Microsoft Security Updates for Pirated Windows? 1096
zachlipton writes "DSL Reports has an interesting question posted: should users with pirated copies of Windows be allowed to download security updates, such as for Sasser? Apparently, without a valid CD key, users cannot download these updates. Do they get what they deserve, or should they be allowed these updates through Windows Update in order to reduce the impact of these worms on the rest of the net? Should security updates only for worms be made available to pirated users, or also updates for issues that while not posing a risk to other internet users, would open the pirate up to a security hole?"
Hey lets support the thieves! (Score:5, Insightful)
Want software without paying for it? Use Free Software. Theres heaps of it.
Just pirate the patches (Score:5, Insightful)
Read carefully (Score:5, Insightful)
oooooooooo lord yes (Score:3, Insightful)
I would hate to see sasser or code red hit the large percetage of people that pirate, and CANT patch. Internet go byebye!
two words... (Score:1, Insightful)
Microsoft is not a charity (Score:5, Insightful)
Why should it have to pay for the bandwidth to support pirated copies? There is no benefit to them.
Most if not all infected Sasser users around here had legit but hadn't bothered to update. Real crackers use the corporate version of Windows that apparently doesn't require a CD key for updates.
Support (Score:3, Insightful)
I have been of the oppinion that App level firewalls at the ISP level (hell even port blocking during worm-storms) is a necessary function. During the Nachi outbreak ISPs were killing ICMP just because of the sheer mass of pings flying around were bring down gear.
At the very least, ISPs should be responsible for the prevention of outbound malicious traffic, automated or manual (aka: crackers, kiddies etc.)
When they knowingly ignore the traffic traversing their network and wreaking havoc on others, I am always disgusted.
Not that my shit don't stink, but if I got a line spewing worm, it gets pulled till it's clean. Thank goodness for the public sector.
Updates (Score:2, Insightful)
Not quite, (Score:2, Insightful)
Give people more incentive to use linux instead of a pirated copy of XP.
Re:What about MSDN windows (Score:3, Insightful)
It would be wise to provide patches for everyone.
Re:Tricky situation... (Score:5, Insightful)
A great deal of windows piracy is by people who have absolutely no idea what they're doing. Other people do the pirating for them, and they just use the OS the same as if they had bought it.
Simple answer, but not... (Score:5, Insightful)
For the common good of the internet, as well as for the sake of protecting Microsoft's already spotty image, they should be allowed to download hotfixes... after all, they wouldn't need them if Micrsoft had done it right in the first place.
The corporate answer is no.
They didn't pay for the software and are therefore ineligible for updates.
My opinion?
For the common good, Windows should go away. But until then, everyone running it, legally or not, needs to have access to emergency patches and fixes.
The obvious answer is no, but it may not right. (Score:5, Insightful)
As with all things though it's seldom that simple.
When a company such as Microsoft gain a significant share of the market (yes... monopoly), then the damage that saying no could be could actually threaten the stability of that society were their software to fail sigificantly.
i.e. If machines cannot be patched with at least the bare security updates, and those machines then assist in the even wider propagation of a virus or worm such that it affects the infrastructure of the Internet as a more general thing.
Then in those cases, would it not have been a civic duty upon the company to protect the wider Internet and society (of their original shortcomings in allowing the vunerability to exist) regardless.
So I'm more of the opinion that No should be the answer for all bells and whistles things... such as Media Player. But that all security patches should be installed on every machine possible... regardless of whether that is a machine without a legit key or not.
Interesetingly, this is probably opposite Microsofts view. As to be able to manipulate market forces they need critical mass in areas suh as Media Player. So I think from their perspective they would probably wish to allow the whistles, but to encourage/force the upgrade to a legal version would probably wish to disallow stability patches (read: security) so that legit systems are more stable.
Re:Microsoft is not a charity (Score:3, Insightful)
It helps them maintain their monopoly. If people couldn't pirate Windows many of those people would switch to Linux.
If you're not legally licensed, (Score:4, Insightful)
Granted, these people not getting the software updates will cause problems for the rest of us, in that they're propagating some sort of virus.
My solution to that is to shut off the users. If the ISP of this user can prove that the user's PC is infected and sending out the virus, then it should be simple for the ISP to say, "patch it, or we're shutting you down".
I'm not really fond of ISPs snooping in on my traffic to determine whether or not to cut me off, so they should base it on a complaint system - if somebody complains that you're spreading the virus, then the ISP investigates (I recall lots of people with logs of Code Red attacks). If they find proof that you're spreading the virus, then you're forced to patch, or if you can't, you're shut down.
Extreme, perhaps, but the only way that people will properly maintain their machines.
-- Joe
A tough call, indeed. (Score:5, Insightful)
On the one hand there is piracy. Even if you say it's an advantage for Microsoft because of more dependency, the truth is that it isn't what they want people doing with their product, and it is illegal. If you want the support you should fork over for the product; after all Windows is about as Not-Free-Software as you can get. Perhaps if it wasn't such as widespread, costs to cover piracy would come down, and Windows would be cheaper and thus more easily availible. A rock and a hard place, people will need to buy before they can afford, and the numbers on actual piracy are way out of the realm of possible statistical analysis.
That being said, not getting security updates can cause problems for the Internet as a whole, not to mention for valid Windows users as pirate machines which can't be patched propigate viruses. That is more than just a problem for the people with bootleg'd copies themselves, that causes network congestion and performance problems for valid users as well. I know my Apache logs are still crammed with exploit attempts...
It's a question of responsibility vs. assisting lawbreakers. My (personal, humble) opinion is that Microsoft should allow security patches to all copies of Windows as it defeats expliots and worms/virii much quicker, but as for feature upgrades and bug fixes which are not a security issue, Microsoft should withold those unless the user has a valid serial key. True seriousness about security means defeating the problem for more than just customers, it means providing a better enviroment for everyone. This, I believe, is the root of the problem in the Microsoft attitude, and it's kind of sad that the largest software company on Earth can't see far enough past their bottom line to make such a move.
