Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Microsoft Windows News

Microsoft Links Malware Rates To Pirated Windows 348

CWmike writes "Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches. 'There is a direct correlation between piracy and the malware infection rate,' said Jeff Williams, head manager of the Microsoft Malware Protection Center. Highlighting research that showed worms to be the most prevalent computer security problem today, Williams said the link between PC infection rates and piracy is due to the hesitancy of users of pirated software to use Windows Update. China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate — as defined by the number of computers cleaned for each 1,000 executions of the MSRT — of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."
This discussion has been archived. No new comments can be posted.

Microsoft Links Malware Rates To Pirated Windows

Comments Filter:
  • So.... (Score:5, Insightful)

    by Anonymous Coward on Monday November 02, 2009 @06:48PM (#29956902)

    So malware is Microsoft's fault for not patching pirated machines? Or did I miss something...

    • Re: (Score:3, Funny)

      by Cartan ( 452962 )

      Nah, can't be. They wouldn't call it "genuine advantage" then, would they?

      • YMMV, but as an experiment, I chose the "alternate validation" thing long ago on a legitimate installation of Windows. Copy pasted the code into the window, then pasted the code into an email. Went to a pirated copy of Windows, ran the "alternate validation" thing again, and posted the prior code into the little window. This machine had failed WGA validation at least 2 times, but when I pasted that code into the window, suddenly it was good. The two installations were on similar, but not identical, hard

    • Re:So.... (Score:5, Insightful)

      by dgatwood ( 11270 ) on Monday November 02, 2009 @07:06PM (#29957068) Homepage Journal

      So malware is Microsoft's fault for not patching pirated machines? Or did I miss something...

      Yes and no. It is true that by limiting patches to "legitimate" copies, they are making the odds of malware infection worse, and in doing so, are contributing to the botnet problem that creates truckloads of spam, wasted bandwidth, DOS attacks, and other nightmares that hurt everyone including their legitimate users. So I think they're utter morons for acting the way they do.

      That said, this is not the whole story. A large percentage of malware comes from people installing pirated software. People who pirate Windows are... wait for it... more likely to pirate other software, too. Therefore, you'd expect a strong correlation between malware rate and pirated copies of Windows even if Microsoft did everything they could to keep pirated copies of Windows patched. Their "Genuine Advantage" crap is merely compounding the problem.

      • Re:So.... (Score:5, Informative)

        by pyrbrand ( 939860 ) on Monday November 02, 2009 @10:12PM (#29959276)
        Security patches are not subject to the Genuine Advantage check. People running pirated software are just less likely to run windows update because they are scared that it will somehow invalidate their pirated install. Also, as you note, installing pirated software, including Windows, is a risk in itself as much pirated software has been prepackaged with malware.
      • So...you expect MS to pony up bandwidth to support users that didn't pay for their operating systems?

        IMHO, MS has no obligation to support pirates.

        Yes they should get some flak for writing an insecure OS. But it's the actual pirates themselves that, knowing full well MS isn't going to do jack shit to support them, decide to install an unpatchable OS in the first place.

        • Re:So.... (Score:4, Insightful)

          by Mhtsos ( 586325 ) on Tuesday November 03, 2009 @01:55AM (#29960722)

          Go go gadget car analogy..
          This is like saying a car company isn't liable for faulty brakes in case of an accident where the car is driven by someone who stole the car. The victim of faulty brakes isn't always the driver.

          • Re:So.... (Score:4, Insightful)

            by nutshell42 ( 557890 ) on Tuesday November 03, 2009 @08:52AM (#29962762) Journal
            No it's like a car company providing free brake checks and maintenance to car owners and thieves alike but the thieves don't use it because they're afraid the company's gonna call the cops (which they don't afaik but I never checked) and they don't get it done by anyone else either.

            They also drive with the handbrake engaged all the time (not behind firewall, anti-virus, whatever) so it's shot and use wheels that are known to overheat brakes (lots more pirated stuff).

            Damn that car company does their nefarious schemes know no bounds? Oh the humanity!

            Suffice to say your analogy fails harder than their brakes.

    • Re:So.... (Score:5, Insightful)

      by P0ltergeist333 ( 1473899 ) on Monday November 02, 2009 @07:09PM (#29957120)

      You're not applying the proper spin. They are trying to spin it so the pirates look like the problem, when in reality they are holding everyone's security hostage in hopes of scaring a few users into buying a legit copy of Windows.

      • The actual spin is that "it's not MS's fault" for perpetuating the outdated distribution method of selling/shipping unpatched versions of Windows to end-users and expecting them to patch up to the latest version. Sure, people can do rollups but it's OPTIONAL.

        NO other security-conscious application these days dares to publish anything but the latest security-patched version.

        If every OS image being installed was at least the latest "image" from one quarter ago, we definitely would have less problems as time

        • Re:MS Fuud (Score:4, Informative)

          by techno-vampire ( 666512 ) on Monday November 02, 2009 @09:34PM (#29958958) Homepage
          NO other security-conscious application these days dares to publish anything but the latest security-patched version.

          I, on the other hand, am inclined to think otherwise.

          I don't think that anybody in their right mind would call Fedora Linux lacking in security, but if you were to download the install DVD for Fedora 11, the latest version, what you'd get is exactly what you'd have downloaded on the first day it was available. Then, after installation, you'd have to download all the updates needed to bring your system up to date. How is this different from what Microsoft does?

          • Re: (Score:2, Informative)

            by Anonymous Coward

            You can download Fedora 11 ISOs with all updates to a recent date here: spins.fedoraunity.org

            I can find no similar site for Windows XP, Vista, or any other MS product.

            So yeah, no difference between Fedora and Windows at all. :rolleyes:

            • Yes, but that's from a third party, not Fedora itself. Is there the equivalent for any other distro? I'm not saying there isn't, because I've not researched it.
          • Re: (Score:2, Interesting)

            by Anonymous Coward

            What Microsoft does different from Fedora is to prevent copies of windows that raise the 'piracy' flag from downloading any updates.

            Besides, the interpretation is flawed in more ways, by limiting the 'percentage users having malware on their computer' number to the users that run a specific tool, MSRT, which is normally found through windows update. For what it's worth, all this means is that people in china don't trust, or at least don't run MSRT.

            MSRT: http://www.microsoft.com/security/malwareremove/defaul

        • M$ Spin (Score:3, Interesting)

          It's almost like M$ keeps moving the holes around and re-hiding them, but never fixing them. That would certainly permit the known holes and backdoors to be available for exploit but make it harder for 'unauthorized' (you did read the EULA, right?) entities to use them.

          That is, however, only when M$ can be assed to patch in the first place. Not like they've dropped patches [computerworld.com] for versions they still claim to support.

    • Re: (Score:2, Insightful)

      by MakinBacon ( 1476701 )
      To be totally fair, people who don't pay for their software (pirates) aren't actually customers, and Microsoft has no responsibility towards people who aren't their customers.
      • Re: (Score:3, Insightful)

        by ozmanjusri ( 601766 )
        people who don't pay for their software (pirates) aren't actually customers

        I've paid for my Microsoft software and I still get a shitload of botnet-posted spam. Likewise, I have to do routine tech support for friends laptops with malware infested Windows installs despite the laptops having legit versions of Windows installed by the manufacturer.

        So are you suggesting that Microsoft has no responsibility to myself and my friends, or are you saying that they're incapable of fulfilling that responsibility?

        • Re: (Score:2, Insightful)

          by MakinBacon ( 1476701 )
          I fail to understand your point. Are you trying to say that Malware on your computer is caused by some guy on the other side of the world neglecting to run Windows Update?
        • It's somewhat akin to a scenario where every fourth, or tenth, or whatever, Toyota Camry is driven not by some citizen trying to get to work, drop the kids off at school, or buy groceries, but by a zombie/doppelganger that looks like Beetlejuice and generally causes the kind of havoc anyone with imagination could muse about.

          Steals you wallet at the gas station; teaches your kids swear words while you are distracted at Wall-Mart, drives into your house, knocking out the big-screen tv, stumbling out of the ca

          • *kisses karma goodbye* The difference is more like Toyota not honoring a warranty of a Camry that's been reported stolen, or conversely saying that Toyota should process the recall of an unregistered Camry with a scraped off serial number. Yes, a Camry could potentially endanger other drivers if not properly serviced, but ultimately I find it difficult to fault Toyota for not fixing a car that the driver has no business driving to begin with.

            • *kisses karma goodbye* The difference is more like Toyota not honoring a warranty of a Camry that's been reported stolen, or conversely saying that Toyota should process the recall of an unregistered Camry with a scraped off serial number. Yes, a Camry could potentially endanger other drivers if not properly serviced, but ultimately I find it difficult to fault Toyota for not fixing a car that the driver has no business driving to begin with.

              And well you SHOULD kiss your karma goodbye - this is a really b

              • " ... Toyota made it, and they received their profit for it when it was sold, including the money that they put aside for future warranty claims. They're not any more out of pocket if someone else swipes it then brings it in for service. This is not at all the same scenario as someone using a copy of software that was never paid for. ..."

                Zombies/doppelgangers that are not of this Earth do not buy cars from Toyota. They arrive here, in cars they duplicated in the other worlds, having paid nothing for them, a

      • Re: (Score:3, Insightful)

        by yukk ( 638002 )

        To be totally fair, people who don't pay for their software (pirates) aren't actually customers, and Microsoft has no responsibility towards people who aren't their customers.

        That's not totally true. If all those pirates were to dump Windows for some other O/S, then Microsoft's market share would drop, weakening their near monopolistic hold on the market which allows them to sell other things and force wretched terms on vendors.

      • So, another way to look at the data is that Windows malware outbreaks cause a corresponding surge in migration away from Windows and towards systems like Linux or OpenSolaris.
    • Re: (Score:3, Insightful)

      by initialE ( 758110 )

      Look at it this way. You pirate windows, your box joins a botnet, and who suffers? Some other poor SOB. Somewhere there's a corporate site to DDOS, somewhere there's an account to brute-force, and Microsoft's reputation takes a fall. Remind me where's the genuine advantage in that again?

    • That's not at all how I read TFA. To me, it came off as the infringer's fault, not Microsoft's. I didn't smell any insinuation otherwise.

    • by rakslice ( 90330 )

      Yeah, are there some serious byzantine MS inter-division politics behind the release of this statement that I don't know about? It's one thing to abdicate responsibility for security flaws in all-caps in your license agreement; it's another thing to be doing it while simultaneously cooking your studies to say "our licensing practices are acutally making vulnerabilities stick around longer".

  • by Anonymous Coward on Monday November 02, 2009 @06:51PM (#29956932)

    Including Windows Genuine Validation is the likely culprit for this.

    • by Renraku ( 518261 ) on Monday November 02, 2009 @07:05PM (#29957062) Homepage

      The very same program that's well-known for marking valid copies as pirated and then holding people's data/work environment hostage until they cough up another $200+. Yeah, I'm leery of that kind of thing too. Why should I let them install a program that takes up a good 20MB of RAM when it's running to make me prove that I'm not a pirate?

  • by Anonymous Coward

    I'm not hesitant of MS patches because of piracy, I'm hesitant because i use this machine to do all my Photoshop work and the last 4 auto patches crash Photoshop roughly every 6 min rendering my computer completely useless for it's primary purpose.

  • Just suppose... (Score:3, Insightful)

    by ichbineinneuben ( 1065378 ) on Monday November 02, 2009 @06:52PM (#29956942)
    Suppose it was possible to apply security patches without installing Windows Genuine Advantage (malware by anyone's definition except Microsoft's). Would that make a difference? Perhaps what they are seeing is really just a choice users make between Microsoft malware and "aftermarket" malware.
    • Re:Just suppose... (Score:4, Informative)

      by jack2000 ( 1178961 ) on Monday November 02, 2009 @07:01PM (#29957034)
      It is actually possible to install patches without running headfirst into WGA. Infact there are TWO ways:
      • When choosing mode of autoupdate choose the one that requires you to choose which patches to download and install, WGA is one of the Security patches you uncheck it and it goes away forever.
      • Have security patches installed in redistributed form, they are available from MS or even torrent sites
      • Re:Just suppose... (Score:4, Interesting)

        by dgatwood ( 11270 ) on Monday November 02, 2009 @07:08PM (#29957096) Homepage Journal

        Have security patches installed in redistributed form, they are available from MS or even torrent sites

        Am I the only one who sees the problem here? Why do you think all those machines are infected with malware in the first place? :-D

      • Re:Just suppose... (Score:4, Insightful)

        by zonky ( 1153039 ) on Monday November 02, 2009 @07:14PM (#29957184)
        Downloading and applying patches from non-authoritative sources, i.e torrents, without some sort of checksum assurance sounds like a very bad idea.
      • by Korin43 ( 881732 )
        If you don't select WGA, you don't get some of the new patches though. They just don't show up until it's installed.
      • by patro ( 104336 )

        How about Service Pack 3? Does it contain WGA? If so then those who want to avoid WGA can't install SP3 at all, because it's one big bundle and you can't select individual components from it to install.

        And SP3 is offered as a recommended security update by MS for SP2 users.

        • I have installed XP SP3 and WGA wasn't part of it. I think. No, it probably wasn't since windows update still tried to push it to me until I unselected it and chose to not be reminded about that update again. Anyway, my install passes WGA, that is, I can download the files that are "for genuine only". It all comes down to the quality of the crack.

          Also, Windows 2003 does not have WGA so no crack was needed.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Suppose it was possible to apply security patches without installing Windows Genuine Advantage..

      I think it is possible. According to http://support.microsoft.com/kb/892130 [microsoft.com]:

      What if I decide not to use Windows Genuine Advantage to validate my copy of Windows?

      If you have a genuine copy of Windows but decide not to complete the validation process, you can still obtain critical software updates by using the Automatic Updates feature.

      I'm not sure if this is true because I stopped using pirated copies of XP long

    • Re:Just suppose... (Score:5, Insightful)

      by grcumb ( 781340 ) on Monday November 02, 2009 @07:13PM (#29957172) Homepage Journal

      Suppose it was possible to apply security patches without installing Windows Genuine Advantage (malware by anyone's definition except Microsoft's). Would that make a difference?

      Quite likely, but Microsoft is definitely within their rights to insist that people pay for their software. You and I may find it to be unwieldy, intrusive and obnoxious, but that's our problem, not theirs.

      If people don't want to deal with the mess and hassle of keeping their Windows machines clean and up to date, they have alternatives. They can pony up for a Mac or they can install Linux. Heck, if they're absolutely committed to using Windows without paying, they can run it in a snapshotted VM on Linux.

      Just last week I wrote a newspaper column [imagicity.com] advocating Ubuntu Karmic over Windows 7, so I'm no fan of Windows whatsoever. But as someone who writes a fair amount of software, I fully respect Microsoft's right to license it - and enforce that license - as they see fit.

      The fact that they're doing so in such a way as to drive the world away from them is just gravy, as far as I'm concerned. 8^)

      • Re:Just suppose... (Score:4, Insightful)

        by hedwards ( 940851 ) on Monday November 02, 2009 @07:47PM (#29957676)
        If they want to do that fine, but they should be liable for the times when they misidentify a copy as pirated.

        Also, I take it that you haven't actually bothered to read the EULA that comes with Windows because it's an absolute joke. Worse still is that it changes regularly when doing updates and I'm willing to bet that if I call them and say that I'm rejecting the new version that they won't let me have my money back for the copies I've paid for.
  • Easily explained (Score:3, Interesting)

    by hudsucker ( 676767 ) on Monday November 02, 2009 @06:54PM (#29956950)
    Well, China is behind an all encompassing firewall.

    And the French refuse to install malware written in English.
  • by CmdrPorno ( 115048 ) on Monday November 02, 2009 @06:55PM (#29956970)

    And users (with both legit and pirated copies) are leery of applying patches because of Microsoft Genuine Advantage and its ilk. Does this come as a surprise to them?

  • by base3 ( 539820 ) on Monday November 02, 2009 @06:56PM (#29956978)

    . . . people would be "leery" of installing "security patches," MS having pushed down things like WGA as a "critical updates." Of fscking course the people running dodgy copies of Windows are going to assume that each new wave of patches might come with a copy protection trojan, in light of the fact they've done it before. So in fact, Microsoft has caused the problem they're bellowing about in the name of attempting to inhibit piracy of Windows.

  • by dangitman ( 862676 ) on Monday November 02, 2009 @07:01PM (#29957038)

    They're pirates. Of course they're going to run malicious software.

    What the hell else would pirates do with a computer, donate to charity and solve world hunger? No, they're going to use it to look up www.saucywenches.com [saucywenches.com] or download illegal treasure maps, or perform DDoS attacks on Royal Navy ships. They'd use a pirate version of Quicken to count their doubloons and inventory their treasure chest. They'd be looking up suspicious sites for syphilis treatments. They'd manually edit the Windows Registry with nothing but a cutlass and a corkscrew.

    • perform DDoS attacks on Royal Navy ships

      It doesn't help that said navy ships are also running Windows.

  • safer users (Score:2, Interesting)

    by Nidi62 ( 1525137 )
    Wouldn't those pirating an OS be less likely to have infected computers simply because they would be more likely to be more computer literate than your average user? Granted, it is not hard to get and install pirated copies, but your average user who falls for Nigerian scams and self-installing anti-virus malware probably wouldnt be doing much downloading besides some music, if at all. I would assume that someone downloading a pirated version of Windows probably does not use IE, and probably follows safe
    • Re: (Score:3, Informative)

      by Anonymous Coward

      In Brazil several computer stores sell PCs wirh a pirated version of windows pre-installed. So it's very likely that a lot of those 'computer pirates' are computer iliterates. Also, pirate versions of any popular application, movies and songs can be easily bought on the streets at broad day light -- not in dark alleys. So, if a person sees "Computer with genuine MS Windows XP" it's not unlikely that they would ask the salesman "can you make it cheaper if you sell it with a pirated version of windows?", even

    • > Wouldn't those pirating an OS be less likely to have infected computers
      > simply because they would be more likely to be more computer literate
      > than your average user?

      No. They don't install it themselves: they don't even know what an operating system is. They just buy a pc from the shop that has the best prices, is conveniently located, and promises to include all the software they could need.

  • by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Monday November 02, 2009 @07:09PM (#29957110) Homepage Journal

    infection rate -- as defined by the number of computers cleaned for each 1,000 executions of the MSRT

    Wouldn't the rates of infections be severely affected by how long the machine stays online? Because that increases both — the opportunity to infect the machine, and its value for the hijacker (as a spam-relay)?

    With many organizations simply blocking the entire A- and B-class networks from China, even an always-connected server in China is not as hot a target as the one in US.

    Also, one would expect, the machine owners' expected wealth to be a factor — some viruses blackmail the owner by threatening to delete their files... The poor Chinese may not even have a Paypal account to pay off the scumbags, so why go after them?

    Accounting for all this may change the published statistics quite a bit...

    • I don't think botnet operators target their infections. It would cost them more to select their targets than to just put it everywhere, with the possible exception that they might try to avoid the equivalent of .mil or .mod.uk in their own country.

    • by Tynin ( 634655 ) on Monday November 02, 2009 @08:55PM (#29958508)
      I just got done working on my grandparents machine. They only have dial up, with one phone line in the house. They connect, check their email via POP3, and disconnect. They had 336 viruses that I could find (many of them worms). I don't think connection times matter that much, especially since this was over a 56k modem only connected a few times a week for 10-20 minutes at a shot.
  • by TheCow ( 191714 ) on Monday November 02, 2009 @07:10PM (#29957134) Homepage

    I just recently returned from a trip to India and found that many of the cyber cafes and family homes that I visited were not running the latest service-packs for Windows. I would attribute that to mostly being because although they had "broadband" their speed even during off hours were more around the range of 64 to 128 Kbps with high latency due to over subscription. Can any of you imagine downloading Windows XP SP3 over that kind of connection? (Setup a speed limiter on your next bit torrent download at about 5 KBs/40 kbps and see how long that file takes to transfer) Along with the problem that most computers are purchased as cheaply as possible so they frequently run with the minimum amount of ram possible, making the use of Antivirus software and the latest Service packs way too slow to even browse the web.

    Security patches and Anti-virus updates that are several megabytes a piece are fine for someone with a lowly 512 kbps broadband connection, but understand that most people in these countries like China and India still have very large modem and slow DSL that is extremely over subscribed at the ISP.

    Even here in the US there are many people that have dial-up even if other options are available because they don't feel the broadband options provide a good cost/performance ratio. $40 for 512kbps WISP connection or $10 for a cheap dial-up connection. $480 + install for the first year, or $120 for a year of dial-up over a phone line they already have...

    Please keep in mind that although 5+ Mbps broadband is available in most Metro markets there are still a lot of people that have much slower connections making many online services out of reach (Steam, hulu, and to some security patches).

    • Re: (Score:3, Interesting)

      by dnaumov ( 453672 )

      I just recently returned from a trip to India and found that many of the cyber cafes and family homes that I visited were not running the latest service-packs for Windows. I would attribute that to mostly being because although they had "broadband" their speed even during off hours were more around the range of 64 to 128 Kbps with high latency due to over subscription. Can any of you imagine downloading Windows XP SP3 over that kind of connection?

      Yes. Download the file once, overnight. Proceed to install it on all machines. The full installation file download is a mere 316mb.

  • Penance? (Score:3, Funny)

    by xeromist ( 443780 ) on Monday November 02, 2009 @07:10PM (#29957140)

    Perhaps these pirates just feel such extreme guilt for copying Windows that they are rejecting patches and virtually flogging themselves with malware.

    • Re: (Score:3, Informative)

      by shentino ( 1139071 )

      Or maybe the folks who don't give a shit about pirating windows also don't give a shit that their rooted machines are causing mayhem.

  • The solution... (Score:4, Interesting)

    by The Grim Reefer2 ( 1195989 ) on Monday November 02, 2009 @07:13PM (#29957170)

    Williams said the link between PC infection rates and piracy is due to the hesitancy of users of pirated software to use Windows Update.

    Make Windows free.

  • There is no reason for there to be any high level of virus spread amongst pirates. Simply because pirates are often trapped together on a boat with no women for perhaps weeks or months at a time shows nothing. Is Microsoft slandering the pirate community, hinting at homosexual rendezvous? I for one am offended and suggest we 'make im walk the plank, yarrr'
  • by elvis15 ( 1375583 ) on Monday November 02, 2009 @07:14PM (#29957180)
    Obviously Microsoft doesn't want to acknowledge the large portion of their licensed users who set Windows to do their updates automatically but have never touched an antivirus or security software. I've worked in IT and with the Joe Public users and that was by far the biggest problem out there.

    People would often call in with viruses/malware they've just been living with on a 2 year old computer, and when you asked them about what they use for antivirus, they wouldn't have a clue. "I used that link that was on my desktop when I bought it," they would say. Well, that 30 day trial will get you into more trouble than not applying your windows updates, especially when they're opening up all those emails from disposed Nigerian dictators.
    • by BikeHelmet ( 1437881 ) on Monday November 02, 2009 @08:35PM (#29958276) Journal

      I know a guy that has Nod32 antivirus installed.

      Unfortunately for him, he doesn't seem to understand how to activate it. Every year he buys a new code, and loses it, without activating. It's now about 900 days since his subscription ended.

      I took pitty and installed avast, but he doesn't know what the little A is, or even care, because he has Nod32 (which a friend recommended), and he thinks he's protected.

      I agree that uneducated users are the issue.

  • by dissy ( 172727 ) on Monday November 02, 2009 @07:16PM (#29957214)

    Microsoft said today that computers in countries with high rates of software piracy are more likely to be infected because users are leery of applying security patches.

    When you purposely push out "security patches" that only disable copies of Windows that are pirated, then yes, they are leery of using them, and rightly so (Assuming their goal is to run Windows without paying, and not buying Windows or using another OS)

    This is the exact situation Microsoft has stated they wanted to happen.

    And before anyone starts, I am not suggesting Microsoft change their rules on supporting pirated copies of Windows.
    It's theirs to choose how to support how they want.
    Just that this is the only conclusion one could expect from their current choice.

    • And before anyone starts, I am not suggesting Microsoft change their rules on supporting pirated copies of Windows. It's theirs to choose how to support how they want.

      But shouldn't they also be liable somehow for the collateral damage they're causing, when they give traction to the spammers and botnets?

      • by dissy ( 172727 )

        But shouldn't they also be liable somehow for the collateral damage they're causing, when they give traction to the spammers and botnets?

        Well, there is should, and there is could.

        Should, probably so.

        Could, no. Unfortunately providing the means indirectly to criminals to do their thing is not illegal.
        For it to be illegal, one would have to convince a judge that Windows is used primarily for botnets and scammers, and much less so for anything else.

