Forgot your password?
typodupeerror
Security Microsoft Operating Systems Software Windows

MS To Limit Security Fixes to Legal Copies of Windows 912

Posted by timothy
from the how-could-this-possibly-be-surprising? dept.
rufey writes "An Associated Press artcile on MSNBC is reporting that Microsoft is going to start restricting access to security updates from pirated copies of its Windows operating systems. Starting in mid 2005, if you have a pirated copy of Windows, the only way to obtain security updates will be through the automatic updates mechanism. And even that method may be restricted at a future date. The article is light on details about what versions of Windows this will affect. Parts of the system to check for a valid copy of Windows is already used when downloading software (such as Media Player) from Microsoft - except that validation is currently optional." EnderWigginsXenocide points out Reuters' version of the story.
This discussion has been archived. No new comments can be posted.

MS To Limit Security Fixes to Legal Copies of Windows

Comments Filter:
  • by Deekin_Scalesinger (755062) * on Wednesday January 26, 2005 @09:45AM (#11479176)
    The main gist is that people who have their Windows Update set to automatically download the latest critical patches (through the Windows Security Center - insert oxymoron comment here) will not be affected at this time. If you manually go to Windows Update you will need to provide some sort of credentials (allow software to snoop on yer box or provide your key) to access content. I myself bought a copy of XP recently from Newegg for this exact purpose. I like Linux a lot and if I didn't game, I'd use it exclusively. Since I do game, Windows is a necessity, and I don't want to have a haxxored box because MS tightened down on allowing pirates (which I freely admit I was one) to patch their systems. Newegg has copies of XP pro for about $150.00 with the purchase of any hardware, which is a far cry from their $300.00 MSRP.
    • Newegg has copies of XP pro for about $150.00 with the purchase of any hardware, which is a far cry from their $300.00 MSRP.

      Or you can use your MSDN OS License from work...:)
      • by parkrrrr (30782) on Wednesday January 26, 2005 @10:03AM (#11479337)
        As long as "work" won't mind losing one of their five activations. Unlike previous versions of Windows, the MSDN copies of XP are only valid for a limited number of installs, and you have to use your MSDN account ID to get the serial numbers from MS.

        And hey, as long as you're using stuff from work, why not just take your printer home, too? They'll never miss it.
    • Or you could go here and get it even cheaper than 150 smackers. (and yes they are legit) http://www.salesintl.com/store.asp
    • Well, that's all well and good for folks who use WinXP and have $150.00 to spare. How about folks who LIKE using Win2k but have lost their original disk and reinstalled using a friend's key instead of being forced to pay $150-300 for a new copy of software they already owned? Or people who are still using WinME and Win98 who patch what they can from the dribbles off MS table (and they use WinME or Win98 and haven't upgraded because *GASP* those versions of Windows do what they need them to do and they don't
      • Or people who are still using WinME and Win98 who patch what they can from the dribbles off MS table (and they use WinME or Win98 and haven't upgraded because *GASP* those versions of Windows do what they need them to do and they don't want to pay another MS tax to upgrade)?

        Microsoft doesn't even support 98 anymore so what's the big deal? [microsoft.com]
      • by shawn(at)fsu (447153) on Wednesday January 26, 2005 @10:34AM (#11479646) Homepage
        Was there something special about win2k that prevented you from writing down your product key on a piece of paper and storing it with other pieces of important papers?

        I could see using a friends disk if you lost yours but you should have been able to use your own key. There are something things that you should know are important. You save tax information, you save receipts in case something you bought is defective, you save warranty papers, why not save your product keys?

        If you can't afford it don't use it. No body is forcing anyone under threats of violence to use Windows. For a while I couldn't afford Windows so I used Linux. I didn't want to do something that could leave me open to fines or arrest and mainly I wanted to do what was 'right' as defined by law. Now that I can afford it I will buy a legit copy with a legit key (that I will write down and store) and I will be okay. There will always be Have's and Have Not's in this world. Just because your a Have Not doesn't automatically make it okay for you to use a pirated copy of software.

        This wont be MS fault if your using something you shouldn't be using and can't get your updates. Those still using 98 legitimately is a different topic.

        • You save tax information, you save receipts in case something you bought is defective, you save warranty papers, why not save your product keys?

          That's right, Shawn, I do. And that's exactly why it bugs me. I already have enough shit like that to keep track of without adding software activation codes, dongles or backup copies of my activation files.

          I don't use Linux because I can't afford Windows. I use it because I can install it where I need to without jumping through activation hoops, without keep

      • This will last about a week. After that, with each security patch released, a new flock of botnet worms will descend on the vast majority of unpatched windows computers, and headlines will be screaming about how windows security vulnerabilities are destroying the Internet. Steve will then repent.
  • by hlygrail (700685) on Wednesday January 26, 2005 @09:48AM (#11479191)
    Folks will just start distributing these patches through other arenas (torrent, newsgroups, web sites, etc.), or will develop methods (as they always have) to work around the system checks.

    This is just a ruse to get folks to pay less attention to the fact that the MS OS is generally less secure for most people than it should be...
    • This is just a ruse to get folks to pay less attention to the fact that the MS OS is generally less secure for most people than it should be...

      I would not be surprised that when this new method of getting updates from MS is up and running they start blaming the non-legal copies for the propogation of problems with MS. They will say, even if it is not completely true, that the problems began with computers that were not properly and legally updated. The average computer user will believe it because they

  • Awesome (Score:3, Interesting)

    by stoolpigeon (454276) <bittercode@gmail> on Wednesday January 26, 2005 @09:49AM (#11479203) Homepage Journal
    Really the only thing that would be better is if they could devise a way to make it impossible for people to install their software in a manner that violates the license.

    How many more people would start taking a hard look at FOSS if they couldn't get their 'free' MS products?
    • Re:Awesome (Score:5, Insightful)

      by garcia (6573) * on Wednesday January 26, 2005 @09:56AM (#11479275) Homepage
      How many more people would start taking a hard look at FOSS if they couldn't get their 'free' MS products?

      They can still get their "free" MS products. They will continue to get their "free" MS products. Those people will just not update their systems through Windows Update. I imagine that plenty of people that paid for Windows in some form or another still don't bother to update their systems because they don't know or don't care to know.

      All this is going to do is create an even more dangerous computing environment on the Internet and give more and more backing to "trusted computing".

      Oh look, see, everyone pirates and the pirates are causing all the worms to propagate! Look! DRM will stop that!
  • by networkz (27842) on Wednesday January 26, 2005 @09:50AM (#11479214) Journal
    Many people pirate Windows, for many reasons. Cost, availability, etc.

    But imagine now if it's becomes a nuisance to crack everypart of the OS which phones home. People will go elsewhere... legal perhaps.... but what about the people who wont pay.

    With Linux now coming of age, it seems about right that a significant market share would now drift in the direction of OpenSource operating systems.
    • by earthloop (449575) on Wednesday January 26, 2005 @09:58AM (#11479293) Homepage
      With Linux now coming of age

      I'm am not a M$ advocate at all. I am a heavy Linux user. But the truth is, Linux has been "coming of age" for about 3 bloody years. And in my opinion, it isn't yet ready for the home desktop.

      Dunno about you, but I wouldn't like the thought of my mum (mom?) being sat in front of a Linux machine. Until Linux is ready for my mum to use, it's not ready to replace Windows.
      • Dunno about you, but I wouldn't like the thought of my mum (mom?) being sat in front of a Linux machine. Until Linux is ready for my mum to use, it's not ready to replace Windows.

        Different strokes for different folks. I don't see why any single operating system or computer has to be used by everyone for it to have come of age, so to speak. Personally, I use Linux and Mac. I don't see any reason why the vast majority of people shouldn't switch to the beauty of OS X and the quality of Apple Hardware. Having

      • Two paths (Score:3, Insightful)

        by SuperKendall (25149) *
        For your Mom, the Mac is ready to replace Windows.

        For people more knowledgeable and wanting to be on the cheap, Linux is ready to replace windows on hardware they already have.

