Hackers working hard to circumvent Microsoft's anti-piracy tech

Hackers working hard to circumvent Microsoft's anti-piracy tech

Summary: Included in the Windows Update that Microsoft pushed out to XP users at the end of April is a piracy checker that double checks the authenticity of your XP installation.  For some odd reason, the update didn't take place on my system until yesterday.

SHARE:
TOPICS: Windows
4

wga.JPGIncluded in the Windows Update that Microsoft pushed out to XP users at the end of April is a piracy checker that double checks the authenticity of your XP installation.  For some odd reason, the update didn't take place on my system until yesterday.

As can be seen from the way my McAfee-based personal firewall trapped the new software's attempt to phone home, the app's name is "Windows Genuine Advantage Notification."  I allowed it since I know that my system is going to pass the test.  That said, given that I'm running several instances of Windows in my VMware-based virtual machine setup, some of which are VMware-created clones of a single copy of Windows -- I can't help but wonder if and when those VMs will get swept up in the WGA dragnet.  So far, none of my VMs have had the update pushed them. But once again, we have another issue that puts Microsoft's frugal licensing policy (when it comes to the single-user usage of virtual machine technology) front and center.

According to a page in Microsoft's online knowledge base regarding WGA, if your system fails the test and you don't remedy the problem, you'll be denied certain updates. 

You may be a victim of software counterfeiting. This copy of Windows is not genuine and is not eligible to receive all updates and product support from Microsoft.

According to a News.com report regarding WGA, Microsoft is quoted as saying that end-users will be able to decline the download.  But I wonder how many people will experience the WGA update payload the way I did; First, I got a generic balloon message telling me that there was an update waiting and I assumed it was a security update.  So, I accepted it and the first time I had an idea of what it was about was after the installation completed and I received another dialogue box telling me that the Windows Genuine Advantage software had been successfully installed.   

I did some searching around the blogosphere and found that Amit Agarwal had some pretty good screen shots of what you'll see (or may have see already) should your system fail the test. The warning text in one of the dialog boxes is slightly different from the entry found in Microsoft's knowledge base and refers specifically to security updates.  Microsoft is in between a rock and hard place when it comes to denying security updates to pirated copies of Windows.  On the one hand,  the "pirates" running those copies don't deserve to get the Windows updates.  On the other, if pirated copies of Windows don't get certain updates, they could end up participating in some massive infrastructure-crushing SoBig-like attack for which Microsoft ultimately gets blamed.

Meanwhile, the hacking community appears to be pretty hard at work coming up with workarounds including downloadable hacks of Microsoft's WGA components. The hacks appear to focus on ways to permanently disable the WGA notification process (other than the most obvious one: getting legit). One problem such hacks won't solve though is how to make sure you get all the updates you should be getting. 

Topic: Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • It doesn't always work

    A co-worker is having problems getting updated in some of his VMWare images, it's says it's not valid even though it's a valid MSDN install.

    Got to the point the image wouldn't work at all, needed to be reverted.
    rpmyers1
  • I'm no fan of MIcrosoft

    but they're pretty straight about the terms of the relationship. If you don't like those terms, you have some pretty clear choices.

    And although I consider Microsoft's EULA unconscionable and appreciate the challenge of cracking MS' a legitimate exercise [i]as an exercise[/i], I don't condone the copyright violation of using those cracks to make pirate copies.
    Yagotta B. Kidding
  • This is why when it comes to Microsoft...

    I never auto-update, and never choose express install. I like to pick and choose what I want.. "EVEN" if I do have a legit copy of Windows...
    ju1ce
  • Just one of many reasons to switch to Linux. All of this is

    completely unnecessary with Ubuntu or about any Linux Distribution.
    DonnieBoy