XP update question
March 8, 2004 8:36 AM Subscribe
I just got DSL and XP is nagging me to update... [mi]
I remember reading on Slashdot that one of the XP updates contains some spyware or excessively draconian DRM. Assuming I'm not misremebering this, should I update to SP1?
I remember reading on Slashdot that one of the XP updates contains some spyware or excessively draconian DRM. Assuming I'm not misremebering this, should I update to SP1?
Response by poster: Why? Are the security patches worth the trade-off of new DRM? Or is Slashdot spouting off the usual anti-M$ FUD?
posted by keswick at 8:55 AM on March 8, 2004
posted by keswick at 8:55 AM on March 8, 2004
Are the security patches worth the trade-off of new DRM?
Your machine is a sitting duck until you update. Almost any kid can exploit one of a large number of holes in your system. I'd update to the latest everything, just to be sure.
posted by mathowie at 8:59 AM on March 8, 2004
Your machine is a sitting duck until you update. Almost any kid can exploit one of a large number of holes in your system. I'd update to the latest everything, just to be sure.
posted by mathowie at 8:59 AM on March 8, 2004
The only "DRM" changes I'm aware of in SP1 are to shut out some cracked copies of XP from installing SP1 in the first place. For legitimate copies of XP, it's actually more lenient about product activation.
posted by yarmond at 9:11 AM on March 8, 2004
posted by yarmond at 9:11 AM on March 8, 2004
Best answer: The draconian part to which you refer was found in the Windows 2000/XP End User License Agreement (EULA), wherein the only way you could receive vital security updates was to agree to simultaneously install software that could, at any point in the future, at Microsoft's discretion, download software onto your computer without your knowledge or permission. According to the license, this explicitly included Digital Rights Management software.
There was a subsequent public outcry, and I believe the clause may have been removed. Perhaps it was merely obfuscated further, or moved further down the four-page license.
In any case, most (if not all) of the mechanism by which Microsoft would employ this "feature" can be disabled. Look at these instructions from Microsoft, but substitute the "Windows Messenger" process (which you should also disable) for "Automatic Updates" and "Background Intelligent Transfer Service". Once you have stopped those processes and disabled them, you're probably in the clear.
That is, until the next time you run Windows Update. Microsoft instructs the majority of patches and security updates to re-enable said processes, so you'll have to manually disable them each time. Of course, by disabling those processes, you are also disabling Windows' Automatic Update functionality, so you must run Windows Update of your own volition on a regular basis to remain secure. But I (and many others) prefer this option rather than trusting Microsoft to be a benevolent entity, having witnessed them disprove such a concept on numerous occasions.
posted by Danelope at 9:29 AM on March 8, 2004
There was a subsequent public outcry, and I believe the clause may have been removed. Perhaps it was merely obfuscated further, or moved further down the four-page license.
In any case, most (if not all) of the mechanism by which Microsoft would employ this "feature" can be disabled. Look at these instructions from Microsoft, but substitute the "Windows Messenger" process (which you should also disable) for "Automatic Updates" and "Background Intelligent Transfer Service". Once you have stopped those processes and disabled them, you're probably in the clear.
That is, until the next time you run Windows Update. Microsoft instructs the majority of patches and security updates to re-enable said processes, so you'll have to manually disable them each time. Of course, by disabling those processes, you are also disabling Windows' Automatic Update functionality, so you must run Windows Update of your own volition on a regular basis to remain secure. But I (and many others) prefer this option rather than trusting Microsoft to be a benevolent entity, having witnessed them disprove such a concept on numerous occasions.
posted by Danelope at 9:29 AM on March 8, 2004
Why? Are the security patches worth the trade-off of new DRM? Or is Slashdot spouting off the usual anti-M$ FUD?
Like matt, Danelope and yarmond said above it's not as bad as /. makes it appear.
You're already putting some trust in Microsoft by using their OS, it's not too unreasonable to extend that trust to their critical updates. SP1 is definitely a critical update. It's for the most part just a collection of all bug fixes pre-SP1 and some new ones.
SP2 is going to be a collection of all bug fixes till date, *and* add new functionality to the OS such as the new security features. It's more than a service pack. I'd recommend upgrading to that too when it comes out, although if you want to, wait a week after it comes out for all the unseen quirks to appear, and get fixed.
posted by riffola at 12:48 PM on March 8, 2004
> Your machine is a sitting duck until you update. Almost any kid can exploit one
> of a large number of holes in your system.
My PCs are all on a home network behind a DSL modem and a router. It's an unregistered network (i.e. it's all NAT behind a single IP address) and each machine has its own firewall. I felt pretty safe, and have not installed any updates where the EULA gave Msoft the right to upload whatever they like to my machines.
Am I kidding myself?
posted by jfuller at 5:22 PM on March 8, 2004
> of a large number of holes in your system.
My PCs are all on a home network behind a DSL modem and a router. It's an unregistered network (i.e. it's all NAT behind a single IP address) and each machine has its own firewall. I felt pretty safe, and have not installed any updates where the EULA gave Msoft the right to upload whatever they like to my machines.
Am I kidding myself?
posted by jfuller at 5:22 PM on March 8, 2004
If you plan on using Internet Explorer or Outlook at all, then yes, you're kidding yourself. Many exploits can slide right through your firewall.
posted by mmoncur at 3:34 AM on March 9, 2004
posted by mmoncur at 3:34 AM on March 9, 2004
And depending on the type of affliction you're talking about, many virii and worms can spread over local networks (one computer on the network gets nailed, and that computer nails all the other vulnerable machines.) In this case, too, your firewall would afford you no protection.
posted by Danelope at 8:16 AM on March 9, 2004
posted by Danelope at 8:16 AM on March 9, 2004
Just to be clear, I don't mean a firewall between my home network and the internet, I mean a personal firewall running on each machine (one Norton, one Zonealarm, one Kerio, because I get frequent questions about using each of these.)
I notice that running Zonealarm on my PC at work has brought all of the IS department's remote-admin accesses out in the open and I've had the chance to explicitly permit or deny each one. I wonder if they'll notice, as long as my machine doesn't just drop out of sight all at once.
posted by jfuller at 10:25 AM on March 9, 2004
I notice that running Zonealarm on my PC at work has brought all of the IS department's remote-admin accesses out in the open and I've had the chance to explicitly permit or deny each one. I wonder if they'll notice, as long as my machine doesn't just drop out of sight all at once.
posted by jfuller at 10:25 AM on March 9, 2004
This thread is closed to new comments.
posted by riffola at 8:51 AM on March 8, 2004