Posted on 05/04/2006 10:36:48 AM PDT by ShadowAce
Some system administrators are finding that Microsoft's new anti-piracy software is incorrectly labeling PCs used in public places, such as university computer labs, as counterfeits, and that the solution sidestep a basic security practice for out-in-the-open machines, according to a newsgroup discussion of the issue.
After Microsoft unveiled its Windows Genuine Advantage Notifications tool last week, a university system administrator -- who preferred to remain anonymous but took the name "GodOfLions" on the Microsoft "WGA Validation Problems" newsgroup -- said that lab PCs came back as running fake copies.
"I work at a University where we have a bunch of Windows XP SP2 machines setup in lab areas," said GodOfLions in a message on the newsgroup. "In these areas students are allowed to log on to the systems, but their accounts are restricted to what they can do. The problem with the WGA installation is that it works perfectly fine as long as you are using an account with administrative rights on the system. As soon as one of the students, or other non-administrative level account, logs on to the system it screams that it is not a valid copy of windows and it is counterfeit."
A Microsoft staffer monitoring the newsgroup intervened, eventually diagnosed the problem, and offered a fix: give everyone, including the student systems running under rights-restrictive accounts, write access to a file called "data.dat."
"Validation tool writes data to data.dat file during validation process," wrote a Microsoft staffer identified as "Satish." So 'User account' needs to have Write access to file."
The system administrator eventually gave in to Microsoft's solution, but blasted it as violating the security concept behind limited-rights accounts.
"It does not make sense to have to reduce security in order to validate the system," wrote GodOfLions. "Yes it is only allowing write to one file, but still that is another small area you can have users or viruses now write to on a system that it didn't have before."
He also pointed out that the Microsoft tech support document outlining the rights needed by data.dat were still incorrect, and needed to be updated. As of Wednesday, the document had not been modified.
"Our lead architect has been informed and we are noting the changes necessary," was the response from Philip Liu, another Microsoft staffer. "I apologize sincerely upon the WGA team for causing this inconvenience for you," wrote Liu.
All your DATA.DAT are belong to us.
I apologize sincerely upon the WGA team
All your DATA.DAT are belong to us.
Just a question. What are people with limited rights doing installing system or software updates?
They're not. The sysadmin installed the tool, and now whenever another limited user logs in, the tool pops up and claims the copy of Windows isn't legit.
It pops up everytime Windows starts up or a user logs in.
A big steaming heap of apology upon the WGA team.
They don't have to to get this to happen.
If the *administrator* installs it, it works fine - for the admin. But when a non-admin logs in, Windows screams its bloody head off about being a pirated version unless the admin deliberately opens this hole.
Complete screw up.
It does in Redmond. LOL
Bill Gates wishes he wasn't so rich
cnn ^ | 5-4-6
Posted on 05/04/2006 12:40:32 PM CDT by LouAvul
Well I'm at home and now I can't get updates on my computer. Says I'm not legit and can't disable it under manage add-ons.
The sad thing about this is that because so much of the Microsoft apps and os are intertwined, it is hard to ever get to that place where you feel your system is reasonably secure. IMHO, much harder than it is in linux anyway (and yes, I know linux has issues as well). To have something like this dumped on the user base, when you already have 90+% of the market is irresponsible. I would much rather they focus on something else, like SECURITY!
I just found this:
The Automatic Updates feature is NOT affected by the WGA validation check. Therefore, you can use the Automatic Updates feature to make sure that you receive critical Windows updates.
So if you just need to be protected use the Automatic Updates feature
http://home19.inet.tele.dk/jys05000/use-automatic-updates-to-get-updates.htm
And many of the default settings leave the user as open to viruses as a participant in a San Francisco bareback bathhouse orgy.
A "bareback bathhouse orgy"...lol I gotta remember that one! I do think that on the server side w2k03 was a big step in the right direction...not so sure about XP though.
Thanks for that delightful picture /s
This is a prime example of why many OS war threads get derailed.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.