Hacker News new | past | comments | ask | show | jobs | submit login
Samsung disabling Windows Update? (bsodanalysis.blogspot.com)
316 points by firloop on June 24, 2015 | hide | past | web | favorite | 143 comments

This is about as end-user hostile as the Lenovo Superfish thing. By the sounds of things, Samsung has managed to ship some of their laptops with devices that fail with the standard windows devices drivers, but don’t have their own pci-id which would allow Samsung to ship a custom driver. Samsung’s solution to this is not to issue a hardware recall & replace the laptops, but to expose their customers’ private personal information to every future malware author on the planet.

In some ways, this is worse than Superfish. Superfish was at least not deliberate; it seems pretty clear that Lenovo really didn’t understand the full implications of what they were doing by installing it on their laptops. There’s no way that Samsung doesn’t understand that by disabling Windows Update they are trading off their customers’ security against the cost of a hardware recall.

(It wouldn’t surprise me to discover that Microsoft actually has ways of blacklisting driver updates under Windows Update & will liaise with OEMs to help them sort out problems like this - it wouldn’t be that hard to maintain a list of 'if the hardware looks like this then install that driver instead of the standard one'. In which case Samsung is simply trading off a bit of management time against their customers’ security which is even more unacceptable.)

its probably a short term fix while they work through the process of working out how to identify the defective machines and isolate them properly within Windows Updates.

still incredibly dodgy though.

If this is true (and frankly I know for a fact it is, as I just downloaded the linked file containing Disable_Windowsupdate.exe, which is signed by Samsung Electronics CO and downloaded from Samsung's own servers) then Microsoft should pick up the phone and threaten the heck out of Samsung, Microsoft while somewhat neutered by anti-trust still has a great deal of power over OEMs and stuff like this is a perfect time to [ab]use it.

Ultimately it's just another item on the long long list of why anyone should not buy Microsoft and Samsung products.

Samsung's terrible engineers coupled with a proprietary OS means users lose.

Yes, it's clearly Microsoft's fault here. Geez.....

Honestly, as a Linux user this kind of makes me chuckle.

Microsoft has spent so much time abusing their market dominance, trying to cripple linux on the desktop that it's kind of funny for once to see a company which they can't strong-arm doing the same thing back to them.

Let the past be the past. The new MS is making some good moves. However, this is not MS's fault. When you operate in an OEM type environment, you will run into situations like this.

For example, if OSX was an OEM offering, companies would disable services and make unsavory modifications.

The reality, is like Lenovo, we have a bad vendor here and probably think twice before buying PCs from Samsung.

Honestly, it's hard to embrace the "new MS" when there are things like this still happening: http://www.theguardian.com/technology/2015/may/22/microsoft-...

I'm aware that Microsoft is a giant corporation and there are many different people employed. The amount of people who support Open Source most likely increased in the last years. But as long as they're doing the public "we love Linux and Open Source" and try to lobby Open Source away in the background, I have no reason to trust them.

What a bunch of total fucking assholes. That's not lobbying, that's blackmail.

No joke but this sort of stuff makes a mockery of the positive things they have done recently. Ao much positive spin hiding the same asshattery.

Well really it's not much different from saying you will move out of your representative's district, move out of your state, or move out of the country if a law you don't like gets passed. Is it blackmail for a person to leave Indiana because of their pro-discrimination bill that recently passed? Was it blackmail for Salesforce to say that they wouldn't be doing business in Indiana? It's the same thing here. They're voting with their wallet just like everyone does.

However, it says in the article: A Microsoft spokesperson said: “We have looked into the nearly decade-old matter and we don’t recognise these claims. Fundamentally, it is not how we operate as a business. We have an honest and open engagement with the government and this is how we will continue to work with it.”

We're less dicky in the UK and don't have masses of county specific bylaws so this is merely blackmail by threatening to punish.

I do not like microsoft because I think it has slow down the progress of computer science (MHO). In this case microsoft has done nothing wrong. It has given Samsung the right to sign executable because people would hate if microsoft was the only one able to sign executables. In his case, samsung is the only culprit.

I think microsoft has make many good moves recently because the public interest and its business interest are converging. Microsoft is in a hard fight to avoid becoming irrelevant. It has to lobby governments for commercial interests and at the same time, it has to seduce developpers by open sourcing (and leading technical innovation).

Yes, I agree that this isn't related to Microsoft at all. I was merely responding to the aspect of "hey guys, look, Microsoft got better".

> It has to lobby governments for commercial interests and at the same time, it has to seduce developpers by open sourcing (and leading technical innovation).

Well, that's the very problem for me. As long as it is only PR to catch devs, I don't care. Opening .NET was great, but honestly I'm accustomed to open languages (or open compilers), such as Go, Rust and C (including the whole GObject ecosystem). It didn't make .NET better, it made it equal to things I'm used to. And in contrast to .NET, these languages are truly governed / developed by a multitude of developers.

