Ed Foster's Gripelog || Windows Updates and Software Ownership

» All 33 InfoWorld Newsletters Technology & Business Daily

INFOWORLD GRIPE LINE BY ED FOSTER

Bookmark this page

Windows Updates and Software Ownership

By Ed Foster, Section The Gripelog
Posted on Mon Sep 17, 2007 at 12:09:44 AM PDT

Do you own the software on your computer, or do the software companies? That's really the issue that lies at the heart of a brouhaha that arose last week regarding Windows Updates that apparently are installed without user permission. What I find most fascinating about the incident is what it reveals about the world of EULAs and DRM in which, at least if you listen to the software industry, we all now live.

A story last week in the Windows Secrets newsletter reported that recently Windows Update for XP and Vista has stealthily downloaded a number of updates even for users who don't want automatic updates. Subsequent observers confirmed the updates had indeed gone out. In what appears to be closest thing to an official response, a Microsoft program manager blogs that the updates -- minor patches for the Windows Update software itself -- need to be installed if the update process is to work as users expect.

While none of the observers have seen any sign the Windows Update updates cause any harm, Microsoft's argument struck many as being a Redmond-knows-what's-best-for-you approach. "The idea they can't give the user a choice in a situation like this is just nonsense," one reader wrote me. "There are some very good reasons some of us choose just to be notified of updates rather having them automatically installed ... starting with the litany of buggy releases Microsoft has foisted on us through they years. It's my machine, and they have no business making changes to executables without telling me."

Business users in particular have security and accountability issues if their software assets aren't actually under their complete control. "An owner and an operator of a computer in an enterprise can absolutely no longer claim to be able to audit the machine if control of the updates are being done without the owner even being notified," wrote another reader. "What Microsoft is doing is sheerly Orwellian, and clearly designed with the intent of taking remote control of a consumer's PC at their whim if Microsoft chooses to determine the consumer has violated their EULA or decides a licensed copy is not a licensed copy. Of course the recent collapse of the Windows Genuine Advantage servers shows what a dangerous strategy that is, and the disastrous consequences when a single point of failure at Microsoft occurs. Sadly, it is not just Microsoft. Every software vendor seems to think they can do anything they want."

But this is actually something of an old story, both in terms of the issues readers are raising expressing and Microsoft's somewhat vague reassurances of their good intentions. Back when Windows XP was newly released I wrote about some very similar concerns readers had about XP EULA terms that gave Microsoft the right to automatically update components of the operating system. And the response Microsoft had back then echoes what they're saying now. "We clearly have more work to do to make sure that it's clear when these automatic features are used, and we are looking at how to do a better job at that," the Microsoft spokesperson said in 2002. "But it is certainly not our intent to access any user's system when that is not what they desire."

So after all these years, why is it that Microsoft still has to admit that it's not being as clear about all this as it ought to be? Well, I think we can see a clue if we compare the old and new EULAs. The early XP EULA said that:

"You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer."

The Vista EULA is at least a little more direct about what the purpose of an involuntary download is:

"The software will from time to time validate the software, update or require download of the validation feature of the software."

While the wording has changed a little bit, the meaning remains the same. It's all about the DRM. If Microsoft's various and sundry anti-piracy schemes are to work, it has to have the right to make changes to components of the operating system whether you want them to or not. And, however good Microsoft's intentions might be, if any of those changes happen to cripple your computer at a bad time, hey, read the EULA. It's your problem, not Microsoft's.

It would be easy for Redmond to make this crystal clear, but I guess just coming out and saying that Microsoft has the right to disable your computer at any time would be a little too blunt. So who owns the operating system on your computer? If you run Windows, the answer is that Microsoft thinks it does, and you should take that fact into account.

--------------------

To receive this column every week in my free e-mail newsletter, please go to my subscription page and follow the instructions to opt-in for the EdFoster mailing list.

Post your comments about this story below or write me at Foster@gripe2ed.com.

< Reader Voices: Disclaimer Defense | A Grueling Free Trial With Earthlink >

Windows Updates and Software Ownership | 39 comments (39 topical) | Post A Comment

Wow....[ Reply to This ] (none / 0) (#1)
by Anonymous User on Mon Sep 17, 2007 at 04:39:34 AM PDT

So if someone has an XP or Vista system and never ever connects to the internet or a phone line even, they're violating the EULA?

F you M$, you guys are really going WAY too far...

