Microsoft: We can remotely delete Windows 8 apps

Succinctly said.
That's a good approach for all the various complaints we have around here.

 

Not on your device if you don't use the store and its apps, which is reasonable enough.

 

Agreed. If I had any incentive to try Win 8, this ended it completely. I'll keep my unsupported version of Windows. At least I control the system and its contents, not them. I have no doubt that this will be abused and its uses will be expanded well beyond what they're stating now.

 

Maybe it's beyond your comprehension the fact that Windows 8 will work as usual without using the app store, but w/e.

 

Why would MSE be relevant? Obviously they wouldn't rely purely on it.

That's kinda speculation but entirely possible.

Google doesn't remove apps based on what apple calls "quality control" they just remove malware.

There is no reason to believe that Microsoft will choose either one of those things.

Which is a silly complaint since we've got no reason to believe that they'll do this. It's just speculation. It's interesting to talk about the possibility but let's not pretend that we know what Microsoft is going to do.

You have no doubt that this will be abused but it's based on nothing concrete. Maybe it will be maybe it won't be. But it's similar in functionality to Windows Update and we haven't seen that exploited in the wild.

And, of course, as always, you can just not use the store.

 

Actually I mentioned Windows Defender (Windows 8 ).

When/If (and Why) Microsoft deems something to be malicious, why wouldn't they issue malware definitions updates for Windows Defender, etc? Why this kill switch? This kill switch, if is in fact only to protect users against malicious software, then it will only protect the users if they get the applications through Windows Store. I'm failing to understand the point of this kill switch as a mean to fight malware. I just can't see it.

If, in fact, some software developer goes rogue, he/she/they will go rogue regardless of the application being hosted at Windows Store and/or hosted at their official websites.

Windows Store is not mandatory, I know that. But, don't you ask yourself why Microsoft would rather have a kill switch to kill malicious applications and/or illegal applications?

Illegal? What's an illegal application? Illegal where? Illegal in the U.S? Maybe it won't be considered an illegal application in the European Union, where I live. Would Microsoft still have the legal power to kill an application that, at some point, was not considered illegal and was hosted at Windows Store, from where I bought it? Also, why did an application all of a sudden become illegal? There are two possible answers: Microsoft didn't perform a proper background check OR Microsoft/other, for some dubious reason, considers it illegal.

Microsoft wants the kill switch for whatever application they consider illegal? Fine. Do it in the U.S. I don't give a damn about it. But, I sure hope the European Union won't be blind to this. Otherwise, Microsoft will kills applications, just because some other interested party, or even Microsoft, says something is illegal.

Malicious? Then protect the users by issuing malware definitions updates, and this way every user using Windows Defender and Microsoft Security Essentials will benefit.

 

Defender, MSE, same thing in Win8.

Users running a 3rd party AV won't be using Defender I don't believe.

Removal through the store is probably a lot easier/ simpler. No waiting for an update either.

It's another layer.

Both Google and Apple do this with their app stores. Probably Amazon too. Anyone who does a central repository is probably going to try to protect it.

The difference is that MS is distributing the software and that adds some responsibility to what they have on the store.

Yes, absolutely. It could be for nefarious reasons... or it could simply be for exactly the reasons that they and everyone else says it's for. I seriously doubt we see them do anything awful because it's more important for them to maintain a proper image. Neither one of us knows what will happen but I'm willing to bet it's used just like Google's or maybe something between Google's and Apple's.

Most probably. But there may be stores for EU etc or, as with youtube, certain apps can't be accessed in certain countries.

Yep, maybe a bad background check.
Maybe laws changed.
Maybe it's for some dubious reason.
Maybe they updated it to be malicious.
Maybe they have a very light vetting process and it got by it.

Or they can choose to protect all users including the ones who opt out of their AV. Putting all of your security into a single program isn't a great idea.

 

I bet the bigger % will be using what comes native to the operating system. And, even for those using third-party security software, there's Microsoft Malicious Software Removal Tool, issued every month. In the eventuality some rogue application manages to get its way to Windows Store, then issue an update for MMSRT, outside of the normal update period. Would it not work just as fine?

A lot easier and simpler to whom?

More like a greasy layer. lol

I don't care about what Google or Apple does to the devices they sell. I don't use them. I use Windows.

And, that's where a proper background check on who these software developers are comes in.

Yes, no one knows. But, some are doing is exposing doubts on why something needs to work in some way and not in another way. Others, simply seem to think all is OK. We don't know what future will bring. So, no one can "bet" anything.

