Slashdot Mirror
Microsoft Talks Daily With Your Computer
An anonymous reader writes "Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker.
The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down in case of a malfunction."
The EULA is suppose to disclose this daily call-in feature. Lauren Weinstein, who is co-founder of People for Internet Responsibility, was one of the first people to notice the daily communications to Microsoft. Report from Yahoo.com"
The EULA is suppose to
That should be 'supposed'. What happened to the 'd'?
disclosed this
Oh, there it is.
... quickly shut down in case of a malfunction.
So Genuine Advantage needs to contact the mothership in order to be told that it's broken and needs to terminate?
Please.
The higher the technology, the sharper that two-edged sword.
Just one more reason NOT to use Windows as my operating system!
"Money is truthful. If a man speaks of his honor, make him pay cash." Notebooks of Lazarus Long, Robert A. Heinlein
*wraps computer in tin foil and duct tape*
BRING IT ON!!!
XP Phone Home!
Anyone sniff out the offending packets yet? I'm sure they can't be too hard to identify. Probably simple HTTP posts.
If nobody has I'll sniff anything going to Microsoft's Class B (207.46.*.*) later tonight.
--
From Northern Virginia? Visit Fairfax Underground! (Just added: Fairfax County wiki, need submissions)
I guess they forgot to disclose that in the EULA. Honest mistake, stuff happens. Now let's go back to not worrying about DRM or Net Neutrality because Big Bussiness is looking out for our best interests.
My moms computer which was bought from Best Buy and NEVER had windows re-installed on it was determined by Microsoft to be "not genuine". What fucking bullshit, I never was a Microsoft hater before that even though I used OS X, but calling my mom a criminal even though she isnt is just plain fucking bullshit. Microsoft, you made me a hater, though out of principle I refuse to use "M$"
Monstar L
The article is a bunch of fluff. Here is the boiled down version.
1. The Microsoft Genuine Advantage tool is installed on many computers now and checks to see if your copy of Windows is legit.
2. Microsoft wants a safety switch in case this tool starts causing PCs around the world to explode. Thus the program checks with Microsoft once a day to see if it should shut itself off.
Microsoft is not spying on you. This is a safety feature that I'm glad is included. Did you know your computer also checks with them daily to update your time with the atomic clock? Where's the Slashdot story for that?
TFA says "your computer", but aren't all Windows installs "my computer" on the desktop? Shouldn't it say "your my computer"? Or is it "my your computer"?
Ah screw it! And screw Microsoft, too.
The sea changes color, but the sea does not change.
I knew my PC was cheating on me after I got a Mac. But Microsoft...
"MicroSoft Talks Daily With Your Computer" ;-)
This implies that we all have either pirate copies of Windows, or have Windows at all. And a 'net connection.
Being Slashdot, you have to praise the editors for what they didn't do. In this case they didn't write it as Micro$oft, MicroShaft or MicroShit.
Good job, boys! Have a cookie!
Trolling is a art,
Just the other night my copy of ZoneAlarm was alerting me that this exe was trying to make a shout-out to the Internet. A little searching told me what this was, so I set it to permanently deny the request. Problem solved!
Anyone with a non-MS software firewall will see this POS phoning home all the time.
MicroSoft
So why are we talking about their 'tools?'
Honesty may be the best policy, but by process of elimination, dishonesty is the second best policy.
I heard horror stories of people with 'acquired' versions of Windows XP who went to the 'new' 'Windows Update' service and ended up with an annoying tray icon constantly reminding them that their version of XP is pirated.
But you know, I havent been to WindowsUpdate in over a year.
I use a great (and free) tool provided by microsoft themselves - called "MBSA" (Microsoft Base Security Analyzer) to download and install updates.
With MBSA, I can do a quick install of Windows XP with SP2 integrated in vmware, then run this tool, and find out that (as of yesterday) there are 39 hotfixes needed for vanilla XPSP2 install, and it gives me direct (no WGA crap) links to download these updates. All I have to do then is save them all one by one, integrate them into a XP SP2 iso image, and use this pre-integrated disk to install with.
Since i reinstall windows every few months this is not a problem, and for those who insist on keeping windows machine installed longer, they can simply use MBSA to download incremental updates and install them manually.
