Re: I'm thinking about suing Microsoft
You have to explicitly choose that option. Are you suggesting we shouldn't be able to choose that? I'm not a big fan of trusting MS patches, as they tend to break things periodically...On Oct 27, 2006, at 8:47 AM, Michael Beckmann wrote:I think there is a problem where a version of XP downloads the security patches automatically, but does not install them. This does not lead to increased security, because most users are gnorant of security patches and would never install them manually.Michael--On Montag, 23. Oktober 2006 16:46 -0400 "Rose, Bobby" <[EMAIL PROTECTED]> wrote: But windows patches are free. Even if you are using an illegal copy ofwindows, you can still manually download and install the patches. It'sMicrosoft Update where they mostly have the genuine windows verificationcode. Even Redhat forces you to pay subscriptions for their autoupdatemanagement stuff.-Original Message-From: Marc Perkel [mailto:[EMAIL PROTECTED]]Sent: Monday, October 23, 2006 3:59 PMTo: JoCc: Duane Hill; users@spamassassin.apache.orgSubject: Re: I'm thinking about suing MicrosoftPopularity is a factor. But the real vulnerability is that Windows canbe more secure if it has the patches. If Linux for example restrictedit's seurity patches to only licensed users they would have the sameproblem. I'm not saying either that MS should be compelled to distributeany upgrades for free. Just secutiry fixes. -- Jay ChandlerNetwork Administrator, Chapman University714-628-7249 / [EMAIL PROTECTED]"Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never does quite what I want. I wish Christopher Robin was here." -- Peter Da Silva in a.s.r.
RE: I'm thinking about suing Microsoft
I think there is a problem where a version of XP downloads the security patches automatically, but does not install them. This does not lead to increased security, because most users are gnorant of security patches and would never install them manually. Michael --On Montag, 23. Oktober 2006 16:46 -0400 "Rose, Bobby" <[EMAIL PROTECTED]> wrote: But windows patches are free. Even if you are using an illegal copy of windows, you can still manually download and install the patches. It's Microsoft Update where they mostly have the genuine windows verification code. Even Redhat forces you to pay subscriptions for their autoupdate management stuff. -Original Message- From: Marc Perkel [mailto:[EMAIL PROTECTED] Sent: Monday, October 23, 2006 3:59 PM To: Jo Cc: Duane Hill; users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft Popularity is a factor. But the real vulnerability is that Windows can be more secure if it has the patches. If Linux for example restricted it's seurity patches to only licensed users they would have the same problem. I'm not saying either that MS should be compelled to distribute any upgrades for free. Just secutiry fixes.
RE: I'm thinking about suing Microsoft
On Wed, 25 Oct 2006, Christopher Martin wrote: > Yes, Microsoft should write tighter code. Is it grounds for a > lawsuit? Well, I would suggest that any tech savvy judge (not that > one exists) would throw the case out, citing that it is common > knowledge that there are intrinsic security complications in > Windows. They would also say that if you buy Windows in full > knowledge of these pre-existing issues and then fail to take the > appropriate action then it's your own silly fault, in the same way > people burn themselves on a hot apple pie (despite the presence of > hot in title, as opposed to warm or tepid). Inappropriate analogy. He doesn't want to sue because his own copy of Windows is causing him grief, he wants to sue because everyone else's copy of Windows is being used as an attack vector against him due to inherent security flaws that MS does not find profitable to fix. -- John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/ [EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never does quite what I want. I wish Christopher Robin was here." -- Peter da Silva in a.s.r --- 4 days until Daylight Savings Time ends in U.S.
