how-to block ads
|
|
Uniqs:
22266 |
Share Topic
 |
 |
|
| reply to OZO
Re: People with fake keys can't protect from Sasser! Let's see...let's program a POS OS, that's so vulnerable a new worm practically comes out everyday, throw in Billions of lines of code, and then release a firewall change to fix the poor security of the OS.
Here's the deal: The worm IS Microsoft's problem. But unfortunately, when you install the OS, you have to agree to their license, which removes them from any and all responsibility of your use of their poorly written software; including, but not limited to: theft, loss, and corruption of your data (ie, your credit card numbers that were stolen because you were using MS's Passport on an OS that was easily hijacked).
So.... no, technically from a legal perspective they shouldn't have to give out patches to pirated versions; however, if they would have done a better job in the first place, the legitimate people, corps., and entities wouldn't have to waste valuable time and wouldn't lose billions patching and securing their networks from yet another Microsoft vulnerability. In a sense, the legitimate users are indirectly paying for the piracy out there, considering MS has no liability due to a faulty product and a forced license that is unalterable. I.e. No legal action can be taken against MS for damages resulting from their defective product's vulnerability due to the unalterable license agreement that must be agreed to prior to installing the software.
Consider the car example above... If BMW sold you a car, but forced you to agree to release them from all liability regarding any and all defective parts before you purchased / leased the car, and then the defective parts caused your death, would BMW be responsible? But you waived them from any and all responsibility...you had no other choice...
On a micro scale, Microsoft isn't responsible. On a macro scale, its pretty much all their fault.
Don't agree that MS OSes are POS for security?
Have you ever heard of a virus for Unix?
Nope, neither have I.
'Nuff Said!
-Jimmy Hambone | |
| Re: People with fake keys can't protect from Sasse I've heard of Unix viruses...
»www.viruslibrary.com/virusinfo/U···uses.htm
With being the most popular operating system you also become the biggest target, why write a worm or hack another operating system that affects 5% when you can affect 95% of the computer population?
I would be willing to bet if Linux was the dominate operating system like Windows is now, we'd be hearing a lot more vulnerabilities in Linux than Windows. Manufacturers can only secure their products so much, and at least we do not have to download a WHOLE new operating system when a security fix comes out in Linux.
The worm IS NOT Microsoft's problem, they clearly released a patch and because people were too lazy they did not patch their machines like they were supposed to. Ultimately the End user failed, not microsoft.
If I hear one more person spew about how they have to use microsoft products, it is 100% bull..you have plenty of other options if MICROSOFT REALLY bothers you that much you'd make the switch.
--
"Its better to look stupid for 5 minutes and ask a question, than to be stupid for the rest of your life."4g63.20m.com (textsource.org) | | |
|
ghost16825Use security metricsPremium
join:2003-08-26 | reply to paranoidxe
Re: People with fake keys can't protect from Sasse said by paranoidxe:
With being the most popular operating system you also become the biggest target
Keep telling yourself that this is the main reason why Windows has so many viruses and eventually you will believe it.
I was going to quote a whole heap of other garbage you said and point out the absurdity of it all but it just would take too much of my time.
Anyway here's where this thread has headed so far:
You can't get patches if you've got fake keys ->
Why should you, you didn't pay ->
..but I can sue the manufacturer if I steal a car and it has a fatal flaw ->
Why bother, why not get a firewall ->
I would rather have those PCs patched than have them unsecure and be attacked by them when they get infected ->
Why can't Microsoft just disable the fake keys ->
..but I bought the OEM version. What about me? ->
It's Microsoft fault for having produced such rubbish in the first place ->
And lastly: Microsoft can't help it if they've got the most popular operating system. That's the main reason why there's so many security issues. It's the user's fault for expecting their OS to actually not be needing critical updates on a daily basis. If you don't like Windows use something else.
On that last post I'd just like to add:
What are you waiting for, that's what »All Things Unix is for!
Oh, and yes...what was the topic again? | |
| reply to blacksurfer
Re: People with fake keys can't protect from Sasser! »computertimes.asia1.com.sg/news/···,00.html
Security for all
Microsoft has decided to make its Service Pack 2 patch available to users of all Windows XP versions - licensed and pirated.
By Chua Hian Hou
May 5, 2004
Both legitimate and unlicensed users of Microsoft's XP operating system software will be able to download the Service Pack 2 security patch for free
Microsoft's increasing concern over information security has translated into its decision to bite the bullet and make its upcoming SP2 (Service Pack 2) security patch available to all users - including those using pirated copies of its Windows XP software.
"We haven't explicitly done anything to SP2 to exclude it from pirated copies," said Microsoft group product manager Barry Goffe. The United States-based executive was interviewed via telephone.
