Friday, August 24, 2007

Windows Update updating without permission!

Digg this

Did I ever mention that I love VerifyMyPC? Oh wait. Never mind. I did that already.

It has been a while since I have posted but this one is too good to pass up. Every night around 10:30 p.m., my computer is set up to run a VerifyMyPC scan. About 11 p.m. the Scan Notifier runs and does the whole balloon pop-up thing. Normally nothing pops up because there is nothing to report (i.e. another day at the office - figuratively speaking).

When there is something to report, usually a little yellow triangle icon shows up and I say, "Yup, I remember doing that today." Or, "Those changes to my system sound about right."

Tonight, the special analysis mode of the Scan Notifier picked up on unusual behavior and popped up the Red-X icon.


If Microsoft ever wanted to get caught with their pants down, they succeeded. For most people, the above doesn't make a whole lot of sense past the "you might have a virus" part. VerifyMyPC requires a little extra knowledge about computer systems when dealing with the details. Google is your friend in these cases. Running searches for 'wups.dll' and 'wups2.dll' turns up something about Automatic Updates. In particular, those DLLs provide Automatic Update functionality for Windows.

In other words, the Automatic Updates utility automatically updated itself. Now this might not seem like a big deal but I have automatic updates set to manual (both download and installation have to be approved by me) and not the usual 'automatic' setting found on most user PCs. In other words, Windows updated itself without my express permission. Such behavior is right in line with spyware-like activity. Thus, VerifyMyPC is doing an accurate job in reporting such behavior to me. I love VerifyMyPC.

It is also interesting to note that Microsoft pushed out an update to Automatic Updates on a day other than the 2nd Tuesday of the month (also known as "Patch Tuesday").

Edit:
The above image actually indicates that those files were 'added'. Drilling down, it shows that they were added to 'C:\WINDOWS\LastGood\system32\'. While 'wups.dll' and 'wups2.dll' were NOT modified, other files that are in the real system32 directory ('C:\WINDOWS\system32') WERE modified. What follows is a snippet of each file that was added and changed (files with the same name have been grouped together to help make it obvious that a virus or other piece of malware wasn't involved - malware authors wouldn't bother to copy the files to the "Last Known Good" configuration):

Add (Important)
C:\WINDOWS\LastGood\system32\cdm.dll (90.33KB)
Hash: 4E 68 B2 C4 4D F7 D2 58 16 8C 99 2C BA EC E9 95 53 33 05 86 C2 81 3B F4 B9 27 87 7C 0B 5B 51 A5

Change (Critical)
C:\WINDOWS\system32\cdm.dll (90.33KB)
New Hash: F2 2D 36 39 25 2C 01 76 40 0B 49 B3 06 2E B0 18 4B F1 F6 66 34 DD C7 F8 FD 69 73 23 9B CD 5B 98
Old Hash: 4E 68 B2 C4 4D F7 D2 58 16 8C 99 2C BA EC E9 95 53 33 05 86 C2 81 3B F4 B9 27 87 7C 0B 5B 51 A5

Add (Important)
C:\WINDOWS\LastGood\system32\wuapi.dll (536.83KB)
Hash: 07 A5 AF 93 9A 1D 28 5F 5B 08 BC 43 9B E5 57 EF 00 1C 4A D6 D9 E3 92 10 33 B2 D7 B9 E9 2C 42 C0

Change (Critical)
C:\WINDOWS\system32\wuapi.dll (536.83KB)
New Hash: C6 D8 44 CF CF BE 21 DA D0 3A 6E 75 7A A7 7B 06 DC 4E 3E 06 06 41 8B F9 E7 9D 91 13 29 17 5E C0
Old Hash: 07 A5 AF 93 9A 1D 28 5F 5B 08 BC 43 9B E5 57 EF 00 1C 4A D6 D9 E3 92 10 33 B2 D7 B9 E9 2C 42 C0

