Read the Fine Print 637
nihilist_1137 writes: "This story is about how MS changed its EULA and you just gave them control of your computer. In the section on Windows XP Professional, 'Internet-Based Services Components' paragraph says in part, 'You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer.'"
I can just see it now (Score:2, Funny)
Netscape.exe
*1 Upgrade Found*
Applying Opera 6.01.exe
Okay, I can only wish
Re:I can just see it now (Score:3, Funny)
Maybe the users want it (Score:4, Insightful)
If you would consider the average user for a moment. He does not give a damn about most issues you would start campaigns for. All she/he cares for is whether he can watch movies, listen to music and basically create word documents. So would he not like automatic fixes of bugs? From his point of view, it would be convenient.
It's about time you took note of the average userbase Microsoft are aiming for with XP.
This is in the PRO version... (Score:3, Offtopic)
Re:This is in the PRO version... (Score:2)
Re:Maybe the users want it (Score:5, Informative)
The problem isn't the "average user." The problem is the end-user who doesn't want software installed automatically, for stability/interoperability reasons. Our XP lab at school used to auto-update new patches and fixes, until most of the functionality for accessing the Linux/Solaris servers was completely shot, and several UI problems came up. Things that used to work (like the Zip drives) suddenly didn't. Just because Microsoft updated the software doesn't mean it got any better.
The other big issue is the DRM software Microsoft, or its partners/subsidiaries, will install. Even with prompting, if you don't upgrade, then you have no access to a content provider's new media. All in all, this sounds like a giant headache for everyone that isn't Microsoft.
Re:Maybe the users want it (Score:4, Insightful)
The only winning move is not to play. Media that requires or uses "DRM" should be vociferously boycotted and allowed to rot unsold on the shelves just like what was done to Divx.
If DRM enabled media sells, we will be stcuk with it. The DMCA makes it easy for IP cartel jackboots to squash those who try to undo DRM, and the SSSCA will make it equally illegal to essentially make a system that give true "root" access to the system owner.
Re:Maybe the users want it: Yeah, Right (Score:2)
On another note they've used auto-update of the OS through MSN for a while and a few of the people I know stopped using MSN because of compatability problems caused by the updates... updates that they couldn't turn off... One person actually had to reinstall her machine because one of the updates completely hosed her system... updating core OS dlls without checking with the user is a BAD idea...
Then again I'm sure the argument from Microsoft will be if you're only using our apps compatibility isn't a problem =)
In general having a system that tells you an update is available and provides an automatic method for installing it is good... but it should also provide a way to find more information if you're a technical user and let you know of any potential problems and let you decide what to do...
Re:Maybe the users want it: Yeah, Right (Score:2, Insightful)
This was a lie propagated by people who are too lazy to hit F1 and find out more information about the checkbox that they were un-checking. But, I guess once we've found something to badger MS about, it doesn't really matter whether it's true or not. After all, this is SlashDot, not some sort of forum for open thought.
-Mark
Re: Maybe the users want it (Score:4, Funny)
If the users want it, why is it in the EULA instead of the television commercials?
Re:Maybe IT wants it (Score:2, Interesting)
This reminds me of an old Dilbert cartoon... (Score:3, Interesting)
At least with previous ones... (Score:2)
Lack Of Knowledge The Key (Score:3, Insightful)
Possibly, but I think you're missing the point here. Read this [slashdot.org] post to see what I mean. The point is that the average user doesn't know and/or care about these things. As long as he/she can play music, games, get his/her spam from Hotmail ;-) and write Word documents he/she couldn't care less because either they don't understand how this would work or consider it important. Hence, if your audience is ignorant of these things, you can get away with a hell of a lot under the impression that "it's for your convenience/benefit" because most people don't have the time or knowledge to question these actions. We (the technically literate) need to educate the rest of the community ourselves and not leave it up to Microsoft to utilise user ignorance to get away with such things.
MS didn't think anyone would notice ANYTHING (Score:3, Insightful)
Re:MS didn't think anyone would notice ANYTHING (Score:5, Interesting)
Is is so drastic? (Score:2, Interesting)
Windowsupdate scans your computer for required updates and, depending on your settings, it downloads the appropriate updates and presents a notification on the taskbar that they need to be installed. One click and the updates are installed.
In principle, this system works great for your average Joe User. Of course, for this system to be "allowed", you need to grant Windowsupdate control of your computer hence this section in the EULA.
Now of course, this part of the EULA does open the possibility of Microsoft being malicious but I guess I would trust Microsoft just enough not to deliberately screw over all home consumers in this way
There is a difference (Score:3, Interesting)
It's true that for Windows Update to work, it must determine what versions of what programs are on your computer; however, in the past is explicitly said that no information was transmitted to MS in the process, presumably because all the checking was done client side. Now, obviously, if MS looked at what you downloaded they could make a guess at what you have, but such snooping could at least be said to be an invasion of privacy. Now they have made you explicitly say that such snooping is ok. Moreover, in this snippet of the agreement, at least, it does not say such snooping will always be for the express purpose of system upgrades. Finally, you always had the option of not using Windows Update, but it sounds like you have to agree to this now just to use the OS. So I think this is new, different, and shitty.
Uproar is not over the current mechanics... (Score:5, Insightful)
There's no justification for needing legal authority to install anything, as the system functions today. To "need" this level of authority, Microsoft would have to argue that THEY, not you, are in fact installing the software in question. In my opinion, (not a lawyer) that's crazy.
In order for the software to be installed, you (a person of sound mind and body) have to take the active step of saying "Yes." You're doing it. It's one-click installation, but you made the choice.
Unless future versions of Windows Update will automatically install things? I don't know whether to laugh or cry.
Got Code Red Part 44 after the Code Red Part 43 patch auto-installed? "Sorry, you agreed we could install anything we want, including buggy, poorly-tested code."
After all, Microsoft would never release a patch that opened up new holes in the feature it was supposed to fix. (Or in other random products.) Anyone claiming contrary will be burned as a witch.
you can turn this off i think (Score:5, Informative)
Hmmm (Score:2, Interesting)
On the other hand, it does set a very bad legal precedent...
Re:Hmmm (Score:5, Insightful)
Ever hear of port 80? Web services?
MS doesn't need a big hole. SOAP would do fine.
What's the difference..... (Score:5, Funny)
The EULA.
Re:What's the difference..... (Score:5, Funny)
>
Viruses usually work as intended.
Once again, Slashdotters want to have it both ways (Score:4, Insightful)
But that's not good enough, because too many users/sysadmins are too stupid to turn this on or check it regularly. So we complain that Microsoft isn't doing enough -- that they need to make the OS download security upgrades automatically, whether or not the stupid user asks for it or not. This, we argued, is the only way Microsoft can stay ahead of security holes and make sure we take them up on the patches.
So Microsoft does this. But because doing so requires the user to agree to let Microsoft access and update their system, they have to add it to the EULA.
And then Slashdot complains that MS is taking too much control.
The mind boggles.
strawman (Score:4, Insightful)
(2) Slashdot isn't a unitary entity. If you make the mistake of expecting every J. Random Poster's comment taken together to represent a coherent position on anything, you will be disappointed.
Re:strawman (Score:2, Interesting)
But the vast majority is. Just see my journal of a little experiment I did not too long ago.
Re:Once again, Slashdotters want to have it both w (Score:2, Insightful)
MS have been known to release service packs that do just this.
Re:Once again, Slashdotters want to have it both w (Score:5, Interesting)
On the contrary, sysadmins are advising that users disable automatic updates on XP because the tendency of the auto update facility to replace, for example, working drivers with faulty ones, as well as not providing information on which packages are being downloaded. (Read that in an article somewhere. Never used auto update myself.)
I do see this as a privacy concern, because it is only with XP that windows update does not say "this is done without sending any information to microsoft." All other versions of windows use the anonymous facility, so they already have a working production update system which they've replaced with this more invasive version. -Coinciding with the EULA changes.
Whether it is an intentional attack on privacy/piracy or simply that MS decided the old mechanism wasn't efficient enough over a slow connection (or some other technical reason) is speculation.
Re:Once again, Slashdotters want to have it both w (Score:2)
A lot of us lost all trust in Microsoft a long time ago. Once lost, trust is a very difficult thing to regain.
One small difference (Score:2)
The difference between the two is who has access to my files. Right now, with my Windows 98 machine that I use for games and video capture, I don't mind hitting the auto-update as long as that message saying "We're not sending any information to Microsoft" stays on.
As soon as I sit down to my computer, and it by itself says "Oh, Hi, I just checked your stuff, and we noticed that you need patches. And while we're at it, we checked your MP3 list, and we don't think you legally own 'Rinbo Revolution'."
Extreme? Yes. But it's no different in my mind between letting the plumber in to fix my pipes, or giving him a key and saying "Come in whenever you like and just look around and tell me what I need." I don't trust anybody (except my wife
Re:One small difference (Score:2)
are you breaking the law? sure. are they allowed to search through your computer? sure you clicked "ok". do i want to deal with this? no. imagine if you moved into a neighborhood and you had to agree to have your house searched whenever some private organization wants to.
if that private organization only used the information they were allowed to it probably wouldnt be that bad. i personally dont trust microsoft to have my best interests at heart, so i wouldnt agree to such things.
Re:Once again, Slashdotters want to have it both w (Score:4, Informative)
The problem is when you not only tell it you do NOT want auto-updates but also you STOP THE AUTO UPDATE SERVICE and then, when your computer becomes unbearably slow and unresponsive you check the process list and, uh, what's that, autoupd using all my CPU time?! But I told it I didn't WANT auto updates! ARGH..
It really happens... You cannot turn off auto updates in XP.
-- iCEBaLM
Slashdot logic (Score:2)
This isn't about "having it both ways", it's about whether or not YOU own your box and whether or not YOU control what is done with it. Let's not drag other issues into it.
