From the article here, on August 3rd, (aka yesterday) the purge will be complete. Instead of introducing an update to verify SHA-2 into legacy systems, and re-signing old updates, instead MS has taken the path of obsolesce and pulled the downloads instead.
And we’ve been here before.
Microsoft movie maker was a popular download for Windows XP, and MS removed the download, as hosting it was apparently encouraging people to keep on using XP. Naturally this wasn’t taken as a message that people wanted this kind of product, and why fill a void when you can remove a product? So now the majority of downloads that you will find are infected, corrupted and just going to cause further problems.
And here we go again.
A quick search on BING for MS Office 2003 updates still shows links, but they are simply no more. The purge is in full force, and search pages haven’t caught up. And as you can see cnet is already in the top downloads, and will become the authoritative download by fiat.
Also the early .NET’s deployment packages are no longer for download, while .NET 1.1 SP1 is still online surprisingly. For reference:
$ shasum -a 512256 NDP1.1sp1-KB867460-X86.exe 7b44095feff471dee9366a2153dfe2654d70754c21b7e5204ed950cdf4a3f15a NDP1.1sp1-KB867460-X86.exe
For what it’s worth.
Calculating with shasum offers a few algorighims as this isn’t a simple one shot deal.
-a, --algorithm 1 (default), 224, 256, 384, 512, 512224, 512256
Naturally to add further confusion. Like everything with crypto, it’s so easy to mess it up.
$ shasum -a 1 NDP1.1sp1-KB867460-X86.exe 74a5b25d65a70b8ecd6a9c301a0aea10d8483a23 NDP1.1sp1-KB867460-X86.exe $ shasum -a 224 NDP1.1sp1-KB867460-X86.exe 18507f80722780ca477d7f10528ae28dd176f8d36cbce05a50cc7be0 NDP1.1sp1-KB867460-X86.exe $ shasum -a 256 NDP1.1sp1-KB867460-X86.exe 2c0a35409ff0873cfa28b70b8224e9aca2362241c1f0ed6f622fef8d4722fd9a NDP1.1sp1-KB867460-X86.exe $ shasum -a 384 NDP1.1sp1-KB867460-X86.exe c2372c71f93b5dc2a1c21c804bc74e27d82bfa45ee50fbc9037e713c156f1c591ffbe5e87f94022157906098916403b4 NDP1.1sp1-KB867460-X86.exe $ shasum -a 512 NDP1.1sp1-KB867460-X86.exe bbe643f447f49636732b12d23a052d02681ad41f6920dc1038b073fa600f7589b378ed8e7de97e811543d93ae89ce52871a85ee58aa3b6aeaddc01bc1617ad85 NDP1.1sp1-KB867460-X86.exe $ shasum -a 512224 NDP1.1sp1-KB867460-X86.exe 63b2ffb0c5f1cd68abafba23997482b2087d486dcf60bec6fef7446d NDP1.1sp1-KB867460-X86.exe $ shasum -a 512256 NDP1.1sp1-KB867460-X86.exe 7b44095feff471dee9366a2153dfe2654d70754c21b7e5204ed950cdf4a3f15a NDP1.1sp1-KB867460-X86.exe
Oddly enough a quick search for these checksums isn’t coming up with anything so I guess I’m first. Which of course is a further problem, is that there is no authoritative source from MS. I get the contract obsolescence thing, after-all the strongest competition to NEW MS products is OLD MS products. I still use Excel 3 & MS Word 2, despite having an Office 365 subscription, and various newer versions retail.
The sad thing is that many people will get screwed over from this action, and the only “solution” is of course move to Windows 10, embrace the new, and hope that you don’t have applications that actually require .NET 1.1 (or 1.0!).