I do hope there will be stores for E,U. As an E.U citizen I refuse to live by the laws of the U.S. Laws in the U.S aren't laws here, so I do hope Microsoft doesn't forget about it. And, if it does forget about it, I do hope the European Union hits Microsoft hard.

No, it isn't.

 

Ok... but how does that solve any problem? They could just do that for "illegal" or "malicious" just like with the app store.

My point is that even Apple and Google do this.

And if background checks worked the CA system wouldn't be so broken.

You could always just not use the app store.

 

That wasn't the idea I was trying to pass. The idea I was trying to pass is that if Microsoft detects a malicious application on Windows Store they issue updates for Windows Defender, MSE and MSRT. They can remove through Windows Store if it's malicious. I'm not against that, provided they alert me for it, and I allow it. (At least an option that can be turned on to enable the alerts. I don't remember seeing something like that mentioned?). But, by providing malware definitions updates for that software, those who don't install them through Windows Store must also be protected.

What I don't accept is the idea that, for whatever reason Microsoft considers all of a sudden XYZ application illegal, they'll remove it from my computer, just because I got it from Windows Store. I don't accept that.

For example, I'm not sure whether or not you're aware, but some years ago Microsoft didn't like Sysinternals (I got a vague idea on it. Memory isn't fresh.).

Now, and only just an example, and nothing more that, imagine that at the present Sysinternals doesn't belong to Microsoft. Because Microsoft has a poor background checking system or not, Microsoft lets Sysinternals in to Windows Store.

You get Sysinternals from there. Then, all of a sudden Microsoft considers Sysinternals to be "illegal" and they remove it from your system just like that.

Wouldn't this be a joke? Would you accept it? What makes something illegal? Is something illegal just because Microsoft or an interested party says so? Maybe you're OK with that. But, I'm not.

If something is malicious, obviously I'd like to know, and act accordingly. And, I'd expect Microsoft to issue malware definitions updates like they do for everything else.

It's fair. I only mentioned that I don't care about those two. I don't use their devices, etc. I use Microsoft Windows and I paid for it. But, I'm not paying for a system where Microsoft could kill an application just because they consider it illegal.

The day I'll let Microsoft delete apps from my system... well... it won't happen. If in the future (not necessarily Windows 8 ), we got no other choice other than accept or abandon, I'll abandon Windows. They aren't doing any favor to me by selling Windows. It just happens that I'm used to it. I can get used to another operating system... maybe Linux.

Indeed...

Yes, but my point was that if I do get from Windows Store they can't simply get to decide what's illegal. It can't be as they please. There must be a limit. They need to be controlled. If it's malicious, is malicious and users must be protected; otherwise, Microsoft needs a leash.

 

Illegality isn't arbitrarily designed by MS, there's that whole legal system there for a reason.

Like I said, it's likely that we'll see certain applications blocked for certain countries similar to how some youtube vids are only available in certain countries.

 

And, that's what I'm hoping to see as well. I dislike certain aspects of it, though. Embargo crap...

It's like Cuban cigars...

 

Do you really think microsoft can really make sure that all applications are all safe and legal before they are added to the store? There is not enough man power to manually check every application and this is why the killswitch is needed. As stated above not everyone will use windows defender and what if the malicous app disables windows defender the kill switch will still be useful then. The legal thing im not 100% sure on. the thing is if an application you installed from the app store got the remote kill switch and you feel its flaggd wrong then just contact the developer and download a non app store version if need be. I dont get why there is such a big deal about it. btw we all know that if there is not a european app store and microsoft bans apps based on US law and not european law you know the european union will be on them right away.

 

That was precisely my point. They won't be able to do it before or after they're added to it. Not before a long time has passed, and most likely many will go unpunished for months.

So what if they find a few rogue applications and kill them? It won't help all those users who downloaded and installed those apps from Windows Store. Those who downloaded outside of Windows Store will be screwed as well; but, this kill switch is a reaction mechanism - dare I say a slow reaction mechanism - and nothing more than that.

So, by design it's an already more than flawed security mechanism. We need more prevention and not remediation.

This kill switch isn't any different from antimalware applications, really. Antimalware applications need to know something is malicious and then act accordingly; but there's a long gap between the moment something malicious is released and the moment the user is protected. Until then, the antimalware application is of no good. The same applies to the kill switch, which requires to Microsoft to know something is malicious in the first place.

