Slashdot Mirror
Microsoft Talks Daily With Your Computer
An anonymous reader writes "Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker.
The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down in case of a malfunction."
The EULA is suppose to disclose this daily call-in feature. Lauren Weinstein, who is co-founder of People for Internet Responsibility, was one of the first people to notice the daily communications to Microsoft. Report from Yahoo.com"
I haven't had it happen, but maybe this is what you're looking for?
Just the other night my copy of ZoneAlarm was alerting me that this exe was trying to make a shout-out to the Internet. A little searching told me what this was, so I set it to permanently deny the request. Problem solved!
Just be aware that there's a piece of malware going around that performs this function also. It looks like a microsoft box, comes up before you sign in and claims that your copy of windows is not genuine.
How to use coral cache: http://slashdot.org.nyud.net:8090/~oscartheduck
Anyone with a non-MS software firewall will see this POS phoning home all the time.
I heard horror stories of people with 'acquired' versions of Windows XP who went to the 'new' 'Windows Update' service and ended up with an annoying tray icon constantly reminding them that their version of XP is pirated.
But you know, I havent been to WindowsUpdate in over a year.
I use a great (and free) tool provided by microsoft themselves - called "MBSA" (Microsoft Base Security Analyzer) to download and install updates.
With MBSA, I can do a quick install of Windows XP with SP2 integrated in vmware, then run this tool, and find out that (as of yesterday) there are 39 hotfixes needed for vanilla XPSP2 install, and it gives me direct (no WGA crap) links to download these updates. All I have to do then is save them all one by one, integrate them into a XP SP2 iso image, and use this pre-integrated disk to install with.
Since i reinstall windows every few months this is not a problem, and for those who insist on keeping windows machine installed longer, they can simply use MBSA to download incremental updates and install them manually.
That's why Ghost is such an important tool! 1/Create Ghost image of your OS 2/Go to MS let them install what they want 3/Check for updates & write down KB# but don't install anything 4/Download the KB's you need to your HD 5/Restore the image you made & install the updates you downloaded. Now you have your updates without any MS garbage on your PC. In case you didn't notice media player has been calling home for years & that doesn't seem to bother anyone!
Why the broadcast address?
http://outcampaign.org/
Or better yet, you can just prevent those packets from ever reaching their destination.
... You could also, of course, use a firewall, but where's the fun in that? ;-)
The DOS command route -p add 207.46.0.0 mask 255.255.0.0 [192.168.0.254] (replace the address in brackets with a random address on your current subnet) will permanently route all would-be "phone home" packets to the random address that you specified.
Just because it can't be explained doesn't mean it isn't true. Science fits into reality... not the other way around.
My Sygate got the beast on the fly and there wasn't any registry key that started it... So I couldn't block it from starting at each boot. So I simply renamed the file and I have not any trouble since that :D
:"WgaTray.bak" and it left my alone :D
The file is in the system32 directory and the filename is : "WgaTray.exe". I simply renamed it
Hope this help. Chow
In my blog^H^H^H^Hjournal I stated why Genuine Advantage only benefits spammers and virus writers. It's like if Bill Gates was holding the whole internet hostage against viruses and malware.
"Oh, that's a nice drive C you have there. It would be a shame if... something happened to it."
Microsoft could do something much more beneficial to the world if he remotely deactivated all network access in pirated windows- at least we would be safe from unpatched machines spreading viruses and spam.
Its been known for years since NT4 about the Windows Update manager.
I have seen it with the NT Server Network manager (I think that was it?) that sniffed out the packets. I remember reading how to enable your firewall to block it. ITs been awhile since I read about it but its old news.
http://saveie6.com/
http://web.archive.org/web/20050323094149/http://w ww.hevanet.com/peace/microsoft.htm
and now for the obligatory Slashdot M$-bashing link:
http://www.windows-sucks.com/
Dang, that means I better remove /usr/lib/zen-updater/ZenUpdater.exe ...
(AFAICT, all mono apps are *.exe)
I can disable it at will.
Me too. there are three services that windows requires to get the free updates. They demand one of them is set to launch "automatic".
I reenable the services, and get the updates - I then disable the services and guess what?
No phoning home.
Automatic Updates (allows the site to find, download and install high-priority updates for your computer)
Background Intelligent Transfer Service (BITS) (helps updates download more quickly and without problems if the download process is interrupted)
Event Log (keeps a record of updating activities to help with troubleshooting, if needed)
make them manual -
Automatic Updates is the one that phones home.
It's trivially easy to shut off.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
You can integrate most anything into a Windows installer with The Unattended Windows Tutorial.
Simon's Rock College
There also appears to be a copy in \system32\dllcache\
I wonder if it gets blocked if I add it to the program list on Windows Firewall and uncheck it.
D) There have been false reports of pirated software.
Yea, I was talking to a friend of mine who sells laptops. He had some IBMs with legit copies of XP on them, but when people tried to run update it said the copies were "suspicious" and put the "Activate" thing on the start menu. Come to find out that it was just Internet Explorer 6 was blocking some Active-x controls. The whole thing was a tech support nightmare. People who bought them off eBay were calling him and accusing him of selling illegal copies of XP.
The comparative disro to RHEL is Centos, not Fedora. If you don't like the price of RHEl run Centos. Same Free code and legal.
It's from the novel "The Great Time Machine Hoax" by Keith Laumer.
The higher the technology, the sharper that two-edged sword.
overheard on irc:
if you want to get rid of annoying WGA shit, search LegitCheck.dll for 8B8560FFFFFF and replace the first one (near offset 2E8EE) with 33C090909090
The goal of many viruses is not to destroy stuff, but simple other goals such as:
- Make money over advertisement (adware).
- Botnets, in order to attain other goals (DoS, attacks, etc)
- Get passwords, credit cards number and other information which could be useful.
- Leave a message (think MSBLAST.exe kind). What better way to tell "I <3 you" than with the gift of a virus?
A destroyed installation of Windows does not serve much...Of Code And Men
I started using Windiz Update through Firefox. No IE, no Genuine Advantage. I may not get some updates or 0day security updates, but I can't say I've ever been attacked by 0day stuff anyway. It's always some crappy old forgotten virus that I get from dl'd warez. I keep my router locked down, I generate my important passwords through Gibson's site, and I don't do stupid shit (except dl warez from p2p.) I used to actually admire MS for not intruding on my machine. Then Genuine Advantage comes along, and I say "Game over man, game over!"
The skanky copies of XP have a prog that fires randomly generated license codes at the server until it finds one that works. That means that when a skanky copy works a genuine copy ceases to work. It is simply a matter of who gets there first. With all these skanky copies using up so many genuine license codes it is not surprising that so many people are getting pissed off. Despite what the post further down says I have tried this out and found the prog worked well and did not cause any noticable delay. That is not to say that I advocate the use of such progs and in fact I personally would not use XP on a machine that is actually connected to the internet and only use Linux for the net except to try certain things out.
I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
"Notify me but don't automatically download or install them". (In Control Panel -> System -> Automatic Updates.)
Then you can pick and choose which updates you want, and when you decline one, it pops up a message in which you can check "Never ask me again".
Too late for those who trusted Microsoft, though...now you have to do a lot of registry tweaks and stuff.
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
The "d" in "supposed" is increasingly seen as redundant when followed by a word starting with a "d"-like sound, such as "to". So "supposed to" becomes "suppose to", because they are phonetically very similar. It's just how it is these days.
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
http://download.microsoft.com/download/3/f/d/3fd1a 09d-af15-4ab7-a554-0ac6c1e76c16/MBSASetup-EN.msi
Link straight to the file. (version 2.0)
So does this allow you to "install" programs into the ISO file
Yes, that's exactly what it's for. I did this when I last upgraded my PC, because I was going SATA RAID, knew that the drivers wouldn't be available on my XP Pro CD (it predates SP1), and couldn't be bothered to buy a floppy drive (I've not had one for years). I integrated the drivers, Service Pack 2 and a few other hotfixes.
Have a look at this article, which details using nLite to perform the slipstreaming (note that the link in the article is dead for me).
It took me a couple of goes to get right, but ultimately that was my fault for not paying proper attention. The tool itself is pretty cool, and lets you integrate pretty-much anything appropriate into the installation CD, as well as allowing you to set defaults, including the product key; if you wish, you can make a completely unattended setup disk - literally allowing you to boot off the CD and walk away.
It's official. Most of you are morons.
Then again, it could be a goal in itself to keep machines unpatched, but mainly to pass a message. Disabling normal functionnalities (why my update don't work now?) should be a first hint that you may have unwanted code on your system, though.
Of Code And Men
What gave you the impression that this article pertains to 'remote deauthorization' or 'unlegitimization' of Windows? TFA describes how the anti-piracy tool can be shut down remotely. Basically, the developers weren't sure if the anti-piracy software would have unforeseen consequences, so they built in a mechanism for shutting it down.
Incorrect. The Seventh Circuit found that a shrink wrap license (EULA) is an enforceable software license.
Developers: We can use your help.
I have often wondered whether Steam has a similar feature - if Valve goes bankrupt, for instance, does it release you from the (ridiculous) copy protection/licensing arrangements put in place when you install Half Life 2 and other products?
Valve have said that patches would be released to release you from the copy protection in such a situation.
The best way to do any of this would be to simply check if the parent company's server is still there and able to provide authentication/updating. If it is unavailable for some reason the local software should function autonomously, as it always should, but without the need for approval from the parent.
If that was the case, pirates would disable their Internet connection temporarily to use the software. It wouldn't work.
By summer it was all gone...now shesmovedon. --
i think you mean English, not British English. everyone else is using a copy with some word and grammar changes, not us.