Feeds

Post Blaster, MS floats default auto updates for Windows

It's an ill Win... d'oh

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

Never happier than when making things compulsory, Microsoft is floating the notion of making home versions of Windows download and install software updates automatically by default. You'll be able to switch it off, of course (for a while), but the joy of shipping things to home users is that most of them leave the system's default settings as is, either because they don't know any different or because (grief) they trust software vendors.

Seamless, auto-updating without user intervention is something that Microsoft has wanted for a long time, as The Reg has frequently pointed out, sometimes without even using words like "evil", "bunch of" and "control-freaks". But it's not something the company has been able to achieve in the past, and the last serious flotation of the notion, at the time of XP's rollout, engendered significant adverse reaction to the possibility of Microsoft 'controlling' your machine.

But that was then, and this is now. The Blaster plague of boils ripped through the user base, and Microsoft's security people are now suggesting that customers want their systems to update automatically. We have a healthy disrespect for that old Microsoft marketing catch-all, "customer demand", but we're inclined to trust the security mob a tad more than the rest, so maybe some customers do want it. Not that we entirely grasp why they don't just switch the bleeding thing on then, if they do.

The slightly higher trustworthy rating of the security people is not however reflected elsewhere in The Beast's command structure, which brings us why you don't want this to happen, reason number one. You'll note the Washington Post's report gives Microsoft's justification of XP SP1 control-freak licence as a 'clarification' of the company's "ability to verify product information and provide accurate updates." Whoever told them this black lie has a trustworthiness rating somewhere south of duplicitous snake; any security implications of the new licence terms were merely a happy side-effect of Microsoft's paving the road to DRM.

There's a clear tension here, in that the security side of MS is pushing to secure Windows from a relatively genuine perspective, while the bean-counter driven side of the company is pushing ROI. The efforts of the latter frequently undermine the ability of the former to achieve their goal, by maintaining the essentially untrustworthy status of the company, and you can never be sure whether, or to what extent, the latter are overruling the former.

It may however be that you're confident that all your software, including all of the entertainment content of your system, is legal, and you fully agree that Microsoft has a right to audit you, and to install patches to keep your/their software secure. Do you then trust Microsoft to automatically download and install those patches without asking you first?

Next reason - of course you don't. Microsoft has a long and inglorious record of producing updates that break more things than they fix, patches cause unexpected failures of other software components, and some updates (thank you, Redmond Duplicitious Snake Division) switch off useful old stuff that somebody in there wants you to stop using. Do you honestly believe that anybody within Microsoft responsible for producing patches is going to wager their grandemother's life on their latest effort not breaking anything? Of course you don't, so they don't entirely trust themselves either.

Which brings us on to a reason for Microsoft not going the whole way initially. It's currently just about conceivable that Microsoft could clean up its security update operation to the extent where they largely did what they said on the tin, and where breakages were largely isolated and minor, and to be fair this is mostly the case already. But it's not when it comes to more general updates, and sane souls within Microsoft will point to the potential PR disaster of crippling ten of millions of machines in one night and argue for the procedure to be ringfenced at security updates. Personal security updates.

But doing that properly isn't just a matter of Microsoft solemnly binding itself to security, and promising not to happily ski down the slippery slope at some point in the future when it thinks the coast is clear. We've heard from Solomon Binding in the past, and don't trust him either. We're probably talking about a free-standing security update system here, nothing to do with Windows Update, nothing to do with shotgun licence changes and nothing to with Microsoft's financial security. And - here's a novel one - it ought to be accompanied by a sort of green kryptonite licence, where rather than establishing its rights over you and the software it turns out you only thought you bought, Microsoft establishes rights for, and makes guarantees to, you.

Nah, couldn't happen. And even if it did we probably wouldn't trust them anyway. But we're like that. ®

Security for virtualized datacentres

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
'People have forgotten just how late the first iPhone arrived ...'
Plus: 'Google's IDEALISM is an injudicious justification for inappropriate biz practices'
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.