    • by BikeHelmet ( 1437881 ) on Monday November 02, 2009 @08:55PM (#29958510) Journal

      When you purposely push out "security patches" that only disable copies of Windows that are pirated, then yes, they are leery of using them, and rightly so

      Don't forget the legit copies they disable. Any of those OEM keys that shady computer repair shops have gotten their hands on.

      Microsoft also disabled my legit key. Apparently if you activate Windows on 4 different motherboards with 3 different CPUs, 4 different types of memory, 3 different GPUs, 6 different HDD setups, from 3 different IPs/ISPs, they find it suspicious and refuse to give you a new key.

      Of course, what actually happened was my PSU blew up my old board. It wasn't good for overclocking, so I got a different one. Then the new PSU blew up the new board(bad luck - never going Antec again) and some memory. After getting it fixed, I sold my CPU and upgraded that and my GPU. I was running out of space, so I also got an HDD upgrade. Then later I moved most of them over to a NAS. Eventually I wanted to upgrade again, so I gave a family member my old PC(after wiping Windows and installing Ubuntu, *gasp*) and tried to reactivate again on a new board with a new CPU + GPU + RAM + more HDDs.

      Microsoft found it suspicious - too suspicious - and yet I'm in the right, because my XP key was only in use on a single machine. I believe a contributing factor was the ISP switching, and my IP geolocation resolving incorrectly. For a while it resolved to Ontario, then Alberta, then BC. Originally I could even watch Hulu (and I'm Canadian), so I know the geolocation software failed pretty badly.

      Right now I'm using XP, but it's not the license key I originally bought. There's no way I'm letting a company force me to pay twice! Everyone I know buys a single license and uses it on every computer in their home, but here I am doing it the right way, and they screw me! Never again!

      • Re: (Score:3, Informative)

        Just call the support number and tell them. They'll give you the call up key and you're good to go. There is a solution for these things, and it takes all of 10 minutes. Stop pirating software for no reason.
  • Count me as one of those leery afraid to apply patches because there's never any indication in the update applet about whether they'll force a reboot or not.

    So I can ignore useless (for me) "malicious software removal tool" patches and play it safe, or I can apply a patch and hope that I don't have to manually stop the Windows Updates service to prevent an undesired reboot.

    Guess which one I pick?

    (Posted from a legit win7 licensed box that gets rebooted when storms knock out my power..)

  • by interkin3tic ( 1469267 ) on Monday November 02, 2009 @07:18PM (#29957252)

    but lets give MS the benefit of the doubt. After all, haven't they earned our trust? I'll take them at their word that stealing windows = malware. Fortunately, I don't have to steal windows anymore, a guy from nigeria says I'll be rich soon.

  • couldn't you legally force them to give updates to pirated copies? I mean leaving it like this puts other people at risk! thats like a (CAR ANALOGY FTW!!!) car manufacturer who goes and cuts stolen cars' breaks!
    • Re: (Score:3, Interesting)

      by chromas ( 1085949 )

      car manufacturer who goes and cuts stolen cars' breaks

      More like a manufacturer who won't replace (possibly shoddy) brakes on cars because the owners didn't bother to register with them.

  • What!?!? (Score:2, Insightful)

    by sourICE ( 1480471 )

    China's piracy rate is more than four times that of the US, but the use of Windows Update in China is significantly below that in this country. Same for Brazil and France. But Microsoft's own data doesn't always support William's contention that piracy, and the hesitancy to use Windows Update, leads to more infected PCs. China, for example, boasted a malware infection rate -- as defined by the number of computers cleaned for each 1,000 executions of the MSRT -- of just 6.7 per thousand, significantly below the global average of 8.7 or the US's rate of 8.2. France's infection rate of 7.9 in the first half of 2009 was also below the worldwide average."

    How can Microsoft possibly conclude that Malware is a greater threat to pirated PCs from the previously quoted data? Obviously the US has a higher infection rate than China, with the US being at 8.2 per thousand and China only at 6.7.

    If it were me analyzing the data I'm afraid I would have to conclude that users who use windows update more often and use official copies of windows(US users) are more likely to receive a malware infection than users on pirated copies without using windows update(China).

