Why is Microsoft so frequently in this?

After all, one of the first things a WinXP / 2000 user is asked, is do they want to enable auto updates.

Yes, and my answer is always an emphatic NO.

After all, how many times has Microsoft's updates caused more problems than it solved? :)


In my opinion, the users who enable Automatic Updates are the ones who aren't being too smart... :)

Care to explain?

I'm running SP2 with no problems and with background downloads and installs enabled. I have absolutely never had any item in Windows Update hose my computer, and if it ever did, I have System Restore to which to revert.

The debate is pointless since it is a matter of opinion, anyway.

Actually, it's not just a matter of opinion.

It is a known fact that Microsoft has released patches in the past that have caused more problems than they solved. Users who updated automatically got hosed first, while those who were smart enough to wait and stay informed got the revised version and had smooth runnings.

And while SP2 might be working fine for you - it has caused no end of headaches for others. SP2 is acknowledged by anyone competant as an update that should be installed *deliberately* and under full knowledge of what you're doing. There are a lot of people out there who installed SP2 reflexively as soon as it came out. Do you know what many of them have in common? They're saying "Hey! Why isn't this program working!"

As for System Restore - that's a joke. System Restore rarely works as advertised. It is good for one thing, and one thing only - if your machine should become nonfunctional, System Restore has a good chance of reverting it to a functional state, at which point the best thing you can do is to backup your data and overhaul your machine.

You could, of course, take your chances and keep things running - but most of the time you'll find that things are not quite as they should be.


And Microsoft is not the only company to fall under this category. The fact of the matter is that first releases of apps or updates are often buggy. How long did it take for vB 3.0.2 to jump to 3.0.3, hmm?

Users who are set to automatically update invariably become no small portion of the guinea pigs upon which the rest of the world tests these first versions. This is not opinion - this is fact.


I've worked professionally with IT for almost two decades. While you may be fortunate enough to not have had any serious issues, I personally am acquainted with thousands of users who were not so fortunate.

They learned their lesson the hard way. I hope for your sake, that you don't learn in the same fashion as they did.

You are making statements passed off as facts. I back up my machine, and System Restore has always worked with a hosed driver or other issue.

Personal experience and making factual statements are two different issues. When making such posts, it would be more courteous to specifically state that you are making an opinion, not posting facts without statistical backup.

3.0.2 -> 3.0.3 wasn't caused by bugs. 3.0.3 was a minor release fixing a few bugs, released on the premise that most people haven't upgraded to 3.0.2 anyways.

If you want to point out a release of vB quickly followed by another due to bugs, 2.3.1 -> 2.3.2 is a better example.

For reference: 3.0.2 to 3.0.3 and 2.3.1 to 2.3.2.

Ah yeah, forgot about that e-mail bug.

Microsoft patch freezes some systems

http://news.com.com/2100-1002-993515.html?tag=fd_top

A patch for a security flaw that affects Microsoft's Web server software running on Windows 2000 has caused system freezes for some customers, the company said Thursday.

The company became aware of the problem after several customers who applied the patch, released Monday, complained that their updated Windows 2000 system wouldn't run, said Iain Mulholland, program manager for the Microsoft Security Response Center.

The problematic patch is not the first black eye that Microsoft has received in fixing a bug. Nearly two years ago, the software giant had to release a fix for its Exchange groupware server three times to get the update right.



IE Cumulative Update Is Messy

http://www.winnetmag.com/Articles/In...rticleID=38372


Microsoft released a security rollup for all versions of Internet Explorer (IE) on February 5; then, on February 12, the company released a hotfix that corrects an IE 6.0 authentication flaw the rollup introduces.



Microsoft SSL patch creating SSLowdowns

http://www.infoworld.com/article/04/...ftpatch_1.html


Some systems that use the security update, MS04-011, stop responding when they start up, prevent users from logging on to Windows, or bog down, Microsoft said in an article published Wednesday in its Knowledge Base online help database.

Since releasing the patch, Microsoft has encouraged customers to apply the it as soon as possible. However, now it appears that the patch comes with its own problems.

Microsoft's Knowledge Base article said that a software change in the patch causes Windows 2000 systems to repeatedly try to load drivers that cannot load successfully, causing the hangups. (See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;841382.)

The Redmond, Washington, company listed three software drivers that, if installed, make Windows 2000 systems susceptible to the slowdowns. The Knowledge Base article also described specific problems and a work-around procedure for Windows systems that have Nortel Networks' virtual private network client installed.

Faulty patches are a frequent source of concern for Microsoft, which encourages its customers to install security patches as soon as possible to protect Windows systems from attack. Network administrators, on the other hand, are often reluctant to move quickly with software updates, fearing that, once installed, they will break critical systems.


Microsoft fixing another faulty patch

http://www.tunexp.com/news/windows-story-114.html


Microsoft Corp. acknowledged yesterday that a recent security patch is causing problems on machines running the Windows NT 4.0 operating system.

Microsoft customers described a variety of problems immediately after downloading and installing the patch on vulnerable systems, including error messages and problems trying to log onto affected systems. RRAS allows remote users to securely connect to NT 4.0 systems over dial-up or broadband Internet connections.

The incident is the latest example of a security patch gone awry. In April, Microsoft was forced to acknowledge and fix a problem with a patch for Windows XP that caused slowdowns on systems that applied the patch.


Microsoft Exchange bug: Strike three?

http://news.com.com/2100-1001-268296.html?legacy=cnet


While Microsoft denied that it had received any reports of difficulties with its second patch for securing Exchange 2000 and 5.5, three system administrators have reported that the fix continues to hang their servers.

"This is the same exact problem as the first patch," said Chuck Myntti, a system administrator at the University of Utah, who had to rebuild the mail server to rid it of the pesky patch. "I'm really frustrated with Microsoft."

On Friday, the company pulled down the fix after several system administrators complained that newly patched exchange servers hung, leaving any inbound e-mail to pile up on external servers. The company also announced that the flaw not only affected Exchange 2000 but Exchange 5.5 as well.

Microsoft posted the latest patch Saturday, but some system administrators are claiming that the software is still not working.

"I worked with Microsoft (technical support) for three hours," said Trey Carr, manager of information systems for ZonaFinanciera.com, a trilingual financial news site. "Apparently, they are not done with this patch yet. They could not even get it to uninstall itself."

------------------------------------


You were saying?

Owned! ;)

You can never test a patch on every know machine running out there, a good admin knows that when it is time to patch it is time to back up. People and companys that do not do that pay the price in time.

But why is this even of importance in this debate? vB is not sending files to the users as microsoft dose, they are merly doing a version check.

Support staff pays in time, and time is money. I suppose you could argue that new support issues from new versions could take up more time, espescally if new versions fail on many installs. But as a company jelsoft has to have fath in their product and staff, or they will fail anyway.

I have always thought jelsoft has been fair with the issue, imho if you can not spot and remove the php code yourself then I don't think your ready to turn it off. I know that is alot of ask because of the many newbies that come here to learn without any experance, but that is always how I have felt about the subject.

Which is one of the points I brought up earlier. We were not talking about disabling the patching mechanism itself - just a notification message.


You are correct in that time is money - however, what I had stated was that this was no significant burden. The fact is that the need to tell people to upgrade doesn't really come about because they didn't see the "Current Version" listed in their AdminCP. It comes about because they don't research what's been fixed in the newer releases. Just because they have 3.0.1 and vB is up to 3.0.3 doesn't mean that their problem has already been fixed by the upgrade, after all.

The problem there is that the users in question don't research their own problem adequately before asking for help. That's not something that the version check helps with. Especially since in order to ask for help in the first place, they already have to visit the vB site - in which case they see what the most recent version is anyway! :)


I understand your point, Brad.loo - but I'm afraid I have to disagree with it. A company exec doesn't have to know how to personally implement IT security schema in order to know that it has to be done.

It's possible for someone to knowledgeably make this choice, and yet not have the technical skills to execute it.

To take an extreme example - it's not practical for Stephen Hawking to make this change (given the difficulty he has typing), but are you going to argue that he doesn't have what it takes to make a knowledgeable decision about the subject? :)

I have to say Ocean, I disagree entirely with what you said about piracy. As a software developer myself there is nothing more undermining than working for so long, just to literally have people come along and pirate your work. Remember most internet software development companies aren't almight powerful organisations. Most lack the resources to suffice a courtcase against suspected piracy distributers etc. Unlike with MP3's, we don't have some almight organisation fighting our battles, we have to do it ourself. Out of courtesy to the vB developers, for the sake of one minor call-home (which may be used to fight piracy, but mainly for legitimate uses), you could leave it there.

If a person pirates your application - but would not have been able to afford it even if they didn't pirate it - what money have you lost?

And if by doing so, they are able to spread the word that you have an application that's really good - aren't they giving you free advertising?

And if by word of mouth from this user who pirated your software, other users come across it and purchase it from you - isn't that money you gained that you otherwise might not have had (since without the word-of-mouth from the pirater in question, they wouldn't have even known that your software existed)?

And even if this person couldn't afford it him/herself - but they were able to recommend your software to the company they work for, and you gain sales that way - isn't that also money in the bank that you also would not have had were it not for this one pirate?



These are not some ambiguous hypothetical scenario. I see it happen every week. It's happened to me. I have made a huge amount of money for companies that would never have made those sales were it not for a pirated copy of their software that I ran across.

How does this harm them? (This scenario specifically) It doesn't. It's done them good and put money in their bank.


Remember, I didn't say that *all* piracy was good. I just said that good things can come about as well as bad. :)

This is a point i've been trying to put accross to the staff for ages now.

They believe that all pirates would part with the $80 or the $180 for the software if it wasnt available to them for free.

First, this is about as wrong as you can get. Second, they would just use phpBB or Invision even before *considering* having to pay, which i'm sure i'm right in saying less than of pirates 1% would end up paying for VB if they couldn't have it for free (priated).

It's like the RIAA / Record industry. "Napster and the like cost us $XX.X Billion a year". No, they don't cost them ANYTHING, as a tiny tiny fraction of those people would pay for what they would have pirated.

Again this is unjustifiable. They shouldn't be downloading the music illegally in the first place.

Exactly.

But once *again* you don't explain the arguements put accross by VBorg or VBcom staff that piracy is costing them SO much money they may have to put prices up for us!

If anything, it would increase piracy too :)

Most people who copy software or download illegal music files can afford to pay for the software. Just because they don't want to pay for it and probably will not pay for it, doesn't mean that they cannot afford it. They just prefer to save money and spend it on something else.

Pirating software or music is stealing and is against the law. It's also morally wrong. You can justify it however you want.

I think most programmers and musicians prefer to get paid for their work rather than get free advertising. As would a baker, doctor, truck driver etc. Just because the work of a programmer or a musician is easily copied does not make it right to steal their work.

Again, your logic is flawed since you are trying to justify the theft of intellectual property by saying that it advertises the original product. Why would anyone pay for the original product if they can get it for free? For example, if I can buy a fake Rolex watch for less price and it's just as good, why pay for a real one? Let alone if I can get if for free.

No, you are stealing money from them by stealing their product/ intellectual property. You are stealing their money by stealing the time and effort they put into the product. You are using their product without their permission and consent.

Try to justify it however you want.

Just because good things can come out of a bad thing does not justify the bad thing. Most bad things have good things in them - so what?

Most people who promote piracy are the end-users - most software developers, musicians and holders of intellectual property do not support the theft of intellectual property and breaches of copyright because they are the ones who suffer - not the end-users.

Anyway, we all choose to live our lives the way we want. :) You choose how to live yours, and I will mine. I'm just putting forth the argument that piracy is not as "great" as you make it out to be. :)

Erwin, you missed the point. I never argued the morals or ethics of pirating. I was responding to the claims that pirating is responsible for huge financial losses, and does nothing but harm to developers.

I was simply arguing that that statement was untrue. Not whether pirating was justifiable by itself.


I never said it was.


My logic is solid, because I'm not trying to justify anything. I'm saying that in many cases, developers earn more money as a result of piracy than their hypothetical losses. This isn't theory, I see it happen all the time.

I've bought software based on the recommendation of someone else who had a pirated version - and this was software that I did not know previously existed. The money I paid that developer was a direct result of a pirated copy that that person would not have bought in the first place. Ergo, the developer made money from that pirated copy, and lost nothing.

In addition, I have recommended it to other companies, and so the developer has continued to rake in more money as a result of that single pirated copy. I'm not claiming that this justifies anything - all I'm saying is that it's not the "piracy does nothing but ruin companies" attitude that developers love to claim.


As to your first point - if you wouldn't have bought it anyway, than the developer loses nothing. I'm not arguing ethics - just financial loss and gain.

As to your second point, read my post more carefully, please. :)


Ironically enough, I once visited a software developer's website where he gave his own opinion on piracy - and it almost exactly mirrored mine. He did feel that it was okay under certain circumstances, and he said that he had no problems with users using his software in that manner.

This was a year or two ago, unfortunately, and I can't remember what the site was - but if I can find it again, I'll post it. :)


Erwin, please read the posts carefully. As I specified above, I wasn't trying to justify anything - just countering the popular claims by developers against piracy.

And as I also stated, I did agree that piracy can do bad things for developers. I just disagreed that it couldn't also do good things. :)

Actually we spend tens of thousands of dollars because of Piracy on a monthly basis. There are lost support hours as they try to get support from us. There are lawsuits because the software is being used in an illegal manner and "we gave it to them". There is a full time lawyer on retainer. In the past, we have even caught one competitor using a pirated copy simply to copy features out of the software. However, the most widespread use of piracy is customers who purchase a single license and then power half a dozen or more forums on different sites with it.

The truth is that many actually purchase a copy when they are confronted with the fact that we know they have been running a pirated copy, usually within 24 hours of notification. However this is because they risk losing their data because we will have their providers pull the plug.

So we have had to come to some sort of compromise in making the software available. Either it can be visual source and we can track where it is running or we can encode it with Zend Encoder, which while lowering our potential marketshare lowers the risk of Piracy as well.

If a company selling forum software is generating enough excess money to invest tens of thousands of dollars a month in your anti-privacy teams, then you don't need to worry about small scale (typical gaming clans) pirating the software, thus, you can spend less on anti-piracy and therefore avoid raising the price to us :)

I never said that piracy doesn't result in a loss of money - just that it doesn't always result in a loss of money (taken on a case by case basis).

And your providing support for pirated versions of vB doesn't count (in my opinion) - as doing so increases your standing with vB users across the world (pirated as well as legitimate). In effect, you are improving your PR immensely.


Poll your users to see how many of them purchased vBulletin directly because they encountered (or used it) first as a pirate version. The answer might surprise you. :)

I could really use this. Too bad it's gone.

My situation: I am a licensed owner. I have a test board set up on my Mac to test hacks and create new styles. This test board is not displayed but I must have web sharing on in order to access it with the local IP. "Localhost" will not work. However, when vBulleting calls home it kills my local sql database forcing me to reinitialize the database every time I want to use the test forum. If I could simply stop the test forum from calling home it would stop ruining my local database.

E-mail me at jamie[at]ecarnate.com :)

That sounds totaly off, the call home would NOT crash your mysql as it doesnt even use mysql, it uses a php function O.o

I want to know what the call home stuff sends you guys, don't give me the "It just checks the version number crap." If it would only do that then it would only be needed in the AdminCps index.php file, but theres other call homes, too. (Ex: adminfunctions.php, $ratval should be a hint)

It sends a license number as the only extra information, I believe. It doesn't send usage or anything.

Look at it this way, odds are pretty good if it does send Vbulletin something, it's not like it's already stuff they don't already know about you from when you registered. Besides, I feel only those pirating boards would care. IMO.

Aren't only licensed users ( with valid license/customer ids ) allowed to submit support tickets where staff/developers have to help out in clearing ?

Also, aren't only valid customers allowed to get support on vb.com ( and other vb official sites ) ?


Isn't it stated when in the license agreement that :
That does not mention a purchased and valid ( legal ) version of the Vbulletin software ?


Since the code is not encoded, even a legal copy can be copied.
I am of the opinion truely smart competitors grab all possible competitors' software available legally and with full support, to get access to the code, be able to get answers in support etc. to know the full inside out of the software code proper, as well as to other aspects of the software, from customer support, marketting etc.


Just my 2 cents.

I dont even know what this hack its.

It's not a hack... it's a part of vB that Jelsoft (makers of vB) checks to see if you have a legal copy of vBulletin

It doesn't bug me one bit.

That's good... Jelsoft is making it harder for pirates to protect themselves.

Say if you make a software and you want everyone to pay for it who use it... Would you want to make it easy for pirates to steal your software? I'd think not. So you make it harder for them to steal it.

Does that make sense?

The sheer ignorance of this remark alone makes any other argument you made worthless.

"By helping criminals, you improve your image by encouraging more theft simply by offering support that is subsidized by those who actually pay for the product."

Anyone who thinks the percentage of illegal sites is insignificant has never run a software company.

This has turned into personal attacks so thread closed.

Closing remarks:
1. Be nice to people.
2. vB does send information back to Jelsoft servers, limited to HTTP protocol stuff and your license number, not usage statistics, for piracy reasons.
3. It is allowed to remove this call-home code, but it is not allowed to be posted on official Jelsoft sites, of which vB.org is one.
4. Piracy always hurts a company, no exception. Piracy is not a form of free advertising, it is felony theft.