WGA Problems - Yet again

[Dv8ted2]

Another WGA failure
Posted by Ed Bott @ 7:34 am
Digg This!

I just experienced a Windows Genuine Advantage failure. Only it’s not a false positive, like the horror stories I’ve been hearing for nearly two months now. No, this one was a false negative. The whole story says a lot about how Microsoft is approaching the WGA issue.

A few weeks ago, I spoke to some of the folks on the WGA team and asked them to send me a pirated version of Windows XP. I'm reluctantly running a pirated version of Windows and can't get caught no matter how hard I try. According to Microsoft, 80 percent of the 60 million people who have been nabbed by the WGA validation tool are running versions of Windows with stolen or pirated volume license keys. These versions of Windows are supposed to be available only to corporate customers and only as upgrades. Unlike retail versions, they don’t require activation, which makes them an ideal target of pirates and bootleggers.

According to Microsoft, many of the people who end up with these “non-genuine” copies of Windows are themselves victims. The unauthorized OS might have been installed by a repair shop, or they might have purchased what they thought was a legitimate copy of Windows from an unscrupulous reseller. I wanted to install a pirated copy so I could experience exactly what these customers go through and report the results to you. I still can’t quite believe how difficult it’s been. Here’s the story so far.

On July 18, Microsoft's WGA team promised to send me a disk with a product key from their blocked list. It was supposed to arrive via overnight service, but it was never sent. After several follow-up messages, I was assured on July 26 I would have something by the end of that week. The package finally arrived the next week, on August 1. It contained a CD-R with a handwritten label that read “Windows XP SP2 – VLK,” and a 25-character product key on a small slip of paper.

Over the weekend, I hoisted the Jolly Roger, cleared a partition on a test machine, slid the CD into the drive, and prepared to join the ranks of Windows pirates. Unfortunately, the product key that Microsoft had sent me didn’t work. Instead of a smooth installation, I got an error message: "The Product ID which you entered is invalid. Please try again." I fired off a request for assistance to my contacts at Microsoft. Nearly 72 hours later, I still haven’t received a response other than a note that confirms my message was forwarded to the correct person.

No problem, I thought. I’ll just do what any red-blooded pirate would do and Google for a working product key. It took me about 15 minutes to find a web page containing five volume license keys that had reportedly been posted on September 9 2004. Surely if I can find a leaked VL key on a search engine, Microsoft can too, right? If these keys have been floating around the Internet for two years, surely they’ve been tagged as stolen by Microsoft, and I’ll get a WGA failure that I can show the world.

I restarted the installation using the VL media Microsoft had supplied me and entered one of the bootleg keys I found. It worked. After installation completed, I set up an Internet connection and downloaded a slew of updates, including the WGA Validation tool and the WGA Notifications utility. I then restarted, fully expecting to see a series of stern messages telling me I’d been busted.

Only that’s not how it worked out.

My bootleg key worked perfectly. I went back to Windows Update and downloaded a series of Optional Updates and drivers that are only available to Genuine Windows users. I went over to the Internet Explorer homepage and downloaded the latest beta of IE7, passing a validation test twice – once on the download and again on the installation. And five minutes ago I went over to the Windows Defender page – this is another free utility that’s only available to Genuine Windows users – and the validation check waved me right through.

That’s where I stand right now. The folks who are running the WGA program are having troubles getting the little stuff right, like putting a CD in the mail and proofreading the product key they sent with it. They haven’t managed to identify a stolen product key that’s been floating around the Internet for nearly two years. I'm reluctantly running a pirated version of Windows and can't get caught no matter how hard I try.

But these same people want us to believe that the WGA software they’ve developed is nearly foolproof. They claim that all but “a fraction of a percent” of those 60 million people who’ve been denied access to Microsoft updates and downloads are guilty, guilty, guilty.

Right.

source



This sums it up.

[teegee420]

I expected a decidedly different story. Glad I was wrong.

[ROF]

Can you say liar?

No company is going to be giving away pirated copies of their software especially to a nobody.

[ROF]

A nobody who just last week posted about Microsoft putting out a kill switch via the WGA which again proved to be totally false. Where were his WGA contacts before he did that disingenious stunt? Without Siechert and/or Woody Leonhard his books read like the same half truths he spreads in his blogs.