Add (Important)
C:\WINDOWS\LastGood\system32\wuauclt.exe (51.83KB)
Hash: A4 21 0C 3D 8A 99 75 97 E5 67 0B FA C2 46 6E 6A 0A FD C8 9B 2F 2F 6F 9C E5 88 63 3F 92 67 A5 9A

Change (Critical)
C:\WINDOWS\system32\wuauclt.exe (51.83KB)
New Hash: 46 DA FC 71 5B C2 BC BF D5 6A 3B 2B C3 DF 1D D2 C0 36 89 3E AB 2E 4F D6 E4 39 3E 08 10 54 D5 0D
Old Hash: A4 21 0C 3D 8A 99 75 97 E5 67 0B FA C2 46 6E 6A 0A FD C8 9B 2F 2F 6F 9C E5 88 63 3F 92 67 A5 9A

Add (Important)
C:\WINDOWS\LastGood\system32\wuaucpl.cpl (211.33KB)
Hash: 68 10 5C D1 BA 1D 73 48 02 31 DE 4C C0 F3 08 CF 15 3E EC 5B C9 F4 4D 2C 22 D0 D6 03 D8 59 C1 99

Change (Critical)
C:\WINDOWS\system32\wuaucpl.cpl (211.33KB)
New Hash: C4 0D 02 69 98 E1 9F 23 9F F9 5A 55 C1 33 4A E4 70 5A 8B 92 BF 4D DD F0 E4 42 3E 4F DA E9 D0 DA
Old Hash: 68 10 5C D1 BA 1D 73 48 02 31 DE 4C C0 F3 08 CF 15 3E EC 5B C9 F4 4D 2C 22 D0 D6 03 D8 59 C1 99

Add (Important)
C:\WINDOWS\LastGood\system32\wuaueng.dll (1.63MB)
Hash: 47 4F E9 97 52 0A 5C EC B5 CD ED 16 2B 32 49 61 AE 43 27 84 B1 82 11 66 6D D4 51 70 8A E6 C4 CD

Change (Critical)
C:\WINDOWS\system32\wuaueng.dll (1.63MB)
New Hash: 43 C2 26 22 FF C5 7E 8C 4F 54 C0 58 DA 30 D8 EA 57 BC 28 FF 43 CC 5C 85 17 DE C2 47 FF 2E 71 2A
Old Hash: 47 4F E9 97 52 0A 5C EC B5 CD ED 16 2B 32 49 61 AE 43 27 84 B1 82 11 66 6D D4 51 70 8A E6 C4 CD

Add (Important)
C:\WINDOWS\LastGood\system32\wucltui.dll (318.33KB)
Hash: 15 1D 34 E5 A4 3A CC DA B4 93 86 50 A0 99 70 6A 6B 6C 8E A5 D2 C5 83 25 EF 36 D1 AA 3B 46 9F 7B

Change (Critical)
C:\WINDOWS\system32\wucltui.dll (318.33KB)
New Hash: 51 12 24 6C 7B 09 54 21 ED 41 FA 90 B4 E8 CE 9D 00 3C DF A9 2F B1 DF 71 89 B8 CE 68 2D 8A 63 F7
Old Hash: 15 1D 34 E5 A4 3A CC DA B4 93 86 50 A0 99 70 6A 6B 6C 8E A5 D2 C5 83 25 EF 36 D1 AA 3B 46 9F 7B

Add (Important)
C:\WINDOWS\LastGood\system32\wups.dll (32.83KB)
Hash: E2 E1 5F 1C FB 8D 3F 38 15 89 F4 A1 05 6C 7C 22 6B 6A 54 EA 9A D4 FE 49 77 CE B4 96 8D EF 8E BF

Add (Important)
C:\WINDOWS\LastGood\system32\wups2.dll (42.33KB)
Hash: EF F0 03 E7 79 2B 94 C2 F5 3D 90 07 FB 9D 71 AD 2E 2D 3F 00 BB 8E B9 59 16 C3 F5 21 04 D9 7E FA

