rulururu

post Microsoft is updating you without you knowing it!

September 24th, 2007

Filed under: privacy, security — mike hall @ 9:42 pm

Everyone panic! You’re getting updates even when you specified not to! I don’t know about you, but I’ve made peace with the fact that Microsoft can get to me whenever they want to. Sure if you specified to download updates but to ask before installing or worse yet not to check for updates at all, and you still get updates, that’s bad. But the fact is that when you configure your update settings, you’re still trusting Microsoft that that’s what they actually do. You may click that radio button, but they still need to honor it. And who really truly trusts Microsoft nowadays anyway?

As Bruce Schneier points out, this is a pretty big hole. He claims that if Microsoft can use this remote install capability to install updates, why can’t anyone else exploit that capability? I would think that Microsoft would have the foresight to lock it down with some good certificate exchanges and encrypted communications, but this is Microsoft we’re talking about.

Either way, what’s to say Microsoft couldn’t do this with XP or 2000 before? We simply don’t know. They wrote the freakin operating system. Who knows what’s in there? When you’re dealing with a closed source operating system, you just really don’t know. Like it or not, you’re trusting Microsoft…

2 Comments »

  1. Trust Microsoft? Trust Microsoft????

    Of course I trust Microsoft! We all do - implicitly! (As you mentioned…) I’ve made my peace about it too - if anybody hasn’t, they really should be using a Mac, or Linux.

    What’s really funny is that the number of people who actually care or think about about whether they’re trusting Microsoft or not is like 1 one-thousandth of 1 one-hundredeth of 1 percent of people who rely on MS every day. So MS is like, “Don’t trust us? Ah well. Yo momma does!”

    BTW, I need to look closer at my auto-update options next time. :)

    Comment by Aaron
    September 25, 2007 @ 5:48 am

  2. […] 26th, 2007 Yesterday I talked about Microsoft’s stealthy updating and what that means to Windows user. This post in the same vein. This is about AT&T and […]

    Pingback by Stop the spying « i like ellipses…
    September 26, 2007 @ 3:32 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

ruldrurd

Powered by WordPress, Theme based off the "I'm Okay" theme by Laurentiu Piron

Creative Commons License This work is licensed under a Creative Commons Attribution 3.0 United States License.


Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.