Here at Microsoft, we care about the Customer Experience. As a result, we've taken the following measures to make sure your experience is as pleasant and beneficial to you as possible.
- Our new operating system, Windows Vista, requires only the best high-end hardware so that, even on a system well beyond the power you should ever need, you'll still get the true Windows Experience(TM)
- The new Windows Media Player 11 features all-new and exclusive DRM, or Degradation Resistment Technology by Microsoft, which not only provides wonderful sound in the new and improved WMA format, but protects your rights as well.
- Our operating systems now report back with system information and other information which we feel should be collected from your system at any given time to improve your computing experience.
Microsoft: Where do we want to take you today?
"Everything worth innovating today will go to court tomorrow."
I don't have Windows. So Microsoft doesn't talk to my computer. Wouldn't a more accurate title be "Microsoft talks daily to Windows"?
Considering how often Windows is pirated, I can't say this surprises me. Their excuse is stupid. They should just say "Look, we know people pirate. So we're going to check. If you don't like it, tough." Don't hide it. I'm not saying they're right or wrong to do this -- just that they should be up front about it if they are going to.
It won't make a dent in their sales. Whether or not you hate Microsoft, love Linux/Apple, or cling to OS/2 -- Microsoft is currently the top dog. Right or wrong; I'm not taking a stance on that, here. It's going to take a lot more than this to hurt Microsoft's bottom line.
So, you know, just tell us what information you're going to collect.
Redirect 207.46.*.* to 255.255.255.255. Only stop doing this when you feel the need to update. Disable automatic updates and all other update services except when you want to update. Problem solved. Really, if people just took the stance of "Why does this thing need to communicate to another computer?" instead of "Why shouldn't I allow this thing to talk to another computer?", 99% of security issues would be complete bork. But, of course, that requires common sense.
What the??? You are upset because some corporations name was intercapped? Are you going to go into apoplexy every time somebody intercaps some corporations name?
What kind of an insane person cares about that?
evil is as evil does
Microsoft should stick with the WGA to be validated only during updates. Otherwise, if someone hacks it and rerouts that message, they can grab all sorts of good authentication information that can be used to further more piracy. It seems to me that WGA is a very needed tool for Microsoft (given the amount of piracy outside the US), but they implemented it very poorly.
Validation should occur on an as-needed and secure basis _only_, and not however often Microsoft would like. It's practices like these today that leave bigger security holes for tomorrow.
If they truly wanted your system to be safe (and "explosion"-free), they wouldn't install the Genuine Advantage tool in the first place.
It is appropriate for an NTP service to update a system's time once a day. It's a legitimate function, providing a useful service to the computer's owner/user. It can also be easily disabled, in most cases, if the owner/user does not wish for such capabilities. In most cases, the user would have actively had to install it in the first place, or at least consent to its use (ie. during a Linux installation).
This Windows "feature" reportedly cannot be easily disabled nor removed. Not only that, but it doesn't provide a useful feature to the computer user. And that's ignoring the security issues involving it.
If Microsoft has to include such functionality to prevent failure of a piece of its software, it should just remove the vulnerable software in the first place. That's the only sensible thing to do.
The last copy of Windows that I owned was "genuine", as well. I still dropped them once they started trying to push DRM and activation on me with XP.
... you never installed the update in the first place. Mwahahaha! For once, a bad habit of not installing updates right away pays off.
Your Computer: Hey Sweetie!
M$: Hi Schnookums!
Your Computer: Just checking in
M$: I love you honey
Your Computer: Bye Bye Baby
M$: Sweet Dreams
Your Computer: No you hangup
M$: No no you hangup
i used uinux in the older days , switched to Linux 10 years ago and now use ubuntu . never had any problems with "are you legit ? or are you stealing from us ? i would never want a company to treat me like i was a illegal alien . one like that doesnt get my money
That's why Ghost is such an important tool! 1/Create Ghost image of your OS 2/Go to MS let them install what they want 3/Check for updates & write down KB# but don't install anything 4/Download the KB's you need to your HD 5/Restore the image you made & install the updates you downloaded. Now you have your updates without any MS garbage on your PC. In case you didn't notice media player has been calling home for years & that doesn't seem to bother anyone!
A) They didn't tell anyone the software would do this.
B) We are supposed to trust MS that this thing is only asking MS if it needs to be shut off? What the hell kind of reason is that to phone home?
C) Why the hell does this software need to be running all the time? It's taking resources doing nothing but asking MS if it should be shut off?! Why can't it be started up and shut off only when needed?
D) There have been false reports of pirated software. Will this software one day just decide you're using a pirated version and kill your machine? Some people depend on their computers to feed themselves. If this software screws up and kills a machine and the owner has several days of downtime who's going to compensate them?
E) If you really think MS (or any large corporation for that matter) is above abusing phone home programs you got blinders on. Why should we trust large companies with our private informaton while not trusting actual people with our social security number?
F) The reason megacorps and the people who run them are so successful is always a combination of luck, smarts, and ability to stab people in the back and laugh about it. I'm not saying large corporations should be ended, but they should be approached with caution. They will try to get away with whatever the hell they can. It's the consumer's job to keep them in check... Well it's the goverment's job too, but they seem to be doing a shit job to say the least.
-Derick
In my blog^H^H^H^Hjournal I stated why Genuine Advantage only benefits spammers and virus writers. It's like if Bill Gates was holding the whole internet hostage against viruses and malware.
"Oh, that's a nice drive C you have there. It would be a shame if... something happened to it."
Microsoft could do something much more beneficial to the world if he remotely deactivated all network access in pirated windows- at least we would be safe from unpatched machines spreading viruses and spam.
And the unpatched machines happen to be the only ones which do NOT have Genuine Advantage installed.
http://web.archive.org/web/20050323094149/http://w ww.hevanet.com/peace/microsoft.htm
and now for the obligatory Slashdot M$-bashing link:
http://www.windows-sucks.com/
Dang, that means I better remove /usr/lib/zen-updater/ZenUpdater.exe ...
(AFAICT, all mono apps are *.exe)
90 days for hackers to find an exploit in Wga to subvert microsoft's own servers into spambots.
Non sequitur: Your facts are uncoordinated.
TFA says "your computer", but aren't all Windows installs "my computer" on the desktop? Shouldn't it say "your my computer"? Or is it "my your computer"?
I got a totally different result myself. When I ran Windows Update on my parents laptop about an hour ago Windows Update renamed 'My Computer' to 'All your computer are belong to Microsoft' and changed the system name to 'Skynet subnode 3964270017356334576934-X371N02'. Has anybody else experienced this?
Only to idiots, are orders laws.
-- Henning von Tresckow
If you ever install the Microsoft mouse driver from the CD that accompanies the mouse, you'll find that it too calls in each day.
Why does a mouse driver need to call in daily?
A better question is: Why install the driver at all?
Pretty well every version of Windows recognizes a Microsoft mouse with no need for drivers from the CD.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Long ago I renamed mine to "Bill's Computer." I just didn't feel like it was mine anymore. ='(
This sig rocks the casbah.
You can integrate most anything into a Windows installer with The Unattended Windows Tutorial.
Simon's Rock College
Oh, yeah that is a good way to disclose something to the public. You can write in under your plan to assassinate the president and take over the world.
You don't have to be smart to use a Mac, you just have to be smart enough to buy one
In contrast, the ``phoning home" talked about in the article involved sending information TO Microsoft about your computer but for their purposes.
"Every decent man is ashamed of the government he lives under." - H.L. Mencken
And how long until their regular check-in procedure for whether or not your computer is running legal copies of software morphs into a marketing opportunity by linking your ip address to your windows registration for tracking purposes? It would be the ultimate cookie, since it could essentially link every Windows user on the internet to the purchaser of the windows license, no matter where the computer moves to. Companies would leap all over this database in backroom deals, since it could allow advertisers or other companies to know the full identity of users the moment they bring up a page.
D) There have been false reports of pirated software.
Yea, I was talking to a friend of mine who sells laptops. He had some IBMs with legit copies of XP on them, but when people tried to run update it said the copies were "suspicious" and put the "Activate" thing on the start menu. Come to find out that it was just Internet Explorer 6 was blocking some Active-x controls. The whole thing was a tech support nightmare. People who bought them off eBay were calling him and accusing him of selling illegal copies of XP.
