More MS EULA Fun 602
gray code writes: "The Register is reporting that Microsoft has placed an interesting wrinkle in the EULA of WinXP SP1 and Win2k SP3 that asks for the same remote admin rights as the Windows Media Player patch that raised such an uproar. I think I'll be leaving my Win2k box at SP2, thank you very much." Update: 08/04 15:05 GMT by T : Helix150 writes that a separate EULA for W2K's SP3 "contains this nasty bit: 'You may not disclose the results of any benchmark test of the .NET Framework component of the OS Components to any third party without Microsoft's prior written approval.' Hmmm..."
And if they didn't? (Score:2, Insightful)
I believe the fact that this is disablable makes it moot. Such functionality, I think, is almost required for any OS that will play the role of desktop OS. I personally haven't seen the behaviors that take place with Windows 2000 SP3, but Windows XP did alert me the first time it started and before it checked for any updates, permitting me to disable the feature entirely or select from a couple of notification options.
I'm not sure it is acceptable to assume that an end user will actively participate in the maintenance of the software on their system to ensure, above all else, security. Windows had the Windows Update icon sitting in the Start Menu since Windows 98, and it went ignored. As mentioned before, Automatic Updates was released as a part of Windows XP last October. It was also released as an individual update to Windows 2000 over a month ago.
And before we crucify Microsoft alone for including this "heinous" behavior, check Apple. Mac OS has performed automatic updating since Mac OS 9. I don't know about any other software, but I would love to see some form of update checking and/or installation method for servers, especially the variety that are intended to be installed, turned on, and forgotten, like email notifications or schedulable updates. I'd also like to see a move to create a standard through which updates can be propogated for any software. Some software already scan, like Adobe Acrobat Reader, Macromedia ShockWave, and I think QuickTime. If there were one place, maybe things could be more organized and more user friendly.
In any case, justification is pointless. I know people don't like the idea. But, it can be disabled, and if you don't like it, I suggest doing so and updating manually.
Re:And if they didn't? (Score:5, Interesting)
Re:And if they didn't? (Score:3, Insightful)
> prepared.
I think it would be incredibly naive of us not to think that Microsoft doesn't have paid shills here on Slahsdot, ready at a moment's notice to spout corporate spin in response to anti-microsoft articles. God knows they've done it before. (I remember reading articles about how MS paid people to post negative messages about OS/2 on the support board on CompuServe)
MS probably doesn't care too much about the die-hard Linux/Unix/Apple folks on these boards, but I'm sure they realize that a lot of tech media tend to....shall we say "borrow" story ideas from here? And they definitely want to start putting their own spin on some of these issues right away. I'd say this is partly why we've been seeing so many rebuttals against the standard "MS sux" line we see so much of on here. (Some of those responses are actually valid - but it's easy to spot the shills: they're the ones who rely on misdirection to obscure the true issues, much like the first poster here has.)
Personally, I can think of few things lower than people who do this kind of thing. This is lying writ large, and selling yourself out in the most public of ways. But then, it's never too hard to finhd people with no self-respect to do your dirty work for you for a few bucks. Witness some of our fine elected representatives.
Re:Way to fast, way to perfect (Score:4, Insightful)
I would love to see some form of update checking and/or installation method for servers, especially the variety that are intended to be installed, turned on, and forgotten, like email notifications or schedulable updates."
Hmmmmm, so you're experienced at running servers, are you? And you'd love to see some organisation you know little about randomly updating your servers with whatever code they like, whenever they feel like it?
Are security and reliability really your top priorities?
Re:And if they didn't? (Score:4, Interesting)
The EULA gives them TOTAL power of your computer no matter what you do short of taking away any connection between you and them..
This means its within there power to say, Hey look hes got a pirated version of "Austin Powers The Spy Who couldnt come up with a second Orginal Movie and had to use the same old jokes over and over" and WIPE your system TOTALLY.
Its not the Ability to Auto Update.. ITS THE BROAD power there poorly worded EULA gives them.
Re:And if they didn't? (Score:3, Insightful)
The EULA gives them TOTAL power of your computer no matter what you do short of taking away any connection between you and them.."
Who's to say that the next version of `Doze won't make IMPOSSIBLE to turn off "auto update", just as they have made it impossible in XP to (without a hack) to turn off or uninstall MS Messenger (which will bug you to get a Passport until you either DO, get rid of it by a hack, or throw a brick into your monitor).
I can see them doing just the same with AutoUpdate. Why not? The new EULA gives them the right.
Microsoft doesn't give a rats ass about patching defects. Indeed, history shows that they generally do so only when dragged into it kicking and screaming, as they have recently by the mounting embarassment and BAD PUBLICITY over their OS's many security holes.
They want everyone running AutoUpdate in the background for these reasons:
1. So they can slip in upgrades to fix embarassing holes without scruitiny (ie, the public knowing about the defect). This will reduce media attention.
2. So that they can slip in updated "activation" and key crap at will.
3. So that they can slip in DRMware whenever they feel like it. That is exactly what the recent Media Player EULA was changed to allow them to do.
Re:And if they didn't? (Score:3, Informative)
Re:And if they didn't? (Score:3, Informative)
Windows Update will put the MS Messenger "trojan" back on your PC.
See this Register article (which has a link to a simple batch file hack that will expunge Messenger for you):
http://www.theregister.co.uk/content/archive/24
The article on the "trojan" behavior of Windows Update on reinstalling MS Messenger:
http://www.theregister.co.uk/content/4/24668.ht
It's not that I MIND MS Messenger... It's that I DONT USE IT. So why should I have it wasting RAM and running? I use AIM, have for years, and all my IM friends use it, so I have no reason to change or to sign up for a Passport...
Re:And if they didn't? (Score:5, Insightful)
Re:And if they didn't? (Score:5, Interesting)
No. You are effectivly trying to fight a trojan in the operating system. Unless you know exacly how it works the only sure protection would be never to connect the computer to the net at all.
For starters your opponet is the OS itself, so you can't go with a software firewall - you'd need a seperate firewall box sitting between you and the net. Second, you have no idea when the packets/connections look like, so you have to keep a lockdown on all types of connections both inbound and outbound. This can be a major pain on a general purpose PC doing vaious sorts of web access - games, voice chat, P2P, and other applications constantly bumping into to firewall.
The reak kicker is that if they really wanted to they could stll get past any firewall. They could piggyback on a legitimate connection any time you touch a Microsoft controlled website. Yeah, it's getting a bit extreme, but it's possible. The OS could keep the HTTP connection alive and insert a sideband channel in the HTML itself. SOAP anyone? Or
-
But it makes the firewall illegal, no? (Score:4, Informative)
Re:But it makes the firewall illegal, no? (Score:4, Insightful)
Sure you are.
The law says you have the right to do certain things with the copyrighted works you own, such as make backups for personal use, etc. But the copyright owners don't have an obligation by law to make that possible, and that's exactly the "loophole" they're using against us right now.
Well, we're just applying exactly the same principle to Microsoft: they may have the right to remotely perform installs and upgrades to your system, but you don't have an obligation to make that possible. By putting the appropriate firewalls in place, you're simply not giving them the technological means to do what they have a "right" to do.
Now, I agree that in practice it'll work out such that the big corps like Microsoft will have the right to do whatever they please and you won't have the right to do jack shit, but that's a different discussion...
Re:But it makes the firewall illegal, no? (Score:3, Insightful)
Microsoft claims the right. There is a difference between them claiming it and them actually having it.
Trying to stop them is not only futile but also illegal.
They can put any provision they want into a EULA, and it doesn't mean squat until it's been challenged and upheld in court. Even if some dumb EULA provision is upheld after a court challenge, if you go against it, it's still just a violation of a User Agreement, not a violation of the law. It would be up to Microsoft to go after every single violator that they want punished. They can't get the gummint to enforce their contract except one case at a time.
Re:But it makes the firewall illegal, no? (Score:4, Insightful)
It would be up to Microsoft to go after every single violator that they want punished
Nope, it would be the other way around. MS can do anything it wants to your computer, just by piggybacking it within some security update. Then it will be up to you to seek justice in court and to prove that EULA is illegal.Re:And if they didn't? (Score:3, Insightful)
Let's assume this is correct.
a.k.a. Automatic Windows Update (or some other memory resident application)
Some other memory resident "application" like the operating system itself, perhaps? Just tie the "call home and check for update" code to something that happens periodically but not too often -- booting, loading an app, opening a file, making a network connection, -- take your choice. Hardly a new concept, Microsoft apps already do this (IE, for example, on startup), but not very stealthily.
Re:And if they didn't? (Score:2, Interesting)
Re:And if they didn't? (Score:5, Informative)
I checked the Automatic Updates Control Panel Applet, It was clearly unchecked, as in "Don't check for updates".
Yes, when I checked my system services, there was Automatic updates set to Start automatically and currently started and running even though It was clearly disabled in Control Panel.
Set to manual, stop the service, that should do it.
Nowhere did I see the Eula state "with or without your consent" either. Stop making stuff up.
Re:And if they didn't? (Score:3, Informative)
ostiguy
Re:And if they didn't? (Score:3, Funny)
Why hasn't this been modded up to funny as hell? I'm still laughing!
Re:And if they didn't? (Score:4, Insightful)
Nowhere did I see the Eula state "with or without your consent" either. Stop making stuff up.
Following is an excerpt from the Win2ksp3 supplemental EULA: (text bolded by post author)
I don't know what "automatic" means to you, but according to my understanding of English, it seems to preclude consent.
Yes, it DOES have to do with the Windows Automatic Updates.
Then why is it not a supplemental EULA for auto-update, rather than the operating system patch? That this EULA change was made to the operating system service pack suggests that your interpretation of M$'s intentions are incorrect.
Further interesting is that the excerpt quoted above does NOT appear in the EULA to which you must agree to begin the download, but only in the EULA click box that comes up when you begin installing sp3. The preambles of both statements are identical, clearly demonstrating the intent to deceive the user.
Re:And if they didn't? (Score:2, Insightful)
Mac OS checks for updates automatically, then allows you to decide whether you want to update.
