User pressure spurs Microsoft to dial back WGA

The updated anti-piracy software doesn't phone home as often

Responding to pressure from irked Windows users, Microsoft Corp. today released an updated version of its antipiracy program that changes the frequency with which the program checks for pirated or counterfeit copies of its client operating system.

A new version of Microsoft's Windows Genuine Advantage (WGA) Notifications program available now no longer checks a server-side configuration of a user's version of Windows every time the user logs on to see if it is a valid copy of Windows. Instead, it periodically checks to see if the user's copy is genuine.

"Our customers have told us that they were disappointed with their WGA Notifications experience, and we have made an effort to improve that with this update," the company said in an e-mailed statement through its public relations firm, Waggener Edstrom Inc.

Tuesday also marks the end of the pilot phase of WGA Notifications, which means eventually the program will run on all versions of Windows XP worldwide that use Microsoft's Automatic Updates system. The program is currently in a phased rollout, beginning with all English, Spanish, Brazilian Portuguese, French, German, Italian and Dutch versions of Windows XP. Microsoft will soon offer these users the updated WGA Notifications through Automatic Updates.

Microsoft has mounted an aggressive program to eliminate counterfeit and pirated versions of Windows, and WGA is a part of that. The program was first distributed not as an automatic update, but to users of Microsoft's download services who wanted to install add-on software, excluding security releases, for Windows.

Microsoft later updated it with the WGA Notifications program, distributed as part of Microsoft's Automatic Updates, which reminds users their copy of Windows is not genuine and informs them of what Microsoft calls the "benefits" of using authentic Windows software.

Users can opt out of WGA Notifications, but not the WGA program in general if they want to use Microsoft's download services. With the new release of WGA Notifications, Microsoft is including instructions for removing an older version of the program from a PC as Knowledge Base article No. 921914 on, the company said.

Since WGA's release last year, users have complained of bugs in the program that identified legitimate copies of Windows as counterfeit. A privacy advocate also accused the WGA Notifications of acting like spyware, since it sends information about a user's PC back to Microsoft automatically without letting the user know exactly what information is being sent.

Upgrading the program so it does not contact Microsoft every time a user logs in should help remedy the latter issue. The new version of WGA Notifications also includes a more comprehensive End User License Agreement that clearly explains the purpose of the software and details about the program, Microsoft said.

One Windows user said he has installed the new version of WGA Notifications with no problem. Steve Smith, owner of PC Manager, an independent PC reseller in Newport Beach, California, said the change to the program makes it easier for resellers to work with new clients who may have some illegal copies of Windows running internally but worry that trying to fix the problem could cripple them temporarily.

The new WGA policy allows "customers to get their software licenses in order and not run the risk of being shut down immediately," Smith said.

Paul DeGroot, an analyst with Directions on Microsoft, said for most consumers using legal copies of Windows XP, WGA probably "wasn't much of an issue."

The bigger problem is one of perception, especially after the spyware accusation, he said. "For WGA to phone home everyday was causing problems for some people," DeGroot said. "Microsoft may have blown a lot of credibility here."

Rather than attack the problem of pirated consumer copies of Windows, Microsoft with WGA is targeting volume licenses of Windows purchased by corporations that have been leaked out to non-legal users, he said.

With copies of Windows purchased in retail stores or pre-installed on consumer PCs, each Windows CD is accompanied by an individual activation key. Through the Internet, Microsoft can track how many PCs have been installed using that particular key.

But when corporations buy volume licenses, they receive a single key that's used to install Windows on hundreds or thousands of machines.

"Because volume keys are still just strings of characters in plain-text that lots of people in any large organization have access to, it's relatively easy for them to leak out," DeGroot said. "To be blunt, they were an accident waiting to happen."

With WGA, Microsoft can detect whether a volume license key for Windows is being used by a non-licensed user.

DeGroot has not heard of Microsoft fining or penalizing corporations that lose keys. But with Microsoft deactivating pirated volume license keys, companies might have to reinstall new ones on all of their computers. That can either be done remotely through an intranet, or manually by IT staffers visiting each individual PC. Depending on how involved that process becomes, it could mean up to $25 per PC in staff costs, DeGroot said.

"It's a real pain in the butt," he said.

Microsoft is working to make the problem moot, DeGroot said. The Windows Vista client operating system and Longhorn Server OS will have volume license keys encrypted and stored on a server.

"They'll never be sent over a network in plain text," he said. "They will be a lot safer."

Copyright © 2006 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon