It is hard to be Microsoft. I mean this in a sense that anything they do is subject to attacks, criticism, and doubt. I am doing neither in this post, I only want to illustrate a hard dilemma they are facing.

Microsoft announced that they will require Windows users to verify that they have a valid (read licensed) copy of the operating system before users can apply patches or fixes to their operating system. (CNNfn, News.com)   Under the new program, called Genuine Advantage, legitimate users will be entitled to download and install timely patches, security fixes, and add-ons that Microsoft decides to release. According to CNN, the program is to start in mid-2005. Microsoft also says that users who do not own a legal version of its software will still be able to download and install patches and fixes, but not the add-ons.

I understand that Microsoft is facing difficult choices and the decision to implement the new program surely did not come easily. On one hand, Microsoft is losing large sums of money to unauthorized copies of software, sold mainly abroad. Microsoft is protecting its legitimate interest to fight software piracy, one of the biggest arms of cybercrime today. On the other hand, Windows is cited as the #1 reason for the current "chaotic" state of the Internet - worms, viruses, spyware - they all attribute some of their existence and "success" to Windows and its state of insecurity. Despite Microsoft efforts to prevent illegal software distribution, a substantial portion of the Internet users use non-licensed Windows versions and preventing them from updating their systems with patches and security fixes will have a dramatic effect on the spread of Internet malware.

Even though Microsoft claims that non-licensed Windows versions will still be eligible for patches, the Genuine Advantage program will likely either delay the delivery of critical security fixes or prevent it altogether. By knowing that Microsoft actively monitors the legality of each Windows version, majority of the users with illegal Windows versions will not even try to seek security fixes for their machines.

This presents a difficult dilemma for Microsoft - to protect their corporate interests or protect the Internet. Walking between these two issues is a thin line and a wrong step in either direction can backfire on Microsoft.