Slashdot Mirror
Microsoft Talks Daily With Your Computer
An anonymous reader writes "Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker.
The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down in case of a malfunction."
The EULA is suppose to disclose this daily call-in feature. Lauren Weinstein, who is co-founder of People for Internet Responsibility, was one of the first people to notice the daily communications to Microsoft. Report from Yahoo.com"
Anyone sniff out the offending packets yet? I'm sure they can't be too hard to identify. Probably simple HTTP posts.
If nobody has I'll sniff anything going to Microsoft's Class B (207.46.*.*) later tonight.
--
From Northern Virginia? Visit Fairfax Underground! (Just added: Fairfax County wiki, need submissions)
I don't have Windows. So Microsoft doesn't talk to my computer. Wouldn't a more accurate title be "Microsoft talks daily to Windows"?
Considering how often Windows is pirated, I can't say this surprises me. Their excuse is stupid. They should just say "Look, we know people pirate. So we're going to check. If you don't like it, tough." Don't hide it. I'm not saying they're right or wrong to do this -- just that they should be up front about it if they are going to.
It won't make a dent in their sales. Whether or not you hate Microsoft, love Linux/Apple, or cling to OS/2 -- Microsoft is currently the top dog. Right or wrong; I'm not taking a stance on that, here. It's going to take a lot more than this to hurt Microsoft's bottom line.
So, you know, just tell us what information you're going to collect.
Microsoft isn't using Genuine Advantage to call your mother nasty names. The theory behind it is that it will notify innocent users that the OS is pirated, and they can squeal on the person or business that sold it.
Microsoft should stick with the WGA to be validated only during updates. Otherwise, if someone hacks it and rerouts that message, they can grab all sorts of good authentication information that can be used to further more piracy. It seems to me that WGA is a very needed tool for Microsoft (given the amount of piracy outside the US), but they implemented it very poorly.
Validation should occur on an as-needed and secure basis _only_, and not however often Microsoft would like. It's practices like these today that leave bigger security holes for tomorrow.
Microsoft wants a safety switch in case this tool starts causing PCs around the world to explode. Thus the program checks with Microsoft once a day to see if it should shut itself off.
Good, I've been building our 2006-07 academic year image on XP and this tool has twice kicked-in and called my legit-via-volume-key XP image a fraud. I eventually figured out that I had to be less millitant about deleting miscellaneous files before syspreping the beast, but I can certainly see some malware out there deliberately hooking into this tool to exploit people.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
If they truly wanted your system to be safe (and "explosion"-free), they wouldn't install the Genuine Advantage tool in the first place.
It is appropriate for an NTP service to update a system's time once a day. It's a legitimate function, providing a useful service to the computer's owner/user. It can also be easily disabled, in most cases, if the owner/user does not wish for such capabilities. In most cases, the user would have actively had to install it in the first place, or at least consent to its use (ie. during a Linux installation).
This Windows "feature" reportedly cannot be easily disabled nor removed. Not only that, but it doesn't provide a useful feature to the computer user. And that's ignoring the security issues involving it.
If Microsoft has to include such functionality to prevent failure of a piece of its software, it should just remove the vulnerable software in the first place. That's the only sensible thing to do.
The last copy of Windows that I owned was "genuine", as well. I still dropped them once they started trying to push DRM and activation on me with XP.
This happened to my Uncle's computer yesterday - Uncle Sam that is. The WinBlows PC that is my email machine popped up the "This copy of Windows is not genuine" tag yesterday. This is on a major DoD site that has Everything legit, monitored, and locked up. It locked the system down so that I could not access the system with either the CAC card/PIN method nor the username/password means.
It took the (very good) IT guy an hour today to unscrew the system.
Thank God my scientific box is OSX!
And the unpatched machines happen to be the only ones which do NOT have Genuine Advantage installed.
Nobody drops my box but me. This isn't a safety switch for the consumer's benefit, this is a safety switch for their bottom line. Even ignoring this, what if some nice fascist government decided to compel M$ to disable peoples boxes? Or even better, M$ decides to get a big idea to hold the world PCs hostage?
