Jump to content

Windows Genuine Advantage: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Undid revision 316307935 by GoodGreeff (talk) All recent revisions by user "GoodGreeff" are written in first person nnpov
Undid revision 316307810 by GoodGreeff (talk)All recent revisions by user "GoodGreeff" are written in first person nnpov
Line 39: Line 39:
Users of genuine Microsoft products have received unwanted spam in the form of an unwanted pop up that is designed to instil fear by an accusation, which many people believe to be a virus or spyware because:
Users of genuine Microsoft products have received unwanted spam in the form of an unwanted pop up that is designed to instil fear by an accusation, which many people believe to be a virus or spyware because:


1. The pop up does not carry the microsoft logo.
1. The pop up does not carry the microsoft logo


2. The pop up limits choice and compels a visit to a specific web site, which offers software for sale, at bargain prices, for a limited time. (Bait and switch).
2. The pop up limits choice and compels a visit to a specific web site, which offers software for sale, at bargain prices, for a limited time. (Bait and switch)


3. The pop up cannot be ignored and closed.
3. The pop up cannot be ignored and closed


4. The pop up cannot be ignored and minimised.
4. The pop up cannot be ignored and minimised


5. The pop up cannot be ignored because it stays on top of any other document that is opened.
5. The pop up cannot be ignored because it stays on top of any other document that is opened


6. The pop up cannot be ignored because the relevant Office program will not respond unless one complies with an action that is forced upon one, or agrees to further pop ups by selecting "remind me later".
6. The pop up cannot be ignored because the relevant Office program will not respond unless one complies with an action that is forced upon one, or agrees to further pop ups by selecting "remind me later".
Line 61: Line 61:
Worst of all, they make their problem my problem because they foist the work of validation onto me. I must spend my time, and my effort to Google the thing to find out if it is spyware before I comply. After that I have to go to their web site where my time is wasted again, because:
Worst of all, they make their problem my problem because they foist the work of validation onto me. I must spend my time, and my effort to Google the thing to find out if it is spyware before I comply. After that I have to go to their web site where my time is wasted again, because:


1. I am asked to click on "Validate now".
1. I am asked to click on "Validate now"


2. When I do I get a warning from Google telling me that "This type of file can harm your computer. Are you sure that you want to download legitcheck.hta? Save. Discard."
2. When I do I get a warning from Google telling me that "This type of file can harm your computer. Are you sure that you want to download legitcheck.hta? Save. Discard."
Line 89: Line 89:
How can I decide what software to run? [Link}"
How can I decide what software to run? [Link}"


6. I click on the link, and then on "What are the risks when downloading files?".
6. I click on the link, and then on "What are the risks when downloading files?"


7. A new link becomes available: "When to trust a website" I click.
7. A new link becomes available: "When to trust a website" I click.
Line 102: Line 102:


12. I decide not to trust a publisher that cannot be verified, since I do know for sure is that:
12. I decide not to trust a publisher that cannot be verified, since I do know for sure is that:
My software IS genuine

Microsoft DOES know this (they told me when I phoned them)
My software IS genuine.

Microsoft DOES know this (they told me when I phoned them).

My Genuine OEM software, from Microsoft Windows, is now telling me not to trust a product from an unverified publisher.
My Genuine OEM software, from Microsoft Windows, is now telling me not to trust a product from an unverified publisher.


Revision as of 03:16, 27 September 2009

Windows Genuine Advantage
Developer(s)Microsoft
Stable release
1.9.0040.0 / March 10, 2009; 15 years ago (2009-03-10)
Operating systemWindows XP, Windows Vista, Windows 7
PlatformWindows Update, selected components in Microsoft Download Center
TypeSoftware validation
LicenseProprietary
Websitewww.microsoft.com/genuine/

Windows Genuine Advantage (WGA) is an anti-piracy system created by Microsoft that enforces online validation of the licensing of several recent Microsoft Windows operating systems when accessing several services, such as Windows Update, and downloading Windows components from the Microsoft Download Center. WGA consists of two components: an installable component called WGA Notifications that hooks into Winlogon and validates the Windows license upon each logon and an ActiveX control that checks the validity of the Windows license when downloading certain updates from the Microsoft Download Center or Windows Update. WGA Notifications covers Windows XP, Windows Vista and current test versions of Windows 7. It does not cover other versions of the Windows NT family, such as Windows 2000 and Windows Server 2003, or the Windows 9x family. The ActiveX control however checks Windows 2000 Professional licenses as well.[1]

WGA also advertises the latest service pack for Windows XP, which requires manual intervention to disable. Previously voluntary, it became mandatory for use of these services in July 2005.

Despite its name it does not directly evaluate the integrity or security of any computer.[2][3]

Features

File:WGA Notifications.png
Windows Genuine Advantage Notification in Windows XP.

The WGA validation process validates the present installation of Windows and its license key against the hardware involved and determines if the Software was licensed from Microsoft. It is accessible by either a stand-alone program, or as an ActiveX control within Internet Explorer, the latter of which is relevant to any attempt to access Microsoft updates via its browser. It includes the following steps:

  • Upon their first visit to Windows Update or certain updates on the Microsoft Download Center, users receive a message requiring them to validate their copy of Windows by downloading an ActiveX control which checks the authenticity of their Windows software. If successful in validating Windows, it stores a license file on the PC for future verification.
  • After successful validation, the regular update download can continue.

If the software decides the instance of Windows does not have a valid license, WGA displays a specific notice to the user and prevents non-critical updates from being downloaded from Microsoft.

The ActiveX control is downloaded on the first validation and when a new version is available, but the validation itself can be performed any time the user connects to a Microsoft website to update.

  • On Windows Vista RTM, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables Windows Aero, Windows Defender, and ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system is disabled and Windows reverts to reduced functionality mode. This behavior however has been removed in Service Pack 1 of Windows Vista in favor of prominent notices on systems believed unlicensed.
  • Microsoft has recently made some changes with a WGA update for Windows XP Professional as well that result in not just a pop-up balloon, but instead the wallpaper changes to black, and there will be a translucent notice in the lower right-hand section of the screen that the user cannot get rid of. However, they can interact with things placed behind it still. There will also be a notification at the login screen. The user can change their desktop wallpaper to whatever they want, but the notifications will remain, and every 60 minutes it will revert back to the black screen.

Software

Spam and Popups

Users of genuine Microsoft products have received unwanted spam in the form of an unwanted pop up that is designed to instil fear by an accusation, which many people believe to be a virus or spyware because:

1. The pop up does not carry the microsoft logo

2. The pop up limits choice and compels a visit to a specific web site, which offers software for sale, at bargain prices, for a limited time. (Bait and switch)

3. The pop up cannot be ignored and closed

4. The pop up cannot be ignored and minimised

5. The pop up cannot be ignored because it stays on top of any other document that is opened

6. The pop up cannot be ignored because the relevant Office program will not respond unless one complies with an action that is forced upon one, or agrees to further pop ups by selecting "remind me later".

7. Internet sources warn of penalties (limited update service) for users who do not OBEY Microsoft and do as you are told.

8. Opting out is not a possibility. I either OBEY and comply now, or OBEY later, but the spam will persist until I OBEY. I have no choice. This lack of ETHICAL PRACTICE convinces me that the pop up spam cannot be from Microsoft.

9. This is the most powerful and persuasive reason I have ever seen against Microsoft market domination. I am considering OpenOffice very seriously.

I phoned Microsoft when I bought my copy of Office 2007 and asked them if my copy is genuine or pirate. They took the numbers and details, asked me to wait while they checked, and told me that I had indeed bought a genuine product. Now I get offensive spam, which accuses me of buying, supporting and running stolen and pirated software.

Worst of all, they make their problem my problem because they foist the work of validation onto me. I must spend my time, and my effort to Google the thing to find out if it is spyware before I comply. After that I have to go to their web site where my time is wasted again, because:

1. I am asked to click on "Validate now"

2. When I do I get a warning from Google telling me that "This type of file can harm your computer. Are you sure that you want to download legitcheck.hta? Save. Discard."

