I don’t get the debate and conjecture. Neither of the 2 links shows an actual reason for the lawsuit. However, one of the ways that MS tried to limit the bootleg copies of XP Pro was to not give you SP1 if you didn’t have a valid key. Therefor it would be reasonable to guess that they want to use SP2 in the same way.
I got SP2 yesterday, so nya nya!
What would be smart of Microsloth is to USE bittorrent to distribute it from their own trackers which you can set up to require authentication via password to gain access.
It would allow them to control distribution to those they want to have it, and it would remove bottlenecks in the amount of people who could be downloading it at once.
A brilliant solution, but one which M$ would never go for. Remember the howls of laughter which greeted M$ when people found out that some of M$'s subcontractors were using Linux servers to distribute M$'s products via the web? Same thing here.
Yeah, I know… it was an ‘in a perfect world’ solution.
I did download the SP via bt and got it in under 30 minutes.
I understand the concerns that the service pack thingy should only be downloaded for Microsofts site, but why can’t they allow these kind of updates to be distibuted on the software disks that you get cellotaped to computer magazines?
Distributed, dammit! :smack:
P.S. There maybe other typos that I didn’t notice.
P.P.S. Anyone know of a spellchecker for Mozilla?
Because you keep typing it “M$”, which was already dumb and tiresome like 10 years ago. Makes you sound like any one of the thousands of insipid militant Linux-using Microsoft-bashers I’ve met over the past 10 years.
The rest of your point: sure, fine. It would be more convenient, maybe. But companies as large as Microsoft have to have control over the release of their software. Not because they’re money-grubbing or evil or trying to screw everyone, but because they have millions and millions of customers. If you’ve got a virus-scanner, use it, and your computer isn’t going to explode between now and the time that SP2 is offered over standard Windows update.
Because that would make sense.
Seriously, though, the reason for not doing it is because of the expense involved, since M$ would either have to pick up the tab for the whole CD or at least part of it, whereas with the web based distro, their costs are lower.
So do you assume that someone who refers to Fords as “Fucked Up Rebuilt Old Dodges” doesn’t currently drive one? (Which was no doubt dumb and tiresome 75 years ago.)
I’m not worrying about my PC exploding, I’m chapped because of the heavy handed way that M$ responded to this. Mockingbird posted the ideal solution above, yet M$ wouldn’t do that.
Again, by your logic of M$ having total control over the distribution, then they should legally be able to prevent me from helping to repair a friends computer (because I’m not M$ certified) and bar me for burning CDs of SP2 to give to my friends with dial up connections. All because I might incur costs for the company.
You say that because M$ has millions and millions of customers it is their right to tightly control the distribution of their software. I say that because M$ has millions of millions of customers, they are obligated to make sure that the security patches they write to correct the flaws in their software are distributed to the public as fast as possible. If M$ doesn’t want to spend the money to upgrade their servers so that they can handle the increase in demand for the patch, then they need to get out of the fucking software business altogether.
What the hell is “$4e10”?
[sub]if it isn’t l33t then I’ve just wasted 10 minutes trying to translate gibberish:([/sub]
It’s exponential notation.
It means $40 billion.
4 x 10^10 = 40,000,000,000.
IIRC, they’ve done this before, and will likely continue to do so.
Exactly what I was going to say.
I was making two points here: 1) the virus has to be identified before your AVS will do something about it or 2) if it identifies virus-like behavior, chances are the user will dismiss it because it is, after all, an OS update. I haven’t used any AV programs in a while. but I remember seeing things like “This program is attempting blah. If this is an operating system upgrade, it’s ok. Allow?” I was not arguing that you can’t identify a virus before you run it.
Absolutely, but this doesn’t mean they shouldn’t control what illicit distribution they can. Anybody with enough will can break into my apartment and won’t care a bit about my deadbolt, but I still lock my doors at night.
Of course not. Burn it to a CD - those things have much better bandwidth than any torrent anyway. 
MS is not at all concerned with your little tech support sessions. They know they could never go after people who burn the SP to CD and wouldn’t care to if they could.