Re: I'm thinking about suing Microsoft
On Wednesday 25 October 2006 10:27, Mike Woods took the opportunity to say: > Mosenior 'Mo' Moses wrote: > > That is, > > > > Until it starts being used. Then all of the issues will be fixed in > > the next release ;-). I've noticed that M$ is always secure... before > > it goes into circulation. > > Reminds me of the old line about computer security "The only way to > completely secure a computer is to unplug it" :p > > The ultimate windows security accessory, A pair of scissors to cut the > power cable :D http://www.ranum.com/security/computer_security/papers/a1-firewall/ -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpiIPcWPGvki.pgp Description: PGP signature
Re: I'm thinking about suing Microsoft
Mike Woods wrote: The ultimate windows security accessory, A pair of scissors to cut the power cable :D A truly shocking idea! -- Kelson Vibber SpeedGate Communications
Re: I'm thinking about suing Microsoft
Christopher Martin wrote: If you sit an average Windows user down in front of a system running Linux or something else Posix, they will bitch about having to log in, they will bitch about having to type in a password to install software and they will be frustrated when their torrent client doesn't just use UPnP to open up the required ports. And, as for default security setups, OS X doesn't require a password by default, you have to switch in on before it challenges for a password (but it does ask for passwords before you can make any system changes, but you have plenty of elevation opportunities before that becomes an issue). I remember when Mac OS X was in public beta, a common complaint was "I hate having to log into my own machine!" At that time, you *did* have to log in with a password, even if it was a single-user machine. By the time it was released, automatic passwordless login was the default. Of course, people who only knew the beta version continued to make the same complaint over the next year or two. But then, I'm sure there are people out there who won't touch Linux because they still think you have to compile your own kernel and either compile all your programs or manually search through 20 levels of RPM hell just to install one program. -- Kelson Vibber SpeedGate Communications
RE: I'm thinking about suing Microsoft
That was a good one! Shane -Original Message- From: jdow [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 6:42 PM To: users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft Yeah, but that's only effective in the three or four copies they manage to sell {^_-} - Original Message - From: "Thomas Mullins" <[EMAIL PROTECTED]> Don't worry about all of the security flaws currently in Windows. All security holes are fixed in Vista or Longhorn upgrade. Shane -Original Message- From: Chris Lear [mailto:[EMAIL PROTECTED] * Marc Perkel wrote (23/10/06 19:34): > I'm considering filing a lawsuit against Microsoft to try to get an > order to make them make public security updates for Windows to everyone, > registered or not. > > The idea is that their product Windows creates a toxic byproduct > (spam,ddos zombies) that interfere with everyone else's internet usage > and that they have a responsibility to clean it up. It would be similar > to a suit where a business that is otherwise legitimate attracts crime > in a neighborhood or a manufacturer dumping toxic waste into a stream. > > Virus infected spam zombie are a toxic byproduct of their business model > and it affects all of us and they have a duty to the public to fix it. > I'm somewhat of a legal expert, not a lawyer though. But just wanted to > get some feedback on the idea. > > Only in America...
Re: I'm thinking about suing Microsoft
* Marc Perkel wrote (25/10/06 05:22): > Europeans have sued Microsoft many times. For anti-competitive behaviour, maybe. For copyright infringement, perhaps. But for attracting crime? For discriminating against owners of illegal software? I hope not. If you win, of course, you might take on php, perl and other easy-to-use web scripting languages that allow people to write crime-attracting sites that are easy targets for IRC bots etc. Plenty of scope for the Perkel suing machine. Unless your real gripe is simply that Microsoft a) is successful and b) insists on licensing software. Unfortunately, neither of these things is illegal in any country as far as I can tell. > > Chris Lear wrote: >> * Marc Perkel wrote (23/10/06 19:34): >>> I'm considering filing a lawsuit against Microsoft to try to get an >>> order to make them make public security updates for Windows to >>> everyone, registered or not. >>> >>> The idea is that their product Windows creates a toxic byproduct >>> (spam,ddos zombies) that interfere with everyone else's internet >>> usage and that they have a responsibility to clean it up. It would be >>> similar to a suit where a business that is otherwise legitimate >>> attracts crime in a neighborhood or a manufacturer dumping toxic >>> waste into a stream. >>> >>> Virus infected spam zombie are a toxic byproduct of their business >>> model and it affects all of us and they have a duty to the public to >>> fix it. I'm somewhat of a legal expert, not a lawyer though. But just >>> wanted to get some feedback on the idea. >>> >>> >> >> Only in America... >>
Re: I'm thinking about suing Microsoft
Mosenior 'Mo' Moses wrote: > That is, > > Until it starts being used. Then all of the issues will be fixed in > the next release ;-). I've noticed that M$ is always secure... before > it goes into circulation. Reminds me of the old line about computer security "The only way to completely secure a computer is to unplug it" :p The ultimate windows security accessory, A pair of scissors to cut the power cable :D --- Mike Woods Systems Administrator
Re: I'm thinking about suing Microsoft
Europeans have sued Microsoft many times. Chris Lear wrote: * Marc Perkel wrote (23/10/06 19:34): I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Only in America...