Clear as mud (Score:4, Interesting)
Also, what happens if one of their "fixes" happens to wipe out a Linux partition? Are we supposed to accept that this agreement absolves them of any liability? If you rent an apartment, your lease may allow your landlord to go into your house for necessary repairs ("fixes"? "upgrades"?) without your consent. But that doesn't mean if he breaks something else while he's there that he is absolved of any liability. I'd think that MS ought to be very cautious of performing these updates without any warning whatsoever. I believe they've already had faulty [pcworld.com] patches in the past.
Re:Clear as mud (Score:5, Insightful)
That's clearly covered by their EULA. Read the part that says they have the right to disable any software that is capable of copying DRM-protected files. The linux "cp" command satisfies this. The linux kernel is capable of running the cp command. And note that linux is capable of mounting Windows partitions and reading Windows files.
The legal argument is left as an exercise for the reader.
Re:And if they didn't? (Score:3, Interesting)
Furthermore, even if clicking that does disable Automatic Updates, it doesn't guarantee that all of Microsoft's access to your computer is disabled. That EULA clause effectively authorizes them to leave a back door open even with Automatic Update turned off. That EULA doesn't say anything about "unless you turn off Automatic Update".
Paranoid? Perhaps, but show me in the source that it doesn't do that.
Re:And if they didn't? (Score:2, Informative)
Using linux may indeed be a superior solution, but I think your neglecting the fact that business managers are the ones making the decisions to use windows over linux. Why don't you preach to them?
Just a though
As a responsible manager I'd (Score:3, Interesting)
Im waiting for Windows to be like some Cars.. (Score:3, Insightful)
Come home after a long day of work and sit down at your computer.. Turn your monitor on ( because no real geek turns off his computer ) and get a screen that says
"Your computer is trash" then in small fine print "Microcrap was so nice as to try to upgrade me for you however the patch they installed had a fatal flaw and I am now toast, I am sorry you where not around to approve this stupidness"
Microsoft... (Score:2, Funny)
You don't understand. Microsoft wants control. (Score:2)
"Just block them (Microsoft) with your firewall."
You don't understand. Microsoft is giving itself complete power to do anything on your system. They can and do invent new protocols that bypass firewalls. Or they can send email or communicate by HTTP.
Read Windows XP shows the Direction Microsoft is Going [hevanet.com] for more Microsoft issues.
Re:You don't understand. Microsoft wants control. (Score:2)
Just send email. (Score:2)
It's easy. Just send email, using the default mail client.
SP3 and DirectX 8.1 (Score:2, Interesting)
I just sat and laughed.
How get this effect?
Load W2K, Load SP3, Load DirectX
Odd (Score:2)
MS can't help it when you load a crappy Soundblaster driver which has untested/beta modules or a non-tested, leaked nvidia driver.
Re:Odd (Score:5, Interesting)
Did you know that Visual Studio limits your ability to release your code under license you want? If you use visual studio you are not allowed to write GPLed software.
I don't care how nice it is, I value my freedom too much to use it.
Re:Odd (Score:5, Informative)
Open Source. Recipient's license rights to the Software are conditioned upon Recipient (i) not distributing such Software, in whole or in part, in conjunction with Potentially Viral Software (as defined below); and (ii) not using Potentially Viral Software (e.g. tools) to develop Recipient software which includes the Software, in whole or in part. For purposes of the foregoing, "Potentially Viral Software" means software which is licensed pursuant to terms that: (x) create, or purport to create, obligations for Microsoft with respect to the Software or (y) grant, or purport to grant, to any third party any rights to or immunities under Microsoft's intellectual property or proprietary rights in the Software. By way of example but not limitation of the foregoing, Recipient shall not distribute the Software, in whole or in part, in conjunction with any Publicly Available Software. "Publicly Available Software" means each of (i) any software that contains, or is derived in any manner (in whole or in part) from, any software that is distributed as free software, open source software (e.g. Linux) or similar licensing or distribution models; and (ii) any software that requires as a condition of use, modification and/or distribution of such software that other software distributed with such software (A) be disclosed or distributed in source code form; (B) be licensed for the purpose of making derivative works; or (C) be redistributable at no charge. Publicly Available Software includes, without limitation, software licensed or distributed under any of the following licenses or distribution models, or licenses or distribution models similar to any of the following: (A) GNU's General Public License (GPL) or Lesser/Library GPL (LGPL), (B) The Artistic License (e.g., PERL), (C) the Mozilla Public License, (D) the Netscape Public License, (E) the Sun Community Source License (SCSL), and (F) the Sun Industry Standards License (SISL).
Perception (Score:5, Interesting)
Windows has a reputation for being insecure, and thing's like this aren't going to help. If Microsoft can upload and install things on your PC at will, who's to say that someone else couldn't do the same thing? The reason Windows Update was a manual process was so you can keep track of what you install.
Re:Perception (Score:3, Interesting)
You can see the bind Microsoft's in. They produce buggy code. Everyone produces buggy code. If every programmer was perfect, we'd live in a much different computer-based society. One of Microsoft's big problems is that when they release bugfixes, they don't get applied. Many of the worms and trojans plaguing Microsoft web and mail servers have had patches released for quite some time. Poor Windows sysadmins and end-users just don't apply them. With 90% of the OS market, not having end-users apply bugfixes opens a significant number of systems to exposure.
So what can they do? Well, they can step up notification and education programs to get end-users to patch their systems, but you can't outfox stupidity or ignorance. So rather than depending on the user to patch their system, why not throw out the patches to the systems who need it? That's not such a bad idea. You take the responsibility out of the hands of the people who have failed to fulfill their duties and put them in the hands of yourself, who you trust just slightly more (and really, I do trust Microsoft just slightly more than your average end-user). That is not a bad idea from a computer security standpoint. You'd just better make damn sure your implementation is safe (a concern you noted)
But the EULA is worded badly. It does give Microsoft the authority to do much more, and furthermore, it doesn't notify the end-user of their options to turn this ability off. It gives no choice, so the people who don't trust Microsoft can't easily discover their options.
Don't fault Microsoft for being insecure and then chastise them when they take a relatively reasonable step to fix it. You're assumptions about whether auto-push-updates are a good thing (even with security considerations weighed in) come from a background where end-users are responsible enough to patch their systems. That's not the group of people Microsoft is dealing with. I agree that they should be chastised, though, for sneaking in a EULA clause, and go further to offer alternatives (we call this constructive criticism) about a way to make their solution be more palatable to the techie community.
Install without permission yea ok (Score:2, Insightful)
You want to risk your Quicken database with all your bank info being stolen because Microsoft installed some software with defaults on that allow anyone access to your computer?
They have released software/patches in the past with this issue, How do you know they wont do the same with some Forced update?
If so Im for hire, I will change the tranmission in your car for a one time fee of only $500 and I promise you "wink wink" that There will be no problems with my work.
Re:Install without permission yea ok (Score:2)
Quicken's a really bad example actually. I use that, and to run it you have to have admin rights. That's right - the daft installer doesn't grant enough permissions over its DLLs or whatever to allow normal users to access them.
There's a script floating around on the net somewhere to fix this - but it's ridiculous that a fix is even needed. Quicken were told about this problem when NT4 came out. It's still there in XP.
Daft.
Cheers,
Ian
Read the msft docs...then make your call (Score:4, Interesting)
A lot of time on Slashdot is spend carping about bugs in MSFT software. SP3 fixes hundreds above and beyond previous hotfixes. Check them out for yourself [microsoft.com] and decided whether you would rather have a better functioning Windows or stand up for civil liberties.
Both are legitimate practical considerations. One might be more pressing depending on your current state of employment...
Re:Read the msft docs...then make your call (Score:5, Interesting)
SP3 fixes hundreds above and beyond previous hotfixes. Check them out for yourself [microsoft.com] and decided whether you would rather have a better functioning Windows or stand up for civil liberties.
That makes no sense at all!
Wtf should I have to make that choice?
Apple pie is much better than a grenade up your arse. Read the recipes for both and decide whether you would rather have apple pie or blow yourself up.
It's a bloody operating system for christ's sake! It's supposed to work *for* the consumer, not force him/her into a "Hobson's Choice".
Re:Read the msft docs...then make your call (Score:2)
(notice incoming connection to port XXXXX from mp3delete.microsoft.com application NT Kernel, accept? ALWAYS BLOCK)
There are so many windows users that somethign like that just isn't possible. Besides the EULA says that they can upload FIXES to you. First of all just don't install the automatic updater. There's a good chance that whatever they need to give you new "fixes" is in there. second, if they do indeed upload a fix to you, and you find out, what are you going to say? they fixed a bug in my computer? The EULA specifically says they can upload fixes or updates. If something they upload is not a FIX but is a BREAK you can sue and win easily.
Use linux to develop software, it has superior free compilers and superior code editing tools, text editors.
Use Windows 2000 for everything else. It never crashes, it runs everything, it's secure enough for me, its easy, its fast, its pretty, all my hardware works with it. What more do I need?
You have no choice (Score:5, Interesting)
I find it interesting that this is legal, to change the conditions in PATCHES.
Why dont they just add the line "..and every microsoft employee may get to have sex with your partner"
Re:You have no choice (Score:2, Funny)
A case for the EU commission (Score:5, Interesting)
I think that at the very least, Microsoft should be required by law to provide an EXACT definition of what constitutes an upgrade or fix and what Liability Microsoft has. It really is time that software companies were made 100% as liable for their shoddy, devious and deceptive practices as car manufacturer's are for example.
Re:A case for the EU commission (Score:3, Informative)
Most of what's being discussed here is the subset of common law related to contracts.
To my knowledge, nobody but the anarchists -- not even the staunchest of libertarians -- wants to eliminate enforcement of contracts, or controls over how contracts must be made (and agreed to) to be binding.
The wrong Focus... (Score:2, Interesting)
IMHO, most people are focusing on the wrong aspect of this change. Sure, this change in the EULA gives MS the power to connect to, scan, and update the OS Software on your PC - and with their past record with releasing buggy, security-flaw ridden software, one should think that having the most recent patches installed ASAP would be a good thing (though MS Have been known to go from bad to worse with some of their patches!)
However, you all seem to be missing a more obvious implication - if MS can connect to your machine to load Legitemate updates, How long do you think it will be before your local 3v1l Hax0r d00d works out how to spoof the mechanism to his/her own ends?
