C
Chad Harris
From Red Orbit, and the Seattle Times: At the Microsoft Annual Share
Holder's Meeting November 14, 2006 the Zune launch Vista, and the new Kill
Switch that will have the same liabilities as WGA falsely IDing legitimate
copies of Windows and jamming them up, and MSFT's controversial tilts under
the covers with spyware won't be the only topics up for discussion.
Oprressive policies from the Chinese governemnt escalate as increasing
numbers of human rights' advocates are jailed and tortured in China under
the iron fist of Bill Gates' dinner partner, President Hu Jintaio as a $1.5
billion deal with China was consummated over Washington State apples:
Bill Gates Dinner with Hu Jintaio
http://www.cio.com/blog_view.html?CID=20367
October 4, 2006 For Vista, WGA gets Tougher
http://blogs.zdnet.com/Bott/?p=148
Microsoft Kill Switch in Windows Vista and threat to disable Windows (the
so-called Microsoft Software Protection Platform)
http://blogs.zdnet.com/Bott/?p=84
Microsoft’s Software Protection Platform: Protecting Software and Customers
from Counterfeiters
http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspx
Ed Bott Blog Readers Burned by WGA
http://www.edbott.com/weblog/?p=1370#comments
http://blogs.zdnet.com/Bott/
WGA is a Mess
http://www.edbott.com/weblog/?p=1476
Human Rights Up for Vote at Microsoft Annual Shareholders' Meeting
http://www.redorbit.com/news/techno...olders_meeting/index.html?source=r_technology
China Returns Sharp Retort to U.S. Report on Human Rights
http://www.nytimes.com/2006/03/09/i...tml?ex=1160280000&en=86e45ec3f33fc3a2&ei=5070
In Response, China Attacks U.S. Record on Rights
http://www.nytimes.com/2006/03/10/i...122d9f4b564796&ei=5088&partner=rssnyt&emc=rss
MSFT Proxy Statement Filed with SEC:
http://www.sec.gov/Archives/edgar/data/789019/000119312506202089/ddef14a.htm
Posted on: Thursday, 5 October 2006, 12:00 CDT
Human Rights Up for Vote at Microsoft Annual Shareholders Meeting
By Benjamin J. Romano, Seattle Times
Oct. 5--Microsoft's posture toward China and other countries with
questionable human-rights records will be put to a vote next month, as some
observers see political and social activism gaining momentum among
shareholders in corporate America.
In its annual proxy statement Wednesday, Microsoft outlined three
shareholder proposals -- the most in at least a decade -- that will go
before the company's ownership at its annual meeting Nov. 14 in Bellevue. It
also disclosed compensation for executives, including Chairman Bill Gates
and Chief Executive Officer Steve Ballmer, both of whom took pay cuts.
Under one shareholder proposal, Microsoft would "no longer sell products or
services to any foreign government ... that knowingly can be used to deny
basic human or labor rights" as outlined in a United Nations human-rights
declaration.
John Harrington is a Napa, Calif., investor-activist behind this and three
Microsoft shareholder proposals floated in the early 2000s regarding
principles for doing business with China.
The current proposal, which Harrington acknowledges has little chance of
passing, notes that in 2005, "Microsoft closed down the blog of a Chinese
dissident at the request of the Chinese government."
"Instead of Microsoft moving in the right direction to address human-rights
violations in China, they've actually been complicit ... with a totalitarian
government," Harrington said in an interview.
Microsoft and Boeing gave Chinese President Hu Jintao a warm welcome during
his April visit to the United States, and Microsoft has pushed for stronger
intellectual-property protections in China.
The company's board recommended a vote against the Harrington proposal.
"We believe the availability of our products and services has increased the
ability of citizens worldwide to engage in free expression and has helped
transform the economic, cultural, and political landscape of nations
throughout the world," the board said.
It added that the company can't control how its products are used and
pointed to other initiatives meant to address human-rights concerns,
including a code of conduct for its vendors.
The proposal comes at a time some investors are turning their attention from
corporate governance and compensation to human rights and political issues,
said Paul Hodgson, senior research associate at the Corporate Library, which
assesses business and boardroom behavior.
"There has been an increase in human-rights proposals this year," he said.
Michael Pryce-Jones, social-research analyst at Proxy Governance, which
serves institutional investors, counted at least 16 major U.S. public
companies that have seen some type of human-rights-related shareholder
proposal this year.
One such proposal at Boeing drew 25 percent of votes cast by shareholders,
up from 21 percent for a similar measure in 2005. Proposals at Chevron and
Halliburton gathered more than 23 percent of votes each this year, which
Pryce-Jones described as "remarkable votes."
