Thread: XP Service Pack 2 Bomb
View Single Post
  #13   Spotlight this post!  
Unread 13-07-2004, 10:18
Tristan Lall's Avatar
Tristan Lall Tristan Lall is offline
Registered User
FRC #0188 (Woburn Robotics)
  
Join Date: Aug 2001
Rookie Year: 1999
Location: Toronto, ON
Posts: 2,484
Tristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond reputeTristan Lall has a reputation beyond repute
Re: XP Service Pack 2 Bomb
To preface this post, I think that it has to be restated that the article alleges that Microsoft is planning to issue code that would render a user's hard drive unusable, if certain licencing conditions are not met. (I consider that possibility to be remote.) The allegation is therefore one of willful damage, rather than a mere witholding of service (which is justified, if not necessarily prudent).

Quote:
Originally Posted by Nick Fury
I would love to see this case tried because the first thing is that MS isn't going to give up source without a very long and drawn out fight. I point to SCO case. SCO isn't nearly as powerful as MS and they haven't shown any code yet.
Actually, you don't need to see the code from the start. Just have the court order a test of the software in question. A blacklisted CD key is used on a new XP installation, and SP2 installed. Repeat this test several times, (under the supervision of notaries public and computer experts) and analyze the results of the tests (to eliminate other causes of failure). If a predictable pattern of data damage results, it's a smoking gun--it would very possibly be enough to convince the court to subpoena it out of Microsoft (and/or to compel MS employees to testify about it).

Now it's not a perfect idea--the destructive code could have been written to make this difficult (e.g. randomize the damage). But it's a start.


Quote:
Originally Posted by Nick Fury
Secondly you are still talking about a pirate Vs a capitalist company. Under the current circumstance and media hype surrounding piracy and the fact that it is constantly portrayed in a bad light, no court or judge is likely to take a case like this serious. Also, intentional damage isn't being caused by Microsoft because you can't update a product you didn't pay for. The only person causing damage is the virus writer (I'm not gonna say if that is intentional or not, it's irrelevant). The fact of the matter is that MS is discouraging piracy of their products. Also, updates and such are a service, not a part of the product. I already brought up the point that the pirate didn't pay for the license so is the pirate entitled to the service that the license provides? (although the WinXP EULA doesn't provide a service for updates).
You don't have to be a pirate to be affected--what if a corporate key was stolen (e.g. by ex-IT department personnel), and unbeknownst to the company, was distributed. Microsoft would have to ensure that it contacted the rightful owner of the software, issued them a new key, and ensured that traces of the old key had been removed (so that no hapless co-op student would use the wrong key on an upgrade, and destroy someone's workstation). All this, before even blacklisting the key. Failure to do that much could be considered negligence, if Microsoft had a duty to inform it's customer that it was about to do something drastic with that customer's key, which had the potential to do serious property damage as a result of normal use, and instruct them how to remedy the situation--irrespective of whether Microsoft were found culpable of sabotage for including the code in the first place.


Quote:
Originally Posted by Nick Fury
As per the movie/record industry deleting files form a hard drive. This is a different matter altogether. These people don't have the right to create malicious code just as much as I don't have that right to. I don't care if you have a devine purpose or not, you don't have the right to destory data on my systems without my permission. MS isn't destorying data though, they aren't releasing viruses they are only denying access to updates, which is understandable in my opinion.
The original article accuses Microsoft of doing just this--intentionally putting destructive code in their product, for the express purpose of destroying data, and possibly hardware. (Yes, you really can do serious damage to hardware with code--it isn't at all easy, but malicious firmware updates immediately come to mind.)

They'd never get away with it. If you don't believe me, just look at the anti-Microsoft climate that prevails in the U.S. these days--a handful of insignificant government employees (from a redundant department, but that's another discussion) recommend that Internet Explorer be put out to pasture, and lo and behold, media outlets take the opportunity to pick on Microsoft's errors, real and fabricated. Whether Microsoft is in the right or the wrong they'll be massacred in the press if they pull a stunt like that.