It's not necessarily what you are allowing MS to do that you should be worring about - it's what you will be allowing the rest of the world to do that should worry you!
<PARANOIA MODE="OFF">
We're watching the wrong hand (Score:5, Interesting)
Did you see the .NET clause? (Score:2, Insightful)
You may not disclose the results of any benchmark test of the .NET framework component of the OS Components to any thirdparty without Microsoft's prior written approval.
How about that, wonder what they are trying to hide? SP3 must contain some of theRe:Did you see the .NET clause? (Score:2)
Live with it and then just upgrade to a better OS (Score:2, Interesting)
Microsoft isnt playing nice. neither am i (i've never paid for a copy of windows) - win2k is the last microsoft OS i will ever use.
Forcing a contract is illegal. (Score:5, Interesting)
Forcing someone into a new agreement is illegal. Governments should give this some attention. The updates are necessary, partly because the software is sloppily written. The user does not have a good option; the only option is to get a new operating system and re-train everyone, and accept that some programs on which a business is dependent don't work. That's force.
You can remove the Microsoft EULA: Windows VBScript for automatically removing the click-through End-User License Agreements found in most installers [google.com].
It's no fun to work at an abusive company. We are seeing a rise in the number of sneaky contracts. This seems due to the presence of people with no technical knowledge at technically oriented companies. These people cannot contribute to the real work of the companies; all they can do is invent ways to abuse the customer.
As companies become more abusive, it becomes more miserable to work there. If you are good at what you do, quit and get a job somewhere where people are treated like people.
This is where it is all leading:
EULA:
- I can do anything I like.
- You have no power.
- You can't say anything bad about me.
- Everything belongs to me.
I knew a 3-year-old who said this.Slashdot has a sneaky EULA, too. At the top of every Slashdot article, it says, "The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way."
This sounds like you own your comments, doesn't it? However, the OSDN Terms of Service [osdn.com] says at section "4. CONTENT", paragraph 6,
"In each such case, the submitting user grants OSDN the royalty-free, perpetual, irrevocable, non-exclusive and fully sublicensable right and license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and display such Content (in whole or part) worldwide and/or to incorporate it in other works in any form, media, or technology now known or later developed, all subject to the terms of any applicable Open Source Initiative-approved license."
The contract is written in such a way as to appear that it has been made intentionally confusing. However, it looks like "comments are owned by whoever posted them" means that, yes, you own the intellectual property you created, but VA Software Corporation owns it too.
This appears similar to owning a car, but under the condition that someone else can use it at any time, and without notifying you. In any case, Slashdot's The Fine Print is misleading; it is not all of the fine print, although that line at the top of each story certainly encourages you to believe it is.
No, it is similar to owning a car. . . (Score:2)
The difference is that in your analogy you could be denied the *use* of your car.
In mine you can't.
It's *copy*right people, *copy*right. Not *use*right.
KFG
Re:Forcing a contract is illegal. (Score:3, Interesting)
Words, thoughts and ideas are completely different. If someone uses an idea you thought of, it does not prevent you from using the same idea. The whole idea of "intellectual property" seems so ludicrous to me in theory. How can you "own" an idea when anyone else can think of it? It's not like a car that has some physical existence and can only be in one place at a certain time.
"... it is the nature of idea to be communicated; written, spoken, done. The idea is like grass. It craves light, likes crowds, thrives on crossbreeding, grows better for being stepped on." - Ursula K. Le Guin, The Dispossessed
Now this is an interesting example. Although I am using an idea that someone else thought of, I note that it is not "my" idea (whatever that means) by placing a persons name after the idea, signifying that that person thought of it before me. Does this mean that she is the first person to ever think of it? Not necessarily, she is probably just a person with enough popularity to spread ideas (to me, at least). Would she be offended if I had included the idea without giving her credit? Considering the idea in question, probably not. Why do I do this, then? Probably to give respect to someone for putting a thought into words so eloquently.
Re:Forcing a contract is illegal. (Score:3, Interesting)
Remote Admin Rights? (Score:2)
When I use up2date in RedHat, I need to be looged on as the admin and also be registered with them.
It's funny that people make such a big deal out of licenses. Licenses are written by lawyers for lawyers. Not even the developers had an idea of what it is except for those who like to waste valuable time reading the pages and pages of the licenses.
Re:Remote Admin Rights? (Score:2)
The point is that MS will and has.
Re:Remote Admin Rights? (Score:3, Insightful)
"It's no big deal, everybody is doing it"
"No, Microsoft is the only who does [nasty things]"
"Then don't use it, geeez."
First of all, even if you only "go with manual updates" Microsoft still has the right to ignore all settings you made and install one update or another (DRM) anyway.
What will you do? Sue them?
Here is a copy of the changes... (Score:2, Informative)
* With respect to the OS Components only, if the licensor of the
applicable OS Product was an entity other than Microsoft,
then for the purposes of this Supplemental EULA Microsoft
will be the licensor with respect to such OS Components in
lieu of the "Manufacturer" or other entity and support, if
any, for such OS Components shall not be provided by
Manufacturer. With respect to the existing functionality
contained in the applicable OS Product which is not updated,
supplemented, or replaced by the OS Components, the EULA
for the OS Product shall remain in full force and effect as to
that OS Product.
* If you choose to utilize the update features within the OS
Product or OS Components, it is necessary to use certain
computer system, hardware, and software information to
implement the features. By using these features, you
explicitly authorize Microsoft or its designated agent to
access and utilize the necessary information for updating
purposes. Microsoft may use this information solely to
improve our products or to provide customized services or
technologies to you. Microsoft may disclose this
information to others, but not in a form that personally
identifies you.
* The OS Product or OS Components contain components that
enable and facilitate the use of certain Internet-based
services. You acknowledge and agree that Microsoft may
automatically check the version of the OS Product and/or its
components that you are utilizing and may provide upgrades
or fixes to the OS Product that will be automatically
downloaded to your computer.
* If you have multiple validly licensed copies of the applicable
OS Product(s), you may reproduce, install and use one copy
of the OS Components as part of such applicable OS Product
(s) on all of your computers running validly licensed copies
of the OS Product(s) provided that you use such additional
copies of the OS Components in accordance with the terms
and conditions above. Microsoft, its subsidiaries and/or
suppliers retain all right, title and interest in and to the
OS Components. All rights not expressly granted are
reserved by Microsoft, its subsidiaries and/or suppliers.
Re:Here is a copy of the changes... (Score:2)
Product or OS Components, it is necessary to use certain
computer system, hardware, and software information to
implement the features. By using these features, you
explicitly authorize Microsoft or its designated agent to
access and utilize the necessary information for updating
purposes. Microsoft may use this information solely to
improve our products or to provide customized services or
technologies to you. Microsoft may disclose this
information to others, but not in a form that personally
identifies you.
And you actually want to allow them to do this? If you agree to this it seems as if you are agreeing to them doing what they want on your computer, since they don't define what "improvements", "upgrades" or "services" mean.
Uhhhh, that's not in the EULA... (Score:2, Interesting)
Well, either way, I'm gonna install it. I personally feel that there is a lot of paranoia running around, as for Microsoft to initiate an upload of some software updates to a random windows user X, there would be a HUGE GAPING HOLE in the security of the software (if M$ can do it, 1337 h4x0rz can do it...), plus they would have to know your IP (which seems to change on a regular basis for many home users I've met). So that leaves two avenues: auto-updates (for those who leave that enabled), and manual updates. For those who've used the Window Update feature to manually update, You get a fair amount of information on each update, and although they could sneak something by, I think someone out there would figure it out, and I don't think microsoft is blind to the fact that the public outcry would be substantial.
At least that's my opinion.
Script kiddies' wet dream (Score:3, Insightful)
I don't think the mainstream public really cares about what's in a EULA. Hell, I generally don't either. But just think of the implications of people refusing to install patches and security updates because they're accompanied by EULAs with bizarre "big brother" clauses.
Now, with that said did any of you bother to read the article? Here is the offending text:
"You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer,"
A little sensationalistic to call this "remote admin rights" isn't it? Basically, this just gives them the legal legroom required to make their automatic updates feature work, which is a good thing. It means more patched machines out there - less of that Nimda shit.
Nobody's spying on your MP3 collection. There's nothing to see here, folks.
Re:Script kiddies' wet dream (Score:5, Insightful)
It gives legal legroom for full admin rights since vague words like "upgrades or fixes" are a lawyer's wet dream. DRM is an upgrade in MS's view, deleting unauthorised mpegs is a fix to the MPAA. Are you going to argue?
TWW
Re:Script kiddies' wet dream (Score:3, Interesting)
Sure it does: a future MS OS advertises "Automatically deletes potential virus files" then proceeds to remove any "suspicious" files, eg any unsigned files downloaded over P2P. Nothing you can do about it.
I'm not saying they will but you're saying they can't and that's just not true.
TWW
Re:Script kiddies' wet dream (Score:5, Interesting)
Step 1: Log into Windows 2000 (any flavor) with a non-administrator user account.
Step 2: Go to windowsupdate.microsoft.com
Step 3: Note the following message Step 4: Explain to me your insinuation that manual updates somehow require administrator rights but automatic ones don't.
Also, considering that the updates are installed automatically, imagine all the new and interesting EULAs that will spring up now that I no longer have the option of not agreeing to them.
Easy Solution (Score:2)
I installed SP3 on my Win2K laptop (Score:3, Interesting)
My work provided laptop is Win2K. I don't have any choice in the matter, that is the company required OS. I installed SP3 last night. It changed my auto-update setting to automatic without telling me. At work and at home I am behind firewalls. In the work environment all updating of Windows is handled internally, not by windowsupdate.microsoft.com. At home I patch manually. I don't want auto-update turned on. Since I always turn it off, I didn't realize it had been turned on until I checked, after reading this story on slashdot.
I have submitted a formal request for exception to be allowed to install Solaris or Linux on my laptop since I all of my work is primarily done on Solaris platforms. As of right now I have no intention of any of my own PC's having Windows ever again (my personal workstation is RedHat 7.1) and if I get this exception same rule goes at work. My wife uses Mac, and so does my son.