"Getting mid-20 percent [support] is somewhat of a new phenomenon," he said.
At Microsoft, the previous proposals activist Harrington brought forward got
less than 10 percent of Microsoft shareholder votes.
"It's always an uphill fight," he said.
The proxy statement also disclosed that Microsoft's top two leaders, Gates
and Ballmer, saw their base salaries rise slightly to $616,667 each for
2006. But their total compensation dropped because their annual bonuses
shrank by $50,000 to $350,000 each.
Meanwhile, 900 other top executives saw handsome rewards under the company's
shared performance stock-awards program. Gates and Ballmer do not
participate in the shared stock-award program.
The two headmen hold between them 13.88 percent of Microsoft's outstanding
shares, worth $38.16 billion at Wednesday's closing price of $27.94, up 57
cents, or 2.1 percent.
The modest compensation given to Gates and Ballmer earns Microsoft high
marks from groups such as the Corporate Library.
"Microsoft's compensation policies in the past and in this proxy have been
amongst the most moderate and restrained in their sector," Hodgson said.
Big incentives given to Chief Operating Officer Kevin Turner did catch
Hodgson's attention, however.
Turner was lured away from Wal-Mart last year. At Microsoft this past year,
he received $464,205 in salary; a $375,000 bonus; $8.2 million in stock,
which vests over the next several years, to compensate for what he forfeited
by leaving Wal-Mart; a $7 million signing bonus; and $82,557 in relocation
expenses.
Benjamin J. Romano: 206-464-2149 or (e-mail address removed)
Human rights on the agenda
Proposals involving human-rights policies have been raised by shareholders
of at least 16 companies this year. Here are nine companies that saw
shareholder votes on human-rights policies and the percent of votes cast in
favor of the proposals.
Boeing 25.0%
Chevron 23.9%
Halliburton 23.3%
IBM 9.7%
3M 7.1%
Freeport-McMoRan Copper & Gold 7.1%
Illinois Tool Works 6.5%
Coca-Cola 5.7%
Hershey 1.9%
Source: Proxy Governance
-----
October 4, 2006
For Vista, WGA gets tougher
Posted by Ed Bott @ 7:49 am
Digg This!
For Windows Vista, Microsoft is rolling out a new version of its Windows
Genuine Advantage anti-piracy program, complete with a new name: the Windows
Software Protection Platform. This time, they mean business.
Technically, it's not a kill switch, but it's arguably a near-death
experience for your PC.Let's call it WGA Plus, shall we? The Plus means this
software, which is baked into Windows Vista, is even more aggressive about
detecting and blocking what it considers software that is running with
unauthorized license keys or has been tampered with. And woe be unto you if
you get snagged in the WGA - sorry, SPP dragnet while running Vista. If that
happens on a premium version of Windows Vista, you'll first lose access to
key features, including the Aero interface, ReadyBoost performance
enhancements, and Windows Defender antispyware detection. Eventually, if you
don't deal with the problem, the measures get more severe and you're kicked
into "reduced functionality mode":
Reduced functionality mode in Windows Vista will allow the user to use the
browser after the reduced functionality mode has begun. Reduced
functionality mode can occur as a result of failed product activation or of
that copy being identified as counterfeit or non-genuine. In most cases
customers will be able to correct this situation quickly with the options
provided. With the tools in place for OEMs, and small to large customers, we
expect that most customers should never be affected by having a non-genuine
installation.
Microsoft denies that this is a "kill switch" for Windows Vista, even giving
it a separate question and answer in its mock interview announcing the
program. Technically, they're right, I suppose. Switching a PC into a
degraded functionality where all you can do is browse the Internet doesn't
kill it; but it's arguably a near-death experience. The accompanying white
paper describes the experience in more detail:
By choosing "Access your computer with reduced functionality," the default
Web browser will be started and the user will be presented with an option to
purchase a new product key. There is no start menu, no desktop icons, and
the desktop background is changed to black. The Web browser will fully
function and Internet connectivity will not be blocked. After one hour, the
system will log the user out without warning. It will not shut down the
machine, and the user can log back in. Note: This is different from the
Windows XP RFM experience, which limits screen resolution, colors, sounds
and other features. [emphasis added]
My head practically exploded when I read this sentence describing the new,
improved punishment regimen: "Windows Vista will have a reduced
functionality mode but one that is enhanced." Enhanced reduced
functionality? Orwell would be proud.
At first glance, this program looks like WGA, repackaged and renamed. So I
asked Thomas Lindeman, Microsoft's Senior Product Manager for the Software
Protection Platform, to explain what's new. "The Software Protection
Platform is a set of technologies we've been working on for several years,"
he told me. It includes "anti-tampering, anti-reverse engineering, and
activation components consisting of . activation servers and a client
service running on the PC." With SPP, according to Lindeman, other tools can
call the same APIs, making activation and validation technologies available
to any Microsoft program, even games like Flight Simulator.
