Slashdot Mirror
WGA — Too Many False Positives
An anonymous reader writes, "Microsoft insists that its Windows Genuine Advantage anti-piracy program is nearly flawless. But that's not the impression you get when you visit the company's WGA Validation Problems forum. Ed Bott at ZDNet went through 137 problem reports submitted there during a two-week period, each one accompanied by the output from the official Microsoft diagnostic utility, and found that 42% of the people reporting problems were actually running Genuine software. From the article: 'One large group consists of people who, for some unexplained reason, were displaying cryptographic errors related to digital signatures. The problem is so common, in fact, that Microsoft representatives have a canned response they paste into replies to forum visitors who appear to be showing false positives caused by these errors.' In a related story, the first WGA errors from Windows Vista and Office 2007 have appeared in the wild."
42%? I guess that is why WGA should be described as "Mostly harmless" rather than "nearly flawless".
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
It's more than likely that one of the very few problems you could experience with this software is that it gives you a false positive--therefore a high percentage of forum posts are based on this problem.
Honestly, do you think that every person who used this with success went straight to the forum boards and posted "Success! Thanks Microsoft!"?
Wait, you're trying to tell me that a software program run on thousands of machines has failed in some cases!? No fscking way. That never happens--WGA should be error free--this is unacceptable.
In the software world, 137 problems on say 5,000 cases of average people using your brand new product is "nearly flawless." I would guess 50% are user error, 42% false positives and 8% other.
How is this news? Come on guys, I hate Microsoft as much as the next Linux user but I'm not blindly stupid about it
My work here is dung.
Think of it this way. 137 users in 2 weeks. How many users run Windows again? I am not defending WGA however it is not extreeme as it may seem.
The greatest revenge in life is massive success.
Back in July(?) when Microsoft issued an update to the WGA tool, I figured I may as well install it (I'd be forced to eventually) on my one Windows box. So I installed it, and rebooted, and the login screen proclaimed loudly that Windows was not genuine. (Well, not literally loudly, it didn't shout over the speakers or anything -- which would be an interesting deterrent, now that I think about it.)
This came as something of a surprise, given that:
I logged in, did some searching on Microsoft's knowledge base, and found a link that said something like "Validate here." I clicked on it.
To my surprise, it told me my copy was perfectly valid.
I eventually concluded that Norton Internet Security had blocked the initial validation attempt. Because there was no desktop shell, there was no opportunity for it to pop up a notice and ask me if I wanted it to let the data through.
After that experience, I can't say I'm surprised that Microsoft found many of their false positives to be the result of security software. Admittedly, they were looking at registry changes, crypto problems and McAfee, rather than a transient error with Norton.
those who can read statistics and those who can't.
There is no way you can derive a headline like "WGA giving 42% false positives" from a statement like "42% of the users that reported problems with WGA ran genuine software". 42% of the problems sampled should not have triggered problems, but that's all, there's no insight how many attempts of validating your Windows license there are.
There are at least 10 people who don't understand this: One slashdot poster and one slashdot editor.
memomo: free web based language trainer DE-EN-ES-FR-IT
Did you know that 95.4% of statistics are made up on the spot.
Does this mean that all MS-Windows computers MUST be connected to the Internet to run now?
Really, 90% of them are currently connected, but sometimes...for safety's sake, I like to keep one completely disconnected from the Internet and feed it updates manually via CD-media.
Wild guess here -- people with legitimate software are a lot more likely to submit problem reports than people with bad copies are to post "My 1337 w4r3z w0n7 w0rk! G00d j0b!"
What I'm listening to now on Pandora...
Just the other day, some /.er was trying to say that Linux isn't ready for primetime. While this might be taken out of context slightly, it doesn't look like Windows is ready for primetime either. More to the point, the differences between OS's is more a case of how many problems and what type of problems you are willing to put up with. I can't see this story as anything but a boon for the various Linux distributions, and of course, for Apple.
One facet of this comparison is that Linux (generally) does not claim to be perfect, or the best operating system to have. This, to me, looks like the playground bully trying to recover from having his pants fall down around his ankles.
While WGA is a plausibly good idea for someone that sells their software, the implementation of it has left a lot to be desired.
Support NYCountryLawyer RIAA vs People
How many false copies of windows pass as authentic?
Haha... Vista RC1 just decided to stop working one day, even though I had a legit validated key from Microsoft (I called to have it activated).
I just booted it up one day, and it said "Your copy of windows is not activated". The best part is that it refused to accept the unlock key generated by the automated phone system!
Good thing I didn't have any important information locked up on it!
-Tom
Hmmm, I wonder how long it will be before someone is able to get Wine to run the WGA utils well enough to get accepted as genuine.
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
That's when WGA says the copy is non-genuine, and Microsoft's Genuine Advantage diagnostics tool disagrees and says it's genuine.
What I don't get is why they don't just take the flawless detection code from the diagnostics tool and put it into WGA.
WGA should not exist. It causes hassle for paying customers, that's all. Pirates find their way around. If it worked perfectly, it would be bad enough, but if even one legitimate person is locked out of his computer, MS has some serious explaining to do.
WGA -> Would've Got an Apple if I knew then.
In my neck of the woods two people in my family are thinking of a full out change and so are a few of my friends. It's obviously not just because of WGA. It's a lot about a growing feeling of insecurity and anger at a company that just doesn't seem to care a damn.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
I see no advantage. Even if you have a perfectly valid copy of windows, there are really two possible outcomes:
1. System works fine, and your copy of windows keeps working just as before. No added benefits.
2. System stops working due to problem with WGA.
Given that there is no benefit and the possibility of a downside, I fail to see why you would choose to install or use such a technology if you know about it. It is a move with only a negative expected value.
SSL Certificate
Is Windows drug like in nature? It keeps doing things to people, that said people don't seem to like. Yet they keep coming back. I used Windows since 3.1, I never really liked it..but always thought that it was the best thing out there. As soon as I found that things could be better, I slowly moved away from Windows. I am now free enough of Windows that I don't suffer any of these problems that people seem to complain about regularly. It's like windows is the abusive husband, and you all , Windows addicts, are the abused wife....get help people.
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
we shouldn't be complaining, cause everybody knows that the consumer is far from being as important as fighting computer piracy.
Copyright infringement is "piracy" in the same way DRM is "consumer rape"
Here at home, out of my 3 PC's connected to the network and internet, 2 of the 3 PC's are currently running pirated copies of XP and have safely passed WGA and currently get their updates flawlessly via AutoUpdate at MS. The reason that is not 3 out of three, is last month I had to replace my HDD, reinstalled my legit, retail WinXP Pro cd, went to MS updates only to be barred from updates and activation because they determined my retail cd was pirated- have had it running on old HDD for 3 years prior with no problems.
The reason the other two are running pirated XP was an experiment after the legit pirated fiasco on this PC.
I decided I had had enough, booted into FC5, repartioned the drive to all Linux and haven't looked back.
Don't care what Vista is like, as I will not even reinstall XP anymore. This weekend, both of the other PC's will get their XP partitions deleted and go back to dual boot Win98se and Ubuntu only. The XP partitions are too small to be more than barely functional, so no sense in trying to leave them running.
So here is 3 sales/upgrades that MS won't get.
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
I worked in a small local computer shop for a couple of months this summer. The following happened to me two times during that period.
Some customer would bring in a computer that wouldn't start. We determined that the motherboard was faulty, and replaced it with a similar one.
Windows starts up, everything works, except it wants to be re-activated again. Online activation fails, so I phone Microsoft, enter the forty-something digit number, reads the product key to someone, who then tells me that they are very sorry, but no, for some reason they cannot give me a re-activation code, so I will have to reinstall Windows in order to get it working with that product key. However, changing the product key works fine.
So I call the customer and explain the situation to them, and let them choose between:
1) me taking their harddisk out, attaching it to our backup machine, backing up all their stuff, reinstalling Windows, and all their programs, and all updates, then restoring the backups, and
2) buying a new xp home license,
they both chose option 2. That way they would get their machine back with their entire configuration intact, and if they chose option 1, all that work I would have to do would take so long time that they wouldn't be saving much anyway, compared to buying a new license.
This only happened these two times; most times when we replaced a motherboard, either the reactivation over the internet would work, or the phone representative would give a working reactivation code.
But these two customers payed for a new XP Home license even though they owned a fully legal one already.
You know, Microsoft's street address also says a lot about their mentality.
My question would then be: if it's working, how many of you even bother to visit Microsoft's forum to post "Thanks, it worked"?
Usually, when a fix works, people move on, and don't go back to forums to confirm things are working.
Beware: In C++, your friends can see your privates!
I've had exactly this problem - my copy of Windows is as genuine as you can get (MSDNAA Download) and yet WGA still reports it as being an illegal copy. What's stupid is that Windows Update, the WGADiag tool *and* the Firefox WGA Tool MS provide all identify it as Genuine.
I've used one of the many hacks (Removing execute permission for the Local System account to the WGA files and then deleting them) to remove WGA from my machine and now I only use MBSA for my patching. It's a little long winded, but it's infinitely better than the hassle of being repeatedly told that my copy of windows is illegal when it clearly isn't.
It offers no benefit to me. Why would I want that installed when I have a perfectly good copy of XP Corporate Edition? I don't give a shit about the latest media player, or IE7. Sure, I take the critical updates when I'm offered them but that is all. I ran the WGA tool and of course I am not a valid user of Windows XP. Saying that though, I am a legitimate owner of an XP Home license. Which I haven't used in years, I keep the keycode safe though. I used XP Home for a while, but I found it restrictive for my needs; so I installed a bootlegged copy of the corporate edition which has always been fantastic.
If MS sold their software at a lower price they would generate more sales that would compensate for the low price.
I know so many people that say "I would buy windows, if it didn't cost hundreds!" If they sold the pro edition for a cheaper price then they would sell so many more that it would compensate for the few that did pay the higher price. I'm not in marketing, I'm in accountancy, so I know about economic curves and I think MS is just milking the corporate market for as much as they can. If they opened up their 'pro' systems for lower prices I am sure their sales would increase as well as their revenue.
MS alienate potential buyers with their WGA and high prices. Set your prices low, and sell a bundle. Look at your profits, M$, you're not "hard done by".
I am sick of Windows, but I'm even sicker of the geek who assumes that just because he switched his home computer—or even his office server—over to Linux that anybody should be able to ditch Windows whenever they feel like it.
There is a real world out here, and in it there are thousands of small companies that have to use computers to communicate with their customers and suppliers and to keep up with their competitors but that are too small to afford even a part-time IT guru. Companies like that have to buy their accounting software, their production software, their shop management software, their design software—and what's for sale out here in the real world only runs on Windows.
It's not, "can't be bothered to jump to a competitor". There is no competitor, not realistically.
I figure by 2030 or so my 6-digit UID will be something to brag about.
"nothing is as aggravating as realizing how many of the problems are intentional design decisions". You said it.
You know, Microsoft's street address also says a lot about their mentality.
I notice a decided lack of responses to this post. You know why? Because Linux users never have a real response for stuff like this other than "Run it under WINE!!!1!!"
You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
Start pestering the makers of these programs to start working on porting them. The more people start making a racket about being tied to one OS and demanding that their money be given a choice, the more software companies will listen up and start working on giving us all freedom of software
The unexamined life is not worth living
what is M$'s incentive to fix this when the bugs mean they sell more products?
Klingon Software is not released, it escapes, inflicting terrible damage onto the enemy as it does
Even when you call them on the phone and are 100% legit they dont do much for you. " Your only option is to reformat and install a freshly purchased copy" " have a nice day and thanks for choosing microsoft"
And no im not kidding, im heading out to 'repair' the very user that called microsoft crying for help. Its far to easy to just change your # then reformat..
Screw them and WGA.
---- Booth was a patriot ----
That's 42% of the 137 reported problems, not 42% of of all WGA installations.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
Similarly, if you are locked in anyway, what motivation is there for Microsoft to fix anything? If you can't even threaten to jump ship then what are you? A galley slave. That oar you're chained to, it's called Windows.
How we know is more important than what we know.
Wine isn't perfect. Some Windows applications do not work well under Wine.
Not my topic, but what the heck...
You know, OSS does not need to mean free. Why not donate part of what you save on lincensing to those OSS developers? Or fly them out on a junket? Or give them a leftover PDP POS in your storage that you've not fired up in years?
You are not a fool, so what guarantee can you expect from the developers that give their work to you open and free, at their loss, without any reward, often not even trivial thanks and appreciations.
