The buggy nature of Windows Update on Windows 7 last got publicity when it would take half a day to figure out the missing patches. In addition to not being secure, Windows Update is also buggy with poor diagnostics. On the receiving side, if patches are downloaded via HTTP, they can be intercepted by the US Government to install software on a Windows computer. I have no idea what data Microsoft sends back to itself, but any data transmitted with HTTP can be easily spied on by the US Government which is said to listen in on the Internet backbone. Windows Update not only downloads bug fixes, it also sends data out from your computer. Insecure transmission works in both ways. Secure transmissions use HTTPS and travel over port 443. That is, what the sender sends is not necessarily what the receiver gets. Not only can data sent with HTTP be spied on, it can also be modified in-flight. When you run Windows Update on Windows 7 (I did not test other versions of Windows) it opens MANY connections to computers on the Internet over port 80.
0 Comments
Leave a Reply. |