[ Reply to This ]

Who needs that?[ Parent | Reply to This ] (none / 0) (#3)
by Anonymous User on Mon Sep 17, 2007 at 04:59:11 AM PDT

That's why I'm currently sticking with W2K Pro and will for as long as I can make it practical to do so. And when it isn't anymore, that's when I'll finally switch to Linux.

[ Parent | Reply to This ]

I said way back when XP was new...[ Parent | Reply to This ] (none / 0) (#7)
by Reziac on Mon Sep 17, 2007 at 09:41:06 AM PDT

... that activation, or rather changing the system so older OSs could no longer be reactivated, would eventually be used to "turn off" the software once it had been end-of-life'd, as a surefire way of forcing upgrade$. IMO that is what WGA and M$'s current policy of forced updates is ultimately about, regardless of any benign uses it has in the present.

=======
Which of the following is a color?
Apple, Currant, Kia, Teal, Oregon, Ford

Er, could be apple, currant, or teal. [scratching head]

.

~REZ~
[ Parent | Reply to This ]

wga[ Parent | Reply to This ] (none / 0) (#39)
by Anonymous User on Sun Apr 20, 2008 at 11:30:06 AM PDT

I have been buying microsofts shit since dos 1.0 at one time i could have even been considered a m$ fanboy for many years. After buying xp and doing the wga thing for the free software M$ shut my system down 5 times in 3 years for upgrading hardware on my sys. new hard drives, sound and video cards, Memory. Im not sure but one time they did it was after i moved my sys and plugged usb devices back in different usb ports. needless to say i now run a pirated version of xp and have no intention of buying another microsoft product. I also have purchased office, foxpro for dos and foxpro visual basic. xp days are numbered and i am set up with a dual boot running ubuntu. I would be there now accept for a couple of programs i just cant live without. Goodbye Microsuck kiss my butt.

[ Parent | Reply to This ]

Windows updates & software ownership[ Reply to This ] (none / 0) (#2)
by Anonymous User on Mon Sep 17, 2007 at 04:57:32 AM PDT

"So who owns the operating system on your computer?" As much as we all hate the fact, and as much as we've railed against it, Microsoft does. Until a court decides otherwise, we are only licensed to use it. I suppose we should be grateful that Microsoft isn't even more abusive than it is.

[ Reply to This ]

Licensing is a sham[ Parent | Reply to This ] (none / 0) (#5)
by srynas on Mon Sep 17, 2007 at 07:19:07 AM PDT

Don't accept the concept that the software is licensed. Please see the TechDirt article "However, once again, the case takes a bit of a twist. Autodesk is claiming that the right of first sale doesn't apply in this case, because the guy did not purchase the software, but merely licensed it, thanks to the shrinkwrap license found inside the box, which the purchaser doesn't get to read until well after he or she has "purchased" the software (which appears like any normal purchase, rather than license). Unfortunately for Autodesk, some courts have already ruled that, despite mind-numbing EULAs that no one reads, if you purchase... er... license software, you still get certain ownership rights, which likely include the right to then sell the software. This case seems to have a little something for everyone interested in software and copyrights, between the questions on first sale doctrine, DMCA abuses and shrink wrap EULAs. It should be worth paying attention to as it moves forward.

[ Parent | Reply to This ]

Ownership[ Parent | Reply to This ] (none / 0) (#21)
by Anonymous User on Tue Sep 18, 2007 at 10:48:03 AM PDT

We're really not sure about the ownership of operating system alternatives, though, are we? SCO has been trying to prove in court that they own your copy of LINUX. Just because they may fail doesn't mean someone else won't try. Also, just because a developer thinks they have written original code does not mean that they haven't violated a software patent. Who owns that code, the developer or the patent owner? Bad news: its the patent owner. Who owns the most software patents? I think IBM is first, but I'll bet MS is second. Depending on how they choose to exert their software patents, they may already own your copy of LINUX, or enough of it to disable your copy (indirectly, not via download).

[ Parent | Reply to This ]

Well...[ Parent | Reply to This ] (none / 0) (#36)
by Anonymous User on Wed Sep 26, 2007 at 08:22:35 AM PDT

Well, that's just one more example to show why it is time for the whole notion of "intellectual property" to die the death it so richly deserves. The bits and bytes on my computer are mine. My copy of whatever is on there. Giving anyone else any kind of so-called "property rights" that allow them to intrude into my computer and mess with it takes away my actual property rights and changes me from the owner of my machine to a serf beholden to distant lords. No. I own it. If some third party wants to use it for their own purposes they can negotiate a fee schedule with me and they get to be the tenant to my landlord!