With SPP, life's going to get more difficult for corporate customers using
volume license keys (VLKs). Stolen VLKs have been the bane of Microsoft's
existence in the XP era, because pirates use them to install copies of
Windows and Office that don't have to be activated. Corporations using Vista
with VLKs will have to activate them, using either a Multiple Activation Key
that allows a limited number of activations, or a Key Management Service
running on a Windows domain (which will require periodic reactivation). The
new program is called Volume Activation 2.0, and you can read more details
in this white paper).
What's most distressing about the SPP announcement is Microsoft's continued
insistence that its anti-piracy tools are nearly perfect and that innocent
victims never suffer from errors in their code. The press release includes
this snippet, for example:
Customers will be able to easily determine the status of their Windows
Vista installations. In the System Properties panel of the Windows Vista
Control Panel, Windows Vista will display the genuine status of the
installed copy of Windows Vista. From there, and from any screen notifying
users of a failed validation, a user will be able to obtain more information
on why the copy of Windows is not genuine, as well as resources for getting
a genuine copy.
See that? Not whether but why the copy of Windows is not genuine. And not
resources for getting assistance, but for "getting a genuine copy." In other
words, paying Microsoft.
The most chilling part of SPP is its new code to detect tampering. As
Lindeman explained to me, "If the Software Protection Platform determines
that the core binaries of your system have been hacked with, you will get a
notification that operating system has been tampered with. Reinstallation is
the remedy." And the clock starts ticking immediately. When an
anti-tampering warning first appears, you have three days to reinstall or
otherwise fix your copy of Windows Vista or shift into reduced functionality
mode.
Microsoft insists that "most customers should never be affected by having a
non-genuine installation." That reassurance would be a lot more comforting
if there wasn't already a solid base of failures in its current WGA program.
And in the sort of irony that invariably goes hand in hand with hubris, a
wave of new problem reports have begun appearing on the official Microsoft
WGA Validation Problems forum from corporate customers reporting that
legitimate VLKs for Windows XP are suddenly being blocked. Read more details
in this follow-up post.
59 Comments | Blog This | E-mail This | Print This | Permalink
Categories: Windows Vista, WGA
Windows Vista Microsoft's Piracy Crackdown
http://blog.seattlepi.nwsource.com/microsoft/archives/107340.asp
Windows Vista: Microsoft's big piracy crackdown
Microsoft this morning announced plans to significantly boost its
anti-piracy measures starting with Windows Vista, with steps including a new
"reduced functionality mode" that will severely limit what the operating
system does when the product hasn't been properly activated, using a product
key, after 30 days.
Here's an excerpt from the Microsoft white paper that explains the changes.
By choosing "Access your computer with reduced functionality," the default
Web browser will be started and the user will be presented with an option to
purchase a new product key. There is no start menu, no desktop icons, and
the desktop background is changed to black. The Web browser will fully
function and Internet connectivity will not be blocked. After one hour, the
system will log the user out without warning. It will not shut down the
machine, and the user can log back in. Note: This is different from the
Windows XP RFM experience, which limits screen resolution, colors, sounds
and other features.
(See the full Word document here.)
In other words, the technology doesn't turn the computer off. However, for
most practical purposes, it renders much of the operating system useless. Is
it the Windows "kill switch" that people such as Ed Bott have previously
anticipated? Effectively, yes, some commentators are concluding this
morning.
Prior to entering the full "reduced functionality" state, Microsoft says the
anti-piracy technology will take away functions such as the Aero graphics
feature if it determines that the Windows Vista copy isn't genuine. The
steps are part of a new initiative called the Software Protection Platform,
which Microsoft says has been in the works for several years. See coverage
by The Associated Press, CNet News.com and Ars Technica.
It will be interesting to see how this plays out, given the history of
Microsoft's existing Windows Genuine Advantage tool. Among other things, the
anti-piracy measure has been a target of allegations that it erroneously
labels some genuine Windows XP copies as invalid.
June 27, 2006
Is Microsoft about to release a Windows “kill switch”?
Update, 4-Oct: Microsoft has introduced the Software Protection Platform,
which contains features very similar to what I describe here. See For Vista,
WGA gets tougher.]
[Update 12-August: For a detailed discussion of what you'll see if WGA flags
your copy of Windows as "not genuine," see Busted! What happens when WGA
attacks and the accompanying image gallery.]
[Update, 30-June 8:40AM PDT: Microsoft responds, sort of. Details in this
follow-up post.]
Two weeks ago, I wrote about my serious objections to Microsoft’s latest
salvo in the war against unauthorized copies of Windows. Two Windows Genuine
Advantage components are being pushed onto users’ machines with insufficient
notification and inadequate quality control, and the result is a big mess.
(For details, see Microsoft presses the Stupid button.)
Guess what? WGA might be on the verge of getting even messier. In fact, one
report claims WGA is about to become a Windows “kill switch” – and when I
asked Microsoft for an on-the-record response, they refused to deny it.
Last week, a correspondent on Dave Farber’s Interesting People list posted
some comments about his experiences with Windows OneCare Live. In the middle
of the post, he added this tidbit:
I like to review updates before they are installed. The only update that I
have not installed is the latest WGA because of the security issues related
to it.
I called Microsoft support to see if there is a hidden option to say,
"yep, I've got updates turned to manual… it's okay." The rep said, "No and
why wouldn't you want to get the latest updates to Windows."
I responded with the issues relating to WGA. He spent some time telling me
that WGA was a good thing, etc. I reiterated that I have accepted all the
updates except WGA and just want to review the updates before they're
installed on my machine.
He told me that "in the fall, having the latest WGA will become mandatory
and if its not installed, Windows will give a 30 day warning and when the 30
days is up and WGA isn't installed, Windows will stop working, so you might
as well install WGA now." [emphasis added]
I'm wondering if Microsoft has the right to disable Windows functionality
or the OS as a whole (tantamount to revoking my legitimate Windows license)
if I do not install every piece of software that they send it updates.
That can’t be true, can it? I’m always suspicious of any report that comes
from a front-line tech support drone, so I sent a note to Microsoft asking
for an official confirmation or, better yet, a denial. Instead, I got this
terse response from a Microsoft spokesperson:
As we have mentioned previously, as the WGA Notifications program expands
in the future, customers may be required to participate. [emphasis added]
Microsoft is gathering feedback in select markets to learn how it can best
meet its customers' needs and will keep customers informed of any changes to
the program.
That’s it. That’s the entire response.
Uh-oh. Currently, Windows users have the ability to opt out of the Windows
Genuine Advantage program and still get security patches and other Critical
Updates delivered via Windows Update. The only thing you give up is the
ability to download optional updates. Hackers have been working overtime to
find ways to disable WGA notification. If WGA becomes mandatory, would it
mean that Microsoft could prevent Windows from working if it determines –
possibly erroneously – that your copy isn’t “genuine”? That’s a chilling
possibility, and Microsoft refuses an easy opportunity to deny that that
option is in its plans.
Over at Ed Bott’s Windows Expertise, I’ve been soliciting feedback from
Windows users who’ve been burned by WGA. So far, I’ve received 20 comments.
Here’s a sampling:
a.. I have an XP Media center with a promise RAID 0 4-disc array. When I
installed the WPA it broke the drivers for the array by causing failed
delayed writes (half of the array just “disapears”.) If I do a system
restore to before the installation of the WPA everything goes back to
working just fine.
b..ince installing WPA … I’ve had blue screens and a total inability
to boot. I had to run the XP repair function to get the computer to boot. I
had a damaged boot sector on the hard drive. I am running two drives on a
RAID 1 config.
c.. I purchased a SEALED OEM copy of XP Professional. WGA said the license
key was already used. I called MS and they said I should uninstall and buy
another copy. I told them I wasn’t made of money and hung-up.
d.. Microsoft rejected the product key that came with the ThinkPad I’m
using. I had to call in and they gave me another code to enter which
supposedly worked but now I get the blue screen of death about every other
time I reboot. I’ve also lost all internet connectivity.
e.. I sent my Compaq Presario notebook for service repair, and it fails
the WGA check. I have a legal version of windows xp professional on it. But
I have no way to correct this problem.
What’s most disturbing about this whole saga is Microsoft’s complete lack of
transparency on the issue. And before the ABM crowd jumps in with
predictable “What did you expect?” comments, let me argue that Microsoft
actually has a fairly good track record on transparency issues in recent
years. Windows Product Activation is very well documented, and when a
similar uproar occurred in 2001, it was squelched quickly by some fairly
prominent postings from high-level executives who provided details without a
lot of spin. Likewise, the Microsoft Security Response Center has done an
exceptional job at providing quick responses to security issues. (Just ask
Adam Shostack.)
Currently, no one at Microsoft is blogging about this fiasco. No executive
has been quoted on the record about it. There are very few technical details
available, and those that have been published are being tumbled through the
spin machine and spit out as press releases.
If Microsoft really does plan to turn WGA into a kill switch in September,
be prepared for an enormous backlash.
