in a corporate environment anyway so why did so many IT managers leave it open? The bulk of home users who got hit by it were newbies or simply unaware of how their system was configured. I don't use automatic updates but I do keep my system up to date. I would rather have something break on my network and spend a day or two fixing it than spending a week trying find and flush an infection. I run a firewall in full stealth mode that is intelligent enough to let my users and me use the services we connect with and reject everything else, I'm not talking about ZoneAlarm either, I use a Linux system as the Firewall between myself and the Internet. Common sense is the most important aspect to good security. --Shaun |
#8
|
|||
|
|||
Ogden Johnson III wrote:
The facts of life are that each time something like msblaster jumps off, we find the internet hampered by virus-driven traffic because thousands upon thousands of machines, run by people who should certainly know better [IOW, not just your Grand-Uncle Ben nor your Great-Aunt Mary, who barely know how to turn their computer on], *don't* use protective measures like proper firewalls, up-to-date virus protection, or taking advantage of MS-provided patches. I agree with you about AV and firewalls. But there's a legitimate question about the risk/reward ratio in downloading MS patches which have caused numerous problems in the past. And there are certainly issues involved in force-feeding patches... |
#9
|
|||
|
|||
Greetings --
Personally, I prefer John Dvorak's solution: require all computer owners to get a license. http://www.pcmag.com/article2/0,4149,1224343,00.asp Bruce Chambers -- Help us help you: http://dts-l.org/goodpost.htm http://www.catb.org/~esr/faqs/smart-questions.html You can have peace. Or you can have freedom. Don't ever count on having both at once. -- RAH "Steve" wrote in message ... Excerpts from Ed Foster's Gripelog - Snipped.... |
#10
|
|||
|
|||
"Steve" wrote in message ...
Ogden Johnson III wrote: The facts of life are that each time something like msblaster jumps off, we find the internet hampered by virus-driven traffic because thousands upon thousands of machines, run by people who should certainly know better [IOW, not just your Grand-Uncle Ben nor your Great-Aunt Mary, who barely know how to turn their computer on], *don't* use protective measures like proper firewalls, up-to-date virus protection, or taking advantage of MS-provided patches. I agree with you about AV and firewalls. But there's a legitimate question about the risk/reward ratio in downloading MS patches which have caused numerous problems in the past. And there are certainly issues involved in force-feeding patches... I spent 4+ years migrating companies from Netware to Windows NT4 and Win2K, and now in the past three years most of my jobs have been migrating companies from NT4/2K to Linux, BSD and other *nix flavors. Seems corporate America has finally had enough of the Gates/Ballmer merry-go-round: constant security problems, forced software audits, service packs that haven't been properly tested, trying to keep their IT staffs trained on a half-dozen Windows versions, etc etc. From what I can see, at least for business/server use the trend is away from MS and towards open source software. IMO it's a healthy switch. Rick |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Game freezes system - possible ATI issue? | Blaedmon | Ati Videocards | 1 | February 12th 05 05:20 PM |
Still no gameplay. Could this be the problem? | Ferrante | Nvidia Videocards | 14 | December 16th 04 12:38 AM |
help! NVIDIA GeForce2 M changes my settings... | Serial # 19781010 | Nvidia Videocards | 1 | September 13th 04 09:14 PM |
help! NVIDIA GeForce2 MX 100/200 changes my settings... | Serial # 19781010 | Nvidia Videocards | 1 | September 7th 04 05:32 AM |
Bad ECDC update? | Mike S. | Cdr | 0 | November 7th 03 03:59 PM |