AutoPatcher no longer allowed

[cme4pc]

AutoPatcher has had several security features for years now. Altering a module will be caught be AutoPatcher's own MD5 integrity checks and the user will be alerted appropriately.

The more I think about the situation... the more I AM SURE this is all a basic misunderstanding by the "internet investigator" (probably a 3rd party - subcontractor) for Microsoft about the content and intent of AutoPatcher.

Specifically in the C&D notice is the list of OPERATING SYSTEMS and this indicates a mistaken notion that AutoPatcher represents a distribution method that would infringe upon Microsofts property rights and ability to make a profit from the sale of its products. I don't think the "investigator" recognized that AutoPatcher contains only Hotfixes, Patches, Updates, QFE's, and the like.

I'm almost certain that permission to redistribute these elements IS OBTAINABLE from Microsoft through their legal department.

From my posts yesterday in the comments section on the AP Sites - latest news section

cme4pc Says:

August 30th, 2007 at 1:31 pm

http://www.microsoft.com/about/legal/permi...efault.mspx#ECG

Site for obtaining permission to redistribute hotfixes and patches.

?For questions about redistribution of hotfixes, updates, and QFEs, call (425) 882-8080 and ask to speak with a Product Support Services representative?

PLEASE NOTE - if it were illegal for a 3rd Party (autopatcher) to distribute MS updates, hotfixes, etc., then why would MS have this information posted on their legal divisions website?

There is undoubtedly a way for AutoPatcher to obtain official and legal permission to continue on with its project. To comply with MS guidelines, it may be necessary to have seperate AP programs, one that merely installs and verifies MS components. A second AP to handle all other 3rd party components, plugins, modules, etc.

I hope this info is getting through and not lost in all the rantings .....

I would also suggest close examination and confirmation of the CONTENT of the C&D letter. Forget any conversations previously (why we are here in the current dilemna in the first place) and seek written confirmation / authorization.... you guys HAVE to get names, numbers, note time and dates of conversations and correspondence and DOCUMENT EVERYTHING IN WRITING!!!! Insist on written permission from MS Legal then go tell this "internet investigator" what he can do with his little C&D order.

I sent messages to MS's Public Relations subcontractor.... the firm MS hires to mitigate all the "MS IS AN EVIL EMPIRE" image that exists in the media and public... I linked them to the stories, forums, and comment sections so that they would be aware of all the ill will this "internet investigator" is causing for their employer.

Take this battle and fight it on two fronts.... Legal and Public Relations.... links to legal above... links to PR below...

cme4pc Says:

August 30th, 2007 at 1:08 pm

Interesting reading from the MS site?.

http://www.microsoft.com/about/legal/intel...ty/default.mspx

http://www.microsoft.com/about/legal/intel...repreneurs.mspx

?Microsoft partners with entrepreneurs around the world in order to encourage innovation.?

Clearly this is in conflict with the take down notice?.

List of PR contacts at MS:

http://www.microsoft.com/presspass/PR_Contacts.mspx

These are from my posts on the AP SITES LATEST NEWS and most likely LOST IN THE FLOOD of responses.

http://www.autopatcher.com/134#more-134

Comments #429, 447, and 452 - 453

As described there, I have over 25 years experience in this industry and KNOW for a fact that MS would not intentionally do something that would inflame a large group of international customers such as what is occuring as a result of this "internet investigator" (what credentials does one have to have to obtain such a title anyway?) issuing an UNENFORCEABLE C&D.

Is this guy/gal even a lawyer... Is this someone in the direct employ of MS or otherwise fully authorized to act on behalf of Microsoft???... or is this some non computer literate intern working with a private investigator??? IS THIS APPARENT / OSTENSIBLE AUTHORITY or VALID AUTHORITY behind this order?

From where does this person draw authorization to act on behalf of MS??

Look ... a C&D is not a court order. It's simply a way for a company to say stop doing something that we THINK infringes on our legal rights and if you don't THEN we will file suit. THERE IS NO VIOLATION OF LAW ignoring an UNENFORCEABLE C&D order.

It doesn't take clarification from MS to restore the AP Site and forums.... by the letter of the C&D order, it's intent was to prevent illegal distribution of OPERATING SYSTEMS.... no judge anywhere / anytime is going to hold you to honor this document because YOU ARE NOT DISTRIBUTING MS PRODUCTS ILLEGALLY, maybe without official permission... but there is huge difference.... I am not a lawyer (but have studied law) and I'd urge you to consult with a good patent/copyright attorney in ref to any legal obligation to honor the C&D in the first place. Maybe you guys were speeding... but this is a stop sign ticket..... and as such is unenforceable.