The legal fiction of "intellectual property" has not only this fundamental problem of colliding with real property rights but also serious security problems here. If every Tom, Dick, and Harry with a software product, music they produced, or whatever else insists on being able to monitor and control my use, and therefore on having back doors into my computer, that computer's firewall turns into Swiss cheese. No system administrator worth his salary is going to tolerate that; keeping a possibly-mission-critical machine secure certainly means not allowing any random person to stick their hands into it and grub around, whether by subterfuge or by legalistic arguments regarding "auditing" the use of "their" "intellectual property"! Keeping out untrusted people from a system means keeping out Microsoft and the RIAA and the likes, and not just the usual black hats coming in through proxies in .ru and the like. All of them have ulterior motives and may be at cross-purposes with you, and all of them additionally can gum things up by fat-fingering something besides. You wouldn't let any of them near the actual hardware and the mouse and keyboard, would you? Thought not.

The conflict between our property rights in what we have purchased and use in our day-to-day business and others' so-called "intellectual property" rights is unavoidable and growing by the hour. Only one of them can win, and the wrong one would mean the end of innovation, freedom of speech, and actual property rights and the beginning of an era of everything being controlled by a few large monopolies in a rather Stalinistic manner.

And they have the gall to call us communists when we speak out against them when they are the ones promoting the destruction of property rights and replacing free markets with government-mandated monopolies. Time to rise up against them, I say!

[ Parent | Reply to This ]

You Own the Software[ Reply to This ] (none / 0) (#4)
by srynas on Mon Sep 17, 2007 at 05:16:44 AM PDT

The simple answer you own the software. However, like a book you own the physical product, but M$ retains copyright privileges. But possessing a copyright privilege does not give a company a "right" to trespass onto someone else property.

The internet has made updating your software an ease, but it also has its downside. First, it allows companies to prematurely release software - will fix it later. Second, and more important, software companies don't seem to issue a "final" CD of the product. Unfortunately, consumers don't seem to be particularly concerned over this. As Ed has pointed out, when the server goes down, either on purpose or as a failure, the consumer gets screwed.

In terms of companies being able to remotely control (disable) your computer to protect their so-called intellectual property, they should not do this. In simplistic terms, if a company screws you, you wouldn't have much of a moral dilemma when it comes to screwing them back. Of course this can end up becoming a vicious circle.

[ Reply to This ]

You own what?[ Parent | Reply to This ] (none / 0) (#10)
by JimB on Mon Sep 17, 2007 at 10:27:13 AM PDT

You could only own the software if you actually bought it. It's clearly and explicitly mentioned that you do not own the software nor can you purchase it. I'm not sure where copyright comes in except (as in autodesks case) the actual media is getting distributed.

[ Parent | Reply to This ]

Contract - not copyright[ Parent | Reply to This ] (none / 0) (#33)
by Anonymous User on Sat Sep 22, 2007 at 09:50:52 PM PDT

Since the EULA is a contract, the acquisition and use of Windows is actually covered by contract law, not copyright law.

[ Parent | Reply to This ]

I see no contract here.[ Parent | Reply to This ] (none / 0) (#34)
by Anonymous User on Mon Sep 24, 2007 at 06:52:54 AM PDT

The EULA is a unilateral list of demands shoved at you with nothing offered in return for your "acceptance" that you don't already have.

Under USC Title 17 Section 117(a)(1) (IIRC) it is established that copyright is not infringed by installing and using software you purchased, even though installation and use may create a few personal copies as a matter of course. Ergo, you buy box with discs at store, you have the affirmative right to install and use whatever's on those discs; no additional permission from the copyright holder required, since you now legally own a copy.

Therefore you're not getting any additional consideration with (most) EULAs -- they attempt to impose a whole lot of extra conditions beyond those that copyright law provides for, and in return they would give you nothing. (Things like the GPL are an exception -- these actually permit you to do things like redistribute the software, subject to certain conditions. In other words you can do something normally forbidden by copyright law, if you adhere to certain conditions. And you can just plain use it personally as you see fit regardless.)

Q: What is a legal document that purports to take away some of the rights and privileges you already have with respect to something you purchased in a separate transaction earlier in time, in return for absolutely nothing?
A: Null and void, under the contract laws in most states! Especially since there's also no meeting of the minds, no signature, no documentation, no evidence that anything was "agreed" to by anyone...