Add (Important)
C:\WINDOWS\LastGood\system32\wuweb.dll (198.33KB)
Hash: 12 72 88 FA C2 76 75 C4 51 69 A2 E3 BC B6 94 4B B3 91 C8 49 78 BC 2F DE 85 C5 B2 C4 2B D3 7B 93

Change (Critical)
C:\WINDOWS\system32\wuweb.dll (198.33KB)
New Hash: 5F B2 3D 83 EE 94 20 A6 0F 23 8F BF 5F 7E DD BC A6 8F 9A 9A CE 35 A8 F9 64 AF 88 A9 4D 4B E0 7C
Old Hash: 12 72 88 FA C2 76 75 C4 51 69 A2 E3 BC B6 94 4B B3 91 C8 49 78 BC 2F DE 85 C5 B2 C4 2B D3 7B 93

(The rest of the files have a .mui file extension and MUI apparently stands for "Multilingual User Interface" - probably just a bunch of language strings).

Change (Critical)
C:\WINDOWS\system32\wuapi.dll.mui (25.33KB)
New Hash: 42 46 98 4C AE 03 50 61 F4 E9 69 7A A2 38 A4 4B B3 A8 40 F1 39 3F 71 A7 92 78 42 28 5F 8F B9 33
Old Hash: 73 B4 BB 37 D4 FF 47 0B 61 78 73 AA 43 24 12 27 2C D4 B3 B2 9C 8E 6A 26 A6 78 1E A7 08 25 B5 36

Change (Critical)
C:\WINDOWS\system32\wuaucpl.cpl.mui (25.33KB)
New Hash: B1 6B F1 A9 5F 88 6F B1 8E B3 60 E6 42 2B AF B1 00 2D 9C 8A F1 17 C8 0D 6D 0E 23 24 6C CA 60 D4
Old Hash: EF E0 8D 82 AE F1 56 9B 55 C7 B6 CD CE 28 80 3F B7 26 20 84 EF 5C 4B 69 40 17 9C 4E 2F 67 97 58

Change (Critical)
C:\WINDOWS\system32\wuaueng.dll.mui (19.83KB)
New Hash: D9 B6 D9 FB 33 EA CB F3 DA 38 19 86 62 FE 70 16 6E 74 BC DC 4A 67 AD 24 A3 8A F8 8C 23 42 BA FB
Old Hash: D0 19 EC DA 02 E1 9F FD 30 C4 F4 06 90 A5 0F 97 76 59 81 B2 3A F1 BE AD 60 47 25 E5 63 7C 33 9B

Change (Critical)
C:\WINDOWS\system32\wucltui.dll.mui (33.33KB)
New Hash: 22 93 81 37 4F A2 81 38 D4 FC FB 07 69 A2 1F 6A 5D C5 7A 5C 44 78 F4 75 C0 3C 04 DC 6A 9C 45 B0
Old Hash: E3 BD 08 48 2F BF 98 68 AF 78 C9 17 A4 1B 1C 4E AD 64 D3 18 ED C5 06 BB 87 A2 93 52 2A A1 C5 F3

So there are plenty of other actual changes to Automatic Updates to back up my claim.

Also, while wups.dll and wups2.dll were not changed, it is pretty apparent that they were included in the update as they were backed up into the last good configuration directory...as if they were going to be changed. Also, VerifyMyPC only reports changes to files that have signature (hash) changes. A hash is a one-way cryptographic thumbprint of a file. If you want to verify the above you will need a tool capable of performing a SHA-256 hash and a computer you didn't reboot (last good configurations tend to vanish after a successful boot).

You should also keep in mind that there are Windows APIs to alter timestamps of files. Just because a file says it hasn't been modified or accessed since 2004 doesn't mean it hasn't been.
Update Sept. 14, 2007: Microsoft finally responded after some major publications also realized secret Windows Updates were pushed out...almost three weeks after I posted this. Here is the official response.
To this I say: "That is a bunch of baloney". If Microsoft wants to update Windows Update components, I want the choice to update that. The "Download and Install Notifications" option implicitly includes all updates. In my mind, the Windows Update utility itself is part of that 'all'. Don't update my system secretly. Ever.
And Microsoft still hasn't come forward to explain why the WGA servers went down. My guess is that would still be pretty embarrassed at this point to try to explain that "because they pushed out a secret update to Windows Update, WGA went down".
While I generally accept updates to Windows, I still want complete control over the entire process. The biggest problem I see with secretly updating is that it usually entails a reboot. I rarely reboot and if my system reboots while I'm in the middle of something, I will potentially lose a lot of work not to mention the time involved in bringing up all 20-30 programs I was running before the reboot. Secret updates might be followed by random shutdowns and reboots.

34 comments:

  1. In other words, Windows updated itself without my express permission.

    Look, I hate Microsoft as much as the next guy, but this is just not true.

    The EULA specifically says that they may do that, and you clicked "I agree" to that.

    ReplyDelete
  2. Before now I've had Windows update itself when it's been set to manual for downloading. The only way, it seems, to stop Windows from receiving updates surreptitiously is by turning off updates COMPLETELY.

    I feel sorry for the people who use wireless internet and are roaming in a different country, as they get charged a huge fee per megabyte of download, and Windows may be downloading 10 megs of updates in the background...

    ReplyDelete
  3. "Without your expressed permission".

    Not "express".

    ReplyDelete
  4. I've seen something like this before (where XP updates without prior approval from the operator). Its more common then you would think...

    I have my updates to download but not install without my permission but because I normally use my laptop under a Limited Account (as opposed to Administrator) I find that sometime can pass before I use the Administrator account. When I do log on as Administrator sometimes I can have updates waiting for my approval but... sometimes... when shutting down my laptop after being logged on as a Limited user without ever having logged on as Administrator I get a warning that updates are being installed, don't unplug or switch off and that the laptop will switch off automatically. I've always thought it wrong of Microsoft, but then, its also something I've learned to expect from them.

    ReplyDelete
  5. jiri: Just because I agreed to a EULA doesn't necessarily make it legally binding. Same principle with NDAs apply to EULAs. Microsoft makes 'em as far reaching as possible - it is up to a court to decide if it is legal or not. What may be more interesting is that Microsoft probably hosed themselves real good (WGA servers) with their own Automatic Updates. Personally, I don't care if Microsoft "secretly" updates - I've got VerifyMyPC to tell me about it.

    mike: It's my blog and I'll use incorrect grammar if I want to, incorrect grammar if I want to...

    ReplyDelete
  6. it's not incorrect grammar it's just incorrect use of English

    ReplyDelete
  7. The phrase "express permission" is correct. Check a dictionary - it is used as an adjective and means the same as explicit.

    ReplyDelete
  8. Express is correct. Expressed would be wrong or at best very awkward.

    The question is not what Microsoft have a right to do per the irrelevant EULA remark, but what sneaky business they are up to, since this is apparently extraordinary behavior and MS has its hands in all sorts of DRM and phone-home nastiness - much of which we likely haven't even heard about yet.

    ReplyDelete
  9. @Mike: "express" is correct. Go to m-w.com and look it up (first adjective sense).

    ReplyDelete
  10. No, Mike's wrong, it IS 'express'. In this context it means the same as 'explicit' and has nothing to do with an utterance. Look it up, Mikey.

    ReplyDelete
  11. mike: "express permission" is correct grammar. Look it up.

    ReplyDelete
  12. Wow, and I thought I was clever for turning off automatic downloading and updating. Maybe I should use the HOSTS file to remap the Microsoft update server to an unreachable IP.