RE: I'm thinking about suing Microsoft
> -Original Message- > From: James Butler [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 24 October 2006 5:42 AM > To: users@spamassassin.apache.org > Subject: Re: I'm thinking about suing Microsoft > > > Holding the position of "most widely-attacked" is no reason > for it to also be "least > secure-due-to-widely-known-and-poorly-corrected-issues". Even > if Apple/Posix products were as "widely attacked" as Windows > products, the results would be far less damaging to the > global infrastructure, despite Posix near stranglehold on > server systems worldwide. > > I'm in favor of investigating a lawsuit such as the one > described, because Microsoft is in the same arena as other > major manufacturers (automobiles, telephone systems, medical > equipment, etc.) that are regularly held accountable for > problems with their products that impact safety and economic > issues on a broad scale. > > James Windows is a commercial OS, and at the end of the day their intent is to make their paying customers happy. The second part of the issue is that they feel that security is the user's responsibility (I, personally, don't think that there is a right or wrong in that particular argument), so they provide the tools but don't restrict much by default (except in the case of the Windows firewall, which is on by default). I think that it would be an interesting exercise for MS to include an option during install either have it start in a default deny or default allow profile, and see how many users pick the option that is less secure but more convenient. I am inclined to suggest that perhaps it's not just Microsoft's fault but it is also a statement about the quality of their customers and what they want. If you sit an average Windows user down in front of a system running Linux or something else Posix, they will bitch about having to log in, they will bitch about having to type in a password to install software and they will be frustrated when their torrent client doesn't just use UPnP to open up the required ports. And, as for default security setups, OS X doesn't require a password by default, you have to switch in on before it challenges for a password (but it does ask for passwords before you can make any system changes, but you have plenty of elevation opportunities before that becomes an issue). Yes, Microsoft should write tighter code. Is it grounds for a lawsuit? Well, I would suggest that any tech savvy judge (not that one exists) would throw the case out, citing that it is common knowledge that there are intrinsic security complications in Windows. They would also say that if you buy Windows in full knowledge of these pre-existing issues and then fail to take the appropriate action then it's your own silly fault, in the same way people burn themselves on a hot apple pie (despite the presence of hot in title, as opposed to warm or tepid). I can assure you right now that the only reason their are safety precautions in cars is because the manufacturers are legislated as having to be there. Private companies are not their to protect us from ourselves, that's the government's job. So, if you want all operating systems to have to be secure by default, whinge to your local representative rather than get all litigious. Laws can solve problems, lawsuits usually only create them.
Re: I'm thinking about suing Microsoft
From: "Giampaolo Tomassoni" <[EMAIL PROTECTED]> > Only in America... It might have a better chance of working in Europe where hugely deep pockets are not as effective a defense against lawsuits as in the US. In the US not even the government has pockets deep enough to sue MS over this issue. Oh, comeone: the last fee M$ had to pay was basicly a tip: a lot of laws about computer security enforcement which where carefully designed to push for the adoption of MS systems suddenly sprung all around Europe, so... <>In other words you just proved that Microsoft's sheer size and bank account makes it immune to any form of product liability law suit. {^_-}
Re: I'm thinking about suing Microsoft
On Tue, 24 Oct 2006 08:38:23 -0400 "Thomas Mullins" <[EMAIL PROTECTED]> wrote: > Don't worry about all of the security flaws currently in Windows. All > security holes are fixed in Vista or Longhorn upgrade. > > Shane > That is, Until it starts being used. Then all of the issues will be fixed in the next release ;-). I've noticed that M$ is always secure... before it goes into circulation. Mo' > > -Original Message- > From: Chris Lear [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 24, 2006 5:38 AM > To: users@spamassassin.apache.org > Subject: Re: I'm thinking about suing Microsoft > > * Marc Perkel wrote (23/10/06 19:34): > > I'm considering filing a lawsuit against Microsoft to try to get an > > order to make them make public security updates for Windows to > everyone, > > registered or not. > > > > The idea is that their product Windows creates a toxic byproduct > > (spam,ddos zombies) that interfere with everyone else's internet > > usage > > > and that they have a responsibility to clean it up. It would be > similar > > to a suit where a business that is otherwise legitimate attracts > > crime > > > in a neighborhood or a manufacturer dumping toxic waste into a > > stream. > > > > Virus infected spam zombie are a toxic byproduct of their business > model > > and it affects all of us and they have a duty to the public to fix > > it. > > > I'm somewhat of a legal expert, not a lawyer though. But just wanted > to > > get some feedback on the idea. > > > > > > Only in America... > > > -- The real voyage of discovery consists not in seeing new landscapes but in having new eyes. --Proust All The Best Mosenior Moses TVCNet.com