EULAs are a fiction. Or rather, a scam. If there were any justice there'd be some law against claiming to be able to unilaterally impose extra legal restrictions without consideration like this, and you'd be able to sue for some sort of fraud, misrepresentation, or something whenever you saw a typical software EULA. :P

[ Parent | Reply to This ]

Who owns the software? Who cares. I own the PC[ Parent | Reply to This ] (none / 0) (#15)
by Rocktman2 on Mon Sep 17, 2007 at 04:54:36 PM PDT

I think this goes beyond who owns the software. It's my computer. I decide who can update it & when. That's why I don't connect to M$ update. Never have on this particular (home) computer or my wife's (also don't at work). I use Windizupdate.com with Firefox. Keeps me up-to-date.

[ Parent | Reply to This ]

Copyright[ Parent | Reply to This ] (none / 0) (#20)
by Anonymous User on Tue Sep 18, 2007 at 10:41:08 AM PDT

No one is disputing the MS copyright over their own software, manuals and disk contents. It is relatively well understood that copyright terms apply to these items. There is disagreement over "fair use" and duration of copyright, but that's for another day. The question is about the standing of EULAs under the law. Can a person give up a constitutional right by opening a box of software?

[ Parent | Reply to This ]

Microsoft Abuse[ Reply to This ] (none / 0) (#6)
by Anonymous User on Mon Sep 17, 2007 at 09:14:41 AM PDT

Just another case of MS abusing everything they touch. First they get everyone to turn on these automatic updates, due to their own ineptitude, then they abused that by foisting WGA as a "critical" security update. Now this. Gotta wonder what's next and how much we'll put up with. My guess is quite a bit more. Half the people don't seem to care.

[ Reply to This ]

To repeat old thoughts:[ Reply to This ] (none / 0) (#8)
by Anonymous User on Mon Sep 17, 2007 at 10:06:53 AM PDT

Ok, so I don't own the software I thought I bought certain rights to. So, if I don't own it, for purposes of inventory, Microsoft must own it. Are they paying taxes on that inventory? Do they have insurance on their inventory? Would they be able to depreciate their inventory - and on what basis would it be? Is the purchase defined as a rental, or a service, for purposes of sales tax? Will Microsoft subject themselves to my auditors when they go to verify that I'm not releasing data I shouldn't be - either under medical ethics or financial ethics laws? If Microsoft can make changes to my computer based on their rules, do they have much of a case to go after hackers of their systems? (Hackers believe they can (also) make changes to computer systems based on the rules they play by.) Like most folks, Microsoft wants the answers to every one of these questions to be interpreted in their favor, regardless of the real lifeconsequences of each answer that the rest of us have to deal with. I can live with greed - it's hypocritical greed I can't stand.

[ Reply to This ]

I can't believe I (sorta) agree with Microsoft![ Reply to This ] (none / 0) (#9)
by Anonymous User on Mon Sep 17, 2007 at 10:09:06 AM PDT

I think it makes sense that if you set Windows to either A)Notify you when new updates are ready, or B)Download updates and notify you, then the update software MUST be up to date to work! If MS didn't update the Win Update software, the updates would presumably stop working.

[ Reply to This ]

Yes, but...[ Parent | Reply to This ] (none / 0) (#11)
by dliesse on Mon Sep 17, 2007 at 10:28:13 AM PDT

That's beside the point. If you've chosen either of the options you mention, then that's the agreement under which an update to the update program should also be distributed. They can explain that if you don't install it then the update feature will not work properly, but it should still be your absolute choice as to WHEN to install it.

[ Parent | Reply to This ]

So what?[ Parent | Reply to This ] (none / 0) (#18)
by LasVegan on Tue Sep 18, 2007 at 08:21:20 AM PDT

If they need to update the updater then that should be an update like any other update. It would tell you that if it's not loaded then nothing else will load, either. We've seen similar updates in the past. There is still no reason to force an update.

[ Parent | Reply to This ]

This is just plain wrong [ Reply to This ] (none / 0) (#12)
by Anonymous User on Mon Sep 17, 2007 at 12:18:13 PM PDT

on so many levels. As others have pointed out, Microsoft wants to own the software for the purposes of controlling its use, distribution and what you are and are not allowed to do on your own hardware (that you did purchase and have first ownership rights). However, Microsoft does not want to claim ownership when it comes to taxes or liability for damages caused bugs in the software.

