Stealth Updates are just wrong

[The poster formerly known as 'The Poster Formerly]

You're so naive. The EULA states that they can do this whenever they
please.

ss.

But it also says that the user who chooses not to use that 'feature' can
turn it off. But we can't actually turn it off.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Fair use is not merely a nice concept--it is a federal law based on
free speech rights under the First Amendment and is a cornerstone of the
creativity and innovation that is a hallmark of this country. Consumer
rights in the digital age are not frivolous."
- Maura Corbett

 

[Charlie Tame]

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:

But it also says that the user who chooses not to use that 'feature' can
turn it off. But we can't actually turn it off.

MS advertise "Trustworthy Computing". Trust is something based on what
you "Expect" a person or company to do, not what some legal document
gives them a right to do. Legally there's doubt, because nobody has yet
had it "Tried" in a court to determine what the legal "Interpretation"
really is, but breach of trust in terms of something not doing what it
appears to claim to do is where the "Trust" breaks down. Game Set and
Match, MS did something that was not expected.

 

[Dave T.]

MS advertise "Trustworthy Computing". Trust is something based on what
you "Expect" a person or company to do, not what some legal document
gives them a right to do. Legally there's doubt, because nobody has yet
had it "Tried" in a court to determine what the legal "Interpretation"
really is, but breach of trust in terms of something not doing what it
appears to claim to do is where the "Trust" breaks down. Game Set and
Match, MS did something that was not expected.

I have posted this in several ng's now. I can't believe that I'm the
only person in the free world who wasn't violated by this!

This update came to me on August 23rd through normal update channels. WU
informed me that an update was available. I looked at it to see what it
was, created a restore point, and then granted permission to install it!
Nobody else? I guess Uncle Bill must like me better than all the rest of
you!

 

[Robbie]

Unlimited snooping has, unfortunately, become standard procedure.
Microsoft's "call home" functions are probably well-intended, but this
technology can easily be abused.
The best protection, other than not connecting to the Internet, is to
use a firewall that can identify and, if desired, block specific
outgoing traffic. In the past, ZoneAlarm provided an easy way to do this
blocking. ZoneAlarm has changed significantly in the Vista compatible
version and it may no longer provide this capability.
One could obviously not trust Microsoft to provide firewall functions
that block its own software from calling home.

 

[Kerry Brown]

There is no software firewall that runs on a computer that can be trusted to
stop outgoing traffic on that same computer.

 

[Charlie Tame]

I have posted this in several ng's now. I can't believe that I'm the
only person in the free world who wasn't violated by this!

This update came to me on August 23rd through normal update channels. WU
informed me that an update was available. I looked at it to see what it
was, created a restore point, and then granted permission to install it!
Nobody else? I guess Uncle Bill must like me better than all the rest of
you!

IF people had been informed it would not be an issue would it? This is
NOT an update that is delivered through the normal channels, If indeed
you got this update (and we are talking the same update I hope) through
normal channels then why the heck would MS push it out to other people
without simply letting them do the same as you did?

 

[Charlie Wilkes]

You're so naive. The EULA states that they can do this whenever they
please.

ss.

Yes it does, and I don't think they will stop because a few people
complain.

It is largely because of this kind of behavior that I have switched to
Linux after more than a decade as a Windows customer.

Charlie

 

[NT Canuck]

Kerry Brown wrote:

heavy snippage

other updates. That may be true but it is still an update
that I didn't get to choose if I wanted it or not.

Apparently there was an alternative method that
allowed individual selection but MS (recently)
had it shut down. Interesting timing and remarks.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9033614

quote per article
"It's Microsoft policy that the distribution of
supplemental code such as hotfixes, security updates,
and service packs is discouraged," a company spokeswoman
said via e-mail. "This policy is in place due to concern
for the safety and security of our customers, as we can
only guarantee the download's contents when it comes from
a Microsoft Web site."
/quote

The part about guarantee of downloaded content struck
a chord then only a few weeks later...

