dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
24233
share rss forum feed

blacksurfer

join:2002-07-14
Sherman Oaks, CA

People with fake keys can't protect from Sasser!

One reason why this Sasser virus is spreading fast is because there are many thousands, if not hundreds of thousands of people online with the fake FCK WindowsXP key using pirated software. Microsoft is not allowing these users to update their computers with the latest patches. This is exacerating the problem. Should Microsoft allows any computer with any keys to update, solely to help stop the spreading of this virus?


vic102482
Premium
join:2002-04-30
Upper Marlboro, MD

Yes they should. That is a very stpuid move by microsoft. People are going to use pirated software reguardless. Microsoft should be blamed for those that cannot patch their system due to stolen keys. yes stealing software is wrong, but so is my internet connection being punished because my next door neghbor decides to steal software.
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!



Hot_Rats
He's Not Tor Johnson

join:2003-07-08
Indianapolis, IN
reply to blacksurfer

Re: People with fake keys can't protect from Sasse

I'd have to say no.

For one thing, it's a good reason to "go legit with XP, or go back to what you what you *were* running" and could boost sales.

Given that there have been workarounds to this for like 2 years or something these people must be pretty clueless about computers in general and should probably buy a Dell with a retail copy of XP so that they can have some guy walk them through Windows Update in broken English. If they can't afford Windows or aren't resourceful enough to figure out how to get around this, then they could go buy a copy of Lindows or download Fedora or Mandrake or something, which comes with the added bonus of being able to feign superiority over Windows users.

Microsoft prohibits you from updating to Service Pack 1 with that key (let alone the recent updates, of which I have no clue), and they do so for a reason... exactly the reason that you describe, i.e. pirates have no remedy to avoid infection. Maybe their guilt over spreading an infection around the 'Net will serve in place of the guilt they should feel for pirating XP in the first place and serve as the impetus for change.
--
"I'm downloading with a 56k modem. Can you give me step by step instructions on how to install x86 Solaris?? Please reply back. Thanks."



gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1

3 recommendations

reply to blacksurfer

Re: People with fake keys can't protect from Sasser!

Why?

If someone's running unpatchable software, let them be responsible for making it "hygenic."

Stealing an OS isn't right, and expecting support for a stolen OS isn't right, either. If someone had the coniving skill to activate the OS without a legal key of their own, then they can demonstrate their "mad skilz" by patching it without MS' help; it's a simple firewalling trick. They can hopefully find some "serialz" for some hot firewalling software and protect themselves.

If I steal a gun, and it happens to have been defective, why should you (the victim) have to provide me with the spare parts I need to make it safe and workable? I have a far better idea, same as I've proposed several times. If someone's causing chronic network disruptions because of an infected system they're not addressing, notify them; if they don't patch it or contain the malicious traffic on their own LAN within X days, terminate their connection until they do.

And if that leaves the folks with stolen copies of windows all sitting around without an internet connection, or having to actually buy a key for their OS to use the OS? Tough; I pay for this stuff, they can, too.

Which may explain why my reply in this regard focuses on mitigating the threat to others; as far as the pirated OS user, well... they decided to use a stolen OS; whatever problems they have with it because MS now won't support it are their miseries, and my non-events, unless and until they go out looking for the company misery loves, and cause a problem for others... then, they can simply be isolated and terminated until they can figure out a quick fix on their own. ...not that I'm leading or anything, but ... ahh, well, like buying a supported copy of the OS, perhaps?
--
Semper Eadem

Dyma hi ei gwisg yn disgleirio yn llawn o aur
Ei golwg mor dlws ei hud yn ymestyn wi afael yn gryf
"Pwy yr wyt? Pwy yr wyt?
Paid am gadael aros i mi"



bluebaron2
Stuff Happens
Premium,Mod
join:2001-02-01
North of 44
Reviews:
·Xplornet

1 recommendation

reply to blacksurfer

Let me get this straight, If a thief breaks into your house and steals a bat, then goes over to your neighbours house and smashes up his car...it's your fault not the thief's?

If you steal, bad things should happen to you, if the results of your stealing cause harm to others then it's you who should be punished. It's a pretty simple paradigm.
--
bb2
Since I've given up hope I feel much better.



FutureMon
Ach Du Lieber
Premium,ExMod 2002-05
join:2000-10-05
Seaside, CA
Reviews:
·Suddenlink

1 edit

2 recommendations

reply to vic102482

said by vic102482:
Microsoft should be blamed for those that cannot patch their system due to stolen keys.
Say that out loud and tell me if it just doesn't come off totally wrong.

It's like saying BMW should be held liable because I had an engine problem due to poor maintenance which caused me to crash in the BMW I stole from someone.

Yes I know that a home invasion robber can sue the homeowner for stubbing his toe while trying to get away. In this country anone can be held liable for anything if they're lucky enough in court, but that does not mean it is right.

Theoretically, if everyone with legal software is able to properly patch, then the only people really suffering are the pirates who can't. You're never going to get rid of the traffic generated by the baddies, but as long as they stop at your front door they're not much different than any other types of network traffic generated on a daily basis.

- FM
--
DCExec Member, Member of 'StarFire Seven' & Undisputed BBR Karaoke Champion!


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3

1 recommendation

reply to blacksurfer

I would disagree and ask why Microsoft should support users who didn't buy the product? I'm not sure how your internet connection is being punished because of your neighbor, but is that really Microsoft's fault or your neighbor's fault?

Pirating software is never going to go away, and it is having a negative effect on the software industry as your choices for software have decreased over the last couple of years as smaller development shops have been pushed out of industry. These companies tended to operate in areas where margins were not that big and piracy has had a significant impact on their sustainability (they have gone broke and out of business, which in itself is an indication that software costs money to develop). Software isn't free to develop and certainly isn't free to support, so why should someone who has pirated software feel entitled to support?

Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel


psloss
Premium
join:2002-02-24
Lebanon, KS

2 recommendations

reply to blacksurfer

Re: People with fake keys can't protect from Sasse

Unless Microsoft can disable XP's built-in firewall on pirated copies, those can protect themselves from worms like Sasser by using it.

Philip Sloss
--
Feedback? e-mail: stuff@lupwa.org


vic102482
Premium
join:2002-04-30
Upper Marlboro, MD

1 edit
reply to FutureMon

Re: People with fake keys can't protect from Sasser!

said by FutureMon:
said by vic102482:
Microsoft should be blamed for those that cannot patch their system due to stolen keys.
Say that out loud and tell me if it just doesn't come off totally wrong.

It's like saying BMW should be held liable because I had an engine problem due to poor maintenance which caused me to crash in the BMW I stole from someone.

Yes I know that a home invasion robber can sue the homeowner for stubbing his toe while trying to get away. In this country anone can be held liable for anything if they're lucky enough in court, but that does not mean it is right.

Theoretically, if everyone with legal software is able to properly patch, then the only people really suffering are the pirates who can't. You're never going to get rid of the traffic generated by the baddies, but as long as they stop at your front door they're not much different than any other types of network traffic generated on a daily basis.

- FM

Microsoft should be blamed for those that cannot patch their system due to stolen keys

quote:
It's like saying BMW should be held liable because I had an engine problem due to poor maintenance which caused me to crash in the BMW I stole from someone.
No its like saying that BMW installs a system that deactivates the STEERING on a stolen vehcile once it has gone over 60MPH.:) (extreme but you get the point).

You tell me who is liable there once they ram you head on.:)

Lets look at the facts of this sitation:

You have stolen property
You have innocent home users
You have a software company that disables saftey precautions on a peice of stolen software due to licensing issues.

Microsoft has no responsibility in this situation? I think not.
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!

inTulsa
Premium
join:2002-02-24

1 recommendation

reply to blacksurfer

Stealing the OS is wrong, but denying access to patches doesn't seem right either. The unpatched machines are affecting other legitimate users.

I think Microsoft should offer the illegitimate updaters a "special deal". They could limit their infection by disabling access to portions of their TCP/IP stack or restricting certain TCP ports to Microsoft IP addresses. Then Microsoft should offer a purchase option which doesn't involve their having to reinstall everything from scratch. If it was easier for the thieves to become legitimate more of them might choose that option.


B
Premium,MVM
join:2000-10-28
reply to psloss

Re: People with fake keys can't protect from Sasse

said by psloss:
Unless Microsoft can disable XP's built-in firewall on pirated copies, those can protect themselves from worms like Sasser by using it.

Well, at least psloss makes a reasonable point.

Many of you others seem to be ignoring blacksurfer's concise, very valid point -- "THIS IS EXACERBATING THE PROBLEM".

In my opinion it was always rather stupid of MS to deny updates to pirated copies, for exactly this reason, which a lot of people saw coming (and discussed) a mile away.

1. MS does not have the, er, most admirable security history.

2. MS claimed a new security initiative, top priority, blah blah blah.

3. MS KNOWS FULL WELL that thousands (millions) of copies of all its software are pirated, and in many cases actively, if selectively, polices that. In addition they KNOW FULL WELL that people have gotten around their WPA protections in many cases. (It can easily be argued that one big factor to MS's overall success is the initial and continued widespread piracy of things like Office, but that's another thread.)

4. MS intentionally cuts off pirates (or more significantly, innocent users who MAY NOT KNOW that their vendor or geek has installed pirated software) from both feature AND security updates. This is petty and wrong, if ONLY because of MS's overwhelming dominance on the desktop and the Internet.

Does it cost MS extra bandwidth they are NOT obligated to provide? Sure, but that's a rather petty reason to provide yet ANOTHER path that allows UNCHECKED propagation of worms and spam and such.

I would not be entirely averse to MS tracking down those who try to get updates with pirated copies, but to refuse them entirely is bad policy.

No, I don't use or condone pirated copies of any software (that's why I root for free and "Free" alternatives for the cheapskates among us). Also, if you're a stickler you can replace "pirated" with "copyright infringed" all through the above -- I'm far too lazy for that.

-- B
--
In a realm outside causality and function


rstrandb
Howl at the moon
Premium
join:2003-04-17
Albany, GA

1 edit

1 recommendation

reply to blacksurfer

Re: People with fake keys can't protect from Sasser!

Screw those with fake keys, they get what they deserve. They do not have the right to update, reap what you sow.
--
What....me worry?



bluebaron2
Stuff Happens
Premium,Mod
join:2001-02-01
North of 44
Reviews:
·Xplornet

3 recommendations

reply to vic102482

said by vic102482:
Microsoft has no responsibility in this situation? I think not.

I think so. None. The thief is responsible for the damage they do with the stolen property.
To continue your BMW analogy, it is more like BMW deactivates the steering as soon as you steal the vehicle. If you then insist on continue driving the stolen vehicle without steering, how is that any body's fault but yours?
--
bb2
Since I've given up hope I feel much better.

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

2 recommendations

reply to blacksurfer

oh, boo hoo

Providing support costs money. Part of the cost of software products covers the cost of supporting that product. Didn't pay for the software? Then you don't get support, and you should shut up whining about it.

Don't like that the kid next door is spreading virii due to his having stolen software? Then complain to him, not to the people he stole from.



paranoidxe
Premium
join:2002-03-29
Ogden, UT

1 recommendation

reply to bluebaron2

Re: People with fake keys can't protect from Sasse

Ok say someone took your cd player out of your home (stole it) and then came back a couple weeks later claiming its broke and wants you to fix it...now are you REALLY going to want to fix it?

Same situation, you stole a microsoft product why should the manufacturer help you improve it?
--
"Its better to look stupid for 5 minutes and ask a question, than to be stupid for the rest of your life."4g63.20m.com (textsource.org)


vic102482
Premium
join:2002-04-30
Upper Marlboro, MD
reply to bluebaron2

Re: People with fake keys can't protect from Sasser!

said by bluebaron2:
said by vic102482:
Microsoft has no responsibility in this situation? I think not.

I think so. None. The thief is responsible for the damage they do with the stolen property.
To continue your BMW analogy, it is more like BMW deactivates the steering as soon as you steal the vehicle. If you then insist on continue driving the stolen vehicle without steering, how is that any body's fault but yours?

So what about what "B" said when unwitting users are sold stolen peices of software on ebay for instance?

Also since the OS is already in use and ON the internet when trying to update, the BMW should be in use and ON the FREEWAY when trying to steer. I think it is a perfect parallel comparison.

Deactivating as soon as being decteted as stolen means you shouldnt be able to login or have the OS function, but unfortunatly that is not the case.

Micorsoft made a very poor desision. What happens if a coporation cannot update their software because their key was stolen and is floating around the internet?

What is a systems administrator supposed to do? Some bastard employee could leak it to his friends, and now the whole coporation cannot patch their machiens.

Who is liable then?
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!

vic102482
Premium
join:2002-04-30
Upper Marlboro, MD

1 edit

1 recommendation

reply to paranoidxe

Re: People with fake keys can't protect from Sasse

said by paranoidxe:
Ok say someone took your cd player out of your home (stole it) and then came back a couple weeks later claiming its broke and wants you to fix it...now are you REALLY going to want to fix it?