I have never seen RedHat or Solaris updates change settings on my PC/server/etc without asking if it was okay to do so. Solaris packages ask if it's okay to install with root permissions or modify permissions. When is the last time a Windows package asked you that? I've been using computers since about 1979, I'm tired of being treated like I'm stupid. I suspect a major part of the reason users are stupid is because software companies taught them to be stupid.
Future EULAs (Score:3, Insightful)
Here's the real problem - updates without Update (Score:4, Insightful)
-
The OS Product or OS Components contain components that enable and facilitate the use of certain Internet-based
services. You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its
components that you are utilizing and may provide upgrades
or fixes to the OS Product that will be automatically
downloaded to your computer.
Could this be construed to allow Microsoft to access your machine even with Windows Update off? Corporate users, especially sysadmins, should bring that clause to the attention of their attorneys. It's probably unwise for corporate users to install this update without obtaining legal advice.Slashdot being astroturfed? (offtopic) (Score:5, Interesting)
The response is 383 words. That's over 127 words per minute.
Furthermore, this paragraph smacks of being mandate-driven...
And before we crucify Microsoft alone for including this "heinous" behavior, check Apple. Mac OS has performed automatic updating since Mac OS 9. I don't know about any other software, but I would love to see some form of update checking and/or installation method for servers, especially the variety that are intended to be installed, turned on, and forgotten, like email notifications or schedulable updates. I'd also like to see a move to create a standard through which updates can be propogated for any software. Some software already scan, like Adobe Acrobat Reader, Macromedia ShockWave, and I think QuickTime. If there were one place, maybe things could be more organized and more user friendly.
Am I the only one getting the feeling that
Oh the irony... (Score:5, Funny)
Re:You're assuming too much (Score:2)
Since you seem to feel the same way, why don't you add your records to the site? I'm sure someone here has enough spare server space to find a temporary home for the info until the three individuals mentioned above can find their checkbooks.
Use the Preview Luke (Score:2)
Re:You're assuming too much (Score:2)
Re:You're assuming too much (Score:2)
Personal privacy includes digital privacy.
Somewhat somplistic, aren't you? (Score:4, Insightful)
I have no "warez" on my machine or MP3's for that matter, and I do use my Windows machine to "make money" but I don't think I want to allow Microsoft access to my computer for other reasons. The reasons include Microsoft changing the OS to a subscription model without my consent, Microsoft having access to company and private information which would constitue a breach of my and my company's privacy (small company, no corporate versions) and Microsoft modifying the OS to exclude me using competitor's software without warning me in advance.
I think this is a case for the EU commission on privacy and legality of contracts here in Europe. I don't know about the USA though (OI assume that obviously such contracts are legal in the USA).
Re:Somewhat somplistic, aren't you? (Score:2)
Do you think that your data files are of any interest to Microsoft? Do you truly believe they are systematically uploading your data files and perusing them for any anti-Microsoft messages hidden therein?
Re:Somewhat somplistic, aren't you? (Score:4, Interesting)
At the very least this means that Microsoft would have been able to sell my personal data to spammers. (Did you ever wonder how so many spammers got that email address of your in your profile above?). We don't do this but assuming that we used a CRM solution that was from a competitor of Navision (has been bought up by Microsoft). Do you seriously belive that Microsoft would never consider using that information or private CRM DB info as a means of getting us to switch or at the very least using the fact that we might be using a competitor's software and sending our info to their CRM department so that Navision would suddenly be sending us spam or reps to sell their stuff to us.
Do you trust Microsoft that far, legally, when Microsoft takes great pains to avoid any liability whatsoever with their EULA's?
Re:Somewhat somplistic, aren't you? (Score:2)
Now this I can believe.
Re:Somewhat somplistic, aren't you? (Score:2)
Hotmail is of course not business critical. How are we supposed to trust MS that they will not do the same with our business data. They in no way refer to their ability to access private data and how they handle such a responsibility.
Re:Somewhat somplistic, aren't you? (Score:2)
The Hotmail example is that for some unexplicable reaon spammers suddenly started knowing my first and family name although these were not in my hotmail address, but as the hotmail account was one that I had for many years before MS bought them out, I had my personal info in the profile area (stupidy, and forgot about it for years). It's not an example of conclusive proof but to be honest MS just scares me to death with their EULA's because they are asking me to trust them too much and they have a record of not being exactly trustworthy in their legal dealings.
Further up somone posted a copy of the changes to the EULA. Read the bit about MS sharing your information.
Re:You're assuming too much (Score:5, Insightful)
Besides, complacency isn't the answer. MS isn't currently collecting people's first-born; but reserving the right to would (and should!) raise a few eyebrows. It's not that I think they have sinister intentions right now, it's just that I don't trust them to come up with a way to profit at my expense... something not exactly foreign to them, according the to DOJ...
I don't think that they need that clause in the EULA to do what they want to do; all they need to say is that by using their updating software, you grant them the right to make certain changes to the system for the purpose of installing that software & that if you don't like that, you can just turn it off and prevent it from connecting to MS for updates, but that this may not be a good idea.
BTW, yes it really does bother some people to know that MS has a backdoor on their system, just as much as it would bother them to have sub7, netbus, or BO installed. While we may (think) we know exactly what it's doing, given MS' track record on security, it might as well be BO -- at least you can password protect an installation of that...
Just remember an old legal proverb: only a fool signs a contract because he thinks it's unenforcable.
Re:You're assuming too much (Score:2)
For the millions of PC users who exists, only a small fraction of them have any data that anyone gives two cents about.
Moral: use the right lock for the job.
Re:You're assuming too much (Score:2)
For the millions of PC users who exists, only a small fraction of them have any data that anyone gives two cents about.
What about marketing data ? Don't you think Microsoft would love to be able collect picture perfect marketing data on each and every one of thier customers ? What websites they visit, what items they buy online, what software they have installed, how many people use the system. Much of this data could easily be collected simply by retrieving everyones IE history and cookie files. You may lead a completely uninteresting life, but other people have data they would rather not have collected on them. AIDS patients and unpopular political or religious views to just name a few. So you go ahead and trust Microsoft to do the "Right Thing", me, I prefer to keep my life private thank you very much.
Re:You're assuming too much (Score:2, Insightful)
I don't think they are out to destory a persons personal files.
Why don't you have a look at the EULA itself, then make your judgements.
Knowledge talks, Wisdom listens
Re:You're assuming too much (Score:2)
Re:You're assuming too much (Score:2)
Re:You're assuming too much (Score:2)
Re:You're assuming too much (Score:2, Insightful)
Re:You're assuming too much (Score:2, Interesting)
> Once Linux satisfies my video editing needs, all
> Windows partitions are gone. Hmmm, maybe it's time
> for me to start researching that a bit better.
The best (and now probably the cheapest) digital video editing system I ever used was iMovie 2 on a Snow iMac. You can pick a 500mhz (the same one I have) one up on EBay these days for a bit over $200. Use that for video editing, and blow away those Windows partitions. That way you can have the little iMac's hard drive dedicated to video editing, and still have your entire PC hard drive for Linux. If the iMac has OS 9 on it, and you want to use as much open source as possible, later versions of iMovie will work with OS X.
Just a suggestion.
"What I'm thinking is different from what you are."
Belabera, "Mothra 3" 1998
Re:You're assuming too much (Score:2)
Good question. Isn't this the main impetus behind adopting "Free" software?
But then again, the GPL also states that any software so licensed is bound to any future revisions of the GPL.
Re:You're assuming too much (Score:2)
Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation.
The normal GPL says the same thing. There are no EULA backdoors that allow them to change the license of installed software (like MS is doing). The license only changes if you (the user) want it to. If the FSF goes off their collective rocker and releases a GPL that requires you to install back orifice on your home PC and give them the password, you are free to tell them to piss off and keep using all your current software under version 2 of the GPL.
Re:You're assuming too much (Score:2)
But then again, the GPL also states that any software so licensed is bound to any future revisions of the GPL.
Shut up, liar. Usual license note says "either version two of this License, or any later version." This means, the current version of the license can't be revoked, it only allows the user to choose to comply with the later version if it will be issued later. If the later version will be more restrictive user can choose to continue complying with the older one.
Re:You're assuming too much (Score:2)
Anyway, the relicensing capability of licensees allows them to choose later versions of the GPL that the original author never accepted.
Or do you think Linus altered the license for no reason at all?
Re:You're assuming too much (Score:2)
- But then again, the GPL also states that any software so licensed is bound to any future revisions of the GPL.
Have you ever actually read the GPL? First, the GPL itself does not mention anything like this. The typical (and recommended) application of the GPL requests adding this paragraph to your software:- This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This isn't part of the GPL itself, but I assume this is what you were referring to. Note the at your option part. This paragraph does appear in most GPL software I've seen, and I've never yet seen it without the at your option part.Re:You're assuming too much (Score:2)
Haha. If the product ever becomes big enough to be noticeable, it will be incorporated and the company will be put out of business. Who are you kidding?
Cool, can I come over and look at your checking account statements -- why would you want to hide them -- I promise I won't access your accounts
Sure. I haven't had visitors in a while. You figure out how to come to my house, I'll turn over my bank records.
Can I have someone come on over an catalog your CD collection and then sell the list under the table to Columbia House record scammers?
As long as you can find a way to do it from outside my front door, sure.
I flash back to the 30's, see the Nazi flag rising
Now that's not fair. Invoking Godwin at this stage isn't very sporting.
Re:You're assuming too much (Score:2)
Can I have someone come on over an catalog your CD collection and then sell the list under the table to Columbia House record scammers?
As long as you can find a way to do it from outside my front door, sure.
This is exactly what you are doing, you are inviting MS into your house and allowing them to catalog all your data and once DRM is implemented, you will be the one standing on your front porch waiting to be let in.
Re:You're assuming too much (Score:2)
The problem of security is important to everyone, but not everyone is paying attention as closely as necessary. Perhaps it is the Windows paradigm of ease before functionality that has engendered this mentality, but many Windows sysadmins are simply not preoccupied with security as they ought to be.
Re:Before you click that link... (Score:2)
Those sneaky bastards (Score:2)
Yes, we'll fix that ActiveX problem you have, but in return you must give us the right to your first born. Oh, you refuse? Then we can't be held responsible for any attacks on your system, after all, we don't give mainstream support to Windows 98 anymore [microsoft.com].