Microsoft Users Upset with 'security updates'

eWeek Magazine ^ | Dec 23, 2002 | Dennis Fisher

[chilepepper]

A growing number of Microsoft Corp. customers are angry and frustrated with what they say are the company's thinly veiled attempts to use its well-publicized security initiative to get them to upgrade or buy new software.

Users contacted by eWeek last week reported various technical problems with Microsoft's automated services that let customers download and install patches for applications such as Internet Explorer 5.5 or Windows NT 4.0. They also said that when they contacted Microsoft support personnel, they were told that the software they were running was outdated. The solution: Upgrade to a more recent, more secure version.

One user with extensive security training, who asked not to be named, said she recently installed Windows 2000 Service Pack 3, which includes security fixes. The installation destroyed her network connection, forcing her to uninstall the service pack and leaving that machine exposed to the vulnerabilities the update should have fixed.

Others say that the combination of problems with Windows Update and other such services, along with Microsoft's decision to release some of its patches solely through these automated tools, have led them to dispense with installing some fixes altogether.

[HadEnough]

"The nonsense about "licensed for use" and "customer installation disclaimers" must give way to major corporations pooling their legal resources to SUCK the profits away from Gates and crew.

Your true agenda. Thanks for playing."

You misunderstood my point. Microsoft (and MANY other software companies) produce very defective products. They inflict these defective products on customers without regard to any liability as they HIDE behind a couple of legal song-n-dance routines. I am advocating litigation by my company and other LARGE users of defective Microsoft products to recover their EXTENSIVE financial
losses due to the inherent security defects in Microsoft SQL7/MSDE database products. What is wrong with that??

Since Microsoft has been producing these defective products
for years and received BILLIONS of dollars from these same customers, I think it is only FAIR that they share in the financial responsibilities for their negligence!

[HadEnough]

"Since when does a software malfunction from Microsoft put your life in jeopardy like a seatbelt flaw in a Ford might? "

I am very conservative patriot, not a marxist, and I and will answer your question.

Have you gotten an X-ray lately, what about an ultrasound
exam? Any chance you might have been treated for cancer with a radiation oncology system....guess what? ALL of these safety-critical systems run on top of Microsoft operating systems using the SQL-7 database. I know, I helped write the application software for these medical devices.

If you ONLY KNEW how much of your safety and well
being is jeopardized by Microsoft's lousy software, you
would RUN away from any computerized system you get attached to.

[Quix]

Nice dream.

As much as I hate suits at court, MS is LOONNNNGGG OVERDUE some limits to it's hideous treatment of consumers.

[Quix]

What a fine example of

MICROSOFT'S

REPUTATION FOR

RUTHLESSNESS, BAD ATTITUDE AND ARROGANCE.

You model their values so well. Are you on their payroll?

Or just one of their complicit serfs?

[TomServo]

would RUN away from any computerized system you get attached to.

Then I would humbly suggest that you quit your job immediately. You're subject to litigation.

[HadEnough]

This is not a dream anymore, I predict it will happen and happen quickly.

I work for one of the largest consumer electronics, semi-conductor and medical device manufacturers on the planet. At our international software conference this year, our company CEO was breathing FIRE about being blackmailed by "dat company in Redmond."

Bill Gates Jr is an arrogant, liberal, ruthless corporate dictator who has billions of personal dollars, but will not withstand the legal attacks of world-wide conglomerates.

[Hootch]

Give me a break. They all do the same thing. Apple bitched because MS had a built in audio player and browser and ISP and etc, etc,... Now what does Mac have? It has Ipod and Itools and Imovie and IDVD and it's own browser, etc,etc,etc,... People like to bash MS becuase they are the biggest player but all the other players try to be like them.

I like Macs and PC's, they both have there own benefits and drawbacks. I know a lot less about Unix OS's but enought to know that it is a very cool OS and could be quite promising if things go well for it. Personally I would be emparrased if I was a "security expert" and had a problem installing a patch from MS. Yes, we have all had problems from time to time but things are still pretty equal. I installed an update on a Macintosh(onto OSX no less) and after I did, my email quit responding to the outgoing mail server. When I looked on Apples website, they actually referred to the solution as an "enhancement" rather than a bug fix. Hmmm, sounds like Apple has learned a few lessons from MS...

[HadEnough]

I have also produced lots of software that runs on VxWorks UNIX and proprietary RTOS that has resulted in thousands of lives saved and preserved. No thanks, I will keep my job.

Besides, after we recover our losses from Microsoft, we will sink them back into many more highly beneficial products!!