3. This download file seems downright suspicious because it does NOT contain anything recognisable as genuine microsoft. I mistrust it I refused it. The pop ups persist and compel me to repeat the procedure and click on "Save", against my will.

4. Now the thing changes name, to become legitcheck (2).hta (What is an hta file? I have never heard of it.)

5. Now I get a serious warning from Windows telling me that:

"The publisher could not be verified. Are you sure you want to run this software?

Name: C:\Myname\Documents\Downloads\legitcheck (2).hta

Publisher: Unknown Publisher

Type: Html Application

From: C:\Myname\Documents\Downloads\legitcheck (2).hta

Run. Cancel.

Red shield logo with an X in it (i.e. WARNING)

This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust.

How can I decide what software to run? [Link}"

6. I click on the link, and then on "What are the risks when downloading files?"

7. A new link becomes available: "When to trust a website" I click.

8. "Is the website certified by an Internet trust organization?" No.

9. "The site is referred to you through an e‑mail message from someone you don't know." Yes, it is an unsolicited persistent pop up.

10. "The site makes offers that seem too good to be true, indicating a possible scam or the sale of illegal or pirated products." Not too good to be true, but concerning illegal or pirated goods, so Yes.

11. "You are lured to the site by a bait and switch scheme, in which the product or service is not what you were expecting." Yes, definitely. The fist time that I clicked the "Check now" option I was taken to a page that offered Microsoft products for sale at fantastic discounts, valid for "a limited time only". That was when I opted out - but the persistent always-on-top pop up - compels me to re-enter the process.

12. I decide not to trust a publisher that cannot be verified, since I do know for sure is that: My software IS genuine Microsoft DOES know this (they told me when I phoned them) My Genuine OEM software, from Microsoft Windows, is now telling me not to trust a product from an unverified publisher.

Since Microsoft is telling me not to trust this download, I heed their warning and refuse the download. I am still stuck with the persistent pop up, and with the threat that Microsoft will cease to give me the FULL range of downloads they promised when I bought the product. I am disturbed that Microsoft spams me, accuses me, leaves me no choice, threatens me, and considers punitive action against me if I do not comply. In no way does this strike me as ethical conduct, which adds to my mistrust of an unsolicited spam pop up.

Above all, Microsoft have an automatic update service that runs communication between my computer and theirs on a regular ongoing basis. I cannot understand why this matter is not dealt with in a regular routine channel of communication that we have previously agreed upon. I have opened a door for Microsoft to come and go into my computer and to install updates automatically, so why do I have to attend to this spam manually, through an unverified publisher?

I refuse to do so, on the advice of a genuine Microsoft product. Now Microsoft can contact me. My name is Francois Greeff, and my name is in their database, with my full contact details.

WGA, Validation Tool

When a user installs Windows Genuine Advantage, an Internet Explorer add-on is installed labeled "Windows Genuine Advantage". In early releases the tool could be readily disabled with the IE Add-on Management feature. A Windows Group Policy was added by later updates, causing this option to be unavailable by default, but still accessible if the policy were removed. As of July 2006, the latest update blocks management by other means.

A plugin also exists for Firefox. To remove the plugin, delete npLegitCheckPlugin.dll from the Mozilla Firefox/plugins/ folder.

The program uses either a stand-alone program to generate a key or an ActiveX control to discover whether the license key is valid; either way an Internet connection is required. If WGA determines that a user's copy of Windows is unauthorized but was installed from seemingly-legitimate media (i.e., the CD and holographic emblem present on real copies of Windows seems genuine), then Microsoft will supply the user with a new CD. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as via the Microsoft Download Center, so that all systems, including those that fail to pass validation, will still continue to receive critical security updates.

The company has made installation of Windows Genuine Advantage a requirement for use of the Windows Update and Microsoft Update websites, in part to be sure that customers who use support resources of the company are aware when their software is unlicensed. According to Microsoft themselves, it is legal to run Microsoft Windows without Windows Genuine Advantage [citation needed]. However, since non-critical Windows updates are not presented by Automatic Updates, installation of WGA is required for installation of such non-critical updates, which are only available through Windows Update or the Microsoft Download Center.

WGA Notifications

On April 25, 2006, Microsoft began distributing Windows Genuine Advantage Notifications[4] as "critical update" KB905474 to Windows users. Users with pirated copies were exposed to alerts[5] at startup, login, and during use of the Windows OS, stating that they do not have a genuine copy of Windows. Users with legitimate copies are not supposed to see the alerts (although some do anyway[6]). On May 23, 2006, Microsoft updated the program, closing some forms of circumvention, but reportedly not all.[7] It was updated again on May 30, June 6 and June 27, 2006, though some forms of circumvention are still usable. The latest versions do not roll out worldwide at the same time: the dates given are the earliest dates on which the versions appeared, so the actual version being offered in some places will be an earlier version than the latest release. It is still possible to opt out of receiving this update using the "do not show" option at the Windows Update site. In addition to these notifications, Windows Genuine Advantage will also notify users with the message "This version of Windows XP is no longer secure" if users on an XP Operating System are not using Service Pack 3, and it will provide a link to help users to upgrade their systems to the new service pack.

The version of Windows Genuine Advantage Notifications released November 29, 2006 had a changed install process to inform the user of what the program does, and can also be set to automatically update to newer versions of Windows Genuine Advantage Notifications. It also informs users that may have a non-genuine version of Windows why their Windows version isn't being reported as genuine. However, unlike previous releases, it started being only automatically delivered to Windows machines using four widely-distributed product keys. [8]

The latest update (version 1.9.0040.0) was released on March 24, 2009.

WGA Validation Library

Microsoft includes the Windows Genuine Advantage Validation Library in several products, such as Windows Defender or Windows Media Player 11, to validate about the Windows installation. As of version 7, Internet Explorer no longer requires the user to pass a Windows Genuine Advantage test in order to download or install the software.

Microsoft has also launched the Office Genuine Advantage program, which validates installations of Microsoft Office.

Circumvention

In September 2005, Microsoft filed lawsuits against a number of companies that sold unauthorized copies of software based on information from users who were told they have copyright infringing software by the Windows Genuine Advantage application.[9]

On November 16, 2005, Microsoft released a standard Netscape WGA plug-in to complete the Windows validation process from Mozilla Firefox and other Gecko-based browsers (including Netscape) - although it does not use the Firefox extensions system, and thus is not supported by the latest version of the browser. It does not work in other NPAPI browsers such as Opera. Another workaround was released on December 25, 2005 to bypass WGA authentication by using a valid hash generated by a remote system.[citation needed] Microsoft responded with a cease and desist letter to the website host, and the workaround was taken down on January 6, 2006. Many people continue to validate on the Microsoft website from a public computer using a genuine copy of Windows, then write down the hash and continue to use it at home or work.[citation needed] As of July 2006, Microsoft had not prevented people from disabling WGA in this manner. On May 4, 2006 Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicago-area resellers Nathan Ballog and Easy Computers.[10]

Various workarounds to get past WGA authentication have been released on the Internet. Before Microsoft issued official instructions[11] on removing the WGA Notifier (a desktop application which resides in the system tray and periodically displays messages, reminding users to authenticate their operating system), users simply had to remove 2 files in order to get rid of the software from their system (four files: one executable and one dynamic link library in C:\Windows\system32\ and their exact copies in C:\Windows\system32\dllcache\; only an administrator can rename/delete these files).

In September 2006, Microsoft dropped various required validations on programs such as ActiveSync.

Recently it has been found that it is possible to validate with WGA when running Linux (see below).

Notifications and firewalls

Some personal firewalls, though not one embedded in Windows, may alert on the method by which wgatray.exe is started, in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems.

A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.[12]

Data collected

Windows Genuine Advantage checks the following components:[13][14]

  • Computer make and model
  • BIOS checksum.
  • MAC address.
  • A unique number assigned to your computer by the tools (Globally Unique Identifier or GUID)
  • Hard drive serial number.
  • Region and language settings of the operating system.
  • Operating system version.
  • PC BIOS information (make, version, date).
  • PC manufacturer.
  • User locale setting.
  • Validation and installation results.
  • Windows or Office product key.
  • Windows XP product ID.

WGA in China

The effect of the implementation of WGA on Chinese language Windows XP. This screenshot is from a pirated copy of Windows XP Professional.

On October 20, 2008, many users of Windows XP in China received a black desktop, as Microsoft introduced its WGA system for Chinese language systems,[15][16][17] in an effort to combat piracy, which is extremely high in China. This version of WGA is of a more hostile approach as compared to previous forms, as it provides a hindrance to users and trespasses on usability. Since the majority of users in China run on a pirated copy of Windows, many users have experienced what is described as a "black screen syndrome", where the operating system changes the desktop background to a black screen every 60 minutes, as well as displaying constant warning messages.[18][19] Some users have even reported the disabling of Office programs such as Microsoft Word, PowerPoint and Outlook.[20]

According to various polls carried out by Chinese portals such as Sohu.com, QQ.com, 21cn.com, and many others, a large number (over 60% of those surveyed) of Chinese Internet users are hostile to Microsoft Windows Genuine Advantage (WGA) and Office Genuine Advantage (OGA).[21]

Criticisms

Time bomb

Even if WGA does not really make the program unusable, no updates except critical ones can be downloaded from Microsoft. Rather than just disallowing updating, Windows Vista originally ran in reduced-functionality mode if found by WGA to be compromised[22] if a product has not been considered genuine which has made some people compare WGA to time bomb software.[23][24][25] Windows Vista SP1 has removed this behavior and reverted back to the nag-only methods of Windows XP.[26]

Spyware accusations

The notification tool has been accused of spyware-like behavior, "phoning home" on a daily basis.[27][28][29] Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware.[30][31] Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day.[32] Microsoft has also provided removal instructions for the pilot version of WGA.[11]

Despite this, Microsoft is currently being sued under anti-spyware statutes over WGA's non-disclosed "phone home" behaviour.[33] The outcome of the lawsuit has not been determined.

False positive rate

The WGA program can produce false positives (incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons. Microsoft has established a forum to help users encountering problems.[34] In February 2007, a "Not Sure" section was added to the program, in case of an incorrect reading.[35]

According to an editorial on the arstechnica.com technology website, WGA reported around 22% of 500 million Windows computers as failing the test; of these less than 0.5% were due to pirate software, with the balance (over 20%, or 90% of all positives) related to non piracy issues. Microsoft "refused to comment on the rate of pure false positives" beyond saying it was "under 1%" (or as stated, at most around 5 million users affected).[36]

False negatives

On June 18, 2007, news surfaced that it is possible to positively validate as a "Genuine Microsoft Product" user (and– as a result– be able to download certain software from Microsoft's official website) using Internet Explorer with IEs4Linux and Wine, running on Linux,[2] without even having a Windows-family system installed.

Major failures in WGA system

From the moment that WGA was released, it had a flaw that allows a typical user to remove the program without uninstalling its root key, causing Windows to think that the software is installed although no "nagging" process or RAM usage occurs.[citation needed] This flaw has not yet (June 2009) been fixed, although it still prevents critical system updates.[citation needed]

On October 5, 2006, a WGA failure occurred, incorrectly flagging some systems as being non-genuine.[37]

On August 25, 2007, the Microsoft WGA servers suffered an outage, resulting in many legitimate copies of Windows XP and Vista being marked as counterfeit.[38] The issue was solved about twelve hours later. According to Microsoft, "fewer than 12,000 systems were affected worldwide."[39]

On July 18, 2008, reports of Microsoft's WGA and OGA servers being offline surfaced again. Microsoft later responded that only offline verification was temporarily down.[40]

See also

References

  1. ^ "The Windows Genuine Advantage (WGA) validation check process does not complete when you try to validate your copy of Windows Vista, Windows XP, or Windows 2000 Professional". Microsoft. Retrieved 2009-04-13.
  2. ^ a b Slashdot | Ubuntu Linux Validates As Genuine Windows, retrieved June 18, 2007
  3. ^ It does not verify the signatures of files
  4. ^ Microsoft.com - Description of the Windows Genuine Advantage Notifications application, retrieved June 13, 2006
  5. ^ Digital Inspiration - Windows Genuine Advantage Notifications, retrieved June 13, 2006
  6. ^ Announcement on usenet entitled "Windows Genuine Advantage - warning appears on activated machine" by Rubert Sland
  7. ^ Sydney Morning Herald - Microsoft back to drawing board on piracy, retrieved June 13, 2006
  8. ^ MSDN Blogs - New Windows Genuine Advantage Notifications Released, retrieved December 3, 2006
  9. ^ Microsoft.com - Microsoft Files Lawsuits to Protect Consumers and Software Resellers, retrieved June 13, 2006
  10. ^ InformationWeek - Microsoft: Users may have to prove legal Windows use, retrieved June 13, 2006
  11. ^ a b "How to disable or uninstall the pilot version of Microsoft Windows Genuine Advantage Notifications". Microsoft. July 12, 2006. {{cite web}}: Check date values in: |date= (help)
  12. ^ The Register - How to stop Microsoft's WGA phoning home
  13. ^ Microsoft WGA FAQ, retrieved June 2007
  14. ^ Microsoft's Calling Home Problem: It's a Matter of Informed Consent, retrieved October 20
  15. ^ 微软发出“黑色提醒”
  16. ^ 微软开始打击盗版 桌面背景变为黑色
  17. ^ Microsoft Peeves Chinese With Anti-Piracy Tactics - Wired.com
  18. ^ 对网上盛传的《微软详解Vista SP1封杀盗版激活》三点质疑
  19. ^ 盗版的噩梦?Vista SP1新的反盗版技术
  20. ^ 微软开始打击盗版 桌面背景变为黑色
  21. ^ Panicking users rail against Microsoft anti-piracy crackdown
  22. ^ [1] [2]
  23. ^ Onerous Vista Activation—A Time Bomb? - Columns by PC Magazine
  24. ^ FOXNews.com - Windows Genuine Advantage: A Ticking Time Bomb? - Science News | Science & Technology | Technology News
  25. ^ » Is Microsoft about to release a Windows “kill switch”? | Ed Bott’s Microsoft Report | ZDNet.com
  26. ^ "New WGA Behavior in Windows Vista Service Pack 1". Retrieved 2008-01-01.
  27. ^ Lauren Weinstein's Blog - Windows XP update may be classified as 'spyware', retrieved June 13, 2006
  28. ^ Microsoft's antipiracy tool "phones home" daily, retrieved June 13, 2006
  29. ^ Brian Livingston (June 15 2006). "Windows Secrets - Genuine Advantage is Microsoft spyware". Newsletter. Windows Secrets. Retrieved 2007-03-03. {{cite web}}: Check date values in: |date= (help)
  30. ^ Ars Technica - Microsoft admits Windows Genuine Advantage phones home, retrieved June 13, 2006
  31. ^ Lauren Weinstein's Blog - Microsoft responds regarding Windows XP update vs Spyware, retrieved June 13, 2006
  32. ^ ZDNet - Microsoft to ease up on piracy check-ins, retrieved June 13, 2006
  33. ^ Lawsuit calls Microsoft's anti-piracy tool spyware | Seattle Post-Intelligencer, retrieved June 29, 2006
  34. ^ Microsoft WGA Help Forum
  35. ^ Ars Technica: Windows Genuine Advantage's newest setting: "You might be a pirate", retrieved June 6, 2009.
  36. ^ Windows Genuine Advantage falsely accuses millions
  37. ^ WGA failure on October 5th, 2006
  38. ^ Microsoft WGA Help Forum citing response from MS Support
  39. ^ Update on Validation Issues
  40. ^ Users reporting failed Windows and Office validations (Updated)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Windows_Genuine_Advantage&oldid=316419813"