Previous entries
Next entries

June 7th, 2006

Phone Home, Windows Genuine Advantage, Phone Home …

By Michael Santo
Contributing Writer, RealTechNews

So, I understand the need for the Windows Genuine Advantage, as a method to combat piracy, but I don’t understand the need for it to play E.T. Apparently it phones home every day. In fact, according to Lauren Weinstein, a civil liberties activist, it does so every time you boot.

However, I’ve noted a much more serious issue on local XP systems, all of which are legit and pass the MS validity tests with flying colors. It appears that even on such systems, the MS tool will now attempt to contact Microsoft over the Internet every time that you boot. At least, I’m seeing these contacts on every boot after the tool update so far, and I’ve allowed them to proceed to completion each time. Perhaps it stops after some number of boots, but there’s no indication of such a limit so far. The connections occur even if you do not have Windows “automatic update” enabled.

I do not know what data is being sent to MS or is being received during these connections. I cannot locate any information in the MS descriptions to indicate that the tool would notify MS each time I booted a valid system. I fail to see where Microsoft has a “need to know” for this data after a system’s validity has already been established, and there may clearly be organizations with security concerns regarding the communication of boot-time information. Source: Lauren Weinstein’s Blog

We Say: There was an update in which Microsoft’s response was posted. Apparently this communication was put in as an emergency “out” for Microsoft if WGA were ever to have issues. Particularly frightening in the post was something I hadn’t known … even if your copy is validated, this validation can be revoked at a later date if Microsoft deems the activation code to be pirated in the future. And even without this, I’m still not all that comfortable with all this excess communication, even with Microsoft’s assurances.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

18 comments to "Phone Home, Windows Genuine Advantage, Phone Home …"

  1. D.David says:

    Thank goodness for Roxio’s Go Back. I downloaded the Windows Genuine Advantage and it validated my copy of XP. Then a couple of weeks goes by and I boot and get a message from Micro$oft telling me how to get “legal”. Rollback to a restore point and a reset of automatic updates to tell me before they install anything. I sure am not going to go to the hassle of having to prove that the vendor who installed XP on my computer was legit. Micro$oft can’t protect my computer from hackers, worms and viruses and now I am supposed to believe that they can tell whether or not my install is legit. I don’t think so. Better to live without the intrusion.

    June 8th, 2006 at 5:26 am

  2. David Johnston says:

    I reinstall Windows on my machines quite frequently. On my main machine, I’ve probably reinstalled Windows about four or five times this year. WGA and the activation are always annoyances because even though my copy is legitimate, Microsoft doesn’t like that I install it so frequently (on the same computer). I’m always having to call in and tell them that it’s the only computer that the copy of Windows is on, etc. Very annoying.

    June 8th, 2006 at 5:27 am

  3. John Corliss says:

    The most salient portion of the article is the following (IMO):

    “But this is where an even more important question comes into play. Microsoft (and other software vendors) are moving inexorably toward a more ‘distributed’ computing model where users are really ‘renting’ software services, rather than buying commodity software products. The ‘rental’ model implies long-term vender control over the use and applications of such software, with associated communications between user PCs and vender servers for ongoing authentication and other purposes.”

    Of course, the majority of the sheep out there will accept this scheme, but I will finally go through the hoops and limitations to learn Linux. I will NEVER “rent” software. Period.

    June 8th, 2006 at 6:55 am

  4. Kevin K. says:

    The silliness of this all is that Windows is practically ubiquitous which, like it or not, is partly due to piracy. A slightly illegal tale on “imitation is the best form of flattery”.

    Now that Windows is everywhere, Microsoft is cracking down on piracy which will end up forcing those flatterers to either work harder at cracking/pirating or move to other operating systems. (Or not…..) Just Google hacks on defeating WGA!

    Either way, the solution is simple. Give away Windows for free or at an extremely cheap price which will remove piracy of the OS and make Windows even MORE ubiquitous (is that an oxymoron?) thus guaranteeing even more market share for Windows based software and continuing the lock Microsoft has on the world.

    Meaning, instead of fighting it, they ought to embrace it and figure out how to benefit from it.

    No, I don’t advocate working with pirates just because it’s been done so much and you might as well succumb. What I am saying is to figure out how to outfox the pirates. Look at the $1 DVDs being sold in Asia! Why not Windows too?!?!?

    June 8th, 2006 at 7:44 am

  5. Jim Frost says:

    There’s also the issue that WGA does not always succeed. For instance, I am running the Parallels VM on my Macbook, and I installed a legal version of WinXP Home on it. WGA downloads and then … gets an internal error and can’t complete.

    So: My copy is legal and yet I can’t take advantage of the full value of the software I paid for. I have no recourse; all I can do is wait until Microsoft gets around to fixing it, if ever. Thankfully I can at least download critical patches.

    I think the WGA system should offer a way to pay to fix failures — to buy a license directly, or to enter a new license key, or to pay for support, or whatever. The idea that you cannot recover from that failure is ridiculous.

