Shenan said:Agreed - somewhat.
The wording makes it incorrect.
Perspective or not - every website/email server/ISP/etc has some
information that can be used to get back to the user in some fashion
and possibly - identify said user. In some cases - it can be made
more difficult, etc - but if you have an IP address - you can usually
trace it back to some place - and with the right access - trace it all
the way back to the
user.
NoStop said:Vulnerability???? Show me one Linux box that has suffered in anyway
from this "vulnerability". Windoze boxes are crashing constantly due
to vulnerabilities. Linux boxes ... haven't heard of one yet. So, cut
the crap. Trying to makeup things doesn't make it in the real world.
Robert said:Every time you download Linux, the people supplying it know your IP address.
It's not the
same as what ms is doing with WGA. What if the user does not want ms to
have their IP? In order to find out what information WGA sends to ms
you need to go to their website, where they get your IP anyway. All
this just to find out what info it sends. What a crock of shite!
The only information collected in the validation
process is:
* Windows product key
* PC manufacturer
* Operating System version
* PID/SID
* BIOS information (make, version, date)
* BIOS MD5 Checksum
* User locale (language setting for displaying Windows)
* System locale (language version of the operating system)
* Office product key (if validating Office)
* Hard drive serial number
That's actually a lot of information. Why does it need information
about my hardware to determine if my copy of Windows is genuine or
not? What does that have to do with it?
Leythos said:If you read their site where the explain how WGA works, you would know
that they save this information so that they can tell if your key is
being installed on a bunch of computers in order to invalidate them. So,
if you are the first to validate a key against the hardware specifics,
it would be used to invalidate the same key against some unknown number
of other configurations. At least that's my take on what they describe.
So, it means that your key won't be stolen and used by pirates and then
cause your own key to be invalidated on your hardware.
This happened in the MS Universal products a year ago or so, they found
that a group of MSDN keys were being used all over the place and they
invalidated them without notifying the real key owners - but they re-
issued new keys when asked....
Alias said:Again, they should go after the people who steal the keys not force the
customer to play cops and robbers in their game with the crackers. And
what's to say that replacing a failed hard drive or flashing the BIOS
wouldn't trigger a message every time you reboot that you have a
counterfeit copy of XP? Has anyone tried that yet?
Also, what is PID/SID?
Alias
Jeff said:PID=Product id SID=Security ID
Alias said:Those being unique to the Product Key version of the XP I have running?
Alias
jeffwhat44 said:ok smarty-sid Does stand for Security id- which I stated.
If you read their site where the explain how WGA works, you would know
that they save this information so that they can tell if your key is
being installed on a bunch of computers in order to invalidate them.
Okay, I give up. What's the URL for that site? I've googled it and
also tried searching within Microsoft's web site but can't locate it.
All I can find is a page regarding the information they collect.
I'm sorry, but all I remember is that it was something to do with the
advantages of installing WGA.
If that's the best you can present by idea of rebuttal then you obviously
haven't got anything worth listening to.
Incidentally, if you think that _was_ any kind of rebuttal, you've failed
to understand the article.
Leythos said:Sheesh, you had to validate windows to start with, so they know your
IP at that time, you had to have automatic updates enabled or you
manually downloaded them in order to get WGA, so they know your IP
every time you get updates, etc....
You are tracked by your ISP and by web hosting companies by your IP,
you are tracked by your bank and phone company, by your credit card
company that then provide the info to it's sub partners....
If you are really "Paraniod" about WGA, you've lost it completely.
I dare to say that the vast majority of Windows Users didn't have to
Validation until long after the purchase of XP. Hell, SP2's EULA
doesn't even mention Validation (WGA).
It wasn't until after the majority of computer users had switched to XP,
that MS inflicted WGA malware on its paying customers.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.