    And sorry, mike, it is "express". :-)

    ReplyDelete
  13. I also have my computer set to require my permission to load updates. A few weeks ago I was offered a list of about 8 or 9 updates and I looked through them as I usually do. One was vague in it's wording, saying it's purpose was to "enhance the user experience" and to "verify and validate" programs. I left this one off thinking I would see if I heard more about it first. The next day it installed itself without bothering to ask permission. I checked my settings and found they had been re-set to allow automatic updates.

    ReplyDelete
  14. According to everyone I know, including old-skool Webster's, "express" is a perfectly fine adjective, and even preferable to the more complex passive-verb-cum-adj. version:

    ...9. clearly indicated; distinctly stated; definite; explicit; plain: He defied my express command.
    10. special; definite: We have an express purpose in being here.
    ...

    13. duly or exactly formed or represented: an express image.

    ReplyDelete
  15. 'Express written permission' is entirely grammatical. 'Express' is an adjective meaning 'explicitly stated'. Plus, this is the idiomatic form of the expression.

    And . . . what the EULA says is irrelevant if it is contradicted by the plain language of the Automatic Updates applet: "Notify me but don't automatically download or install them".

    ReplyDelete
  16. Rich: I hadn't thought to check and make sure the setting had not been altered, so I did that just now. It is (still) clearly set to "Notify me but don't automatically download or install them".

    Tim McCormack: DNS poisoning (altering the HOSTS file) is a bit overkill...but, hey, if it floats yer boat...

    einexile: Excellent point. On the plus side, I've been in the bowels of Windows and know how to analyze DLLs. A former version of VerifyMyPC (1.x series) was capable of determining what functions changed in DLLs. It was a tradeoff for a ton of other enhancements.


    Everyone else: I don't usually look up words in the dictionary. I generally learn the meaning of words by observation of how other people use them in sentences. This is so that when I actually go to use the word, I get strange looks. And, even though it is a blog, I still try to be grammatically correct but don't always succeed and therefore only somewhat care about grammar (spelling, on the other hand, I'm always picky about). I use my blog as my "rant-platform"...gotta let off steam somehow, right?

    ReplyDelete
  17. The man is trying to pass on information. He is not teaching English composition. As long as the idea gets across then he is doing a fine job.

    As to the topic, I have always wondered why someone couldn't hijack the automatic update and do bad things to all Windows systems. It could be done and not show up as a virus.

    ReplyDelete
  18. russ: You are touching on an area I think about regularly. Although, what I think about are what I call "disaster scenarios". A virus would merely be a nuisance. Scenarios such as "deploy a bot via Automatic Updates that scans a LAN for Visual SourceSafe, Subversion, and CVS repositories and sends the company's entire source code base out to a distributed network" would result in significant financial loss across the entire software industry (in the billions!).

    However, Automatic Updates update executables are signed prior to distribution with Microsoft's internal private key (cryptographic key involved in signing and verifying that code came from someone and has not been tampered with). So whoever hacked the system would have to get their hands on the private key...and probably only a small number of internal people could do it. A disgruntled Microsoft employee with access to that private key and very careful programming would probably have to be involved. More than likely someone would get caught or botch up the code than such an effort actually succeeding.

    I would be scary as a bad guy. That's just one scenario I've thought of. Hollywood should bring me on for consulting :)

    ReplyDelete
  19. In other words, Windows updated itself without my express permission.

    Look, I hate Microsoft as much as the next guy, but this is just not true.

    The EULA specifically says that they may do that, and you clicked "I agree" to that.


    ANY Eula will say that. the EULA for a CAR will say that. Or a PIE that you buy at the supermarket.

    The Eula says that Microsoft can CHANGE XP if they want... It does not say that they can change it without telling you about it.

    Anway, the WUPS is the Windows Update Client Proxy Stub, and is downloaded after it tells you that it is going to download some files for Windows Update, right after the active X control is installed.

    So, in a way, they are notifying you, they juyst aree not telling you the names of the files in the forced update.

    When you click that rectangular "Download" button, you kind of are giving your express permission.

    ReplyDelete
  20. XweAp0nX: The difference here is that I didn't do anything. I had not even visited Microsoft's site in a while. In this case, this was a secret worldwide update pushed out to people, which also probably had the side-effect of taking out the Windows Genuine Advantage (WGA) servers.

    ReplyDelete
  21. Just to play devil's advocate here - can you be certain that it was Microsoft that did this? Can yourule out the possibility that (as the VerifyMyPC notification suggests) some sort of spyware, virus, etc. designed to target the windows update dll's has hit your system?

    ReplyDelete
  22. matt: I've updated the blog entry with pretty conclusive proof that Microsoft was the one who made the changes. I mean, what malware author is going to copy the original files to the "Last Good" configuration? And it would have to be a pretty slick job to modify all those files, look all official, and still have the system look and act like it still works. Malware authors are pretty good, but I have yet to see something that elaborate pulled off successfully (the most elaborate worm I've seen was, thankfully, botched in its programming).

    ReplyDelete
  23. rant

    Geez, people, let's quibble over semantics, why don't we? After all, that's what the guy's post was about, right? Using proper english and semantics and punctuation and what the heck, who let the English teachers in here!!! If you want to worry about these type of things, go to taco bell and order a specially made whatever and see if they get it right - or, heck, go to McDonald's and order a double quarter with cheese, no onion or pickle, add lettuce and mayo and see what kind of bizzarro-world creation you get back!

    Let the subject stick to the subject.

    /rant

    ReplyDelete
  24. Well, the only way to be sure you own your computer and have control over the software is to use something that doesnt force Microsoft EULAs and policies upon you. Something that is free and peer-reviewed. Something that has its source code available for anyone, even you, to verify.

    That something is called open source. Most people have heard of Linux operating systems.

    Reclaim your computer from corporate interests and switch to free, open source systems.

    A good one for beginners is Ubuntu, www.ubuntu.com, with plenty of community help available from ubuntuforums.org. I made the switch 3 years ago, now both my desktops and my laptop run exclusively Linux. No more madness from MS..

    ReplyDelete
  25. auer: Ubuntu isn't really quite ready for the average user to use it. It appeals a lot more to technical users/geeks like myself. If I recommend anything to a user as an alternate to Windows, it is OSX.

    ReplyDelete
  26. @Tim McCormack: I believe the IP for the Windows Update servers URL is hardcoded in the Windows kernel -- no matter your DNS setup, windowsupdate.microsoft.com will always resolve correctly, along with other Microsoft URLs.

    ReplyDelete
  27. @Thomas: Hate to say this Thomas but their have been malware programs that do copy to the last good configuration folder around for at least 2 years now. I find that they do this so that you can’t get rid of them easily. You should realize that when you update your windows updater you are agreeing to a separate license agreement from that of windows and this one is explicitly for the updater if I remember from my installs of XP.

    ReplyDelete
  28. While several have mentioned that turning off Automatic Updates does not, in fact, actually stop them, no one has mentioned BITS. (Background Intelligent Transfer Service).

    This is the means by which most MS patches are piped to the user.

    If you want to stop it, in MSconfig, disable BITS on the Services tab.

    Mind you, there are other ways for MS to slip you undesired updates. But BITS is the usual method, and activity is difficult to detect without active monitoring.

    Someone suggested using the HOSTS file. Forget about it. It only affects the primary client ports. (Browser, FTP, Telnet, and a few others). Besides, BITS has direct WinSock access.

    Mr FUBAR

    ReplyDelete
  29. fate: But do those malware programs copy the _original_ files before installing their malware? Look at the original blog entry closely - the files in the last good configuration are the same as the files that used to be in the Windows\System32 directory. I can imagine malware installing itself to both locations but NOT backing up the original files.

    ReplyDelete
  30. I haven't seen that, but it doesn't mean you don't have malware ect. you should still give yourself a scan just to be sure. Never know what can get installed without your knowing or even with VerifyMyPc its very easy to also inject something in such a way that a program like VerifyMyPc wont be able to detect if someone wanted to.

    ReplyDelete
  31. XweAp0nX: I'm not talking about "product specification may change without notice"; that's a fairly common notice (on advertising, mind, not in licenses).

    What I'm talking about is language like this: Internet-Based Services Components. ... You acknowledge and agree that Microsoft may automatically check the version of the Software and/or its components that you are utilizing and may provide upgrades or fixes to the Software that will be automatically downloaded to your Workstation Computer.

    Let's have an instant replay: You acknowledge and agree ... will be automatically downloaded.

    If that isn't express permission, I don't know what is.


    Thomas Hruska: Just because I agreed to a EULA doesn't necessarily make it legally binding.

    Well, maybe it's a contract of adhesion, or maybe it's presented post-sale and therefore void. Probably varies state by state; some have laws making EULAs weaker, some have laws making them stronger. Consult a lawyer.

    In any case, the headline is inaccurate; it wasn't "without permission", at best it was "with dubious permission" :-)

    For myself, I choose software that doesn't have such onerous terms to begin with, regardless of their enforceability or otherwise.

    ReplyDelete
  32. fate: Just to make you happy I ran Ad-Aware, Spybot S&D, Clam AV, and Resplendance Rootkit Revealer. All came back clean. VerifyMyPC is the only tool I know of that will catch system changes like this. I've never seen malware, that modifies system files, hide from a cryptographic hash comparison. VerifyMyPC is just one tool in my arsenal but I consider it my first line of defense.

    jiri: [shrug] I'm not a lawyer but I'm also not interested in arguing the point. What I find interesting is that people are more interested in this blog entry than the connection of "issuing this secret Windows Update caused the Windows Genuine Advantage servers to go down" (see my other blog entry). It is like people don't want to admit that there is a connection. To me, THAT is interesting. It gives me insight into the type of software that sells.

    What is also interesting is that, just yesterday, Microsoft released a couple regular Windows Updates. As if to say, "We're going to cover this up in case someone noticed the secret Windows Update and makes the connection to the WGA servers going down". Too late for that. I noticed. And made the connection.

    But as far as anyone's concerned, this will probably be brushed under the rug. I mean, no one important really noticed. Microsoft will make it shine with a little PR magic and the problem will go away. Oh well. I'll keep blogging.

    ReplyDelete
  33. This rant sounds very hypocritical coming from someone whose own software (VerifyMyPC) has this absurd section in the license agreement: "You agree that this agreement is subject to change without notice and you implicitly agree to those changes except where prohibited by law."

    ReplyDelete
  34. Marty List: Let's see. I'm an individual attempting to run a business. I have two options available to me:

    1) I could constantly fiddle with license agreements and get nothing useful done.

    2) I could develop new features for my software. Speaking of which, any specific features you are looking for?

    So what if I wrote the legal agreement? It was written in a hurry (because someone like you complained about the previous agreement) and I probably threw that in as a legal catch-all in case I royally messed something up in the previous paragraphs. I can't afford a lawyer. And I'm not a lawyer. So...you should buy enough licenses of VerifyMyPC so that I can afford to rent one. (Hmm...RentALawyer.com - yup, there's a domain squatter).

    Some people take things WAAAY too seriously. Time to take a chill pill.

    Since I apparently can't "win" and I can't afford a lawyer and you're not likely to pay for one for me, I've decided to just have fun with my EULA. I've changed the EULA for the next release of VerifyMyPC to be a significantly more entertaining read. [goofy, lopsided grin with a couple twinkles in each eye]

    You are assuming too much about me from one blog post. This blog is my rant zone. A place to let off steam. Everyone needs one of those, right? In general, I'm a pleasant, hilarious, and unusual person. Someone recently said to me, "You're always smiling." This blog helps keep it that way. Consider it a privilege that you even get to see my "darker side", but, even as I blog here, I try to have fun.

    ReplyDelete