Window Genuine Notification when its a new computer

[Stephan Rose]

That was funny, while reading your response I was thinking, "damn, what a
mess."

That certainly clears things up. City regulation? Totally nuts!

Haha oh yea! =)

--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

[cquirke (MVP Windows shell/user)]

"Alias" <aka@masked&anonymous.cl> wrote in message

Everything contained within Vista is the OEMs responsibility.

Now this is a very interesting assertion.

As an OEM (system builder), I'm happy to support the systems I sell,
OS included. But I can't see how I can be resposible for code that
did not exist when I built and supplied the PC, that MS subsequently
creates and rams into the system via Automatic Update.

In fact, the assertion that "it's OEM, therefore MS won't help you" is
not 100% correct, because AFAIK MS will indeed assist with certain
types of problems, such as security, malware, update issues, or where
you call them purely to obtain a documented hotfix.

Fact:

1. Bring your computer home and turn it on
2. Never hook it up to the internet
3. Your machine is activated and recognized as genuine
4. Some how get a NVIDIA driver on your machine and install that driver
5. BAM! You are no longer genuine

We need more detail on how Vista's activation system works, to match
what we know about Windows XP's activation triggers.

In the case of XP, a number of supposedly "hardware" items are
monitored for changes, and if "too many" of these change, then you are
declared a Bad Guy and the DoS payload hatches and begins its 24-hour
(XP Gold) or 3-day (XP SP2) countdown.

At least one of these items is not "hardware" at all; the volume
serial number, which changes after a format or conversion to NTFS.

As to the others, many can appear to change if the devices enumerate
differently (e.g. the base bus drivers change) or the firmware
changes. I've seen the latter in two cases; a set of Intel graphics
drivers that also did a graphics BIOS update on the sly, and a
firmware upgrade for an optical disk writer.

I've also seen a couple of XP SP2 systems that just spontaneously lose
component "lives" that are in fact impossible to lose, because they
are part of the motherboard that's never been changed.

The last is very interesting, and I raised it at a large MS event with
both MVPs and MSFT folks involved with such things. To this day, we
don't seem to know what the problem cause or mechanism was.

Just because an app accesses the internet, that does NOT make it spyware. I
have plenty of apps that phone home for updates, that does NOT make them
spyware.

Anything that silently "calls home" is suspect - including your
example of legitimate software that calls home for "updates".

SPYWARE:
Definition: any software that covertly gathers information about a user
while he/she navigates the Internet and transmits the information to an
individual or company that uses it for marketing or other purposes

The trouble is, folks use the word "spyware" to refer to any
commercial malware. Right now, commercial malware is more likely to
ram ads down your throat, re-direct banner ad commissions, or force
their own links into web text you browse, or force its own pages into
your "home" or "search" contexts.

Info collection's a sideline at best.

OTOH, "traditional" malware (i.e. malware that does not pretend to be
legitimate) is more likely to "spy" on you, i.e. log your keystrokes,
steal your passwords, etc. and send them on.

So I prefer to speak of commercial and traditional malware, but even
there, the line is getting blurry, as many commercial-looking malware
are as aggressive as traditional malware, and only appear to have an
identifiable origin that is usually out of jurisdiction or
non-existent. The lines get blurrier still, where malware drops and
automates legit software such as MIRC to avoid detection.

1. There is nothing covert about WGA.

Do you trust its mechanisms to be well-documented?

2. WGA DOES NOT gather web browsing data about the user.

Prolly true.

3. MS does not use WGA for marketing.

Possbly false - seen that "spam me about the advantages of Genuine
Advantage" checkbox yet?

Unless you can disprove "ALL" of those then by definition alone WGA is NOT
spyware. You can NOT change the dictionary to suit your needs.

I wouldn't call it spyware, just as I wouldn't call all manner of
other commercial malware "spyware" either.

Is something that changes your home page and adds fake links to other
site's web papges "spyware"? Nope.

Is a vandor's "repo man" bot that will DoS you if it "thinks" you're
"not genuine" "spyware"? Nope.

Do I want either? Nope.

------------------ ----- ---- --- -- - - - -

The rights you save may be your own

 

[cquirke (MVP Windows shell/user)]

Fact:

1. Bring your computer home and turn it on
2. Never hook it up to the internet
3. Your machine is activated and recognized as genuine
4. Some how get a NVIDIA driver on your machine and install that driver
5. BAM! You are no longer genuine

Now, explain to us how WGA got on that machine if it's some extra install
from MS?

Not all MS ?covert anti-piracy subsystems "WGA".


There's the "product activation" system that has built into the OS
since XP. This contains the DoS payload, as well as the logic that
holds this payload in abayance (or not).

Product Activation may use one of two models. The big "royalty" OEMs
use a model that binds the license to a particular BIOS brand, so that
the payload is triggered if the BIOS is seen as a different brand (or
model?). This suits OEMs as it locks them into the brand, and it
suits MS as it prevents license creep across large numbers of
identical-hardware within a single large OEM model.

For the rest of us, the model is one that tracks component changes,
and presumably this is what triggered the payload in your case. We
know what componentes are tracked in XP, as well as what the
threshollds are (4 component changes, with LAN card weighted as three
"lives", counters cleared after 3 months with no changes).

We have heard that Vista is more trigger-happy than XP, suggesting
that even one component change is enough to trip the wire and blow you
up. Your case suggests that "changing" the display adapter is enough;
I've also heard of cases where plugging in the S-ATA HD to a different
socket on the same controller is enough.

Frankly, we need more info on this, and I'd take a lack of such info
as a clear indication of malware status. With XP, we had
Licenturion's tool to monitor component "lives", so we'd know whether
(say) changing a HD would incur "too many" changes and trigger a DoS
payload. But with Vista, we're left flying blind.

As an OEM, I need to know whether a user's request to (say) change a
HD or graphic card is going to be a quick job or a product activation
melt-down. I don't mind doing MS's work to support the OS - but give
me the tools to do the job, please!


Then there's Windows Genuine Advantage, and Windows Genuine Advantage
Notifications. The aim of these two related technologies is to chase
after stolen VLKs (Volume License Keys) that are not limited by
Product Activation. Think of it as a DRM revocation facility.

As new VLKs appear in the wild, so a WGA update will test your system
to determine if you are using one of these, and (at present) hatch a
milder DoS payload if so (nags that you're no "genuine", and blocking
of access to some otherwise-free downloads).

WGA updates may also test the system for other workarounds or "cracks"
for Product Activation etc. and react adversely to those. Or this
functionality may appear within the Malicious Software Removal Tool,
or as part of Defender's malware detection signature updates.

The last two aren't all that strange, as several antivirus scanners
already list and disable various key generators, cracks and hacks that
users may use to evade license strictures, putting the corporate
owners of the PC at risk from vendor litigation.


All of the above section is presumptive guesswork on my part. So if
anyone has docmentation, please wave it in replies to this post?

-------------------- ----- ---- --- -- - - - -

Tip Of The Day:
To disable the 'Tip of the Day' feature...

 

[cquirke (MVP Windows shell/user)]

On Sat, 17 Mar 2007 14:40:14 +0100, Alias

WGA is NOT a part of Vista (it's called SPP) and, yes, there is a kill
switch. Read this and weep:

http://blogs.zdnet.com/Bott/?p=148

See http://blogs.zdnet.com/Bott/?p=142 where it says:

According to our analysis, 42% of the people who experienced problems
with WGA and reported those problems to Microsoft's public forums during
that period were actually running Genuine Microsoft WAccording to our
analysis, 42% of the people who experienced problems with WGA and
reported those problems to Microsoft's public forums during that period
were actually running Genuine Microsoft Windows.That's not just our
opinion, either. Those statistics were reported by the Redmond-approved
Microsoft Genuine Advantage Diagnostic utility.

Oops. 42% is a lot, Justin.

It is. It's from 2 weeks in August 2006, and the one Q I'd want to
ask is whether these were XP users, Vista beta users, or both.

I'm also going to wave those links in a private elist for comment, and
if anything solid comes out of that, I'll post back.

--------------- ---- --- -- - - - -

Saws are too hard to use.
Be easier to use!

 

[Guest]

Fair enough. It's not going to be for everyone. However, this usually
makes people wonder about your (not you specifically but people that think
like this) intentions. I don't care if MS downloaded the entire WMI library
of your computer. Who cares? Nothing about that data is personal. They
can find out the same info by looking up your model. There is nothing
secret about your hardware.

It always comes down to the same two things:

1. WGA only affects thieves.
2. Unfortunately a small percentage of people are inconvenienced with a
PHONE CALL.


Ok, fair enough. I couldn't remember one way or another.


No dude. The OEM version is pennies on the dollar. What do you expect? To
pay LESS and receive the same amount of service? Like I said, it's cheaper
for a reason. If OEMs want to pass back SERVICE to MS then they need to put
full retail versions on their machines. Which is an option. But gee, there
prices will sky rocket.


MS can not shut your computer down. Your computer tells you that you MIGHT
NOT be genuine. I've had to get a few companies "legal" with XP. It was no
big deal. They got screwed either knowingly or not. I didn't care. Now
they're legal.


Not covert. "concealed; secret; disguised." If you KNOW about it then how
is it covert?


Yes it is. Since when is theft a good thing? High priority to MS, no one
said they were high priority to the user.



Again, so? You could list the same data right here for the WORLD to know.
Who would care? What would it mater?



At least that would be the correct term. However, do you SERIOUSLY believe
that MS's intent is to "inconvenience paying customers?" Come on....
Again, that % is so low it's moot. Obviously not moot to those users
however I don't care where you live, odds are, TRAFFIC inconvenience you
more then having to pick up your phone.


Sure. That's your opinion. However, expect this:

1. The majority to disagree. (it goes both ways)
2. People will expect you to not purposely use malware. So they're going to
question your use of XP.

Personally, I LOVE WGA. Why?

1. It's never affected any of my machines. All my peers concur and that
totals thousands of machines.
2. When a small mom and pop shop calls because of the WGA message I get to
CHARGE people to BUY XP from me legally.