This is like the old saw about zealous politicians, "they mean to rule benevolently, but make no mistake, they do intend to rule"

[ Reply to This ]

Problems with updates[ Reply to This ] (none / 0) (#13)
by Anonymous User on Mon Sep 17, 2007 at 01:29:31 PM PDT

I had a Windows 2K Pro machine that I built myself. It worked quite well until my internet connection crashed in the middle of an update; after that, I never could do an update without saving the file from the MS web site and executing it from my hard disk. Eventually, it tried to update itself and died. I pondered whether or not it was worth the time, effort, and money to rebuilt the machine and decided it wasn't, so I replaced it with a somewhat generic WinXP Home laptop and a MacBook Pro.

[ Reply to This ]

SW Copyright needs to be heavily restricted[ Reply to This ] (none / 0) (#14)
by Anonymous User on Mon Sep 17, 2007 at 01:53:44 PM PDT

So, when Microsoft embeds spyware into your system to scan the web for other people's illegal installations...that's just fair use of YOUR machine which is running THEIR SW? What happens when Microsoft installs GRID computing capability on YOUR computer to provide service functions to OTHER PARTIES? Just another "feature" which you must submit too because their one sided EULA says they can? We desperately need Congress to limit the embedded functions any vendor is allowed to place inside "their" product AND we need to severely limit the rights of copy write owners and EULA terms. Copy write was meant to protect "Author's Expression", not legitimize the "Author's" theft of "services" from someone else's property. Microsoft's behavior is looking more and more like an organized criminal conspiracy. They should be tried for violation of the RICO Statute! A legally abused Microsoft customer!

[ Reply to This ]

Microsoft Patches[ Reply to This ] (none / 0) (#16)
by Anonymous User on Mon Sep 17, 2007 at 08:17:00 PM PDT

Does anyone know how I can list the patches and hotfixes applied by the "Microsoft Update Now" process to my PC system? I need to do some digging and identify what has been installed.

[ Reply to This ]

Patches utility[ Parent | Reply to This ] (none / 0) (#17)
by Anonymous User on Tue Sep 18, 2007 at 05:53:25 AM PDT

Over on Microsoft Newsgroups microsoft.public.microsoft_update_catalog there is a recent post about a patch file tool available that lists all the data as a text file. I've tried it out and it looks neat, is easy to use, best of all its free (registration required).

[ Parent | Reply to This ]

No...[ Parent | Reply to This ] (none / 0) (#37)
by Anonymous User on Wed Sep 26, 2007 at 08:25:20 AM PDT

No, it is not free. Not if "registration required". You may not pay in money, but you still pay; oh yes indeed. And probably not just in giving them personal information to misuse in some way you probably won't like; probably in receiving spam, too. Why else would they ask for your email address and then validate that it works, hmm? Why would they care, unless they intended to use it, or sell it -- addresses that actually work being far more valuable on the grey market for email addresses than addresses that are not known to work.

[ Parent | Reply to This ]

Software Ownership[ Reply to This ] (none / 0) (#19)
by markroth on Tue Sep 18, 2007 at 10:38:56 AM PDT

I don't care what EULAs say since we don't have an opportunity to negotiate them. Therefore, it is not an agreement or a condition of purchase. While I recognize the right of the software developer to retain ownership to the intellectual property that is embedded within the software products that I purchase, The specific copy of the software that I have purchased is owned by me. Therefore, no one, not even the developer, has the right to alter it in any way without my explicit approval. It is high time that the consumers begin to dictate what is acceptable to the software developers and vendors. If they do not like our terms then they can refuse to sell their products to the public. Software developers would prefer that we rent their products and pay them rent each month. Until such time as there are hundreds of alternatives to each particular software product, we consumers must insist that we own the purchased product and that it is sold with certain warranties and rights. Let's fight back.

[ Reply to This ]

It's going to get a while lot worse.......[ Parent | Reply to This ] (none / 0) (#26)
by Anonymous User on Tue Sep 18, 2007 at 05:33:07 PM PDT

If you think that the DRM activation issues that users face with WGA, OGA and DRM under Vista are a concern, wait until every other software vendor (ISVs) starts coming up with varied combinations and derivatives on how they will "activate/control" your PC. From October ISVs will be able to license, using similar techniques to WGA/OGA/DRM using Software Licensing and Protection Services (SLP Services). see http://www.microsoft.com/presspass/features/2007/jul07/07-10slpservices.mspx When this happens it will be a disaster beyond proportions unspeakable as the ISVs come up with their own "innovative ways" to turn on/off software to control licensing usage! Whilst it might be true that Microsoft is tracking your PID via a software manifest with encrypted hardware details, I'd rather trust Microsoft to do that safely than a small time software developer who has weak systems control and leaves backdoors open for attack, just so they can activate/track their own ISV licenses using DRM. Microsoft needs to be given, by business houses, the very clear message (I am not saying jump to Open Source either by making this statement) that the software once licensed correctly and installed needs to be left stable and alone so that we can run the business without interference and without further activation/reactivation/validation. ie; activate once then go away and let us run the business under our control ! Letting the SLP source code out to ISVs is a huge risk that we all need to be very wary of and stamp out as vocally as we can!