Re: I'm thinking about suing Microsoft
Yeah, but that's only effective in the three or four copies they manage to sell {^_-} - Original Message - From: "Thomas Mullins" <[EMAIL PROTECTED]> Don't worry about all of the security flaws currently in Windows. All security holes are fixed in Vista or Longhorn upgrade. Shane -Original Message- From: Chris Lear [mailto:[EMAIL PROTECTED] * Marc Perkel wrote (23/10/06 19:34): I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Only in America...
Re: I'm thinking about suing Microsoft
From: "Chris Lear" <[EMAIL PROTECTED]> * Marc Perkel wrote (23/10/06 19:34): I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Only in America... It might have a better chance of working in Europe where hugely deep pockets are not as effective a defense against lawsuits as in the US. In the US not even the government has pockets deep enough to sue MS over this issue. {^_^}
RE: I'm thinking about suing Microsoft
I was being somewhat sarcastic. I am a BSD nut. Shane -Original Message- From: Chinta, Chaitanya Sai Krishna [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 8:56 AM To: users@spamassassin.apache.org Subject: RE: I'm thinking about suing Microsoft I cannot beleive if some one says Windows is free of flaws... neither the reviews of Vista are good In my opinion Vista is not yet ready for the primetime. and with all its Jumbo requirements, I dont think it can please the world. -Chaitu -Original Message- From: Thomas Mullins [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 6:08 PM To: Chris Lear; users@spamassassin.apache.org Subject: RE: I'm thinking about suing Microsoft Don't worry about all of the security flaws currently in Windows. All security holes are fixed in Vista or Longhorn upgrade. Shane -Original Message- From: Chris Lear [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 5:38 AM To: users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft * Marc Perkel wrote (23/10/06 19:34): > I'm considering filing a lawsuit against Microsoft to try to get an > order to make them make public security updates for Windows to everyone, > registered or not. > > The idea is that their product Windows creates a toxic byproduct > (spam,ddos zombies) that interfere with everyone else's internet usage > and that they have a responsibility to clean it up. It would be similar > to a suit where a business that is otherwise legitimate attracts crime > in a neighborhood or a manufacturer dumping toxic waste into a stream. > > Virus infected spam zombie are a toxic byproduct of their business model > and it affects all of us and they have a duty to the public to fix it. > I'm somewhat of a legal expert, not a lawyer though. But just wanted to > get some feedback on the idea. > > Only in America...
RE: I'm thinking about suing Microsoft
I cannot beleive if some one says Windows is free of flaws... neither the reviews of Vista are good In my opinion Vista is not yet ready for the primetime. and with all its Jumbo requirements, I dont think it can please the world. -Chaitu -Original Message- From: Thomas Mullins [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 6:08 PM To: Chris Lear; users@spamassassin.apache.org Subject: RE: I'm thinking about suing Microsoft Don't worry about all of the security flaws currently in Windows. All security holes are fixed in Vista or Longhorn upgrade. Shane -Original Message- From: Chris Lear [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 5:38 AM To: users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft * Marc Perkel wrote (23/10/06 19:34): > I'm considering filing a lawsuit against Microsoft to try to get an > order to make them make public security updates for Windows to everyone, > registered or not. > > The idea is that their product Windows creates a toxic byproduct > (spam,ddos zombies) that interfere with everyone else's internet usage > and that they have a responsibility to clean it up. It would be similar > to a suit where a business that is otherwise legitimate attracts crime > in a neighborhood or a manufacturer dumping toxic waste into a stream. > > Virus infected spam zombie are a toxic byproduct of their business model > and it affects all of us and they have a duty to the public to fix it. > I'm somewhat of a legal expert, not a lawyer though. But just wanted to > get some feedback on the idea. > > Only in America...
