X
Business

MS: 20% of WGA failures not caused by pirated keys

Microsoft isn't interested in answering detailed questions about how Windows Genuine Advantage works. But via e-mail, they acknowledged that 20% of Windows users who fail the validation test are not using leaked or stolen keys. No wonder so many people are up in arms.
Written by Ed Bott, Senior Contributing Editor

[Update 18-July-2006: In response to this and other questions, Microsoft has released some numbers about WGA failures. Details in this follow-up post: MS says WGA has caught 60 million cheaters.]

You don't need to look very hard to find outraged Windows customers who have been branded pirates by Windows Genuine Authentication. And a hefty number of them claim they're being unfairly targeted, with legitimate Windows copies that are being tagged as stolen or pirated. I've heard from several dozen people, and I've also seen credible stories posted on Microsoft's public WGA newsgroups.

Now, via e-mail, comes confirmation from Microsoft that its false positive rate might be unacceptably high. Microsoft’s PR agency apparently e-mailed other tech reporters to try to spike the WGA “kill switch” story I reported on last week. Eric Lai of ComputerWorld got the memo and basically reprinted it with no analysis (Microsoft denies WGA kill switch in Windows XP). But Lai's story does include one interesting new detail, a statistic that Microsoft confirmed in a follow-up e-mail to me:

Through its spokeswoman, Microsoft said that “80% of all WGA validation failures are due to unauthorized use of leaked or stolen volume license keys.”

Oh, really? Turn that statistic around: Microsoft said that 20% of all Windows users who fail the WGA validation test are not using leaked or stolen keys.

So what is the reason for WGA rejecting the other 20% of Windows licenses? ComputerWorld apparently didn't ask, so I fired off an e-mail to Microsoft's PR agency, who passed along a response from Cori Hartje, Director of Microsoft Genuine Software Initiative:

While we will don't have specifics to share on other forms counterfeit installations, they mostly result from activities such as various forms of tampering and unauthorized OEM installations.

Yes, that's exactly what they wrote. Besides being woefully ungrammatical, it's also imprecise. How many are caused by tampering? How many by unauthorized OEM installations? And what exactly are those categories? Note that there's no admission that some of those failures might be false positives.

Trying to pry answers out of Microsoft is difficult, because they refuse to grant interviews on this subject. And taking one question at a time via e-mail, with a lag time of a day or more between question and answer, is just insulting.

I'll keep beating on this stone wall for as long as I can stand it.
Editorial standards