Windows Genuine Advantage

From Wikipedia, the free encyclopedia

Windows Genuine Advantage
Image:WGA Logo.png

Developer: Microsoft
Latest release: 1.5.716.0 / November 1, 2006
OS: Windows XP series
Windows Vista
Platform: Microsoft Update, Windows Update, selected components in Microsoft Download Center
Use: Software validation
License: Proprietary
Website: www.microsoft.com/genuine/

Windows Genuine Advantage (WGA) is an anti-piracy program initiated by Microsoft that requires users of Microsoft Windows to validate the authenticity of their copy of several recent Microsoft operating systems when accessing several Microsoft Windows services, such as Windows Update, and downloading from the Microsoft Download Center. Previously voluntary, it became mandatory for use of these services in July, 2005. Users who have automatic updates set to "Notify" and do not put a checkmark next to the WGA download, are not affected.

Contents

[edit] WGA Software

[edit] Windows Genuine Advantage Validation Tool

When a user installs WGA, an Internet Explorer add-on is added entitled "Windows Genuine Advantage". In early releases, this could be readily disabled with the IE Add-on Management feature. A Windows Group Policy was added by later updates, causing this option to be unavailable by default - but still accessible if the policy were removed. As of July 2006, the latest update blocks management by some other means, possibly hard-coding WGA as an exception in the Add-on Manager.

The program uses either a stand-alone program to generate a key or an ActiveX control to discover if the license key is valid. If WGA determines that a user's copy of Windows is unauthorized, and the CD appeared genuine (including the holographic emblem present on real copies of Windows), then Microsoft will supply the user with a new CD. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows, but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as on the Microsoft Download Center. The company does plan to make installation of WGA a requirement for use of Automatic Updates in part to be sure that customers who use support resources of the company are aware when their software is unlicensed or counterfeit. Although installation of WGA will be required for use of Automatic Updates, all systems including those that fail to pass validation will receive critical security updates.

[edit] Windows Genuine Advantage Notifications

Beginning April 25, 2006, Microsoft began distributing Windows Genuine Advantage Notifications[1] as "critical update" KB905474 to millions of Windows users. Users with pirated copies were exposed to alerts[2] at startup, login and during use of the Windows OS stating that they do not have a genuine copy of Windows. Users with legitimate copies are not supposed to see the alerts (although some with legitimate copies have received the alerts). On May 23, 2006, Microsoft updated the program, closing some forms of circumvention, but reportedly not all.[3] It was updated again on May 30, June 6, and June 27, 2006 though some forms of circumvention are still usable. The latest versions do not roll out world wide at the same time - the dates given are the earliest dates on which the versions appeared, so the actual version being offered in some places will be an earlier version than the latest release. It is still possible to opt-out of receiving this update using the "do not show" option at the Windows update site.

[edit] Windows Genuine Advantage Validation Library

Microsoft includes the Windows Genuine Advantage Validation Library in several products like Windows Defender, Internet Explorer 7 and Windows Media Player 11 to validate about the Windows installation.

Microsoft has also launched the Office Genuine Advantage program, which validates installations of Microsoft Office.

[edit] Circumvention and DMCA

In the US, the Digital Millennium Copyright Act criminalizes production and dissemination of technology that can circumvent measures taken to protect copyright, not merely infringement of copyright itself, and heightens the penalties for copyright infringement on the Internet.

In September, 2005, Microsoft filed lawsuits against a number of companies that sold unauthorized copies of software to unsuspecting consumers. The cases are important because the leads came from customers who learned they had counterfeit software via the Windows Genuine Advantage program.[4]

On November 16, 2005, Microsoft released a standard Netscape WGA plug-in to complete the Windows validation process from Mozilla Firefox and other non-Microsoft browsers - although it does not use the Firefox extensions system, and thus is not supported by the latest version of the browser. Another workaround was released on December 25, 2005 to bypass WGA authentication by using a valid hash generated by a remote system. Microsoft responded with a cease and desist letter to the website host, and the workaround was taken down on January 6, 2006. Many people continue to validate on the Microsoft website from a public computer using a genuine copy of Windows, then write down the hash and continue to use it at home or work. As of July, 2006, Microsoft has not devised a way to prevent this method of circumvention. On May 4, 2006 Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicagoland resellers Nathan Ballog and Easy Computers.[5]

Various workarounds to get past WGA authentication have been released on the Internet. Before Microsoft issued official instructions on removing the WGA Notifier (a desktop application which resides in the system tray and periodically displays messages, reminding users to authenticate their operating system), users simply had to remove 2 files in order to rid their system of the software.