How far do we have to go before the world has finally had enough of this overlord crap from big business and government? DMCA, Sony root kits, blank media taxes, Senator Fritz Hollings, RIAA hacking, software accessible CPU serial numbers, patents for everything and anything... When people? When are you going to stop handing your hard earned money to feed these beasts? You do have a choice.
--Neth
Two of my imaginary friends reproduced once
This happened to my Uncle's computer yesterday - Uncle Sam that is. The WinBlows PC that is my email machine popped up the "This copy of Windows is not genuine" tag yesterday. This is on a major DoD site that has Everything legit, monitored, and locked up. It locked the system down so that I could not access the system with either the CAC card/PIN method nor the username/password means.
The Genuine Advantage tool doesn't lock your system. It just doesn't let you download cool freebies (at this time).
You got hit by something else. Upthread someone said that there's some spyware which masquerades as the Genuine Advantage system, and *does* lock your system down.
Coming soon - pyrogyra
Okay, since genuine advantage only needs to verify my system ONCE and then never execute again, why does it need to check daily to see if it is going to cause my computer to explode and how does this protect me since the app is already functioning if it is able to phone home?
I think I would rather maintain control of what software runs on my computer, responsiblity for deciding whether I believe it will make anything explode, and retain the right to the final call over whether I will do something about it. If I were going to hand over those rights to a third party it would be a source I trust just a tad more than Microsoft. Like, perhaps, some random idiot off the street.
Windows syncs with an atomic clock? That is news to me. There is the windows time service but that does nothing of the sort. It will slowly sync your time with the master browser on your network but not with an atomic clock. I have always had to both disable this service and install ntp then point it at a real time source to get time syncronization working properly. My workstation(s) at work used to drive me nuts by changing to be ten minutes fast until I realized that the time on the domain controller was off.
If you ever install the Microsoft mouse driver from the CD that accompanies the mouse, you'll find that it too calls in each day.
Why does a mouse driver need to call in daily?
A better question is: Why install the driver at all?
Pretty well every version of Windows recognizes a Microsoft mouse with no need for drivers from the CD.
That's why it pays to read the EULA. What advantage can pseudo-spyware possibly have for the consumer? Even if it appears from the legal crap that it isn't harmful, how does it benefit you? It does nothing in the event that your copy is legal and gets really annoying if it makes a mistake. At best it has no effect and has the potential for negative effects, so there is no reason to install it at all. All that this program amounts to is a way for Microsoft to keep tabs on its consumers, with no benefits for said consumers. It is merely another footnote in the struggle between customers and the businesses that supposedly cater to their interests.
quia potentia mens mentis
What is really funny about this...
To beat the tool, all you have to do is slipstream the pirated cd image to SP2 and you are golden...
And how long until their regular check-in procedure for whether or not your computer is running legal copies of software morphs into a marketing opportunity by linking your ip address to your windows registration for tracking purposes? It would be the ultimate cookie, since it could essentially link every Windows user on the internet to the purchaser of the windows license, no matter where the computer moves to. Companies would leap all over this database in backroom deals, since it could allow advertisers or other companies to know the full identity of users the moment they bring up a page.
I am running 3 copies of WinXP, and own 5 legal licenses. I still don't want MS invading my privacy. If the only thing your worried about is whether it annoys you or not, you shouldn't mind your neighbor putting a web cam in your shower as long as he covers the little red light.
This seems pretty cool. So does this allow you to "install" programs into the ISO file (i.e., not install it in your current Windows installation)? If so, I guess this is better than imaging your harddrive, eh?
Last week my "genuine" copy of Windows was accused of being pirated when I accidentally changed the date on my computer. There was no way to fix it, I spoke with several members of Windows customer support who could not help me and transfered me in a complete circle ending up with the original number that I called. I had to reinstall windows, hoping it would help and that I wouldn't lose everything (since I was prevented from accessing windows during this time). Reinstalling (repairing existing installation) helped but I still got the "not genuine windows" warning until I changed the date back to the correct date.
:(
Thank you, Microsoft!
And luckily, you have that choice, but I am afraid it is you that has missed the point. Microsoft owns that software, not you. You are merely licensed to use it. By agreeing to the EULA and continuing to use Windows, you agree to whatever conditions Microsoft sets forth. The best part of it is that you *pay* for the honor of doing so. If you disagree with Microsoft's actions, you are free to use another operating system or office suite or what have you. I just wonder when that final choice will disappear; imagine if the EULA had a clause that stated, in legalese, "...and I further agree to only run Microsoft Operating Systems on this PC from this point forward". You know, all in the name of allowing Microsoft to provide better support, etc. No reason not to add a clause like that, really...
Don't forget that the Windows firewall software (which will supposedly protect outbound traffic as well as inbound in Vista) allows software to change the rules dynamically and without asking you.
I looked for a very long time on McAfee's site to figure out how the ASAP intranet updating software worked so I could set appropriate firewall rules. Then I noticed that with a fully locked-down PC, it was already receiving said updates and connecting to other locked-down PCs for them.
Great, I thought, the Windows firewall really is useless.
- Michael T. Babcock (Yes, I blog)
Well, it could...
Imagine, if you will, how Slashdotters are perceived: mostly Linux-fanatics, Microsoft-haters, bloody communists etc.
Is it not possible that some of us created a virus as a mere propaganda tool to make people turn away from Windows?
It wouldn't be that difficult - just create a tiny program that would check for unpatched and unprotected computers. Nothing virus-like in checking whether certain software is present on one's computer, right? And if it isn't, one ping of 'No.' won't make a large impact on network traffic. Then present the computer with a pop-up window which will install the actual program (porn or a Windows error would probably work best here as well). Then, on a certain date (sadly, 6/6/06, although very symbolic, passed without any such occurence), all unprotected computers just activate the installed "system modifier".
Even if most companies are unaffected, watch them slowly turn away from Windows.
Maybe not after the first attack, but after the second or third?
The question is: if we all really are such anti-social techno creeps, why haven't we done that already?
Ignore this signature. By order.
I did rename WGA* everythign to WGA*.bak. I couldn't kill the WGA process becuazse ti kept restarting.
The result was at the next reboot I got "ntkernal.exe is corrupt. Please replace from the original..."
In other words, I've been 100% crapware free but finally MICROSOFT screwed up my system by installing a worm with Windows Update!
Your paranoia is showing. About the only "freedom" Microsoft is actively trying to curb is the "freedom" to violate copyright[0].
On another point IT is arguably the most imporant industry on the planet. It is literally the glue that holds modern civiliation together. Ms is bad for IT, Ms is bad for civilization.
Maybe if you're a thirteen year old kid who thinks "modern civilisation" equates to ipods, Myspace and mobile phones.
"IT" has only been a significant part of "civilisation" for - at a stretch - thirty years (realistically, closer to ten).
I also feel compelled to point out that Microsoft has been one of the key factors in making "IT" so important in the first place. By pretty much any objective measure, Microsoft is *great* for IT.
I'm all for "fighting the man", but there are so many bigger, worthier targets than Microsoft out there it's just not funny (even if you restrict yourself to the area of "Intellectual Property" based corporations).
[0]Not that I personally have many qualms about violating copyright, but this "Microsoft is trying to oppress us" idiocy is really getting beyond a joke. Heaven help you if you were ever faced with *real* oppression. (That's the kind that actually puts your life at risk, rather than your ability to play the latest games for free.)
A virus could use one of the "Product-Key Changer" scripts (see http://support.microsoft.com/?kbid=328874) to install a pirated product key on every infected computer (whiping all traces of the original key).
This would render millions of genuine installations indistinguishable from pirated installations. What a mess for Microsoft! They would have to immediately "kill forever" the WGA helper, and maybe even remove the WGA check on Windows Update.
Such a virus would be a hard lesson to learn for the writers of all kinds of automated "genuine" checks.
Regards,
M.
I can only assume that somewhere in the bowels of the NSA exists an "Office of Cyber-Warfare," and within that office is someone tasked with writing and keeping up-to-date the nastiest, most destructive computer and network worms ever. If there's no explicit law against a particular weapon, I think it's a good assumption to make that the U.S. has one (or three, or five thousand).
