Windows 10 updates will be delivered using P2P technology

[Scorpus]

Microsoft is planning to revamp their update delivery method in Windows 10 by implementing peer-to-peer (P2P) technology. Traditionally Windows updates have been delivered through Microsoft's servers only, but by switching to P2P, the load on their servers can be decreased while simultaneously increasing download speeds.

The latest leaked build of Windows 10, build 10036, allows users to download updates from "multiple sources to get them more quickly". When this option is selected, updates will be downloaded in part from Microsoft's servers, as well as from PCs on your local network, and even PCs from the internet in general.

It's not clear exactly what type of P2P technology Microsoft has implemented, but it could be a variant of Pando Networks' P2P tech that shares similarities with BitTorrent. Microsoft acquired Pando Networks in 2013, so it makes sense that the company would use their technology.

This P2P update method is expected to be available to Windows 10 testers in the next preview build, which should become available shortly. How fast updates can be delivered through P2P versus a single server remains to be seen.

In the next preview build, we can also expect a range of other features leaked in build 10036, including UI changes that span the Start menu, wireless connectivity, and system-wide icons.

Permalink to story.

https://www.techspot.com/news/60061-windows-10-updates-delivered-using-p2p-technology.html

 

[Skidmarksdeluxe]

This can only be a good thing. I really struggle to get Windows updates during normal office hours, after 18H00 it's a breeze.

 

[BabyFaceLee]

Would this not add a potentially hackable layer into the update process?

 

[Nima304]

Would this not add a potentially hackable layer into the update process?

That's the first thing that came to my mind. If I'm a rouge computer on your network, and your machine asks mine for the latest updates, I could inject malicious payloads into that data stream unless some sort of integrity checking was going on with hashes provided by Microsoft.

 

[Jim$ter]

In other words windows will now be using our bandwidth without our permission? I hope this can be turned off.

 

[Trillionsin]

In other words windows will now be using our bandwidth without our permission? I hope this can be turned off.

There's an On or OFF slider showing this feature can be turned off!!! If the picture is accurate. I know sometimes Techspot just throws random pictures in there, so I hope so.

 

[DelJo63]

Regardless of the technique, updates (the content) come from somewhere, just like webpages. For high transaction rate systems, OR where transactions are long-lived, the general approach to serving the on-demand load is to use multiple servers. Big shock, hey? That's what TOR, fault tolerant sites, and globalization is doing (eg why serve UK users from a US server).

Serving content from multiple servers, especially when they are not co-located with the primary (ie geographically dispersed) obviously creates a replication/sync problem, but that's independent of the delivery technique. Even with a P2P or TOR, the content to be delivered still needs to be replicated (duh).

The issue here is MS has declined to implement a round-robin DNS to allow the current update service to be provided from multiple servers. A good example of this is seen with amazon.com:

• Name Server: NS1.P31.DYNECT.NET 208.78.70.31
  
• Name Server: NS2.P31.DYNECT.NET 204.13.250.31
  
• Name Server: NS3.P31.DYNECT.NET 208.78.71.31
  
• Name Server: NS4.P31.DYNECT.NET 204.13.251.31
  
• Name Server: PDNS1.ULTRADNS.NET 204.74.108.1
  
• Name Server: PDNS6.ULTRADNS.CO.UK 204.74.115.1

Notice the widely diverse IP addresses and that last one is clearly in the UK.

Someone at MS wanted a new project and apparently this is it.
@BabyFaceLee got it right - - this opens another can of worms IMO.

 

[Evernessince]

It's great that this is an optional feature. Hopefully windows is taking proper security measures when dealing with P2P.

 

[Lionvibez]

This can only be a good thing. I really struggle to get Windows updates during normal office hours, after 18H00 it's a breeze.

I don't think I've ever had problems getting windows updates at anytime of the day or night. Wasn't aware this was a huge issue.

 

[DelJo63]

Recall; P2P shares content from any system currently online;
If Users A, B, F, K are online when you access Update, using P2P, any one of them with the update already on their system then becomes a candidate for your copy.

Q? How 'pure' is their copy and how do you get protected?
A? Typically, we use a CRC that (in theory) can not be altered.

Issue: You need a tool to recalc the CRC on your copy of of the download and then to compare to the "official value" stored in another secured location.

There are several projects with these concepts and it can be made to work - - but the audience for this is typically software developers.

Dang, MS Update does a good job as-is - - if it isn't broken, don't fixit IMO.

 

[BadThad]

I build/repair PCs and never had an issue getting updates from MS. In my opinion, someone will figure out how to exploit this and a lot of people will get burned.

 

[cliffordcooley]

Updating from LAN will help me out. But then I don't really have a problem with MS download rate. It is the checking for updates that take forever in my opinion. The updates download nearly as quickly as the machine checks for them.

 

[Skidmarksdeluxe]

I don't think I've ever had problems getting windows updates at anytime of the day or night. Wasn't aware this was a huge issue.

I never used to have that problem, it manifested itself about 2 years ago and has never been resolved. I can update anytime I want if I use a proxy server but why would I want the hassle of setting one up?

 

[Nelson LaQuet]

Would this not add a potentially hackable layer into the update process?

No. The (only) sensible way to implement this would be that Microsoft servers would provide you with a hash of some sort of the content - allowing you to verify that it wasn't tampered with.

 

[Hexic]

Would this not add a potentially hackable layer into the update process?

No. The (only) sensible way to implement this would be that Microsoft servers would provide you with a hash of some sort of the content - allowing you to verify that it wasn't tampered with.

^ This.

Hash comparisons would be what comes to my mind as the logical solution. That being said, I'm not an expert on this subject, I only possess a general understanding. But if they were to implement something as global as would is being presumed.. it's not a foolproof process (nothing ever is), but it may work.

Blizzard has been using that method for years on their games:
http://en.wikipedia.org/wiki/Warden_(software)

The biggest initial issue with Blizzard's Warden software was the concern by some over privacy. The scope of the hash comparisons could vary widely.. however you ARE agreeing to the EULA/ToS when you install Windows in the first place.

 

[cliffordcooley]

Windows Update can download a list of hashes from MS. And then compare them to the downloaded content regardless of how you found them, before automatically installing. There really is no need in anyone manually comparing hashes, if MS sets it up the way it needs to be.

 

[hkhan1989]

Windows Update can download a list of hashes from MS. And then compare them to the downloaded content regardless of how you found them, before automatically installing. There really is no need in anyone manually comparing hashes, if MS sets it up the way it needs to be.

Ditto, was just going to say that.

Much like how downloading torrents using bittorrent clients like uTorrent operate, they have a built in file verification process using hash checks to verify the files integrity. This way it would be near impossible for a malicious source to inject malicious files into the said update file.

 

[Emexrulsier]

This can only be a good thing. I really struggle to get Windows updates during normal office hours, after 18H00 it's a breeze.

Why aren't you using WSUS?

 

[Skidmarksdeluxe]

Why aren't you using WSUS?

Of course I am. I've even contacted MS tech support, they're at a loss as well. After 6pm updates and downloads fly.