No one is (or should) ask them to give away anything more than saftey.
Re:Just pirate the patches (Score:3, Insightful)
no feature upgrades (Score:1, Insightful)
Re:The obvious answer is no, but it may not right. (Score:4, Insightful)
That said, if a person did not legally acquire a product, they don't deserve support for it, I couldn't care less if it was a product that almost everybody had, and only one company made it.
I'd be in favor of Microsoft giving out the security update, if they tracked everybody who didn't have a valid license and then tried to sue said user.
If I bring a stolen car for service at any place that checks the VIN on the car, I can fully expect to be arrested, I don't see why people who copy software should be any different.
-- Joe
Re:Support (Score:2, Insightful)
The cost will skyrocket. Who gonna pay for that? Subscriber of course.
Re:Microsoft is not a charity (Score:5, Insightful)
I think, my friend, that therein lies the issue. Think about it for a minute and try putting yourself in MS place... You already developed your software. You already paid for it. You are spending no money in distributing it. You are not supporting in any way the people w/ pirated windows copies. The bandwith costs are negligible. 95% of all the new desktop computers sold pay a forty or so dollars tax to you. You are sitting on 50 billon dollars in fairly liquid assets. You are scared silly of open source advances... why in the world would you not provide free upgrades to a couple hundred thousand computers when the alternative they might chose is what scares you silly in the first place?
why are we even discussing this again?
There's always a way .... (Score:3, Insightful)
Pirated users aren't able to download patches? (Score:1, Insightful)
*logs on to Windows Update*
*downloads some critical updates*
OH, you must mean users of the FCK key. Not those of us with the corporate edition that used a key changer and a list of corporate keys Microsoft hasn't yet banned (and no, I don't know why)
Because their bugs are trashing the net. (Score:3, Insightful)
Because infected and unpatched instances of their software generally continue to operate for the user while clogging the net with viral traffic, serving as zombies for DDoS attacks and acting as spam forwarders.
This is damaging to legitimate customers of Microsoft's products, users of competitors' products, users of open-source products, and operators of the network infrastructure, as well as the users of unlicenced copies of their product.
Re:This should apply to stolen cars too (Score:2, Insightful)
1.Stole that radio and it doesn't work? I should still be able to get it fixed under warranty.
Yes, you should. If that thing is polluting the FM band and causing problems for others, then it should be fixed regardless of its legal status.
2.Stole that car and the radiater hose burst?
Sure. I'd rather it be fixed and the cops take care of the legal stuff than having it go out of control and ram my car or help add 1 one to everyone's commute when it does break down.
It is not the job of the corporation to act like a quasi-police force. Crime should be taken care of by the cops, not by half-assed "we won't patch you" policies.
Re:Read carefully (Score:5, Insightful)
I really think it should be illegal for them to change your license in an update anyhow. I mean, do the warranty conditions on your car suddenly change drastically when they replace parts in a recall? I'm sure some of you can come up with better analogies.
They are basically forcing their users to change the licensing deal well after the initial agreement and purchase. But aren't we paying for the license to use the software in the first place (as the EULAs themselves make clear). How can they change the terms of that license after we've already paid for it? I suppose that is in the EULA somewhere too though.
So basically we pay for a license giving us the right to use their software. And that license may change at any time at their discretion. Especially if the product is faulty and needs an update.
Considering the cost of the software, the relative functionality compared to alternatives, and these licensing terms, I have to wonder why is it so many people buy this stuff again?
Re:MSFT Can Pick Its Poison (Score:4, Insightful)
(note that I left out writing better software)
Yeah, because writing better software would both cost money and serve the general good. So they have the same choice to make in that regards. We've all seen how they've made that decision in the past.
A better pick your poison scenario is this:
Spending money on bandwidth patching unpaid clients
vs
Spending money on bandwidth due to DDOS attacks from unpatched clients
Re:The obvious answer is no, but it may not right. (Score:5, Insightful)
The scary thing, the *people* actually believe that is how it should be.
The whole concept of corporate charters seems to have been completely forgotten and the idiotic notion "corporate personhood" accepted without question.
It didn't take all that long for America to chain itself back up with most of the chains it broke free from in 1776.
Re:The obvious answer is no, but it may not right. (Score:3, Insightful)
The answer to this is simple... (Score:2, Insightful)
Re:Beta versions and corporate license CDs (Score:2, Insightful)
It depends. (Score:3, Insightful)
And the Microsoft monopoly adds an interesting spin to the issue of piracy. People no longer use Windows because they want to, but because Microsofts tactics have ensured that they'll probably need to. Microsoft is actively attacking legal alternatives to Windows, through investments in litigious bastards [thescogroup.com], software patents, and false advertising campaigns. They left the realm of capitalism and the free market years ago. They took choice out of the hands of the consumer and now they get free money. I personally respect their IP but it's getting harder and harder to blame Windows pirates these days. All the other pirates can go #### themselves, but stealing Windows is like stealing water from a company that poisoned your well.
Microsoft should definitely be able block updates to pirated copies of Windows if they wish. I think if they do it'll just fuel the switch to alternative operating systems, which their other commercial offerings won't run on. If they're confident that everyone that pirates Windows pirates the rest of their stuff as well, and they don't think giving alternative operating systems a foothold is going to be bad for their future, then they should go ahead.
But if you think about it, the most monopolistic action they could take would be to ALLOW pirated copies of Windows to be updated. It'd slow the adoption of alternative operating systems, and help keep estimates of worm and virus infection rates that so often make the news as low as possible. If the rates of Windows exploitation increases dramatically, people aren't going to think, "Oh, those are mostly just pirates who are being affected," they'll think, "Windows is looking less secure than ever before and look, I just got another dozen virus infected emails over my lunch break, maybe I should try this
Re:Support (Score:5, Insightful)
How, excatly speaking, can an ISP know which app generated which packet in a remote machine ?
