Forgot your password?
typodupeerror

Dvorak on Windows Genuine Advantage 236

Posted by Zonk
from the good-cop-hacked-cop dept.
PadRacerExtreme writes "Vista includes the much maligned 'Genuine Advantage' layer inside, which ensures that your copy of the OS is legit. If you're running a non-validated copy you get no upgrades, no security protection, nothing. That's all well and good, but what happens if a cracker tweaks that Genuine Advantage layer for its own good? Dvorak sees a huge problem, just waiting to happen. What's the vulnerability?" From the article: "I suspect the policeman [WGA] will actually be hacked before the OS. It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version. There is some irony to that idea. But that's none of my concern. I'm more worried about some joker creating a virus or exploit that turns the good cop into a bad cop, and I can only imagine the destruction and hassle that will ensue."
This discussion has been archived. No new comments can be posted.

Dvorak on Windows Genuine Advantage

Comments Filter:
  • Sadly (Score:5, Insightful)

    by Null Perception (914562) on Thursday October 19, 2006 @12:21PM (#16503959)
    Dvorak's forecast of the future is often wrong.
    • Re: (Score:2, Insightful)

      by DynamoJoe (879038)
      I agree (his Mac columns are stellar examples of rectocranial insertion syndrome), but in this case I bet he's got a point. Which is kind of a bummer. I mean, it's Dvorak, leader of the clueless.
    • Re: (Score:3, Insightful)

      by TobyRush (957946)
      Dvorak's forecast of the future is often wrong.

      I agree with you, and I generally can't stand even reading his articles... but he's probably got a pretty safe prediction with this one. It seems that those who say "It'll probably be hacked" are seldom disproven.
      • Re:Sadly (Score:5, Insightful)

        by Artifakt (700173) on Thursday October 19, 2006 @12:44PM (#16504319)
        For once, John has gotten it right, even making a more detailed prediction than just "it'll probably be hacked". There are two good reasons (from a black hat perspective) to crack WGA:

        1. Make a bootleg copy look authentic.
        2. Make an authentic copy look bootleg.

        Figureing out how to do one means you have done at least 80-90% of the work to figure out the other. That's essentially twice the normal incentive to crack a Microsoft product. #1 has an obvious financial incentive, but #2 may have one too, if the cracker is willing to consider extortion or similar modes of funding. If the cracker is doing it just to spite MS and/or MS users, the same double whammy applies.
        • Re: (Score:3, Insightful)

          by RKBA (622932)

          1. Make a bootleg copy look authentic.
          2. Make an authentic copy look bootleg.

          I think it would be far easier to patch WGA in order to make it FAIL authentication than it would be to make a counterfeit Windows version PASS authentication, because of the cryptography involved (ie; probably all that would be required to make it fail would be to patch a conditional jump instruction in the executable code, but cracking the cryptography involved to pass authentication would be virtually impossible).

          • Re: (Score:3, Interesting)

            by supabeast! (84658)

            I think it would be far easier to patch WGA in order to make it FAIL authentication than it would be to make a counterfeit Windows version PASS authentication...

            It's definitely going to be easier. All one will have to do is figure out where WGA stores the registration code, replace it with one that's known to fail WGA, and then cause the system to try and authenticate. Of course, the end user will then just be able to re-enter the good key, which on an OEM system is usually stuck to the front of the machine

            • Re: (Score:3, Interesting)

              If an army of zombies keep trying NEW codes - simple math says that in a matter of weeks nearly ALL Vista codes could be flagged as pirated. Making WGA point to false positives could be the death knell for Vista.
          • Re: (Score:3, Insightful)

            by Artifakt (700173)
            1. You may well be right, in which case change my 80% estimate of the work involved to something lower as you see fit, but only one way. My point still stands the other way - the more it is hard to crack WGA for the purposes of making a counterfeit pass, the more it is positively trivial to go ahead and figure out how to make legitimate copies fail while you're at it.
            2. If it really is that "virtually impossible" to make counterfeits pass, someone who fails at it may well decide to use what they have learne
        • Re:Sadly (Score:5, Interesting)

          by mark-t (151149) <markt@ l y n x.bc.ca> on Thursday October 19, 2006 @01:13PM (#16504803) Journal
          #2 has good potential for the cracker as well... if he can make a legit version look like a bootleg copy, then the person will not be able to get upgrades and will be vulnerable to certain attacks on security that may have otherwise been fixed.
          • Re:Sadly (Score:4, Interesting)

            by Firehed (942385) on Thursday October 19, 2006 @02:58PM (#16506983) Homepage
            Current XP WGA still allows you to get critical updates with a failed authentication. Have we heard anything to indicate that you won't at least get critical security patches in Vista without something shown as valid? I'd think they would still allow critical security updates with a "disadvantage", specifically for that reason. MS is taking enough flak from the public over WGA as it is; as long as there's even one false positive, they probably won't be allowed to not give out the critical stuff when they've just released a mammoth OS update, after charging out the wazoo for it, that doesn't yet have anything near a proven security layer.

