Stopping BitTorrent distro of SP2...wrong? I don't think so.

Stopping BitTorrent distro of SP2...wrong? I don't think so.

  • Comments 17

John Dvorak is apparently of the opinion that it was “wrong on so many levels” for Microsoft to tell file-swapper sites to stop distributing XP SP2 via BitTorrent. I heartily disagree. Microsoft is already battling a perception that our software is not secure. SP2 is designed to help address this perception, by substantially increasing the security of the OS, which will hopefully gradually improve the perception (can’t change perceptions overnight, at least from bad to good). While it’s incredibly important to get security right technically, perception is also very important. Why the emphasis on perception? Because all it would take to create a perception that XP SP2 is a problem, rather than a solution, would be for one person to have a bad experience with it after getting it from a third party. It wouldn’t matter if the third-party site was not officially sanctioned or not. If such an incident became publicized, it would erode users’ trust in SP2 by creating a perception that it can’t be trusted.


By requiring that these sites stop distributing SP2, users can be sure that they’re obtaining the service pack through an official channel, and this reduces the risk that they will run into problems. It’s pretty easy for Dvorak to sit back and criticize when he doesn’t have to deal with the consequences of making the wrong choice. I understand the enthusiasm of both the file-swappers and Dvorak in looking for at this as a potentially compelling demonstration of the technology, but I think the downside risks with allowing this to continue were pretty substantial.


  • Sorry for the delay in unmoderating all of your comments. I was out of the office this week with limited internet access...

    "What's wrong with distributing the file through P2P if the correct integrity measures are in place? Or are you saying the integrity of the package is not checked?"

    IMO, the problem is lack of control. Again, any measures that could be put in place for integrity checking have the potential to be beyond the capabilities of some of our users to use reliably. I can't even imagine trying to talk my father through checking an MD5 hash. But I also know that he's sometimes likely to try new things he hears about, and downloading via BitTorrent or something like that might be one of them.

    This is not about whether P2P is or isn't a good idea. It's about someone attempting to decide for Microsoft how SP2 will be distributed, which has the potential to impact our customers. Regardless of how enthusiastic you may be about P2P and its potential to make distribution easier, I would hope that you could also see the downsides, and understand why Microsoft chose not to take those risks.
Page 2 of 2 (16 items) 12