RE: I'm thinking about suing Microsoft
Don't worry about all of the security flaws currently in Windows. All security holes are fixed in Vista or Longhorn upgrade. Shane -Original Message- From: Chris Lear [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 24, 2006 5:38 AM To: users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft * Marc Perkel wrote (23/10/06 19:34): > I'm considering filing a lawsuit against Microsoft to try to get an > order to make them make public security updates for Windows to everyone, > registered or not. > > The idea is that their product Windows creates a toxic byproduct > (spam,ddos zombies) that interfere with everyone else's internet usage > and that they have a responsibility to clean it up. It would be similar > to a suit where a business that is otherwise legitimate attracts crime > in a neighborhood or a manufacturer dumping toxic waste into a stream. > > Virus infected spam zombie are a toxic byproduct of their business model > and it affects all of us and they have a duty to the public to fix it. > I'm somewhat of a legal expert, not a lawyer though. But just wanted to > get some feedback on the idea. > > Only in America...
Re: I'm thinking about suing Microsoft
* Marc Perkel wrote (23/10/06 19:34): I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Only in America...
Re: I'm thinking about suing Microsoft
On Monday 23 October 2006 11:17, Duane Hill wrote: > As it is now, Windows is the most widely used platform at > present. That is the reason it is the most widely attacked. Ah, someone else who has drunk the cool-aid poured by Ballmer and Gates. Windows is attacked because its EASY, not necessarily because its popular. Bill would rather you spout the nonsense you did, and for that he thanks you, i'm sure. -- _ John Andersen pgpzCpvrQNOkb.pgp Description: PGP signature
Re: I'm thinking about suing Microsoft
>> >> >> Jo wrote: >> > Duane Hill schreef: >> >> Marc Perkel wrote: >> >>> I'm considering filing a lawsuit against Microsoft to try to get an >> >>> order to make them make public security updates for Windows to >> >>> everyone, registered or not. >> >>> >> >>> The idea is that their product Windows creates a toxic byproduct >> >>> (spam,ddos zombies) that interfere with everyone else's internet >> >>> usage and that they have a responsibility to clean it up. It would >> >>> be similar to a suit where a business that is otherwise legitimate >> >>> attracts crime in a neighborhood or a manufacturer dumping toxic >> >>> waste into a stream. >> >>> >> >>> Virus infected spam zombie are a toxic byproduct of their business >> >>> model and it affects all of us and they have a duty to the public to >> >>> fix it. I'm somewhat of a legal expert, not a lawyer though. But >> >>> just wanted to get some feedback on the idea. >> >>> >> >>> >> >>> >> >> Good luck! As it is now, Windows is the most widely used platform at >> >> present. That is the reason it is the most widely attacked. If Mac >> >> OSX or any other platform were to rise up and be dominant, then guess >> >> what would happen? Yes. That platform would be the one most widely >> >> attacked. >> >> >> >> So, should the other OS platforms start to take action now in >> >> preparing for an OS mainstream shift? >> > I don't buy the hypothesis that if another OS would be more popular it >> > would automatically be such a sieve like Windows. A system can be >> > intrinsically more secure due to the choices that were made during its >> > development. >> > >> > Suing MS, I would say: Go for it! By all means. Maybe they can also >> > die the death of a thousand cuts. >> > >> > Jo >> >> Popularity is a factor. But the real vulnerability is that Windows can >> be more secure if it has the patches. If Linux for example restricted >> it's seurity patches to only licensed users they would have the same >> problem. I'm not saying either that MS should be compelled to distribute >> any upgrades for free. Just secutiry fixes. >> Hi, I believe that some users of illegal copies avoid to download security fixes because - they fear that some info about them might be sent to MS - it is not always clear what an update really does. I have no idea whether the first one is true, but I can say for sure that the ONLY update that windows suggested to install by itself on a specific pc was WGA but nothing security related. This does not necessarily improve confidence in the security update mechanism Side note: some of the "pirated" windows copies only seem to exist due to problems with the system, or strange licensing conditions. If I can trust some recent statistics, the vast majority of systems is sold with windows already installed, and should not be candidates for pirating at all. If these systems are set up such that the average user cannot reinstall after a crash or hardware change, users might prefer to reinstall from a non-restricted version and probably use a pirated one. After all, why should they pay twice for the same OS on the same computer Perhaps this aspect of the computer business should be questioned in court Wolfgang Hamann