[Dv8ted2]

A nobody who just last week posted about Microsoft putting out a kill switch via the WGA which again proved to be totally false. Where were his WGA contacts before he did that disingenious stunt? Without Siechert and/or Woody Leonhard his books read like the same half truths he spreads in his blogs.

You obviously do not read computer magazines. This is a writer for ZDnet. If he told Microsoft that it is for research, then he could get anything he wanted.

[ROF]

A nobody who just last week posted about Microsoft putting out a kill switch via the WGA which again proved to be totally false. Where were his WGA contacts before he did that disingenious stunt? Without Siechert and/or Woody Leonhard his books read like the same half truths he spreads in his blogs.

You obviously do not read computer magazines. This is a writer for ZDnet. If he told Microsoft that it is for research, then he could get anything he wanted.

Even in violating the law? Last time I checked Microsoft is in Redmond Washington State which is a part of the United States and traffiking in stolen property is illegal in the United States. Read his blogs sometime at ZDnet, like quite a few of their writers he creatively spices up false information to make it sound almost believable like a previous blog he posted and a thread on the subject which appeared here claiming that Microsoft was going to use the WGA as a kill switch this fall. Does he not check with his "reliable sources" on the WGA team before reporting false information? Ever read his books? I mean his and not those he has written with others? I have seen better more truthful compositions from 6th graders.

[Dv8ted2]

Everyone is entitled to their opinion. I was just pointing out that this software is not perfect. No software is perfect, even though Msoft is acting as though this software is the greatest thing since sliced bread.

[ROF]

Where did Microsoft ever say that? I think you are putting words into peoples mouth or maybe have ZDNet syndrome.

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

[Dv8ted2]

Where did Microsoft ever say that? I think you are putting words into peoples mouth or maybe have ZDNet syndrome.

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

They already have two class action lawsuits.

Here is more info

Ramon | July 31st, 2006 at 5:17 pm

First of all let me state that I am not a Linux zealot, Mac evangelist or a criminal as defined in Vlad’s post. I have been a long time Microsoft partner at a high level and have been among their biggest supporters through the recent trials and tribulations on security, patching, Software Assurance and more. Microsoft abused my trust, cost my company a $150,000 account (annually) and cost me an employee over the last month. If you are interested please read on.

Regardless of what Microsoft says WGA is a beta product at best. We have never sold or underlicensed a customer in the entire history of my company and we never will. We exclusively provide workstation hardware and licensing through HP and are their partner as well. We manage all patching through WSUS. So far so good.

One of my biggest accounts recently wanted to come aboard as a fully managed account. We have been in negotiations and planning for well over four months as we consolidate all of their sites under management. Then something interesting happened - Microsoft delivered WGA through WSUS. Alerts started popping up on desktops and laptops randomly. Perhaps in an unfortunate random way they happened at the very senior management levels. Long story short, over the few days the bug caught up with everyone that was rebooting. 100% genuine HP systems running Windows XP Pro SP2 from the factory started randomly warning users and ceasing to work. Four of my techs spent night and day with the client to bring them to order.

By the time this was all said and done one of the senior principals accused and berated one of my techs. He quit later that day. They at that point accused us of providing them pirated software and were considering a lawsuit against both my company and HP. The only thing that saved us were the horror stories of others on the Internet and reports of WGA’s beta status.

During this entire ordeal I got no assistance from Microsoft. PRD said everything was OK, directed me to the Piracy hotline and told me to check with PSS. PSS was of no help whatsoever. My PAM was out of town at a conference and never returned my call. I had nobody that I could turn to at Microsoft as a partner to bail me out. I lost my employee, I lost a huge contract and I lost face with the client because of my faith in Microsoft as a company. Microsoft abused my trust and left me standing by myself reponsible for their mistakes.

So you will pardon me Vlad if I don’t stand in line with your MVP pal that only seems to rant about patching and security while us in the real world have to put up with clients, personalities and busineses that do not care about how computers “work” I am really upset that she would have the nerve to say that we need to report and test and give feedback. Microsoft didn’t give XP away nor did we ask to be placed on a beta program where we would provide feedback. Microsoft did not allow us to choose whether or not this customer would be willing to test a beta program. They just rolled out what according to many reports is nothing more than spyware. And you want my time, my effort and my feedback on how to make that process better? There is no profanity suitable enough to express how deeply I disagree with Microsoft and Susan.

If Microsoft is a company that believes it has a future selling software then it needs to learn to be responsible for the quality of their product and test things better before publishing it through the mainstream patching process. We have been a Microsoft partner for over eight years and never had a reason to look elsewhere. Microsoft betrayed our trust and made us look like criminals in front of one of our largest clients. They will not earn that trust back and we will actively seek and promote alternative solutions.

Thank you.
Ramon

http://forums.microsoft.com/Genuine/ShowPost.aspx?PostID=598395&SiteID=25

[Treebeard]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

[ROF]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

Interesting concept, but most definitely not true.

[Dv8ted2]

Where did Microsoft ever say that?

Read that link I provided earlier. They act like it is perfect.

[ROF]

Steve Jobs acts like every Macintosh is the second coming too.

That's the nature of business.

[Dv8ted2]

Steve Jobs acts like every Macintosh is the second coming too.

That's the nature of business.

You lost me. I was talking about buggy beta software, which Microsoft is acting like it is perfect.

You are bringing up expensive proprietary hardware that has only like 5% of the market.

[ROF]

OK. Fair enough. Every game company believes their game is vastly superior to anything else on the market. Every Anti-Virus company believes their software can perfectly protect you. Every application software company claims to make your life more simple with their perfect software.

. . or maybe Steve Jobs claims that every MAC OS is the perfect match for everyone.

See a trend? Again, Why shouldnt Microsoft feel the same way?

[dphirschler]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

Interesting concept, but most definitely not true.

What the hell? Microsoft certainly can do with their product as they feel. If they want to give it away on CDR, then it is their free will to do so.


Darryl

[Dv8ted2]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

Interesting concept, but most definitely not true.

What the hell? Microsoft certainly can do with their product as they feel. If they want to give it away on CDR, then it is their free will to do so.


Darryl

This concept threw me as well.

[ROF]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

Interesting concept, but most definitely not true.

What the hell? Microsoft certainly can do with their product as they feel. If they want to give it away on CDR, then it is their free will to do so.


Darryl

Correct, but they can not violate the law by doing so. It is a violation of the law to traffic in stolen software. Does Sony have the right install Root kits on your system? They own the Root kit, they own the contents. They can do as they feel correct?

[Dv8ted2]

In any case, the above quoted article is surely false from beginning to end otherwise Microsoft could be opening themselves up for lawsuits for trafficking in pirated(stolen) software.

If microsoft is the Owner of the Intillectual Property then they can do with it as they see fit. they wont get sued for trafficking stolen Windows OS's when its them that own it.

Interesting concept, but most definitely not true.

What the hell? Microsoft certainly can do with their product as they feel. If they want to give it away on CDR, then it is their free will to do so.


Darryl

Correct, but they can not violate the law by doing so. It is a violation of the law to traffic in stolen software.

If the company provided the software that they made, it would not be stolen.

[ROF]

Not if it violates the law by doing so. Can the owner of Smith & Wesson kill anyone he chooses? He owns the gun, he owns the patents, he owns the manufacturing companies.

[Dv8ted2]

Not if it violates the law by doing so. Can the owner of Smith & Wesson kill anyone he chooses? He owns the gun, he owns the patents, he owns the manufacturing companies.

That is a rather extreme comparison. The company makes the decision whether something is warez. This is not even remotely close to killing someone.

[ROF]

Again, true about the example being extreme but trafficking in Warez software is illegal.

You must also remember who wrote the article. It's from the same bozo who just recently claimed that Microsoft was going to use WGA as a kill switch. Where were his contacts on the WGA team before he published that other false article? The guy is a conspiracy theorist. ZDNet is chock full of those. I've found more truths being published in grocery store scandal magazines.

