Don’t mind me. I’m feeling the need to indulge my paranoid side today. No, this isn’t going to be about tinfoil hats to prevent the NSA from reading my next novel (or, for that matter, any of the previous ones) before it’s published. It’s about Microsoft’s free Windows 10 upgrade offer.
The offer, for anyone who’s been asleep for the past ten months, is a free upgrade from Windows Vista, 7, 8, or 8.1 to 10. The odd gotcha is that the offer will expire one year after Windows 10 was released, i.e. the end of July 2016. So what happens then?
Presumably, Microsoft figures that everyone who’s going to take advantage of FREE will have done so by August, even the people who take pride in being “late adopters” (the “let someone else find the bugs” crowd).
In January, I suggested that Microsoft might up the ante and try paying users of older operating systems to upgrade, but in reality, that’s unlikely to happen. It would be expensive–for any reasonable incentive amount, the cost of managing the program would probably exceed the total amount of the payouts–and most likely wouldn’t pick up more than a small percentage of the holdouts.
Slight digression: Electronic break-ins are becoming more and more visible. It seems reasonable to assume that large retailers would prefer to shift the liability for credit card thefts to the card services. They, naturally, don’t want to be liable either. I can easily see Visa, Mastercard, and Amex mounting a push to establish software liability, letting them shift costs to vendors who supply software exploited to facilitate break-ins.
At the same time, the argument between personal privacy and law enforcement access is getting louder. My gut says that we’re going to see a period of time where the public by and large becomes increasingly intolerant of security failures.
XP–which, you’ll note, is not covered by the upgrade offer–is no longer supported by Microsoft, and Vista and Seven will become unsupported over the next couple of years. That means no security fixes.
In an environment in which Microsoft could be held liable for break-in that exploits an OS bug (and let’s not forget that huge numbers of ATMs run XP), what’s their best strategy for dealing with old operating systems? Get rid of them.
The Windows 10 upgrade is being delivered through Windows Update, even to computers that haven’t requested it–Microsoft says it’s so the software will be available if users decide to upgrade in the future. It’s flagged as “optional,” which means it won’t be installed automatically, but that can be changed easily enough. In fact, earlier this month it was being pushed by default. It could have been an error as Microsoft says–in fact it probably was–but even if it was, it still serves as a proof of concept.
There are several opportunities to cancel the installation if it starts accidentally, but Microsoft could easily release a new version of the installer that doesn’t have an obvious “Don’t Do It!” button.
Or, if they were really sneaky, they could dispense with the installer completely. What if they included a few Windows 10 files with each update to the earlier OSes and stashed them somewhere on the hard drive? When the switchover date arrives, they could push out a “security update” that updates the bootloader to point to that hidden folder, and presto! After the next reboot, you’re running Windows 10. Granted, I’m oversimplifying the process–among other concerns, some provision would need to be made for machines too old to run Windows 10–but it could be done more or less like this.
Think Microsoft wouldn’t force customers to a new version of Windows? Keep in mind that they’re explicitly billing Windows 10 as “the last version of Windows“. From that perspective, it’s not too big a stretch to consider it the only version, in which case, pushing customers from Vista to 10 isn’t really a version upgrade, it’s just an update, no different from any of the service pack updates Microsoft has pushed out in the past.
So, am I paranoid?