The C&D order is also challengable on the grounds of that MS has allowed the practice of 3rd party patch distribution systems for years with full awareness of their existence and did nothing when such activity was first noticed. Therefore, an argument against the validity / enforceability against the C&D order could be made on the principle grounds of estoppel.

Challenge this ... investigate the investigator... contact MS Legal for written permission to redistribute... rage against the machine.....

Best of luck and I'll be proud and honored to fight in the trenches alongside you guys.....

[Shof]

does anyone think that microsoft is trying to take over the world?

[windowsedge]

It is weird they haven't contacted mirrors providing autopatcher.... Hmmm... What's going on here??

Edited September 1, 2007 by windowsedge

[smctainsh]

I think this is quite a sad decision. After seeing how helpful Autopatcher has been to people, it really seems like a really sad decision for Microsoft to make. I also find it strange that it took them this long to act (four years). :huh:

it's not much but here is my support... unless someone else can make a better "SUPPORT AUTO PATCHER"

You inspired me to create a badge that people can use to show their support for Autopatcher if they wish. :) You can download the badge from here.

Smctainsh

[guenther]

It's fairly ironic how shutting stuff down gives it more attention. I didn't know of autopatcher before now... but I'm downloading it as we speak. Screw ms.

Hi,

I had just finished downloading the august core half an hour before the shutdown. I did not have the time to download AP 5.6. Any ideas where I can still get it. What are the problems if I install the August core with 5.1

[PsiMoon314]

Hi,

Please think before posting the locations of the AP downloads.

Even though many of the mirrors are still up and download have not stopped posting the download locations here might upset Neowin Staff and MS even further.

I feel confident that a fairly straight-forward search using your favorite search engine will locate downloads for the current releases of AP.

Kind Regards

Simon

[icemanx]

All I can say is when MS gets its deals done autopatcher will go underground and then no one can stop it

if they had have left it alone then it wouldnt go underground at all

lets all sign in to the MS site at once and really clog up thier system so much they will have to rething thier ideas very fast

I love it when companies cut off their noses despite thier face

underground here we all go.......

[d0bby]

I don't know if this has already been mentioned but it might have something to do with the recent release of Windows Update Catalog. You can download any updates for any Windows OS. You could also use vLite to slipstream them so you don't have to update after each install. WUC is still on initial release and unfortunately uses ActiveX (Yuck!) and has a crap search function but at least you can download the updates.

I only just found out about Autopatcher so I'm a bit gutted that it's now been taken down. Thanks for the efforts guys.

[Japlabot]

Is it possible to have a BartPE style "Builder" which will download the required components from the Microsoft servers before being packaged.

At a minimum, would it be possible to maintain the master patch list so that we can update ourselves?

I seriously thaught that Microsoft would have better things to do than go after community projects. Obviously not.

Even if the potential for compromised updates to be included is possible, it is not, and never would have been the responsibility of Microsoft that it happened.

[Shof]

For those reading the ap forums, remember there was a topic about a user trying to talk to microsoft about getting legal permission from them about the autopatcher project? Well i bet that user tip off microsoft the wrong way which made them in turn send a c&d to autopatcher

[gunslinger]

The problem with microsoft is that at this point they feel invincible like nothing can touch them, and sadly they are right. Every tech on here could install Linux on every PC they see for the rest of there life and it wont effect business at microsoft one bit. This also explains why they charge the way they do for software. If 98% of people use your product you can charge whatever you want. Same for gas prices, its something everyone uses. If the price of gas went to $10 a gallon tomorrow everyone would have to pay it or not drive, simple as that.

[+M2Ys4U Subscriber¹]

For those reading the ap forums, remember there was a topic about a user trying to talk to microsoft about getting legal permission from them about the autopatcher project? Well i bet that user tip off microsoft the wrong way which made them in turn send a c&d to autopatcher

I was thinking the same thing but didn't want to assign blame.

It's perfectly possible, however, that MS have done this of their own accord.

[*John*]

Why don't the people involved in the Autopatcher project get a free forum from proboards/informe/freeforums.org/forumer etc and continue the autopatcher project on their own?

Neowin isn't essential for this project?

[DaveLegg Developer]

Why don't the people involved in the Autopatcher project get a free forum from proboards/informe/freeforums.org/forumer etc and continue the autopatcher project on their own?

Neowin isn't essential for this project?

Because Microsoft also sent them emails asking them to stop. It's not just Neowin that got emails like that.

[DS2K]

What a bunch of ass holes.