And ISP-level port blocking is the foulest evil an ISP can commit, far worse than asymmetric connections or hidden monthly usage limits. Port blocking prevents your computer from being used as anything except a simple surf station; even some FTP sites refuse to work. There is absolutely no justification for this.
Internet was designed to be a P2P network. Do not break it. Especially just because some people insist on using computers without bothering to learn to maintain them (or hiring someone else to do so).
Yes, it's so simple and straightforward to tell a good packet from a bad. All it requires... is checking the evil bit !
An ISP is just a traffick carrier. In no way, shape or form, should they be responsible for the actions of their users. If they are, it will be an additional incentive for them to block all the ports from incoming connections, reducing the value of Internet for all and making interesting and important applications like Freenet [freenetproject.org] impossible. But even if they block all the incoming ports, it still won't stop the worms from spreading (by e-mail), it will simply give them an excuse for the Courts ("Hey, we did our best !"). All pain, no gain.
As this is self-obvious, I must ask: Are you a RIAA mole, trying to destroy the P2P networks ? Or are you a government mole, trying to destroy the capacity of Internet for applications like Freenet [freenetproject.org] ? Or are you just a particularly clever troll who got modded insightfull by a not-so-clever moderator ?
Inquiring minds want to know ?-)
Re:Hey! Are you getting Sasser with me? (Score:5, Insightful)
You sound like the people in the porn industry who try to justify having sex without condoms.
If you have no antivirus software, how can you be so sure that there are no viruses?
LK
Re:Read carefully (Score:2, Insightful)
In short, these people have real needs, and real considerations and Linux --as decent as it is-- does not cover all things for all people.
Simple matter of trust (Score:2, Insightful)
And the truth comes out on Slashdot... (Score:2, Insightful)
I have a better idea. Microsoft should set the updates to automatically remove the operating system from anyone who is not a legit user. Not touching the data, just the system files. That way these thieves will not be able to spew forth more worms onto the net. That way they reclaim their stolen property.
I bet you dont start bleating away when a flaw is found in Apache or sshd do you? Oh no...these products have been produced insecurely so they must be made to PAY, must they not? Why dont you bleat about Red Hat not providing support to those not on RHN? These people got a Red Hat product, they should be supported by Red Hat? No, of course not, different rules for FOSS isnt it?
Re:What about MSDN windows (Score:3, Insightful)
The financial loss of millions of pirated systems is far less than any damage a few pirated systems can do to their valid customers and their pretty own reputation.
cb
Re:What about MSDN windows (Score:3, Insightful)
It would be wise to provide patches for everyone.
Yeah, but Microsoft is a corporation. Wise != Profitable.
Re:What about MSDN windows (Score:5, Insightful)
Restricting patches guarantees hackers a healthy number of drones to use in DDoS attacks, and runs counter to all the other efforts focused on getting users to keep their systems up to date.
Re:Support (Score:5, Insightful)
Really. Given the choice between 90% of users being able to use the net, or 100% of users being unable to use the net, which do you choose?
It's perfectly reasonable to block certain types of packets during times of need. Is it desirable? No - but it's also not desirable to have worms, viruses, trojans, and other malware in the first place.
Get over it. Idealism on the 'net ended when it became a commercial entity. Now pragmatism is the rule of order.
If your ISP blocks ICMP during a ping storm (as the grandparent examples) in order to preserve some semblance of service, and you are offended by that, get another ISP.
And while you are getting over it, get real, too. Freenet is cool, but it's not going to save mankind, and not everybody in favor of pragmatic use of private resources is a fan of the Record Industry Association.
Re:What about MSDN windows (Score:1, Insightful)
Sure, Mr. Anonymous Coward.
Re:What about MSDN windows (Score:3, Insightful)
What the mention of China and SE Asia said to me, to spell it out, was this reminder: that however tight and hard the legislative screw is turned in US and Europe, and however hard punitive enforcement is set up there, those measures will not address the problem because that still leaves plenty of infected machines elsewhere, in countries that such legal measures don't reach, to screw the internet with virus traffic and worms.
It's also not about how much it is worth to the user to pay: Making patches universally available would rationally be seen by MS as an initiative to retain/(re)build market reputation and maintain market share.
-wb-
Re:What about MSDN windows (Score:4, Insightful)
a) He either doesn't give a damn about security and hasn't updated OR uses an illegal copy which can't be updated
b) My own systems are well protected (or perhaps run Linux, etc.).
Microsoft has no obligation whatsoever to provide any freebies to folks with illegally copied (the P word - "pirated" - seems to be politically incorrect here at Slashdot) versions of Windows. People are not _supposed_ to use such software anyway - Linux and Mac have been viable long before 2001 (Windows XP), I don't see how anyone could have been "locked" into using an illegal copy of Windows XP.
I propose that Slashdotters who care buy Windows licenses for the underprivileged, the stingy, or the lazy (lazy to learn Linux). Or provide them with free migration (Win->Lin) service.
(Speaking of updates - if Windows updates should be free, why aren't Red Hat Enterprise Linux security updates free? That's even more critical because it's mostly servers than run this OS. So much for balanced reporting on Slashdot).
Just like hospitals (Score:5, Insightful)
So: Would we treat somebody in a hospital because he caught an infectious disease while doing something illegal? Yes. Then, the same should be true for patches.
Re:What about MSDN windows (Score:5, Insightful)
Alas, this is only becuase of Microsoft's interesting position where security or safety flaws in their products never have any consequences whatsoever for Microsoft, only for Microsoft's customers. If only Microsoft were in some fashion accountable for the messes their products made on the internet, then acting wisely would be profitable...