I don’t really understand how you can say that my logic disallows that. I’m against someone setting up a mass distribution of a critical security patch that isn’t authorized by the vendor. That follows, I believe, the spirit of that clause in their license, if not the letter.
I should have phrased that differently. It’s not sufficient for MS to be the authoritative source, but they must also be the only source. If MS allows unchecked mirroring, chances are that most people will never bother to check with the authoritative source.
Good luck in the past is no excuse for poor practices in the present.
If all you know is that SP2 is a 266 MB executable file that looks pretty official, I could make my own SP2 for you in an hour. If you want a reasonable assurance that the file is what you really want, you should check with a cryptographic hash. We’ve already established that most users are unlikely to do this.
You may not trust MS’s products, but you should be able to trust that the service pack you get is what MS intended and not what someone cooked up in their parents’ basement.
If you’re using Firefox, this one works: SpellBound - Spellchecker for Firefox and the Mozilla Suite
FYI, automatic update already pushed SP2 to my machine and I just installed it this morning. Took about 10 minutes.
Security is every users problem.
SP2 comes with everything locked down by default. Microsoft products used to be shipped in a kindler, gentler past before the big hacker attacks because it made things easier to use.
A lot of people in this thread are screaming about security being Microsoft’s problem. In an effort to control security, Microsoft is controlling the downloads. Only way they can control is to have one official download site.
Just think how much people would be screaming if they download some awful virus from a P2P site? They would be screaming that Microsoft security sucked. They do that now by not turning on the firewall, having a virus checker, etc etc.
The newer ones don’t bother saying things like “this looks like a virus,” they’re generally pretty good at IDing viruses these days. AVG is better than ones I’ve paid for.
And if M$ was going to be losing money from people distributing the patch via BitTorrent, you might have a case.
Guess you haven’t seen the specs for what Longhorn’s supposed to be able to do then? Even legitimate file sharing is going to be difficult, if not well-niegh impossible under Longhorn. On the plus side, it’s supposed put an end to virus worries. Of course, SP1 was supposed to fix all the security holes in XP and we know how well that turned out.
Great, so it follows the spirit and the letter of the clause of the license, but is any real harm being done to M$? No. Certainly there’s the potential to harm M$, but you can’t go after someone because there’s the chance of potential harm to someone. After all, every time you get behind the wheel of a car, there’s the potential that you could get into an accident and kill someone. Should you be prevented from driving because of that? If you’re going to stop someone from freely distributing a security patch, that the original vendor is also freely distributing because there’s the potential that this could cause the vendor to incur additional costs, then what’s to stop you from going after folks who screw up someone else’s computer when they’re trying to fix it? After all, their botched efforts have the potential of costing the company money.
Caveat emptor, wouldn’t you say?
And past performance is no guarantee of future returns, as it says on the bottom of all the brokerage house ads. Still doesn’t keep people from investing in the stockmarket.
And I serously doubt that the vast majority of XP users are going to bother downloading the SP2 patch from a BitTorrent source. I’d wager that most of them don’t even know what one is. But I’d be willing to bet that the majority of folks who do know what a BitTorrent source is, know how to handle things if their computer gets totally fubared.
I should also be able to trust that if M$ is going to leave me with gaping security holes that they’re going to bust ass to get the necessary patches to me ASAP.
Agreed.
What kinder, gentler past do you speak of? Back when the internet was DARPAnet? Because there’s been computer viruses floating around for well over a decade now.
Then why not use Mockingbird’s suggestion? It’s secure, and gets the patch out faster.
Where you been? I can recall reading articles over ten years ago bitching about how DOS was written in a “virus friendly matter.” I can accept the various incarnations of Windows having glitches and problems, because every new product is going to have some kinks that need to be worked out of it, but anti-virus protection and many of the security issues are problems that have been known about for years now, and it’s only with SP2 that M$ seems to have gotten serious about fixing the problem.