Because ... (Score:2)
And then Slashdot complains that MS is taking too much control.
Freedom is about choises, freedom is about having options and beeing able to choose (even if you don't do it).
Having so-called "upgrades" and "patches" showed down your throat, is not freedom.
That's why the /. crowd is complaining !!
unboggle your mind (Score:2)
Besides, one might well ask why Microsoft is shipping software with gaping security holes in the first place. In 2002, there is no excuse for any company or group to ship software with buffer overrun-related security problems (yes, this also means open source software).
Software auto-update is common (Score:2)
"Periodically, the Google Toolbar contacts our servers to see if you are running the most current version. If necessary, we will automatically provide you with the latest update to the Google Toolbar."
Re:Software auto-update is common (Score:5, Interesting)
Google's Toolbar does the same thing, according to their official-until-we-change-it legalese
The difference is Google only checks for a single piece of information on a single piece of software and my system does not depend on this software to run. I have never had a Google Toolbar update screw up my entire system or even introduce another bug or open security holes. Google also has a pretty good privacy policy for which it has an excellent track record for following. In short, Google has earned my trust, Microsoft has proven time and time again they can not be trusted and it will take more than setting aside 28 days out of the last 20 years to fix problems to restore that trust.
XP antispy Program (Score:5, Informative)
From the website
"XP-AntiSpy is a little utility that let's you disable some built-in update and authetication 'features' in WindowsXP. For example, there's a service running in the background wich is called 'Automatic Updates'. I don't know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these function manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour."
Re:XP antispy Program (Score:2)
http://www.xp-antispy.de/XPAntiSpy3-English.zip
Smoke'n Logic, Batman! (Score:3, Insightful)
Radio Button says, "Disable", but License says "Screw you all day long!" I wonder which one will really hold force? I also wonder just how good this fine program will be at turning off the kill feature of XP so that your computer will continue working after you disable this "feature." Forget it, the slavery is made manifest and the number one condition of any oppresive EULA is the company saying that they can terminate your license and destroy your work at will. This is really that clause put into action.
Yes, it really is the best windows ever. I don't like it and I don't use it. I have one surviving windows 98 box that I've tried to make blind to the network. It never really worked that well, but I expect the EULA that came with it to reamain in force that way. XP, "Hunh, have you ever been eXPerienced?!" Not me.
Nothing more than Windows Update (Score:2, Redundant)
Re:Nothing more than Windows Update (Score:3, Informative)
This little 'phrase' is saying that they reserve the right to make those decisions FOR YOU.
And THAT is a bad idea, if for no reason other than their track record of patch management and hidden 'features' in their patches.
Re:Nothing more than Windows Update (Score:3, Interesting)
The phrase in the EULA is a CYA measure on their part. They don't want someone enabling this, and then trying to sue them for it. However, I repeat, this is voluntary. You can leave it in the classic mode where you must instantiate an update.
It Makes Me Angry (Score:2, Funny)
This Type of survics should always be an opt-in.
Most US law is on the basis of the ordinary citizen is automaticly opted-out of things unless they opt in. People do not have to opt out of buglary, rape, robbery, murder, slavery, etc.
Businesses now assume that you should be automatically want what they offer, and that we should automatically agree to any condition they impose. Microsoft is one of the largest sinners in this regard.
May Bill Gates be tortured by the demons of all worlds religions in the after life. May he be forced to suckle from the 16 poisoned leathern teats of Gophahmet, Whore of Betrayal, until he bursts from an unwholesome engorgement of curdled bile. And may many other such joys [theonion.com] await him as well.
Don't mind me. I'm pissed, it's early, and I haven't had my coffee yet.
Freedom of Choice. (Score:3, Interesting)
It is about being able to opt out or opt in as you like.
It is about freedom of choice.
If they want to offer this as aservice fine. And maybe I might recommend it for your first time shopper, buying their first computer at the CompuMaximus Grotesguerria. But then maybe MS does know what the best choice would be for everyone in the country.
For Myself, I have sufficient experience that I would dare to have actual opinions about my choice of configuration.
For this I may well by relegated to that worse possible of all Microsoft hells. A world without Microsoft. Sign me up.
Same legal team (Score:3, Insightful)
This is the same team that told the DOJ that MS isn't a monopoly and if they were they wouldn't do anythign illegal. Yeah I believe them, don't you?
Why do companies tolerate this? (Score:5, Interesting)
I'm really quite surprised that there hasn't been a big backlash from the legal departments of corporate customers over the text in the license agreements from software makers like Microsoft.
Most of the large organizations that I've worked with have relatively paranoid legal departments. The average person cannot, for example, sign a non-disclosure agreement, vendor contract, or do anything else that binds the company without having the document scrutinized in excruciating detail by the company's legal department. And, as anyone who's ever been through this process knows, excruciating is the correct word for this situation.
