Microsoft Misrepresenting WGA's Functionality? 458
Legal Ethics writes "According to an article on Groklaw, Microsoft is misrepresenting what the Windows Genuine Advantage (WGA) tool is to pressure people into installing it. It comes with no uninstall, it fails to disclose many pieces of information it provides to Microsoft, and it misrepresents itself as a 'critical update' when it does not address any security vulnerability, although it remains to be seen if it can create one. ZDNet has a series of screenshots so that you can see exactly how badly it misrepresents itself. Oh, and it also checks for updates, so Microsoft can presumably execute arbitrary code on any machine with it installed, merely by making that code part of a WGA update."
Somewhat obvious. (Score:5, Informative)
It's a damned-if-you-do and damned-if-you-don't situation...
How to Disable the WGA Add-on (Score:5, Informative)
If you want to be able to disable the Genuine Windows Advantage Add-on for IE (accessible via Tools|Manage Add-ons... in IE), you might be surprised (or not) to see that Microsoft will not let you do so. It gives you some sort of stupid "disabled by Administrator" message, even when you're logged on as Administrator (I guess MS thinks it's the administrator for your computer).
To enable the radio button that allows you to disable this worthless add-on, follow these instructions I found:
Re:Why punish legit users? (Score:5, Informative)
disconnect from the internet
open task manager
kill the process 'wgatray'
rename the file c:\windows\system32\wgatray.exe to something else (wgatray.exe.bastard, for example)
There is also a file called wga.dll, or similar, but i didn't do anything with that, if anybody could shed some light on that, it'd be nice. I did the above on a machine that was wrongly reporting as 'pirated', and it worked fine.
Bypass & Disable Genuine Windows Validation Ch (Score:5, Informative)
How to bypass and disable the Genuine Windows Validation Check (from http://www.mydigitallife.info/2006/03/07/bypass-an d-disable-genuine-windows-validation-check/ [mydigitallife.info]):
Note: The data.dat that are replacing the original data.dat can be blank text file or empty, or you may type whatever you want there.
With this hack (or crack if you want), Windows WGA piracy check will be bypassed and you can now download software from Download Center or apply updates from Microsoft/Windows Updates.
That, OR (Score:5, Informative)
Get updates without going to Microsoft (Score:2, Informative)
http://www.autopatcher.com/ [autopatcher.com]
By the way, Autopatcher will update pirated copies, for better or for worse...
Re:Somewhat obvious. (Score:2, Informative)
I had no problem with Windows Update, just used a well-publicised trick to gain entry and then told it not to install WGA and not to mention it to me again (there's a check-box for that purpose).
A link for the rest of us. (Score:5, Informative)
Re:Why punish legit users? (Score:5, Informative)
Option one:
Start in safe mode and find the file
file properties and remove the execute and write permissions for all users
including System. The daily checkin and the WGA System Tray tool are both
started from this DLL so making it non-executable kills the whole WGA
Notification system. Making it read-only stops windows update from 'repairing
it' and installing future versions.
Option two:
Download and burn Ubuntu Dapper Drake or order a FREE CD from
shipit.ubuntu.com (downloading is quicker). Back up your important documents and
completely replace Windows.
Personally I chose option two many years ago, but I continue to watch Microsoft's antics with a degree of detatched amusement.
Re:Somewhat obvious. (Score:1, Informative)
Or you could pop in a burnt cd with all the activation crap disabled. Added bonus, it's probably already got the service packs on it.
Re:Why punish legit users? (Score:5, Informative)
On the other side is that MSFT could solve a lot of their problems just be creating an easy, basic way to enforce security. Unix did that years ago on Unix you have basic file system level defaults seperating users. Then you can use other programs to create an ultra fine grained control.
Under Windows all you have is a very complicated fine grain control system that a massive percentage of the apps break if you use it.
Kill off Active X and add a simple yet effective file seperating on the Filesystem layer and the majority of windows viruses problem will vanish. It won't solve all things. it won't solve stupid users installing things they shouldn't, but It would stop most of those problems instantly.
It's also the one thing MSFT won't do. Not even with Vista. They are keeping activeX and while they are trying to use their fine grained permissions control as a basic level they are finding that it doesn't work well. (just look at all the reviews on the vista Beta, 7 steps to delete an icon?)
