Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dvorak on Windows Genuine Advantage

Posted by ryuzaki0 on from the good-cop-hacked-cop dept.

PadRacerExtreme writes "Vista includes the much maligned 'Genuine Advantage' layer inside, which ensures that your copy of the OS is legit. If you're running a non-validated copy you get no upgrades, no security protection, nothing. That's all well and good, but what happens if a cracker tweaks that Genuine Advantage layer for its own good? Dvorak sees a huge problem, just waiting to happen. What's the vulnerability?" From the article: "I suspect the policeman [WGA] will actually be hacked before the OS. It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version. There is some irony to that idea. But that's none of my concern. I'm more worried about some joker creating a virus or exploit that turns the good cop into a bad cop, and I can only imagine the destruction and hassle that will ensue."

12 of 236 comments (clear)

  1. Sadly by Null+Perception · · Score: 5, Insightful

    Dvorak's forecast of the future is often wrong.

    --
    Great new book on Evolution: The Greatest Show on Earth by Richard Dawkins
    1. Re:Sadly by Artifakt · · Score: 5, Insightful

      For once, John has gotten it right, even making a more detailed prediction than just "it'll probably be hacked". There are two good reasons (from a black hat perspective) to crack WGA:

      1. Make a bootleg copy look authentic.
      2. Make an authentic copy look bootleg.

      Figureing out how to do one means you have done at least 80-90% of the work to figure out the other. That's essentially twice the normal incentive to crack a Microsoft product. #1 has an obvious financial incentive, but #2 may have one too, if the cracker is willing to consider extortion or similar modes of funding. If the cracker is doing it just to spite MS and/or MS users, the same double whammy applies.

      --
      Who is John Cabal?
  2. Low-hanging fruits by overshoot · · Score: 5, Insightful
    It's always easier to make something do what it's supposed to do (even when it shouldn't) than it is to make it do something it's not designed for.

    For instance, chainsaws are designed to cut off limbs. Tree, human, what's the difference?

    WGA and successors are designed to disable Microsoft systems. OK, I'm sure that there are those who appreciate the help.

    --
    Lacking <sarcasm> tags, /. substitutes moderation as "Troll."
    1. Re:Low-hanging fruits by dsanfte · · Score: 5, Insightful

      That's not the point. The point is that Microsoft has designed their OS with a single point of failure, and to top it all off, if anyone were to exploit that point of failure, the deafening ring of poetic justice would be heard the world over.

      WGA is a key to every Windows box on the planet and a giant club with which to beat Microsoft over the head if it's every hacked, and you can bet that's not going to go unnoticed by those with the capability to pull this off. It would be the hack of the freaking century.

      --
      occultae nullus est respectus musicae - originally a Greek proverb
  3. Dvorak? What does he know about computers? by Anonymous Coward · · Score: 5, Funny

    The guy writes some symphonies back in the late 1800s, then in the early 1900s designs a keyboard that nobody except a few nerds can type on, and NOW he's criticizing Windows?!?!
    Not only is this guy old, he should be commenting on things like piano typewriters or something like that...

    TDz.

  4. Who Polices the Policeman? by w0d3h0us3 · · Score: 5, Funny
    It happened in a committee inside Microsoft when someone came up with the brilliant idea of essentially creating a virtual policeman to watch over the operating system to make sure it has the right "papers." This is an interesting idea, but who watches and authenticates the policeman?
    I got it! "Windows Genuine Advantage Genuine Advantage."
    1. Re:Who Polices the Policeman? by Volante3192 · · Score: 5, Funny

      WGA = WGA's Genuine Advantage... ...some GNU freaks are gonna dock me for that one, but it's SO worth it.

  5. Forbidding Vistas: Windows licensing disserves the by CoJeff · · Score: 5, Informative

    Beware. Vista is an OS like no other. I'm for one am not going to upgrade after reading part of the EULA. 4. Problem-solving prohibited. "You may not work around any technical limitations in the software." http://wendy.seltzer.org/blog/archives/2006/10/19/ forbidding_vistas_windows_licensing_disserves_the_ user.html/

  6. Please Wait by Geccie · · Score: 5, Interesting

    Whomever creates the crack of the century and turns the good cop bad, Please PLEASE be patient. Don't just send out the bots 2 days after Vista's launch, give Vista a chance to permeate the bowels of the gulible and self opressed - Then - and ONLY THEN can the bots be launched, creating a wondrous show for the rest of use to enjoy.

    Microsoft has long been due the fruits of their incidious labor and it is only just that they reap the true rewards.

  7. Re:I particularly like this bit: by Fatal+Darkness · · Score: 5, Interesting
    Patients on life support? Is this the new "it's for the chilllldren!" in the software industry? Hospitals and life-support systems seem to come up really often when validation scenarios like this are discussed, yet, I have never, EVER heard of a patient dying because Windows crashed. I suspect this might be due to medical equipment manufacturers not quite being dumber than a bag of hammers and therefore not using Windows in life-critical situations.


    Perhaps not life support, but I was interested in getting LASIK surgery at one time. I went to a presentation given by a doctor that came highly recommended from some of the locals. When they were showing off the actual laser equipment that performed the surgery, it turned out the machine was controlled entirely from a PC workstation running Windows NT. I asked one of the doctors what would happen if the controller "blue-screened" during the procedure and was told they would have to contact the developers and research that and get back to me. I never received a reply, and they never received my business! I'm not taking any chances with my eyes, I'll stick with glasses.
  8. Re:I particularly like this bit: by teh_chrizzle · · Score: 5, Funny

    I never received a reply, and they never received my business! I'm not taking any chances with my eyes, I'll stick with glasses.

    glasses are nothing more than tiny little windows.

    --
    sarcasm:
    -noun
    1. harsh or bitter derision or irony.
  9. Microsoft's genuine disadvantage.. by bdwoolman · · Score: 5, Interesting
    When Microsoft was making its bones in the early 1980s one of their big advantages was their no-copy-protection software philosophy. Copy protection was a big swinging deal back then. Everyone had it. Software manufacturers were paranoid to a fault over piracy and user reproduction. The protection was very breakable, but ordinary users found it impossible to deal with. Lotus 1-2-3, other operating systems, they all did it. It was a mess. Backups were a nightmare, system recovery was hard.

    One company didn't do it. Microsoft got miles of cool points for making their operating system, and eventually their applications, easy to copy. There were legal barriers to reproduction but no technical barriers. People bought MS at premium prices because they could copy. System administrators knew they would have no difficulty making backups, or "educational" copies to take home to put on their systems. They also knew that things would not be difficult if they had to do a reinstallation. It was viral marketing at its most effective. The license agreement of course forbade such practices, but Microsoft winked at personal duplication. Licenses had to be bought, of course, because support was needed, especially in a large enterprise. My personal opinion is that the bugs in early iterations of Microsoft software were their insurance against wholesale ripoff. This is just a feeling.

    I thought activation was a big mistake. I actually do think it slowed the adoption of XP if you can recall back that far. However it was easy to crack so the viral thing happened. Anyway Microsoft continued to thrive. I was living in Eastern Europe at the time of XP's introduction and cracked copies were everywhere. Pirate copies of the beta were in the electronics market in the months running up to final release. I am in Western Europe now so I don't know what the Russian and Ukrainian guys have done with WGA, but I can only guess. Vista will be zooted as soon as it hits the market. The Russian and Chinese pirates will not be slowed down at all from putting cracked versions onto hardware. Legitimate customers however will have no end of headaches. It's a crying shame.

    The fact that this WGA is vulnerable to hacks is merely the bitter coating on the poison pill of this new form of copy protection, which is always a bad idea because it hurts your customers. DRM and copy protection are ideas that corporate lawyers dream up. Marketing men instinctively know they suck.

    I actually think Vista might not even fly very well. Net services are coming. Linux could be attractive to eterprise in some circumstances. And there is always Apple waiting in the wings with good stuff. Corporate prejudice against the "toy computer" might well melt now that the OS is riding on an Intel platform. And there is also the iPod effect. Nothing sells like success.

    Meanwhile, Microsoft's latest patch automatically installed itself and rebooted my computer even though I have set the update options to stop at the download. Feh! I didn't have any process running, so I skated, but that is practically a crime in my book. If Vista is going to walk all over me like that I won't want the thing. Certainly I am going to wait as long as I can before I get it. And if I can get away without getting it I won't get it.

    --
    "No fear. No envy. No meanness." Liam Clancy