Yet people install software all the time that binds the company to ridiculously one-sided terms: This software is ours, not yours. Unless it breaks: then it's yours, not ours--and we're obligated to do everything up to and including nothing to help you.
It seems to me like two possible explanations exist--neither of them pleasant:
They have been trained, but there is hope. (Score:3, Interesting)
Everyone sees those service packs and weekly "anti-virus" updates. A few of them know that M$ is changing everything under their feet all the time. Some of them have even figured out that M$ is not the only program they have that calls home. They have been beat down with FUD and convinced that they need that "automatic" hand in there fixing things. To them this is the same feeling they get when they pay for a $100 oil change. They feel ripped off, but don't see a way out.
The people who know the most are the most embarrased. Here it is, laid bare, all those evil things the free software people have been telling them for years. The MicroTurds have led their companies down the rosy path all this time, ignoring poor perfomance and increasingly ugly control from M$. The waste of ever shifting formats was a demoralization they were willing to live with because they thought it would end one day. Now they look around and see the chains. The latest changes in document formats came as a huge shock to them because they know of no other applications than M$ for Windoze. So it is now obvious that the changes will never end and that they are being used as the upgrade train. Last thursday a co-worker told me that M$ was shifting all of their licensing to XP and rental only by next June. He was really shocked. IT is demoralized completely, especially the die hard M$ pushers. "What can we do?" they wonder.
People I work with are now interested in Linux and other free software. These are rank and file engineers who, as one of them put it, "use software like toilet paper, I use what's on the roll." I'm amazed. What I've told a few people about the concepts of free software, its motives licenses and current state, sunk in.
I have three old computers that I'm lending to people so they can see for themselves. I've warned them that I'm NOT a CS or IT dude, and that the machines could be better configured by someone that knew better or cared for things like noise, TV and movies. What I lend them are basic Debian machines with Gnome applications, Netscape, Mozilla, a few window managers and some kind of network connection. This way they don't feel like Free software robbed them of anything (I leave that to dying M$ junk), and I don't have to spend hours at their house figuring out their computer. In short, I try to give them the tools they use for 95% of their work and let them know that there are better tools available for people who really need them, like Latex for typesetters, databases and noise makers.
Re:Why do companies tolerate this? (Score:3, Funny)
Minors cannot legally sign a contract. I say, to avoid ALL claims by M$ or anyone else that you are bound by a bullshit EULA, have an underage child handle all the initial parts of your software installs. YOU never saw, nor clicked on any "I Agree" button and the child is not legally bound by such.
Joy (Score:2, Insightful)
A patch that is supposed to fix an Outlook virus becomes a virus? Methinks I'm gonna turn off autoupdate and tell it to warn me first...
--pi
A Bridge too far? (Score:5, Insightful)
What Microsoft is preparing us for is the next step: No root access to a machine.
This is scary ass stuff. Note that MS's EULA gives them the right to change these license terms on a whim. Your license with MS is one sided, MS can change anything they like, and you have no rights other than those MS chooses to grant you.
Running a business on such a system to me would see m an unwarranted risk, especially given MS's pathetic record when it comes to security related bugs and holes.
What MS is saying is that they have "root" access to your machine and can read anything or install anything at will.
This is clearly over the line. NO OTHER industry in the USA can sell a product and attatch the kinds of "strings" to it's use, while disclaiming any and all liability for defects as the software industry.
MS and other proprietary software vendors have had it totally their way for too damn long. We need some sort of law limiting what can be in a EULA, restoring the "first sale" doctrine, and at the very least, a right to "opt out" of new license changes made AFTER the sale.
The best solution is to use Linux or other OSS software. Sooner or later, Microsoft and their goons will go a step too far, and the business world will realize the danger of allowing such meglomaniacs THAT kind of control over their information system arteries.
If this little nugget isn't it, WHAT will be?
Re: (Score:3)
Re:A Bridge too far? (Score:3, Interesting)
I want both to happen. The government has a moral and legal obligation to protect the rights of users of proprietary software, just as it does users of other products.
GM or Ford couldn't escape liability for a design defect in their trucks that causes them to explode, taking with it a company's assets. They would be FULLY liable not only for the actual damages, but for compensatory damages.
This liability tends to discourage such horrific defects.
There is no such liability in software. You can EULA away all responsibility, even if you KNOW the product is defective. A company's data can be totally screwed by a defective software product, and the software company be totally non-liable.
The market SHOULD decide that OSS software is less expensive, less legally risky, and more secure, but this is not going to happen overnight. I believe in the long run that it will. This is why the proprietary IP cartel is pushing such new laws as the SSSCA that would essentially make it a felony to produce an open system.
Re:A Bridge too far? (Score:3, Interesting)
isn't that like saying that drug dealers will go too far and the addicts will stop using?
call me cynical, but I just see the corporate world as too depentant on microsoft (on the desktop anyway) to give them up even if they wanted to.
This can be done without the EULA. (Score:4, Insightful)
All it would need to do is have an automatic wizard pop up ever week (or month) or so and ask your PERMISSION to check for and download the latest updates. The Wizard can even provide a lengthy explanation of what it's about to do for those who want more information.
That is all that's required for REAL updates.
This language in the EULA sounds like it might be giving them EXTRA permission to do other things. Checking version numbers of WHAT software? As someone else pointed out, will this include OfficeXP? Is it checking for pirated warez?
So despite all of the people up here screaming that ONCE AGAIN the
Rich...
Other Content Owners? (Score:3, Interesting)
Does this mean that if say a music distributor reaches an agreement with MS to send music over WMA that they can request MS to check for non-licensed files? Or can they request MS to implemented some form of CrippleWare into Media Player? (granted your own fault if you're listening to music on it with all the published concerns regarding privacy and the software)
Like everyone else has pretty much said, the Windows Update Feature doesn't really bother me much, but allowing updates requested from other Vendors kind of does--especially if it is a background process that I don't know about.
Windows Update has ALWAYS included other vendors. (Score:2)
Microsoft's most desired flaw (Score:3, Insightful)
I'm a sysadmin at a small company -- 60 employees, few million dollars is revenue. A reoccuring problem I have is employees who open file attachments from strangers. I've written policy; I've had meetings and presentations. Hell, the CEO said to me once "good thing I use a Macintosh because I double-clicked on that gone.scr attatchment, eh?"
Updating virus protection, and applying patches on every desktop machine is a must. After a particularily scary security announcement about IExplorer.exe, I got the patch off of Microsoft, posted it to our local file server and sent out a letter to the entire staff [insert something here about office politics and loosing face for scaring people] saying "install this patch immediately." Little did I realize that the patch was broken and replaced later the same day on the website with a functioning one. So, I expected everyone would come to me and say "I tried but it did _this_ instead."
Two people came to me to complain. Two people of 59, when I said it was important to install this patch. Of the two people, one of them is a suit who hates using email (kudos to him for reading it).
Some sysadmin, as frustrated as I am, must have asked for this 'MS will upload patches to you whether you ask for it or not' feature. Hell, I've had suits whine to me about "can't you just update my virus software for me, automatically?" and I think to myself "I guess I should, since when I say 'DO THIS, it's very important,' you ignore me."
FUD and idioticy (Score:4, Insightful)
This is a tech "shock" article, designed to get zealots in an uproar, and it should not even be bothered to be read.
Re:FUD and idioticy (Score:3, Insightful)
And you are already bound by that agreement to let them do so if they decide to do so (if you're buying in bulk under that license).
The article is about the *license*, not about existing versions of the operating system.
Will they ever take advantage of this change in license? No one knows, least of all you.
Good and Bad (Score:2, Informative)
From the good point of view, they're taking responsibility to fix things. The end user with 1 XP machine that coudn't even figure out how to spell "windowsupdate.microsoft.com" is saved from potential problems. Never more will we have to ask/tell the customer, "Go update your software."
Now think about the admin with 400 XP servers on his network. Once a week, he doesn't have to install patches on each and every one. I've had fun before watching a team of 3 guys updating software on 150 NT4 servers. I didn't even ask what the problem was, but I know that we completely reinstalled and reconfigured 16 Linux machines (fresh OS installs, replaced some hardware, set up the sites, and had them running again) before they were anywhere close to done.
The XP admin will love this, assuming they do implement it. The EULA is just saying right now that they have permission to do it.
There is a downside. NT4 SP6 (not SP6a). Anyone remember that one? I believe it was the one that when you installed and rebooted on a Compaq built server, it would fail to boot. The only fix (from Microsoft) was to reinstall Windows.. How many companies use those nice expensive Compaq servers, which would be automatically killed off.
I have a computer at my home, with an i810 chipset, and an Intel Pro10/100 NIC. Windowsupdate insists that there is an update for it. I installed it (point, click, let it run). When it came back up, no more network. The new network driver doesn't recognize my network card. But, Windows automatically identified it as the new and updated driver..
The scenerio of the XP admin with 400 machines under his control. Now he has to go to each and every one, and try to fix the network driver. How long would you think it would take to fix 400 machines? How long if the update happened to come on Friday at 5:30pm, 30 minutes after he left for a weekend vacation.
We have a policy at my office, no changes on Friday. Maintaince stuff is fine, but no changes that will potentially make people work over the weekend. If Microsoft is calling the shots on updates, it's on their timetable. Maybe the day they call to update my network driver is the same day that all the Admins from my office are at a conference, meeting, or something..
We all know stuff never happens at the right time, but we don't really need an extra variable of random events.
I'm all for the updates. Maybe if they have it the way the WindowsUpdate notification works now, it would be very good. it says "There's an update available", they click the button, and it does them.. I'll be interested to see how they implement it, if they do..
Of course, we don't run XP for damned good reasons (We're a 90% Unix shop). NT survives for our legacy sites. I'll watch the comments fly when M$ kills off a few hundred thousand users with a flawed update.
Re:Good and Bad (Score:2)
Now think about the admin with 400 XP servers on his network. Once a week, he doesn't have to install patches on each and every one.
