Anti-Piracy Windows 7 Update Phones Home Quarterly

Lauren Weinstein sends in news of a major and disturbing Microsoft anti-piracy initiative called Windows Activation Technologies, or WAT. Here is Microsoft's blog post giving their perspective on what WAT is for. From Lauren's blog: "The release of Windows 7 'Update for Microsoft Windows (KB71033)' will change the current activation and anti-piracy behavior of Windows 7 by triggering automatic 'phone home' operations over the Internet to Microsoft servers, typically for now at intervals of around 90 days. ... These automatic queries will repeatedly — apparently for as long as Windows is installed — validate your Windows 7 system against Microsoft's latest database of pirated system signatures (currently including more than 70 activation exploits known to Microsoft). If your system matches — again even if up to that time (which could be months or even years since you obtained the system) it had been declared to be genuine — then your system will be 'downgraded' to 'non-genuine' status until you take steps to obtain what Microsoft considers to be an authentic, validated, Windows 7 license. ... KB971033... is scheduled to deploy to the manual downloading 'Genuine Microsoft Software' site on February 16, and start pushing out automatically through the Windows Update environment on February 23. ... [F]or Microsoft to assert that they have the right to treat ordinary PC-using consumers in this manner — declaring their systems to be non-genuine and downgrading them at any time — is rather staggering." Update: 02/12 02:08 GMT by KD : Corrected the Microsoft Knowledge Base number to include a leading 9 that had been omitted in the pre-announcement, per L. Weinstein.

Well that pretty much settles it for me.

[Jaysyn]

Looks like the Win7 upgrade is off the table for me. Dual-booting XP & Kubuntu for the foreseeable future!

Note to self....

[Itninja]

...skip update KB71033.

The 1960s called...

[wandazulu]

...they want their mainframes back. This is not unlike IBM charging for use of their hardware and software on a per cycle basis. One of the people I worked with back in the 90s remembers earlier models of mainframes actually had mechanical car-like odometers that were read by a "meter reader" like the gas company, and IBM would send them a bill.

And it is a guarantee that enterprising individuals will come up with a solution to WAT as my former co-worker did; crack the box and reset the numbers. Not enough to arouse suspicion, but just enough that they wouldn't be charged for a huge end-of-month load on the processor.

Statecraftsman's free software article

[tepples]

Looks like I'm going to need to update my article on problems with non-free software

I read your article. It already mentions WGA, and the auditing explained in the article is Son of WGA. But as far as I can tell, one of the big reasons to run Windows 7 instead of Brown Debian [ubuntu.com] is video games. As I understand it, free software developers have historically not done a good job of making those as proprietary software developers. Part of that has to do with the lack of a high-profile free meshes/textures/audio community.

failure mode

[Lord Ender]

What happens if the domain name and IP addresses used for validation are null-routed?

Maybe this is a stupid question.

[Brett Buck]

Forgive me if this is a stupid question with an obvious answer, but I am not a Windows person. How does this work when the machine is not connected to the internet? Say, sequestered on it's own network, but not leaving the room.

MicRIAAsoft

[gearloos]

Why does this sound so familiar? Customers are considered thieves as a general rule? Oh thats right, RIAA Playbook and guideline for the Music industry, page 2, "How to treat Customers". Now,if there is a malfunction, we, the consumers, will be forced to take measures to prove to Microsoft that our systems are genuine? Give me a break. The sad thing is 99% of the general public will never hear about this until some server glitch causes their system to stop functioning normally and they have to call Microsoft(and how many will have to bungle through M$ofts cludge of a tech support center and pay for support for fixing Msofts problem). Call me skeptical as we know M$oft has a perfect track record of bug free software and nothing like that could ever happen. More to the point is the nerve of them for expecting consumers to put up with them probing our systems.

