Microsoft are once again in the midst of a scandal involving their self-awarded right to access their customers' PCs without permission.
El Reg reports that "Windows Update pushed patches on machines – even though the automatic update feature had been disabled." The updates in question were supposedly updates to Windows Update itself, which Microsoft considers to be a higher-level operation than the more routine updates which users can block in the software's settings.
The issue has touched off concern among some that allowing Microsoft or any other company to install files without their prior knowledge and consent sets a dangerous precedent.
Various comments on the El Reg predictably whinge on about rights and user control.
One explains that it's a misdemeanour in most States to access and modify a computer without express permission from the owner. At least for now, this legal fact overrides the contradictory proclamation in Windows's EULA article in which Microsoft attempt reserve the right to do just that.
Kent Rebman points out that "MS is too stupid to correctly apply principles of backward compatibility in their development and maintenance processes so, so sorry, they'll have to muck around in the innards of your machine without your knowledge."
Another comment in particular is interesting as it sums up quite nicely the variety of abuses which Microsoft has engaged in over the years:
I do not see why people are acting all surprised by this latest violation of personal privacy rights by Microsoft. Just off the top of my head, historically they have:
1) Shipped software to end users that is so poorly designed that over 10 years of constant patching is still unable to render it *secure* (cases in point, Windows 95, 98, 2000, Windows XP, MS Office, Internet Explorer…).
2) Instead of actually fixing the problems, they turned the insecurity of their software products into another *cash-cow* revenue stream with their $50USD/year *Windows OneCare* subscription service (the customers of which, being the cow)…
3) Knowingly hid their *Windows Genuine Advantage* datamining spyware in windows updates, which collected and sent your HD serial number, MAC address, BIOS checksum, computer make and model, MS product keys, locale, your language, and more back to Microsoft's servers without your permission. Then it passed automated judgment on all users (resulting in a 20% *false positive* rate, i.e., 20% of MS users who had legitimately purchased their products were treated as criminals via this fully-automated, rights-removing trial). The nice WGA tool then inserted a time-bomb, causing nag screens to pop up and disabling open access to all updates (which are constantly and urgently needed as discussed in the first 2 points). Many of those contacting MS by phone concerning validation problems were similarly treated as criminals, and many paid even more money using their credit cards to *re-validate* their legitimately purchased software, instead of continuing to be subjected to harassment.
4) Delayed distribution of many patches for glaring security holes which had been identified and published by security researchers, and which were known to be causing harm to their customers via viruses etc. designed to take advantages of said security holes. Instead, they rushed out patches to shore up comparatively harmless breaches of their "windows media format" DRM to satisfy their moneyed friends in the recording industry (proving that, at Micro$oft, it's *all about money*).
The easiest (and only) way to protect yourself is to JUST STOP USING MICROSOFT PRODUCTS. PERIOD. Dell is doing it, HP, Lenovo are selling great Linux-powered PC's fully loaded with secure open-source software like OpenOffice, etc. Lots of people are starting by giving MS Office the boot off of their windows PC's and installing OpenOffice instead.
Reading this gave me a notion.
Continuing my long-term migration from Microsoft products to open-source alternatives (which began with the installation of Mozilla Firefox and Thunderbird two years ago) I am downloading OpenOffice today and giving it a go. I don't actually tend to write very many documents but I suppose it's the principle.
And this way, when I next irritatingly get sent a poster or some other "important information" from my own School of Computer Science in Microsoft's DOC format, I can write back requesting re-send in a non-proprietary format such as PDF without just being facetious. Now I'll have an actual reason.
I'm not cool enough to migrate entirely to a Unix-based system â€” not yet, anyway â€” but for now I'm continuing in the right direction.
And when I do get to that point of hard-lined geekdom, I shall be looking for a way to continue Remote Desktop -ing from the Windows machines at Uni to Linux at home, without installing any third party software such as VNC on those lab PCs. Bring on xrdp.
I keep the Automatic Updates service disabled and don't run a virus checker. It's all about not going to dodgy crack sites, following links in suspicious emails or installing miscellaneous toolbars for Internet Explorer… or, in fact, using Internet Explorer at all.
If you hadn't figured it out by now, the title of this post is satire.