WGA now compulsory for getting Windows updates ???

[Homer J. Simpson]

Yes, WGA (KB892130) calls home everytime you connect to the internet

Are you sure about that and, if so, how did you determine this?

I wanna know too. I read the KB article
(http://support.microsoft.com/default.aspx?scid=kb;en-us;892130), and I see
nothing there that suggests it "calls home everytime you connect to the
internet". Every time to go to Windows Update, maybe (big f'n deal), but
that's not quite the same as "everytime you connect to the internet".

Dave--which paragraph are you talking about?

 

[Ytrx]

Have MS now made installation of WGA compulsory, if you want to use the
Windows Update web site?

I just tried the update site and got the following message.

(Oh, and yes, my copy of XP is 100% legal. I just previously declined to
install all the WGA stuff)

------------
Software Upgrade for Some Windows Components Required

To use Microsoft Update, you must first install the latest version of
some Windows components. This will allow your computer to work with these
new features on the site:

Details

Windows Genuine Advantage Validation Tool (KB892130)
1.1 MB , less than 1 minute
The Windows Genuine Advantage Validation Tool enables you to verify that
your copy of Microsoft Windows is genuine. The tool validates your
Windows installation by checking Windows Product Identification and
Product Activation status.
---------

Then they tell you that validation is not required if you use
automatic updates. Gee, I wonder why they'd like to railroad
you into using that option!

I'm sticking with manual updates.

=Ytrx=

 

[C.Joseph Drayton]

Consider the sheer number of Windows XP that has been sold and that
there are not enough key digits in the generated ProductID to identify
each installation discretely, the answer is that MS is unable to keep
the validation information beyond a set time frame. This time frame
seems to be 120 days, which corresponds to all of the combinations of
the key digits in the ProductID that is used for activation/validation,
even allowing for a Product Key/ProductID resultant to be used several
times, beyond which even legitimate Product Keys are improperly identifed
as invalid. You paid for your XP Pro and the lottery says that you need
to pay for more.

Hi Ghostrider,

I would have to disagree with you. If when you are
activated, the WGA application generated a second number
based on the hardware descriptors of that machine and then
using a 'hash' created a binary file that was 1KB or less,
they could then simply save that 1KB file to your hard disk.
When you need to download something from them, the Windows
would then just check that the license key and hardware
values matched what is in the key file. If they match, then
let the person download. If they don't, then go through the
entire validation process.

Microsoft could store a copy of your 'key file' on their
server. On an 80GB hard disk, they could store 20,000,000 of
those 'key files'.

It would save a considerable amount of time for the user,
and would be far less intrusive.

Personally, I don't download all updates since quite a few
have been problematic. When I do finish downloading the
updates that are safe and that I do need, I then turn around
and uninstall WGA completely.

Ciao . . . C.Joseph

"A promise is nothing more than an attempt,
to respond to an unreasonable request."

 

[Phisherman]

-
Are you sure that MS didn't "sneak" WGA in, unbeknownst to you?
-
Doug W.
-

Of course not. Only Bill knows for sure.

 

[Ghostrider]

Ghostrider wrote:



Hi Ghostrider,

I would have to disagree with you. If when you are activated, the WGA
application generated a second number based on the hardware descriptors
of that machine and then using a 'hash' created a binary file that was
1KB or less, they could then simply save that 1KB file to your hard
disk. When you need to download something from them, the Windows would
then just check that the license key and hardware values matched what is
in the key file. If they match, then let the person download. If they
don't, then go through the entire validation process.

Microsoft could store a copy of your 'key file' on their server. On an
80GB hard disk, they could store 20,000,000 of those 'key files'.

It would save a considerable amount of time for the user, and would be
far less intrusive.

Personally, I don't download all updates since quite a few have been
problematic. When I do finish downloading the updates that are safe and
that I do need, I then turn around and uninstall WGA completely.

Ciao . . . C.Joseph

"A promise is nothing more than an attempt,
to respond to an unreasonable request."

