Open Letter to Microsoft

[fbrdphreak]

I thought this was interesting and figured it would be good to share.

An Open Letter to Microsoft

An ?open letter? to Microsoft?

Once again,commenters everywhere are espousing opinions on Microsoft?s latest statements regarding the company?s plans to disallow updates for pirated copies of Windows (and other software).

We all know taking that position results in one primary problem: Unpatched computers get infected or overrun and then bombard computers of others - making victims of people with valid, paid-for copies of Windows.



I understand Microsoft's position, I disagree with it, and I have a solution.

Patch the pirated computers, "update" the pirated computer's firewall to control two-way traffic, then turn that firewall on. Turn it on all the way. Like as in "nothing-in, nothing-out." Stop all the network traffic on those machines. And put "PIRATED" in all four corners of the screen, like you do with Safe Mode. Heck, for that matter, only allow users to boot into safe mode if it's pirated.

Of course, you could leave open connections to, say, a Microsoft site where people could be allowed something like, oh maybe 30 days to register their software. Give 'em a reduced registration rate maybe. Or maybe not. That's up to you.

Seriously - A significant portion of my job is protecting my company from all those unpatched and out-of-date computers. My time is valuable, and so is the time of many others like me. The ball belongs in your court - Where thousands of people have to spend hours and hours defending networks, you can fix it for all of us in one fell-swoop.

Microsoft's failure to patch problem computers makes for a less-secure Internet. It makes for higher operating costs for my company. It means I am focusing my time on things I need not deal with. It means I'm not focused on more important things that deserve my individual time.

Revenues are important, sure, but so are your customers, and so is wide area network security. This is the one area where revenues might just need to take a back seat. Think about it. Do the right thing.

Drastic? Sure, but healthier than leaving security holes all over the planet.

By not helping your enemies, you hurt your friends. You can't win, but you can make sure the people who are already on your side are taken care of.

Patch that software. Then get 'em with the firewall. Do it. We need you.

And thanks for listening.

EDIT:

P.S. - Is this a little tongue in cheek? Sure, somewhat. Already several emails and opinions are coming in (keep 'em coming, and you can also use the comments link below), so let me point out a few things...

First, I don't think Microsoft is "evil" - and that was not my point. Not even close.
Second, I know automatic updates would still work for pirated software under the proposed plan. That's not my concern - apparently there are some idiots who steal software that just don't have the brains or desire to turn it on, for whatever reasons.
Third, I'm not freaking out over something that hasn't happened yet. Rather, I am thinking about and commenting on something that's being discussed and in which I have professional interest and experience. Part of my experience is that if you offer opinions before Microsoft takes action, you're more likely to have your opinion count for something, however small. Come to think of it, that's more about the way the world works in general than it is about Microsoft...
Fourth, my thoughts are more about Microsoft asserting itself from both the "security-custodian" and "software-seller" roles. Two statements (drastic ones, granted) in one brush stroke.

 

[arsbanned]

It's my understanding that MS is going to continue to allow critical updates/patches to be installed. Doesn't that render their argument invalid? Or did I not read enough of it?

 

[Infohawk]

So what other patches are there? Like DirectX updates and stuff? Or drivers?

 

[amdguy12389]

Originally posted by: Infohawk
So what other patches are there? Like DirectX updates and stuff? Or drivers?

No, like security updates, drivers, everything.

 

[Worker1179]

my understanding is they will soon implement a system where pirated copies will only be able to get security updates if they are setup to automatically download updates. I believe they are undecided on if at a later date they will disable that as well, allowing no security updates to pirated copies. I believe other updates such as .net framework and Mediaplayer will still be available, because even if you aren't paying they don't want you using someone elses programs!

 

[MNKyDeth1]

I think the trick here is, that if your dumb enough to turn on auto-update on a pirated OS from MS it will record it. They can then come after you for the $5-10k if they want. If they see there are to many pirated copies I think they will not shut off the servece but start chasing people down and sueing them or whatever. If they think the pirated copy amount is low, I think they will just shut off the update service as most people that buy a comp don't even know what a windows update is. So what is a few extra comps that can't update gonna do?


imo, that's what I think.

 

[JonnyBlaze]

how can they stop pirated versions from getting updates anyways?? i dont think they can.

JB

 

[MNKyDeth1]

All they have to do is shutdown the update site where you can download the individual updates. Then when a comp logs onto the service and grabs the info from the comp and they see it as pirated they just cut the DL service.

If they don't want you to have the updates, I am pretty sure they can stop you.

 

[bsobel]

Originally posted by: JonnyBlaze
how can they stop pirated versions from getting updates anyways?? i dont think they can.

JB

It's based on known pirated volume license codes.
Bill

 

[Infohawk]

Originally posted by: bsobel

Originally posted by: JonnyBlaze
how can they stop pirated versions from getting updates anyways?? i dont think they can.

JB

It's based on known pirated volume license codes.
Bill

What about the keygens? Given that everything MS has ever been put out has been pirated, it seems hard to imagine they will be able to block the pirates.

 

[JonnyBlaze]

i just dont think it would work. they have key changes also.

JB

 

[bsobel]

What about the keygens? Given that everything MS has ever been put out has been pirated, it seems hard to imagine they will be able to block the pirates.

Your right, the goal of all of these programs is to slow the amount of causual piracy (and activation has done that, you don't see as many friends/familes/etc sharing installs [I'll leave the is that good or bad debate for someeone else]). The perception (to a lot of people) that MS knows if they are legit or not (and AFAIK the keygen users will seem legit to MS) will scare some users from using them 'just in case'.

Bill

 

[CQuinn]

Originally posted by: MNKyDeth1
All they have to do is shutdown the update site where you can download the individual updates.

That still leaves three other ways (off the top of my head) that someone can get updates.

Then when a comp logs onto the service and grabs the info from the comp and they see it as pirated they just cut the DL service.

And what it the chance that it will also disable some legitimately installed systems that just happen to get flagged the wrong way?
Unless they can come up with a foolproof method of detection, that's a lawsuit just waiting to happen.

If they don't want you to have the updates, I am pretty sure they can stop you.

Except MS has spent the last couple of years trying to come up with way to make it easier to update systems. That's not something
they can turn around overnight.