[ Parent | Reply to This ]

Goodbye Microsoft![ Reply to This ] (none / 0) (#22)
by bboyle on Tue Sep 18, 2007 at 11:11:42 AM PDT

This behavior on the part of Microsoft is totally unconscionable! It is MY computer, and it is MY responsibility to apply any changes to it that may be required for MY purposes. I use my system(s) for software development, network and security research and development, as well as for consulting work I do for others. I CANNOT tolerate anything installed on my systems that I have not vetted beforehand, and that includes system software of any sort. I'm sorry Microsoft, but you have violated my trust and you will NEVER get another penny in direct income from me. I will be re-imaging my systems to run Linux and/or Solaris (those that don't run them already) and will stop using Windows in any form in perpetuity. To bad, you lose!

[ Reply to This ]

Bigger issue -updates to regulated systems![ Reply to This ] (none / 0) (#23)
by Anonymous User on Tue Sep 18, 2007 at 11:15:09 AM PDT

I see a bigger issue here - What about FDA qualified computing systems the less strenuously monitored HIPAA and Sarbanes-Oxley where untested updates invalidate a system? What about that medicine you were prescribed that, during it's testing, had invalid test results recorded due to an unforeseen issue related to that untested update? It's not like M$ (or,to be fair, any other OS company) has never released a patch with negative consequences.

[ Reply to This ]

Goodbye Microsoft![ Reply to This ] (none / 0) (#24)
by bboyle on Tue Sep 18, 2007 at 11:16:07 AM PDT

Since some of my R&D includes Windows systems, I suppose I should have mentioned in my previous posting that I would only run MS products in a VM, which is what I do for such work, though at this time I still use a Windows workstation for administrative and leisure activities. No more, however! By the end of October, I expect that the only MS software I will be using will be on controlled systems running inside a virtual machine, and those will be running in an isolated subnet with no access to MS and the internet except when I so desire it.

[ Reply to This ]

Difference between User & Corporations[ Reply to This ] (none / 0) (#25)
by Anonymous User on Tue Sep 18, 2007 at 11:35:24 AM PDT

None. If the OS has WIndows Update defeated (as I know the corporation I work for does), then why can't myself - personally - have my own home PCs the same way? Once my PC is setup the way I want it - absolutely no one entity is allowed to mess with it.

[ Reply to This ]

Another undesired "update"[ Reply to This ] (none / 0) (#27)
by Anonymous User on Wed Sep 19, 2007 at 07:06:51 PM PDT

Speaking of updates, has anybody noticed that the help files for Office 2003 are now full of advertisments for Office 2007? I'm not talking about Office Online - these ads are in the local help files. Every page has links like "Buy the 2007 Microsoft Office system" and "Free trial of the 2007 Microsoft Office system".

Where did those come from? I don't think they shipped with Office 2003. Were they installed with an "essential security update"?

[ Reply to This ]

Not on mine[ Parent | Reply to This ] (none / 0) (#28)
by sconeu on Thu Sep 20, 2007 at 07:27:55 AM PDT

I just checked.

Are you sure you're using the local help files?

--
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the United States of America.
[ Parent | Reply to This ]

secure?[ Reply to This ] (none / 0) (#29)
by Anonymous User on Thu Sep 20, 2007 at 11:47:15 AM PDT

The problem with backdoors, in this case, stealthy updates, is that someone will figure out how to spoof them and break into your computer. If you are trying to lock down everything and don't want a remote source downloading programs onto your computer, you won't truly have that ability. Also, if you have rollbacks turned off, since you aren't installing new programs and only turn it on when installing new programs, that won't help if Micro$oft is updating your computer randomly.