That said, I'm not sure if initiating a computer-virus war would really be a good idea. It seems like we're definitely throwing stones out the window of a glass house there; do we really want to give our enemy a really good virus that they could tweak and throw back at us? Especially given the totally inappropriate places we use Windows? I think it's a mode of warfare that we have more to lose than to gain by employing, versus practically any other enemy.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
I had this happen to me - my copy of XP dates back to before the first service pack came out. So when I reinstalled it last weekend, windows validation was completely broken and refused to accept it was a genuine copy of windows. The solution was to update IE6 - adding the service pack, and going to google, searching for the phrase MS' site spat out at me, and finding the soution was a diagnostics web page on MS' site - a page which the windows validation page had no link to.
Effectively, MS' windows validation tool doesn't work with early version of windows, MS doesn't know how to link one web page to another web page, or if it does it prefers to hide any mention of software defectsor the need for a diagnostics page for windows validation, and my personal favorite: Google returns better results for microsoft.com than microsoft's search does.
Mac, here I come...
You own the copy of the media on which the software was delivered to you; you don't own the software itself. You are merely licensed to use it.
Hence, you can resell the media (yours) and the license (yours) but you can't duplicate the software and sell it (not yours!).
It would be interesting to see what Microsoft would do if EULAs were ruled unenforceable; I suspect that they would simply send you out a paper contract in advance of the software, which you would have to read, sign, and return, before they would ship you anything. That's actually SOP for some big enterprise software packages: they don't do their licensing via click-thrus, but rather through contracts signed by the legal parties involved ahead of deployment. Really that's the way it ought to be done -- people would whine about it being an "inconvenience," but at least you could walk away if the agreement looked like crap and not have to worry about getting a refund. I suspect though that at least in some Districts, that EULAs will be found to be quite valid, however, since in theory you can disagree and take the computer/software back for a refund.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
someone reversed engineered their phone-home protocol and send :-)
them a bunch of spoofed non-genuine messages using their own IP addresses
The terms of any EULA are not enforceable. It is not a valid contract and has no legal weight whatsoever. You purchased the license fair-and-square when you plonked down hard cash for a copy of Windows offered by some vendor. Once the sale is complete you own that copy of the software and the copyright holder can't impose any additional restricitons upon you.
I am becoming gerund, destroyer of verbs.
to make a tool to trash the cookies. Send back spurious, useless, marketer-crashing rubbish that calls their ENTIRE database into question. FUCKEM. With the exception of the copyright works of others, the data on MY computer is MINE. EVEN the fucking so-called copyright-protected cookies. If they generate cookie data with MY surfing habits, and I'm not getting PAID by them to use my info, then I will continue to trash, delete, or block cookies and their entire fucking domains.
I REGULARLY look at who is behind ANY new IP address, and I DO block entire domains. I don't know how many INDIVIDUALS have over 200 sites on their blacklist, but I do. When doubledick (among others), for instance, gets cute and scarfs up chunks if in-between addresses in random domains, I block the sub-domain if it's interfering TOO much with my surfing. But, in battle against some of these fucks, I DO tolerate 10-60 second page loads. I don't block EVERY company out there, just the big, fat-footed ones whom I suspect of mass-selling surfing information.
Thank YOU LINUX/OS devs and W3C: You helped me not have to surf with with ms crap at home.
BTW, IS THERE a cookie-corruption tool that will decrypt them so I can see what it is trying to do? Is there a way to defeat any checksums so that I can insert crap or taint the call-back numbers in the cookies? This would be so I can misdirect them and be part of a cookie-trashing movement. I'm not looking to gain unauthorized ACCESS, I want to DEAUTHORIZED and DESTROY most of the cookies. Not the ones to my e-mail providers, just the ones to sites I don't have any relationships with. I'm SICK of those who say cookies are harmless. Next, we need to root out those 1x1 pixels and taint them, too. Then the crawlers stuff, and whatever else that comes along.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"