Microsoft’s latest effort to validate the legitimacy of Windows copies and thwart software piracy has been hit by a hack published online that illustrates easy bypass of the new software scheme, known as Windows Genuine Advantage (WGA).
Microsoft is requiring the validation process for all updates and downloads of its software, except for security updates, which will still be offered to all Windows users regardless of their use of WGA 1.0. The system began transition from a pilot program to worldwide availability last week and has been greeted with some initial criticism related to the fact that the program “checks” users’ machines for pirated software.
In addition to concern that Microsoft might suffer market backlash due to the scheme’s possible alienation of users of legitimate Windows products, the WGA software was circumvented quickly and simply last week by a software researcher reportedly using JavaScript code. The trick was published on the Internet within a day of WGA’s release a week ago.
Validity Versus Piracy
Microsoft, which entices users to the new software by offering enhanced capabilities and software improvements valued by the software giant at US$450, said the WGA validation would be required for all customers using Windows Update, Microsoft Update for Windows content, and the Download Center (DC). The hack posted on the Internet last week prevents the program’s “checker” from being installed on the user’s machine.
Microsoft moved swiftly to correct the flaw. As of this week, the disabling code no longer works. But the published hack was widely seen as a setback for the WGA software. A Microsoft spokesperson told TechNewsWorld the company was investigating the situation and would take action in response as appropriate. The representative added that no security vulnerability resulted that put customers at risk.
Microsoft’s senior vice president of Windows Will Poole said in a statement that WGA’s success in a pilot program illustrated users’ willingness to fight piracy and their desire to get special offers, features and enhanced performance as “genuine users.”
“During the 10-month pilot of WGA, we have been very encouraged by the large number of customers — more than 40 million in all — who chose to participate in WGA because they were concerned about piracy and wanted a way to determine whether their Windows software was genuine,” Pool said.
Little Impact Either Way
However, industry analysts such as Yankee Group Mike Goodman indicated the software giant’s efforts are less likely to thwart technically savvy software pirates than they are regular, paying customers.
“The bigger groups pirating the most will be completely unaffected,” Goodman told TechNewsWorld. “This is the type of thing that provides protection from people you don’t need to protect against and provides no protection for the people you need protection against.”
Goodman said that while those illegally copying, trading and selling Windows copies were unlikely to allow Microsoft’s WGA slow them down, regular, legitimate users would feel the effects of the software.
Still, the analyst said the impact to legitimate users will be minor enough that any consumer backlash is unlikely.
“Most users won’t see it, so it will have minimal impact in the market,” he added.
Fair But Fouled
Despite privacy concerns around WGA and its check of Windows users’ machines, observers like Directions on Microsoft lead analyst Michael Cherry have praised the anti-piracy/validity software as “fair to customers and reseller partners.”
“While Microsoft is requiring customers to validate, they’re putting their best foot forward to help customers out in terms of simplifying the process, creating software incentives and offering to help customers replace counterfeit software they acquired unwillingly,” he said in a statement, referring to an opportunity WGA offers for submitting a piracy report and pirated CDs in exchange for a reduced price or even free legitimate copy of Windows.