Microsoft presses the Stupid button
Summary: When you’re the Evil Empire, it’s only natural to get a bad rap for everything you do. Microsoft gets bad-mouthed a hundred times a week for things that would be perfectly acceptable coming from anyone else. Given that level of criticism, it’s easy to ignore the times when they’re just completely, egregiously wrong.Microsoft’s new Windows Genuine Advantage authentication software which is now being pushed onto Windows users’ machines via Windows Update, is one of those occasions. Someone at Microsoft just pushed the Stupid button. And things aren’t going to get better until they stop pushing it.
Update 12-August: For a detailed discussion of what you'll see if WGA flags your copy of Windows as "not genuine," see Busted! What happens when WGA attacks and the accompanying image gallery.
When you’re the Evil Empire, it’s only natural to get a bad rap for everything you do. Microsoft gets bad-mouthed a hundred times a week for things that would be perfectly acceptable coming from anyone else. Given that level of criticism, it’s easy to ignore the times when they’re just completely, egregiously wrong.
The uproar over Microsoft’s new Windows Genuine Advantage authentication software, which is now being pushed onto Windows users’ machines via Windows Update, is one of those occasions. Someone at Microsoft just pushed the Stupid button. And things aren’t going to get better until they stop pushing it.
In a nutshell, here’s what’s happening. Two months ago, Microsoft released an update to its Windows Genuine Advantage authentication system via Windows Update. The WGA code checks your system to see if it’s been properly activated. If the activation is messed up – as it would be if you were using a pirated copy of Windows – you see a message telling you your copy of Windows is “not genuine” and your access to some Microsoft resources is cut off. WGA was originally intended to be part of Microsoft’s carrot-and-stick strategy for reducing piracy. Lawsuits against software pirates are the stick; WGA is the carrot. In theory, after you run the WGA code and prove that your copy of Windows is legit, you get access to cool downloads that aren’t available to Windows users who haven't jumped through the WGA hoop.
Fellow ZDNet blogger David Berlind has done an excellent job of unpacking the spin from Microsoft’s multiple statements about this situation. For details, see Does Microsoft's new WGA disclosure fall short? and With WGA, is Microsoft forcing Windows users to install and test pre-release software? Read both those posts and follow the links for the full details of this story.
I’m not all that concerned with the hysteria over the revelation that this app “phones home” to Microsoft. These days, I fully expect that any program I install will have a mechanism for updating itself or accessing help content online. As long as those mechanisms for online access are disclosed during installation and the actual update process isn’t malicious, careless, or deceptive, I have no problem.
No, the problem with Microsoft’s whole WGA program boils down to a simple rule: Do not mess with security. This episode violates that rule in three incredibly stupid ways.
Stupid mistake #1: This update should never have been included with Critical Updates. The Automatic Updates mechanism in Windows XP (and in the upcoming Windows Vista) is supposed to be a delivery vehicle for Critical Updates that fix security flaws in Windows. (From the Microsoft Update FAQ: “Automatic Updates is the easiest, most reliable way to help protect your computer from the latest Internet threats by delivering security updates right to your computer automatically.” [emphasis added]) There is no way, short of the most outrageous spin, that the WGA update can be considered a security update. By delivering a non-security-related update through this mechanism, Microsoft is breaking that promise.
Stupid mistake #2: The new WGA tool is wrong too often. If you’re going to punish your users, you had better be 100% right about identifying the offenders. Sadly, the new WGA code doesn’t come close to reaching this level of performance. A commenter on my blog reports that he’s now getting incessant notifications that his copy of Windows is not genuine. A close business associate of mine reports the same problem. What do they have in common? Both are using notebooks that had to be returned to their manufacturer for service. The repaired notebooks fail the validation process. A quick scan of recent posts at Microsoft’s WGA forum suggets this problem is unfortunately common.
Stupid mistake #3: The user is left high and dry. If you get a notification that WGA failed, what are you supposed to do? I haven’t seen the failure message myself, but my correspondents tell me it doesn’t offer any helpful steps for resolution. Neither does the Genuine Microsoft Software FAQ, which says:
What if my copy of Windows or Office fails the validation process?
See your reseller and ask for genuine Microsoft software, using the report provided during the validation session for support. The report explains why your system was unable to validate and provides instructions for further follow-up.
Oh, great. Have you ever phoned Dell’s support line? The apparently defective WGA tool is about to plunge an unknown number of users into a support nightmare for no good reason.
So what should Microsoft do now? Simple:
They should send a new update that disables and/or removes the WGA tool immediately, until it’s fixed.
They should set up a toll-free hotline that any Windows user can call if they’re experiencing problems with Windows Genuine Activation. (Microsoft already offers toll-free support for anyone who suspects they may be infected with a virus or a worm, so this doesn’t require a new infrastructure.) The agents on this line should have the authority to help a user override WGA problems.
They should apologize, publicly and profusely, for mixing an anti-piracy tool in with security updates and take steps to make sure that it never happens again.
And they should find whoever pushed the Stupid button in this case and put them on telephone support duty for the next six months. That might be an appropriate punishment.
[Updated 12-June to fix typo.]
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Can't argue with any of your points.
Not to mention
That's one nice thing about the GPL, BSD, SISSL, and any other reuseable license, whether you like the terms or can't stand them, you know exactly what those terms are every time you use them.
What's in it for Microsoft?
On the contrary, changing the EULA with critical security updates is great for Microsoft. They can demand anything they want to, and history has shown that people will still agree to it.
Once they get people desensitized to this kind of thing, they can kick it up a notch and aside from a little impotent griping on ZD blogs and TalkBacks, nothing will happen.
Lather, rinse, repeat.
That would be stupid
You mean like, [i]dud3, w3 0w|\| joo![/i]
Face it, they have the customer over a barrel. Nobody reads the EULA anyway because there's really nothing they can do about it. [1] Meanwhile, it gives Microsoft a huge business advantage ([u]especially[/u] since nobody knows what they're "agreeing" to.)
[i] In other words, shoot the lawyers![/i]
On the contrary, since Microsoft has them and the marks don't that would be giving up a powerful business advantage. You've been downright eloquent on these boards about how Microsoft shouldn't give up any of their "edge;" this is no different.
[1] Ever try marking one up and mailing it back, signed, certified, to MS Legal? With other contracts you can do that.
Mailing them back ?
Don't think that happened by mistake.
I don't think he was sufficiently harsh, but I can't argue either...
But you are correct in that the EULA was an amazing piece of work. The problem here is that if it was written in plain, clear language, more people might actually read it. That would be a problem for Microsoft.
It might read something like: "If you install this software, we will be able to spy on your system. Your system will need to contact our system every day. If we have the slightest reason to think that you have not given us your money, right or wrong, we will make your computer difficult to use and will offer no assistance in correcting the problem."
Yeah.... way to go Microsoft. Apparently you need to be despised even more than you already are.
What are you talking about?
If your that delusional, please seek real help. You deserve it. You need it.
I don't know..... you tell me.....
How do you know that (for sure). If the bastards are sneaky enough to put this crap into a "critical security update" when it has absolutely nothing to do with security, who knows what else they are capable of.
>>ask for money(assuming you have a legit copy of Windows) or any of the other BS you say.<<
I never ONCE said that it asks for money. What I infered, but will state more simply for you, is that Microsoft's need for greed can make your life difficult, even you are in the right. What if I do have a legit copy of Windows but they seem to think it might not be (read the article). What are my options? How about none! Buy another copy of Windows I guess. It's happened.
There is something very concerning about the latest step taken by Microsoft. Their contention that they may need to "shut down" the WGA makes me think they are heading toward the ability to shut down whatever they want, whenever they want. Don't think that will ever happen? You might be the one who is delusional. Nice chatting with you.
I think you missed the point
Shooting lawyers doesn't solve the underlying issue.
Here's to hoping that you are Brady disqualified.
EULA
Shoot the lawyers-too easy
RE: Microsoft presses the Stupid button
Obedience
Windows user. Pull your collective thumbs out, stop griping
about the Microsoft mistakes and switch platforms. Without the
preparedness to do that, you're all looking like shills and
apologists. The irony lies in the fact that these complaints do
nothing but firm up Windows support. Advocacy does not take
the form of idle complaints.