This is unlike SP1 (Service Pack 1), which had features to prevent users with pirated copies from downloading it. In SP2's case, the mammoth 80MB to 250MB patch can be downloaded and installed on computers running both legitimate and pirated copies.
Users can also request a free CD copy of SP2, although shipping charges could apply, something which the company has yet to finalise, said Mr Goffe.
"It was a tough choice, but we finally decided that even if someone has pirated copy of Windows, it is more important to keep him safe than it is to be concerned about the revenue issue," he added.
He admitted, however, that it is more than altruism that helped Microsoft come to this decision.
"Having these unsecured users means bigger worm and virus outbreaks - which also impacts the Internet and consequently, our legitimate users as well."
The most visible changes SP2 will introduce to XP is the new Windows Firewall, a renamed, upgraded version of the ICF (Internet Connection Firewall) firewall system that shipped with the original Windows XP, and the new aggressive attitude towards security updates and controls.
Unlike ICF, Windows Firewall is turned on by default, and automatically locks up ports like DCOM (Distributed Component Object Model) popular among worm-writers.
New technology allows it to dynamically open and close ports on demand. For example, when an approved online gaming application is given permission to send or receive data over the Net, the port is opened for it, and when the application shuts down, the port is closed.
"We wanted a firewall good enough for most consumers' needs, and we believe Windows Firewall is it," said Mr Goffe.
SP2 will also make XP more aggressive towards sloppy users. For example, features like the automatic patch updating feature or Windows Firewall will no longer go away quietly if ignored, and will continue to pester users to download new patches periodically. To balance this, the company is working on coming up with more user-friendly warnings and reports of any suspicious activities that occur.
Besides these two changes, there are many other under-the-hood security features aimed at "stopping malicious code like worms, phishing attacks like websites that hijack web browsers to trick users into giving out personal information, and improving security against the buffer overrun attacks favoured by virus-writers," said Mr Goffe.
Other than security-related upgrades, SP2 also introduces a much-awaited anti-pop-up ad feature, and is integrated with the Internet Explorer Web browser to allow users to stop pop-ups that the user did not explicitly request.
The service pack is scheduled for a "first half of 2004" launch date, and the company is currently testing its first release candidate or RC1. There is expected to be at least another release candidate tested before the actual patch release.
Meanwhile, Mr Goffe noted that pirate users should not assume that the change of heart in SP2 means that Microsoft is going soft on piracy.
"We have and are developing new technologies to combat piracy for our software, but for SP2 we'll make one exception."
--
DirecWay DRS 4.0.3.9, Satmex 5 1250 Gateway 66.82.24.17 Host Asus P4T 1.9 640k Ram,Nvidia Ti4200 128mb ,WinXP Pro. Two clients on a wired, and wireless network.I love Norton Ghost! | |
 BubbaGIT-R-DONEPremium,MVM
join:2002-08-19
St. Andrews
 ·DIRECTV
 ·Pickwick Cablevi..
·Comcast
| reply to blacksurfer
said by blacksurfer:
Should Microsoft allows any computer with any keys to update, solely to help stop the spreading of this virus?
Nope....but they'll be damned if they do and damned if they don't. It's simply a lose, lose situation for them and as a company they have\had to make some decisions concerning the continued proliferation of illegal software. I as a legal user can simply keep my software as current as possible while the battle is being fought and Kudos to MS for the stand they have taken. If it takes dropping code on illegal installs of pirated software to make it unusable or unable to traverse the WWW....SFW ! | |
| reply to blacksurfer
Why would I want spend $190 on an OS broken right out of the box? The reason people pirate XP is because nobody thinks that it is a reliable OS anyway, but it is the only OS out there. I think that software makers are purposely making software incomplete (I've had this problem with previous versions of Eascy CDCreator) for sale JUST so that people HAVE TO register and patch the product.
I already bought windows 95 years ago, I'm not paying $190 for a patch to it. Paying MS for product patches encourages them to guess what?......Have more product patches! | |
| said by dadawg001:
I already bought windows 95 years ago, I'm not paying $190 for a patch to it.
Hell no.
I bought some pants also 10 years ago and they don't fit me any more. But instead of patching them I went and bought me some new pants. They are waaay better. Same with the OS.
I think MS did the right thing. After all, it was about collateral damage and legit OS users being caught in the crossfire of a myriad of unpatched and exposed XPs.
--
From the GSV "Ethics Gradient" | |
 2kmaroThinkPremium,ExMod 1 BC
join:2000-07-11
ColossalCave
1 edit | reply to blacksurfer
I think we've pretty much covered all the bases - and arguments. Another classic case of "we must agree to disagree".
Especially since Microsoft seems to have settled the argument for us:
»Patching Pirates
--
Good judgment comes from experience, and experience comes from bad judgment. Barry LePatner | |
|
