ZDNet reader makes good point about WGA and security distractions in Windows

ZDNet reader makes good point about WGA and security distractions in Windows

Summary: In my last post about Microsoft's Windows Genuine Advantage (WGA) anti-piracy software, I picked up (third-hand) on a hypothetical mission critical scenario where, for whatever reasons, surgeons who rely on Windows in the operating room could end up having WGA interfere with the task at hand.  When I say, whatever reasons, we're hearing that hardware changes are triggering more "You could be a pirate" dialogs than they should be.

SHARE:
TOPICS: Windows
64

In my last post about Microsoft's Windows Genuine Advantage (WGA) anti-piracy software, I picked up (third-hand) on a hypothetical mission critical scenario where, for whatever reasons, surgeons who rely on Windows in the operating room could end up having WGA interfere with the task at hand.  When I say, whatever reasons, we're hearing that hardware changes are triggering more "You could be a pirate" dialogs than they should be. On the surface, it sounds like an unlikely scenario.

Although some WGA warnings are springing up when people least expect them, my sense is that just about any hospital's IT staff would have safeguards in place to prevent that from happening.  For example, let's say the computer has to be connected to the Internet during surgery, the firewall that's in between that computer and the net could be blocking all communications with Microsoft's update servers. This way, none of those nasty "You must restart your computer" messages pop up, distracting people from the task at hand. Given that WGA is becoming a known quantity, my guess is that testing a PC before any surgery (for any potential problems.. including a WGA violation) would be standard operating procedure (no pun intended). 

But, let's dial it back for a second. Forget programmatic shutdowns like the way suspected pirated versions of Windows Vista will only allow access to the Internet for a short while and then log you off (a kill switch if you ask me). What are all those mission critical scenarios where the user interface (and the users) must absolutely, unequivocally be safeguarded from any distractions whatsoever? Even one of those "Virtual Memory Too Low" balloons that one occasionally gets? I'm imagining fixed blocks of time where the user of the computer (and the people who set it up) must be guaranteed that nothing is going to happen on the PC but what they want to happen. For example, in an operating room. On a field of battle. Or during a search and rescue operation.

Have you ever been nagged by one of those Windows update reminders to the point that you've mistakenly hit the wrong button and caused a reboot of your computer when you least needed that to happen? I have. It isn't hard to imagine. I hadn't considered this until I received the following letter from ZDNet reader Robert May (unedited):

Microsoft has clearly not thought through the consequences of its kill switches.You have already posted the example of the computer in use in an operating room being shutdown by Microsoft. Windows has become a tool being used worldwide for purposes never imagined by Microsoft, including many where safety concerns are of overriding importance.

Another example: Laptops have been utilized in numerically large numbers by the U.S. military in Iraq. Obviously in the midst of conducting a war one can not call a time out while one waits for Microsoft to "fix" things. I don't have the space here to go on in greater detail.

It is apparent that their has been a brawl within Microsoft as to whether they are or are not going to implement a 'kill switch". They have to be reminded that there are consequences that greatly exceed merely angry customers. Do they really want a stream of articles about Vista computers failing to perform in very critical situations solely because Microsoft wanted a greater return on their investment?

In the end, it seems to me that you and your fellow writers are under the obligation to start notifying the users of computers that their Windows Vista based computer can not be utilized for a large variety of critical tasks because of the risks associated with Vista deciding, unreliably, to disable their computers.

Note: I am not a Microsoft "hater". I want Microsoft to succeed as a corporation, but I do not want to see their success being based upon placing human beings at risk. They have a real problem when it comes to pirated copies of their software, but not all solutions to this problem are without serious drawbacks.

Without trying to sensationalize the WGA story, I think Bob letter really cuts to that more important point of whether or not the operating system should be making any decisions about what happens on or to the user interface. Given an operating system that "authority" makes it less predictable in mission critical situations where the users can't afford to be interrupted in the middle of whatever they're doing, even for the most innocuous of questions. A quick search of the Net reveals some advice for how to suppress some messaging by adjusting some of Windows' registry settings. It's for the embedded version of Windows but I can see in regedit that the keys are in the regular version of XP as well. What I don't know is how well this works at overriding everything that you might want to override (including WGA notifications) or do you have to access other keys for that (there's plenty of advice on how to suppress WGA circulating around the Net). 

In the bigger picture, Robert's note cuts to a bigger challenge for Microsoft. As it seeks to clamp down on piracy, will some customers seek alternative options over which they have far more control over the operating environment (for example, desktop Linux), and could that investigation lead to other pilots that cause some organizations to reconsider their Windows investments altogether. Fortunately for Microsoft, attitudes amongst the corporate folks about desktop Linux are not that positive. This week, at Gartner Symposium/ITxpo, I've been asking attendees about whether, in their minds, desktop Linux is a contender or a non-starter. I caught some of these responses on tape. For the most part, the answer has been non-starter.

Topic: Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

64 comments
Log in or register to join the discussion
  • WGA and "Mission Critical"

    The mix of the two topics presented makes for some interesting scenarios . . . is this realistic as presented?

    Nearly all of the WGA issues reported here and in talkbacks appear to effect [i]newly installed[/i] copies of Windows.

    WGA requires a fresh install and/or downloaded Windows components from the Internet.

    Mission critical systems such as computers in hospital operating rooms or on the battlefield have neither "newly installed" untested O/S configurations or "Internet Access" - nor should they. The attack surface of such systems must be kept to an absolute minimum and certainly preclude scenarios presented in the article.

    That said, I'm [i]very[/i] concerned about the few remaining WGA issues that appear to be legitimate. As a network admin, I know all devices within my control are properly licensed and that any O/S updates/patches are thoroughly tested [i]before[/i] deployment.

    I'm concerned about the individual users and/or smaller organizations that don't have the resource to follow this approach. Microsoft needs to step up with a clear concise explanation of what they consider a "breach" of their licensing terms and remedies/mitigation.

    Finally - that hospital operating room system: where is the IT organization here??? Isn't this machine administered? If not, this hospital has far more severe problems than a computer that fails WGA!
    john.murray@...
    • Hardware changes

      there appears to be a threshold to underlying hardware changes that causes WGA to think a copy of Windows has been installed on "another" machine. There are also reports that Microsoft has been pretty good about resolving such problems (via phone support). However, the question is, in mission critical scenerios, should you be forced to make a phone call to microsoft to continue with your critical mission? Who decides what that threshold is?

      db
      dberlind
      • Totally disagree

        ...I simply cannot see that scenario arising. Any *major* changes would have been done with the machine *out of service*. The same machine would have had to be fully tested before being brought online in a mission critical role. Further, Windows would detect the changes on bootup and you can't tell me that any cometent sys admin would hand back a mission critical computer without restarting it to test everything is detected and updated!
        mikeybrass
        • One often seen scenario...hot swap drives!

          Let's say for the sake of argument, that a mirror hot swap drive is setup on the server, one drive dies, the on-duty tech takes the bad drive out of the machine and reinserts a new drive. A new drive triggers the WGA and the server must be registered before being brought on-line...nice!

          Other scenario...virtual machines (and yes they are often used for mission critical uses)...a whole new can of worms opens up then, even with a payed-up package for each instance.

          The best solutions IMO, would be that WGA should be applied to "Home" systems only (or "Pro" without site licenses) and leave the "Pro" and "Server" packages without WGA for site license contracts.
          Grimm Reaper
          • It seems it has to be all or nothing.

            [i]The best solutions IMO, would be that WGA should be applied to "Home" systems only (or "Pro" without site licenses) and leave the "Pro" and "Server" packages without WGA for site license contracts.[/i]

            Wouldn't this just mean that all pirated versions of Windows would have to be Pro and Server packages? If you make the assumption that WGA isn't really about pirating windows, but about making the paying customers jump through more hoops, this would be a viable option. However, if it is really about piracy then it seems all versions would have to be covered.
            enduser_z
          • Bogus

            The Drive Controller is included in the hash, not the individual drive/drives making up the array.

            I'm able to, and do copy any VM between machines with no WGA issues.
            john.murray@...
        • I can see that scenario......

          I worked at a hospital IT group for several years and that scenario DOES happen.