    I guess

    • Re: (Score:3, Informative)

      If it were me analyzing the data I'm afraid I would have to conclude that users who use windows update more often and use official copies of windows(US users) are more likely to receive a malware infection than users on pirated copies without using windows update(China).

      Except that those who don't use Windows Update aren't included in the statistics. (Well, unless they manually download and run the MSRT, but that can't be a statistically significant number.)

      • by TheLink ( 130905 )
        As far as I can see, Microsoft are only using infection stats from their removal tool (MSRT).

        There is correlation for some countries but not for China.

        So it'll be interesting to know why PCs in China that use Windows Update tend to have less infection than the US (or world average) ones that use Windows Update as compared to other countries with alleged similar Windows piracy rates.
  • by shoor ( 33382 ) on Monday November 02, 2009 @07:40PM (#29957564)
    First, I'm not even a user of Microsoft stuff (see my sig), and I'm not posting because I think I know what Microsoft should do. This is not a rhetorical question on my part, but just a plain question. As I understand it, when a machine is infected it makes trouble for everybody (becomes part of an army of botnets or whatever). So, helping pirates who, except for pirating Microsoft Software are pretty much minding their own business, to keep their machines virus free would help everybody wouldn't it? They try to give junkies clean needles not to help them be junkies, but to try to prevent the spread of disease. Have I got that right? If I do, then, isn't it a similar situation with Microsoft?
    • by John Hasler ( 414242 ) on Monday November 02, 2009 @07:47PM (#29957674) Homepage

      Microsoft has a financial incentive to make people fear running unauthorized copies of Windows.

    • Maybe I'm just tired and sleepy - but your post makes me think that if Gate's daddy had used a dirty needle and a condom, we wouldn't be so worried about getting Bill's viruses today. Hmmmm. I'll sleep on that idea......

    • You are absolutely correct if the goal is the public good.

      Corporations, on the other hand, are not about the public good.

      t would be nice if Microsoft cared, but Microsoft is a corporation. A publicly traded corporation, no less; publicly traded corporations are required, by law, to be self-serving and to maximize profit over other considerations. If they don't, they can be sued by shareholders for not doing it.

      So, nice as it would be, unless you can come up with a way to convince Microsoft to convince Micro

  • by beatsme ( 1472991 ) on Monday November 02, 2009 @07:43PM (#29957610)
    The fact that there's a "Great (Fire)Wall" separating the Chinese from the rest of the internet? Chinese culture being less individualistic may simply not produce as much malware, and since most citizens are restricted to their own countrymen, there's a bias. That such a sampling bias exists should disqualify it from being included among the other countries, or at least warrant further research before lumping it in there.
  • Problem solved. Link proven. That's what passes for innovation at Redmond these days.

  • I have an allergy to B.S. This sounds, at best, very suspect. You don't need a Windows computer to write viruses for Windows. You can compile binaries intended for Win32 on a Linux or BSD machine. Heck, you could even use PHP, PERL, or other to take advantage of a security hole in Windows.
  • When I pick up clients I make sure their "licensing"[sic] is brought into compliance. It's amazing how many PCs are in small-to-medium-size businesses where IT folk install "pirated" ("Yar! yo ho ho and a bottle of rum") corporate editions. I bring them into compliance but I use policies and now WSUS to restrict patches for days to weeks after release to learn of reports of patches breaking systems. They're always behind firewall appliances and running some sort of antivirus and anti-malware software. Why I

  • having the latest patches and updates do not protect you from all viruses just specific ones. Microsoft cannot code Windows updates to prevent all virus and malware infections as Windows is "defective by design" with security holes and bugs that allow malware and viruses to be installed even if the system has the latest updates and a few AV programs as well as a firewall.

    Pirated Windows can still apply the Windows updates and pirated Windows have a way around the Microsoft WGA checks as they redirect WGA ch

  • A tad off topic but still relating to patching Microsoft stuff. We run WSUS at work to patch machines. I absolutely despise approving the Microsoft Office security updates and service packs, especially with OEM versions of Office. Every time I do so, it seems to screw up registration on Office XP and Office 2003 installations. I have a handful of users who can't get into office after the application of updates. Fantastic. In most of those cases when I try to do the internet registration it fails and I

Your own mileage may vary.

Working...