Read this http://en.wikipedia.org/wiki/Antivirus. Please tell me where I’m wrong. If the virus is not identified, AVG won’t pick it up. Or it will warn you of virus-like behavior, much of which is totally aceptable in OS upgrades.
This is not about money.
MS has a bad security record. They’re releasing a very critical set of patches which address security concerns. It is imperative for them to insure that the distribution channel is as secure as possible. As you acknowledge here:
It’s actually totally irrelevant whether there’s any potential harm to be done to MS. They get to control the distribution of their IP, that’s the nature of copyright. If they believe that allowing others to distribute the patch, even if they themselves give it away for free, will harm them, they have every legal right to restrict its distribution.
The rest of this argument is a total straw man. This has nothing to do with driving (where, actually, you can restrict someone’s rights if they present a legitimate danger to others) or the possibility of breaking someone’s computer while fixing it (which is also actually covered in the case of, say, those warranty stickers on towers that cannot be broken, for exactly that reason).
Please stop bringing up things that have nothing to do with the argument. If you don’t like MS’s products, stop buying them. Quit whining that you grew up on them and can’t be arsed to learn anything else. It’s like you keep saying: if the customer has a problem, it’s their job to fix it.
Sure. I should be able to sell arsenic and orange juice side by side, but call them both orange juice. Caveat emptor, after all.
I’ve never been in a serious car accident. Should I stop wearing my seat belt and disable the air bags?
I’d say we’ve proven, by example, that this is not the case.
Absolutely.
Yeah, AVG is pretty damn good. It’ll tell you exactly what file is infected and what it is infected with, as in the actual name of the virus. They also publish very frequent updates to catch new viruses. It doesn’t ever say ‘this looks like a virus’.
If I were going to attempt to get the SP from BitTorrent, I’d be damn sure to check the hash, and I’d do a backup before installation in case it was FUBAR. And the average computer user, you’re right, doesn’t know BitTorrent from his or her ass.
Never, ever have I seen AVG warn of ‘virus-like’ behavior. I have seen it warn immediately that a downloaded file contained a virus.
Nor is it likely that a new virus would be written expressly for SP2 since 10 Aug.
I think the likelihood that the file linked from Downhill Battle is malicious is very low, given the site’s apparent motivations. I have no guarantee of this, however, and have no prior knowledge of the group so have no reputation by which to judge them. The checksum posted on their front page is completely pointless, since it proves only that they have generated a checksum of the file they’re distributing. Bittorrent is still development software, and hardly immune to security flaws itself. There are no guarantees if you download this file, and that’s all that should matter.
If a security professional even considered downloading the service pack from this source, they’d be nuts. Sure, they’d probably get away with it, but what on earth is the point of security if you arbitrarily decide to trust people you don’t know from Adam? And for that matter, MS haven’t restricted access to the full download from their own site, merely pointed out that it’s not intended for use on single computers. As for those suggesting that virus checkers are perfectly adequate to protect the world from malicious software, one can only wonder why they’re downloading a security update at all; after all, they’re perfectly safe, right?
It’s entirely possible that one could be written beforehand, and added as a payload once SP2 was released. If you’re that confident that the world’s virus crews would never consider attacking the biggest security update in Windows history, I have to question your claims to computer savviness. What do you think these guys live for? Virus signatures only work on previously identified viruses, and heuristic detection algorithms are far from perfect. Is “not likely” really something you want to hang your hat on?
At the root of it, if a flawed version of SP2 gets out, Microsoft will take the blame. It’s entirely reasonable for them to prevent unauthorised redistribution of their own software, on which their reputation rests. Once they let one P2P site distribute it, they would presumably be on legally shaky ground in preventing other more dubious sites doing the same. Someone has already linked to a place where you can download the service pack direct from MS, so what’s the problem?
SP2 beta has been out for quite some time. I had it for at least a month, and the friend who gave me the link to get it had it at least a few weeks before that. Just so everyone knows it’s been available (in beta) for a while. I’ve seen the beta on usenet, as well, posted by a few of the major cracking groups. So Aug. 10 isn’t the first time everyone in the world got to see it.