[painkiller]

If everyone wants to know what M$ really has planned for WG ... read on ....
=================================================

News: Microsoft to Tighten the Genuine Advantage Screws

In a further expansion of its anti-piracy program, Microsoft is building more "Genuine" checks directly into Windows Vista and expanding the program to target not only consumers, but also PC makers and system builders.

http://ct.enews.eweek.com/rd/cts?d=186-4191-2-79-186020-488685-0-0-0-1

[adam]

ROF you are being silly. The crime of murder has nothing to do with ownership of the weapon. The crime/infringement of theft/piracy has everything to do with ownership. The one negating factor of every infringement/crime under US copyright law is permission from the copyright holder. If the owner of the copyrighted work authorizes it than its ok.

With that said, I don't really understand what this Ed Bott guy is complaining about. He asked for a blacklisted product ID code and it seems that's exactly what he got. He doesn't specify to us why this product ID should be good enough to get through installation, but bad enough to get caught by WGA (what he wanted) so there's no way to know that he specified this to MS when requesting this software/ID. So all we know about it is that an invalid ID was detected by the first level of protection...installation. That's how its supposed to work.

As for a pirated ID on the internet working flawlessly, oh well. I don't think people care that much about undetected positives. That only hurts MS. False positives are what raise flags. Those of course exist too but not in this Bott guy's little sciene project.

[ROF]

That's all old news.

Those features and software most of which I would not install or if I did I would not use (Windows Media Player, Windows Defender, Internet Explorer, etc.). Microsoft will have to do much better than that. Most customers including this genuine user has no plans to use any of this software. I will getting Vista simply because it is a true upgrade and will help enhance my 64bit computing environment. Security is handled by third party software, media playing is handled by third party software, and I think the last time I used Microsofts browser was version 1.0 back when it was installed from a 3.5 floppy.

[ROF]

ROF you are being silly. The crime of murder has nothing to do with ownership of the weapon. The crime/infringement of theft/piracy has everything to do with ownership. The one negating factor of every infringement/crime under US copyright law is permission from the copyright holder. If the owner of the copyrighted work authorizes it than its ok.

The software, Yes. But not a warez key. Of course in the liars article he ingeniously disguises this by saying he had to go elsewhere to get the key which in my opinion kind of invalidates his test. Is he 100% sure this key is reported as stolen by Microsoft? He does not tell us this either. As I have said, his articles and his books are full of such inconsistencies and outright conspiracies that he probably believes the X-Files is an autobiography.

[adam]

The keys are part of the software itself. MS is free to give him a blacklisted one if they want. He didn't have permission to go get his own blacklisted key elsewhere. He is indeed legally in the wrong in that regard. But there is just no way MS can infringe on its own copyrights.

I don't find this guy remotely pursuasive either, but then again blog postings should always be read with scrutiny and taken with a grain of salt.

[ROF]

I don't find this guy remotely pursuasive either, but then again blog postings should always be read with scrutiny and taken with a grain of salt.

Blog quoting too . .

[ROF]

The keys are part of the software itself. MS is free to give him a blacklisted one if they want. He didn't have permission to go get his own blacklisted key elsewhere. He is indeed legally in the wrong in that regard. But there is just no way MS can infringe on its own copyrights.

Then what makes the installation of a rootkit illegal? I understand if the rootkit itself violates the law then this is different, but if some corporation wants to install a rootkit that traces any content from their company being used on your machine it is ok? The company owns the media being reported and owns the rootkit software. This is what makes no sense to me. I admit it is kind of irrelevant given the bloggers horrible reputation but . . .

[Dv8ted2]

The keys are part of the software itself. MS is free to give him a blacklisted one if they want. He didn't have permission to go get his own blacklisted key elsewhere. He is indeed legally in the wrong in that regard. But there is just no way MS can infringe on its own copyrights.

Then what makes the installation of a rootkit illegal? I understand if the rootkit itself violates the law then this is different, but if some corporation wants to install a rootkit that traces any content from their company being used on your machine it is ok? The company owns the media being reported and owns the rootkit software. This is what makes no sense to me. I admit it is kind of irrelevant given the bloggers horrible reputation but . . .

The difference is, that it still comes down to it not being their computer. They are installing stealth programs without the computer owners knowledge. Not only is this illegal, but it is a security threat.