To me it's more important to stop ambushing Open Source / Free Software (like the blackmailing I linked above). If Microsoft's products are better, they won't have to fear Open Source at all. Fair play is all I want.

I do not think open sourcing is only PR. It is a different model that should increase quality of software and less deception. I think there is a financial interest in open sourcing and listening to a community. The financial benefits of being "fair play" is not so clear.

Where still is nearly a decade ago.

Their new PR line is they've changed and they are sorry, but they have certainly NOT changed and they are NOT sorry:


Their recent "good moves" (open sourcing .NET, etc.) are simply an attempt to maintain relevance in the face of declining market share. If it results in regained market-share, they will likely bait and switch, and of course, they might as well get some good PR out of it.

First, why would you expect Microsoft to not lobby against laws that prevent it from effectively competing?

Second, Why is Microsoft lobbying for non-restrictive purchasing standards bad?

It's very clear to me that this has little to do with weather the competition is FOSS - and more to do if the competition can only be indian made software. Buy $country First laws have long been recognized as anti-competitive, protectionist and generally a cause of increasing acquisition costs.

FOSS of more often then not superior on its merits alone, why does it need a protectionist anti-competitive law to help it compete?

>FOSS of more often then not superior on its merits alone, why does it need a protectionist anti-competitive law to help it compete?

Because people generally don't choose the superior product?

>FOSS of more often then not superior on its merits alone, why does it need a protectionist anti-competitive law to help it compete?

If proprietary software is more often then not superior on its merits alone, why does it need a protectionist anti-competitive law (Intellectual property, reverse engineering forbidden by EULAs) to help it compete?

FOSS, in the form of the GPL, aggressively uses IP rights (copyright) to further their goals.

What would the phrase "proprietary software" mean if it weren't possible for software to be proprietary?

>First, why would you expect Microsoft to not lobby against laws that prevent it from effectively competing?

I wouldn't expect Microsoft to not lobby because I don't believe their PR that says that they've "changed" and are now "pro open source".

>It's very clear to me that this has little to do with weather the competition is FOSS

So which part of the Indian policy that (briefly) favored open source was not about favoring open source software?

>FOSS of more often then not superior on its merits alone, why does it need a protectionist anti-competitive law to help it compete?

This should be made policy because this is a long-term strategy to prevent lock in, and because it's much harder to bribe a high level official than it is a low level official.

It doesn't seem fair to say that Microsoft is attacking open-source software here. They're just asking not to be shut out. I think any of us would be asking the same if someone were trying to categorically exclude something we'd made.

> The new MS is making some good moves.

The old New MSFT made some good moves too. Then they went back to being the Bad MSFT. I hope that the company has figured out how to break the cycle of abuse, but I'm not going to be holding my breath.

have they?

or have they just let the open source folks continue to talk and talk about "YEAR OF THE LINUX DESKTOP" while releasing software that is different combinations of buggy, ugly, or a terrible UX.

trying to cripple linux on the desktop

according to what I hear year after year again ('still not the year of desktop linux') they even succeeded. lol.

linux on the desktop failed for the same basic reasons many startups fail. They didn't listen to their users or focus on making a product that their users wanted.

By users I mean the core market of Windows - the business desktop. How often did linux outreach staff come to a large business and listen to the concerns of the customers? Never (in my experience). How often did Microsoft do this? Often (again in my experience).

It's confusing when you address Linux this way. Most Linux distributions are not for-profit, so they're going to have any staff going to businesses. Plus, even if they did, they'd have to offer support, which they aren't able to.

The only distributions that can do that are the enterprise paid ones, and those are mostly meant for the server side. AFAIK there isn't really an enterprise desktop distribution of Linux really intended for that kind of use. Linux on the desktop is what it is -- it's an option for those who want it. Market share is not a big consideration at all.

Another element is that anything above the kernel is subject to change at whim of some primadonna developer.

MS has in the past bent over backward to maintain binary compatibility.

Some of the same attitude is present in the kernel mantra of not breaking userspace, but userspace devs seems all to happy to break stuff at the drop of a hat.

Yet, Microsoft is responsible for allowing such software to run in the background with no notification or authorization by the user or means to disable it.

It's really hard to find the correct middle-ground. Would you prefer if Windows worked like iOS where there are serious limitations on what apps can do in the background and where every application has to go through a central authority for vetting?

Or do you propose a solution that gives both freedom to the user while also not allowing something like this to happen?

Yes, there are whitelisting solutions (built into the OS by MS, btw), but they are a real pain in the ass to use - there's just too much stuff running on your machine at any given time.

In the early days of multi-user OS security, applications were trusted because they were installed by the admin and users were untrusted.

Today, we have systems which are mostly single-user, but where the applications are incredibly untrustworthy. Hence the popularity of jails and app-store systems. You can't easily retrofit this on Windows because there is very little security between windows running on the same desktop, but what I think we'll end up with is each application having its own SID and a default-restricted view of the user profile.

But in this case it's a hostile OEM, and there really isn't much that can be done in software against that.

This is the direction with app containers in WinRT model.

> Would you prefer if Windows worked like iOS where there are serious limitations on what apps can do in the background and where every application has to go through a central authority for vetting?

I've thought about this for a while, and honestly, for desktops/notebooks/tablets? Yes. Maybe not just one App Store like iOS, but at least sandbox all possible non-os code similarly to ChromeOS, in a way that's on by default and requires a boot-time flag to disable (and users should be allowed to do this, but OEMs shouldn't.)

Recently my dad bought a new $300 toshiba laptop because his old machine was just "slow", as in he had so much spyware on his computer that it was easier to just buy a new one than going through the hassle of cleaning up his old one. Even though his old laptop was perfectly good and of a recent hardware generation.

I'm 100% positive he's going to have the same issues on his new laptop, and his response was that he uses his iPad so much that it doesn't matter anyway.

The role of the modern day OS has changed immensely over the years. Nowadays there's simply no reason for legitimate applications to have the level of access to the underlying system that they used to have. Apps really don't need arbitrary filesystem access. They don't need to be able to overwrite core system files. They should be run in a sandbox or a container with as restricted of a set of permissions as possible.

For servers and development workstations the story is a little bit different, but those are exceptions to the rule, and with the proper release hatches like boot-time enabling of un-sandboxed code it's a good tradeoff IMO.

Right, so because Windows has been historically shitty creating this problem in the first place, we now willingly want Trusted Computing and thus losing control and ownership of our own devices, with the grandma reason given as rationale. Well, when this relationship with the likes of Apple and Microsoft goes toxic, and it's only a matter of time, I'll be one of those that will enjoy it, as I'll consider it a sort of social justice, as a lot of people told you so and you wouldn't listen.

Instead of this sanctimonious sermon, we would be better served attempting to solve the problem that locked-down platforms do, but in a more open way.

Because the fact remains - computers have been a difficult thing for many people to use and maintain reliably. The "Windows has been historically shitty" point might be a reason this problem has been worse than it needed to, but it's hardly a compelling excuse.

When people—and not just Grandma—point out that their iPads don't have the same problem, then we should take that on board, rather than telling them that they're stupid for not listening.

So I'm all for solving current problems, however if I'm sure of anything, I'm sure that companies like Microsoft or Apple won't deliver a solution that solves these problems without locking-in users into a trap which is worse than the problem that it's solving.

And on Windows, this is the oldest trick in the book - in order to sell something people don't want, you first need to create the demand for it.

> Nowadays there's simply no reason for legitimate applications to have the level of access to the underlying system that they used to have

I'm hearing this argument from time to time. But I'd like to know what exactly changed. I can think of a dozen use-cases for which a shared, system-wide filesystem would be absolutely necessary (yes, especially with computer-illiterate friends and relatives, as "files" is pretty much the only abstraction besides "web" that is widely understood even outside of "geek"/"power user" circles).

So, what exactly has changed between then and now that made those use-cases legitimate in the bast but not anymore now?

People neglected the fact that having $HOME access was already bad enough and lived in the illusion that running applications as normal user was safe.

Why is having a home directory bad?

Any application running under the user id has full access to his private data.

Add the capability to do network communication and suddenly the all wolrd has access to $ HOME.

This is why in the container model of mobile OS and Windows/Mac OS X sandboxes, applications only get to see file handles to files choosen by the user.

> he had so much spyware on his computer that it was easier > to just buy a new one than going through the hassle of > cleaning up his old one...

I don't understand. Why not just reinstall the operating system from blank media? If you get a new machine, you'll have to reinstall your user-applications and data anyway?

It's not something most people know how to do, and you have to pay for a blank media set. There is usually a "recovery partition" instead, but how well do those work?

You can download windows install files from Microsoft nowadays. There's a downloader that also includes functionality to burn a DVD image or create a bootable USB stick.


As for the "it's not something most people know how to do": Buying a new computer also requires you to transfer files from the old to the new computer. And requires you to install your software. I'd say that both tasks aren't significantly harder to perform than clicking "next" on the Windows install dvd.

I like the way OS X handles it. Unsigned software won't run by default, but the user can override the limitation.

Yes, you can do this on Windows too, but the problem is this update disabler executable was signed, so it would have run anyway.

There are two problems: how on earth samsung may have the idea to produce this kind of software and who is signing software without giving a look at what he is signing. A problem of software development mentality (on windows) and a problem of responsability.

> who is signing software without giving a look at what he is signing.

Versign would by proxy, as one example. A certificate authorized to sign code was purchased from them. Samsung would directly, to prove that this shit software came from them.

Just like SSL/TLS. I could set up an SSL website that performs drive-by attacks, would Verisign sign that? Yes, yes they would.

Vericode isn't an gate keeper like Macs certificates are. It's designed to improve security: if I download a Samsung installer Windows will tell me that it is indeed from Samsung (during the UAC elevation) because the signature checks out. This means that I can be certain that unbeknownst malware won't be installed on my PC alongside the Samsung malware.

The story is different with WHDL (drivers), those are signed by Microsoft (in addition to yourself, I think).

Samsung signed the software, of course. Who else would?

when you are asking for companies to verify all the software that is signed by their certs, im quite certain you are not at all considering the consequences.

Signing software only proves that it came from you. It doesn't say anything about what the software does. That's what your reputation is for.

Or you know, place the ability to disable Windows Update behind policy restrictions and UAC rather than being openly editable in the registry? With policy restrictions, corporate installations could deny all attempts to disable the service. In non-corporate environments, this should at least require a UAC prompt. While too many users would likely click through without understanding, at least knowledgeable users would understand and be able to deny the change.

Windows Update is a serious security requirement for any Windows install. Disabling it should clearly require explicit consent from the user.

Changing the windows update policy requires admin rights and UAC prompting. The Samsung installer would also run as admin (either started from a service running as admin and deployed by the samsung initial image, or by the user allowing UAC when launching the samsung installer), so it can change the registry.

True. To be more specific: while UAC is great for requiring admin privileges, it would be nice if UAC prompts would enumerate the permissions being asked for. The prompt should be asking you if you wish to allow the program to disable Windows Update as opposed to "admin privileges to do anything whatsoever with your operating system".

That said, it's a difficult system to implement properly. Android went that route, and it almost works - almost. Android's available permissions are too plentiful, and yet certain permissions are too broad in scope. I wouldn't want a desktop application to have to ask for separate privileges for every little piece of functionality, but for certain critical actions it would be nice to have some clue as to what is going on.

Perhaps in another 20 years someone will finally invent a privilege escalation system that somehow manages to be both very specific and yet not time consuming for the customer to manage. What a dream. :)

> means to disable it.

1. Right click on the taskbar.

2. Click "Startup".

3. Disable what you want.

4. Click "Services"

5. Disable what you want.

This omits "Scheduled Tasks" (cron jobs) which can be set to execute on user logon. This is the single one that Microsoft still need to address.

Does whichever operating system you are comparing to Windows have a one-top-shop for the vast majority of startup configuration? Of the "big 4" (Mac, Linux, BSD, Windows) as far as I know this is a unique feature.

Proof-of-point: I have a copy of Linux, without telling you what the distro is, tell me how to disable the firewall (just an example of background software on most Linux distros).

> no notification or authorization

Does that operating system of yours do this? Which of the "big 4" do? I know that Linux and BSD don't.

> Microsoft is responsible for allowing such software to run in the background

So Microsoft is responsible for everything every Microsoft-stack developer on earth does? Does that mean that RMS is responsible for closed source software because some of it is made with GCC?

> Proof-of-point: I have a copy of Linux, without telling you what the distro is, tell me how to disable the firewall (just an example of background software on most Linux distros).

This isn't comparing operating systems to operating systems. "Linux" could refer to a number of operating systems, such as Yellow Dog, Ubuntu and Fire OS. The Microsoft version of this question would be more like: "I have a copy of a Microsoft OS. Without telling you what version it is, tell me how to disable the firewall."

Yes, it's almost as if executable code is... executable.

intel's fault for developing x86

If they didn't they would probably get sued and bashed on HN for promoting walled gardens and abusing OEMs.

Google has a similar problem with Android. They solved it by having anyone who wants to include Google services to fall into line.

Apple goes to extremes on iOS to prevent things like this.

> When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.

So they "fixed" the problem of their driver getting overwritten by disabling all OS level updates? Oof. Screams shoddy development if this is true.

Sounds to me like they put defective rev of a USB3 host controller on the board, and they need their own driver to work around it, but the host controller is going to identify itself generically enough that Samsung can't rely on PNP ID matching to pick their work-around driver. Hence they disable windows update to avoid getting a driver update that would stomp their workaround driver.

Whatever it is, it sounds really sketchy.

It's because we don't do recalls on computers...and we should.

Faulty hardware like this goes out _all the time_. Eons ago when I sold computers, HP had a line of high end laptops (~$3500) with 2 slots for RAM (back when that was a big deal in a laptop...) and we found out that the second RAM slot's pins were not connected to anything on the motherboard. On every single laptop we opened (30+). Literally they had just pins on a board with no traces and advertised it as a 2-slot laptop.

HP stonewalled us (Circuit City flagship store, so we had corporate involved) and kept trying to get us to sign an NDA before they would confirm the problem or offer a solution. We said fuck that and shipped several thousand of the things (the chain's entire order) back to them as defective.

They caved, like they should have, but complained about it the entire time.

Is this even true? Windows updates only drop critical updates and can't think of a case where updated Windows drivers were automatically installed over existing drivers without explicit request or prompting to do so (except perhaps for critical flaws where the driver itself compromises security). Just yesterday I had to manually find and select an optional driver update for Intel HD graphics which one would expect to be in category of "autoupdate" if this were true...

Disabling ALL of Windows Update for this questionable reason seems entirely out of line. If their own SW Update software is already present, why not instead track said drivers and simply alert the user that vendor specific drivers must be used, offering the ability to restore them?? Makes no sense...

Generally, Windows Update will update your drivers to the most recent version MS has available -- but they mandate WHQL drivers, so they're rarely the most recent. For example, while MS has nVidia drivers up on Windows Update, if you have a more recent version direct from nVidia, it will not overwrite that.

This situation is 100% on Samsung. They've put hardware out there that they can't target properly to overwrite the generic version.

Are you sure about this? As I mentioned, just a few days ago I had to manually download and install Intel HD drivers which were listed under "Recommended Updates"(note, the driver provided by Windows was indeed a later version of the one posted on Asus' own site...)

I did some searching and found this on Microsoft's own site:

Automatically get recommended drivers and updates for your hardware

Applies to Windows 7 In this page Drivers and information To have Windows automatically download recommended drivers and icons To turn on and configure Windows Update To install drivers and other optional updates from Windows Update If Windows can't find a driver for your device If Windows can’t find information about your device in Device Stage You can have Windows automatically download recommended drivers and detailed information for your hardware and devices. This is a good way to make sure all your hardware and devices work properly.

Watch this video to learn how to automatically get recommended drivers and updates for your hardware (1:13)

Drivers and information

Windows can find and download two kinds of updates for devices connected to your computer:


A driver is software that allows your computer to communicate with hardware devices. Without drivers, the devices you connect to your computer—for example, a mouse or external hard drive—won't work properly. Windows can automatically check if there are drivers available for new devices that you connect to your computer.

For hardware that you've connected to your computer in the past, updated drivers might become available at a later date; but those drivers aren't installed automatically. To install these optional updates, go to Windows Update in Control Panel, check for updates, and then view and install driver updates that are available for your computer."


EDIT: has anyone confirmed if the USB drivers are in fact proprietary Samsung drivers as opposed to the generic Windows drivers? I'm curious if the support tech was merely stating a contrived example or if that is an real world scenario. So it seems pretty clear they don't install automatically and in fact not even when you install (manually or automatically) the regular crtical updates they post - which is in line with my experience over the years. The one exception might be a service pack where non-critical fixes sometimes make their way into the release (though even these have recommended and optional categories for patches which you must manually select). Ironically, despite some confusing overlap conflating the drivers installed from Windows Update when adding a new device with updating drivers to newer versions as part of the regular Windows Update patching, there are some fairly simple directions to disable drivers sourced from Windows Update for both cases:


While still unacceptable IMO, using this method would at least allow users to still receive critical security patches and other recommended/optional updates. It even mentions how MS works with third party vendors in some cases to insure only compatible drivers are ever installed (as previously mentioned) which is really the only acceptable procedure.

It seems pretty clear that Samsung chose the absolute worst option of ask those available, though it remains unclear as to why. Given a simple Google search yields plenty of high level info on the subject, I can't help but wonder if this has some other more concerning justification...

I wonder if it was meant to be a short term fix until some drivers passed certification or something? Or maybe their software update selectively runs windows update to find updates and notifies the user? I wonder how long it's been set up this way? None of these are good, but the details may mitigate quite how bad it is (in spirit, if not reality).

I don't understand, why is Samsung pulling stunts like this all the time? It would make sense if they were trying to get up the ladder but they are already there, they hold an unquestionably large market share of Android. Things like these won't do any good in the long run but only prompt consumers to actively avoid the brand.

Some of the things that really surprises me:

[1] http://gizmodo.com/samsung-rigged-the-s4-to-unnaturally-perf...

[2] http://www.neowin.net/news/samsungs-gamepad-is-a-microsoft-l...

[3] http://money.cnn.com/2015/02/09/technology/security/samsung-...

The simplest explanation is that Samsung has mostly shoddy engineers and designers.

The voice recognition thing is that they outsourced the voice recognition, so are just piping all conversation to them.

The gamepad thing is "oh we need a gamepad, the 360 is popular right"?

the benchmark thing is "our manager wants us to beat these specific benchmarks, let's just overclock for the benchmarks the manager mentioned"

I mean, it doesn't excuse them of course, but I imagine this is mainly a consequence of a lot of people whose job it is to meet their manager's checklist of features, and not caring about the products themselves.

amazons alexa is an always on internet connected "speaker" that answers your questions.

i expect amazon intends to obtain acceptance by not copping to the fact that it also has to be a microphone.

The Alexa listens for a keyword (Alexa, or it can be changed to Amazon) locally, and then once triggered sends your query to Amazon for processing. That's the same way that "Hey Siri" and "OK Google" work.

Samsung seems to have skipped the 'trigger phrase' part and just sent EVERYTHING and tried to see if it needed to be listened to.

Big difference.

Samsung hardware is top-notch.

But they're a hardware company first and foremost. Most hardware companies tend not to be great software companies. The company culture just isn't designed for producing great software. See also: Sony.

I can't think of a single piece of software made by Samsung that gave me anything other than a thoroughly negative experience. Even their phones function best when they are not burdened with a Samsung ROM.

You can't be great at one without the other, companies like Samsung, Dell and HP have failed to recognise this for a long time.

They're a hardware company that aren't very good at software. It sounds like they found out that USB3.0 stopped working on some of their test machines, did the simplest 5-minute fix and called it good.

I think the most simple explanation is that they can get away with it without substantial backlash.

Still doesn't explain why. Are you suggesting they are doing it just for fun?

They're doing it for money.

They game benchmarks for sales.

They disable windows updates because they can't make USB 3 work with the drivers you get from windows update.

Well the ultimate 'why' is obviously aiming for monetary gain since they are a company, I was referring to a shallower 'why'.

It's cheaper/easier than doing it 'correctly', and no one is applying enough pressure (such as declining sales) to make them change.

This isn't "Hey lets see if we can screw over our users", it's "This shortcut is easy (and I never even considered how it would effect our users)".

I think that they believe that they own the hardware customer bought and not the customers.

The gamepad is a complete non-issue. It is as similar to the xbox controller as the xbox controller is to the dreamcast controller, which in turn is similar to...

It is the rounded rectangle all over again.

I agree with this. I can't fathom how the controller looks similar, except that the buttons are the same colour, or close.

The shape is totally different. I don't get it.

The layout of the sticks and main buttons are the same.

Samsung provides their own updating software? I'm not surprised... consumer hardware and the drivers associated with them is in general a horrible mess of workarounds and I feel it's only going to get worse.

For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates.

That's a pretty minor problem compared to what I've heard: automatic BIOS updates, which happen silently and brick the machine without any prior warning.

Ironically it is the "update culture" that brought us this whole mess in the first place; pushing out software (and hardware) that barely works "because we can always update it later", patching around bugs, and then realising that your patches break if someone else changes a piece you depend on, and so forth, thus leading to ultimatum situations like this.

Isn't there a method by which Samsung can deliver to Microsoft the set of drivers required for their hardware, to solve this exact problem?

Is this a matter of Samsung not wanting to go through the WHQL process?

It's possible that Microsoft have been covertly throttling the WHQL process to punish Samsung somehow. They are competing head on with Microsoft in a number of other markets (tablets, etc.), and WHQL is not really subject to much, if any, legal scrutiny.

As far as I know WHQL is automated so it's unlikely. i.e. you test it rather than MS and submit the results to them.

MS then sign the driver package and pass it back.

Don't think there are any humans involved.

Yes, I hear 9/11 was an inside job as well...

Somebody clearly wasn't around in the 90s.

I was born in 1984, I remember the 90s well... If Apple have completely reinvented themselves, why not Microsoft?

absurd nonsense

Well this is a truly terrifying turn of events, though the most amazing part is that chat agent was any help at all, I was expecting a recommendation that he call the support line or an outright denial. so samsung can at least be commended for giving their staff at least a little training.

I'm fed up with these hardware vendors incessantly messing with software. Why doesn't Microsoft tighten up its OEM licensing terms to put an end to this kind of thing?

Because the US and EU have repeatedly told Microsoft that they're not allowed to force OEMs to use their software.

I'm not sure this applies. "You're not allowed to disable updates" is not even close to "You cannot install any browser other than IE".

I'm not sure Microsoft wants to gamble $1 billion that "You have to use Microsoft's updater" is different than "you have to include Windows Media Player".

A little anti-trust action against you by the government will do that. Though it may not have been solely consumer friendly in the past, strongarming OEMs to avoid these kinds of messes was one of the things that got them in trouble 15 years ago.

TL;DR: Samsung's software is meant to install device drivers for your laptop. Because there are also drivers in Windows Update that Samsung considers conflicting, they disabled all of Windows Update to prevent those drivers from being installed.

Normally, you'd expect a major hardware vendor and a major software vendor to be talking enough to avoid such problems. Does this indicate that Microsoft and Samsung are not getting along? That's quite possible, since they compete in tablets now.

Eh normally you just expect hardware vendors to be so incompetent at writing software that this isn't too surprising.

Fantastic discovery! Kind of makes me wonder if there are other OEMs doing the same kind of thing and we just never noticed it.

we just never noticed it.

Quite likely if those who would have the knowledge to look into such things are also those who would just reformat the drive and install a fresh copy of the OS.

It's funny, but that's usually the first thing I do with new hardware... though it's also because in general I put in more RAM, and an SSD. Discovering my new rMBP (from August) can't have the memory upgraded and wasn't using the same msata interface as everyone else was disappointing. I typically DIY my own desktop builds, but laptops are getting way too locked down for my taste... I would expect memory, storage and battery to be user servicable on a > $1k laptop.

Between Sony, Lenovo and now Samsung... I'm getting really sick of this kind of crap.

I'm not that surprised. SW Update and Easy Settings are among the two worst pieces of software I've ever used.

If I press the volume keys on my (i7, Ivy Bridge) Samsung laptop, I often have to wait several minutes before anything happens.

Better yet, a clean Windows install on that machine will always fail because for some reason the laptop lets Windows install the bootloader to the mini cache SSD - which the BIOS doesn't recognise.

I'm not going to be buying another Samsung PC.


> For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.

Pretty sure this sentence causes brain damage just by reading it. I hope this receives Microsoft's attention. They take Windows Update very seriously these days and will probably flip over this.

Well at least nobody was surprised by this, so that is good right?

Jokes aside, this is ridiculously fucked up.


They clearly can't write software properly, or figure out how to contact Microsoft to actually use Windows Update to push out drivers.

If you install Turkcell's 3G connection app (which comes with the dongle) you will see that it disables internet sharing forever.

Microsoft should start some kind of initiative to make building your own laptop more like Google's Project ARA. No manufacturer is doing a thing to advance the Windows platform but there's actually a competitive, vibrant market in a lot of aftermarket part categories (on desktop) - look at the shootouts for CPU fans, keyboards, cases, monitors. I'd gladly pay a little bit more and sacrifice some mobility to be able select a high quality frame, top-notch keyboard, silent/high quality PSU and lack of crapware.

I built a fast but near-silent Windows PC for music a few years back and I'm still impressed by what a great system it is.

I'm amazed that you're allowed to do this and still ship with the Windows logo!

Microsoft owns Windows. Licenses it to OEMs. If Microsoft didn't have a problem with OEM's disabling Windows Update, then then would have prohibited it in their license agreement.

I'd be very surprised if the OEM license doesn't include such language - just because its there doesn't mean Microsoft is aware of what the OEM's are doing.

There is also the possiblity nobody considered this to be a problem ... ever ...

Of course this is ridiculous in the lens of a privacy aware techie. In the lens of a consumer-first corporation such as Samsung, is this possibly the result of "convention over configuration" from the eyes of management demanding this kind of (de)functionality from their devs?

I think we should start focusing on a fundamental shift on what management means and how accountable that position is.

Is it safe/efficient to uninstall all bloatware from a laptop? I own a Samsung and over the years I've unninstalled the obvious bloatware without any problem. I wonder if I can delete all of them.

I've taken this approach on others' PCs before with great effect (msconfig is your friend) but sometimes it's just quicker to do a clean install. I tend to triple boot Linux / Windows / Current-tinkering-OS-of-choice on my own machine so I'll usually dedicate at least a day to getting everything set up when I have a new one.

First thing I do when I get a new laptop is wipe it completely and do a fresh install. You can selectively restore the drivers/software you actually need.

Of course it goes without saying that this isn't something most of the millions of unknowing Samsung customers are likely to be able to do themselves, let alone be aware it's even a good idea.

Why couldn't samsung's service just programmatically uninstall the default windows drivers and install their own? Was that too hard compared to just disabling windows update?

Most vendors I've dealt with have their drivers certified with Microsoft's WHQL program and pushed out automatically through Windows update. I'm not sure why Samsung couldn't have done it this way.

Maybe the stuffed up the hardware so the ID's they use actually map to other devices by other vendors.

Meta: I submitted this post with the article's title but it seems the mods have changed the title to something less loaded.

HN has never had a "original titles only" rule. If it did, anyone could get whatever they wanted on the front page just by giving a post a manipulative title. That's why the guidelines ask to use the original title unless it is misleading or linkbait.

Is this one misleading? I can't say. In cases where we are in no position to judge the accuracy of a dramatic claim, we sometimes add a question mark. It's a lightweight way to make the title provisionally conform to HN's guidelines while the community sorts out what's going on.