Same situation, you stole a microsoft product why should the manufacturer help you improve it?

Someone steals Justins CD key and distributes it across the internet, now the key is blocked and the unwitting justin finds out that he cannot update, but BAM too late he is infected. All of DSLR goes down.

Who is liable then? Microsoft has no responsibility in this case?

Or here is a better one,(as "B" suggested) you buy your computer on Ebay and the key is stolen. You use it for a month and find out you can no longer update your machine. Who is at fault there? The ebay seller is no where to be found.

They made a very poor desicion. IMO. Microsoft has too many machines to simply refuse updates to pirates. The ones that cannot update their machines are going to become a problem for all of the other legitimate users on the internet.
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!


bluebaron2
Stuff Happens
Premium,Mod
join:2001-02-01
North of 44
Reviews:
·Xplornet

1 recommendation

reply to vic102482

Re: People with fake keys can't protect from Sasser!

You're still missing it here vic. The people who stole the software knew when they stole it that they could not get updates and fixes, if they didn't then they were not only thieves but terminally stupid to boot.
The BMW thief knew at the onset that he wouldn't be able to steer the car ( BMW/Microsoft has not been shy in informing people that they do not support stolen property ) and he still took it out on the freeway. Just because it took him a little time before he crashed does not diminish his responsibility for the accident one iota.
--
bb2
Since I've given up hope I feel much better.


blacksurfer

join:2002-07-14
Sherman Oaks, CA
reply to blacksurfer

We're assuming that most pirated OS out there was intentional. Since the internet is global and most pirated software are sold in China where millions have purchased, unknowningly, software that was pirated, the effect of this new type of virus will cost many companies millions of dollars. How many of these people in foreign countries will send Bill Gates a check for a legit version of Windows?



jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
kudos:1

1 recommendation

reply to blacksurfer

Absolutely NOT!

...Is My answer to your question.



bluebaron2
Stuff Happens
Premium,Mod
join:2001-02-01
North of 44
Reviews:
·Xplornet

1 recommendation

reply to blacksurfer

Re: People with fake keys can't protect from Sasser!

said by blacksurfer:
How many of these people in foreign countries will send Bill Gates a check for a legit version of Windows?

How many will? I don't know. How many should? All of them.
--
bb2
Since I've given up hope I feel much better.

anthrorules
Premium
join:2003-09-14
Rollinsville, CO

4 recommendations

reply to blacksurfer

NOPE...while unpatched systems add to the infection problems, I'd say that M$ should not allow those systems to be patched. Good question though.

I'd like to see that those systems without correct registration keys get automatically shut-down, like when they attempt to update or install patches, a program would be installed from M$ end to the unpatched computer and shut it down...probably not possible, but that's what I'd like to see done with unpatched unregistered pirated computer systems.
--
ionSKY Wireless ISP - 2.4GHz - 802.11b - 1.0MB/384kbps | Dell Dimension 4550 - WinXP Pro SP1 - 768MB Ram |ZA+ 4.5 | AVG 7.0 - Resident | Bit Defender 7.1 Free - On-Demand |TDS-3 | Ad-Aware | SpyBot S&D | MailWasher Pro


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

1 recommendation

reply to vic102482

said by vic102482:
So what about what "B" said when unwitting users are sold stolen peices of software on ebay for instance?
Caveat emptor, of course. Don't buy things from sources whose reputation you are unsure of -- or if you do, complain to the thief who sold you the stolen thing, not the person from whom the thief stole the goods.

vic102482
Premium
join:2002-04-30
Upper Marlboro, MD

1 edit
reply to bluebaron2

said by bluebaron2:
You're still missing it here vic. The people who stole the software knew when they stole it that they could not get updates and fixes, if they didn't then they were not only thieves but terminally stupid to boot.
The BMW thief knew at the onset that he wouldn't be able to steer the car ( BMW/Microsoft has not been shy in informing people that they do not support stolen property ) and he still took it out on the freeway. Just because it took him a little time before he crashed does not diminish his responsibility for the accident one iota.

Yes I agree(excellent argument), but in all honesty(I want your honest opinion:)), is that the wisest desicion that a corporation like microsoft should come to when trying to deal with piracy?

Shouldnt the car just not be allowed to start? IE windows being reverted back to the 30 day activation then lock period?