I am running 3 copies of WinXP, and own 5 legal licenses. I still don't want MS invading my privacy. If the only thing your worried about is whether it annoys you or not, you shouldn't mind your neighbor putting a web cam in your shower as long as he covers the little red light.
And Google Toolbar with pagerank checking enabled tells Google every url you ever visit.
This seems pretty cool. So does this allow you to "install" programs into the ISO file (i.e., not install it in your current Windows installation)? If so, I guess this is better than imaging your harddrive, eh?
if microsoft can remotely 'unlegitimize' a copy of windows,
couldn't a virus or worm massively remotely cripple loads of machines
by exploiting this...?
It's from the novel "The Great Time Machine Hoax" by Keith Laumer.
The higher the technology, the sharper that two-edged sword.
Microsoft seems too dense to realize that they've squandered trust, and need to be above reproach like Caesar's wife (see Shakespear's "Julius Caesar" ;-)). That means that they need to make sure to disclose these kinds of things; failure to do so (before a third party does it for them) just makes them all the less trustworthy. This episode demonstrates sheer idiocy on their part.
-- "I never gave these stories much credence." - HAL 9000
Anybody know what port this dials home on?
What's with that wheel?
it's been driving me nuts.
Yarr!
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
I knew it! I knew that there was something going on!
I always thought it was too co-incidental when things crashed.
Now we know - Windows and MS's servers are whispering quietly to each other:
MS: "Psst... Is it inconvenient yet?"
Win: "Nah, not yet."
MS: "What about now?"
Win: "Just hang on a minute... Pardon the pun."
MS: "What's happening now?"
Win: "Well, he's up to 20 pages now and he hasn't hit Ctrl+S to save..."
MS: "And Autosave?"
Win: "Who do you think I am? I made sure that was disabled ages ago! When should I go?"
MS: "...Wait for it.... Wait..... NOW!"
STOP 0x0000001E (4a4a4a4a4a, 4a4a4a4a4a, 4a4a4a4a4a, 4a4a4a4a4a) KMODE_EXCEPTION_NOT_HANDLED
Win: "ROFL! He's screaming and kicking the desk! Aw man, you should have seen him hit the monitor! What a wanker!"
Now we know...
"Notify me but don't automatically download or install them". (In Control Panel -> System -> Automatic Updates.)
Then you can pick and choose which updates you want, and when you decline one, it pops up a message in which you can check "Never ask me again".
Too late for those who trusted Microsoft, though...now you have to do a lot of registry tweaks and stuff.
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
1. Get people used to OS phoning home
2. Get bill passed to allow remote killing of PCs (NB, am big corp so should be easy)
3. Install 'innocent' patch
4. ???
5. Profit!
I want a list of atrocities done in your name - Recoil
Your paranoia is showing. About the only "freedom" Microsoft is actively trying to curb is the "freedom" to violate copyright[0].
On another point IT is arguably the most imporant industry on the planet. It is literally the glue that holds modern civiliation together. Ms is bad for IT, Ms is bad for civilization.
Maybe if you're a thirteen year old kid who thinks "modern civilisation" equates to ipods, Myspace and mobile phones.
"IT" has only been a significant part of "civilisation" for - at a stretch - thirty years (realistically, closer to ten).
I also feel compelled to point out that Microsoft has been one of the key factors in making "IT" so important in the first place. By pretty much any objective measure, Microsoft is *great* for IT.
I'm all for "fighting the man", but there are so many bigger, worthier targets than Microsoft out there it's just not funny (even if you restrict yourself to the area of "Intellectual Property" based corporations).
[0]Not that I personally have many qualms about violating copyright, but this "Microsoft is trying to oppress us" idiocy is really getting beyond a joke. Heaven help you if you were ever faced with *real* oppression. (That's the kind that actually puts your life at risk, rather than your ability to play the latest games for free.)
Excuse me, in what order did you write that date ?
When all numbers are below 12, it's quite hard to get a clue
Is it even 2006 ? 1906 and 1006 fits in too...
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
A virus could use one of the "Product-Key Changer" scripts (see http://support.microsoft.com/?kbid=328874) to install a pirated product key on every infected computer (whiping all traces of the original key).
This would render millions of genuine installations indistinguishable from pirated installations. What a mess for Microsoft! They would have to immediately "kill forever" the WGA helper, and maybe even remove the WGA check on Windows Update.
Such a virus would be a hard lesson to learn for the writers of all kinds of automated "genuine" checks.
Regards,
M.
I've discovered a patch which disables Windows' "phone home" reporting. It's a fairly large download, but it seems to work.
This is my post. There are many others like it. If you don't like what you read here, go try one of the others.
So does this allow you to "install" programs into the ISO file
Yes, that's exactly what it's for. I did this when I last upgraded my PC, because I was going SATA RAID, knew that the drivers wouldn't be available on my XP Pro CD (it predates SP1), and couldn't be bothered to buy a floppy drive (I've not had one for years). I integrated the drivers, Service Pack 2 and a few other hotfixes.
Have a look at this article, which details using nLite to perform the slipstreaming (note that the link in the article is dead for me).
It took me a couple of goes to get right, but ultimately that was my fault for not paying proper attention. The tool itself is pretty cool, and lets you integrate pretty-much anything appropriate into the installation CD, as well as allowing you to set defaults, including the product key; if you wish, you can make a completely unattended setup disk - literally allowing you to boot off the CD and walk away.
It's official. Most of you are morons.
Yes. If you fail to read the contracts you agree to, you may very well have your first-born taken away from you.
By denying Microsoft the rights you agreed to granting them, you are indeed in breach of contract. You are not doing what you agreed to do, simply put.
If you have a problem with this stuff - buy a Mac (and read the contract/EULA before you start using it) or run Linux (the same applies here).
Stop the brainwash
If someone had a certain item stolen and then looked in your window and saw that similar item in your house, they do not have the right to break down your door and check the serial # to make sure it isn't theirs. Yet for some reason big software companies have to right to invade my personal property (my computer) to verify that I actually own the software. This totally bypasses our entire legal system and our constitution and I have no idea why they are getting away with it.
with mouse drivers calling daily and now the "genuine advantage" calling in daily you would expect that, by now, MS would have a database bigger than Google's. What are they going to do with this, anyway? BTW: I have a client who was told by Genuine Advantage that he had a pirated version of XP and that he had to pay for a new OS. I left him trying to find his sales receipt from a large, national, computer distributor.
Thank God I've been running Linux since 1993!!!
No one ever had to evacuate a city because the solar panels broke!
to make a tool to trash the cookies. Send back spurious, useless, marketer-crashing rubbish that calls their ENTIRE database into question. FUCKEM. With the exception of the copyright works of others, the data on MY computer is MINE. EVEN the fucking so-called copyright-protected cookies. If they generate cookie data with MY surfing habits, and I'm not getting PAID by them to use my info, then I will continue to trash, delete, or block cookies and their entire fucking domains.
I REGULARLY look at who is behind ANY new IP address, and I DO block entire domains. I don't know how many INDIVIDUALS have over 200 sites on their blacklist, but I do. When doubledick (among others), for instance, gets cute and scarfs up chunks if in-between addresses in random domains, I block the sub-domain if it's interfering TOO much with my surfing. But, in battle against some of these fucks, I DO tolerate 10-60 second page loads. I don't block EVERY company out there, just the big, fat-footed ones whom I suspect of mass-selling surfing information.
Thank YOU LINUX/OS devs and W3C: You helped me not have to surf with with ms crap at home.
BTW, IS THERE a cookie-corruption tool that will decrypt them so I can see what it is trying to do? Is there a way to defeat any checksums so that I can insert crap or taint the call-back numbers in the cookies? This would be so I can misdirect them and be part of a cookie-trashing movement. I'm not looking to gain unauthorized ACCESS, I want to DEAUTHORIZED and DESTROY most of the cookies. Not the ones to my e-mail providers, just the ones to sites I don't have any relationships with. I'm SICK of those who say cookies are harmless. Next, we need to root out those 1x1 pixels and taint them, too. Then the crawlers stuff, and whatever else that comes along.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"