Which brings all over again to what is illegal and what's not illegal.

If X country is considered a friend of the United States, but later on it no longer is, and it has become a foe just because the United States say it so, then all users from this country who bought the applications from the Windows Store will all of a sudden get their applications killed, just like that? And, I do have reasons to believe something like this would happen, considering U.S based companies are obligated to enter in the embargo insanity.

Sorry, but I won't accept a kill switch without being able to completely disable it. It may be Microsoft's system (which I'd be paying for, and not that cheap either), but it's my device. Without devices, there's no system.

I honestly hope that this world wide crisis brings something new and wakes up lots of people in government (and public institutions) and enterprises and they switch over to Linux, etc. It's very dangerous when X company controls a biggest share in the market. They feel like they can do whatever they want.

It's like retaining European Users data on U.S servers, and then say they respect our privacy, when we're perfectly aware that any U.S agency can get access to such data without court permission. lol

 

You can't call something a world-wide-crisis until we've actually seen it. I am really doubtful that this gets anywhere near as serious as you're proposing.

 

Dude, world wide crises always existed. lol It just happens that rich people/wealthiest countries were never affected that much. But, this time they were... a bit... and some more than a bit.

Regarding whether or not kill switch will bring something undesirable... well, only time will tell. That's for sure. But, Microsoft will have to comply with the U.S laws, won't it? So, if the U.S considers X country an enemy...

We've seen security vendors stopping to issue updates to people from certain countries. So, it happens.

Only time will tell if Microsoft will have the power to answer no to their government... Will it?

Sure, this are only doubts or concernings... call it whatever you want... I just hope it won't be nothing more than this - doubs/concernings.

 

I'm with you so far

uhhhhhhh and you've lost me

Do you think the US government will... force Microsoft to make users in some country uninstall a program?

Updates makes no sense - MS could have done that for years, this brings nothing new to the table in terms of updates.

No, MS will not have the power to resist the US government. That much anyone can be fairly sure of.

 

lol

I didn't say Microsoft was going to do it or would be obligated to do it. I simply wanted to give an example of what could be constituted an illegal application.

Because, in the end, it's all about that question - What's an illegal application? As I've previously mentioned Microsoft, and others, had issues with Sysinternals in the past. Then Microsoft acquired Sysinternals... all peachy. lol

And, as I said, Microsoft better separate what constitutes an illegality in the U.S and what doesn't constitute an illegality in the E.U.

 

By the way, maybe on of the things why Microsoft hasn't stopped updates to those countries (I don't know of any news reporting otherwise?), is because the O.S was actually bought outside of the United States. There's probably some international law forbidding embargoes in such situations? Anyway, that would be off-topic.

 

This does not seem like a good idea. Stuff like this always gets exploited. Having a kill switch could seriously get abused bad and people will try hard to get that kind of control. Java is the most exploited framework and flash is currently second judging by the shear amount of exploits and issues it has had. Many of these popular mobile OSs are built on java and are already suffering from hacking and attacks. They always do something like this for control and it is almost like they don't expect someone will come along and figure it out too. Hopefully this will end good.

 

I didn't see anyone complaining when Canonacle removed Oracle's Java from computers that had installed it through their repository.

And I doubt MS ever does anything as significant as that.

 

Didn't think of it like that, that is an AWESOME point!

 

A great % of humans using computers don't complain about hackers/cyber-criminals either. The greater % doesn't know they got anything to complain about.

Does this prove anything?

A few years back no one complained about Firefox making unneeded connections to Mozilla either. Such connections were reported by a Firefox user complaining after seeing his/her firewall logs. No one made a big deal out of it.

Had it been Microsoft and IE, we know what would have happened. Don't we?

Those who are fine with things, be fine with things; those who aren't fine with such things, just don't expect them to be quiet about them.

I said it once and I'll say it again, I sincerely hope there's an option to disable this so-called kill switch. Otherwise, no one will see me paying a cent for an operating system, where Microsoft will have control over the applications I'd install through Windows Store.

If there's switch off "button", then I'm fine with it. Otherwise... each one to his/her own. Sometimes, we do need to make a change anyway. Maybe mine is coming in a couple years when I get tired of Windows 7; and in the meanwhile will start learning Linux. It's never too late.

 

@m00n,

https://www.wilderssecurity.com/showthread.php?p=1990642#post1990642

I was referring to this topic.

 

Which is why I pointed Firefox past event.