[ Reply to This ]

Automatic Updates[ Reply to This ] (none / 0) (#30)
by Anonymous User on Thu Sep 20, 2007 at 02:17:53 PM PDT

Now that the whole world knows that Microsoft has a backdoor that can be used to download virtually anything on anyone's computer, regardless of safeguards taken to prevent that, just how long will it take for others with evil intent to exploit that purposely included DESIGN flaw and download anything they might want onto our computers.

I am without sufficient adjectives to describe this criminal behavior. What does that mean for computers requiring Top Secret protection? What does this mean for banking installations? What does this mean for Windows installations at medical installations? The backdoor is there. What prevents anyone from exploiting this gross criminal negligence by Microsoft developers?

There is already a report of a laptop in hibernation having been woken up by this process after which the update occurred but did not cause the laptop to go back into hibernation but continued to run the battery down to zero while it was in its storage case. If this laptop had overheated and caused a fire, who would be liable? The laptop owner did their part by putting it into hibernation. Microsoft's flawed software update did not restore the computer to its preferred state. What if the computer had been stored with luggage in the belly of an airliner? Who would be liable then? Microsoft's criminal incompetence (or criminal intent if you believe in conspiracy theories) has created a real live bomb. We put terrorists into prison. Have the Microsoft incompetent pseudo-engineers put a new bomb tool into the hands of terrorists?

Al Quida, are you listening? Is there no USA governmental agency willing and able to put this MS corporate insanity into prison where they belong before their utter and complete stupidity kill us all?

[ Reply to This ]

Firstly, who are the morons[ Reply to This ] (none / 0) (#31)
by Anonymous User on Thu Sep 20, 2007 at 08:20:11 PM PDT

Who, exactly, are the morons that allowed unfettered access by MS through their firewalls or even turning on Auto Updates in any fashion, anyway? What were they thinking? They all deserve what they got by allowing the sh__heads at MS to even think of attempting an attack such as this. Do they not have a firewall? Do they not know how to use it?

The fact that MS has done this reasonably justifies stealing their OS'es AFAIAC. I do not give a rat's ass that they call this an update, it is an (unwanted) attack on hardware property that I own and now I plan to make war with them on my own terms.

You folks here on this board will never, ever, gain enough high ground with your brothers you call your (bribed) governmental @%#ts to effect any changes you think would be to your benefit. Stop dreaming and grow up. If you have not paid your Senator or Congressman to act on your behalf, shut up and turn on your firewalls, or stop buying the s__t from MS.

If I hurt anyones feelings here, tough. Welcome to the real world of pure, unadulturated greed. I call it the "new" America. Thank you, Mr. Reagan.

[ Reply to This ]

Morons?[ Parent | Reply to This ] (none / 0) (#32)
by Anonymous User on Thu Sep 20, 2007 at 11:58:54 PM PDT

Perhaps you are right about some having automatic updates turned on. However, it appears that you did NOT read what the problem is. The problem is that Microsoft was able to update computers that did NOT have automatic updates turned on, only notification of a possible update. The people you called morons were nothing of the sort. They thought they had protected their computers from Microsoft by turning automatic updates off.

The total stupidity of Microsoft was to reveal to the world that all the time, they had an previously unknown backdoor that (1) Prevented a user from EVER turning off automatic updates, and (2) allowed Microsoft to either use an update notification request from a client or use past update address paths to a client computer to penetrate their firewall, their security procedures, and allow virtually anything to be downloaded onto the client computer WITHOUT DETECTION OF ANY KIND.

The user is not really the moron here. Microsoft has just broadcast to the world just what unmitigated thugs they really are and just how little they regard anyone's opinion other than their own.

Mark my words. If the US government allows this criminal activity to continue unabated, having been neither been challenged or properly punished, the next so-called "innovation" volley from this criminal enterprise will be even more outrageous. It will most likely take the form of Microsoft automatically and remotely shutting down operating systems for some cockamanie trumped up totally unjustified reasons with no easy recourse from the users to fix Microsoft's mess. They are already dabbling in this with Vista. This engineered intrusion is a "trial balloon" from Microsoft to test the waters for our outrage quotient. If there is not enough outrage, then Microsoft will once again have clearly demonstrated that all they have to do with virtually anything they think of is to just force their junk on the paying public and any outcry from them will eventually fade into the past with nothing changed because none has the fortitude to fight against them.

This time, they have made such a colossal blunder, that they just have to have the attention of The Department of Homeland Security, NSA, DOD, FBI, Interpol, the KGB, the Chinese government, and yes, even Al Qaeda and the Mafia, each with its own agenda. Such a backdoor would be invaluable for each of these agencies in their own way. Truly, Orwellian opportunities have been engineered into our society by the one mechanism that is spread across the vast majority of businesses and households in the USA and across the world, that of Microsoft Windows.

Who is going to take these criminals on and put them in their place? I wonder just how long that backdoor existed in our computers? It could have been lurking there for years. It could have been used many times over the years without our knowing otherwise. Imagine: a rewritten executable file with the same size, date stamp, and entry points of the original but with a payload of something quite different from the original. Who really knows what all those hundreds of Windows files really do? We all know that all Windows versions are fragile and subject to Blue Screen of Death, regardless of which version of Windows one might be using. Who is going to protect the world's Windows driven computers if some rogue or disgruntled Microsoft programmer decides on their own to broadcast to the world a lot of overlaying software junk on our computers? There is absolutely nothing Microsoft can say or do to quench my fears that such an event is not only possible, it is inevitable.

[ Parent | Reply to This ]

Auto Update[ Reply to This ] (none / 0) (#35)
by Anonymous User on Wed Sep 26, 2007 at 12:38:50 AM PDT

All I ask is that any software vendor tell me what an update is supposed to do, how long it will take, and let me choose WHEN to download and install. I do not want to start an 8 hour update just when I want to turn off the PC for the night, or when I must leave, or because a thunderstorm is starting. I am concerned it might create defective modules on my PC if an interruption in my slow dialup line occurs during a long update. I had a case in November, that my Email was held up for 4 hours by the ISP auto-downloading new ISP software when I wanted to receive an urgent work assignment. I called my boss on the cellphone, but I suspect he felt it was my fault!

[ Reply to This ]

Turns out the updates weren't exactly benign![ Reply to This ] (none / 0) (#38)
by LasVegan on Fri Sep 28, 2007 at 09:16:02 AM PDT

The latest edition of Windows Secrets explains what's up. It's just a bug but it's a nasty one if you trip it. Some .DLL's aren't being properly registered. Completely harmless most of the time as they were already registered. Do a repair install, though, (as I did Monday when my motherboard died) and they won't be registered and you won't be able to do any updates.

[ Reply to This ]

Windows Updates and Software Ownership | 39 comments (39 topical) | Post A Comment

Recent Entries

Apple Leaves Hawaiian Investor in the Cold
2 comments

Riding the Autorenewal Express
8 comments

Comcast Gets Nominated for Worst ToS
3 comments

Taxing Software Experiences
12 comments

Terms of Ridicule
8 comments

Sneakwrapped Medical Forms
7 comments

More The Gripelog...

�Submit a gripe
�About the Author
�Email Ed Foster

Help Ed and his readers build these projects:
The Gripewiki
The EULA Library

Login

Make a new account

Username:

Password:

Live Gripes

Has AOL Changed Their Ways?
4 comments

A Nestle SweeTarts Conspiracy
15 comments

AT&T Kills "Bad" Username
12 comments

DESPERATE! AOL HAS TAKEN OVER MY COMPUTER
28 comments

parkingticket.com SCAM on refunds
30 comments

Don't let Net Enforcers Ruin Your Day.
16 comments

More Live Gripes...

Sign up for my newsletter

To have my column automatically e-mailed to you, submit your email address in the form below. Of course, I will not turn your address over to any other party or send you any unrequested e-mail.

Infoworld Blogs

• Jon Udell
• Kevin Railsback
• Paul Venezia
• Bob Lewis
• Tom Yager
• Ed Foster
• Enterprise Mac
• The Storage Network
• Database Underground
• Open Sources
• Zero Day
• InfoWorld Daily
• Grid Meter
• Real World SOA
• SMB IT
• IT Troubleshooter

Recomended Sites

The AFFECT Coalition
Electronic Frontier Foundation
Electronic Privacy Information Center
Free Software Foundation
HearUsNow.org
Public Knowledge
StopBadware.org

Jeff Angus
Ben Edelman
Dan Gillmor
Bob Lewis
Brian Livingston
Freedom to Tinker
Lawmeme
PC World's Techlog
SunBeltSoftware Blog
Troubleshootsers.com

Rss Feeds

How this works
• Top News
• Columnists
• Tech Watch
• Test Center Reviews
• Applications
• App Development
• E-Business Solutions & Strategies
• End-user Hardware
• Networking
• Operating Systems
• Platforms
• Security
• Standards & Protocols
• Storage
• Telecommunications
• Wireless
• Web Services

create account | faq | search