Isnt chaning it back to 30 day trial and then lock a better solution than denying updates?
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

1 recommendation

reply to vic102482

Re: People with fake keys can't protect from Sasse

said by vic102482:
Someone steals Justins CD key and distributes it across the internet, now the key is blocked and the unwitting justin finds out that he cannot update, but BAM too late he is infected. All of DSLR goes down.

Who is liable then? Microsoft has no responsibility in this case?
No, of course not. The fault lies with the people who stole from Justin, not with the manufacturer.

I'd expect Microsoft to listen to Justin's explanation, and perhaps give him a new key. The only cases I've heard of suggest that Microsoft tends to believe honest customers. Do you know likewise, or is this a straw horse?

Anyway, I don't think DSLR runs on MS systems

vic102482
Premium
join:2002-04-30
Upper Marlboro, MD

1 edit

said by dave:
said by vic102482:
Someone steals Justins CD key and distributes it across the internet, now the key is blocked and the unwitting justin finds out that he cannot update, but BAM too late he is infected. All of DSLR goes down.

Who is liable then? Microsoft has no responsibility in this case?
No, of course not. The fault lies with the people who stole from Justin, not with the manufacturer.

I'd expect Microsoft to listen to Justin's explanation, and perhaps give him a new key. The only cases I've heard of suggest that Microsoft tends to believe honest customers. Do you know likewise, or is this a straw horse?

Anyway, I don't think DSLR runs on MS systems

Okay, what about the alternative I posted? Dont you think that is a smarter way to approach the problem. Simply revert the system back to the 30 day trial and refuse to allow the same key to be entered into the system for attempted reactivation.

Is that not a better way to approach the problem?
--
I tie a rope around my penis and jump from a tree, don't you wanna grow up to be just like me!!!!


jvmorris
I Am The Man Who Was Not There.
Premium,MVM
join:2001-04-03
Reston, VA
kudos:1
reply to vic102482

Re: People with fake keys can't protect from Sasser!

said by vic102482:
. . . Shouldnt the car just not be allowed to start? IE windows being reverted back to the 30 day activation then lock period?

Isnt chan[g]ing it back to 30 day trial and then lock a better solution than denying updates?
Getting a bit confused by the word 'lock' in this instance. Are you really saying that Windows (probably XP) should be disabled (or perhaps rendered inoperable) or are you saying "No more updates"?

I mean, I like, your question about "Isn't there a better alternative?", but there are some logistical and legal issues with the first approach that are likely to raise havoc -- especially the first time someone with a legitimate copy of Windows gets wrongly locked out.
--
Regards, Joseph V. Morris


bluebaron2
Stuff Happens
Premium,Mod
join:2001-02-01
North of 44
Reviews:
·Xplornet

1 recommendation

reply to vic102482

We're probably taking this car anology way to far vic but here goes one more time.
BMW did make the car not be able to start, you needed a key to get it going, the thief jumpered it to get past that built in anti-theft device. The Software thiefs bypassed the registration to make the software work, beyound the 30 day limit. M$ installed a anti-theft device in their software and now you are arguing that since the thiefs by-passed that one it's M$ fault that they didn't install another one. Bottom line don't steal software, if someone offers you software at a fraction of the retail cost, you damn well should know it's not legit. Don't want to get infected...go buy the legal operating system. Period.
--
bb2
Since I've given up hope I feel much better.


Brad Helm

join:2001-08-27
Salem, IL

1 edit

2 recommendations

reply to dave

The problem with "faked" MS OS keys....

I find it pathetic that we have people who are complaining that Microsoft won't update their pirated software. Most likely they or someone they know have and USE such pirated software and they are PO'ed because now they have to shell out for software the rest of us have already LEGALLY paid for.

IMO - The USER is responsible for making informed decisions on purchasing and installing their software. This means that you better KNOW who you buy your software from and you better protect your licences like you'd protect your wallet and credit cards.

Remember the cardinal rule-- "If it sounds too good to be true, most likely it is [too good to be true]"



John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
kudos:1
reply to blacksurfer

Re: People with fake keys can't protect from Sasser!

In fact you are not completely correct. There was a well known pirated key, which was used by many, many people. It was this one key that Microsoft took steps to ensure that SP1 could not be installed in XP.

However, there was a widely circulated key generator. As far as I know, the registrations produced by this key are not blocked by Microsoft.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt.