
Microsoft's Software is Malware - talles
http://www.gnu.org/philosophy/malware-microsoft.html
======
laumars
_> "Microsoft cut off security fixes for Windows XP, except to some big users
that pay exorbitantly."_

XP has had longer support than any Linux distro out there (aside the rolling
release ones, but that's a little different).

I know this submission is intended to be biased, and I do honestly favour
Linux over Windows anyway. But surely FUD like the above is so painfully
transparent that it only undermines the credibility of the larger argument?

~~~
bad_user
Lets not forget that Windows XP is a commercial product, for which people paid
money and that was the only reasonable choice for about 8 years, the gap
between the release of XP and that of Windows 7 (Vista was a flop due to poor
drivers).

In these 8 years a lot of companies and individuals bought computers and then
stayed on XP because (1) Windows upgrades cost money, (2) compatibility issues
and (3) fear of upgrades (Microsoft never educated its users to upgrade, quite
the contrary, they've made Windows users fear upgrades because of their fuck-
ups with Windows ME or Vista).

Windows XP reached end of life on April 8, 2014, with people being stuck on it
without a migration path. Nowadays 5 year old desktops and laptops are often
good enough and don't need to be replaced. If you had a company with dozens or
hundreds of computers, what would you do? Would you pay $120 before taxes for
the Home edition or $199 before taxes for Pro, per computer? Would you try to
negotiate better terms maybe? Or would you stay on XP because it works? The
offer for a 1-year free upgrade for Windows 10 is not valid for XP and Vista.

And yes, Microsoft supported XP for 12 years. That's 4 years after those 8
years in which XP was the only choice. That's hardly an accomplishment.

They still have users on XP. For those users they have an ethical
responsibility to provide security fixes, or a cheap migration path (why is
the upgrade to Windows 10 not valid for XP?), or the source code such that
they can fix problems by themselves.

~~~
laumars
I think it's a bit selective to exclude Vista's timeline from XP's concurrency
just to make a point. But even that aside, 4 years of concurrency is still
pretty good compared to most other Linux distributions. Ubuntu Desktop's long
term support (LTS) is only 3 years and that's one of the better supported
Linux desktops. Granted Ubuntu Server LTS is 5 years, but then we'd have to
compare Linux with Server 2003 to be completely fair.

The only real complaint I have against Windows' support is that it's update
utility, "Windows Update", makes the whole process unnecessarily painful
compared to the most Linux package managers.

Just as an aside, Windows Home (which you mentioned the cost of compared to
Pro) wouldn't be an option for many businesses because you can't join Home
editions of Windows to a Windows domain.

~~~
scholia
"In previous releases, a Long Term Support (LTS) version had 3 years support
on Ubuntu (Desktop) and 5 years on Ubuntu Server. Starting with Ubuntu 12.04
LTS, both versions will receive 5 years support."
[https://wiki.ubuntu.com/LTS](https://wiki.ubuntu.com/LTS)

------
RyanZAG
It's all true and yet not true at the same time. Each item on the list has
valid business requirements and is needed.

For example, the backdoors are required by government, and Microsoft is not
above the government and cannot really refuse if it is a legal requirement for
national security. They're not exactly designed as backdoors either -
mandatory security updates are necessary to prevent the spread of botnets.
There is a valid argument that users should not be allowed to stop these
essential security updates. Unfortunately, there are far more changes than
only security updates.

DRM is pretty much required for Microsoft to be able to get into distributing
media for a fee. The same applies to a lot of the rest - it's all for being
competitive in a world where Apple and Google are doing the same thing.

However, that they are all legitimate doesn't actually change that it really
is malware at the end of the day and this page is pretty much true.

~~~
forgottenpass
_Each item on the list has valid business requirements and is needed._

So, the Yuppie Nuremberg Defense? [0]

Regular malware-malare has a valid business reason for showing you ads and
exfiltrating private data too. It's harder to defend because it isn't bundled
with a featureset the user also likes. But nobody downloaded BonziBUDDY or hot
screensaver packs because they wanted the ads.

[0]
[http://www.imdb.com/title/tt0427944/quotes?item=qt0418062](http://www.imdb.com/title/tt0427944/quotes?item=qt0418062)

~~~
rando289
Yup. [http://mimiandeunice.com/2010/08/25/for-the-
children/](http://mimiandeunice.com/2010/08/25/for-the-children/)

------
ChrisLTD
_" Microsoft cut off security fixes for Windows XP, except to some big users
that pay exorbitantly. (...)

A person or company has the right to cease to work on a particular program;
the wrong here is Microsoft does this after having made the users dependent on
Microsoft, because they are not free to ask anyone else to work on the program
for them."_

Microsoft did not make anybody dependent on them, and should have zero
obligation to open source Windows XP. There are thriving alternatives to
Windows like OS X, Android, Chrome OS, and iOS that XP users could have moved
to in the last 14 years.

~~~
wosos
I think the problem is that they won't allow anyone else to continue working
on it

~~~
ChrisLTD
That's only a problem if Microsoft promised or implied XP would be updated
indefinitely. Is that the case?

~~~
johncolanduoni
Not that I agree, but the FSF's issue with non-free software does not seem to
be purely based on those who sell proprietary software lying (or being
unclear) about the limitations, but at least partially on the fact that they
even offer such "raw deals" to begin with.

~~~
Silhouette
Given that Microsoft has long published the support lifecycles for its major
products, and that those support lifecycles are often guaranteed (as much as
anything in the commercial world can be) many years into the future, any
criticism on this score just feels like bad faith.

The alternative is to take your chances with free software where outside of
any commercial support agreement with a specific provider you generally have
no actionable guarantees of any kind that your support will last as far as the
time your installation completes.

------
outside1234
All of this is true, but where is the equivalent attack on Google, whose
software is essentially entirely designed to spy on you. Isn't that also
Malware? Or is this sort of malware ok because it runs the Linux kernel?

I really want to support GNU and FSF but they seem to be constantly fighting
some 20 year stale war against a company that is in many ways way more open
than Google, Facebook, and Apple.

~~~
bitmapbrother
One more thing, Microsoft is a hypocrite. Microsoft employed a number of
marketing campaigns to smear Google. They even went so far as to hire Mark
Penn, a political smear campaign hitman, to carry out their plans. Now that we
know all of the nefarious activities Microsoft has been up to and tried to
conceal from the press their actions are even more despicable. From breaking
into their users accounts and rifling through their documents, giving the NSA
full access to Skype, online storage and email and the spyware infected
Windows 10 that they're now trying to impose on people unwillingly.

As for your question, it's better to attack a hypocrite that claimed to
champion privacy when in reality they did just the opposite.

~~~
oldmanjay
What hypocrisy are you referencing? I'm not really questioning the veracity of
your list of items, to be clear. I just don't see anything that fits the
definition of hypocrisy.

~~~
threatofrain
The hypocrisy is that Microsoft wants us to remember that we're getting
Scroogled, but ignore that they are just as bad for privacy. Personally I
don't care about hypocrisy; people can flip flop all the time, and maybe it
indicates a flexible mind that updates based on new evidence.

What bothers me is the dishonest implication that Microsoft is good for
privacy, and that the anxiety they wish to arouse for Google shouldn't be
placed back on Microsoft.

------
johncolanduoni
I'm not a fan of pretty much anything on this list, but I do think the thing
about phasing out Windows XP does stand apart. I don't know exactly how long
you should expect an OS to be supported, but I feel like 12 years falls
somewhere on the right side of that line.

They add the following disclaimer about that:

> A person or company has the right to cease to work on a particular program;
> the wrong here is Microsoft does this after having made the users dependent
> on Microsoft, because they are not free to ask anyone else to work on the
> program for them.

which if that is the case, means the whole spiel at the beginning about non-
free software not automatically being malware in the FSF's eyes pretty empty
if "non-free software not supported forever" _is_ malware.

~~~
rando289
Nice pacemaker you have there, unfortunately, we've ceased supporting the
software, and you are too old for a new one to be implanted, so it might break
or get hacked and you'll die. How long would you expect us to support it?! And
obviously we can't give away our intellectual property!

[https://www.softwarefreedom.org/news/2010/jul/21/software-
de...](https://www.softwarefreedom.org/news/2010/jul/21/software-defects-
cardiac-medical-devices-are-life-/)

~~~
johncolanduoni
Strawman much? Windows XP /= pacemaker. Just because I disagree with this line
of reasoning for Windows XP, doesn't mean I do for critical medical equipment.

Although XP is unfortunately used for some other medical equipment. However I
think the problem there was using a consumer desktop operating system as an
integral part of a medical device in the beginning.

~~~
rando289
Honestly I think hn, and generally internet commenting sucks because it's
mostly all arguments. 1 person says something in a blog/article, 90% of top hn
comments are criticism & counter argument, 95% of replies are arguments
against the parent, on and on and on.

It wasn't an argument that your comment was wrong, so it wasn't a strawman, it
was just an example of something. And then you later go on to agree with me
that should be supported because it's proprietary and no one else can support
it is subjective and changes based on the use case, eg. medical equipment
which runs xp.

------
cwyers
"Malware means software designed to function in ways that mistreat or harm the
user."

Some days I'm pretty sure bash is malware, too.

~~~
laumars
Especially older unpatched versions of bash with the auto-execution of
functions inside environmental variables.

------
ramblerman
Hmm, I agree with the some of the points on this page but the language used is
incredibly childish, "Microsoft Tyrants" and "Microsoft Sabotage"....

I think there are better ways to educate and spread this message. Whoever
wrote this page is a bit too emotionally vested imo.

~~~
oldmanjay
It's preaching to the choir in the guise of persuasive writing. Almost
literally, given the religious nature of the gnu belief system.

------
dsr_
I like the FSF. I like the fact that RMS exists.

I love open source software, and I even like the GPL a fair amount.

Do I think this goes too far? Absolutely. The Free Software position is that
the benefits of Free (libre) software outweigh all of the disadvantages, so
anyone who chooses proprietary software has already made a big mistake.

Given that the mistake has been made, there's no particular advantage in
castigating the manufacturer of that software for living up to the FSF's
predictions. It's not a surprise, and the FSF is much better off pointing out
that, sure, enough, they told you so, and it happened. Make a better choice
next time. Here are some alternatives to help you out.

This is a tactical mistake.

~~~
rando289
You like the FSF? Point #1 fsf makes is that proprietary = wrong/bad/malware,
period. Malware is mostly just a synonym. So if point #1 is too far, you
really don't get it.

~~~
johncolanduoni
You can appreciate the FSF and Stallman without agreeing with everything they
say. I think they did a lot to put open source on the map, and make us aware
of the dangers with closed source software in certain areas, even if I think
that their stance is overzealous.

~~~
rando289
> they did a lot to put open source on the map

Nope nope nope. They've publicly been the biggest voice to erase "open source"
from the map since it was coined. All while acknowledging that it has mostly
the same goals as the free software movement.
[http://www.gnu.org/philosophy/open-source-misses-the-
point.e...](http://www.gnu.org/philosophy/open-source-misses-the-
point.en.html)

~~~
oldmanjay
The unfortunate thing about gnu and the fsf is that they think connotation
management and "clever" wordplay are effective marketing strategies.

~~~
rando289
"Open source" was designed for the sole purpose of being "clever" wordplay and
an effective marketing strategy, so you really can't blame fsf on that one.

Words matter. See "pro life" vs "pro choice", see "terrorist" vs "criminal"
see "migrant" vs "alleged refuge", etc. etc.

The tech press are mouthpieces for the big corporations, and all of the big
corporations do not want free software messing with their profits, so they use
and coin words which align with their interests. It's perfectly natural for
fsf to use different words.

------
diivio
[http://www.gnu.org/philosophy/android-and-users-
freedom.en.h...](http://www.gnu.org/philosophy/android-and-users-
freedom.en.html)

Stallman feels the same way about Facebook as well. He got mad at Berkeley
when he came to speak and found out someone posted a Facebook event about him
coming to campus to speak lol.

He also feels cloud computing endangers us because we aren't in full control
or fully aware of the computations being done with our data.

(He told us this at a meeting in Berkeley back when I was in school)

So he has similar views on Google, Apple, Facebook but only Microsoft is being
hated on here lol

His views are a little extreme. even if his points are valid they seem
impractical given the computing paradigms and cultures of today.

Don't get me wrong I work at Microsoft in hybrid cloud storage in a team
that's a startup that got acquired and I think not having the NT kernel under
a GNU v2 license is sad. Any kernel imo should be open source but I don't want
to get into a debate on this at least not today.

But I'm glad people like him still exist.

~~~
jacquesm
Stallman has the nasty little habit of being right in the long run. So even if
his views may appear 'a little extreme' today give it a decade or two, you'll
come around.

~~~
tzs
It's easy to be right in the long run. What's hard is doing the right things
in the short run that will bring about that long term rightness.

Stallman is basically like Richard Altmayer from the Asimov short story "In a
Good Cause—" [1].

[1]
[http://www.epubsbook.com/ScienceFiction/Asimov41/27354.html](http://www.epubsbook.com/ScienceFiction/Asimov41/27354.html)

~~~
jacquesm
I think RMS did plenty of things in the short run back in the day that brought
about more than just a little bit of long term rightness _and_ good. The fact
that it's easy to discount him in the present while he's still working away at
moving the needle, not just for the day after tomorrow but also for tomorrow
itself is quite special. Anybody else with a track-record like that would
probably get a more receptive audience. Now if only he'd get his 'PR' to be as
effective as his vision, that may make an even bigger difference.

------
gkop
I had the opportunity to try Windows 10 last week. I was surprised to find
that Windows now has pop-up advertisements for Office and Bing _embedded in
the OS itself_ that recur during day-to-day usage and cannot be dismissed.
That seems wild to me. Also, contrary to opinions that I have heard on HN and
elsewhere on the web, Windows 10 is typical poor quality Microsoft software,
_not_ one of the "good" Windows like XP and 7 were. For example, there are
literally two control panels that are different: the classic control panel and
a Settings tool (not a different view of the control panel but something
completely different) that comes up when you search for various settings in
the Start menu. The Start menu is super clunky and slow as well.

~~~
HelloMcFly
> I was surprised to find that Windows now has pop-up advertisements for
> Office and Bing embedded in the OS itself that recur during day-to-day usage
> and cannot be dismissed.

Where are these? I use Windows 10 at home and work, and what you're referring
to doesn't ring a bell at all. I already have Office on both machines though,
so that may explain one portion.

~~~
forgotAgain
I confirm that Windows 10 shows advertisements to install Office. They appear
as small popups in the notification area of the toolbar. This was on a fresh
upgrade of a Windows 8 machine.

In task manager I found a running program (which I can't recall the exact name
of but the purpose was obvious) that was for posting ads to install Office. I
searched for the name and found instructions for uninstalling it.

I don't know if there are others or not. I only ran Windows 10 for a few hours
to check it out.

------
bad_user
> " _In practice nonfree software is often malware, because the developer 's
> awareness that the users would be powerless to fix any malicious
> functionalities tempts the developer to impose some_"

I'm finding this claim from the article to be very true and it's a pity. Users
are often powerless in fixing the software they bought, or the services they
subscribed for, with the cost of switching to something else being often very
significant. Users are also often uneducated or ignorant in what the software
does, not realizing the long term consequences of their interactions with
software.

And because users are often powerless or uneducated or ignorant, software
developers feel empowered to move the boundaries, preferring to ask for
forgiveness than for permission as they say, with current casualties being the
loss of privacy and even the loss of freedom of speech. And then it isn't a
wonder that intelligence agencies get a free pass to spy on everybody's
communications, I mean if the software makers and the service providers are
doing it themselves, the government would be stupid to not be a part of it,
given that we've made it so easy.

I've always disagreed with Richard Stallman's stance on Free versus Nonfree
software, preferring Open-Source instead and being relaxed about developing
and using nonfree software. I've always said to myself that many companies are
doing a good job and software developers have to eat, including myself. But
some of FSF's arguments hold very true and it makes me wonder. Maybe Free
Software is the only ethical choice.

------
beat
When was this written? 2002? It feels archaic. Right down to the antique cvs
$Id$ tag used for the file version at the bottom. It's like the open source
version of some crufty enterprise legacy code.

------
ksk
I think the reason why people (who aren't already RMS fans) don't agree with
some of his views is that he has not made a good moral argument against
proprietary software. The writings[1] on the moral question fail to convince
most people, who then reject other positions that build on that foundation. We
see some of that whenever people link to his writings.

Even if people do not produce material objects, I think that products of labor
especially those can be exchanged for material wealth do require legal
protection. (Note that this is separate from Intellectual Property, as in
simply thoughts and ideas)

If you want proprietary software to go away, you should pay people to write
even more open source software and then give it away. You should not have an
agenda that demonizes people trying to earn a living. Calling someones means
of living as illegitimate/immoral/unethical is simply going to ensure that
they never support you.

[1] [http://www.gnu.org/philosophy/why-
free.en.html](http://www.gnu.org/philosophy/why-free.en.html)

------
johncolanduoni
My biggest problem with the FSF's point of view is that they see these kind of
eventualities as inevitable for _all_ non-free software.

I would claim that there is not only room for non-free open source software
sans abuse, but even closed source software. When it comes to something you
want to use as a core foundation on which to build (whether you are building
software, general business, academic work etc.) I completely understand how
this is very likely to lead to you being exploited. This applies for example
to an operating system, or a programming platform (JVM, .NET, etc.). But there
are plenty of places where you can use closed source software that don't put
you in such a disadvantageous position.

One example is non-required tooling like an IDE. If Jetbrains goes Dr. Evil on
everyone tomorrow (though I guess some would argue their recent pricing model
changes have done that), there is still Eclipse and plenty of room for someone
else to break into that space. Changing IDEs isn't nothing, but it's not like
I'd have to rewrite my code.

Another is various general XaaS offerings. If Heroku (or more likely
Salesforce) goes off the deep end tomorrow, worst case is that I have to
administer some servers myself. Again, I don't lose anything that I would have
had before anyway.

The current trend is already building everything on top of open source
infrastructure. Even the JVM and .NET are open source now, as are most other
pieces of the development puzzle (Databases, libraries of all shapes and
sizes, etc.). In fact, I don't think even a big player like Microsoft would
have much luck trying to get people to invest in another closed source
platform. So if we walk this line between open and closed software, what do we
lose by using some _replaceable_ closed source tools or services? That is one
question I think the FSF doesn't have a good answer for.