Personal think there should just kill the Vista version of autopatch

As that seem to be the only one M$ cares about.

**** M$

**** Vista.

Edited September 2, 2007 by Frank

[*John*]

Because Microsoft also sent them emails asking them to stop. It's not just Neowin that got emails like that.

Ah ok (Y)

That sucks :(

[Shof]

John, if you can read their blog comments he posted this message:

# Antonis Kaladis Says:

August 30th, 2007 at 10:12 am

You can email me at nw_raptor#gmail_com (replace _ with . and # with @).

An update for all of you:

We have already come up with a set of changes/features in order to continue the project without redistributing Microsoft?s patches. We are still waiting however from an in-depth reply from Microsoft. In any case, we will be implementing these changes as soon as possible.

..this was also posted a few pages back

[tao muon]

.

You go ahead and doubleclick every patch that you downloaded from UC to start them one after the other.

I prefer the Autopatcher way; select (f.e. only the critical patches) and launch the install process.

It 's unattended !

Wait a minimum of time and 'voil?', a fully patched system.

I don't want to sit through the series of downloads every day !

.

Well, if you'd have downloaded them from UC and burned them to disc or saved them on USB flash like I said earlier, you wouldn't be setting "... through a series of downloads every day !"... as you put it. You'd just have to run them one-by-one, choose the critical versus optional or recommended patches... which was my point- Autopatcher is a one-click solution, little more.

However, a professional sys-admin should be able to write a shell script to do the same thing with WSH or PowerShell and WMI calls, agreed? There might even be a script out there that does this- run the script and point it at your UC files and "viola".

I am now currently using Autopatcher XP for the 5th time this week.

I charge my clients a fixed rate for reinstalls + security updates. Without AP I will have to charge more.

Also I routinely hand out AP CD's to people with dialup connections.>

Downloading over 100 updates via dialup isn't fun. Many skip the larger updates.

>snippage<

You could charge more, and be justified in doing so, were Autopatcher not available. So I assume you are not greedy. And, when you hand out AP CD's, do you charge for the disc?

[tao muon]

I think the Autopatcher team could get around the technicalities of the Terms of Service by providing software one would download which would connect the user to the Update Catalog and allow the user to select which updates to download. These updates would then be downloaded to the user's computer and the Autopatcher program could then use a scripted method to invoke the udpate package(s) without altering the package itself... basically a shell that intercepts 'package does not apply to this system' messages.

AP would be a third party utility that does not infringe on Microsoft's way of installing patches: people download patches themselves from Microsoft for installation on their computer(s).

AP would, in essence, become Windows Update for all versions of Windows.

But I'm drinking so what am I thinking? :D

[Night.Hawk]

I think the Autopatcher team could get around the technicalities of the Terms of Service by providing software one would download which would connect the user to the Update Catalog and allow the user to select which updates to download.

<snip>

One of the most useful features of AutoPatcher though was that you could download all the updates in a small, compressed format. Especially on reinstalls, downloading AutoPatcher was sometimes smaller than downloading individual updates. It was also nice that you could burn it to a CD and take it to people with slower internet connections.

[Frank]

One of the most useful features of AutoPatcher though was that you could download all the updates in a small, compressed format. Especially on reinstalls, downloading AutoPatcher was sometimes smaller than downloading individual updates. It was also nice that you could burn it to a CD and take it to people with slower internet connections.

Yes but after the updates were downloaded from Microsoft I am sure you would be able to burn the AP package to the CD and take it with you. ;)

[Codesmith]

It takes 4 or 5 clicks and 15 seconds to fix it so a pirated copy of XP is activated and validates both online and off.

Autopatcher doesn't help pirates, because they don't need any help.

Microsoft killed it because eventually someone was going to hack into one of those mirrors and sneak something nasty into one of the releases.

Microsoft should have just offered to host all the autopatcher downloads.

Microsoft would then be the hero while making sure that all patches are downloaded directly from their servers.

[akaladis Veteran]

Microsoft killed it because eventually someone was going to hack into one of those mirrors and sneak something nasty into one of the releases.

You make it sound easy. Rest assured, AutoPatcher has its fair share of security features for such a case. If you change anything the release is flagged as unofficial, and users are alerted appropriately.

Microsoft should have just offered to host all the autopatcher downloads.

So they can be secure?

[Toxikk Veteran]

dagger!!! that sucks. oh well. gotta give into the man if you gotta!

[gandolas]

Thank you guys for the support. And a special thanks to our torrent guy, M2Ys4U. :)

And guys, we won't give up. We may be back sooner that you think. ;)