Re:Just like hospitals (Score:3, Insightful)
You could say... (Score:2, Insightful)
You could also say that Microsoft has no obligation to support those who steal.
Fact is, these pirated systems are effecting all of us.
Just because someone is "savvy" enough to lay hands on a pirated windows cd or download a crack/keygen does not mean they are savvy enough to patch their system through those same channels.
Look at Thailand or China. You can walk down the street and buy CD's full of all the hot warez from the street vendors who sell them from carts in plain view.
You think they sell Windows XP SP1?
And do you think it's a mere coincidence that Asia, South America and Ex Soviet Block countries have such huge traffic in spam?
With the inherent security holes and rampant worm situation, I think Microsoft is being criminally negligent by NOT providing patches to anyone and everyone who runs their product, regardless of how that copy was acquired.
Their negligence does nothing to correct the pirating situation and harms everyone that uses MS Windows by allowing these worms to spread unchecked. Additionally it hurts the the remainder of the net who has to deal with DoS attacks and the overwhelming amount of spam caused by unpatched Windows machines.
Re:Yes we should all pay for this too (Score:5, Insightful)
And you are VERY wrong if you think that piracy will shrink their market share. I personally would be very happy if Microsoft stamped out EVERY pirate version, because their market share would be pretty small. Microsoft grew based on the piracy, and they know it. Now they are reaching the saturation point, and really only now have they started trying to make the pirates pay, because they are no longer contributing to the increase in profits, because the market share is so relatively high. They have known in the past that they can't stomp too hard or they would lose market share, but now they no longer care, and they can pull out the "the soul-stealing demonic copyright infringing people" (or pirates) sympathy/stupid-law-making card out.
Even criminals deserve medical care (Score:3, Insightful)
"Should drug users be allowed to receive treatment in a hospital (public or private) even if treatment is due to drug-related illness or injury? Or do they get what they deserve and have to fend for themselves?"
People who pirate do it for a myriad of reasons. How about the poor inner-cities child whose family can barely afford the $299 Wal-Mart PC and has no chance of a retail priced copy of Windows and Office? How about the elderly grandmother whos well-meaning grandson hooked her up with the latest copy of XP Home because it had larger fonts and buttons than her legally licensed copy of 95 did?
Support for Windows should be user agnostic. I've said many many times in the past, someday the laws of this country will recognize that computer professionals need the same legal protection that priests and doctors currently enjoy. People who have computer problems need to know they can get them fixed without worrying about the tech turning around and reporting them to the BSA or DOJ. Otherwise, they will sit on the problem and contribute to a greater harm.
If Microsoft wants to exclude pirates users from receiving assistance, then they should be legally liable for any further or collateral injury that occurs as a result of this...the same way a doctor or nurse would be liable for turning away a mental patient complaining of "voices telling me to do bad things" who then goes on to murder someone.
The simplest thing for Microsoft to do is drop the whole cockamamie "Windows Update" bullcrap and just post the damn updates on an FTP or website where people can download them without handing over Product IDs (and from other operating systems as well). If they don't want to do this, well, then let's make sure they they are responsible for whatever happens.
- JoeShmoe
.
Re:What about MSDN windows (Score:5, Insightful)
The warez version of XP Pro for about a buck any software shop will install most XP patches, but will not install SP 1. SP 1 recognizes the key as bogus and refuses to install.
In any case, it hardly matters. People are on slow and unreliable dial-up connections. DSL is almost unknown. ISDN is not available at all, as far as I could tell. Hardly anyone has the bandwidth to actually patch their machines, and even fewer people have the knowledge or interest (even fewer than here). There are some really great programmers and admins in Viet Nam, but just like there, those highly knowledgeable people are a tiny minority. Most people with computers neither know nor care about anything like keeping them secure.
So even if MS made all patches available to warez versions of Windows, it would hardly matter in many parts of the world, because the people running them couldn't and/or wouldn't apply the patches anyway.
Re:Yes we should all pay for this too (Score:3, Insightful)
Comment removed (Score:5, Insightful)
Corporate Pirated version is also the best version (Score:1, Insightful)
Oh ya, I have never had trouble downloading an update for a corporate edition where the key was generated using a common crack available all over the Internet. Even on my laptop, which came with a legitimate XP copy, I use the pirated Corporate version. Why? Because I don't ####### feel like activating.
On my home computer, though I can download a legitimite XP copy for free from my school, I have pirated Corporate Edition. Why? Because activation is annoying.
Activation is like... When you buy a new car and install an exhaust, or change the oil, you have to call the maker and request permission to start it.
I will not use any software that requires activation unless it is entirely easy to circumvent. When it becomes hard, I will switch to a free alternative. The software industry is slowly forcing me to open source.. ie.. Adobe with Photoshop (Gimp instead), Symantec with Antivirus (whatever the hell the free version is called instead)...
In other industries? (Score:3, Insightful)
Re:Yes we should all pay for this too (Score:5, Insightful)
Differences being
a) there's not only one company that makes seatbelts, and won't sell you any if you don't install them on every seat
b) you don't have to pay for 5 seatbelts if you get a 2-seater sports car
c) that seatbelts are mandated by government, not by some corporation that makes them but does not make cars
So actually it's nothing like it at all.
Re:Yes we should all pay for this too (Score:2, Insightful)
Re:Yes we should all pay for this too (Score:2, Insightful)
Attn. Mr. Moron (Score:2, Insightful)
He said he doesn't have ethical problems. He never said he didn't have legal problems with it.
Re:What about MSDN windows (Score:1, Insightful)
Why would saying that poor countries pirate more be racist? It's economics, not race.
analogy time (Score:4, Insightful)
A: Definitely Yes.
Why is this different?
I know it's different because right now we can't sue MS for any damages even if we didn't steal Windows.
It seems to me that if they apply a double standard to products acquired legally vs. products that aren't legal, they are opening themselves up to some sort of implied warrantability for the legal product. Which of course they don't want to do.
It has gotten *really* bad with all the spyware, malware, and viruses these days. It's starting to look like the "death of a thousand cuts" we hear so much about. I wonder how many of these worms, etc. are put out there with the goal of bringing MS down?
Re:Actually, most software in Asia *is* pirated. (Score:3, Insightful)
Re:Just pirate the patches (Score:2, Insightful)
The problems with pirating an OS (at least to the consumer) is that it is part of the computer they bought. On top of that the OS has no percieved value to the consumer. At least *not* 200$. You should see the reaction you get of people when you actually try to explain to them that their OS costs nearly more than the hardware. It is just too expensive for the average consumer. Compare it a bit to music CD's: people are perpared to pay 0.99$ per song, but not 20$ for a copy-proteced Audio-CD with only fillup songs and one hit.
It is easy to say "just use Linux/BSD" (I do for the matter - I run a variety of systems), but what am I going to say to my brother: uhm, brother, give me 200$, I need to buy Windows XP for you so that you can legally play GTA Vice City on your computer (which originally came with 98SE, but it can't handle the hardware I added later on -- and yes, he bought the game, it's not pirated). You might find it strange, but I usually frown upon pirating with one exception: the OS. There are free OSes, and I can use them. My brother can't.
Re:Why should they be able to? (Score:5, Insightful)
Ever noticed the amount of spam and worm traffic that comes out of Asia, Russia and South America?
Do you have any idea how pervasive warez are in China, Thailand and other countries?
Maybe you haven't noticed all that spam and virii.
I for one have firewalled, installed spam assassin, razor, run a second set bayesian filteres on my email client and STILL get spam in my inbox and see funky crap in my server logs.
Ohhh.... and I don't even RUN WINDOWS.
All my machines are either OS X or RH 9.
The fact is, microsoft puts out a product and that product is flawed (no ones perfect). By not allowing ALL users of their product to correct those flaws, they harm EVERYONE regardless of OS used. If you're online in any way, shape or form YOU are effected.
If Ford had such flaws that would cause a car to veer off course defying it's owners control, a recall would be issued and ALL owners would be elligible. Mind you, regardless if they were the 1st, 2nd 3rd or 4th owner or whether or not they had a Ford service plan or were covered under warranty.
An OS vuln is no different. And by simply ignoring 100,000 pirated copies of windows XP in China they allow for 100,000 virii hosts to spewn spam worldwide.
Those 100,000 machines then infect your licensed machine, spam my LAN, and cause a fortune 500 tens if not hundreds of thousands in costs per year in associated cost.
But hey... as long as those damn pirates don't get anything for free I guess it's ok right?
Re: The Economics of Piracy (Score:5, Insightful)
Many "pirates" can not afford to buy the music/software that they download.
(I'm not saying that this gives them any right to infringe on others' copyrights.
I'm just saying that the BSA's figures are exaggerated.)
Re:Well (Score:3, Insightful)
One of these days Microsoft is going to get nailed by a "innocent third party" law suit and then the avalanche of law suits will start.
IANAL, and I doubt that you are either, but I suspect the result would be that the MS attorney will appropriately point out that they didn't build the stolen version...otherwise it would have been patched. Case dismissed.
Re:Actually, most software in Asia *is* pirated. (Score:5, Insightful)
But I also think there's a reason why there's "BS" in "BSA". Their statistics make me want to puke. They do such bullshit statistics as taking a pirated CD from Taiwan or China which includes some expensive piece of softwware, like 3D Studio Max, and say "see, there's 5000 USD worth of software on this CD. We think 10,000 chinese kids bought this CD for 5$, which robbed us of 50,000,000 USD."
That's utter bullshit. Most of those Asian and Eastern European pirates do not need 3D Studio Max and wouldn't buy it anyway, even if they could afford to. (Which they can't. As was said before, a chinese family would need to pay _all_ their income for _two_ _years_ to afford a license. Again: _all_ their income. That is, leaving them with no money for food, rent, clothes, etc.)
We're not talking 10,000 professional designers and architects who actually need it, we're talking mostly kids who much around with it a bit to make some skins for mods for old games. Maybe 1 of them will actually release an obscure mod, the rest just mucked a round a bit with it, uninstalled it and moved on to something else.
Would all 10,000 of them have bought 3D Studio Max if they couldn't pirate it? No. _I_ wouldn't buy it either, much as (1) I could easily afford it, and (2) I'm tempted to try modding "X2 - The Threat." (Which, sadly, only supports exporting stuff from 3DS MAX.) Now I don't pirate it either, but even I think it would be utterly retarded to pay $4000 on tools to mod a $40 game.
Yet the BSA would want me to believe that 10,000 dirt-poor kids from Taiwan would. That's so much bullshit, it could fertilize a few acres.
Comment removed (Score:3, Insightful)
Re:Actually, most software in Asia *is* pirated. (Score:5, Insightful)
But I do think it would create new jobs. Just not jobs at Microsoft.
See for example how Via makes some living selling cheap C3 CPUs. Yes, they're not fast chips. But here's how it works: some poor chinese wants to get a computer. He/she can't pirate a CPU, and can't afford to pay 400$ for a top of the line Intel chip. So he/she gets a 40$ VIA chip instead.
Which in turn keeps some people employed at VIA.
That's how it would work for software too.
If noone could pirate MS Office, a lot more of them would look into Open Office or some locally produced software. And a lot more people would be willing to tell their government or their boss "stop asking me to send you this stuff in MS Word or MS Excel. I'm not going to pay 450$ at home, out of my own pocket, just because you're too stupid to accept plain text files."
Or if so many Chinese and Eastern Europeans were't pirating those $40 games, a lot of them would be willing to pay, say, $5 for something produced by a small company in their own country. Especially for countries which by sheer size are potentially a huge market, like Russia or China, and where salaries are very low, I can see how someone could afford to produce cheaper games locally _if_ someone bought them. Most of those wouldn't be as good as Id's or Epic's games, but they'd be playable. And they'd keep a lot of talented programmers and designers in their own country employed.
Except in practice everyone there pirates the games, so such a market doesn't exist. And as a consequence those jobs don't exist either.
So, yes, piracy does cost jobs, economic growth and tax revenue. The only catch is: not at the big corporations, like BSA seems to think.
Re:Laptop issues (Score:2, Insightful)
Besides you are not forced to buy windows together with hardware. There are vendors that offer hardware without os.
Re:Yes we should all pay for this too (Score:1, Insightful)
the ONLY thing that spread windows and MS-DOS faster than PC-DOS and OS2 was piracy. people DID NOT seek out windows, they didnt care, they just wanted what they needed to run.
Microsoft would NOTbe where they are today without their OS's and Windowing environments being rampantly pirated.
Hell Gates and CO. would have NEVER EVER sold their first product if it wasn't for their "piracy" and it does suprise me that his temper tantrum about it did not kill the company back then.
so yes microsoft... please ensure super strict rules for your apps and products. and tell cracked copies to go to hell for updates and patches... in fact I wish they would write code that makes illigimate versions of windows to not allow any virus scanner to run plus crash randomly.
Re:There is NO excuse for piracy... (Score:2, Insightful)
That's not the question though.
It's not to do with "giving someone the right to 'steal' something" at all. It's all to do with should they be allowed to access critical updates...
And I say a resounding yes. Just because some people refuse to pay doesn't mean anyone else should suffer becuse they can't install critical patches.
TiggsDenying patches won't stop them from running it, so all it does is force connected machines to stay vulnerable. And that is unfair/disastrous to the rest of the Internet.
Re:Yes we should all pay for this too (Score:3, Insightful)
If you actually want a non-Windows PC, it's extremely easy to find one -- now more than ever, in fact.
Re:Yes we should all pay for this too (Score:5, Insightful)
Since I got my laptop with XP on, and clicked "I do not agree", reformatted and installed Slackware, I don't see what such an EULA has to do with me. I never agreed to the EULA, I never had any contact with Microsoft. The PC manufacturer gave me something I didn't want with the hardware, I had to spend time and effort cleaning it off the hard drive, and I'm giving away the last remnant unused.
Here's my unused key for Windows XP Home edition:
VQDYD-CBPCT-MR2JV-6WR9Y-Y6HX3
First come, first served!
Re:And the truth comes out on Slashdot... (Score:3, Insightful)
At what point did someone steal something? You can't steal without taking something away from the owner... when did you take something away from Microsoft again?
Microsoft's copyright gives them control over how software is distributed, it gives them ZERO legal right to control how a copyrighted work is used. That right belongs to the public, since the public actually owns the work to which MS has the copyright.
Even those who illegally distribute a pirated windows copy aren't stealing. Their commiting copyright infringment, it's a different law being broken, and a different charge for a very good reason. Copyright infringment by definition means COPYING and distribution. By definition it cannot be theft since nothing is taken from the original owner, you've merely trespassed on the rights granted them by copyright.
"I bet you dont start bleating away when a flaw is found in Apache or sshd do you? Oh no...these products have been produced insecurely so they must be made to PAY, must they not? Why dont you bleat about Red Hat not providing support to those not on RHN? These people got a Red Hat product, they should be supported by Red Hat? No, of course not, different rules for FOSS isnt it?"
Well yeah, I mean come on, we all know people pirating software which is completely free and downloadable and redistributable. After all, it just makes sense to hunt for hours to find a copy which in some way violates the license amidst the dozens of legally redistributed copies on the web and p2p networks!
Updates from redhat are freely downloadable and freely redistributable. As such you can get them dozens of places. Repsoitories like you'll find at apt.freshrpms.net are actually MORE convient to use for updating than RHN.
Re:warranty on my stolen car (Score:5, Insightful)
Mostly correct, but my anal self must correct one detail here. Most of things you mentioned aren't even fair use. Their simply your rights. Ownership of a copyrighted work belongs to the public even while the copyright still exists.
THAT is why you have the right to do anything that wasn't explicitly put into the copyright holders hands when granted the copyright.
Copyright grants control over distribution, most of the examples you mentioned are "use" which copyright grants no control over because copying WITHOUT distributing anything is within your domain.
Fair use on the other hand is a set of circumstances under which you have the right to distribute a copyright'd work (or a portion thereof) despite the holder of the copyright. For example you may quote a copyrighted work in a research paper giving credit. Because of fair use you may distribute that research paper far and wide.
Your rights and fair use apply regardless of whether you've purchased the material or not, they apply if you have it. It's distributing that is copyright infringment, not using.
Re:Yes we should all pay for this too (Score:4, Insightful)
Which, means that yes, technically we have to live with such stupidities as I can't give away my old PC with Windows installed on it to someone else when I buy a new PC, and if I want to decomission some outdated system and install my existing Windows license on new hardware, I can't.
It's a good thing the damn licensing agreements are unenforceable.
The summary suggested (Score:2, Insightful)
But any hole is a risk to the rest of us - if it's writeable, it can be used to create another spamming, DDOS'ing, crap-flooding zombie. If it's read-only, then it can either be used to find a writeable hole, or it increases costs by increasing, say, credit-card theft (chargebacks aren't totally free), ID theft (which could be used to hurt those people who know the user, or those who do business with the user), etc.
No security hole is a benign security hole.
my answer: no (Score:5, Insightful)
should users with pirated copies of Windows be allowed to download security updates?
My answer: No.
As much as I do not like the price of Windows (too high for what one gets for the money) you have to either try to restore competition in this particular market (which will lover the price of Windows to some real numbers) or change your demands and use something else (Mac, Linux, ...) or something else. It's maybe unfair there is no alternative producer of Windows but stealing does not make that better, quite contrary (helps Microsoft keep the monopoly while they have 90%+ market share also thanks to those users with illegal copies).
If users of illegal copies (they) get (with permission from Microsoft) those patches, they wont be stealing (patches) from Microsoft. But they will have screwed comparison tables "Windows vs. ProductX" in a way as "Windows are for free (0 monetary cost)". It will make them unwiling to switch (either to legal copy of Windows or legal copy of some other product be it free or commercial). Thus it'll help Microsoft to keep their unfairly acquired monopoly much longer and screw the market/economy/people/... much more. If Microsoft is going to give permissions to users of illegal copies of their products to use patches, I'll consider it anticompetitive and illegal move from them.
If [they] will be allowed to use those patches, market/economy/people may mistakenly see it as a move to the right direction (from security point of view) while the true right move - more OS diversity on desktop PCs - will be pushed away. Security will hurs, market/economy/people will hurt.
For sure, there will be short-range benefits in allowing [them] to use those patches, but in the long term I do not see it as good decision (good for market/economy/people).
Pirated versions of windows: no pay=no support. (Score:3, Insightful)
Since unpatched and vulnerable systems can wreak havoc on legitimate customers, I think the best solution is to simply disable the offending product. If you stole the OS, you have no right to use it. Force it to shut down. Don't destroy the drive or any data, just make it the ultimate in nag-ware: continually prompt on boot for a legitimate proof of purchase.
Of course, that gets into all kinds of 'big brother' bull. The end of the story is the same: pay for it. In spite of the fact that the majority of
"But what if I'm using it in a lab environment?" Well, you should have paid for your license. Don't want to pay? Microsoft offers 120-day evaluations of many of their products. These are fully functional products and can even be updated in most cases (rare exceptions such as ISA exist).
Mr. Helpful (Score:1, Insightful)
Yes. That would limit his choices to perhaps one or two lousy laptops.
he wants to do work, not make a statement. Please come back to the real world.
Re:Already a technical error... (Score:3, Insightful)
Welfare for Netizens (Score:5, Insightful)
This is primarily a welfare service for the individual but has corporate benefits as well such as the reduction of communicable disease from those who would otherwise go untreated.
Without getting offtopic into the US healthcare system, I think the article brings up a similar point. If a software update is meant to benefit the end user only, in that it fixes or enables a new feature, that is one thing, but for the health of the public Internet, security patches that prevent malicious and communicable computer virii should be publicly available...by law.
It is more important to keep the Internet available to individuals, businesses, and research institutions as well as governments that rely upon it every day for communication and control of critical systems, than to ensure that a small percentage of the population is not illegally pirating software.
Re:Yes we should all pay for this too (Score:2, Insightful)
Comment removed (Score:3, Insightful)
A Windows Pirate Can Use My License Key (Score:3, Insightful)
I bought a new HP notebook 18 months ago. Of course, due to Microsoft's anticompetitive OEM marketing agreement which has been adjudicated as illegal, I was forced to buy a copy of WinXP that I didn't need because I run Linux. Of course, I can't sell my WinXP to someone who wants to upgrade from Win98 because it's some bastardized OEM version that only works on a model of notebook PC that already shipped with XP. I'm sure they didn't do that on purpose (bastards).
I suspect there are about as many Windows pirates in the US as there are Linux notebook PC users who have a virgin Windows license. I think I'll register www.Pirate-MS-Licences.com as a place where Linux users can donate their unused licenses to pirates. When Microsoft sues me, my defense will be, "I was forced to buy this thing, and now I can't even GIVE it away? How is that not a Microsoft Tax on notebook PCs?"
Re:Actually, most software in Asia *is* pirated. (Score:5, Insightful)
-- Bill Gates
I think that Bill Gates quote has less bullshit than _any_ quote from the BSA.
Re:Actually, most software in Asia *is* pirated. (Score:3, Insightful)
This is actually what I hate the most about piracy. It's effectively helped kill a lot of other options.
Had it not been for piracy, a lot of people would have looked for cheaper alternatives. E.g., StarOffice was pretty damn cheap even before Sun bought it and made OpenOffice out of it.
There were plenty of products which might not have been good enough to go head-to-head with MS Office or MS Windows or whatever, but could have had a comfortable niche market among the less rich people. Except most of that potential market went and pirated MS Office and MS Windows instead.
And more importantly: had it not been for piracy, there'd have been a _lot_ of people who'd have started saying "no" when their boss or their government accepted only Word or Excel files. As in, "No. If you want me to use Word or Excel just for you, then _you_ pay for it."
The ease with which we all basically bent over and let MS shove their own proprietary file formats up our collective hiney, and then forced us up the threadmill of pointless upgrades just because the file format had been wantonly changed, had to do with the perception that everyone else had MS Office. Even if they had pirated it. They could read your files, you could read theirs. No problem, right?
The fact that we today end up judging OOo not based on how good it is on its onw, but on how well it reads and writes Microsoft files, that has a lot to do with piracy.
Re:Yes we should all pay for this too (Score:2, Insightful)
Re:Actually, most software in Asia *is* pirated. (Score:5, Insightful)
Not similar. If you don't have a Ferrari, and you steal one, you've deprived someone else of the Ferrari they had, changing what others have. If I were to ``pirate'' the mythical copy of 3DSMax, what have I deprived any other entity of?
