James O'Neill's Blog

September 14, 2007

"Perfidious Microsoft"

Filed under: General musings,Windows 2003 Server,Windows Vista,Windows XP — jamesone111 @ 10:34 am

I don’t know whether to be angry or frustrated, and whether the target should be journalists who make mountains out of molehills, or the people in Redmond who give them the molehill to start with.

Here’s the story. The Windows update software changes sometimes. If Windows update keeps itself in a working state if is in use; that is to say outside well run IT shops which use WSUS, SMS or some other in house way of pushing out updates, and outside those people who turn the service off altogether.  Windows update logs changes to itself in the event log. However if the user has selected “Check for updates but let me choose whether to download or install them” updates to the update service don’t check with the user first.

One or two readers will go scouring everything I’ve ever said to find a contradiction for what I’m about to say. I don’t think people should automatically trust Microsoft. I don’t think they should automatically distrust us either. We need to earn trust, and sensible people will keep re-evaluating “In this case should I or shouldn’t I”. There are plenty of people out in the world who think no-one should ever trust us, a great many of them post on line to discussions and blogs, some write for magazines. Giving these people ammunition is stupid. And any manager in Redmond who does should be made to write out “I should never do anything which undermines public trust in my employer” 10,000 times. Preferably while sitting in a set of stocks (I’d locate these under the campus flag poles outside Building 10)

To me, the whole premise of this argument is stupid. First off when I went to grab the screen shot I’ve modified here it says at the bottomWU
  “Note: Windows Update might require an update before you can update Windows”
Granted I had to read that twice, as obviously WU can’t update the OS if there are no updates, the word “Itself” should be in there. But I’ve been imagining a conversation with some of the people who are making this fuss, (who seem to want to the WU dialog to appear like this version)

Me: You selected a radio button which said check for updates, so do you want it to stop checking if we change something at the server ?
Them: No… but… WU shouldn’t change a single byte on my computer without my permission !
Me: Not one ?
Them: Not one.
Me: So how does it maintain a list of available updates to offer you ?
Them: Err… Well that doesn’t count, it shouldn’t change Executables
Me: So you told it to just get the list of updates
Them: … yes
Me: and to take the steps that are needed to get the list ?
Them: … obviously, yes.  
Even if that means updating the software that gets the list …

Scott Dunn, got some key facts wrong when he started the story. He opens with
 Microsoft has begun patching files on Windows XP and Vista without users’ knowledge, even when the users have turned off auto-updates.

  • “Has begun patching” ? Sounds like the latest shady activity by Redmond ? Windows update has always done it.
  • “Even when the users have turned off auto-updates” Sounds like your PC “phones home” even when you select the ‘Never check for updates”  box. He means “even if you have updates set to manual”

Having a commitment to his story which can’t be inconvenienced by facts (or lack of them) Dunn turns to invention
“Many companies require testing of patches before they are widely installed,” [true] “and businesses in this situation are objecting to the stealth patching.”

Un-named, businesses object.  No. Because companies which test patches before letting be widely installed don’t use Windows update. That would rely on users seeing the “New Updates are available” message and only processing the items IT told them to, when they were told. Not a system you’d rely on is it ? Over on  Microsoft watch at least Joe Wilcox got that aspect right (and did get a quote), but he downgraded it from “Stealth” (Dunns term) “sneaky”, and included screen shots which reveal – shock horror – if you tell the Windows update service to look for updates, then it does start up and it records in the event log that Windows update has updated “Windows Update”. Stealth ? Sneaky ? Records it’s actions in the event log ? Reminds me of this story

Meanwhile over  ZD Net Adrian Kingsley-Hughes was positively screaming “If Microsoft (or other companies) start updating systems without consent, this will lead to all sorts of trouble. On top of that, it paves the way for companies to make silent updates to technologies such as DRM and anti-piracy features.” seems to me to be equivalent to saying “If Microsoft make sure users can find about new updates, that means they could smash up your system if the don’t like you”  

Kingsley-Hughes like Dunn and Wilcox (and Andrew Garcia who checked the facts for him) conveniently ignore the “Windows Update might require an update before you can update Windows” message.

Over on the Windows Update team’s blog Nate Clinton, explains what’s going on. Sorry Nate, despite feeling the reporting has been pretty shabby, if it were left to me you’d be in the stocks for giving them the ammo.  


Technorati tags:

This post originally appeared on my technet blog.

Blog at WordPress.com.

%d bloggers like this: