John Dvorak is apparently of the opinion that it was “wrong on so many levels” for Microsoft to tell file-swapper sites to stop distributing XP SP2 via BitTorrent. I heartily disagree. Microsoft is already battling a perception that our software is not secure. SP2 is designed to help address this perception, by substantially increasing the security of the OS, which will hopefully gradually improve the perception (can’t change perceptions overnight, at least from bad to good). While it’s incredibly important to get security right technically, perception is also very important. Why the emphasis on perception? Because all it would take to create a perception that XP SP2 is a problem, rather than a solution, would be for one person to have a bad experience with it after getting it from a third party. It wouldn’t matter if the third-party site was not officially sanctioned or not. If such an incident became publicized, it would erode users’ trust in SP2 by creating a perception that it can’t be trusted.
By requiring that these sites stop distributing SP2, users can be sure that they’re obtaining the service pack through an official channel, and this reduces the risk that they will run into problems. It’s pretty easy for Dvorak to sit back and criticize when he doesn’t have to deal with the consequences of making the wrong choice. I understand the enthusiasm of both the file-swappers and Dvorak in looking for at this as a potentially compelling demonstration of the technology, but I think the downside risks with allowing this to continue were pretty substantial.