In mid-September 2006, reports started appearing on the Internet of a newer version with the number 1.5.708.0. However, some comments suggest that this may be a version under development which has accidentally been released somewhere.

In September, 2006, Microsoft dropped various required validations on programs such as ActiveSync.

[edit] WGA Notifications and Firewalls

Some personal firewalls, though not the basic one in Windows, may alert on the method by which wgatray.exe is started, in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems. Removing the reference to WGALOGON.DLL using HijackThis appears to effectively de-install this update, to the point where it will be offered again if it has not been marked "do not show".

A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.[6]

[edit] Data collected

When the WGA checks your system to see if it's genuine or not, it checks the following:[7] [8],

  • BIOS MD5 Checksum.
  • MAC address.
  • Hard drive serial number.
  • Language version of the operating system.
  • Operating system version.
  • PC BIOS information (make, version, date).
  • PC manufacturer.
  • User locale setting.
  • Validation and installation results.
  • Windows or Office product key.
  • Windows XP product ID.

[edit] Spyware accusations

The notification tool has been accused of spyware-like behaviour, "phoning home" on a daily basis.[9][10] Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware.[11][12] Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day.[13] Microsoft has also provided removal instructions for the pilot version of WGA.[14]

Despite this, Microsoft is currently being sued under anti-spyware statutes over WGA's non-disclosed "phone home" behavior.[15] The outcome of the lawsuit has not been determined.

[edit] False Positives

The WGA program does produce false positives (incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons. Microsoft has established a forum to help users encountering problems[16].

[edit] References

  1. ^ Microsoft.com - Description of the Windows Genuine Advantage Notifications application, retrieved June 13, 2006
  2. ^ Digital Inspiration - WGA Notifications, retrieved June 13, 2006
  3. ^ Sydney Morning Herald - Microsoft back to drawing board on piracy, retrieved June 13, 2006
  4. ^ Microsoft.com - Microsoft Files Lawsuits to Protect Consumers and Software Resellers, retrieved June 13, 2006
  5. ^ InformationWeek - Microsoft: Users may have to prove legal Windows use, retrieved June 13, 2006
  6. ^ The Register - How to stop Microsoft's WGA phoning home
  7. ^ Microsoft WGA FAQ, retrieved October 20
  8. ^ Microsoft's Calling Home Problem: It's a Matter of Informed Consent, retrieved October 20
  9. ^ Lauren Weinstein's Blog - Windows XP update may be classified as 'spyware', retrieved June 13, 2006
  10. ^ Microsoft's antipiracy (sic) tool "phones home" daily, retrieved June 13, 2006
  11. ^ Ars Technica - Microsoft admits Windows Genuine Advantage phones home, retrieved June 13, 2006
  12. ^ Lauren Weinstein's Blog - Microsoft responds regarding Windows XP update vs Spyware, retrieved June 13, 2006
  13. ^ ZDNet - Microsoft to ease up on piracy (sic) check-ins, retrieved June 13, 2006
  14. ^ How to disable or uninstall the pilot version of Microsoft Windows Genuine Advantage Notifications. Microsoft (July 12, 2006).
  15. ^ Lawsuit calls Microsoft's anti-piracy tool spyware | Seattle Post-Intelligencer, retrieved June 29, 2006
  16. ^ Microsoft WGA Help Forum

[edit] External links

Retrieved from "http://en.wikipedia.org../../../w/i/n/Windows_Genuine_Advantage_3179.html"