RE: I'm thinking about suing Microsoft
But windows patches are free. Even if you are using an illegal copy of windows, you can still manually download and install the patches. It's Microsoft Update where they mostly have the genuine windows verification code. Even Redhat forces you to pay subscriptions for their autoupdate management stuff. -Original Message- From: Marc Perkel [mailto:[EMAIL PROTECTED] Sent: Monday, October 23, 2006 3:59 PM To: Jo Cc: Duane Hill; users@spamassassin.apache.org Subject: Re: I'm thinking about suing Microsoft Popularity is a factor. But the real vulnerability is that Windows can be more secure if it has the patches. If Linux for example restricted it's seurity patches to only licensed users they would have the same problem. I'm not saying either that MS should be compelled to distribute any upgrades for free. Just secutiry fixes.
Re: I'm thinking about suing Microsoft
On Monday 23 October 2006 21:58, Peter H. Lemieux took the opportunity to say: > Magnus Holmgren wrote: > > I thought they did? At least the message from WU/WGA on one computer with > > Windows XP I used recently was that unauthorised installations only get > > critical updates, but they do get those. Is that going to change with > > Vista? > > Yes. See, for instance, http://www.computerworld.com/blogs/node/3665 > > Vista machines that Windows "Genuine Advantage" believes to be pirated > will operate with reduced functionality, including disabling the "Windows > Defender" software that protects against malware. But Windows Defender != patches for security holes? Still, bad move ("security in depth" etc.). We can only pray that, to the extent SPP works, people will either pay up or get rid of Vista, or Windows altogether. > All that said, those of you who think a lawsuit is a good approach should > start by reading the Windows EULA. Like most EULA's it exempts Microsoft > from liability for just about anything it's software does. The EULA isn't binding to third parties, though. The question is whether Microsoft, by willfully denying some computers adequate protection, is liable of contributing to the crimes committed by others, or those installing unauthorised copies are fully responsible. -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpftWD2JL9Vx.pgp Description: PGP signature
Re: I'm thinking about suing Microsoft
Peter H. Lemieux wrote: Magnus Holmgren wrote: I thought they did? At least the message from WU/WGA on one computer with Windows XP I used recently was that unauthorised installations only get critical updates, but they do get those. Is that going to change with Vista? Yes. See, for instance, http://www.computerworld.com/blogs/node/3665 Vista machines that Windows "Genuine Advantage" believes to be pirated will operate with reduced functionality, including disabling the "Windows Defender" software that protects against malware. What's especially troubling is the large number of false positives that WGA currently generates if the computer's hardware is significantly altered. It also seems to me that this approach leaves these machines ripe for a denial-of-service attack where a virus somehow changes the WGA signature on the machine so it appears that the Windows OS is pirated. Then the next time WGA phones home it switches the infected computer to the reduced functionality state (which generates lots of calls to the help desk!). All that said, those of you who think a lawsuit is a good approach should start by reading the Windows EULA. Like most EULA's it exempts Microsoft from liability for just about anything it's software does. I also suspect most judges wouldn't consider spamming to be a sufficient threat to the public's health and welfare that it would justify taking legal actions against Microsoft. But, if your attorneys think this is a good idea, more power to you! Peter Lots of companies state that they are exempt from liability that they aren't exempt from. Just because an agreement says "we aren't liable" really means nothing. And it doesn't apply to third parties who are affected.
