Microsoft News Update 512
Microsoft news of the past few days: Media Player 9 is the subject of a few articles, including one on its integrated digital restrictions and one on changes in its privacy options. Microsoft is releasing certain API's, and is releasing a service pack for Windows XP, under the requirements of its antitrust settlement with the Federal Gov't. On the downside, code to crash any modern Windows machine with NetBIOS enabled is now floating around the net, and there's been more publicity of the vulnerabilities in Microsoft IIS/SSL.
Shifty (Score:2, Insightful)
Privacy Control or DRM? (Score:4, Insightful)
So you get a DRM enabled media file. When you play it, Media Player has to contact this server to find out if you are allowed to play it. They can track every time you play this file.
Maybe you'll have a feature that protects your privacy, but if you don't let the player contact the clearing house, you can't play the files.
Also, I'm sure everyone saw it coming. The reason Microsoft changed their EULA is because of this new DRM crack down. They want any program that can open a DRMed file to have to be authenticated, and they want to be able to disable any program that will attempt to get around these restrictions, and they don't want to get in trouble for messing up software you have installed.
Good thing I use a free and open OS. But if this type of thing continues, all media produced will be encrypted and you'll have to contact the DRM server to view it. So it won't matter. Just wait until router manufacturers are convinced to not all their producted to transmit any packets that haven't been DRMified properly.
wow! (Score:0, Insightful)
MS SUCKS! WOOHOO!! Free mod-points to all!
*wonders if his social satire will be dismissed as sophmoric*
Re:Oh that's very responsible of you, SlashDot (Score:2, Insightful)
Now, mail to MS in same tone, please.
Re:Oh that's very responsible of you, SlashDot (Score:3, Insightful)
Maybe it's not too smart, but neither is running a Windows box with SMB/CIFS enabled on the public Internet, which is what the program requires. SMB is a bit like having an open mail relay; a quick and easy solution which is fine on a private network, but try it on the Internet and you are probably going to get shafted sooner rather than later.
Irresponsible (Score:1, Insightful)
"Yeah, Microsoft is being upfront about their privacy policies, and is publishing the API specs... but, we don't like to talk about the good things that Microsoft does. So here's a link to a tool to crash Windows machines. Enjoy!"
Blah.
Roblimo I Am Calling You Out (Score:4, Insightful)
However he has now topped himself by linking to a script kiddie tool to what may be an unpatched bug on a website that gets hundreds of thousands of hits a day. What the fuck? Do you see MSNBC or C|Net linking to r00tkits whenever a Linux vulnerability is released?
Roblimo as Editor-in-Chief, you are responsible for his work and quite frankly he is the worst part of the Slashdot experience (now that I've upped my threshold to 4).
WMP9: it still comes down to trust (Score:5, Insightful)
"Welcome to Windows Media Player 9 Series," the opening screen of the Privacy Options panel reads. "Microsoft is committed to protecting your personal privacy. To enhance your experience with features including album art and pay-per-view-services, data must be sent and received over the Internet and/or saved on your PC. The options below enable you to customize these privacy settings."
OK, so right from the get-go users are presented with the issue of sending information from their computer. Certainly this is an enhancement feature, if done correctly and the user really has control over what is going on. In the long run, the real power and benefit of computers and networks comes with sharing information, and as people become more comfortable with it, software that includes network features will be more powerful and more popular. For example, see the popularity of the CDDB in CD players.
However, how do you really know what sort of information your software is sending over the network? As we start to take advantage of network features, it will become impossible to rely on personal firewalls to curb outbound traffic - you want your CD player to send some ID to the CDDB so it can retrief the correct tracklisting for the CD you're playing, so you have to tell your personal firewall to allow your CD player to connect to the net. After that point, you are trusting the CD player to behave properly and not betray you.
The article acknowledges this:
"As more applications become Web-aware in order to provide services and information back to the user, consumers need to be aware of the quid pro quo that's taking place and exactly what information is being provided to the vendors," Gartenberg said. "What Microsoft appears to have done here looks like a step in the right direction, if it makes it into the final product."
So the issue boils down to trust. Do you trust Microsoft? I'm sorry, but I do not. No matter what they put in their GUI as far as options go, you can never quite be sure about what their software is sending back to them.
With open source, at the very least you're allowed to look at the code and see what your software is really doing...
Re:Crash Windows (Score:3, Insightful)
Maybe I'm wrong about this, but I'd like to see proof if there's any *nix distrobution that is 100% bug free or has absolutely no security vulnerabilities.
