Posted on 05/04/2006 10:36:48 AM PDT by ShadowAce
Some system administrators are finding that Microsoft's new anti-piracy software is incorrectly labeling PCs used in public places, such as university computer labs, as counterfeits, and that the solution sidestep a basic security practice for out-in-the-open machines, according to a newsgroup discussion of the issue.
After Microsoft unveiled its Windows Genuine Advantage Notifications tool last week, a university system administrator -- who preferred to remain anonymous but took the name "GodOfLions" on the Microsoft "WGA Validation Problems" newsgroup -- said that lab PCs came back as running fake copies.
"I work at a University where we have a bunch of Windows XP SP2 machines setup in lab areas," said GodOfLions in a message on the newsgroup. "In these areas students are allowed to log on to the systems, but their accounts are restricted to what they can do. The problem with the WGA installation is that it works perfectly fine as long as you are using an account with administrative rights on the system. As soon as one of the students, or other non-administrative level account, logs on to the system it screams that it is not a valid copy of windows and it is counterfeit."
A Microsoft staffer monitoring the newsgroup intervened, eventually diagnosed the problem, and offered a fix: give everyone, including the student systems running under rights-restrictive accounts, write access to a file called "data.dat."
"Validation tool writes data to data.dat file during validation process," wrote a Microsoft staffer identified as "Satish." So 'User account' needs to have Write access to file."
The system administrator eventually gave in to Microsoft's solution, but blasted it as violating the security concept behind limited-rights accounts.
"It does not make sense to have to reduce security in order to validate the system," wrote GodOfLions. "Yes it is only allowing write to one file, but still that is another small area you can have users or viruses now write to on a system that it didn't have before."
He also pointed out that the Microsoft tech support document outlining the rights needed by data.dat were still incorrect, and needed to be updated. As of Wednesday, the document had not been modified.
"Our lead architect has been informed and we are noting the changes necessary," was the response from Philip Liu, another Microsoft staffer. "I apologize sincerely upon the WGA team for causing this inconvenience for you," wrote Liu.
And are you even capable of reading?
Why is it OK for Microsoft to punish legal users as if they were pirates? Can you explain that for me?
Why should someone who legally purchased the software have to call the vendor OR go to a hacker site, or anything else for that matter?
"There's no easy way to know what that .exe file does for sure. "
So, let's give everyone write access to it! Yay!
Yeah, just last week, I talked to a guy on here who was discouraged at his recent attempts at Linux. Me and some of the others talked the guy through it, complete with GE whining like a spoiled child in the background. I think the guy himself even addressed a post to GE questioning his fractured thinking.
In the end, the guy got a Mandriva install up and running. Hilarious.
http://www.freerepublic.com/focus/f-chat/1626749/posts?page=66#66
FLAMING DEATH LOL. I doubt you could rub two sticks together and make a flame.
Yeah. Cute.
Care to answer my question? Why is it OK for Microsoft to punish legal users as if they were pirates?
LOL so you have one possible convert whose so far already had to dedicate years of his life. Ask him if he's given up Windows yet LMAO.
As if giving up Windows were my goal.
Still have dual-boots on 2 of the 3 computers at my house.
Mostly, I just use Windows to play games though.
Notice you still haven't answered my question.
Is that because there is no good answer? Thought so.
It all depends on a case-by-case trust basis. Do I trust such a tool that has been used by many and well-reviewed? Sure, I'd use it if I needed it.
OTOH, do I trust a Microsoft update not to break many of my installed applications or secretly open my computer to hackers? Not really, since they've done both. XP SP2 broke many apps, and where I used to work we had to test every Microsoft update in a lab before we allowed it to be installed in general, because we caught some updates turning on services that we'd turned off for security reasons. Auto Update is not trusted there.
Of course GE can't answer it, because trying to twist it is too hard for even him.
In Microsoft's BSA world, users are guilty until proven innocent. Buy twenty desk lamps for your users from Office Depot and misplace the receipts, and nobody cares. Buy twenty copies of MS Office for your users and misplace the receipts, and the BSA will make you pay for them again.
With proprietary software, licensing control is a real cost of business, and mistakes in licensing control are a real business risk, but Microsoft never mentions it of course. I doubt many IT department risk assessments include BSA raids as a risk and potential cost (including the personnel cost of complying with a raid even if all your licensing is in order). Here we pay a couple of full-time salaries just to track proprietary software licenses.
On that note, check out the latest strong-arming by Microsoft using the scare of violating proprietary licenses to sell software. This guy was smart and prepared for a possible audit (using up his precious time as a business man) so he could call her bluff, and he's plain lucky she didn't just sic the BSA on his company out of spite, which would have invaded his company's records and cost them even more money.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.