        It's a killer two-pronged attack. And I agree with the parent that the harder you actually make something to pirate, the more people you will shove into legitimate sofwtare - some of it will be replacing pirated copies with legal ones, but other instances will be customers jumping ship to cheaper or easier solutions.
      • But the truth is, Linux has been "coming of age" for about 3 bloody years.

        Closer to five, I'd say. And while the desktop managers have certainly made a lot of progress in terms of eye candy, IMO they still aren't much more USABLE.

        (I'm SO asking to be modded down here. Still, it's nice to see the Gnome and KDE users united about something -- their anger at ME.)
  • by goldspider (445116) <ardrake79NO@SPAMgmail.com> on Wednesday January 26, 2005 @09:51AM (#11479222) Homepage
    Why should they be expected to support copies of Windows that people didn't pay for? Sure, this is an issue of customer support. But then, the people with 'pirated' copies of Windows aren't Microsoft's customers.
    • Why should they be expected to support copies of Windows that people didn't pay for?

      Because unpatched machines (licensed or not) affect those that do pay Microsoft - their customers. Which is pretty much everyone.

      • So by the same idea, Linux users should be supporting and patching MS products. Unpatched MS machines affect Linux users also.
      • It seems to extend further than just protecting their paying customers.

        To analogize: Security is something that all people need and is sorely lacking in Microsoft products, and money is how Microsoft is milking their monopoly. That's like going in to vote, and getting arrested for unpaid parking tickets.

        Windows desperately needs the security, and it is a sore spot how quickly an unpatched box will be taken over without constant updates. Anything that might reduce the severely lacking security is an affr
    • They should do it for the sake of their other customers.

      Unlike Microsoft, viruses, spyware, and other forms of malware don't check for Genuine Advantage.
      • Would be a neat idea though. A Windows exploit that only targets people who have legal copies?

        How long until it happens?

        No doubt Microsoft are currently (secretly) working on the opposite, a BSOD exploit that only targets illegal copies.
    • It's true they aren't customers. I'm curious though how this will fly with the unwashed masses. It's an open secret that people upgrade home computers with shared copies of windows and office. these are people who balk at spending $200 on hardware, I'm not sure they're going to run out and buy windows if they can't get it for free.

      So what do they do? Run the OS that came on their dell for a few years longer maybe. maybe you'll see some more linux uptake at the fringes. Apple showed us you can have a
  • Not good (Score:5, Interesting)

    by TheRealFixer (552803) on Wednesday January 26, 2005 @09:52AM (#11479225)
    And what happens if the machine you're legitimately trying to update can't be put on the internet? I remember during the blaster virus, some of our laptops were getting infected so fast, we had to make sure the remote users did NOT get online, and we had to send them the security update and blaster cleaner on disk.

    So, under Microsoft's new model, we wouldn't have been able to fix those machines, because as soon as we let them on the internet to "validate" their copy of Windows and download the patch, they would have been reinfected and rebooted. Lame.
    • Corporate users (Score:4, Insightful)

      by truthsearch (249536) on Wednesday January 26, 2005 @10:18AM (#11479483) Homepage Journal
      Separate downloads will always be available because corporate users generally do not use Windows Update for their workstations and servers. They have to download separate patches so they can be fully tested, then distribute it themselves. Whether or not these downloads will be available to everyone on their website is unknown. But the article only says this license check "also" will be used for Windows Update, not Windows Update exclusively.

      There's no way they'll alienate all of their corporate customers. Updates will still be available as separate downloads or on CD.
    • Re:Not good (Score:3, Informative)

      by Technician (215283)
      I remember during the blaster virus, some of our laptops were getting infected so fast, we had to make sure the remote users did NOT get online, and we had to send them the security update and blaster cleaner on disk.


      Set up a segment behind a router that only permits packets from Microsoft's IP range. Un-patched systems go there to get patched before being permitted online.
  • Smart move. (Score:4, Insightful)

    by T-Keith (782767) on Wednesday January 26, 2005 @09:53AM (#11479247)
    Talk about using your worst problem to your advantage. Now security holes sell windows. It's amazing what a monopoly can do isn't it?
  • by Janosh (777222) on Wednesday January 26, 2005 @09:54AM (#11479252) Homepage
    If/When windows-update denies pirated versons of windows, people with pirated versons, who can't get security updates can risk having their machines turned into spam zombies.
    And then every one on the internet will have a problem when the net is flooded with spam from unpatched zombies.