            That said, they're probably foolish enough to try, and the blackhats will rejoice.
        • Re:Sadly (Score:5, Insightful)

          by wtansill (576643) on Thursday October 19, 2006 @01:35PM (#16505277)
          #1 has an obvious financial incentive, but #2 may have one too, if the cracker is willing to consider extortion or similar modes of funding. If the cracker is doing it just to spite MS and/or MS users, the same double whammy applies.
          Personally I think we should write a thank-you note to Gates and Balmer on this one. Think about it -- for years people have warned about issues ranging from monopoly abuse to the dangers of a "software monoculture", yet nothing really has changed (even after the DOJ antitrust "win"). Now we have the prospect of MS figurativly slitting its own throat with this foolishness. If Dvorak's fears are realized, this could be just the thing to push the public at large over the edge in terms of consciousness-raising.
        • Re: (Score:3, Interesting)

          by vhogemann (797994)
          Better,

          Why dont setup some bootnets to authenticate every possible product key at Microsoft Site? This way rendering the registration process useless, as they wouldnt be able to differentiate the good ones from the fake ones!
    • Re: (Score:3, Interesting)

      by RailGunner (554645) *
      In this case, however, he's probably right.
      Anti-piracy measures only annoy legitimate customers and thwart 14 year old morons - the "professional" pirates will eventually crack WGA, they have too much illicit profit incentive not to crack it and pirate it.

      So I think it will happen, and MS will spend too much money, time, and effort in combating piracy instead of actually making a OS that's worth a damn. Let's face it - when all they do is pop up a message box when a process wants elevated permissions,
      • Re:Sadly (Score:5, Insightful)

        by IAmTheDave (746256) <basenamedave-sd.yahoo@com> on Thursday October 19, 2006 @01:24PM (#16505017) Homepage Journal
        Anti-piracy measures only annoy legitimate customers and thwart 14 year old morons

        • DRM measures only annoy legitimate customers and confuse the masses
        • REAL ID measures only annoy law-abiding citizens and do nothing to stop terrorists
        • New passport requirements only put law-abiding citizens at risk and do nothing to stop terrorists
        • Anti-gun laws only annoy legitimate customers and don't stop criminals and murderers

        I could list about 20 more, but I'm tired of this. Almost any measure or law that reduces the rights/privacy of normal citizens do nothing to thwart (for more than a day or two) those who would pirate, steal, kill, etc. Yet we march on to the same tune, never ever learning from the lessons of the past.

        So who's really surprised by WGA? Guess I'll have to head on over to astalavista.box.sk to download a copy of the WGA crack, just in case MS one day decides my copy of Vista is no longer legitimate.

        • Guess I'll have to head on over to astalavista.box.sk to download a copy of the WGA crack, just in case MS one day decides my copy of Vista is no longer legitimate.

          Nah - just head on over to distrowatch.com and pick a Linux distro. I personally dumped Windows at home 5 years ago and I've never looked back.

          You can argue whether or not the Linux Penguin is retarded, but at least you know he means no harm...
    • Re:Sadly (Score:4, Insightful)

      by nuckin futs (574289) on Thursday October 19, 2006 @12:36PM (#16504201)
      every so often he gets something right. if you spray enough bullets on a target, you'll hit it sooner or later. He basically does the same thing, shooting in the dark and hoping to hit the target.
      • Re:Sadly (Score:5, Insightful)

        by bzipitidoo (647217) <bzipitidoo@yahoo.com> on Thursday October 19, 2006 @02:42PM (#16506611) Journal

        Don't say that too loudly, as that comment fits the Slashdot community all too well. People who live in glass houses....

        A lot of people have WGA wrong, and are commenting based on old info. At first, WGA did indeed prevent people from downloading security updates. That is no longer true as of sometime around March this year. MS came to their senses on that one, and now the validation is only needed to get fixes that are not security related. Not allowing security updates until validation made worse the chicken and egg problem in which a system could not download patches over the Internet until it'd been patched to prevent it from being pwned the instant it was hooked up to the Internet. Before WGA spoiled things, I worked around that problem by downloading the patches under Knoppix, or by having a CD full of patches that I'd downloaded and burned in Linux. Now that MS has relented, I can once again use Linux to help support Windows.

        I hope Vista serves to further highlight fundamental problems with security. Ever since 9/11, there's been even more push for more security, a lot of people talking as if security was pure unadulterated goodness and as if there's no such thing as too much security, and a lot of bad security and abuse of security. Witness such things as confiscation of nail clippers and bottles of shampoo by airport security. When security becomes security for MS or the entertainment industry against evil pirates, that's not security for our benefit anymore however much MS tries to spin it so with such things as the "Advantage" part of the WGA name. Where's a Genuine Advantage program for software we write? When security gets perverted to mean "security for MS profits" and most definitely not "security for users against losing what they've paid for", people notice. When file format lock in gets justified with security, as in "preventing unauthorized programs from accessing and corrupting your valuable data" as if OpenOffice was written by a bunch of irresponsible hackers, that can give security a bad name. When "I can't tell you that for security reasons" is used as a cover for "I don't want to bother finding an answer", security is looking bad. A lot of Windows users have already tentatively decided they're going to stick with XP, because, ironically, they don't trust MS's intentions. So much for security increasing trust.

    • by Old Man Kensey (5209) on Thursday October 19, 2006 @01:05PM (#16504691) Homepage
      "I do not even want to think of the consequences of Vista turning itself off in enterprise situations such as airline reservations or a hospital full of patients on life support. A serious collapse of the authentication network that could not be fixed without sending out discs or one-by-one-downloads will end up in the courts, and you can be certain that the shrink-wrap license agreement that holds Microsoft blameless will be tossed out as bogus."

      1. Patients on life support? Is this the new "it's for the chilllldren!" in the software industry? Hospitals and life-support systems seem to come up really often when validation scenarios like this are discussed, yet, I have never, EVER heard of a patient dying because Windows crashed. I suspect this might be due to medical equipment manufacturers not quite being dumber than a bag of hammers and therefore not using Windows in life-critical situations.
      2. I bet you anything there is a clause in the EULA that says something like "this software is not to be used in life support equipment, nuclear power plants, or other life-critical systems."
      3. I further bet you that in the unlikely event some cosmically stupid company actually built life-critical systems around Windows Vista and it caused loss of life, that company, not Microsoft, would be held 100% liable for a) not doing due diligence on whether or not their off-the-shelf components were suitable for the intended purpose and b) being dumber than the aforementioned bag of hammers. The EULA wouldn't need to be held enforceable per se, the court would merely need to find that they ought to have read the EULA and from it derived knowledge that Vista should not be used for certain purposes.
      • by d3ac0n (715594) on Thursday October 19, 2006 @01:30PM (#16505149)
        I bet you anything there is a clause in the EULA that says something like "this software is not to be used in life support equipment, nuclear power plants, or other life-critical systems."

        That, and the fact that most of our nuclear power facilities are still running on Win2K. I'm not kidding. I work for a company that makes software for nuclear power facilities (and other places) and most of our customers just transitioned from NT4 within the last 2 years. By the time they start using Vista, Microsoft Windows X should be out.

        Oh, and yes, I was as surprised as anybody that these places aren't running UNIX.
      • Re: (Score:3, Informative)

        by bunions (970377)
        I agree. However, I was a little horrified when I found this:

        http://www.microsoft.com/windowsautomotive/default .mspx [microsoft.com]

        Hopefully it doesn't have anything to do with the car itself, only GPS things and the like.
      • by Fatal Darkness (18549) on Thursday October 19, 2006 @02:00PM (#16505783)
        Patients on life support? Is this the new "it's for the chilllldren!" in the software industry? Hospitals and life-support systems seem to come up really often when validation scenarios like this are discussed, yet, I have never, EVER heard of a patient dying because Windows crashed. I suspect this might be due to medical equipment manufacturers not quite being dumber than a bag of hammers and therefore not using Windows in life-critical situations.


        Perhaps not life support, but I was interested in getting LASIK surgery at one time. I went to a presentation given by a doctor that came highly recommended from some of the locals. When they were showing off the actual laser equipment that performed the surgery, it turned out the machine was controlled entirely from a PC workstation running Windows NT. I asked one of the doctors what would happen if the controller "blue-screened" during the procedure and was told they would have to contact the developers and research that and get back to me. I never received a reply, and they never received my business! I'm not taking any chances with my eyes, I'll stick with glasses.
      • Re: (Score:3, Insightful)

        by mstone (8523)
        ---- I bet you anything there is a clause in the EULA that says something like "this software is not to be used in life support equipment, nuclear power plants, or other life-critical systems."

        Even if it is, that doesn't automatically take Wintel machines out of the loop.

        A friend of mine develops industrial control systems, many of which are life-safety critical. The actual devices are controlled by PLCs, which are pretty damned bulletproof, but the control and monitoring software runs on Wintel machines.
    • Of course, I thought thats why he kept being posted, to make us all feel more learned in comparison. If he was right about technological changes everyone would be using his stupid keyboard by now.

  • Low-hanging fruits (Score:5, Insightful)

    by overshoot (39700) on Thursday October 19, 2006 @12:22PM (#16503985)
    It's always easier to make something do what it's supposed to do (even when it shouldn't) than it is to make it do something it's not designed for.

    For instance, chainsaws are designed to cut off limbs. Tree, human, what's the difference?

    WGA and successors are designed to disable Microsoft systems. OK, I'm sure that there are those who appreciate the help.

    • If you want to disable windows, there are much easier ways to do it than WGA, just look at the massive list of bots, viruses, etc. that if you're not up to date on patches and protection, can wreck your machine post haste!
      • by dsanfte (443781) on Thursday October 19, 2006 @12:34PM (#16504163) Journal
        That's not the point. The point is that Microsoft has designed their OS with a single point of failure, and to top it all off, if anyone were to exploit that point of failure, the deafening ring of poetic justice would be heard the world over.

        WGA is a key to every Windows box on the planet and a giant club with which to beat Microsoft over the head if it's every hacked, and you can bet that's not going to go unnoticed by those with the capability to pull this off. It would be the hack of the freaking century.
        • Someday in the future a worm will set off a wildfire, disabling every windows box in the world in a single day. Everyone else will only notice that there suddenly was no more spam and wonder why. Then the spammers will notice all their bots are dead and they will create a new worm that goes out and fixes the vulerability in the few remaining zombies they have left.. So mircosoft's problem will be solved by the spammers faster than you can say Patch-tuesday.

          Whihc brings me to another question. What happ
          • by Phisbut (761268) on Thursday October 19, 2006 @01:05PM (#16504667)
            Whihc brings me to another question. What happens when the WGA cop is triggered. Your machine still functions right? you just can't get updates or fixes for vulnerabilities....

            If I recall correctely, you have 30 days to authenticate or the WGA cop disables everything except IE. "Everything" probably includes the ability to be a spam-bot, but I'm still not sure.

          • WGA exists now - how come this "magical hack" hasn't happened already??? And I'm sure if lowly Slashdotters are talking about it's potential for abuse, MS has thought of it too. Isn't it amazing that every few months you read about "the big hack" that is the Achilles heel of Windows and will bring down XX% of the world's computers - and it still hasn't happened. MS not only is still around, but still domminant.
      • Re: (Score:2, Flamebait)

        by CodeBuster (516420)
        Yes, but this particular method has added irony of turning the tables on "the man" which fits in rather nicely with whole ethos of the malware authors and their fellow travelers.
        • fits nicely with whole ethos of the malware authors and their fellow travelers.

          Cute dig at the Free software supporters. Ya got balls to make it so blatant right in the middle of the enemy camp here on slashdot. Just for the record, Free software is NOT communisim any more than copyright is communisim, and nothing about Free software is sympathetic to malware.
      • by Pharmboy (216950)
        If you want to disable windows, there are much easier ways to do it than WGA, just look at the massive list of bots, viruses, etc. that if you're not up to date on patches and protection, can wreck your machine post haste!

        Not true. All of those NEED the operating system to work to either show you ads, or to send spam from your computer. If your computer is disabled, then they have failed. I CAN see someone making a virus that will make your Vista install appear to be bogus, just to wreak havok on:

        1. Micr
      • Yeah, but a bot attack disbling security updates would really screw with a corporate environment. IT's choices would probably be only to a) let the unpatched machines go until they could fix it, risking haxxoring of sensitive information or b) take down the network until they can sort things out.

        Wouldn't either of these things be more of a hassle than simply rebuilding machines that got hosed by a virus? (I dunno, I'm not IT)
        • Re: (Score:3, Informative)

          by Otto (17870)
          Yeah, but a bot attack disbling security updates would really screw with a corporate environment.

          Not as much as you'd think. Corporate Windows systems generally have updates disabled anyway, at least from Microsoft. The whole Windows Update system was designed to allow corps to run their own update server, so that they could a) pick and choose what updates they want to go to what boxes and b) use the mechanism to not only install their own software, but to prevent modification to the software. The corporate
      • Ironically, that is the point of hacking the WGA. If you hacked it in such a way where you could make the WGA turn on the system, then the computer would not be able to update itself and MS would have to figure out some way to re-authenticate all the systems AND would likely be forced to patch all systems in the process. Not only that, but every system that was unable to patch could be exploited by bots and other viruses.

        Sure, if you turned WGA on users through a exploit, MS would lose massive credibility.
      • by gbjbaanb (229885)
        No, no-one wants to disable Windows. They want to disable downloading the security fix that gobshite spamking has exploited to install his Trojan emailer/DoSer/Phisher.