          With the new HIPAA regulations, and the medical data that is stored on the systems, all systems are scrubbed and reinstalled from scratch. With each new install, the chances of WGA warnings continues to increase, and a lot of time is wasted to remove them. If a kill switch is ever used by Microsoft to shut down these systems, there will an outcry that has never been heard before.
          linux for me
      • Good Point

        However, I would argue that any hardware changes on a mission critical system also be thoroughly tested.

        WPA is well documented, essentially a hash of ten categories:

        Display Adapter
        SCSI Adapter
        IDE Adapter (effectively the motherboard)
        Network Adapter (NIC) and its MAC Address
        RAM Amount Range (i.e., 0-64mb, 64-128mb, etc.)
        Processor Type
        Processor Serial Number
        Hard Drive Device
        Hard Drive Volume Serial Number (VSN)
        CD-ROM / CD-RW / DVD-ROM

        After SP1 the Product Key is also submitted.

        The important thing to realize is that a [i]single change[/i] in any of these categories will [i]not[/i] result in a WGA failure.
        john.murray@...
    • The Gap

      [i]I'm concerned about the individual users and/or smaller organizations that don't have the resource to follow this approach. Microsoft needs to step up with a clear concise explanation of what they consider a "breach" of their licensing terms and remedies/mitigation.[/i]

      Individual users have generally been below the license administration "radar" in the sense that the BSA has never targeted them. Large organizations have found that block licenses (even if redundant) save enough on license administration to be worthwhile.

      That left the middling-size firms, for whom the OEM licenses should have been sufficient, for whom the cost of duplicate licenses would be high, and for whom the cost of BSA-satisfying license administration has generally been a serious burden. By and large, they went "bare" and took their chances with the BSA, which in turn just made a few random "examples" every year (think Gibson) to keep the rest in line.

      Automating the license-enforcement process changes everything, because the cost of license administration now falls again on the large firms because just [u]having[/u] the licenses isn't enough, and on the middling-sized ones who for the first time can't avoid the costs of license administration.

      I'd love to see a TCO study that actually took license administration costs into account, because from my own experience they can be a hefty charge for small companies. So far none have.
      Yagotta B. Kidding
    • Not So

      Just last week MS had a problem on one of their servers. As a result, hundreds, if not thousands, of leagl copies of open license windows were reported as not genuine.

      I have a problem with laptops reporting as not genuine when they are disconnected from the lan, but genuine when connected.

      If MS is going to force this on users, the least they could do is put some checks and balances in place to filter out situations like this.

      Not every system on a domain is going to be connected to the network and the internet at all times.
      skiplarson
    • They will have a version for corporate networks

      they will have to... they have a key they give to the military which unlocks everything and makes the software completely unrestrictive.
      Just like they have a corporate key. They could create a corporate key that can only be activated once via the eopen site and the authorization is always kept there.. however if pirates get their hands on one.. then that protection would be eliminated. Keep in mind.. back in the warez days.. everyone one arrested in the US had ties to or was working as, a person who had access to corporate keys.
      Been_Done_Before
    • Just wait until corporations or medical...

      Have sudden down-times for this.

      I sure hope Microsoft's Legaleze in the EULA is tight concerning responsibility.
      BitTwiddler
  • Philisophy

    It basically comes down to a question of underlying design philosophy. Long ago, Unix settled on the aproach of "mechanism, not policy:" the operating system gave the administrator the tools to set policy rather than set policy by design.

    Microsoft took another route, which makes sense for a mass-market product being sold for use where there [u]are[/u] no capable administrators. The problem comes up when ubiquity leads someone to use a system with policies designed for video games to run a warship or a nuclear plant.
    Yagotta B. Kidding
    • I disagree

      Way back when, I was able to use the printed manual to trouble shoot and resolve any problems that I encountered. There were very few with my Commodore VIC20 or Commodore 128. My first major problem was with an X-386 running Digital Research DOS 6.0. (My first PC compatible computer) The Windows 3.1 setup utility refused to install because it detected a non-Microsoft OS. A few weeks later Digital Research had a free patch in all software stores. But, this patch did not solve the virus built into the Microsoft setup utility that installed Microsoft's disk cache and memory manager into the OS via the CONFIG.SYS file and the AUTOEXEC.BAT file WITHOUT NOTIFICATION to the installer.

      After repairing the damage done by the Microsoft virus, the combination of DRDOS 6.0 and Win 3.1 proved to be faster and more stable than the all Microsoft systems on my friends computers. At that time I had to have a small uncompressed logical drive for the Windows SWAP file. Other than this I was using the DRDOS supplied SuperStor disk compression software and the DRDOS supplied SUPERPCK disk cache. These simply worked correctly as advertised.

      The evidence of Microsoft's attempts to control the computers owned by someone else was evident even before Windows 95. This attitude seems to have cost performance problems even then.

      To the contrary, Digital Research provided an operating system that supported what the owner/user wished to do. It was stable, reliable, and fast. VIEWMAX was a lousy GUI. I'll grant that. But I did like the task switcher. It worked well.

      I find any attempt to control the owner/user by the operating system abominable, and totally unjustifiable.

      The DOJ should have come down hard on Microsoft for their exclusionary marketing contracts long before Window 95 ever hit the market. Had this happened, we just might have had competition in the OS field that would have kept the OS subservient to the owner/user, and possibly the applications would not have been integrated into the OS itself.
      Update victim
      • Right on!

        I ran C/PM-80 for a while, but when I was given a Sharp PC-7000 w/DOS 2.11, I finally realilzed that I could no longer fight the dragon.

        In 1993, when M$ DOS 6. came out, I quit completely because all the work done on Borland/Ashton-Tate dBASE IV was wiped out by that release - in fact, M$ issued three new releases and ended up GIVING AWAY the final version, just to recover the customers who had been burned.

        Those who don't learn from history repeat it. WGA has interrupted enough people that there is little good being said about M$ any more. Retail outlets are simply side-stepping talking bout the OS on new computers, or giving the only answers they can, "We still don't know...". It's almost comical, if it weren't so stupid and denegrating to our technical culture.

        The DOJ could not "come down" on M$ - not after dumping what DEC-VAX they had been using. They had ceased to be a controlling force; instead, they were/are dependants to M$. They're looking down the gun-barrel each and every boot.

        The only "hope" we have, if you can call it that, is that M$ will shut itself down - hell, it's doing that already on countless machines! When enough people can no longer run their machines reliably, no matter how much they fear migration, they will decide that a new OS, from a different source is better than having nothing.

        It's coming, and there's nothing M$ plans to do about it, ... other than what it's doing now: callling everyone a pirate and charging more for a defunct system. That never lasts long.
        Media-Ted@...
  • Good Article

    I wonder just what Microsoft is going to do about it?
    anonymous
  • It even worst than that..

    From what I've read about the WGA false positives they seam to follow a common theme.

    A WGA validation in progress interrupted or blocked triggers a false positive (and a WGA shutdown).

    This behavior represents an unacceptable risk to nearly ALL windows users. As the operational status of any particular TCP/IP connection can't be predicted from minute to minute, nor hour to hour. I.E. Random failures for no apparent reason.

    IMHO, the current WGA design represents a gross breach of the implied warranty of fitness.
    thetruth_z
  • Running Windows for truly "mission critical"...

    ...apps--ones where people die or battles are lost if the machine misbehaves--is an utterly irresponsible thing to do. Even out-of-the-box Linux is insufficient. Neither OS is designed for that.

    <p>Achieving truly failure-proof operation is very hard to do. You need hardware specifically designed for that--redundancy at several levels, fault tolerance, lock-out mechanisms, and on and on. You need an OS designed to work with the special hardware.

    <p>That said, though, while it doesn't seem likely that Windows could be adapted to that environment--Windows can't be adapted to <i>anything</i> by anyone except Microsoft--it would certainly be possible to adapt the Linux kernel. (Actually, I suspect it already has been.)
    Henry Miller
    • US Navy is running Linux

      After its embarassment with Windows NT some years back.
      http://www.theinquirer.net/default.aspx?article=4487
      DarthRidiculous
      • Not really....

        EDS has all Navy and Marine Corps Desktops and servers under the
        NMCI contract. The VAST majority are Windows.
        http://www.eds.com/sites/nmci/
        crash89