Re: I'm thinking about suing Microsoft
Magnus Holmgren wrote: I thought they did? At least the message from WU/WGA on one computer with Windows XP I used recently was that unauthorised installations only get critical updates, but they do get those. Is that going to change with Vista? Yes. See, for instance, http://www.computerworld.com/blogs/node/3665 Vista machines that Windows "Genuine Advantage" believes to be pirated will operate with reduced functionality, including disabling the "Windows Defender" software that protects against malware. What's especially troubling is the large number of false positives that WGA currently generates if the computer's hardware is significantly altered. It also seems to me that this approach leaves these machines ripe for a denial-of-service attack where a virus somehow changes the WGA signature on the machine so it appears that the Windows OS is pirated. Then the next time WGA phones home it switches the infected computer to the reduced functionality state (which generates lots of calls to the help desk!). All that said, those of you who think a lawsuit is a good approach should start by reading the Windows EULA. Like most EULA's it exempts Microsoft from liability for just about anything it's software does. I also suspect most judges wouldn't consider spamming to be a sufficient threat to the public's health and welfare that it would justify taking legal actions against Microsoft. But, if your attorneys think this is a good idea, more power to you! Peter
Re: I'm thinking about suing Microsoft
Jo wrote: Duane Hill schreef: Marc Perkel wrote: I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Good luck! As it is now, Windows is the most widely used platform at present. That is the reason it is the most widely attacked. If Mac OSX or any other platform were to rise up and be dominant, then guess what would happen? Yes. That platform would be the one most widely attacked. So, should the other OS platforms start to take action now in preparing for an OS mainstream shift? I don't buy the hypothesis that if another OS would be more popular it would automatically be such a sieve like Windows. A system can be intrinsically more secure due to the choices that were made during its development. Suing MS, I would say: Go for it! By all means. Maybe they can also die the death of a thousand cuts. Jo Popularity is a factor. But the real vulnerability is that Windows can be more secure if it has the patches. If Linux for example restricted it's seurity patches to only licensed users they would have the same problem. I'm not saying either that MS should be compelled to distribute any upgrades for free. Just secutiry fixes.
Re: I'm thinking about suing Microsoft
Holding the position of "most widely-attacked" is no reason for it to also be "least secure-due-to-widely-known-and-poorly-corrected-issues". Even if Apple/Posix products were as "widely attacked" as Windows products, the results would be far less damaging to the global infrastructure, despite Posix near stranglehold on server systems worldwide. I'm in favor of investigating a lawsuit such as the one described, because Microsoft is in the same arena as other major manufacturers (automobiles, telephone systems, medical equipment, etc.) that are regularly held accountable for problems with their products that impact safety and economic issues on a broad scale. James *** REPLY SEPARATOR *** On 10/23/06 at 7:17 PM Duane Hill wrote: >Marc Perkel wrote: >> I'm considering filing a lawsuit against Microsoft to try to get an >> order to make them make public security updates for Windows to >> everyone, registered or not. >> >> The idea is that their product Windows creates a toxic byproduct >> (spam,ddos zombies) that interfere with everyone else's internet usage >> and that they have a responsibility to clean it up. It would be >> similar to a suit where a business that is otherwise legitimate >> attracts crime in a neighborhood or a manufacturer dumping toxic waste >> into a stream. >> >> Virus infected spam zombie are a toxic byproduct of their business >> model and it affects all of us and they have a duty to the public to >> fix it. I'm somewhat of a legal expert, not a lawyer though. But just >> wanted to get some feedback on the idea. >> >> >> >Good luck! As it is now, Windows is the most widely used platform at >present. That is the reason it is the most widely attacked. If Mac OSX >or any other platform were to rise up and be dominant, then guess what >would happen? Yes. That platform would be the one most widely attacked. > >So, should the other OS platforms start to take action now in preparing >for an OS mainstream shift?
Re: I'm thinking about suing Microsoft
At 12:35 PM 10/23/2006, you wrote: My opinion is that security patches should be available to everyone so as not to create an army of zombies. Aren't OS-X patches openly available? I believe so. But then again, there is no product key for OS/X. It's been a while since I installed OS/X, but if I recall, hypothetically, you could buy one DVD of OS/X, install it on 30 computers, and no one would be the wiser. I mean, unless EVERY DVD is serialized, and the serial is hard coded...