[Hootch]

Damnit Dog!! I wanted the 2003 Ford f150 CrewCab. Are you sure they won't update my truck to the new version for free?

[Quix]

GATES IS BEHIND GOD'S 8 BALL ON 2 COUNTS.

"TO WHOM MUCH IS GIVEN, MUCH IS REQUIRED."

AND

"ARROGANCE GOES BEFORE A FALL."

He's earned both hazards very well.

I'd rather see him humble himself and make many things right. It doesn't apepar to be remotely in the cards.

[TomServo]

thousands of lives saved and preserved

That's super. But what about the one who doesn't, because of your app running on an MS backend? Don't get me wrong. I have no reason to think you're anything but a fine developer. But if a patient sues, do you think they're just gonna sue MS because you said it was their (MS') fault?

[HadEnough]

You are absolutely right about getting sued..it is a fact of life in the medical device industry. Indeed, I can be
culpable and I am more than willing to live with that.

However..we have been developing these safety critical systems for many years, without any MS products under the hood, and never been successfully sued! Two years ago
our parent company got into a deal with MS and engineering
was TOLD to use microsoft operating systems. We objected strenuously, but to no avail. You can
bet your last line of C++ code that the mitigations under
our control will function as designed. The Microsoft OS , embedded browsers, and various DLLs have lots of memory leaks, security holes and lousy performance and WE can
prove it. So, if I do go to court I will be armed with the details of where the true culpability lies.

[thisiskubrick]

You model their values so well. Are you on their payroll? Or just one of their complicit serfs?

Nope, I'm not on their payroll. I am someone that thinks for myself and I'm just sick of this double standard of how they get treated. I never went along with all this silicon valley moaning about MS. I don't care if they are "ruthless", have a "bad attitude" and are "arrogant". You may as well be describing John Macenroe, Francis Ford Coppala, Gary Kasparov, etc. Take a moment to think of all the successful companies and people that were described as "arrogant" by their rivals. It just shows that you can't win in the marketplace, so you are reduced to claiming that they are "arrogant".

Well so what? If you run a company and worry about appearing "nice" then the only person that's going to buy your products is your mom.

Take a look around, that's how many competitors behave. Many of MS's rivals show ridiculously bad attitudes, such as Sun, Oracle, etc. Why they even caught Oracle hiring thugs to dig through the trash bins at an MS subsidiary.

I don't give a f*** about all these whining mediocre companies in the valley, their all a bunch of whining p***ants. Also, I am laughing my butt off watching Linux devour Sun Microsystems.

[TomServo]

Fair enough. Continued success to you....

[thisiskubrick]

However..we have been developing these safety critical systems for many years, without any MS products under the hood, and never been successfully sued! Two years ago our parent company got into a deal with MS and engineering was TOLD to use microsoft operating systems. We objected strenuously, but to no avail. You can bet your last line of C++ code that the mitigations under our control will function as designed. The Microsoft OS , embedded browsers, and various DLLs have lots of memory leaks, security holes and lousy performance..

Can you ship with Cygwin? Cygwin is 100% non-MS but still runs on their OS..

[Quix]

Ok, I think I understand your perspective better and have more respect for where you seem to be coming from.

IN Taipei, *ALL* as in *******ALL******* the professional computer people I interacted with; met at church; counseled at the counseling center; taught as students--

--IF--

they had *ANY* CONTACT with Microsoft officialdom at all, they characterized them as:

RUTHLESS--as in merciless, EXTREMELY OVER THE LINE demanding--DEMANDING ALL THE BENEFITS for little cost or responsibility on MicroSoft's part;

--as in using all manner of thuggery sorts of intimidations to get Microsoft's way. etc. etc. etc.

--as in squeezing every other player on the scene relentlessly so hard, so ruthlessly as to squeeze them and all their employees out of existence whenever possible.

Despotic seemed to be a mild description of MicroSoft's SOP the way most of them told it.

They spoke of MicroSoft and the devil in very similar terms and tones. And it was intensely visceral. It came from relentless, repeated experiences with Microsoft over years. The stories didn't get better. They tended to get worse over the years.

I was taken aback.

I never had ANYONE there stand up or speak up for Microsoft in a positive way. They *ALL* hated the company.

Not because it was successful.

Not even because of Gate's arrogance though that was not a fun thing to the Chinese by any means--but because of the destructively ruthless, selfish--all his benefits at all your costs way of doing business.

And if he couldn't get you this time around, he'd redouble his resources, efforts and covering all the bases to get you every direction the next way around. There was never any real coming out even, much less winning with him.

Can you understand my perspective?

