Posted on 06/14/2006 6:50:44 PM PDT by Swordmaker
Digg This!
When you’re the Evil Empire, it’s only natural to get a bad rap for everything you do. Microsoft gets bad-mouthed a hundred times a week for things that would be perfectly acceptable coming from anyone else. Given that level of criticism, it’s easy to ignore the times when they’re just completely, egregiously wrong.
The uproar over Microsoft’s new Windows Genuine Advantage authentication software, which is now being pushed onto Windows users’ machines via Windows Update, is one of those occasions. Someone at Microsoft just pushed the Stupid button. And things aren’t going to get better until they stop pushing it.
In a nutshell, here’s what’s happening. Two months ago, Microsoft released an update to its Windows Genuine Advantage authentication system via Windows Update. The WGA code checks your system to see if it’s been properly activated. If the activation is messed up – as it would be if you were using a pirated copy of Windows – you see a message telling you your copy of Windows is “not genuine” and your access to some Microsoft resources is cut off. WGA was originally intended to be part of Microsoft’s carrot-and-stick strategy for reducing piracy. Lawsuits against software pirates are the stick; WGA is the carrot. In theory, after you run the WGA code and prove that your copy of Windows is legit, you get access to cool downloads that aren’t available to Windows users who haven't jumped through the WGA hoop.
Fellow ZDNet blogger David Berlind has done an excellent job of unpacking the spin from Microsoft’s multiple statements about this situation. For details, see Does Microsoft's new WGA disclosure fall short? and With WGA, is Microsoft forcing Windows users to install and test pre-release software? Read both those posts and follow the links for the full details of this story.
I’m not all that concerned with the hysteria over the revelation that this app “phones home” to Microsoft. These days, I fully expect that any program I install will have a mechanism for updating itself or accessing help content online. As long as those mechanisms for online access are disclosed during installation and the actual update process isn’t malicious, careless, or deceptive, I have no problem.
No, the problem with Microsoft’s whole WGA program boils down to a simple rule: Do not mess with security. This episode violates that rule in three incredibly stupid ways.
Stupid mistake #1: This update should never have been included with Critical Updates. The Automatic Updates mechanism in Windows XP (and in the upcoming Windows Vista) is supposed to be a delivery vehicle for Critical Updates that fix security flaws in Windows. (From the Microsoft Update FAQ: “Automatic Updates is the easiest, most reliable way to help protect your computer from the latest Internet threats by delivering security updates right to your computer automatically.” [emphasis added]) There is no way, short of the most outrageous spin, that the WGA update can be considered a security update. By delivering a non-security-related update through this mechanism, Microsoft is breaking that promise.
Stupid mistake #2: The new WGA tool is wrong too often. If you’re going to punish your users, you had better be 100% right about identifying the offenders. Sadly, the new WGA code doesn’t come close to reaching this level of performance. A commenter on my blog reports that he’s now getting incessant notifications that his copy of Windows is not genuine. A close business associate of mine reports the same problem. What do they have in common? Both are using notebooks that had to be returned to their manufacturer for service. The repaired notebooks fail the validation process. A quick scan of recent posts at Microsoft’s WGA forum suggets this problem is unfortunately common.
Stupid mistake #3: The user is left high and dry. If you get a notification that WGA failed, what are you supposed to do? I haven’t seen the failure message myself, but my correspondents tell me it doesn’t offer any helpful steps for resolution. Neither does the Genuine Microsoft Software FAQ, which says:
What if my copy of Windows or Office fails the validation process?
See your reseller and ask for genuine Microsoft software, using the report provided during the validation session for support. The report explains why your system was unable to validate and provides instructions for further follow-up.
Oh, great. Have you ever phoned Dell’s support line? The apparently defective WGA tool is about to plunge an unknown number of users into a support nightmare for no good reason.
So what should Microsoft do now? Simple:
They should send a new update that disables and/or removes the WGA tool immediately, until it’s fixed.
They should set up a toll-free hotline that any Windows user can call if they’re experiencing problems with Windows Genuine Activation. (Microsoft already offers toll-free support for anyone who suspects they may be infected with a virus or a worm, so this doesn’t require a new infrastructure.) The agents on this line should have the authority to help a user override WGA problems.
They should apologize, publicly and profusely, for mixing an anti-piracy tool in with security updates and take steps to make sure that it never happens again.
And they should find whoever pushed the Stupid button in this case and put them on telephone support duty for the next six months. That might be an appropriate punishment.
Why should they send updates to people that didn't pay for the product?
I didn't have a bit of trouble with it. :~D
I've been getting alerts from Zonealarm but I've been turning it down because I don't want to deal with it.
MS is teh sux0r
WTF, might as well kick it off early.. ;-)
/suse user
//stalking
///stalking
////stalking
Oh, yeah, I use Linux...and a Mac.
Although I will admit that the Vista team at Microsoft has done an exceptional job a skinning OS X Tiger. The resemblence of the MSFT Sidebar feature to Tiger's widgets is really quite remarkable. It's almost as if the Vista team bought a copy of Tiger a year and a half ago and spent time with a some kick-ass vector graphics programs (probably Illustrator...on a Mac) to produce all of that those Sidebar gadgets.
It's weird, stories like this just remind me of how much Microsoft completely believes their hype. If they would actually focus their resources and talents on building non-bloated, secure, and tight stuff, it would be amazing what they could produce. But, um, I'm not going to hold my breath.
This whole thing stinks.
I hate Microsoft!
I think it's the people who did pay for the product that are upset.
If they did pay for it... Somehow I think MS is the only company people will steal from and still complain.
Well, your right. If they didn't pay for it they have no cause for complaint. OTOH, if they did pay for it, they do.
O.K.
I just turned on my computer and was notified that I had eitht or nine critical updates PLUS the new WGA. I checked "Install" on all but WGA.
Does anyone know what the consequences of NOT installing the updated WGA are?
It shows up as an update in the tool bar. One gets about two weeks to install it then if it hasn't been installed because one objects it just installs itself anyway. I have been fighting with the WGA thing for a couple of weeks. Turned on my box yesterday and it installed itself before I could stop it.
WAHHH! go buy the operating system and quit stealing it, MS has been nice and allowed you to "borrow" it for so long.
do a file search of your puter for wga or wganotify
so true! LOL!
do a file search of your puter for wga or wganotify
Dang, found it installed on my system. What to do now?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.