        Not to mention disabling the ability to update the WGA tool too.
  • by Anonymous Coward on Thursday October 19, 2006 @12:23PM (#16503993)
    The guy writes some symphonies back in the late 1800s, then in the early 1900s designs a keyboard that nobody except a few nerds can type on, and NOW he's criticizing Windows?!?!
    Not only is this guy old, he should be commenting on things like piano typewriters or something like that...

    TDz.

  • by crazyjeremy (857410) * on Thursday October 19, 2006 @12:25PM (#16504035) Homepage Journal
    More complicated security simply means more circumstances for the code to be vulnerable. Windows continues to bloat in every direction and as a result, it continues to be an easy target. Now that so many systems areon the web, one wonders if there will ever be an exploit so complicated and devisive that it will shut down a significant portion of the windows user base. If this Security Cop layer of Vista gets hacked, a huge DOS will be easier than ever.
  • ... on a virus right now that effectively shuts down any Vista computer by causing WGA to always detect the OS as a pirated copy.

    Actually, for some reason, I had never thought of this before. You probably wouldn't really even have to mess with WGA all that much, just change whatever it's checking to see if the OS is valid. Not sure how easy that would be, but considering the number of false positives that are cropping up on XP, it should be quite doable.
    • by a16 (783096) on Thursday October 19, 2006 @12:47PM (#16504381)
      Couldn't a virus just change the local cd key, as documented by MS, to a pirated one? Then effectively they have a machine that can't be updated.
      • by supersat (639745) on Thursday October 19, 2006 @01:43PM (#16505463)
        Better yet, what happens if the virus repeatedly switches the product key? MS would likely give instructions to victims on how to switch the product key back to the one glued onto the machine's case, but each time you switch it back to a legitimate key, it'd have to reactivate. Eventually, the key will refuse to be activated on suspicion on key sharing.

        If MS takes steps to ensure that valid product keys can always be activated, then they'd introduce a new way of pirating keys.
    • by joe 155 (937621)
      I'll assume that you were joking then (although I suppose that if anyone would have the ability they might be on here...) but what you mention, if it was possible would really screw MS over.

      Imagine a virus which is very hard to get rid of, if not a rootkit which for the average user (read: knows nothing about computer) would as good be impossible to get rid of, then MS's WGA policy would have to stop. Say someone gets this virus and doesn't know how to detect or remove it they'll be ringing MS up and co
    • by shawb (16347)
      The thing about WGA is, it doesn't actually prevent you from using the computer. It prevents you from using Windows Update. So what you do is release the code into the wild that kills WGA meaning all infected computers will not be patched. THEN you release a virus into the wild that utilizes a vulnerability that has not been patched by Microsoft yet. Finally, you do whatever you want with the constantly growing botnet. DOS attacks, spam, spying on users, running a distributed password/encryption cracki
      • by peragrin (659227)
        No WGA in Vista has an Auto off feature. if you don't authenticate within 30 days You can only use the machine one hour a day, and you can only use IE during that hour.

        I personaly hope MSFT gets widespread distribution of Vista before someone pulls out that virus that disables WGA from authenticating properly. Maybe twith 30-50 million users calling in complaining will MSFT stop being so greedy.

    • I'm going to start working... on a virus right now that effectively shuts down any Vista computer by causing WGA to always detect the OS as a pirated copy. ... considering the number of false positives that are cropping up on XP, it should be quite doable.

      Considering the number of false positives that are cropping up, perhaps it has already been done. B-)

  • by w0d3h0us3 (966674) on Thursday October 19, 2006 @12:28PM (#16504063)
    It happened in a committee inside Microsoft when someone came up with the brilliant idea of essentially creating a virtual policeman to watch over the operating system to make sure it has the right "papers." This is an interesting idea, but who watches and authenticates the policeman?
    I got it! "Windows Genuine Advantage Genuine Advantage."
  • Whether or not you pass WGA, you still get critical security updates. It's not in Microsoft's best interest to have a few million illegal Windows installs out there being compromised because it harms the user base as a whole.

    The real problem here is that Dvorak might die old, alone, and invalid. He must come up with this crap to feel like he's important. What if a hacker did this or that? I don't really care unless a hacker actually does it. People have been talking about someone pointing auto-update
    • Re: (Score:3, Informative)

      by LunaticTippy (872397)

      Whether or not you pass WGA, you still get critical security updates

      Wrong. One of our other sites just got nailed by a trojan because some machines weren't updating because they had never installed WGA. I found this behaviour several months ago and ran windows update on the offending machines just to install WGA. (we use WSUS for updates) The machines mysteriously resumed updating after installing WGA. Fortunately I check the patch status of windows machines around here. Obviously our sister site did

    • by geekoid (135745)
      Not having a plan for a probable scenerio(WGA fails for some reason) is a poor way to manage systems.
  • Why don't they make Vista out of the same stuff that WGA is made of, that way you wouldn't have any security issues.
  • by spyrochaete (707033) on Thursday October 19, 2006 @12:33PM (#16504143) Homepage Journal
    "It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version."