460 Comments | Blog This | E-mail This | Print This | Permalink
Categories: WGA
CH
Holder's Meeting November 14, 2006 the Zune launch Vista, and the new Kill
Switch that will have the same liabilities as WGA falsely IDing legitimate
copies of Windows and jamming them up, and MSFT's controversial tilts under
the covers with spyware won't be the only topics up for discussion.
Oprressive policies from the Chinese governemnt escalate as increasing
numbers of human rights' advocates are jailed and tortured in China under
the iron fist of Bill Gates' dinner partner, President Hu Jintaio as a $1.5
billion deal with China was consummated over Washington State apples:
Bill Gates Dinner with Hu Jintaio
http://www.cio.com/blog_view.html?CID=20367
October 4, 2006 For Vista, WGA gets Tougher
http://blogs.zdnet.com/Bott/?p=148
Microsoft Kill Switch in Windows Vista and threat to disable Windows (the
so-called Microsoft Software Protection Platform)
http://blogs.zdnet.com/Bott/?p=84
Microsoft’s Software Protection Platform: Protecting Software and Customers
from Counterfeiters
http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspx
Ed Bott Blog Readers Burned by WGA
http://www.edbott.com/weblog/?p=1370#comments
http://blogs.zdnet.com/Bott/
WGA is a Mess
http://www.edbott.com/weblog/?p=1476
Human Rights Up for Vote at Microsoft Annual Shareholders' Meeting
http://www.redorbit.com/news/techno...olders_meeting/index.html?source=r_technology
China Returns Sharp Retort to U.S. Report on Human Rights
http://www.nytimes.com/2006/03/09/i...tml?ex=1160280000&en=86e45ec3f33fc3a2&ei=5070
In Response, China Attacks U.S. Record on Rights
http://www.nytimes.com/2006/03/10/i...122d9f4b564796&ei=5088&partner=rssnyt&emc=rss
MSFT Proxy Statement Filed with SEC:
http://www.sec.gov/Archives/edgar/data/789019/000119312506202089/ddef14a.htm
Posted on: Thursday, 5 October 2006, 12:00 CDT
Human Rights Up for Vote at Microsoft Annual Shareholders Meeting
By Benjamin J. Romano, Seattle Times
Oct. 5--Microsoft's posture toward China and other countries with
questionable human-rights records will be put to a vote next month, as some
observers see political and social activism gaining momentum among
shareholders in corporate America.
In its annual proxy statement Wednesday, Microsoft outlined three
shareholder proposals -- the most in at least a decade -- that will go
before the company's ownership at its annual meeting Nov. 14 in Bellevue. It
also disclosed compensation for executives, including Chairman Bill Gates
and Chief Executive Officer Steve Ballmer, both of whom took pay cuts.
Under one shareholder proposal, Microsoft would "no longer sell products or
services to any foreign government ... that knowingly can be used to deny
basic human or labor rights" as outlined in a United Nations human-rights
declaration.
John Harrington is a Napa, Calif., investor-activist behind this and three
Microsoft shareholder proposals floated in the early 2000s regarding
principles for doing business with China.
The current proposal, which Harrington acknowledges has little chance of
passing, notes that in 2005, "Microsoft closed down the blog of a Chinese
dissident at the request of the Chinese government."
"Instead of Microsoft moving in the right direction to address human-rights
violations in China, they've actually been complicit ... with a totalitarian
government," Harrington said in an interview.
Microsoft and Boeing gave Chinese President Hu Jintao a warm welcome during
his April visit to the United States, and Microsoft has pushed for stronger
intellectual-property protections in China.
The company's board recommended a vote against the Harrington proposal.
"We believe the availability of our products and services has increased the
ability of citizens worldwide to engage in free expression and has helped
transform the economic, cultural, and political landscape of nations
throughout the world," the board said.
It added that the company can't control how its products are used and
pointed to other initiatives meant to address human-rights concerns,
including a code of conduct for its vendors.
The proposal comes at a time some investors are turning their attention from
corporate governance and compensation to human rights and political issues,
said Paul Hodgson, senior research associate at the Corporate Library, which
assesses business and boardroom behavior.
"There has been an increase in human-rights proposals this year," he said.
Michael Pryce-Jones, social-research analyst at Proxy Governance, which
serves institutional investors, counted at least 16 major U.S. public
companies that have seen some type of human-rights-related shareholder
proposal this year.
One such proposal at Boeing drew 25 percent of votes cast by shareholders,
up from 21 percent for a similar measure in 2005. Proposals at Chevron and
Halliburton gathered more than 23 percent of votes each this year, which
Pryce-Jones described as "remarkable votes."
"Getting mid-20 percent [support] is somewhat of a new phenomenon," he said.
At Microsoft, the previous proposals activist Harrington brought forward got
less than 10 percent of Microsoft shareholder votes.
"It's always an uphill fight," he said.
The proxy statement also disclosed that Microsoft's top two leaders, Gates
and Ballmer, saw their base salaries rise slightly to $616,667 each for
2006. But their total compensation dropped because their annual bonuses
shrank by $50,000 to $350,000 each.
Meanwhile, 900 other top executives saw handsome rewards under the company's
shared performance stock-awards program. Gates and Ballmer do not
participate in the shared stock-award program.
The two headmen hold between them 13.88 percent of Microsoft's outstanding
shares, worth $38.16 billion at Wednesday's closing price of $27.94, up 57
cents, or 2.1 percent.
The modest compensation given to Gates and Ballmer earns Microsoft high
marks from groups such as the Corporate Library.
"Microsoft's compensation policies in the past and in this proxy have been
amongst the most moderate and restrained in their sector," Hodgson said.
Big incentives given to Chief Operating Officer Kevin Turner did catch
Hodgson's attention, however.
Turner was lured away from Wal-Mart last year. At Microsoft this past year,
he received $464,205 in salary; a $375,000 bonus; $8.2 million in stock,
which vests over the next several years, to compensate for what he forfeited
by leaving Wal-Mart; a $7 million signing bonus; and $82,557 in relocation
expenses.
Benjamin J. Romano: 206-464-2149 or (e-mail address removed)
Human rights on the agenda
Proposals involving human-rights policies have been raised by shareholders
of at least 16 companies this year. Here are nine companies that saw
shareholder votes on human-rights policies and the percent of votes cast in
favor of the proposals.
Boeing 25.0%
Chevron 23.9%
Halliburton 23.3%
IBM 9.7%
3M 7.1%
Freeport-McMoRan Copper & Gold 7.1%
Illinois Tool Works 6.5%
Coca-Cola 5.7%
Hershey 1.9%
Source: Proxy Governance
-----
October 4, 2006
For Vista, WGA gets tougher
Posted by Ed Bott @ 7:49 am
Digg This!
For Windows Vista, Microsoft is rolling out a new version of its Windows
Genuine Advantage anti-piracy program, complete with a new name: the Windows
Software Protection Platform. This time, they mean business.
Technically, it's not a kill switch, but it's arguably a near-death
experience for your PC.Let's call it WGA Plus, shall we? The Plus means this
software, which is baked into Windows Vista, is even more aggressive about
detecting and blocking what it considers software that is running with
unauthorized license keys or has been tampered with. And woe be unto you if
you get snagged in the WGA - sorry, SPP dragnet while running Vista. If that
happens on a premium version of Windows Vista, you'll first lose access to
key features, including the Aero interface, ReadyBoost performance
enhancements, and Windows Defender antispyware detection. Eventually, if you
don't deal with the problem, the measures get more severe and you're kicked
into "reduced functionality mode":
Reduced functionality mode in Windows Vista will allow the user to use the
browser after the reduced functionality mode has begun. Reduced
functionality mode can occur as a result of failed product activation or of
that copy being identified as counterfeit or non-genuine. In most cases
customers will be able to correct this situation quickly with the options
provided. With the tools in place for OEMs, and small to large customers, we
expect that most customers should never be affected by having a non-genuine
installation.
Microsoft denies that this is a "kill switch" for Windows Vista, even giving
it a separate question and answer in its mock interview announcing the
program. Technically, they're right, I suppose. Switching a PC into a
degraded functionality where all you can do is browse the Internet doesn't
kill it; but it's arguably a near-death experience. The accompanying white
paper describes the experience in more detail:
By choosing "Access your computer with reduced functionality," the default
Web browser will be started and the user will be presented with an option to
purchase a new product key. There is no start menu, no desktop icons, and
the desktop background is changed to black. The Web browser will fully
function and Internet connectivity will not be blocked. After one hour, the
system will log the user out without warning. It will not shut down the
machine, and the user can log back in. Note: This is different from the
Windows XP RFM experience, which limits screen resolution, colors, sounds
and other features. [emphasis added]
My head practically exploded when I read this sentence describing the new,
improved punishment regimen: "Windows Vista will have a reduced
functionality mode but one that is enhanced." Enhanced reduced
functionality? Orwell would be proud.
At first glance, this program looks like WGA, repackaged and renamed. So I
asked Thomas Lindeman, Microsoft's Senior Product Manager for the Software
Protection Platform, to explain what's new. "The Software Protection
Platform is a set of technologies we've been working on for several years,"
he told me. It includes "anti-tampering, anti-reverse engineering, and
activation components consisting of . activation servers and a client
service running on the PC." With SPP, according to Lindeman, other tools can
call the same APIs, making activation and validation technologies available
to any Microsoft program, even games like Flight Simulator.
With SPP, life's going to get more difficult for corporate customers using
volume license keys (VLKs). Stolen VLKs have been the bane of Microsoft's
existence in the XP era, because pirates use them to install copies of
Windows and Office that don't have to be activated. Corporations using Vista
with VLKs will have to activate them, using either a Multiple Activation Key
that allows a limited number of activations, or a Key Management Service
running on a Windows domain (which will require periodic reactivation). The
new program is called Volume Activation 2.0, and you can read more details
in this white paper).
What's most distressing about the SPP announcement is Microsoft's continued
insistence that its anti-piracy tools are nearly perfect and that innocent
victims never suffer from errors in their code. The press release includes
this snippet, for example:
Customers will be able to easily determine the status of their Windows
Vista installations. In the System Properties panel of the Windows Vista
Control Panel, Windows Vista will display the genuine status of the
installed copy of Windows Vista. From there, and from any screen notifying
users of a failed validation, a user will be able to obtain more information
on why the copy of Windows is not genuine, as well as resources for getting
a genuine copy.
See that? Not whether but why the copy of Windows is not genuine. And not
resources for getting assistance, but for "getting a genuine copy." In other
words, paying Microsoft.
The most chilling part of SPP is its new code to detect tampering. As
Lindeman explained to me, "If the Software Protection Platform determines
that the core binaries of your system have been hacked with, you will get a
notification that operating system has been tampered with. Reinstallation is
the remedy." And the clock starts ticking immediately. When an
anti-tampering warning first appears, you have three days to reinstall or
otherwise fix your copy of Windows Vista or shift into reduced functionality
mode.
Microsoft insists that "most customers should never be affected by having a
non-genuine installation." That reassurance would be a lot more comforting
if there wasn't already a solid base of failures in its current WGA program.
And in the sort of irony that invariably goes hand in hand with hubris, a
wave of new problem reports have begun appearing on the official Microsoft
WGA Validation Problems forum from corporate customers reporting that
legitimate VLKs for Windows XP are suddenly being blocked. Read more details
in this follow-up post.
59 Comments | Blog This | E-mail This | Print This | Permalink
Categories: Windows Vista, WGA
Windows Vista Microsoft's Piracy Crackdown
http://blog.seattlepi.nwsource.com/microsoft/archives/107340.asp
Windows Vista: Microsoft's big piracy crackdown
Microsoft this morning announced plans to significantly boost its
anti-piracy measures starting with Windows Vista, with steps including a new
"reduced functionality mode" that will severely limit what the operating
system does when the product hasn't been properly activated, using a product
key, after 30 days.
Here's an excerpt from the Microsoft white paper that explains the changes.
By choosing "Access your computer with reduced functionality," the default
Web browser will be started and the user will be presented with an option to
purchase a new product key. There is no start menu, no desktop icons, and
the desktop background is changed to black. The Web browser will fully
function and Internet connectivity will not be blocked. After one hour, the
system will log the user out without warning. It will not shut down the
machine, and the user can log back in. Note: This is different from the
Windows XP RFM experience, which limits screen resolution, colors, sounds
and other features.
(See the full Word document here.)
In other words, the technology doesn't turn the computer off. However, for
most practical purposes, it renders much of the operating system useless. Is
it the Windows "kill switch" that people such as Ed Bott have previously
anticipated? Effectively, yes, some commentators are concluding this
morning.
Prior to entering the full "reduced functionality" state, Microsoft says the
anti-piracy technology will take away functions such as the Aero graphics
feature if it determines that the Windows Vista copy isn't genuine. The
steps are part of a new initiative called the Software Protection Platform,
which Microsoft says has been in the works for several years. See coverage
by The Associated Press, CNet News.com and Ars Technica.
It will be interesting to see how this plays out, given the history of
Microsoft's existing Windows Genuine Advantage tool. Among other things, the
anti-piracy measure has been a target of allegations that it erroneously
labels some genuine Windows XP copies as invalid.
June 27, 2006
Is Microsoft about to release a Windows “kill switch”?
Update, 4-Oct: Microsoft has introduced the Software Protection Platform,
which contains features very similar to what I describe here. See For Vista,
WGA gets tougher.]
[Update 12-August: For a detailed discussion of what you'll see if WGA flags
your copy of Windows as "not genuine," see Busted! What happens when WGA
attacks and the accompanying image gallery.]
[Update, 30-June 8:40AM PDT: Microsoft responds, sort of. Details in this
follow-up post.]
Two weeks ago, I wrote about my serious objections to Microsoft’s latest
salvo in the war against unauthorized copies of Windows. Two Windows Genuine
Advantage components are being pushed onto users’ machines with insufficient
notification and inadequate quality control, and the result is a big mess.
(For details, see Microsoft presses the Stupid button.)
Guess what? WGA might be on the verge of getting even messier. In fact, one
report claims WGA is about to become a Windows “kill switch” – and when I
asked Microsoft for an on-the-record response, they refused to deny it.
Last week, a correspondent on Dave Farber’s Interesting People list posted
some comments about his experiences with Windows OneCare Live. In the middle
of the post, he added this tidbit:
I like to review updates before they are installed. The only update that I
have not installed is the latest WGA because of the security issues related
to it.
I called Microsoft support to see if there is a hidden option to say,
"yep, I've got updates turned to manual… it's okay." The rep said, "No and
why wouldn't you want to get the latest updates to Windows."
I responded with the issues relating to WGA. He spent some time telling me
that WGA was a good thing, etc. I reiterated that I have accepted all the
updates except WGA and just want to review the updates before they're
installed on my machine.
He told me that "in the fall, having the latest WGA will become mandatory
and if its not installed, Windows will give a 30 day warning and when the 30
days is up and WGA isn't installed, Windows will stop working, so you might
as well install WGA now." [emphasis added]
I'm wondering if Microsoft has the right to disable Windows functionality
or the OS as a whole (tantamount to revoking my legitimate Windows license)
if I do not install every piece of software that they send it updates.
That can’t be true, can it? I’m always suspicious of any report that comes
from a front-line tech support drone, so I sent a note to Microsoft asking
for an official confirmation or, better yet, a denial. Instead, I got this
terse response from a Microsoft spokesperson:
As we have mentioned previously, as the WGA Notifications program expands
in the future, customers may be required to participate. [emphasis added]
Microsoft is gathering feedback in select markets to learn how it can best
meet its customers' needs and will keep customers informed of any changes to
the program.
That’s it. That’s the entire response.
Uh-oh. Currently, Windows users have the ability to opt out of the Windows
Genuine Advantage program and still get security patches and other Critical
Updates delivered via Windows Update. The only thing you give up is the
ability to download optional updates. Hackers have been working overtime to
find ways to disable WGA notification. If WGA becomes mandatory, would it
mean that Microsoft could prevent Windows from working if it determines –
possibly erroneously – that your copy isn’t “genuine”? That’s a chilling
possibility, and Microsoft refuses an easy opportunity to deny that that
option is in its plans.
Over at Ed Bott’s Windows Expertise, I’ve been soliciting feedback from
Windows users who’ve been burned by WGA. So far, I’ve received 20 comments.
Here’s a sampling:
a.. I have an XP Media center with a promise RAID 0 4-disc array. When I
installed the WPA it broke the drivers for the array by causing failed
delayed writes (half of the array just “disapears”.) If I do a system
restore to before the installation of the WPA everything goes back to
working just fine.
b..
to boot. I had to run the XP repair function to get the computer to boot. I
had a damaged boot sector on the hard drive. I am running two drives on a
RAID 1 config.
c.. I purchased a SEALED OEM copy of XP Professional. WGA said the license
key was already used. I called MS and they said I should uninstall and buy
another copy. I told them I wasn’t made of money and hung-up.
d.. Microsoft rejected the product key that came with the ThinkPad I’m
using. I had to call in and they gave me another code to enter which
supposedly worked but now I get the blue screen of death about every other
time I reboot. I’ve also lost all internet connectivity.
e.. I sent my Compaq Presario notebook for service repair, and it fails
the WGA check. I have a legal version of windows xp professional on it. But
I have no way to correct this problem.
What’s most disturbing about this whole saga is Microsoft’s complete lack of
transparency on the issue. And before the ABM crowd jumps in with
predictable “What did you expect?” comments, let me argue that Microsoft
actually has a fairly good track record on transparency issues in recent
years. Windows Product Activation is very well documented, and when a
similar uproar occurred in 2001, it was squelched quickly by some fairly
prominent postings from high-level executives who provided details without a
lot of spin. Likewise, the Microsoft Security Response Center has done an
exceptional job at providing quick responses to security issues. (Just ask
Adam Shostack.)
Currently, no one at Microsoft is blogging about this fiasco. No executive
has been quoted on the record about it. There are very few technical details
available, and those that have been published are being tumbled through the
spin machine and spit out as press releases.
If Microsoft really does plan to turn WGA into a kill switch in September,
be prepared for an enormous backlash.
460 Comments | Blog This | E-mail This | Print This | Permalink
Categories: WGA
CH