    Or we can hope that people will switch to something some people consider a better OS when they no longer get updates from MS.
  • Linux Uptake (Score:5, Insightful)

    by codepunk (167897) on Wednesday January 26, 2005 @09:54AM (#11479253)
    Awsome simply awsome the tighter they make their licensing the quicker the uptake for Linux. Hell I don't really know anyone other than some companies that buy legitimate copies of windows. Hopefully they will put a check in Office that will not let you run on a pirated system as well.

    Short term revenue gain, long term loss.
    • Re:Linux Uptake (Score:3, Insightful)

      by jcenters (570494)
      Awsome simply awsome the tighter they make their licensing the quicker the uptake for Linux.

      Don't you mean:

      "Governor Ballmer, the more you tighten your grip, the more systems will slip through your fingers."

      Sorry, couldn't resist.

  • I'm interested (Score:3, Interesting)

    by JediTrainer (314273) on Wednesday January 26, 2005 @09:57AM (#11479284)
    ... in exactly how many machines we're talking about here. Given that every time I've purchased a machine in the last 5 years I've been force-fed a Windows license, how likely is it for someone to have a pirate copy?

    I'm still steaming from all the times I've purchased machines to run Linux, yet been forced to buy the OEM Windows license along with it.

    And before anyone mentions building a box yourself, that just causes a hassle when it comes to warranties (I want a name brand machine that I can take back if something breaks in its hardware), and companies that allow you to purchase the machine without an OS are virtually nonexistant in my area.

    So given that I've been forced to buy a Windows license with every PC I own (whether I use it or not), I'm not sure how it's possible that there's that many pirate copies out there.
  • Automatic update (Score:4, Insightful)

    by Neo-Rio-101 (700494) on Wednesday January 26, 2005 @09:58AM (#11479289)
    Assuming that MS tinker with automatic Windows update so that it detects illegal installs when a user tries Widnows Update on a pirated copy, I can't see how this system is going to work.

    At the moment, any user of Windows (legal or illegal) can MANUALLY find the system administrator patches easily on Microsoft's website.

    Unless MS manage to work a pirate copy checking system into each and every one of their system patches, this system will be easily broken. (and even then pirates may distribute cracked patches)

    My main beef with MS is that I paid for XP, but reinstalling the system just to fix it means that I have to play their stupid online registration game - which only gives me so many lives before "Game over"
  • by CdBee (742846) on Wednesday January 26, 2005 @09:59AM (#11479299)
    If you install WinXP Volume licenced edition with the famous FCKGW RHQQ2 (Genius!) serial number then install IE critical updates from Windowsupdate, the computer will start crashing on an occasional basis... its been widely rumoured that early on in the XP lifecycle Microsoft issued a patch which has an additional function of degrading the reliability of pirated copies.

    This is reproducible with any XP volume licenced CD using that serial so bad media can be ruled out
  • by a_nonamiss (743253) on Wednesday January 26, 2005 @10:01AM (#11479319)
    Althought I hate to give Microsoft any credit at all, I can't really say that, in theory, Microsoft is out of their right to do this. However, with the new Media Player, I have a real legitimate copy of Windows XP, and it was still unable to verify the authenticity of my software. Being optional, of course, I ignored it, but if that 100% legitimate copy stops working some day because Microsoft can't verify its authenticity, what then? Call Microsoft and tell them? I'm sure I don't have the receipt for a copy that I bought 3 years ago. Is Microsoft going to take my word for it that it's legit? What if it happens on a Sunday night before Christmas? Are they going to have operators standing by to get me working again?

    I sure hope they think this policy out before implementing it. As a sysadmin of a small business network, I sure as hell hope that nothing goes wrong with our volume licensed copies.

    In the immortal works of Han Solo, "I have a really bad feeling about this..."
  • by goldspider (445116) <ardrake79NO@SPAMgmail.com> on Wednesday January 26, 2005 @10:02AM (#11479328) Homepage
    If anything, it might nudge some people to a Mac. Apple has the brand recognition, and you can buy "For Macintosh OS X" software in stores. In other words, they know what they're getting with a Mac.

    With Linux, on the other hand, most people wouldn't have any idea whether or not they would be able to use the software they want, let alone how to get it even if it did exist for Linux.
  • Sinister Hacker (Score:5, Interesting)

    by codepunk (167897) on Wednesday January 26, 2005 @10:04AM (#11479354)
    Ok say some sinister hacker knowing that cd keys are
    stored in the registry builds a little one liner that inserts a known comprimised key. You know ms is gonna check for this.

    The result is a ton of instantly owned machines since they are unable to install security updates.......brilliant plan

    That being said I hope they enforce their licensing pirates are slowing the uptake of Linux, it hurts everyone.
  • Bad For Security (Score:5, Insightful)

    by iammrjvo (597745) on Wednesday January 26, 2005 @10:07AM (#11479375) Homepage Journal

    I remember reading a Crypto-Gram article on this a while back. Here's some great, relevant commentary from Schneier. The original link is http://www.schneier.com/crypto-gram-0406.html#4 [schneier.com].

    The security of your computer and your network depends on two things: what you do to secure your computer and network, and what everyone else does to secure their computers and networks. It's not enough for you to maintain a secure network. If everybody else doesn't maintain their security, we're all more vulnerable to attack. When there are lots of insecure computers connected to the Internet, worms spread faster and more extensively, distributed denial-of-service attacks are easier to launch, and spammers have more platforms from which to send e-mail. The more insecure the average computer on the Internet is, the more insecure your computer is.

    It's like malaria: everyone is safer when we all work together to drain the swamps and increase the level of hygiene in our community.

    This is the backdrop from which to understand Microsoft's Windows XP security upgrade: Service Pack 2. SP2 is a major security upgrade. It includes features like Windows Firewall, an enhanced personal firewall that is turned on by default, and a better automatic patching feature. It includes a bunch of small security improvements. It makes Windows XP more secure.

    In early May, stories were written saying that Microsoft would make this upgrade available to all XP users, both licensed and unlicensed. To me, this was a very smart move on Microsoft's part. Think about all the ways it benefits Microsoft. One, its licensed users are more secure. Two, its licensed users are happier. Three, worms that attack Microsoft products are less virulent, which means Microsoft doesn't look as bad in the press. Microsoft wins, Microsoft's customers win, the Internet wins. It's the kind of marketing move that businessmen write best-selling books about.

    Sadly, the press was wrong. Soon after, Microsoft said the initial comments were wrong, and that SP2 would not run on pirated copies of XP. Those copies would not be upgradeable, and would remain insecure. Only legal copies of the software could be secured.

    This is the wrong decision, for all the same reasons that the opposite decision was the correct one.

    Of course, Microsoft is within its rights to deny service to those who have pirated its products. It makes sense for them to make sure performance or feature upgrades do not run on pirated software. They want to deny people who haven't paid for Microsoft products the benefit of them, and entice them to become licensed users. But security upgrades are different. Microsoft is harming its licensed users by denying security to its unlicensed users.

    This decision, more than anything else Microsoft has said or done in the last few years, proves to me that security is not the first priority of the company. Here was a chance to do the right thing: to put security ahead of profits. Here was a chance to look good in the press, and improve security for all their users worldwide. Microsoft claims that improving security is the most important thing, but their actions prove otherwise.

    SP2 is an important security upgrade to Windows XP, and I hope it is widely installed among licensed XP users. I also hope it is quickly pirated, so unlicensed XP users can also install it. In order for me to remain secure on the Internet, I need everyone to become more secure. And the more people who install SP2, the more we all benefit.

  • Activate Windows XP (Score:5, Interesting)

    by topham (32406) on Wednesday January 26, 2005 @10:15AM (#11479456) Homepage

    So last night I was playing Wow for a while and the performance in Orgrimmar was pretty bad. I figured I'd up the ram in my main maachine to fix the problem.

