Slashdot Mirror
Lawsuit Claims WGA Is Spyware
twitter writes "Windows Genuine Advantage (WGA), Microsoft's euphemistically named digital restrictions scheme, is the target of another spyware and false advertising lawsuit. 'Microsoft this week was sued in a Washington district court for allegedly violating privacy laws through Windows XP's Windows Genuine Advantage (WGA) copy protection scheme. Similar to cases filed in 2006, the new class action case accuses Microsoft of falsely representing what information WGA would send to verify the authenticity of Windows and that it would send back information [daily IP address and other details that could be used to trace information back to a home or user]. The complaint further argued that Microsoft portrayed WGA as a necessary security update rather than acknowledge its copy protection nature in the update. WGA's implementation also prevented users from purging the protection from their PCs without completely reformatting a computer's system drive.' There were at least two other lawsuits launched in 2006 over WGA. According to the Wikipedia article, none of them have been resolved. The system is built into Vista and Windows 7."
Except that MS has to hand out vouchers for more MS products, giving them an even bigger market share.
[see Sony Rootkit settlement for details]
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
The naming scheme of this add-on somehow reminds me of how certain countries like to add attributes such as "people's" and "democratic" to their official state designations...
It's not Spyware. You agreed to install it. "This agreement may be modified at any time without notice to you and you agree to be bound by its terms. Suck it. Sincerely, Your EULA." As to it phoning home every day, well duh. But what did you expect?
This is Microsoft's official position, afterall -- You're all a bunch of filthy criminals. You can't be trusted. That's why we hide everything in hidden dialog boxes and pop up a dozen warnings in order to delete Internet Explorer from the desktop. You're too stupid to even understand what "delete" means, so we're going to go out on a limb and guess you're pretty trusting of anything that says WARNING! CAUTION! ARE YOU SURE? REALLY? HONESTLY? We're not convinced. Action cancelled. Don't you want to buy an upgrade every year? We want to move to a licensing model that sends us cash yearly. Don't you want to support American business? I mean, what if the Iranians develop an operating system! When you don't install WGA, you're supporting terrorism.
To sign away your rights, click next.
#fuckbeta #iamslashdot #dicemustdie
I'll admit that I don't use Windows anymore. These days I use an iMac and a MacBook Pro for most of my desktop computing, and I almost exclusively deploy Debian on servers. That said, I've been along for the ride with respect to Microsoft products for a very long time, both as a user and an I.T. professional deploying systems on customer networks and writing I.T. policies.
Honestly, most consumers get that "deer in the headlights" look when you try to explain what WGA and similar systems actually do. In many cases, people simply don't care what's being sent to Microsoft, as there's a sense of implicit trust in large corporations. I have no idea where this trust comes from, but it's definitely real. I assume it's largely because the majority of users are largely ignorant of how their systems function, choosing to focus only on what's immediately presented by the OS (applications). There's no psychology degree on my wall, so I'm not qualified to guess further on the topic.
This continuous erosion of privacy gets noticed in the I.T. world, but the general public remains almost completely in the dark. Major media outlets don't carry headline stories about these issues, possibly because their "tech journalists" are barely more educated than their readership on these topics. I have no idea how this can be fixed, but I'd love to hear some suggestions.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
I was successfully able to remove WinXP's WGA from my system.... I installed Linux.
No more sales for Microsoft, and no more nagging from software thinking I've got a pirate copy of something just because I upgraded some hardware.
Take Nobody's Word For It.
Kill everyone and start again?
The Windows 7 drinking game so far includes:
* One shot for every "ethnic" face in an install graphic.
* An extra shot if it's pasted over the head of a white person.
* One shot for every white face pasted over the head of a non-white person.
* One shot for every program with the Office 2007 "ribbon" toolbar stuck on it completely inappropriately.
* One shot for every exciting "new" feature that's been in Mac OS and Linux for the past five years.
* An extra shot if the exciting "new" feature's been in Mac OS and Linux for the past ten years.
* One shot every time you reboot during the install.
* One shot every time the system asks to reboot just because it feels like it.
* Two shots every time it reboots even though you said "no."
* Drain the bottle if there's an actual feature that makes Windows 7 so much better than sticking with XP that you'll spend actual money to get it.
* Spitting your mouthful and cursing when Windows Genuine Advantage decides your full-price copy is actually a bootleg.
* A bitter mouthful every time the system blue-screens.
http://rocknerd.co.uk
Tell them that terrorists and pedophiles are using the information gathered, or that your browsing habits will affect this season's X Factor outcome..
Those topics usually get some attention.