I'll think about the home user. You know, the one who, unlike the corporate admin, doesn't have clue 1 about backing out a bad patch. You outlined the problems corporate admins have had with bad Windows updates. What's a clueless home user going to do when things start breaking and he really didn't do anything to the system?
Where's the friggin' EULA? (Score:2)
Where the hell did microsoft hide the EULA?
They can download, but they can't execute. (Score:2, Insightful)
This agreement doesn't say that MS can execute the new code that they force onto your workstation. So, if they did automatically execute it, they'd be stealing computing resources from your company.
hehe
~Tetravus
Microsoft's EULA is irrelevant (Score:2)
End User License Agreements, also known as "shrink-wrap licenses" or "click-through licenses" are not legally binding.
Here's a page [cr.yp.to] that explains further, including citations of court cases where the judge found that they weren't legally binding.
Microsoft updating their EULA means about as much as Steve Ballmer having MSN carry his latest round of whinings and what they wish the world really was.
Additional Threat: Service Packs (Score:2)
Let's say MS updates their DRM policies and you don't agree with them, and they distribute an "update" to their customers. You disabled auto-updating, and you decide against applying this patch. Now WMP can't play some recently released media, but no biggie, you can find other ways of playing media.
Now let's say a massive bug/hole is discovered and Microsoft is responsive and develops a fix. What's to say they won't release this patch ONLY as a Service Pack, which contains this patch and also includes the DRM patch (and who knows what else!)?
Trust? (Score:3, Insightful)
i am confused (Score:2)
If cars had this kind of EULA... (Score:3, Interesting)
So, here is the question: We in the software industry have quite a high opinion of ourselves, so why have we allowed things to get to this point?
At least they acknowledge they do this. (Score:3, Interesting)
I'm actually appalled at the number of applications that "phone home" while you're on the internet - sending back to the companies that created them information about themselves and the computer they are running on. Were it not for Zone Alarm, they would be doing this in secret without me ever knowing it.
At any rate, at least MS says that they do this. There are a lot of others. Even if you are using an Linux or BSD firewall, as I do, those probably are set up to allow you do send any sort of communication out without checking. Something like Zone Alarm will tell you what applications are trying to access the internet by themselves. Its been highly enlightening ever since I started using it.
In the case of something that runs over port 80 like IE, I'm not sure how you could use the internet while preventing it from sending back info to its parent company. I guess you would have to use something that promises not to have spyware built into it.
This is really just a piece of a larger issue..... (Score:3, Interesting)
What's really going on here is a larger issue which has been around with *all* of the Microsoft products since day 1. Everything is still designed around what makes the individual home user happy. Corporate environments are much different. Security is tighter, and they're usually run in a more authoritarian manner. "We, the sysadmins, will tell you what you can and can't run on your PC."
Despite MS trying to develop two flavors of Windows XP (home and corporate), even the corporate edition is chock-full of potential security issues that are only there because they made concessions to what the home consumer would think was "cool" or "worth upgrading for". If their "Professional" edition was truly aimed at corporate America, they'd remove all of the Internet media playing crap, never even consider letting the product auto-update itself, remove the default installation of the MSN messenger, ditch most of the cutsie wizards, and stick with a more clear-cut security model. (Try sharing the root of your C: or D: drive out under Windows XP. All you get is a warning that it's risky, security-wise, followed by it asking if you still wish to do it. If you do, you're not even sure what sort of permissions it placed on that share - or whether or not it is allowing it only for the local LAN, or for the whole Internet.) At least Windows 2000 gave everything to you straight. You just clicked the security tab and saw which options were on and off. Makes much more sense than trying to "user-friendly up" the security with simplistic prompts and questions.
A couple of points that I'd like to reinforce (Score:3, Interesting)
Hopefully, this will cause a backlash from the big corporate buyers that will cause MS to change the EULA, at least for a while. Perhaps we should change the name of the EULA to the Edict of Unlimited Arrogance!
Funny thing is... (Score:3, Interesting)
Ahaha. (Score:5, Insightful)
If Slashdot were indeed an unbiased source for information, they'd have mentioned that this feature can indeed be disabled.
Re:Ahaha. (Score:3, Insightful)
Secondly, the issue is about the license, not the way that Microsoft currently chooses to implement it. If what they meant was "You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer. You may choose for this part of the license not to apply to you by disabling Windows Update", then they should have _said_ so in the license.
As it stands, Microsoft could technically at any time put out a "service pack that" doesn't allow Windows Update to be disabled any more.
If they don't intend to enforce a clause, it should not be in the licence.
Trolls. (Score:3, Interesting)
Microsoft has a default deny policy, and then states what rights they and you have.
Most open source licenses have a default accept/allow policy, only denying few things. When you agree to a GPL or BSD license, you are agreeing to the same thing as you have no warrenty.. just restrictions on what you may do with the source.
All this is saying is that Microsft software is one step more 'free'.. Oh, how the slashdot trolls are afraid of their government removing their freedom, but more afraid of giving Microsoft some.
Hipocrites. People make me laugh.
Re:Trolls. (Score:3, Informative)
This is about Microsoft forcing you (so to speak) to give them permission to access your computer. Open source licenses do not force you to agree to allow the author/distributer to do anything with your computer. Open source licenses generally have no terms related to actual *use* of the software, they only apply to redistributing modifications to the source code.
I think it pretty much all comes down to one thing: "Don't touch my stuff!"
Re:Two Perspectives (Score:2)
There should be a law requiring the EULA to be printed or summarized on the box, or published on the web site, so people can know before-hand. Once you've bought the product, what are you gonna do, try and return it because you didn't like the EULA, or put it on the shelf?
Once again, consumers need to spread the word about such EULA's, and kick up a stink about them, and let it be known what's going on. Simply clicking "disagree" isn't going to save the next poor bugger, nor yourself.
-me
Re:Two Perspectives (Score:3, Interesting)
Not only have you paid for it, but if you buy it at a typical store like Best Buy you're stuck with it even if you don't agree to the license -- as soon as you open the shrinkwrap, it's non-returnable. Conveniently, you can't even read the full EULA until you've opened the product. M$ should have to print the entire EULA and attach it to the outside of the box.
Re:Two Perspectives (Score:2, Informative)
OK, my ex-girlfriend is a lawyer, but I am not. She talked specifically about this sometimes. The Ex says:
(1) One thing that is always considered in legal issues is, "What would a reasonable person do?" Well, no "reasonable person" can read every EULA they get. Therefore, it is not clear that any non-standard stuff that you "agree to" can be enforced, because it has not been tested in the courts (when we discussed this).
(2) Contractual obligations cannot supersede the law, and you cannot sign away your rights. For example, "You agree to enslave yourself to Bill if he decides he wants that," would not be enforceable.
Remember, this is second hand, but it seems applicable here. Perhaps a law-talkin'-guy can expound.
Re:Two Perspectives (Score:3, Insightful)
Now that's something else. I wouldn't call myself stupid. I have actually read the Windows 98 EULA, but all the software that's downloaded and tried through the years' EULAs, I don't bother to read. I mean, how many people actually read EULAs?
If they don't, they are getting what's coming to them. Anytime someone enters a legal agreement it is their duty to make sure they know what their agreement actually is. Would you take a loan, buy insurance, rent an apartment or buy a book from Amazon without knowing the terms of the deal?
This is even worse, though, as it is about the volume licensing for companies. Sure, I can understand that someone buying a game for their kids don't bother with the EULA (consumers do have a layer of legal protection against onerous agreements), but this is about companies not even bothering to find out the terms of use for software that's expensive and critical for their operation. That is stupid.
/Janne
Re:Two Perspectives (Score:3, Interesting)
EULA != legal contract (Score:2, Insightful)
They could ask for my soul in the EULA, I really don't care, so why bother reading beyond first line?
Re:EULA != legal contract (Score:2)
Re:Two Perspectives (Score:2)
No, just like I wouldnt buy, say, Windows XP from Microsoft without knowing the terms of the deal. But I would read the books from Amazon without reading through the intro pages of copyright info, and I don't see why I should need to read 25 pages of EULA to read a book, or use a piece of computer software.
Now let's just look at it: Do you really expect people who think copy-and-paste is difficult to read and understand the EULAs? The paragraph quoted in the article probably sounds perfectly fine to Joe User... should I have to hire a lawyer to use Windows XP?
Re:Two Perspectives (Score:2)
Honestly now, if I released a program with a long long legal-mumbo-jump-like text saying "you have to pay me 25% of your salary every month you use this program", and then sue my users when they refuse to pay up... What would you say my chances of winning in court are?
Maybe thats a far-out example, but I think you see the point. It could just as easily say "We have the right to use any information as sent to us by this program in any way we see fit. Further the program may look at files on your disk." I could then enjoy the benefits of credit card information, selling email addresses for spam, and what-not.
Face the facts: People do not read legal mumbojumbo presented on a computer monitor when installing "Splatterfest XXI: The Massacre" to play. What if a video tape had the text on it "By pressing the play button on your video player, you agree to send $1000 to the maker of this movie." Is that a legal contract all of a sudden as well?
Now, maybe where you are corporations rule and buy their own laws left and right but that's not the way it is all over the globe. I have a feeling that in many countries the court would just say "if you want people to understand it then write so that they can."
Re:Two Perspectives (Score:4, Interesting)
For example in Germany the whole EULA is completely void, that's why there are no longer OEM-licenses in Germany. (Courts said that users could use them everywhere, not just on the computer it came on)
The funny (or sad) part is that Microsoft also does not follow their own EULA in Germany: You don't get any refunds.
But they still ship everything with the EULA...
Re:Two Perspectives (Score:3, Insightful)
But are EULAs really legal agreements?