~~~
zeveb
> Changing IDEs isn't nothing, but it's not like I'd have to rewrite my code.

You'd have to rewrite any IDE code you've written, which isn't nothing (that
pain is a good part of the reason why emacs is still stuck on elisp instead of
Common Lisp).

------
eka808
And after reading that, let's take a deep breath and think about Android.

From my personal opinion, it's not better than and maybe worse : \- Obligation
of having a G+ account. Disable it is NOT straighforward at all and it will
try to recreate himself often. \- Personal content publicly uploaded/displayed
in G+ account I had the bad surprise, and few friends also to see that the
photos taken with my android phone were automatically published on my G+
account !

When you notify what it's visible, you are are afraid about what is not
visible...

~~~
frik
In Android you can deactive all phone home and cloud features, also most
Android device manufactore add various apps that require no cloud connection
at all. The same goes for iOS were it is even easier.

In contrary to Windows 10 were you can't deactivate several phone home and
cloud features. Severals apps are only shipped as cloud-only. The Windows
update is forced on you and cannot be deactivated. And to top it, every
feature update (like Threshold 2) resets your personal privacy settings and
more as it is basically a system upgrade that often also replaces device
drivers. So Android, iOS, OSX and all other OS incl. Windows up to v8.1 are
way better for the _end user_ \- as there they still have the choice and
decide for themself.

~~~
scholia
It takes a lot more than cutting Google out of the OS to truly make it secure
and private: [https://blog.torproject.org/blog/mission-impossible-
hardenin...](https://blog.torproject.org/blog/mission-impossible-hardening-
android-security-and-privacy)

\---

Report finds Android/iOS apps regularly 'spy on users'
[http://www.bbc.co.uk/news/technology-34732514](http://www.bbc.co.uk/news/technology-34732514)

Researchers from the Massachusetts Institute of Technology (MIT), Harvard, and
Carnegie-Mellon universities studied 110 apps available on Google Play and the
Apple App Store. They found 73% of the Android apps shared users' email
addresses, and 47% of the iOS apps shared location data. Android health app
Drugs.com shared medical information - including words such as "herpes" \-
with five third-party domains, including doubleclick.net and
googlesyndication.com. The research also found that 93% of the Android apps
tested connected to the domain safemovedm.com

\---

 _> In contrary to Windows 10 were you can't deactivate several phone home and
cloud features._

Configure telemetry and other settings in your organization
[https://technet.microsoft.com/en-
us/library/mt577208%28v=vs....](https://technet.microsoft.com/en-
us/library/mt577208%28v=vs.85%29.aspx)

Spybot Anti-Beacon [https://www.safer-networking.org/spybot-anti-
beacon/](https://www.safer-networking.org/spybot-anti-beacon/)

On any system, Microsoft says that Basic level telemetry doesn't send any
identifiable information.

~~~
frik
You can configure the Android firewall, done.

Win10 firewall especially has a hardcoded whitelist for Microsoft phone home
IP address ranges and domains - how evil is that? You would have to patch the
kernel mode network driver dll to make sure Win10 won't phone home, a software
firewall would still have to rely on Microsofts kernel mode dll. And why would
one trust them anymore - they were the first company that handed over their
data (Hotmail/Outlook.com) as we learned last year (neither Apple nor Google
cooperated). And I always thought Microsoft has a solid business and has no
reason to rely on advertisement business and therefor label the user data as
products, things have changed since Ballmer. Fact is Win10 on PC and mobile is
impossible to secure without running it behind a hardware firewall (or
Enterprise license) - and who is running around with a hardware firewall
device connected to their phone/notebook?

~~~
scholia
So did you actually read any of the links?

> to make sure Win10 won't phone home

Windows 10 is "Windows as a Service" and is continuously updated from the web,
based on telemetry. It also runs on smartphones and games consoles. It
includes notifications, cloud (OnDrive) integration and an intelligent
assistant (similar to Siri, Google Now and Alexa).

~~~
frik
Sure. But have your read my comment? Your second paragraph is really comical
as an answer. But thanks for listing all negative things that many don't want.
Win7 has non of them or can be deactivated. Win7 is great.

The problem is Microsoft trust their metrics too much. Since Office XP and
WinXP the collect usage statistics (which can be turned off in all of their
software except Win10!). Of course most power users and companies turn them
off, that's why we got Ribbon bars in Office and Windows, and weird UI designs
- based on skewed statistics. Windows as a service is probably a tipping point
for Microsoft, we will see how it goes. WinPhone7-10, XBoxOne and Win8x aren't
very successful. A new CEO, a new head of PR & brands and a new head of user
interface design would do wonders.

~~~
scholia
_> Of course most power users and companies turn them off_

Great way to make sure that your views and usage patterns don't contribute to
the development of the software.....

------
arca_vorago
What amazes me is that people on HN still continue to rail against RMS and the
FSF while blatantly showing their ignorance of the principles they both stand
for, and often not even through logically sound arguments.

Personally, I understand the main reasons people have issues with this though,
because very often they simply haven't actually taken the time to think of
computing as a philosophical choice as well as a practical choice.

As the surveillance and control engine enlarges itself though, those who are
more closely aligned with GPLv3-esque ways of computing will have more freedom
and control over their systems than others who accept fuedal walled gardens
will be, and it is at that point that the walled garden people will start to
understand the real impact of what are often considered frivolous arguments
like BSD vs GPL.

Enjoy your locked down BSD playstation/iBrain/iHome etc, I for one intend to
stick with GNU/GPL, and the FSF, as much as possible. The reality is that we
have been locked in so much though that this process takes time and should be
started now and not later. For example, in my various workflow pipelines, I
still have a handful of apache, mit, and bsd licensed programs, but I have at
least dramatically reduced the number of them...

If you haven't taken the time to understand the differences between BSD and
GPL you owe it to yourself, as I consider it foundational knowledge for modern
computing, the same way I consider history foundational knowledge of current
events.

------
neya
I was just casually checking and looks like they have a page for Apple too..ha

[http://www.gnu.org/philosophy/malware-
apple.html](http://www.gnu.org/philosophy/malware-apple.html)

------
tychuz
Also [http://www.gnu.org/philosophy/malware-
apple.html](http://www.gnu.org/philosophy/malware-apple.html)

------
dayon
Spoke in person with Stallman. I asked him why he doesn't complain about
server side code. His beef is with software we "own" being proprietary, so
apparently server-side code isn't a big deal to him. It puts a huge dent in
his logic, though, because if you follow his concerns to the end, then the
internet in general is malware. Even if a site claims to be open-source,
posting its code online, you can't know what version of the code it's running
unless you're given access to the server. So, even if we use all open-source,
free hardware, firmware, and local software, as soon as we connect to a remote
site, it goes out the window.

------
mark_l_watson
I support the FSF financially (and sometimes using their licenses) but I think
that this article is a little bit off in the criticisms about updates.

I use OS X, Ubuntu, and sometimes Windows 10.

I want security updates as often as they are released.

I don't often use my Windows 10 laptop but when I do the first thing I always
do is to update the system and anti-virus definitions.

I also frequently check and update OS X and Ubuntu.

I happen to trust Apple and Microsoft to perform automatic updates, but that
is my personal decision.

------
HillaryBriss
_The BitLocker recovery key for the user’s device is automatically backed up
online in the Microsoft OneDrive account._

Even if we trust MS, do we trust MS to keep these keys safe from outside
hackers?

~~~
dogma1138
No this is why it's not the default setting it asks you if you want to do it.
That said OneDrive content is encrypted, while the encryption is not perfect
it's not going to be "hacked" as easily as one thinks, it's not stored in some
global key repository just in your normal onedrive account which is by far
more likely to be compromised due to your activity than Microsoft's.

BitLocker can fail, simple things like a UEFI/BIOS updates will cause it to
fail, playing around with your boot loader or even boot order will cause it to
fail, anything that will trigger the TPM will cause it to fail, sudden
powerloss/crash can cause it to fail.

BitLocker is quite more reliable now but when I was using it with Widnows 7
about 4-5 years ago I had to use the recovery every 2-3 months usually so I
had the key printout stored in my wallet this is probably quite less safe than
storing the key in OneDrive.

Most people use encryption not to fight state level surveillance but to ensure
that if they lose their devices or they get stolen they don't need to worry
about all their accounts being compromised and their life being penetrated to
a point where they need to worry about identity theft, fraud, and extortion.
However FDE also puts you at risk for not being able to access the device when
you need to, at like usual it will fail at the worst possible moment, the
chance of losing all access to your device and data is a big hurdle which
prevents people from using FDE and OneDrive-BitLocker integration kinda solves
this quite well while still providing tamper resistance/detection.

------
KeyBoardG
"Windows 8 on “mobile devices” is a jail: it censors the user's choice of
application programs."

I laughed. I don't think its their choice that the app store is horrific.

~~~
grub5000
OP surely must have meant the Windows RT devices, which can only install apps
from the windows store. Normal windows 8 devices can install anything they
want.

------
Silhouette
_However, in practice nonfree software is often malware, because the developer
's awareness that the users would be powerless to fix any malicious
functionalities tempts the developer to impose some._

Speaking as a professional software developer who typically does not write
free software: [expletives inappropriate for HN deleted]

The allegation that any developer who does not share the FSF's views on the
advantages or otherwise of free software is inherently more tempted to screw
their users is not only wrong, it's offensive. I have never imposed any of the
kinds of malware listed in this article on any user of any project I work on,
nor would I be happy to do so in the future. This is more than can be said for
several popular software products that also happen to be FOSS.

Also, the idea that Microsoft, or any other commercial software provider for
that matter, should be responsible for supporting its software indefinitely,
entirely at its own expense and regardless of context, is just silly. I think
it is sensible to expect and if necessary legally require a basic level of
support for commercial software products that were defective when first
supplied, for some reasonable period that will probably vary greatly with
context. In practice, actual regulation or legislation has rarely been
necessary as most major software vendors have volunteered such support anyway,
though the unwelcome trend is for this to change and so the regulatory/legal
framework may need to change to match. However, Microsoft has, at least until
recently, gone far beyond that industry norm in terms of long term support for
its older software, and _far_ beyond any major Free Software project. It might
have been fair to say that Microsoft was the last very large software company
that should be criticised on this score, but for their recent shifts in policy
to much more user-hostile terms.

------
dexterchief
I think FSF could learn a lot from what Micah Lee is doing at the Intercept.
He's been doing a bunch of articles that are a nice blend of why and how with
a nice conversational feel.

In terms of outreach and informing new generations of users... I think
adopting that style would be a big win. Even non-technical users have a multi-
year investment in Windows, and in spite of all the polish of modern distros,
the jump to FOSS is still a big one. Help people make it.

[https://theintercept.com/2015/04/27/encrypting-laptop-
like-m...](https://theintercept.com/2015/04/27/encrypting-laptop-like-mean/)
[https://theintercept.com/2015/09/16/getting-hacked-doesnt-
ba...](https://theintercept.com/2015/09/16/getting-hacked-doesnt-bad/)

------
Beltiras
I'm glad RMS has a platform. I even agree with the majority of the sentiments
expressed. This list is too juvenile for my taste. The corresponding Apple
hit-list is more toned down and not so acerbic. Free speech is important but
for the sake of the cause I hope that some judicious edits will be made.

------
api
Many of the things on this list are more or less technical requirements.
Forced security updates are required to stop the spread of botnets, for
example. If you make security updates optional people will turn them off and
you'll get botnets, ransomware, and DDOS flood epidemics. DDOS floods are a
major threat to the open web, requiring web sites to cluster behind MITMing
'protection services' like CloudFlare.

I do agree about the privacy aspects, but unfortunately most users do not care
about security or privacy and "most users" (the mainstream of the market) pays
the bills. Until users care and vote with their wallets, companies will
continue to disregard these things.

------
yuhong
I think it is pretty fun to compare "Windows as a service" with actual "SaaS"
(eg Google Docs). As a side note, I once mentioned how Win10 driver signing
requires EV certs that are not sold to individuals, and remember this
response:
[https://twitter.com/ericlaw/status/619309157791891456](https://twitter.com/ericlaw/status/619309157791891456)

------
bittercynic
The mandatory updates seem like a major problem.

One of the greatest benefits of purchasing software instead of using SAAS
products is that you can keep using your purchased software regardless of
changes the vendor may make in the future. If you're not free to reject
updates, you've lost this advantage.

------
exo762
Informing NSA about bugs before fixing them is grand. This alone qualifies MS
software as malware.

~~~
skolor
Note what the actual source for that says:

> Microsoft Corp., the world's largest software company, provides intelligence
> agencies with information about bugs in its popular software before it
> publicly releases a fix, according to two people familiar with the process.

The implication being made in the gnu page is that Microsoft delays fixing
bugs so that the NSA can exploit them. The source article says something
slightly different though, that they inform "various" agencies prior to the
patches going live. I suspect the linux kernel devs do too, or Firefox, or any
number of open source projects. I'd be more surprised if none of the people on
the security lists for those groups don't have a list of agencies (both US and
otherwise) they send bugs to .

------
swiley
Just a reminder about why people still use xp:, earlier versions of windows
supported a real time mode (sort of like the preempt rt Linux patches). This
is needed in order to run some equipment but later versions of windows (post
xp) have dropped support for it.

------
noorah
How can a user without computing background be sure that Linux is not what
Microshaft Windoze is?

------
ape4
I wish Microsoft had a way to pay for Windows 10 so I can opt out of the ads,
tracking.

------
Arzh
I guess all of the internet is also malware. Neat.

~~~
Spivak
Even if what you said was true, and it's not, "well everyone else is doing it"
is never an excuse.

~~~
Arzh
I don't take a side in this statement.

------
dstaheli
This article is weak-minded propaganda.

------
bitmapbrother
PC Does What?

What an apropos marketing campaign.

------
joenathan
This is way a Neo Nazi or KKK member would describe people of color, cherry
picked 'facts' to build an absurd argument.

~~~
flurpitude
What's absurd about it? Which of the items presented are untrue, as suggested
by your scare quotes around "facts"? Yes, the article is one-sided, but these
are all real points of concern about the direction Windows is going in.

~~~
joenathan
I'm a sysadmin, I deal with malware on a very regular basis, saying MS
software is malware is an absurd statement. Equal to saying black people are
all criminals and then quoting incarceration reports.

------
ghduxjc
Ahh, the circle of life continues.

RMS produces an opinion piece -> everyone denounces it as extremist -> some
time passes -> something horrible happens that proves RMS was right (like the
NSA disclosures) -> everyone freaks out at what's happening -> some more time
passes -> RMS produces another opinion piece -> repeat

~~~
krapp
you forgot -> people show up in the thread and mock anyone who doesn't accept
that RMS is, has always been, and will always be right about everything.

------
oldmanjay
You'll have a hard time finding any believer in any religion who would admit
to the biases in their beliefs.

~~~
yarrel
Proprietary software isn't a religion. It's politics.

~~~
oldmanjay
I'm not really aware of a practical difference when considering the nature of
political and religious beliefs, so sure, substitute politics into my thought
at will.

------
littletinman
Shots Fired!

~~~
GFK_of_xmaspast
They've been firing shots at Microsoft for decades now (remember "MS-DOG" in
old GNU writings?)

~~~
SEJeff
Or their absolutely ridiculous Bad Vista campaign?

[http://badvista.fsf.org](http://badvista.fsf.org)