NT Canuck
'Seek and ye shall find'

 

[Frank]

After reading the many posts in this newsgroup, blogs from Microsoft,
blogs from Microsoft critics and fans, magazine articles, I have come to
the conclusion that Microsoft has overstepped the boundary of trust
here. I know they legally have the right to update files with out notice
because of the EULA. This does not excuse what they have done. They have
an option to "Never check for updates". To me this includes updates for
Windows Update. If it doesn't this should be stated clearly on that
screen. The only thing that will make this clear to them is a public
outcry. Please add your comments here for or against. It may not do any
good but it will help to keep the issue in the public eye. Please don't
turn this into an anti-Microsoft thread. Keep comments about the issue
at hand and why you think it is right or wrong. Flaming Microsoft will
get the issue ignored. Reasoned debate and comments are needed.

I presume most have read this article, but for those who missed it and
are still interested:

http://www.betanews.com/article/Experts_Astonished_to_Learn_Windows_Update_Updates_Itself/1189782200

Frank

 

[Saucy]

I presume most have read this article, but for those who missed it and are
still interested:

http://www.betanews.com/article/Experts_Astonished_to_Learn_Windows_Update_Updates_Itself/1189782200

Frank

I read the article. The issue is easily resolved in that one can turn off
the Windows Update service through the Services node of Computer Management.
Also the accusation of 'stealth' is apparently countered in that the
self-updating of Windows Update gets logged (and if it is logged then it is
not 'stealth').

But it is a bit odd, though, eh? In the past, I've encouraged "Microsoft" to
be as upfront as possible.

Saucy

 

[Kerry Brown]

I read the article. The issue is easily resolved in that one can turn off
the Windows Update service through the Services node of Computer
Management. Also the accusation of 'stealth' is apparently countered in
that the self-updating of Windows Update gets logged (and if it is logged
then it is not 'stealth').

But it is a bit odd, though, eh? In the past, I've encouraged "Microsoft"
to be as upfront as possible.

Saucy

You have to turn off the Background Intelligent Transfer Service as well.

 

[Stephan Rose]

You have to turn off the Background Intelligent Transfer Service as
well.

But, though I might be wrong on this, isn't there other software out
there that also relies on the background intelligent transfer service? I
think that I recall WINE recently having implemented that to allow
certain programs to work.

So if that is the case, then wouldn't turning that off cause problems
with other software that needs it? Provided of course that one has such
software.

And in such a case, that would leave one without any ability to turn
these types of updates off.

--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

[The poster formerly known as 'The Poster Formerly]

You have to turn off the Background Intelligent Transfer Service as well.

Is there a knowledge base article on these 'stealth' updates? I've been
looking, but can't find one.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Fair use is not merely a nice concept--it is a federal law based on
free speech rights under the First Amendment and is a cornerstone of the
creativity and innovation that is a hallmark of this country. Consumer
rights in the digital age are not frivolous."
- Maura Corbett

 

[Frank]

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:

Is there a knowledge base article on these 'stealth' updates? I've been
looking, but can't find one.

Try these:

http://technet2.microsoft.com/windo...1a97-45c0-833e-084cd463d0371033.mspx?mfr=true

http://technet2.microsoft.com/windo...4eac-4cc3-86fc-a54e67de9c121033.mspx?mfr=true

http://www.microsoft.com/downloads/...d1-e1cd-4f38-ad1e-d993e05657c9&DisplayLang=en

Frank

 

[norm]

You have to turn off the Background Intelligent Transfer Service as well.

In addition, the following, which looks to be the "meat" of the article,
in no way, I would hazard to guess, describes the vast majority of
windows users.

As it turns out, Dunn may have been looking in the wrong place. A brief
check of the table of contents on Microsoft's TechNet reveals a page
entitled, "Automatic Updates Must Be Updated." Though there is no
explicit sentence here that says, "By the way, the IIS-marshaled update
channel still functions even when the option in this dialog box is set
to 'Turn off Automatic Updates,"' a fairly knowledgeable person reading
this page should be able to deduce that this self-update channel is
separate and operative.
But should it be? Shouldn't there be a way for the user to say, "I don't
want updates, and I mean I don't want updates!" As it turns out, there
is. Using the Services panel in Computer Management, a user can very
easily switch the active state of Automatic Updates from "Automatic" to
"Stopped." A moderately skilled administrator - or certainly any
administrator who legitimately received his or her certification -
should also be able to disengage WSUS by stopping its service host from
the command line.

To me, the troubling aspect of the above is that of the named categories
of users, "fairly knowledgeable" would seem to be hard to quantify, and
open to widely varying skill levels. Fewer still will fall into the
category of "a moderately skilled administrator" and certainly there
will be yet even fewer that will fall into the category of "any
administrator who legitimately received his or her certification". It is
all well and good that such info exists and can be found, but it has
very little relevancy to the world of the average user, or even the
fairly knowledgeable user who may or may not even read what is directly
in front of him, let alone be aware that such technet articles exist.

 

[The poster formerly known as 'The Poster Formerly]

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:


Try these:

http://technet2.microsoft.com/windo...1a97-45c0-833e-084cd463d0371033.mspx?mfr=true


http://technet2.microsoft.com/windo...4eac-4cc3-86fc-a54e67de9c121033.mspx?mfr=true


http://www.microsoft.com/downloads/...d1-e1cd-4f38-ad1e-d993e05657c9&DisplayLang=en


Frank

Thanks! I don't care what anyone says about you, I think you are handy
to have around from time to time!

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Fair use is not merely a nice concept--it is a federal law based on
free speech rights under the First Amendment and is a cornerstone of the
creativity and innovation that is a hallmark of this country. Consumer
rights in the digital age are not frivolous."
- Maura Corbett

 

[The poster formerly known as 'The Poster Formerly]

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:

Thanks! I don't care what anyone says about you, I think you are handy
to have around from time to time!

Actually Frank, I spoke too soon, that was not quite what I was looking
for. Neither my home nor my work computers have any WUS or WSUS stuff
on them, but some of them are updated. I'm looking for info/KB article
specifically on the stealth update.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Fair use is not merely a nice concept--it is a federal law based on
free speech rights under the First Amendment and is a cornerstone of the
creativity and innovation that is a hallmark of this country. Consumer
rights in the digital age are not frivolous."
- Maura Corbett

 

[Kerry Brown]

But, though I might be wrong on this, isn't there other software out
there that also relies on the background intelligent transfer service? I
think that I recall WINE recently having implemented that to allow
certain programs to work.

So if that is the case, then wouldn't turning that off cause problems
with other software that needs it? Provided of course that one has such
software.

And in such a case, that would leave one without any ability to turn
these types of updates off.

It may not be necessary to turn off BITS. I decided to after a very quick
scan of the documentation I could find on Windows Updates. I don't know if
BITS can be used to push out unsolicited updates or not but it is very
closely linked with Windows Updates. And yes, turning it off could affect
other programs.

I hadn't really thought much about the update process before this as I
thought I could control it manually. After some admittedly brief reading
about Windows Updates and BITS I decided to turn BITS off more as a security
precaution more than anything else. It seems to me it could easily be
exploited as an outbound path by malware bypassing any firewalls, scanners,
etc. BITS has to be allowed for Windows Updates so rules for it already
exist. Once malware was on your computer it could use BITS to download
whatever it wanted. This is all conjecture on my part. I don't know enough
about BITS to know if this is possible. So far I haven't seen any negative
side effects from turning it off other than breaking Windows Updates.

 

[The poster formerly known as 'The Poster Formerly]

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:

The poster formerly known as 'The Poster Formerly Known as Nina DiBoy'
wrote:

Actually Frank, I spoke too soon, that was not quite what I was looking
for. Neither my home nor my work computers have any WUS or WSUS stuff
on them, but some of them are updated. I'm looking for info/KB article
specifically on the stealth update.

http://support.microsoft.com/kb/932494
Is this the article that applies to the stealth updates? Anyone know?

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Fair use is not merely a nice concept--it is a federal law based on
free speech rights under the First Amendment and is a cornerstone of the
creativity and innovation that is a hallmark of this country. Consumer
rights in the digital age are not frivolous."
- Maura Corbett

 

[Synapse Syndrome]

But it is a bit odd, though, eh? In the past, I've encouraged "Microsoft"
to be as upfront as possible.

And they didn't listen? Damn!

ss.