Security Basics mailing list archives
Re: microsoft updates
From: "Vince Hall" <vince () getpchelpnow com>
Date: Wed, 2 Jan 2008 17:55:22 +0000
If a client of mine has pirated software on their machine. I will not remove the infection without replacing the software with legitimate and legal copies. If they do not want to pay for software run ubuntu. News flash, just about every cracked or pirated copy of software on the net comes with its own unknown infection! Yeah go download that keygen from that trustworthy russian guy on the web. I am sure that he distributes and releases builds of pirated software from the kindness from his heart. From what I have seen most botnets are from the pirated copies or cracks themselves, not from the lack of updates. Sent from my BlackBerry® wireless device -----Original Message----- From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> Date: Wed, 2 Jan 2008 16:24:19 To:security-basics () securityfocus com Subject: Re: microsoft updates On 2008-01-02 Worrell, Brian wrote:
On Monday, December 31, 2007 4:14 PM Ansgar -59cobalt- Wiechers wrote:On 2007-12-31 Dave Koontz wrote:Umm... check out Windows Genuine Advantage. Pirated copies will fail updates (as they should).No, they shouldn't. Not being able to update won't magically make people buy Windows instead of running pirated copies. They'll just cease updating, so we'll continue to have a healthy bot population. Thank you, Microsoft.Many Pirated copies of XP I have seen where infected with Trojans or had files missing in the first place. But that aside, if M$ let people update pirated copies, would that not let more people think they can pirate it, rather than buy it? Which would make a larger bot network by your theory?
I don't think that prohibiting updates (or making updating an annoyance) for users of pirated copies will have much influence on the sold to pirated copies ratio. Like I said before it's much more likely that people will continue to run pirated copies and simply stop updating. So, without WGA you have a significant number of pirated copies with a nonzero chance that they will be patched up. With WGA you'll have roughly the same number of pirated copies, only now most of them won't be patched. I'd say it's rather clear which scenario makes the larger bot net. cu 59cobalt -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- RE: microsoft updates Worrell, Brian (Jan 02)
- Re: microsoft updates Ansgar -59cobalt- Wiechers (Jan 02)
- Re: microsoft updates Vince Hall (Jan 02)
- Re: microsoft updates Alexander Klimov (Jan 03)
- Re: microsoft updates Vince Hall (Jan 02)
- Re: microsoft updates Ali, Saqib (Jan 02)
- RE: microsoft updates Worrell, Brian (Jan 02)
- Wired security improvements Jesse Rink (Jan 03)
- Re: Wired security improvements Kurt Buff (Jan 03)
- Re: Wired security improvements Andrea Gatta (Jan 03)
- Re: Wired security improvements Garry Baker (Jan 04)
- RE: microsoft updates Worrell, Brian (Jan 02)
- RE: microsoft updates Pranav Lal (Jan 03)
- RE: microsoft updates jmacaranas (Jan 03)
- Re: microsoft updates Ansgar -59cobalt- Wiechers (Jan 02)
- <Possible follow-ups>
- RE: microsoft updates David Harley (Jan 02)