Re: I'm thinking about suing Microsoft
Marc Perkel wrote: > > Duane Hill wrote: > > Marc Perkel wrote: > >> I'm considering filing a lawsuit against Microsoft to try to get an > >> order to make them make public security updates for Windows to > >> everyone, registered or not. > >> > >> The idea is that their product Windows creates a toxic byproduct > >> (spam,ddos zombies) that interfere with everyone else's internet > >> usage and that they have a responsibility to clean it up. It would be > >> similar to a suit where a business that is otherwise legitimate > >> attracts crime in a neighborhood or a manufacturer dumping toxic > >> waste into a stream. > >> > >> Virus infected spam zombie are a toxic byproduct of their business > >> model and it affects all of us and they have a duty to the public to > >> fix it. I'm somewhat of a legal expert, not a lawyer though. But just > >> wanted to get some feedback on the idea. > >> > >> > >> > > Good luck! As it is now, Windows is the most widely used platform at > > present. That is the reason it is the most widely attacked. If Mac OSX > > or any other platform were to rise up and be dominant, then guess what > > would happen? Yes. That platform would be the one most widely attacked. > > > > So, should the other OS platforms start to take action now in > > preparing for an OS mainstream shift? > > My opinion is that security patches should be available to everyone so > as not to create an army of zombies. Aren't OS-X patches openly available? > > It is my understanding that SECURITY patches are still freely available via Windows Update for currently supported Operating Systems. It is feature enhancements and other such downloads that are not available for pirated software.
Re: I'm thinking about suing Microsoft
On Monday 23 October 2006 20:34, Marc Perkel took the opportunity to say: > I'm considering filing a lawsuit against Microsoft to try to get an > order to make them make public security updates for Windows to everyone, > registered or not. I thought they did? At least the message from WU/WGA on one computer with Windows XP I used recently was that unauthorised installations only get critical updates, but they do get those. Is that going to change with Vista? -- Magnus Holmgren[EMAIL PROTECTED] (No Cc of list mail needed, thanks) pgpbYCVWuY4zj.pgp Description: PGP signature
Re: I'm thinking about suing Microsoft
Duane Hill schreef: Marc Perkel wrote: I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Good luck! As it is now, Windows is the most widely used platform at present. That is the reason it is the most widely attacked. If Mac OSX or any other platform were to rise up and be dominant, then guess what would happen? Yes. That platform would be the one most widely attacked. So, should the other OS platforms start to take action now in preparing for an OS mainstream shift? I don't buy the hypothesis that if another OS would be more popular it would automatically be such a sieve like Windows. A system can be intrinsically more secure due to the choices that were made during its development. Suing MS, I would say: Go for it! By all means. Maybe they can also die the death of a thousand cuts. Jo
Re: I'm thinking about suing Microsoft
Duane Hill wrote: Marc Perkel wrote: I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Good luck! As it is now, Windows is the most widely used platform at present. That is the reason it is the most widely attacked. If Mac OSX or any other platform were to rise up and be dominant, then guess what would happen? Yes. That platform would be the one most widely attacked. So, should the other OS platforms start to take action now in preparing for an OS mainstream shift? My opinion is that security patches should be available to everyone so as not to create an army of zombies. Aren't OS-X patches openly available?
Re: I'm thinking about suing Microsoft
Marc Perkel wrote: I'm considering filing a lawsuit against Microsoft to try to get an order to make them make public security updates for Windows to everyone, registered or not. The idea is that their product Windows creates a toxic byproduct (spam,ddos zombies) that interfere with everyone else's internet usage and that they have a responsibility to clean it up. It would be similar to a suit where a business that is otherwise legitimate attracts crime in a neighborhood or a manufacturer dumping toxic waste into a stream. Virus infected spam zombie are a toxic byproduct of their business model and it affects all of us and they have a duty to the public to fix it. I'm somewhat of a legal expert, not a lawyer though. But just wanted to get some feedback on the idea. Good luck! As it is now, Windows is the most widely used platform at present. That is the reason it is the most widely attacked. If Mac OSX or any other platform were to rise up and be dominant, then guess what would happen? Yes. That platform would be the one most widely attacked. So, should the other OS platforms start to take action now in preparing for an OS mainstream shift?