WGA Swings, Misses

Uncategorized
Comments Off on WGA Swings, Misses

Last week Microsoft “Windows Genuine Advantage” was enforced on Windows Update sites and I posted a story about it. Since that post 13% of my traffic was to that story, roughly 20GB of traffic went to the people who showed up looking for the crack. Sad thing is, I never mentioned how you crack WPA, just that it was cracked in less than 24 hours.

Microsoft, shamed by the quick defeat of WGA, proceeded to patch the hole and issue a new mechanism for validating Windows. This step, too, was defeated in less than 24 hours AND it is much easier to do than the original workaround.

The initial WGA process was bypassed by selecting to do an alternate validation process (ie, reject the ActiveX component and download GenuineCheck.exe). Running that binary on an authentic copy of Windows would generate a validation code that you could paste back into the WGA check and validate your copy. Brilliant!

So Microsoft went back to the table and patched the hole. All the crooks that tried to validate the their pirated copy now would get an error. Not 24 hours later, someone found out that running GenuineCheck.exe in a Windows 2000 compatibility mode generates valid keys for Windows XP. In this new scenario you don’t even need a “genuine” copy of Windows to run the GenuineCheck.exe, it can be done on any pirated copy.

Microsoft Missing The Point
Now in my humble opinion, this is another slap in the face and bad showing of Microsoft’s ignorant attitude towards customers. You have to understand your customer. Here is what I mean:

If I purchased Windows XP (OEM, Volume, Business, FPP) and I had to go through constant barrage of activating, validating, checking and proving that I actually purchased the product… I would be extremely upset. I gave you $200 for this piece of software and you continuously ask me to prove that I am not a crook. Guess how anxious I am going to buy Windows Vista when it comes out? Not at all.

On the other hand, you’ve got the crooks, pirates, fraudulent Microsoft Partners, OEM’s and other unaffiliated.. well, criminals for the lack of a better word that will bypass every authentication/validation method you come up with. They have knowingly stolen a copy of Windows and they have no intention of ever purchasing Windows. If you deactivate their copy, they will reinstall and know not to update it. Think you can find a better way to lock down the OS? You can’t. Look at Xbox. I remember back in 1994 when a copy of Autocad came out requiring Sentinel (serial device that included the key) to be plugged in or the system would not work. Cracked.

My point is, Microsoft should be PROSECUTING criminals, and believe me, they know who they are. I know who they are: I get an email from Vanessa J. Smith almost five times a day telling me about affordable office software. You mean Microsoft lawyers can’t find her? Let me help. If you have never received that email, you do not own an email account. I am on a number of mailing lists that Microsoft employees usually post on — and Yahoo tags the advertising right underneath their signature: Get cheap Windows, OEM SBS 2003, Affordable Office. But no, Microsoft needs YOUR help in figuring out who is a criminal. ;(

Instead, Microsoft wastes time and money to eliminate the low percentage of people that have no intention of going legit.. at the cost of the genuine users of Windows who purchased their copy and have to constantly prove that they are not crooks. So whats going on here? Criminals are allowed to run around and sell XP for $50 but legitimate users of Windows are forced to activate, validate, authenticate…

This is not a good way to build loyalty for your software.