"Alias" <aka@masked&anonymous.cl> wrote in message
Everything contained within Vista is the OEMs responsibility.
Now this is a very interesting assertion.
As an OEM (system builder), I'm happy to support the systems I sell,
OS included. But I can't see how I can be resposible for code that
did not exist when I built and supplied the PC, that MS subsequently
creates and rams into the system via Automatic Update.
In fact, the assertion that "it's OEM, therefore MS won't help you" is
not 100% correct, because AFAIK MS will indeed assist with certain
types of problems, such as security, malware, update issues, or where
you call them purely to obtain a documented hotfix.
Fact:
1. Bring your computer home and turn it on
2. Never hook it up to the internet
3. Your machine is activated and recognized as genuine
4. Some how get a NVIDIA driver on your machine and install that driver
5. BAM! You are no longer genuine
We need more detail on how Vista's activation system works, to match
what we know about Windows XP's activation triggers.
In the case of XP, a number of supposedly "hardware" items are
monitored for changes, and if "too many" of these change, then you are
declared a Bad Guy and the DoS payload hatches and begins its 24-hour
(XP Gold) or 3-day (XP SP2) countdown.
At least one of these items is not "hardware" at all; the volume
serial number, which changes after a format or conversion to NTFS.
As to the others, many can appear to change if the devices enumerate
differently (e.g. the base bus drivers change) or the firmware
changes. I've seen the latter in two cases; a set of Intel graphics
drivers that also did a graphics BIOS update on the sly, and a
firmware upgrade for an optical disk writer.
I've also seen a couple of XP SP2 systems that just spontaneously lose
component "lives" that are in fact impossible to lose, because they
are part of the motherboard that's never been changed.
The last is very interesting, and I raised it at a large MS event with
both MVPs and MSFT folks involved with such things. To this day, we
don't seem to know what the problem cause or mechanism was.
Just because an app accesses the internet, that does NOT make it spyware. I
have plenty of apps that phone home for updates, that does NOT make them
spyware.
Anything that silently "calls home" is suspect - including your
example of legitimate software that calls home for "updates".
SPYWARE:
Definition: any software that covertly gathers information about a user
while he/she navigates the Internet and transmits the information to an
individual or company that uses it for marketing or other purposes
The trouble is, folks use the word "spyware" to refer to any
commercial malware. Right now, commercial malware is more likely to
ram ads down your throat, re-direct banner ad commissions, or force
their own links into web text you browse, or force its own pages into
your "home" or "search" contexts.
Info collection's a sideline at best.
OTOH, "traditional" malware (i.e. malware that does not pretend to be
legitimate) is more likely to "spy" on you, i.e. log your keystrokes,
steal your passwords, etc. and send them on.
So I prefer to speak of commercial and traditional malware, but even
there, the line is getting blurry, as many commercial-looking malware
are as aggressive as traditional malware, and only appear to have an
identifiable origin that is usually out of jurisdiction or
non-existent. The lines get blurrier still, where malware drops and
automates legit software such as MIRC to avoid detection.
1. There is nothing covert about WGA.
Do you trust its mechanisms to be well-documented?
2. WGA DOES NOT gather web browsing data about the user.
Prolly true.
3. MS does not use WGA for marketing.
Possbly false - seen that "spam me about the advantages of Genuine
Advantage" checkbox yet?
Unless you can disprove "ALL" of those then by definition alone WGA is NOT
spyware. You can NOT change the dictionary to suit your needs.
I wouldn't call it spyware, just as I wouldn't call all manner of
other commercial malware "spyware" either.
Is something that changes your home page and adds fake links to other
site's web papges "spyware"? Nope.
Is a vandor's "repo man" bot that will DoS you if it "thinks" you're
"not genuine" "spyware"? Nope.
Do I want either? Nope.
------------------ ----- ---- --- -- - - - -
The rights you save may be your own