Re:WAT is Voluntary and Doesn't Impact OS Usage

[Anonymous Coward]

1. I don't volunteer to allow MS to give my computer a rectal exam on any interval, not 90 days, not ever.
1a. How long before it is rolled out as a "critical" security update, or required to install a service pack or some other essential update? You and I and everyone else here know that WAT will be de-facto required at a certain point in time.
2. I (and many others on this site) consider annoying nag messages being shoved into my face repeatedly to be "reduced functionality" as it gets in the way of me using the product.
3. News flash: This WILL NOT stop any serious pirate from using the software without paying for it. All it will do is annoy the hell out of millions of people who have and continue to heap piles of cash upon Microsoft even after being repeatedly insulted.
4. The goal is to make more money for Microsoft at the expense of the time and money of millions of legitimate customers.
5. Privacy policy != source code, privacy policy != protocol, the privacy policy can say whatever the hell MS wants it to say, and the software can do whatever the hell Microsoft wants it to do now, and that behavior can be changed at any time in the future via an insidious update with an official description that is at best ambiguous.
6. That makes me feel all warm and fuzzy inside, even MS isn't stupid enough to piss off their corporate customers but they will happily bend over retail customers, 99.999% of which have no idea that this is going on.

Everything Microsoft does is a little too Orwellian considering their market share for OS and productivity software and their well documented and litigated history of treating their customers like garbage.

It's been phoning home all along.

[thePowerOfGrayskull]

Every time I don't have an Internet connection,win7 informs me within a few minutes that I "may not be running a legitimate copy". The link it provides to "resolve" this is a essentially a "buy win7 now" page. Without fail a few minutes after the Internet connection is restored, the warning goes away and the desktop watermark accusing me of piracy also disappears again.

I'm actually more than a little peeved about being called a thief every time I resume my session from suspend -- during the few seconds it takes to reconnect -- or use my laptop out of range of my wireless. But my point is that if it wasn't phoning home, it wouldn't be telling me this *only* when there was no Internet connection; and it wouldn't stop telling me *only* when my connection was restored.

Of course, no matter how peeved I am - as long as it doesn't get in my way, it's not worth waiting on hold for 20 minutes of my life to get a solution which may or may not resolve it.

Re:New Upgrade Path

[Anonymous Coward]

Maybe hackers should deliberately create such a virus. After enough customers scream and/or switch to different Operating Systems, Microsoft will be forced to drop this idiocy. The hackers want Windows to remain the dominant OS, and dominant pirtated OS, because it is easier to hack. So the sooner the hackers release a virus that causes false positives on a massive scale, the sooner Microsoft will drop this, and the more that people will continue to use Windows instead of switch.

Re:Well that pretty much settles it for me.

[Jaysyn]

I was considering upgrading to Win7 to get DirectX 11 & be able to allocate all of the RAM in Windows. Guess I will just get WinXP 64 Pro instead & do without DirectX 11.

WGA doesn't call home repeatedly which means that MS isn't tracking my hardware changes constantly & isn't giving me multiple tickets to the false positive lottery.

Re:So what do they do

[BronsCon]

The problem is that... well... it doesn't work the way they say it does.

I have a legit copy of Win7 Ultimate, received directly from MS at the Win7 launch event. Installed in October, not genuine on November 1st. Called, got reactivated. Not genuine on December 1st. Called, got reactivated. Not genuine on January 1st. Installed WGA crack. February 11th, still "genuine".

It's been legit all along, and I only had a problem with it until I used the same method used by pirates.

This does NOT affect piracy and it never will. It does, however, ensure that I will be attending every Microsoft OS launch event in order to never give them another red cent, eat their free food, and get my free copy of their shiny new toy.

If I had paid for this, I'd be outraged. Knowing that it WILL happen IF I pay means I'll NEVER pay. Period.

Re:WAT is Voluntary and Doesn't Impact OS Usage

[clone53421]

Voluntary patch

Conveniently not, if they have updates turned on and automatically installed like they’re supposed to.

Yes, Microsoft does decided to notify/annoy you that you're not using genuine software which is a good thing because most people don't know they are.

Bullshit. Most people have a pretty good idea, most of them don’t care, and the ones who really don’t know really don’t care.

The goal is reduce the number of Windows installations using pirated copies many of which include malicious code.

That might be a convenient excuse, but it’s certainly not the goal.

Re:Blimey

[Splintercat]

One of my college professors told me this:
"I left windows years ago, and ever since that day I've just found more reasons not to go back."

I switched to linux a few years back, and I feel much the same. I still boot up into windows just to play some games, but more and more I find myself playing less games and spending less money on them. I know that's not the ideal for some, but I'm pretty happy.

>
Looks like you Mac folks will probably get Starcraft 2, I'm a bit jealous.

Re:Son of WGA

[NeverVotedBush]

Linux is always Genuine. And with the open distros, it doesn't cost a cent. You can put copies of it on as many computers as you want. You have server functionality if you want it - for free.

As Microsoft keeps tightening up on people, I really have to wonder why anyone still puts up with it.

I understand that they are a company, entitled to sell licenses to their stuff, and to enforce those licenses. But this seems to be changing the rules on legitimate users after they already bought the licenses.

Doesn't matter to me. I run XP on a system not on a network and don't need to patch it for anything. Everything else I run is Linux and I haven't booted the XP box in over a year - probably more like two.

I voted with my feet a long time ago.

Re:WAT is Voluntary and Doesn't Impact OS Usage

[Targon]

You have clearly never encountered machines that were illegally upgraded to Windows XP Pro by some "tech" who put it on the computer of his/her customers in an attempt to fix said machines. Here is how it works:

End user never makes a recovery CD/DVD set, and one is never provided with the computer. When Windows get badly corrupted(root kit, nasty piece of malware, etc), and the tech can't fix the problem without doing a clean install, many of these techs will do a clean install from a pirated Windows CD they have with them. Initially, there is no problem until that key gets flagged. The next Windows Update that comes through then sees that the machine is using a bogus key, and starts screaming about the copy being illegal.

Now, the problem is that the key that came with the computer does not work on the version that has been installed, and there is no way to fix the problem with the bogus version. So, end user calls a new tech to deal with the problem. Even if the customer has a valid key, if the OS refuses to accept it because the current install is a Pro or Ultimate version, there is no good solution. The end user never asked for the "upgraded version", but is now stuck with it, and with no way to downgrade.

What I wish Microsoft would do would be to have a downgrade method to go from Ultimate down to Home based on the key, even on a system that is up and running, just to protect end users who get scammed like this.

Re:Son of WGA

[torkus]

Dead on.

Remember Spore? It was released with some of the most restrictive DRM to date. PRIOR to it's release date it was easily found on P2P, cracked, and with literally 10,000+ seeders. This stopped piracy in what way?

Oddly enough the backlash from legal, paid users was so harsh they stepped back from that DRM scheme.

Of all the popular products out there only the PS3 comes to mind as not being fairly quickly cracked (though I read something recently this may have been done). Everything from hardware-interlocks (dongles) of CAD/CAM, device OS restrictions (iphone, droid, etc.), gaming consoles locks (NES to Wii), serial numbers, online registration (windows activation, etc.), DVD/Blu-Ray have all been hacked/cracked.

Funny thing though - Apple is *notorious* about controlling your experience with their hardware and software yet their OS updates have no restrictions, no serial numbers, no registration. It's the honor system that you don't share the DVD with all your friends. Plus there isn't multiple versions of the same OS to worry about *AND* it's cheaper than the least expensive Win7 build. I'm not a applefag but seriously - take a hint MS.

Re:Son of WGA

[kimvette]

I've seen driver upgrades result in a need for re-activation; video drivers, network drivers, and so forth. Microsoft usually isn't that combative when it comes to activation over the phone (unless you're an MSDN subscriber and you answer "do you have this installed on more than one machine" - I hate the wasted time but I love making the phone grunts feel like idiots for not knowing their own licensing rules).

However, who does activation (wasted time, false positives on counterfeits, etc.) hurt? Not the professional pirates. Not the people who (usually knowingly) buy cracked or leaked corporate versions of Windows. It is the legitimate, paying customer. I find the need to have to call Microsoft to activate MSDN licenses to be insulting; I shouldn't have to deal with that shit after a few installs because the license specifically allows 10 concurrent installs per subscriber.

Like the music and movie industries, Microsoft has successfully made the counterfeit product superior to the legitimate one.

What are the alternatives? Run OS X or Linux if those solutions are workable for you.

Re:Son of WGA

[torkus]

They don't even want to force you to report back to them - they want to do the reporting themselves!