I hated seeing wonderful people bloodied so repeatedly for doing honorable jobs, reasonable jobs.

[Quix]

THERE WAS NEVER ANY

****HINT****

OF THE ****POSSIBILITY****

OF A remotely level playing field

with Microsoft.

The deck was ALWAYS STACKED TO THE MAXMIMUM EXTREME POSSIBLE in MicroSoft's favor.

And the only options left to any of the other players was to only make their situation worse vis a vis MicroSoft.

God is not amused by such strategies, tactics and SOP's.

Gates may THINK he's God but he is not.

And he WILL reap what he has sown regardless of your praise and adulation.

His contempt for his customers will also not go unmet with justice and harvesting what he has sown.

I once met a mid-level manager of his shop. She was insensed that I thought of him as lower than God. She felt he took wonderful care of the staff she knew.

I'm glad he takes care of someone.

He sure trashes the people who give him so much money. He wastes their time, energy and other resources and probably contributes to some family violence from the frustrations with his products.

I don't think such things are defensible regardless of your affections for the man.

[Richard Kimball]

I'd like to know if Apple still supplies security upgrades for OS 8.0, or whether they are encouraging people to upgrade to X.

The answers are yes and yes. Although the last update to OS8 was completed in 1999, no new security issues have been encountered. The entire OS8 package is available for download from the Apple support site in 15 different languages. You can easily find support and downloads back to version 7 at the Apple site.

New software is not being developed for OS8, of course, and Apple is encouraging people to move to OSX. However, I think it's important to note that OSX is a complete new operating system. Apple also includes 9 bundled with X, specifically to allow users to upgrade while maintaining their legacy software.

Apple isn't perfect, but I left MS because they sucker punch too often. While I have no problem with MS playing hardball with other companies (it's part of business), I do have an issue with the fact that they use their position as dominant OS system vendor to deliberately sabatoge other products. There are numerous examples of this. MS is notorious for releasing specifications on Windows, then not adhering to their own specs. They've shipwrecked many companies doing this. I have no problem with MS creating a better product, undercutting on prices, or bundling previous standalone products as part of the OS. Deliberately changing Windows specifications to make competing software packages crash, licensing Java and then modifying the development tools in their Java development package so compiled Java products will crash on competing OS systems, then pulling Java from Windows when they are forced to follow their original license agreement, etc, goes over the line. They've done the same thing in the browser wars. Because MS is the 900 pound gorilla, they pretty much dictate conventions for HTML, XML, etc. to the WWW consortium. IE, however, does not adhere to those specs. Web developers, of course, develop for IE first, so if a page doesn't render properly in IE, they change it until it does. Other browser manufacturers then, who adhere to specs Microsoft insisted upon, find their browsers don't properly render many pages because MS changed the rules after making them.

My favorite MS dirty trick was "smart tags" which was announced, then pulled from Internet Explorer a couple of years ago. "Smart tags" intercepted html pages, looked for keywords on those pages, and turned them into HTML links to sales sites for "Microsoft partners." I thought this was brilliantly dirty, and classic Microsoft. If I set up a popular digital camera review site, and Kodak payed a licensing fee to Microsoft for the term "digital camera", every place the words "digital camera" appeared on my web site, it would turn into a hyperlink to the Kodak web site. The "feature" was pulled due to some serious legal threats, but if it had been implemented, it would have allowed MS to effectively hijack all internet advertising. Why would anyone pay a single web site operator any money to advertise on his site, when they could pay money to Microsoft, and turn thousands of sites into one big advertisement for the company. Microsoft planned to use the content of millions of independent web sites and suck up the revenue, with no compensation to the sites. If you want to know how big Microsoft really plans to get, think about the smart tags ploy. After MS controlled the advertising, running independent web sites out of business would have been fairly easy. Heck, even the Nikon web site would become an advertisement for Kodak. Microsft would have then been able to hold "auctions" for popular keywords. Functionally, the entire WWW would have then become an MS subsidiary.

If Windows were to really develop a new product from the ground up, I don't think many people would complain about the purchase price.

[montag813]

One user with extensive security training, who asked not to be named, said she recently installed Windows 2000 Service Pack 3, which includes security fixes. The installation destroyed her network connection, forcing her to uninstall the service pack and leaving that machine exposed to the vulnerabilities the update should have fixed.

This sounds like B.S. to me. SP3 is very stable. Just because some dingbat broad can't manage the retard-proof "Network Connections" properties doesn't mean the whole patch is no good. What about her IS Tech? If she doesn't have one perhaps she should do some more reading or shut up.