Honestly, if windows is so bad, so full of bugs, why does it keep selling? Lack of alternative? I think not, according to the slashdot community, linux is a more than viable alternative. People are stupid? Well I can see a point there but if you get down to it, it hasn't been as horrible as the slashdot community makes it out to be since it keeps selling.
My main problem with microsoft is that they keep selling updates as new operating systems (Windows ME as my case in point).
I'm just tired of seeing a bunch of posts on slashdot everytime microsoft relesases a bugfix about how horrible microsoft is.
Re:Privacy Control or DRM? (Score:4, Insightful)
"My Power Point presentation died... I want it fixed NOW!. What do you mean the copy can not be authorized with the clearinghouse? I wrote and transfered it to the auditorium computer! Make it play!"
Re:why do you guys give a fuck? (Score:3, Insightful)
Not the most elegant way of putting it, but he's got a point. If that's not bad enough, the tone of the guy posting the article is pretty much judge/jury/executioner.
I'm getting really sick and tired of reading through the articles to find out things aren't near as bad as they're made out to be. If somebody wants my attention regarding norti shenanigans that MS is pulling, try to sound more objective. I feel like I'm watching commercials for Jerry Springer.
Re:Oh that's very responsible of you, SlashDot (Score:3, Insightful)
Are you one of those grade school kids or MCSE who don't grasp a clue to the reality?
I just need it in the security audit meeting this afternoon.
One working tool worths a thousand words. We might have to find our way to prove the validity of a security alert if we are not given a tool nevertheless. Now it helps saving lots of man hours, and helps to protect our company from security hazard at early stage.
So you think IT secuirty's jobs is just repeating security updates/news/alerts? We'd be happy to get that $70,000+ salary for doing that.
Re:Real smart! (Score:1, Insightful)
Does anyone at Microsoft think before they release buggy software which compromises security of thousands of systems? Why shoot the messenger? It's well documented that M$ only acts when the popular media starts whining.
My message to all those "moral grandstanders" is to lay off. Alternatively, fuck off. There are many reasons to criticize /. editors. This isn't one of them.
Re:Well... (Score:4, Insightful)
Besides, anyone smart has NETBIOS blocked at the firewall already, right?
Re:Oh that's very responsible of you, SlashDot (Score:3, Insightful)
Why?
Why is Slashdot responsible for the vulnerability that allows this?
Why is Slashdot responsible for the actions of users that choose to download and try this out?
You seem to have a very strange understanding of responsibility, albeit one that's rather popular in Redmond and Washington at the moment.
Re:My MS Activation Story: True Story. (Score:5, Insightful)
The main point of this story is not how incompetent Microsoft is. - The main point (IMO) is that this is yet another story about yet another Windows-user that will go to hell and back to use Windows but will not even look at alternatives because Microsoft has successfully implanted the delusion that only Microsoft can solve their problems.
In a free market customers do not put up with crap like this.
I don't feel the slightest pity for you. If you chain yourself to a single vendor with no way out you are asking for being raped. And it's irrelevant if that single vendor is called Microsoft, Apple or Sun.
And you know what the message for Microsoft is?
The message is "If they are willing to spend 10 hours on the phone, they are also willing to pay 200$ more"
Re:Why not add a link to the patch as well, Slashd (Score:3, Insightful)
P.S. Awesome Sig.
Re:Irresponsible (Score:2, Insightful)
Re:My MS Activation Story: True Story. (Score:3, Insightful)
Just because you have driven off the cliff and it's too late now doesn't mean that driving off the cliff was a good idea.
There are many OS-agnostic development platforms like Java, Qt, Delphi/Kylix and many more.
And guess what! They also work with Windows, so you can use Windows without chaining yourself to Microsoft.
Firewall != ivory walls (Score:4, Insightful)
Firewalls can make things inconvenient for people (users as well as crackers), but there is always a balance that must be met between how much inconvencience the users can tolerate and how important it is to inconvenience crackers. That balance is never going to lean very far towards the 'inconveniencing crackers' side.
The 'settlement" has NOT been approved (Score:4, Insightful)
When Microsoft began implementing it, even though the judge may still reject it, I cautioned that this is a classic example of Microsoft attempting to subvert the will of the law/consumers by instituting a de facto condition.
- "We'll just integrate Internet Explorer into Windows so it won't matter whether people want to use it. It'll be a de facto standard."
- "We'll just start implementing our slap-on-the-wrist settlement so it won't matter if the judge or the states approve it. The government will be pressured to let us off the hook because the people will believe that we've paid our dues. This will all blow over."
By writing about the settlement without noting that it has not been approved, and flatly rejected by the states, you're playing right into Microsoft's hands. Shame on you.