    My problem is clearly limited to a small subset of their customer base, but a much larger problem is PC “repair” places who simply copy a “known good” release onto the box to fix it. Many of these places are using hacked versions of the OS so as to avoid having to do a from-scratch install. The people who go to these places (like, say, my in-laws) are bringing in computers with valid licenses, complete with holographic sticker on the case, but they take home a computer that won’t pass WGA. There is, so far as I can tell, no way to give Windows the license number without a full reinstall. Why not?

    I’m all for them getting their due, but I’ve seen a number of instances of their antipiracy stuff disallowing paid customers the full use of the product and it’s difficult or impossible for them to fix the problem. They should make it as easy as possible for people to fix it, either by simply re-activating with a different software key or by selling them a new key.

    Perhaps there is a way to do this, but if so I have been unable to find it. When I was doing my first install on Parallels I made the mistake of keying in a key for a machine I had already registered. I did this because it’s my practice to write the serial number on the media then throw away the packaging; that way I can always find it again. (Ok, if audited I wouldn’t have the cool hologram. But I could prove to a court I’d paid for the licenses, by simply showing them the receipts, so I don’t care.) Unfortunately the media was in the drive doing the install at the time it wanted the serial number. So I figured I’d key in a different valid number to get past it, then fix it before I activated the software.

    Nope! So far as I can tell you can’t change the number without reinstalling the software. What a pain in the neck.

    But maybe I just missed it. If anyone knows how to do so I’d like to learn. It’s too late for that install, I already reinstalled, but it’d be nice to know for the future.

    I can’t for the life of me figure out why it wouldn’t be in Microsoft’s best interest to allow you to key in a credit card to get a license on-the-spot, regardless of where the copy of Windows came from. I always liked the way Red Hat does it; install the software on as many machines as you want, but you have to pay a per-machine fee to get updates. I can buy the media once and pay them a reduced fee per machine to make everything easy and legal.

    jim

    June 8th, 2006 at 1:00 pm

  6. jagdish kalkunte says:

    I can accept validation once (OK with WGA),but any change in HARDWARE like HARD DISK,VIDEO CARD and ETHERNET CARD, Windows validation tool will require revalidation. This is a painful process. Piracy is one thing I am not concerned, it is taking charge of my computer and with its software - it is clearly infringement of my legitamate property. I have had serious discussions with Microsoft groups and they have provided me with a key that never needs a validation again - that is on one my computers.

    June 9th, 2006 at 6:42 am

  7. Jim Coleman says:

    Ten years ago I was one of Microsoft’s biggest fanboys. I give them the credit for standardizing desktop computer software. But, with their price-gouging, spyware built into Windows, excessive validation and activation practices, adding DRM to Windows, and assuming control of their customers computers over the years, I have come to despise them. I tried several versions of Linux at different times but was unable to find anything that could compete with Windows, in my opinion.
    HERE’S THE GOOD NEWS. I RECENTLY DOWNLOADED AND INSTALLED THE LATEST VERSION OF SUSE AND DEBIAN LINUX (DIDN’T COST ME A PENNY, EXCEPT THE DISKS USED TO BURN THE INSTALL CD’S). I’M NOT A COMPUTER GEEK, BUT THE INSTALL (TO ME) WAS MUCH EASIER AND FASTER THAN ANY VERSION OF WINDOWS, AND NO NEED TO INSTALL DRIVERS AS IT’S ALL DONE AUTOMATICALLY. ALSO, LINUX CONNECTS TO IT’S SERVERS AND AUTOMATICALLY DOWNLOADS AND INSTALLS ALL UPDATES AND PATCHES (PLUS ANY PACKAGES YOU CHOOSE) WITHOUT ANY OF YOUR PERSONAL INFORMATION. NO DEMANDS TO VALIDATE YOUR COMPUTER OR OS, AND NO DEMANDS FOR MONEY, NOW OR EVER. AND BEST OF ALL, AS FAR AS I CAN DETERMINE (NOT BEING AN EXPERT), THE LATEST LINUX DISTRUBUTIONS CAN DO PRACTICALLY ANYTHING THAT WINDOWS CAN. YOU WOULD BE SURPRISED AT THE PACKAGES (CALLED PROGRAMS IN WINDOWS LINGO) THAT HAS BEEN ADDED RECENTLY.
    Now I still use (and love) Windows. It’s the Microsoft greed and deceit + their dictatorial practices that I deplore. If anyone should read this report outlining the difference in the Microsoft EULA and the GPL License (found here: http://members.iinet.net.au/~cybersrc/about/comparing_the_gpl_to_eula.pdf ), THEY WOULD DROP MICROSOFT LIKE A HOT POTATO.
    Sooooo…., all you newbies and non-geeks out there that think you’ve gotta be a whiz to use Linux, take heart. It’s now easier to use and better than ever, and if I can do it, so can you.
    Ole Man

    June 9th, 2006 at 10:59 am

  8. RecycledElectrons says:

    The license agreement says they can do that.

    If you are enough of a criminal to use something from Redmond, instead of Linux, you are simply not worth keeping alive.

    Let me explain: Most of us have contracts or regulatory concerns that force us to secure the data we handle. The license agreements that seem to be coming out of Redmond specify that they can snoop anything you do on your PC at any time. If you are obligated to keep information on your PC (e.g., If you work in a medical industry, covered by HIPPA, an educational industry covered by FERPA, a securities / investment industry, human resources, or are bound by certain contracts with your publisher, then it is a FELONY to do your work on most software originating in Redmond.)

    Obviously, the general public ignores these FELONIES, so we need to increase the penalties to force them to switch to FOSS software. I suggest the death penalty for first time offenders.

    Andy Out!

    June 9th, 2006 at 6:29 pm

  9. Stu Soyne says:

    It seem to me that there is an easy solution:

    Wouldn’t it be possible to have a software or hardware-based firewall block packets going and coming from MS’s IP?

    Anyone know what IP WGA contacts?

    June 10th, 2006 at 6:46 pm

  10. Stu Soyne says:

    I may have answered my own question. Accoring to this guy’s ZonaAlarm screenshot the IP is (or maybe *was*) 64.4.52.189

    June 10th, 2006 at 6:51 pm

  11. Stu Soyne says:

    From WikiPedia:

    Windows Genuine Advantage Notifications and Firewalls

    Some personal firewalls, though not the basic one in Windows, may alert on the method by which wgatray.exe is started, in the case of Outpost firewall, it is identified as a “hidden process”. The wgatray.exe process itself can be firewall blocked, without apparent problems. Removing the reference to WGALOGON.DLL using HijackThis appears to effectively de-install this update, to the point where it will be offered again if it has not been marked “do not show”.

    June 11th, 2006 at 7:12 am

  12. sadmankabir says:

    I need genuine windows. i cannot start explorer 7

    July 15th, 2006 at 3:39 am

  13. Bugger Microsoft says:

    Stu Soyne has it right - WikiPedia has stated that Hujackthis does infact de activate the GAN and having used Hijackthis i found that the notification has infact gone - bit on automatic updates the GAN will return - so if you do automatic updates expect to recieve the little annoying pop up everytime.

    So set automatic updates to off and well anyones YA UNCLE ! :)

    August 2nd, 2006 at 7:02 am

  14. freecreditreports says:

    freecreditreports freecreditreports

    August 7th, 2006 at 10:39 am

  15. Samus says:

    I would like to second mister Coleman’s response to this. Microsoft has gone too far this time, and they only seem to be pushing the envelope further. Imagine how it will be when Vista comes out. I have installed many different strains of Linux and have been impressed with the amount of free software there is out there. I’d like to use it myself, and could see the migration being quite easy, however…

    My problem with Linux is this: Everyone I know comes and asks me a bunch of questions about Windows. These are often people who pay me to know the answer. If I switch over to Linux, I will not be in constant contact with Windows - hence, I may not know the answer to the next question. As far as I can tell, Linux has been “desktop-ready” for quite some time now… It’s just that the cost:
    *To retrain the office drones
    *To rewrite company-specific applications
    *Of downtime+overtime during the conversion/retraining
    would far outpace the cost to just buy the next version of windows - so any accountant would tell you to buy the next version and keep it patched/firewalled. That’s what I was up against here at work. I’m still trying though! All our software is legit but some boxes auto-installed wga and it didn’t like it. That seriously scares me. I’ve heard about how MS will come in with a search warrant and even if you’re a teeny bit out of eula-compliance(which many ppl are, if you read the eula and think about it), they’ll seize all your servers as “evidence”. That would bring business(and my job) to a screeching halt.

    The only inroads that I could see Linux making are in the server market. They are far more secure and maintenance-free(if set up right). For machines that don’t have a beefy firewall in front of them, Linux is the way to go.

    August 23rd, 2006 at 4:36 pm

  16. buy hydrocodone says:

    buy hydrocodone buy hydrocodone

    August 26th, 2006 at 9:24 pm

  17. Jankie Chiu says:

    Hope below wouldn’t happen to me. I have reinstalled my system three times for past one month.

    Quote:

    I reinstall Windows on my machines quite frequently. On my main machine, I’ve probably reinstalled Windows about four or five times this year. WGA and the activation are always annoyances because even though my copy is legitimate, Microsoft doesn’t like that I install it so frequently (on the same computer). I’m always having to call in and tell them that it’s the only computer that the copy of Windows is on, etc. Very annoying.

    Comment by David Johnston — June 8, 2006 @ 5:27 am

    September 27th, 2006 at 3:49 am

  18. WGA News: The Good, The Bad, and the Ugly | Etixet says:

    […] Those of you who read my posts at RealTechNews know I wrote about both WGA (Windows Genuine Advantage) and RemoveWGA recently. Responding to criticism of its new WGA Notifications program, Microsoft has made some changes to the software and released a new version. The updated software no longer checks in every time the PC boots. They have also given guidelines to remove the application, which had previously been uninstallable and let to development of such utilities as RemoveWGA. The new version of Microsoft’s Windows Genuine Advantage (WGA) Notifications program now no longer checks a server-side configuration of a user’s version of Windows every time the user logs on to see if it is a valid copy of Windows. Instead, it periodically checks to see if the user’s copy is genuine. […]

    January 7th, 2008 at 5:26 am

Leave a comment