That's weird. I don't think I like that the mods can tone down an article title, when submitters are expected to use the original.

If the article title makes a wrong claim, the comments and the voting mechanism will take care of that, does not seem to be the call mods should be making....

> when submitters are expected to use the original

Except for all the cases that they are not expected to use the original [1].

[1] https://news.ycombinator.com/newsguidelines.html

The guidelines are:

* If you use the original title, that's wrong; you should use a less-sensationalized title.

* If you use a less-sensationalized title, that's wrong; you should use the original title.

I hope that clears it up.

That's weird thing that I have heard about Samsung Windows Updates.

I don't quite understand why this is fucked up. Could someone elaborate? (I'm not doubting that it is fucked up at all. I would just like to understand it)

Is it that the developer of the OS is offering users a free better version and the OEM is preventing its users from benefiting? Why would Samsung do this? What could their incentive be?

The OEM is disabling all updates. Security patches and better drivers (that are published through windows updates from the ODM). not just new features.

Would you like winodws xp blaster boxes to return.

To be fair, Windows generally updates itself at the worst times, rendering your computer inoperable for an absurdly long time (a typical Windows update often takes longer than updating to a completely new version of a typical Linux distro).

OEMs should just throw their weight behind one of the commercial Linuxes and be done with the madness. They want to compete with Apple and OSX, that's their chance.

Wait a sec.. Apple has like 8% market share for desktops while Windows has ~80%. And Linux has just a few percents.

If you look at market share for consumers, Apple is doing much better.

HP, Lenovo and Dell still rule the enterprise, but Apple does very well with consumers. And more and more enterprises are moving to cloud based solutions, buying tablets and negating the 'need' for PCs, even if for the time being they're still buying cheap PCs.

I can't imagine a company pushing for tablets as general purpose devices for a lot of things... as a POS (point of sale) terminal, or even for standing sales reps, sure...

But real productivity is so much worse in line of business applications on a tablet vs. desktop. Screen size/space is king, and nobody is going to work on a 20" tablet... or give up half the screen to a keyboard. Let alone how tired will your arms be by the end of a day without a mouse for anything.

I know you can tap a keyboard/mouse to a tablet, but at that point, you've spent more money than a low end laptop or desktop, with worse productivity and output.

If we limit the scoop to consumer computers, including Linux seems odd. At least in Sweden extremely few people are using Linux on their computers. Even with Macs it's less than 30%.

Can you clarify why big brands should switch to Linux for their consumer PCs considering that few consumers wants it?

Thats one of those chicken and egg things, in particular when MS software has been the big dog of the market for so long.

If I look at that market Apple is almost nowhere to be seen.

Here in Europe, Apple computers tend to be above many salaries, forcing people that really want to have them to use leasing.

So healthy European countries do have quite a few. Not so healthy countries white brand PCs rule.

If Samsung blocks the Windows 10 "important" nagware patch KB 3035583 that installs autimatically on Windows 7-8.1 (except on PC with Domain/AD) than it's a service to the user.

It replaces the Windows Update dialog with an Windows 10 advertisement and it adds a second start button to the startmenu that lauches an advertisement app. If you click the wrong button it will automatically download Windows 10 in the background - Microsoft's way to not repeat the Vista, Win8 and Win8.1 launch fiascos. To each their own, some also like the Ask toolbar that comes with Flash installer.


This seems a bit like "the enemy of my enemy is my friend [even if also the enemy of my friends]." Without debating the merits of the Windows 10 patch you describe, surely it's not Samsung's place to decide on the user's behalf to block not only that, but all updates?

Adware vs Malware is an important distinction. No one here is claiming Microsoft are saints but what Samsung is doing (if true) is at best Lenovo level malicious negligence.

Yeah, and they could limit the graphics card to text-only mode. Improved battery usage AND it protects users from seeing advertisement videos and images online.

Windows 10 isn't released yet, so there's no way that I'm aware of for it to download Windows 10 in the background.

Although the language is a bit cagey, it seems like at least parts of Windows 10 will be downloaded before the official availability date:

> Between reservation and when your upgrade is ready, the files you need for the upgrade will be downloaded to your PC to make the final installation go more quickly.

(from http://www.microsoft.com/en-us/windows/windows-10-faq > What happens when I reserve?).

I stand at least partially corrected, that certainly is some vague phrasing. It could be anything from installer files to the whole OS.

Likely to avoid overloading their servers on launch date by spreading out the downloads over the preceding two weeks or so.

I don't know why this is getting downvoted - it raises a good point. What Samsung has done is definitely Bad News, but Microsoft has set a precedent recently that they will abuse the Windows Update app's special place on Windows installations to serve up advertisement to users. If Samsung also sets the precedent that OEMs will disable Windows Update - even if the reason for it here is poor - we might be better off.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact