Windows Genuine Advantage

[streb2001]

In the last few days XP has been pestering me on bootup with a wizard asking me to install WGA Notification. I have a rough idea that it allows M$ to validate my XP installation (it is a genuine install BTW!) but I don't want M$ snooping in my PC.

I have used RemoveWGA to remove WGA successfully (I think) I had no idea it was there, did it come in with XP SP3? Bloody cheek!

I also manually removed the latest wizard nag by removing it from Windows\Tasks where WGASEtup.exe was scheduled to run on every logon.

Anyone any thoughts on this or experience to share?

s2k1

 

[Urwumpe]

AFAIR, WGA only checks your serial number, and does not do full scans of your system... I have it enabled, and did not see strange behavior in my WireShark scans. Windows Live Messager is more verbose... this transmits my current playing music title with a numeric code which is unique for my system.

 

[Brad]

As you indicated, WGA is a way for M$ to verify that the copy you have it valid. Why they went this route only they know. To me WGA seems a waste as each time you try to do an update from M$ it validates your install again anyways.

I really don't see a purpose for it other than to "ping" your copy when they feel like to make sure it is valid.

If you have a good software firewall you can also disable WGA from sending any data about your computer.

 

[streb2001]

If you have a good software firewall you can also disable WGA from sending any data about your computer.

Good idea. I have a hardware firewall in the router. Any details of port numbers, protocols etc to block?

 

[Artlav]

I'm not able to rightly apprehend the kind of confusion of ideas that could provoke an attempt to enforce a completely unenforceable law of applying secrecy-until-payed to digital data like software or media.

Just how can you define an instance of software? It have no such property by it's very definition.
And, greediness is not an acceptable answer.

Good idea. I have a hardware firewall in the router. Any details of port numbers, protocols etc to block?

The key check server is www.download.microsoft.com (131.107.115.40) with port 443 (which is also used for variety of other stuff).
It may not be the only one, or even the correct one, btw.

 

[Hielor]

The easiest way to remove the nag (permanently) is to install it and let it validate your XP install. It's not going to steal your passwords or personal data.

If you truly have a genuine version of XP, then you have nothing to worry about.

 

[Brad]

I don't know what port, but netstat would good place to find out. You can look here for information: http://www.computerhope.com/netstat.htm

 

[Scrooge McDuck]

..only checks your serial number, and does not do full scans of your system...

It's not going to steal your [..] personal data.

You all assume, of course. It's most likely true, but do we really know? No. (unless someone has analyzed the data packages?)
Using any OS connected to the internet is a matter of trust anyway..

 

[Urwumpe]

unless someone has analyzed the data packages?

I had done so with Wireshark two times, without finding anything really fishy. It does talk more to Microsoft, than I like to, there are better cryptographic ways around to make sure only original windows software is able to update or use special programs.

 

[Hielor]

You all assume, of course. It's most likely true, but do we really know? No. (unless someone has analyzed the data packages?)
Using any OS connected to the internet is a matter of trust anyway..

For MSFT employees to look at the data that comes from end-user computers, they must have a valid business reason to do so (ie, if you use Watson to report a crash in Paint, only the Paint team can look at that data, and that data does not intentionally contain any personally identifying information). Employees can't just go browsing the database looking for fun stuff. In fact, more often than not the data doesn't even get looked at directly--an automated tracker opens a bug on the affected team with the simplest set of data needed. Since any crash that happens once usually happens more than once across all users of Windows, the data stored for your particular report may not even be very substantial at all (could just be a reference to an already known issue with a stack trace).

There are also severe penalties (ie, getting fired) for employees who misuse the data that comes from user computers, and something as simple as having the data on your own hard drive (even if you're not doing anything with it) for longer than needed to analyze and fix the bug can get you in trouble.

Frankly, I feel safer sending data to Microsoft than I do using my credit card to pay for stuff online.

 

[streb2001]

It's all the scare stories of false positives and M$'s mooted "kill switch" that concern me.

Hielor: you are probably right though. WGA was already installed and automatic updates were working fine so I probably have nothing to worry about. I just like to feel completely in control of my PC.

 

[TSPenguin]

It's all the scare stories of false positives and M$'s mooted "kill switch" that concern me.

Hielor: you are probably right though. WGA was already installed and automatic updates were working fine so I probably have nothing to worry about. I just like to feel completely in control of my PC.

You do automatic updates and are worried you's loose complete control of your system? :hmm:

 

[Hielor]

It's all the scare stories of false positives and M$'s mooted "kill switch" that concern me.

If you have a false positive and it decides that your copy of Windows is not genuine, you can call customer service to get the matter cleared up. I know, for example, that the CD keys which were on stickers attached to laptops are no longer accepted for new registrations (because it was so easy to just walk into a store and write all the numbers down) but you can call and get one that works assuming you can prove your ownership (I'm unsure what's involved with that process).

As for the "kill switch," there's no such thing. Well, in theory, an update could be propagated via automatic updates which could break things (as I think XP SP3 did on media center builds at first) but the updates all go through very extensive testing beforehand and there's no way to give an update to a particular computer. IE, MS cannot decide "oh, we don't like the user with CD key blahblahblah anymore, we'll schedule an update for that machine which will kill it." It doesn't work that way--updates go to all computers that have software which is registered for that update, so it goes to all XP users or none. They can't be targetted specifically.

Although, a remote "kill switch" would be interesting when it comes to the spreading of viruses or spam...if the magic "server" detects a computer is distributing viruses or spam, kill it. That's the sort of thing that you get in sci fi movies, though, not reality.

Hielor: you are probably right though. WGA was already installed and automatic updates were working fine so I probably have nothing to worry about. I just like to feel completely in control of my PC.

Yeah, I know what you mean. That's one of the reasons I didn't like Macs--it felt like the user had no real control over what the computer was doing, like it was assuming that mac users were less tech-savvy and therefore not allowing them to break anything. These were old macs though, I don't know what it's like now.

Having automatic updates turned on is a good idea (look at Conficker--anyone who has automatic updates turned on was immunized six months ago, and it's still a huge problem) and you should only turn them off if you do it manually at least once a month (and even then you wouldn't get critical updates quickly).