No laws are clear on it, and it hasn't been tested in court yet. But the widespread suspicion is that a court would rule that an EULA is NOT a legal agreement.
Re:Two Perspectives (Score:2)
I almost always at least skim through EULA's (and the GPL/LGLP/BSD licences make this easer, read once agree anywhere).
I certainly take the time to read the TOC of the web services I sign up to to see what they are going to do with my info etc.
not really (Score:2)
gpl
bsd
apache
by reading the above licensing terms (the bsd one is trivial)
it would cover about 85-90% of the software i use (close to 95% of the stuff i have installed). the rest are some variation of the above. while it might be a pain in the ass your still making a legal agreement. weather or not you care to read what you are agreeing to is not really that important your still responsible for your actions (disclaimer: if you are an adult in the united states)
i would expect that most home users wouldnt be using windows 2000 professional, and i would expect the IT people of a company to be a little more accountable than the average home user. i'm a grad student and i manage computers for my advisor. when i install software, i check out the licenses. most of it is gpl'ed so i dont have to worry too much. it's my responsibility since i'm his IT person. i'm not a lawyer or in need of psychiatric help (i suppose you could argue about the latter).
Re:Two Perspectives (Score:2)
Re:Pretty reasonable (Score:3, Insightful)
Agreed. Whatever they do or do not do to (wow) there software is their buisness.
If you don't like it, then don't install it.
*duut!* Not agreed. How many computers do you see in sales WITHOUT Windows? How many users would know what an OS is? Are the users given a choice? Nope - they have to stick with Windows. That's what's bothering me. And it all ends up in MS' marketing strategy - "if you sell ALL of your computers with Windows, we'll give you a BIG rebate!" Not many computer-sales-companies says no to that.
We have of course our beloved Macintosh, but that's a different story..
Re:Pretty reasonable (Score:2, Interesting)
I thought it was even worse than that - more along the lines of "if you sell any computer with some OS that's not Windows, we won't sell you Windows at all"?
If it was some other company doing this (something the size of Adobe, say, for the sake of argument), that would be bad, but at least people would have the opportunity to "vote with their wallets" and go elsewhere for their software. Since Microsoft basically has a monopoly on desktop OSs, office software and miscellaneous other things, there isn't really that opportunity (I help my more hackerish friends install Linux, but much as I hate to say it, I don't think pushing non-hackerish people into leaving Windows is necessarily justified yet).
Personally I'm OK at the moment with Linux for most stuff and Win98 first edition for games, but I'm not sure what I'll do when stuff stops supporting Win9x (I don't mean Microsoft "support", I mean apps/games which will only run on an NT-based Windows, so I've probably got a few years yet). I'd better hope WINE are still making progress, I suppose.
Re:Pretty reasonable (Score:2)
Nope. You're wrong. Manufacturers were always able to buy Windows at retail price to install on the computers they wanted. But that was not what they (IBM) wanted. They wanted Windows before it became available publicly. They wanted it at a cheaper price. You really should read some of the depositions in the case so that you don't sound so clueless. The problem, of course, is that the issues get exaggerated with every telling.
Heh heh... cute. Likely false, but cute. (Score:2)
Re:Red Hat's up2date (Score:4, Informative)
1-> i connect to a server and get a list of stuff thats updated. then my computer makes a decision.
the eula above
2-> their server can connect to mine and poke around at will.
up2date is a choice and not required by the installation. you must register your computer to use up2date. up2date is not something you explicitly agree to when you install the operating system.
to me there is a big difference.
Re:Well, Does 'Random Joe' *like* his auto-update? (Score:3, Interesting)
Don't always believe what you read......
And next time you would like to call me ignorant - try doing some research outside Microsoft's information circles.
Re:Of Contracts and Lawyers (Score:3, Funny)
No, a lawyer's primary task is to make money for their firm. Just as a prostitute's primary task is to make money for her pimp. In both cases it is often, though not always, a good tactic to make the client happy, but that's just a by-product. Also, in both cases law and morality are non-factors.
TWW
Re:Hmm.. (Score:4, Interesting)
Slight wording differences.. but still... what is "personally identifiable information "? For the longest time, an IP address did not fall into that category.. but as anyone knows... an IP address can id quite alot...
The privacy policy for windows update has:
-----start quote..
Windows Update Privacy Statement
Windows Update is committed to protecting your privacy. To provide you with the appropriate list of updates, Windows Update must collect a certain amount of information from your computer. This information includes:
Operating-system version number
Internet Explorer version number
Version numbers of other software
Plug and Play ID numbers of hardware devices
Windows Update does not collect your name, address, e-mail address, or any other form of personally identifiable information. The information collected is used only for the period of time that you are visiting the site, and is not saved.
To provide you with the best possible service, Windows Update also tracks and records whether the download and installation of specific updates succeeded or failed. Windows Update records the ID of the item that you attempted to download and install, and information about your operating system version and Internet Explorer version. The information that is stored cannot be associated with anything that is unique or personally identifiable about you or your computer.
------ end quote