I am sure that everybody else under the sun has come up with a better way
of doing things than the Microsoft way of WPA and, perhaps, in many ways
they are also better. I have always been a firm believer that the Pentium
Serial Number, PSN, had to play a major role since it is a discrete, 96-bit
number. But there are others who felt that it might be too identifying when
combined with other factors that can be taken off a computer...and they are
also correct. I can only presume that the "hash" count is the substitute for
the 96-bit PSN.

As for putting a discrete number and key in the hard drive, remember that
the hard drive can be cloned. Microsoft did consider this possibility and
nixed it as a way of confirming ownership, licensing and validation. That is,
the hard drive with a cloned copy of XP cannot be differentiated from one
with the original installation unless there was a way of determining the
difference, such as by a hard drive serial number.

From what we know and can piece together, Microsoft had made a commitment
to real-time product activation by the time of Intel's PSN, and this was
first introduced in Office 2000, and then quickly withdrawn when PSN was
supposedly abandoned by Intel (or blocked by users). Based on the manual
re-assertion of validity of genuineness on false positives detected under
WGA, it was [accidentally?] revealed that there were only 7 digits of the
resulting ProductID (generated by an algorithm involving the Product Key
and "hash") that are actually used determining a valid activation. And only
1/9 of the sum of these 7 digits confirms a valid or invalid copy of XP.

So, welcome to the lottery. There are some statisticians who feel that the
number of validating ID's might allow for 100 machines or re-activations
per real product key within each 120-day block. At the same time, it should
catch 8/9ths of all bogus or incorrect product keys.

But agreed, what a waste of time.

 

[Alias]

Custom install on the WU web site or custom install using Automatic


Like this Alias
They are not calling it a critical/security update - this time it is 'some?
software upgrade for some? windows components required.
It will help to get more updates?
Faster updates?
Easier navigation?
Nearly fooled me
MS cannot be upfront re WGA - they are always disguising it as something
else.
It matters not if you go via Win Updates or MS Updates - you get the same
blackmail letter - if you don't install this you don't get any more updates,
critical, security or others.
Rgds Antioch
PS
Hows your Linux - has the doctor found a cure yet


Software Upgrade for Some Windows Components Required

To use Microsoft Update, you must first install the latest version of some
Windows components. This will allow your computer to work with these new
features on the site:


a.. More updates: Get updates for Windows and for popular Microsoft
programs such as Microsoft Office in one place.
b.. Faster updates: The latest Windows Installer (MSI) improves the way
updates are installed, delivering updates in the smallest possible packages
in the shortest amount of time.
c.. Easier navigation: Now you can find updates by priority or by
product while helpful links and important messages help ensure you are
installing all high-priority updates for your computer.

Details

Windows Genuine Advantage Validation Tool (KB892130)
0 KB , 0 minutes (Downloaded; ready to install)
The Windows Genuine Advantage Validation Tool enables you to verify that
your copy of Microsoft Windows is genuine. The tool validates your Windows
installation by checking Windows Product Identification and Product
Activation status.


Total: 0 KB , 0 minutes (Downloaded; ready to install)


Download and Install Now

You got this through Auto Updates?

Alias

 

[C.Joseph Drayton]

Ghostrider wrote:


Hi Ghostrider,

I would have to disagree with you. If when you are activated, the WGA
application generated a second number based on the hardware descriptors
of that machine and then using a 'hash' created a binary file that was
1KB or less, they could then simply save that 1KB file to your hard
disk. When you need to download something from them, the Windows would
then just check that the license key and hardware values matched what is
in the key file. If they match, then let the person download. If they
don't, then go through the entire validation process.

Microsoft could store a copy of your 'key file' on their server. On an
80GB hard disk, they could store 20,000,000 of those 'key files'.

It would save a considerable amount of time for the user, and would be
far less intrusive.

Personally, I don't download all updates since quite a few have been
problematic. When I do finish downloading the updates that are safe and
that I do need, I then turn around and uninstall WGA completely.

Ciao . . . C.Joseph

"A promise is nothing more than an attempt,
to respond to an unreasonable request."

I am sure that everybody else under the sun has come up with a better way
of doing things than the Microsoft way of WPA and, perhaps, in many ways
they are also better. I have always been a firm believer that the Pentium
Serial Number, PSN, had to play a major role since it is a discrete, 96-bit
number. But there are others who felt that it might be too identifying when
combined with other factors that can be taken off a computer...and they are
also correct. I can only presume that the "hash" count is the substitute for
the 96-bit PSN.

As for putting a discrete number and key in the hard drive, remember that
the hard drive can be cloned. Microsoft did consider this possibility and
nixed it as a way of confirming ownership, licensing and validation. That is,
the hard drive with a cloned copy of XP cannot be differentiated from one
with the original installation unless there was a way of determining the
difference, such as by a hard drive serial number.

From what we know and can piece together, Microsoft had made a commitment
to real-time product activation by the time of Intel's PSN, and this was
first introduced in Office 2000, and then quickly withdrawn when PSN was
supposedly abandoned by Intel (or blocked by users). Based on the manual
re-assertion of validity of genuineness on false positives detected under
WGA, it was [accidentally?] revealed that there were only 7 digits of the
resulting ProductID (generated by an algorithm involving the Product Key
and "hash") that are actually used determining a valid activation. And only
1/9 of the sum of these 7 digits confirms a valid or invalid copy of XP.

So, welcome to the lottery. There are some statisticians who feel that the
number of validating ID's might allow for 100 machines or re-activations
per real product key within each 120-day block. At the same time, it should
catch 8/9ths of all bogus or incorrect product keys.

But agreed, what a waste of time.

Hi Ghostrider,

If the hard disk were cloned, when windows checked the
physical hardware against the hashed 'key file', it would
come up with a different number since the hard disk is
different.

The plan I outlined allows a secure 'key file' to be created
without violating the users privacy or being intrusive.

Ciao . . . C.Joseph

"A promise is nothing more than an attempt,
to respond to an unreasonable request."

 

[antioch]

You got this through Auto Updates?

Alias

Hi Alias
You surely have not been on that other OS long enough to forget how to get
updates via 'Microsoft Update Home'

Its on this link

http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

Rgds
Antioch

 

[Alias]

Hi Alias
You surely have not been on that other OS long enough to forget how to get
updates via 'Microsoft Update Home'

No, regrettably, I still use XP on two computers

Its on this link

http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

Rgds
Antioch

Oh, OK. Good.

Alias

 

[Frank\(FL\)]

Most people are honest. Proof of this are the billions that MS made
off of Win 3.0 up through Win Me. Now they're getting greedy and
showing complete disdain for their paying customers. This cannot bode
well for MS.
Alias

You said a key word to this whole WGA thing ***GREED***.
IBM mass produced the first personal computers. They made
their profits and moved on. Microsoft has no where to move on
to, except to milk the consumer for more and more money, for
a shoddy product.

 

[Alias]

You said a key word to this whole WGA thing ***GREED***.
IBM mass produced the first personal computers. They made
their profits and moved on. Microsoft has no where to move on
to, except to milk the consumer for more and more money, for
a shoddy product.

Not only are most customers honest, they aren't stupid. I would have
never, ever, even considered Linux if it weren't for MS' greedy WPA,
WGA/N, WGA/T, etc.

Alias

 

[Doug]

Not only are most customers honest, they aren't stupid. I
would have never, ever, even considered Linux if it weren't
for MS' greedy WPA, WGA/N, WGA/T, etc.

Alias

-
If you LOVE Linux so well, why are you always giving advice
about how to or how not to use MS Windows? Apparently you are
using both systems...but MS Windows is your favorite to kick
around.
-
Doug W.
-

 

[Alias]

-
If you LOVE Linux so well, why are you always giving advice about how to
or how not to use MS Windows? Apparently you are using both
systems...but MS Windows is your favorite to kick around.
-
Doug W.
-

I'll think you'll notice that I only kick around some things about
Windows such as WPA, WGA, DRM, etc. I never said I love Linux and I
don't know enough about it to kick any of it around yet ;-)

Alias