I work in an enterprise level environment as well and there's no chance - ZERO - that I'd ever want to allow something that I have no control over sitting out there possibly disabling computers at it's whim. MS can't even guarantee their OS will run correctly, you expect me to believe this enforcement tool will work on top of a bug-prone OS?

MS licensing is a pain and this won't help.

Re:Son of WGA

[kimvette]

Of the years I've been activating (and transferring) licenses of all sorts in the local PC repair business, I've never once had Microsoft refuse to activate a legit license, regardless of the OEM

I have; I have five MSDN subscriptions. One of those subscriptions is mine so I often have a bunch of test and staging workstations (or servers) installed, and to install some of the updates I've had to activate workstations which are going to be wiped after a few days. I always answer honestly when asked "Is this installed on more than one system?" and one asshole on their staff argued that MSDN is no different than any other license. I had to demand to speak to that moron's supervisor and explain that the employee is an idiot and needs to learn their product lines because MSDN explicitly allows for 10 concurrent installations on all of the software (with a couple of exceptions), a couple of items are allowed for production (not Exchange or SQL Server, obviously. I think it was XP and Office), and that I should not have to deal with activation for a suite of products which is intended for use in development and testing environments where the OS is reinstalled regularly, and where imaging may not work due to varying configurations. The manager was apologetic and agreed that I was right about the MSDN licensing, but that doesn't fix things when you have to wait on hold for anywhere from a minute to 20 minutes to speak with a supervisor when the void of a phone grunt doesn't know MSDN subscriptions exist.

You could say to just lie and get off the phone quickly, but I disagree. Honesty is the best policy, and on top of that, supervisors and managers at Microsoft need to be made to feel the users' pain, and hopefully enough irate users will drive the incompetent phone grunts into quitting, resulting in a net gain for Microsoft and end users alike.

Win 7 Validations spoils like forgotten leftovers

[Anonymous Coward]

Windows 7 update to regularly phone home to check for validation spoilage.

Does Microsoft really have a problem with Windows 7 validation some how going bad?

Even though your activated copy of windows 7 was previously valid its validation might somehow spoil.

Windows 7’s validation must be like the leftovers lost in the back of the fridge?

So this update must be to protect you from the dangers of Windows 7 validation spoilage.

Everyone knows that using a computer with a spoiled validation would be like eating tainted leftovers.

VERY BAD for you!

I already see it coming 1 day it will arbitrarily decide that all our Windows 7 systems are suddenly invalid an all the PCs will downgrade.

Just to be safe I am getting some of those green Evert-Fresh vegetable Bags to keep my Windows 7 validations in.

Re:wow

[alexo]

I can't comment on any pending litigation, nor am I an attorney.

Would you mind disclosing what is your role in Microsoft?

As far as the EU anti-trust stuff reading this article:
http://www.internetnews.com/breakingnews/article.php/3853706 [internetnews.com]

I have. Allow me to quote from it:
The decision averted another penalty for Microsoft which has been fined 1.68 billion euros ($2.44 billion) by the European Commission for previous infringements of anti-competition rules (emphasis mine).
I was actually referring to the "previous" fine. Thank you for making my point.

1. i4i is a patent case between two corporations hence it isn't germane to the conversation.

It has something to do with Microsoft's behaviour. To wit:
Appeals court rules Microsoft willfully infringed i4i's patent (emphasis mine).

2. The India case involves 4 alleged pirates I believe.

In most jurisdictions alleged == innocent (until proven guilty). For example, I am alleging that you are molesting kittens. You are alleging that Microsoft is a different company than it was in the 90's. Both allegations have no merit without proof.

Don't know much about it.

Just Google it. Here's one link [indiatimes.com].

3. With regard to German price-fixing, Microsoft has stated that it will comply with the finding and be in full compliance of German law.

... after being convicted and fined for illegal practices.

I am still waiting for examples that substantiate your statement.

Re:Son of WGA

[AK Marc]

Blame Dell - OEM license says they'll handle all tech support queries for the software.

In the OEM error messages, they still say to contact Microsoft. I guess it's my fault for being honest and following directions. I'll make sure not to make that mistake again.