Bypass WGA (Score:3, Informative)
some of the data reported (Score:2, Informative)
they say no "personal data" is sent but your logon name and Machine name would probably count as personal as it gets, note it also looks at your cookies status
List of OEM's checked for (Score:1, Informative)
Re:Windows 2000 looks better all the time (Score:1, Informative)
Sounds like you could be running Linux considering all three of those apps have Linux versions. Just sayin'...
Re:Why punish monopolies? (Score:5, Informative)
I find your remarks a little odd considering:
If those are actually representative of your needs as a Windows user than you wouldn't have a problem moving over to Linux. If they aren't representative of your needs then get better examples and ask yourself why you chose those examples in the first place.
Re:Why punish legit users? (Score:2, Informative)
swich to something better, nobody is forceing you to use microsoft's product "
Well actually we _are_ being forced to use M$ pretty much.
The M$ company has acheived an almost 100% monopoly through glossy marketing and predatory business practices.
Hardware manufacturers are coerced into preinstalling nothing but M$.
M$'s monopoly business software is deliberately engineered to have undocumented file formats to frutrate attempts to work with them on anything _but_ M$ software.
The peripherals manufacturers now almost invariably provide nothing but M$ compatible device drivers & refuse to provide documentation to enable porting of their drivers to any other architecture.
I run a small international company.
I am foraed to use M$'s OS & ome of it's apps because we have so little _real_ choice.
*Take note, I am talking about choice in the business sense, not as in the sitting in my mothers back bedroom pontificating type choice, ok?
Take responsibility for your own machine (Score:3, Informative)
Why not just block it with a firewall? According ZonaAlarm the IP that WGA connects to is (or maybe *was*) 64.4.52.189
From WikiPedia:
Windows Genuine Advantage Notifications and Firewalls
Some personal firewalls, though not the basic one in Windows, may alert on the method by which wgatray.exe is started, in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems. Removing the reference to WGALOGON.DLL using HijackThis appears to effectively de-install this update, to the point where it will be offered again if it has not been marked "do not show".
And I'm sure there are a dozen other ways to avoid the WGA.
Re:Trade-offs (Score:3, Informative)
Don't get me wrong, I love linux and I try to convince people to check it out if I think it suits their needs (often), but it's just not a viable option for me.
Re:Let's not forget to bash the other bad guys too (Score:2, Informative)
I was one such user, and encountered the same response from their support innitially. I finally got transfered up the chain, and was able to send them a fax of the original CD's and my purchase receipt from Best Buy as proof of purchase. They sent me a new, working key the next day.
I was very very angry also. To be fair to them, they apologised profusely and changed their phone support protocols to account for the error for future people. Obviously this should NOT be happening to legitimite customers.
Since them, I've purchased several other Steam based products and have never had an issue. The content delivery system itself is an excellent means of deployment. Don't give up on them because of one fuckup, big as it was.
Re:Baby steps -- not cold turkey (Score:3, Informative)
It DID happen in the past! (Score:3, Informative)
Re:I had to call MS because of WGA on a legal XP (Score:2, Informative)
I think it has to do with SP 2 not being installed. Most OEM copies that come with machines now have SP2. The Windows Update stuff installs just fine. My legitimate copy of XP is older and is not SP2. I get the error until I either install SP2 or do the security settings workaround like you did. What really stinks is that I don't think you can just download SP2 anymore. You get redirected to Windows/Microsoft Update.
You'd think that this stuff would be QA'd for non-patched systems since that's the point of it all..
Re:Why punish legit users? (Score:1, Informative)
i'm using said kernel drivers on the laptop i'm using right now(just installed knoppix 5 to hard drive on friday after imaging my windows install in case things didn't go well. looks like i'll be keeping knoppix and deleting the windows image to recover badly needed drive space on the server at work). and the best part of all, the bcm43xx driver supports monitor mode, the mode broadcom would not release drivers for in their windows versions. there's also support for WPA and WEP. you have no more complaints about lack of broadcom drivers.
Oh, and a special bonus, the intel i810 based graphics, sound AND analog modem work as well.
no drivers for broadcom wifi? bullshit.
Re:wgatray.exe can be used to annoy microsoft (Score:2, Informative)
label: wgatray.exe
goto label
Re:It's Spyware by any definition (Score:2, Informative)
the question is when are the anti-malware community going to step up to the plate and provide protection from this software
Or you could just use Zonealarm, or some other third party firewall. I just hit 'decline' when wgatray tried to access the network, and that was that. I haven't had any problems with Windows Update, either.
Re:New Desktop: Suse 10.1 or Ubuntu 6.06? (Score:1, Informative)