    Pulled the ram from another machine, dropped it in and rebooted windows. Windows XP then informed me I had made substantial changes to the machine since I installed XP Pro on it and told me I had to re-activate it.

    If this causes me, at a future date, to have issues because another minor change triggers the Activate windows, and it fails for some reason and I can't get security updates I am going to sue their ass.

    Thankfully I have a Mac.
    (If I had Priated XP I wouldn't even have this concern. I'm sick of being treated like shit after spending a few hundred on stuff.)
    • Try WoW on linux.

      Yes, framerates in D3D mode are somewhat less. (Probably 20-30% slower)

      OpenGL mode, however, is just as fast, and transgaming has identified the problem with using the minimap indoors.

      All the pixel shader effects are supported, by the way.

      I've heard people get crash to desktops in WoW. Or have other sorts of stability problems.

      Other than the aforementioned minimap issue, which had been a known issuse by transgaming for awhile now, WoW has been 100% rock solid on my system (I.E. absolut
  • Tell me again... (Score:3, Informative)

    by gambit3 (463693) on Wednesday January 26, 2005 @10:16AM (#11479466) Homepage Journal
    from the article:
    "Users of pirated copies of Windows will still be able get some updates, such as security patches, but will not be able to get other add-ons for Windows, the Redmond, Wash.-based company said in a statement."

    So, tell me again how this is a bad thing? Don't we already bitch about the useless crap M$ dumps on computers?
  • by repetty (260322) on Wednesday January 26, 2005 @11:10AM (#11480048) Homepage
    There certainly are a lot of pissed of Windows pirates here.

    Just an observation....
  • by cascadefx (174894) * <morlockhq&gmail,com> on Wednesday January 26, 2005 @11:18AM (#11480143) Journal
    I like to use knoppix and technet to drop updates onto a fresh install before connecting a fledgeling Windows system on a network.

    I wonder if we're still going to be able to get access to Technet articles?
  • by Arslan ibn Da'ud (636514) on Wednesday January 26, 2005 @11:20AM (#11480169) Homepage
    Great. By enforcing that your Windows is legal when doing security updates, MS ensures that the world will be full of computers with insecure pirated Windows boxes. Ideal for spammers, haxors & pwners.

    It sure beats MS enforcing Windows being legal when you try to actually INSTALL windows. Why, if they did that, the world would be devoid of pirated Windows...just legit, secure Windows. And a few Linux machines here 'n there.

    Obviously MS prefers that there be lots of insecure pirated Windows boxes out there. I wonder why...

  • by gfecyk (117430) on Wednesday January 26, 2005 @11:21AM (#11480178) Homepage Journal
    If they can't be bothered to pay for their support, they can switch to a "free" operating system with maintainers that give "free" patches to their "free" bugs and "free" vulnerabilities.

    It would sure make my job easier as a consultant. If I had a license fee's worth for every pirated installation of Windows XP I've refused to support... "OK I need to replace this file, where's your XP CD-ROM?" "What XP CD-ROM?"
  • Excellent (Score:3, Insightful)

    by hkb (777908) on Wednesday January 26, 2005 @11:46AM (#11480494)
    What an excellent way to shift the blame.

    "Well, there wouldn't be so many worms and exploits out there if it wasn't for those damned pirates."

    "Sorry dear customer, due to all those evil pirates, you got infected by a worm."

    "It wasn't our software, it was the pirates."
  • by MrByte420 (554317) * on Wednesday January 26, 2005 @12:57PM (#11481440) Journal
    Users who have lost that number will be asked three basic questions, and if they are deemed to be acting in good faith they will be given a free replacement key

    Microsoft: What is your name!
    Me: Stephen
    Microsoft: What is yur quest!
    Me: I seek the Security Patches!
    Microsoft: What is your product Key?
    Me: Uh, I don't know that Ahhhhhhhhhhhhhhhhhhhhhh.

The flow chart is a most thoroughly oversold piece of program documentation. -- Frederick Brooks, "The Mythical Man Month"

Working...