Obama likes poor people so much, he wants to make more of them.
Some???
Your joking right.. In my humble opinion, wine is a piece of shit.
Computers aren't many thousands of dollars anymore, buy a $300 emachine, and run windows on your office computer if you need to. Come on, get real.. who can't afford to buy windows that needs to be running it?
I can go down to Walmart and BUY a computer with windows and be just fine. If I need to run Peachtree. I have a small business myself (Am a partner), we have about 6 Linux servers.. 1 is running PGSQL, one is running Resin/Java... the rest are running Asterisk. We put them into a 1/2 rack that we pay $400 a month for. We have a office full of windows workstations for our Customer Service, though all of them are using Windows & Xten phones for SIP taking incoming calls on Asterisk from a phone provider who has a sip gateway. Yes , we are windows friendly... but shit.. come on!
We have an accountant that keeps our books in order, taxes in line.. she uses Peach-tree. if someone thinks a -real- business is going to have a hard time paying $375 for a low end dell, with windows.. to do NOTHING but run Peach-tree... they have their head on backwards. You will spend more than that in man hours trying to get some linux goon trying to get whatever wacky-ass hack-accounting package to work.
Windows is a commodity, cost of doing business. Running Linux or Mac is nothing more than a luxury, being a linux/java programmer myself.. I don't see any savings at all, I find nothing more than comfort in working in my own familiar environment (My Mac doing Java programming and voiceapp work on Asterisk for Linux servers).. but that's just as expensive as a MSDN membership and paying for windows licenses on servers...
I disagree that running Linux is a luxury unless you add that running any computer is a luxury. Last week I bought a new pc with linux preinstalled. The lowest priced Windows PC was twice what I paid for mine. And they all had XP installed, because of Activation and WGA I had decided years ago I wouldn't buy another Windows OS unless I absolutely had to or until MS got rid of Activation and WGA. Now I did have to get a card of ram because the pc didn't come with enough and a second harddisk, again for the same reason, but even then I was able to pay less than the cheapest Windows PC.
I haven't tried Wine so I don't know how well it works. But for those Windows apps I may want to run in Linux, the only one I know right now is XMLSpy, has been tested to run in CodeWeaver's Crossover. I agree with you in that as with any other tool you should use the computer system/OS that works for what it's supposed to do.
Should there be a Law?
Oh, please just grow up. What competitor? What other OS runs MasterCAM, Autodesk Inventor, JobBOSS, Quickbooks and all the other software companies like ours depend on to keep revenue coming in and the IRS satisfied?
Great, you gave a valid reason for 10% of the office to run a paticular vendor's OS. How about the rest of the office? It's time to get something that is reliable.
The truth shall set you free!
After 2 hours on the phone with clueless MS reps, I was "accidentally" disconnected by the tech without being given a resolution. 5 minutes on Google and I "resolved" the issue on my own.
So how well do you like Ubuntu? I have had no problems with it myself.
The truth shall set you free!
We use only HP desktop systems, all of which come preloaded with XP. One day after MS pushed this malware out (and WGA is malware by any definition, so sue me Gates) via a "critical" update that came via automatic update, several of our recently installed HP DC5100 PC's came up with the WGA trojan virus (sue me again Gates) and refused to allow a login. Microsoft told us to call HP who told us to call Microsoft. No remedy was offered.
So, we wasted two days reloading a bunch of PC's that most definitley had legal software, in two of our divisions.
The result? Windows Update service is DISABLED on our domains, and I am looking into some sort of update deployment program that will allow me to choose which updates go out to PCs.
Microsoft, I guess thinks it can operate like the RIAA, assume that their customers are thieves and treat them like criminals.
I can tell you this much, I don't see myself deploying Vista anywhere until it's absolutely unavoidable.
Corporatism != Free Market
Did you know that 99.9% of people being treated for cancer have cancer?
42% is surprising - but it's not surprising because it's high, it's surprising because it's low. Wouldn't you expect that 100% of the people complaining about problem with WGA would have genuine software?
paintball
I've seen it proven over and over again since the old CP/M days:
There is no copy protection system that saves as much by preventing piracy as it costs in terms of legitimate customer dissatisfaction.
Thank you for proving this once more, Microsoft!