Microsoft either has you over a barrel or they don't. If they don't,
this experiment can take place. I'd recommend a switch to OSX
and then a series of blogs about it. Be honest. Without this
effort, these blogs are nothing more than comiseration sessions
designed for strengthening an unhealthy codependancy.
Most of your readers use Windows? The biggest service you
could provide is to find out if they are wrong. Until then,
everything you write is a disservice. The stupid button is not
exclusive to Microsoft.
Huh?
If it looks like, sounds like, and
I use a lot of MS products but it's certainly not because I like them. It's an economic necessity like mandatory auto insurance. My other laptop is now a ubuntu machine. Looks like MAC OSX or this box moving to the same as I cannot trust MS to own my computer.
http://www.groklaw.net/article.php?story=20060608002958907
If you're happy with that, then why don't you surrender you civil rights too. It's just too much responsibility to handle and so easy to let it go. that makes a lot less stuff to think about or decide upon.
Are you happy with your choices?
Choice
choice. It's certainly not anyones place to force a choice upon
us, but that's the point isn't it. Choice may have been forced ten
years ago. Is it possible it's no longer in play.
Ed's response "Everything is fine thanks". Means one of two
things. Either everything is fine and the stupid button is a minor
problem. Or he represents a cross section of the Windows
community that is not empowered to change and is forced to
rationalize the inability to be self directed. It's not my place to
say.
If however, the experiment does take place, and a change
occurs, it will point to a 15 year long mistake. That's
embarassing. The fact that the experiment won't take place is
telling. There is nothing to lose. It points to the possibility that
the collective ego can't let this lemon go, and couldn't bear the
shame if it did.
The notion that anyone on these boards can force anyone to do
anything is rediculous so lets just put that rhetoric aside. It can
be influential however, and unbiased agendas and more
scientifically minded reviews should take the place of the current
water balloon fights.
Nice straw man you got there, Harry
I never said "Everything's just fine, thanks." I said I'm generally happy with the platform and not interested in switching. Big difference.
I've looked very carefully at the Mac platform, and it's not for me. In many respects, the DRM issues and gross violations of privacy are worse for Mac users than they are for Windows users. If I were to switch, I would have a year's worth of complaints about the horrors of the Mac.
But just because I've chosen a platform doesn't mean I can't complain about it and ask for changes. Many of the things I've complained about over the past few years have indeed been fixed in Windows. I have confidence that this one can be as well.
He did allow for that possibility
problem."
---In many respects, the DRM issues and gross violations of privacy are worse for Mac users than they are for Windows users---
Please explain what you mean by this. What violations of privacy are Mac users subject to? As for the DRM, note that Apple's FairPlay DRM is far more prevalent on Windows machines than on Macs, so unless there's some other DRM you know about, that's not much of an argument.
Bring It
"generally happy". They are clearly worlds apart. I'll quote you
verbatum in future. Secondly, it seems it was wrong for me to
interpret an article entitled "Microsoft Presses the Stupid Button"
as a serious complaint. It would seem that "gross violations of
privacy" are only a big issue on the Mac. Please don't alude to a
spectral privacy problem that is so aggregious on the Mac that it
won't allow you to try it on moral grounds. That's a crock. You're
putting up with it now and an inch is as good as a mile.
The point is, I'm not interested in hearing that you'd have
complaints. I'm interested in the complaints. Without them these
blogs are increasingly corrupt. How can Apple compete when all
they can give you is a great computer, but Microsoft can give
you a career. IT deserves the whole story and it's not being told.
Without perspective on Windows, Windows reviews are
advertisements. I'm lobbying for this perspective and hands-on
feedback. Without genuine comparison, head to head, the two
camps are just lobbing grenades at each other and it's time
someone with a pulpit stepped up.
With today's revelation that 60% of Windows boxes are owned, it
would seem that privacy policies are the least of the platforms
worries. Where do you stand on this, Microsoft's own data, and
the massive indightment it is of your chosen platorm. Do you
think this might be a larger endemic privacy problem? It makes
WGA look like a pat on the head. Would you care to guess what
percentage of Apple's boxes are owned.
Spare us the righteous indignation. The only way to speak with
any authority on Windows, is to do it in concert with the
alternatives. Hiding behind marketshare doesn't cut it anymore.