You've taken someone's Ferrari. I've duplicated their Ferrari. The only person that loses anything (by the BSA's logic) is an Italian car maker. In this case, I can't afford either the Ferrari or 3DS. Therefore, there is 0 net loss by the {manufacturer|copyright holder}.Does it make this morally right? Hell no. But is it equivalent to stealing a physical object from someone? No. If I'm just a cheap bastard and copy a work that has a cost of $0.99US (downloading a single song when it is available from iTunes [and I'm on either Windows or a Mac]), I consider that a less moral act than copying 3DS, simply because I could pay for it. And yes, I would consider someone stealing food to be significantly less immoral than stealing a luxury. Still wrong, but more justifiable.
</rant>
Re:Yes we should all pay for this too (Score:4, Insightful)
If you were using a legal key obtained from a Linux user who purchased a copy of Windows without agreeing to the EULA, to activate a borrowed Windows CD, then you would be entirely within your rights under the "any necessary step" provision -- especially as the purchase was made under duress and under protest {which fact it might help to write on the cheque or payment card receipt}. Where someone is physically preventing you from doing something which you have a legal right to do, then you are entitled to use reasonable force. This defence will fail, however, if the court believes that you could have accomplished your intention using less force. Show me a court that wouldn't consider installing a "pirated" copy of Windows to be less forceful than, say, holding a knife to someone's throat and demanding that they sell you a laptop without Windows.
If you accept the EULA, you are not prohibited from selling your copy of Windows -- you have an inalienable right to do that; just like selling a used book, CD or video cassette. It is an offence for anyone to try to persuade you that you do not have that right.
Note that none of this has ever been tested in court. And the numbers of people prepared to jump through all the hoops are so small, that Microsoft could afford to pay compensation equivalent to several times the theoretical amount refundable, by way of "hush money".
The "P" word (Score:4, Insightful)
The word you are looking for is "copy". Every copy is illegal to the eyes of MS.
Anyway, "pirate" is a stupid word to use for someone who copies a piece of software. Pirates attacked ships, robbed, raped, killed. There is a difference. Using the word "pirate" is making the assumption that making unauthorized copies of software is equivalent to killing, raping and robbing. It's just a marketing thing that was used by record companies, and it just worked. Now we are using a word that describe a killer, to talk about a person who copies a CD. Think "diamonds are forever", that's a marketing thing that just worked, even though it's not true. It sounds good, and most people who don't know better, believe it's true, while it's just a marketng thing. The problem with the "P" word is that if we keep saying that copying CDs is as bad as raping, killing and robbing, people who don't know better start to believe it's true. That's the power of the language.
In Uruguay, my country, people who don't know what they are buying, get a computer with a copy of Windows preinstalled (that trend is changing), for which Microsoft gets no money, and know nothing about licenses. I'd rather not call them pirates, just stupid.
Re:Pirated versions CAN be updated. (Score:3, Insightful)
Because the people most likly to pirate Windows, are those who are more likly to do their own installs. Therefore they are the people with a little more tech savy. Therefore they are the people MOST likly to update their systems. Not that they all do, probably, but there is a reason why they would, when people who would never try anything with a computer their dell tech support representitive didn't tell them to do, would not.
Re:Hey lets support the thieves! (Score:4, Insightful)
Windows free, 24x7 support, and even CD Recording.
Re:What about MSDN windows (Score:2, Insightful)
Re:Well (Score:2, Insightful)
Re:Actually, most software in Asia *is* pirated. (Score:3, Insightful)
Which in turn keeps some people employed at VIA.
That's how it would work for software too.
No, not really. There's a big difference in job generation between manufactured goods and services. If an entirely new software product is created because those people can't pirate from Microsoft anymore, you create a few jobs... but not many. If you simply broaden existing markets, you create practically zero jobs.
If Via needs to make low-end chips for some markets, they have to make capital investments in the assembly line and assign workers to build those chips for as long as they're making them. If Open Office needs to be translated into Chinese, they hire a translator or two on contract for a little while, and bring them back every so often when they add functionality to the interface. Maybe they even hire one full-time, but that's *one job*.
Just think about this: Microsoft has 55,000 [pctoday.com] employees, and they are by far the largest software vendor in the world. Intel, which makes a whole lot of the processors out there, but isn't anywhere near as dominant in the market as Microsoft, has 78,700 [forbes.com] employees.
Simple Answer (Score:3, Insightful)
Furthermore, Microsoft's next/future service packs (or possibly Windows Update itself) should check your key against their database to ensure that you do have a valid installation of Windows. It amazes me that they haven't gotten to this point yet.
If it was up to me, I'd generate a "hotfix" for pirated copies that wipes the product key info, and pops up that little key icon in the system tray with a balloon saying "You are using a pirated key. Click here to purchase a valid one.", and linking to Microsoft's store. Perhaps a timer is also in order, giving you 30 days(?) to set things right before networking no longer works, or the system won't go past the login screen. That sort of thing.
Yes, I'm very serious.
Let's say I steal a newer car. The manufacturer of the car discovers a fault in the hood latch; it can randomly let go of your hood-- and that would be a bad thing, especially if it happens while doing 55+ on the freeway. I go to the dealership and demand they fix the fault for free. But wait, the car is stolen! The owner called the dealership and reported it as such. Does the dealership just shrug their shoulders and fix it and send me on my way? I think not. They call the police, or simply deny me the fix.
Re:Well (Score:1, Insightful)
Microsoft couldn't stop piracy of Windows even if they wanted to (and they don't).
If MS wouldn't let you upgrade your current pirate copy, people would put a patch it to let you upgrade.
Your thought that piracy will go away seems like more wishful thinking than any I've seen all day.
And y'know what? Piracy is a good thing because it serves as the only price check on monopolists, whether its Windows, Music, or whatever.
Re:Hey lets support the thieves! (Score:3, Insightful)
Re:me too (Score:2, Insightful)
Re:Yes we should all pay for this too (Score:2, Insightful)