    This is exactly what I was thinking when I heard that volume licensed versions of Vista would no longer take the product key's word for it (bye bye FCKGW), but authenticate and activate with a local server. I bet the first pirated versions of "Vista Pro Corp" will include a proxy patch or HOSTS entry that will point the OS to a server run by a warez release group, or maybe 127.0.0.1 with a host-side server.

    Either way, it's going to really suck when people need to run a one or more instances of Vista Ultimate in a VM (yes, Ultimate can run in a VM) for testing and staging but quickly run out of licenses on the local activation server.
    • by julesh (229690)
      Either way, it's going to really suck when people need to run a one or more instances of Vista Ultimate in a VM (yes, Ultimate can run in a VM) for testing and staging but quickly run out of licenses on the local activation server.

      The volume licensing EULA specifically allows for VM usage (one VM per machine only), so I'd expect the licensing server knows about this and can deal with it.
  • by MobyDisk (75490) on Thursday October 19, 2006 @12:33PM (#16504145) Homepage
    Server certificates are the basis for SSL, SSH, HTTPS, etc. AFAIK, nobody can make a fake policeman without faking Microsoft's certificate. I don't think Dvorak's scenario is reasonable.
    • by geekoid (135745)
      you only nede to make the OS think it is the correct certificate.
    • by badfish99 (826052)
      It should be possible, so long as you can authenticate against a local server. Just clone the server.

      It would certainly be difficult if Microsoft retained control of all the authentication servers. But then it would be impossible to install Windows on a machine not connected to the internet.
    • Re: (Score:3, Insightful)

      No need to fake the certificate, just tweak WGA to check versus a bogus certificate, or check a bogus creddential against the valid certificate. Either event will flag the system as invalid and the functionality will disable appropriately.

      Faking the certificate would only be necessary for falsifying updates and so on. I'm actually surprised you haven't seen more malware through auto-update attacks for Windows, though I suspect those clever enough to do it are perhaps clever enough not to have that detected.
    • by giafly (926567)
      Microsoft have never yet produced any major system that's totally secure. Just because you can't instantly see how to break WGA, why on earth would you conclude that it can't be broken? Personally I think they've just made life simpler for every crook why wants to extort money from Windows users.
  • "I do not even want to think of the consequences of Vista turning itself off in enterprise situations such as airline reservations or a hospital full of patients on life support."

    The Vista cop will likely cache authentication like so many other things. And, airlines, hospitals, and other large organizations won't be moving to vista with any gusto anyway.

    Still, the mere idea of a self-disabling software product make me want to use something else even more than a product that breaks down just because i
  • News Alert (Score:4, Funny)

    by Anonymous Coward on Thursday October 19, 2006 @12:34PM (#16504165)
    Viruses can cause windows based computers to be unable to function properly, access windows update, or lock out the user.
    More news at 11.
  • by CoJeff (1015665) on Thursday October 19, 2006 @12:36PM (#16504205)
    Beware. Vista is an OS like no other. I'm for one am not going to upgrade after reading part of the EULA. 4. Problem-solving prohibited. "You may not work around any technical limitations in the software." http://wendy.seltzer.org/blog/archives/2006/10/19/ forbidding_vistas_windows_licensing_disserves_the_ user.html/ [seltzer.org]
  • What I think that he is stating is that one could easily cause denial-of-service on the clients of Windows Update. If you can make the system look tampered with or pirated, that host won't be able to get updates automatically without intervention by the user.

    The user will know that their copy is suspected of being pirated, but may not know how to fix it. This could potentially ensure that a large amount of devices that were compromised stay compromised and unpatched for a period of time.
    • Ah, but you didn't follow through to the conclusion: the fix, according to Microsoft, is to buy another license!

      Now, I wonder how upset they're going to be if something like this gets loose? Hmmm....

  • by jzuska (65827) on Thursday October 19, 2006 @12:43PM (#16504301) Homepage
    He's an idiot. Stop submitting his articles. Nobody in the tech field (should) take(s) him seriously.
  • He has a point ... (Score:3, Interesting)

    by robpoe (578975) on Thursday October 19, 2006 @12:50PM (#16504423)
    Even though he's occasionally mis-aligned himself, he DOES have a very valid point.

    But to what end? Why couldn't any kind of software do this?

    Free anti-virus..(not Clam .. it's OSS .. but closed source stuff, why not)
    SpyBot S&D
    Ad-Aware
    Hi-Jack This!

    Could ALL be spyware-in-disguise. We don't know. How could we?

    It's not just Vista's WGA we need to worry about. I mean, what better way to take over the world. Develop some cool little free app that EVERYONE starts using. Get it installed on a bajillion computers, then it grabs an auto-update and WHAMMO! You've got ... "DUN DUN DUN!!!" SKYNET...

  • by Doc Ruby (173196) on Thursday October 19, 2006 @12:51PM (#16504449) Homepage Journal
    Denying unlicensed Windows instances access to security upgrades does to the Internet ecosystem just what denying poor people access to vaccines and other public health does: it creates incubators for plagues. The "underground" class of unlicensed Windows instances will offer criminals, vandals and spies a cesspool in which to multiply, and launch attacks on everyone. Since Microsoft cannot exterminate completely the global unlicensed Windows population, nor ensure licensed instances are invulnerable to these attacks, their WGA program is making everyone less safe.
  • Please Wait (Score:5, Interesting)

    by Geccie (730389) on Thursday October 19, 2006 @12:55PM (#16504503)
    Whomever creates the crack of the century and turns the good cop bad, Please PLEASE be patient. Don't just send out the bots 2 days after Vista's launch, give Vista a chance to permeate the bowels of the gulible and self opressed - Then - and ONLY THEN can the bots be launched, creating a wondrous show for the rest of use to enjoy.

    Microsoft has long been due the fruits of their incidious labor and it is only just that they reap the true rewards.
  • by SuperMog2002 (702837) on Thursday October 19, 2006 @12:56PM (#16504519)
    Woah! Someone check the weather, 'cause it's gonna be a cold day down in you know where. Dvorak just said something that makes sense! Of course, it's the same chain of thought that's been going on for weeks here at Slashdot, so it may not be his own original reasoning. But nonetheless, that's the first article of his I've read in longer than I can remember that didn't make me want to highlight all the flaws in his reasoning and send them along with proof of their idiocy to his editors.
  • by Z00L00K (682162) on Thursday October 19, 2006 @01:12PM (#16504793) Homepage
    what will happen then? A big pile of badwill for M$. OK, if it's overly complicated to hack it will also be overly complicated to administrate by IT departments and also very sensitive for businesses as a whole.

    It seems to me that every step M$ takes to make sure that no illegal copies are around it will also create more work for the IT department. And what if there is an unexpected problem popping up causing all legitimate copies to be locked from the users due to a flaw in WGA? Who will be paying the standstill cost? Not M$ in the first turn.

    It seems to me that alternative solutions like Linux and the BSD variants will benefit most from this. The latest versions of the Linux distros aren't really that complicated to install and use, even if there still are flaws. (most notably the X11 config, which can be a real pain to get right, even if Fedora Core 5 seems to work acceptable there). Another item that can cause severe dandruff is the SELinux package, but I assume that there are work in progress on that.

  • I didn't RTFA, but the quote in the summary might be the first thing I've read that Dvorak wrote that wasn't mindless trolling. He actually made a good point. I wonder how long he can keep it up.
  • by miyako (632510) <miyako AT gmail DOT com> on Thursday October 19, 2006 @01:15PM (#16504841) Homepage Journal
    I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament. Granted, I'm sure somone will write it to see if they can, and it'll make it's way to a few people, but it seems counter productive for any big time cracker to do this.
    Most of the people who send out these exploits aren't doing it to piss people off, they are doing it to make money. The thing is, a botnet only works when the zombied machines are running. If you are Joe Cracker, you want those machines up so they can be sending your spam, performing your DDOSes, and collecting information for you to sell to ad companies. What you don't want is for the machine to stop working so that the owner takes it in to be fixed - especially when the person fixing it might just put some antivirus software on there that will stop your bots from running (for a while).
    • by giafly (926567)
      I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament.
      So they can't use Windows Update to patch the security holes that the cracker is exploiting. Also - it's funny!
    • I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament.

      To answer your question, please read this. [wikipedia.org] To summarize, some people are flat-out bastards.

  • Really? (Score:2, Insightful)

    by east coast (590680)
    What's even more unreliable and short sighted than WGA?

    Dvorak!

    This man is a looney but the second he says something people want to hear they chant his name like he's the new Moses leading you guys out of Egypt? Come on now. Get real.

    Any other time 90% of the comments are "Dvo-crack is teh r3tard" but now everyone's all "Maybe this will mean Linux will meet the masses". I've been hearing this for years. Every week or so a new "Microsoft killer" is announced here... I'm sorry but everytime one of these c
    • Hey man, Even a broken clock (at least an analog one) is right twice a day. If people didn't acknowledge that Dvorak is right when he is, then they'd be as silly as he often is.

      • Just remember that a broken clock isn't right twice a day by any effort of it's own.

        This is to say that, when it comes right down to it, there are more credible sources. Heck, at least half of the slashdot community has just as much, if not more, insight as Dvorak. I think I would be better off doing my own study instead of listening to Gimpy, er, John.
  • Otherwise Dvorak could actually be right!

    In any case. I'm guessing this "software cop" will be down in the portions of Windows that are "impossible" for a user to modify. You know, the same part that won't let you play the latest Britney spears album without paying for it. If the Windows Platform Security Initiative has any success, then this "software cop" should remain uncorrupted. If not, people will do whatever the heck they want and Microsoft is going to have a really messed up userbase.

    Oh, and don
  • by araemo (603185) on Thursday October 19, 2006 @01:29PM (#16505143)
    Two big problems with his proposed scenario:

    #1: After vista 'detects' that your version is not legit, it gives you 30 days to fix that before actually shutting down.

    #2: "Once a virus that makes the cop refuse to authenticate Vista hits the Net, then how can the problem be fixed? By definition and the way I see it, this will be an impossibility."

    Well, while a small # of users will already be effected, I see something that prevents vista from being upgraded by paying customers is one of the few things that could convince MS to patch out-of-cycle. Fix the bug in WGA and release it after a couple days of QA.
  • ...so there isn't much point in repeating it [slashdot.org].
  • by bdwoolman (561635) on Thursday October 19, 2006 @08:02PM (#16511165) Homepage
    When Microsoft was making its bones in the early 1980s one of their big advantages was their no-copy-protection software philosophy. Copy protection was a big swinging deal back then. Everyone had it. Software manufacturers were paranoid to a fault over piracy and user reproduction. The protection was very breakable, but ordinary users found it impossible to deal with. Lotus 1-2-3, other operating systems, they all did it. It was a mess. Backups were a nightmare, system recovery was hard.

    One company didn't do it. Microsoft got miles of cool points for making their operating system, and eventually their applications, easy to copy. There were legal barriers to reproduction but no technical barriers. People bought MS at premium prices because they could copy. System administrators knew they would have no difficulty making backups, or "educational" copies to take home to put on their systems. They also knew that things would not be difficult if they had to do a reinstallation. It was viral marketing at its most effective. The license agreement of course forbade such practices, but Microsoft winked at personal duplication. Licenses had to be bought, of course, because support was needed, especially in a large enterprise. My personal opinion is that the bugs in early iterations of Microsoft software were their insurance against wholesale ripoff. This is just a feeling.

    I thought activation was a big mistake. I actually do think it slowed the adoption of XP if you can recall back that far. However it was easy to crack so the viral thing happened. Anyway Microsoft continued to thrive. I was living in Eastern Europe at the time of XP's introduction and cracked copies were everywhere. Pirate copies of the beta were in the electronics market in the months running up to final release. I am in Western Europe now so I don't know what the Russian and Ukrainian guys have done with WGA, but I can only guess. Vista will be zooted as soon as it hits the market. The Russian and Chinese pirates will not be slowed down at all from putting cracked versions onto hardware. Legitimate customers however will have no end of headaches. It's a crying shame.

    The fact that this WGA is vulnerable to hacks is merely the bitter coating on the poison pill of this new form of copy protection, which is always a bad idea because it hurts your customers. DRM and copy protection are ideas that corporate lawyers dream up. Marketing men instinctively know they suck.

    I actually think Vista might not even fly very well. Net services are coming. Linux could be attractive to eterprise in some circumstances. And there is always Apple waiting in the wings with good stuff. Corporate prejudice against the "toy computer" might well melt now that the OS is riding on an Intel platform. And there is also the iPod effect. Nothing sells like success.

    Meanwhile, Microsoft's latest patch automatically installed itself and rebooted my computer even though I have set the update options to stop at the download. Feh! I didn't have any process running, so I skated, but that is practically a crime in my book. If Vista is going to walk all over me like that I won't want the thing. Certainly I am going to wait as long as I can before I get it. And if I can get away without getting it I won't get it.

  • by kevlarcowboy (996973) on Thursday October 19, 2006 @08:24PM (#16511359) Journal
    The guy is a troll who writes his "articles" by stringing as many buzzwords as possible into one paragraph. Pretty soon he'll be telling us that Vista will run on a Mactel as a browser-based application but only for those who subscribe to Verizon FiOS, is Google in on this and how will this affect Net Neutrality?

In order to get a loan you must first prove you don't need it.

Working...