Unfortunately Microsoft will probably win this because there's a difference between spyware and an abusive contract. To the best of my knowledge, abusive contracts are perfectly legal, which is why MS got over on IBM so bad. These license agreements which you click before using software have been legally upheld in court, so Microsoft may be doing something immoral, but it's still legal. The only thing that makes spyware illegal is that they bypass a contract and install without the user's permission.
I love to blame Microsoft as much as anyone here but I think this is a case where the lack of legislation is, in a legal sense, to blame. Companies have no legal obligation to behave ethically. I would love to see a law which prohibits these ridiculous lawyer-speak click-contracts. There has to be a better way to protect both the company and consumer.
It does sound as if their main case is that the WGA contract is misleading and dishonest, and if that's true, they may have a case. I wouldn't know because I've never read it and don't intend to. I don't use Windows.
"From the depths of my skeptical and rationalist soul, I ask the Lord to protect me from California touchie-feeliedom."
... but when I bought my computer, I asked for vista to be removed and the price refunded. Hoped from shop to shop until I found one that agreed (in fact I was ready for a trek, but the 3rd shop in the street was the good one). He got the deal, and I bought the refund worth of RAM to top of the computer capacity. I was pleased, and so was the seller.
My laptop is an Asus eeepc 900A linux 'edition'. Again, I carefully reviewed the options before buying.
Speak with your wallet.
WGA is like a body cavity search, but without the rubber glove
I don't mind that my car has a license plate. I don't even mind having to register with the authorities or prove that the car is indeed my own. What really pisses me off is the cameras and systems that track where I'm going by using the information on that license plate, and tying it to my behaviour patterns.
I'm not a law breaker and I'm not paranoid*, I just don't want my behaviour modified by stealthy incursions into my privacy that could result in profiling and ultimately curtailing my choices in where I go, what I see and what I do. WGA is, I believe, just part of a trend that increasingly encourages powerful public institutions to think of people as objects, as statistics, and the effect of treating people as objects is the source of pretty much all I consider crime in the world.
(*I walked by a construction site the other day and the roofer told me that I wasn't paranoid - in morse code. Clever, aren't they?)
Do not mock my vision of impractical footwear
Following that logic, every issue that's not the most important issue is a non-issue. This way of thinking lets corporations chip away at our privacy "because those other guys are doing something worse", until there's nothing left to chip away.
I'd rather you rationally disagree than irrationally agree.
Look in your pocket... I'm betting you have a cell phone.
Nope, I just checked all my pockets, no phone there. You lose.
Your phone connects to a tower to "talk" - they know which numbers are connected to what towers at any time of the day.
A connection to a cell tower is required for a cell-phone to work. Sending random data back to Microsoft is not required for Windows to work. See the difference?
So if my accountant holds up a liquor store, can I keep him out of jail because I can't do my taxes without him?
If Microsoft is too big to fail, the answer is to cut it up until the pieces are small enough.
Legit users, of course, don't have to worry because Windows will never stop working for them (there are some exceptions, but those are typically solved quickly)
I bet you also believe that 'if you have nothing to hide, you have nothing to fear', right?
I don't give a flying monkey crap about Microsoft's profits; I care about my software randomly not working because some crappy 'validation' software decides that I'm a criminal. More than that, I care about the whole concept of being treated as a criminal until proven innocent by a company that I've paid money to for the product I'm using.
You may be happy to bend over for big corporate profits, but I'm increasingly fed up with this crap -- not just from Microsoft but from other companies who decide to prevent software I've purchased from running until I beg them to fix their god-damn piece of crap 'validation'/'activation'/DRM bullshit -- to the extent that I'm now doing my best to completely eliminate Windows and commercial software which contains this kind of shit from my home.
I can't stand WGA. I have a single WinXP system that I have set up for family to use when they come over because I use Linux and they aren't familiar with the OS. It seems like that every single time that I turn the system on WGA is downloading once again either on its own or with other Windows Updates. It is WGA because any time that I let it install it pops up with the window to let it install, and the rest of the updates won't continue until you hit that finish button.
Can't tell you how many times I accidentally left the "Tell me how WGA enhances my system" button checked, and I love the answer. To paraphrase, "WGA reports back to MS to make sure that your copy isn't pirated." How many times does WGA need to report back, seriously? Like I said, it seriously runs about once a month on this system, not that it is run that often anyway. Shouldn't there be something resident that once WGA checks and confirms authenticity it will remember it.
This is one of the main reasons that I switched to Linux, I haven't had to put of with this garbage in years. No viruses, no spyware, no WGA, no DRM, no hardware lock-in, none of that stuff that is a pain with Windows and Macs.
ReactOS is still being developed. Some day (maybe in five years) it will reach the golden 1.0 standard. It should replace Windows XP and then we can forget about those WGA updates.
WGA has too many false positives and can ruin wallpaper settings (turning the screen to black) and do other annoying things. Plus I keep seeing it installed even if updates are turned off. Currently my system is genuine but if a Firewall software blocks Internet access it thinks it is not genuine. Until I allow the firewall and then hit validate, then everything is OK.
I doubt a majority of Windows users will migrate towards Vista or Windows 7 because of legacy software issues and legacy hardware that cannot run Vista or 7. ReactOS will fill that hole quite nicely when it is done with Windows XP compatibility and no WGA gotchas.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
I know of great place to get the latest version of Oracle Enterprise addition for any platform, no license keys, no activation required, no trial periods, no protection at all. Just download it for your favorite platform and install it.
technet.oracle.com
Last time I checked, Oracle is pretty profitable, even though they have no copy protection of any kind. Apparently, the ACTUALLY trust their customers somewhat which puts them in a pretty rare class these days.
Microsoft is only shooting themselves in the foot:
"Be grateful for what you have. You may never know when you may lose it."
Palm hacked USB vendor code which is against the rules you agree to when you use USB. Apple patched it. It is insane that Apple is painted as the bad guy on this one. They deserve plenty of hate for their BS AppStore rules, and overpriced HW, but fixing an exploit that hacks the USB protocol is not one of them.
According to the WGA FAQ [microsoft.com]
That was an interesting FAQ. I especially like this part:
Q: What happens when WGA Notifications communicates with Microsoft when a PC is booted up? A: The pilot version of this software periodically contacts Microsoft after validation; however, this feature has been removed from the final version of WGA Notifications.
That seems to contradict your statement:
So why is "phoning home" okay? Why not do it once and be done with it? ... Either way, Microsoft has not kept this a secret, and even promised to reduce checking to once every two weeks [zdnet.com]
If WGA does send information to Microsoft, even if it is only every two weeks, and their FAQ specifically says they do not, I'd say that is the very definition of spyware.
Of cource, Microsoft has their own definition of spyware:
Q: Some people are saying that WGA is spyware. Is this true? A: Broadly speaking, spyware is deceptive software that is installed on a userâ(TM)s computer without the user's consent and has some malicious purpose. WGA is installed with the consent of the user and seeks only to notify the user if a proper license is not in place. If the user declines the EULA, WGA Notifications will not be installed on userâ(TM)s machine. Once installed, WGA Notifications becomes a permanent part of Windows XP software, and therefore cannot be uninstalled.
Let's see: spyware is deceptive software (check), installed on a userâ(TM)s computer without the userâ(TM)s consent (debatable, it is installed as a critical update via automatic updates. Microsoft strongly encourages the use of automatic updates to keep your system secure. If this were an optional update, I might buy that it is opt-in. Microsoft then tells you that the system will be crippled in small ways if you don't install it. There is no option to opt-out. Technically, it is opt-in, but only technically.) , and has some malicious purpose. (Depends on what you consider malicious. From Microsoft's point of view, it is not malicious. However, I'm sure that most spyware authors do not consider their software malicious.)
Request a Linux Shockwave player here: http://www.macromedia.com/support/email/wishform/
From the summary: WGA's implementation also prevented users from purging the protection from their PCs without completely reformatting a computer's system drive.
.bat extension. Make it something like, oh, I don't know, "wganuke.bat."
/d everyone /d everyone /d everyone
This line is so stupid that it hurts, because it makes the assumption that WGA is somehow going to vanish in a puff of smoke if you'll just nuke from orbit and start over. These people should just do the following, if WGA offends them so badly:
1. Make a text file, but give it a
2. Paste the following into your new text file:
echo Y > cacls wgatray.exe
echo Y > cacls wgalogon.dll
echo Y > cacls legitcheckcontrol.dll
3. Save.
4. Double-click on the icon for your new text file.
5. No more WGA (Sorry, no PROFIT! jokes here). Updating also works like a charm. The above was tested on XP SP3, but I have no reason to believe that it wouldn't work on Vista or Win7.
Every time I've rebuilt someone's machine(usually a few upgrades as well), I read the S/N off the sticker on the side and plug it on in. Come time to finally log in, activate, fail, you have to call MS, read off some ridiculously long number, convince them that you are indeed installing it on the same computer you purchased it for, then input an even longer number (for the love of god, don't get one digit wrong..). I have wasted many hours of my life doing pointless activations, where as applying a WGA patch can be done in a minute.
Path of least resistance will win time and time again, which for me is Ubuntu/Arch/Debian/Suse/CentOS etc.
# cat
Damn, my RAM is full of cats. MEOW!!
I don't get this, don't u just go download FixWGA from the nearest torrent site, and then be done with it? Honestly - frivolous lawsuit!
I think therefore I can't be ~TTNH