Windows Genuine Advantage
Encyclopedia
Windows Genuine Advantage (WGA) is an anti-piracy
system created by Microsoft
that enforces online validation of the licensing of several recent Microsoft Windows
operating system
s when accessing several services, such as Windows Update
, and downloading Windows components from the Microsoft Download Center. In Windows 7, WGA is renamed Windows Activation Technology. WGA consists of two components: an installable component called WGA Notifications that hooks into Winlogon
and validates the Windows license upon each logon and an ActiveX control that checks the validity of the Windows license when downloading certain updates from the Microsoft Download Center or Windows Update
. WGA Notifications covers Windows XP
, Windows Vista
and current versions of Windows 7. It does not cover other versions of the Windows NT
family, such as Windows 2000
, Windows Server 2003
and Windows XP Professional x64 Edition, or the Windows 9x
family. The ActiveX control however checks Windows 2000 Professional
licenses as well.
WGA also advertises the latest service pack for Windows XP, which requires manual intervention to disable. Previously voluntary, it became mandatory for use of these services in July 2005.
Despite its name it does not actually evaluate the integrity or security of any computer.
and determines if the software was licensed from Microsoft. It is accessible by either a stand-alone program, a Netscape-compatible web browser plug-in, or as an ActiveX
control within Internet Explorer
, the latter of which is relevant to any attempt to access Microsoft updates via its browser
. It includes the following steps:
If the software decides the instance of Windows does not have a valid license, WGA displays a specific notice to the user and prevents non-critical updates from being downloaded from Microsoft.
The ActiveX control is downloaded on the first validation and when a new version is available, but the validation itself can be performed any time the user connects to a Microsoft Website to update.
When a user installs Windows Genuine Advantage, an Internet Explorer
add-on is installed labeled "Windows Genuine Advantage". In early releases the tool could be readily disabled with the IE Add-on Management feature. A Windows Group Policy
was added by later updates, causing this option to be unavailable by default, but still accessible if the policy were removed. As of July 2006, the latest update blocks management by other means.
The program uses either a stand-alone program to generate a key or an ActiveX
control to discover whether the license key
is valid; either way an Internet connection is required. If WGA determines that a user's copy of Windows is unauthorized
but was installed from seemingly-legitimate media (i.e., the CD
and holographic emblem present on real copies of Windows seems genuine), then Microsoft will supply the user with a new CD. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as via the Microsoft Download Center, so that all systems, including those that fail to pass validation, will still continue to receive critical security updates.
The company has made installation of Windows Genuine Advantage a requirement for use of the Windows Update
and Microsoft Update websites, in part to be sure that customers who use support resources of the company are aware when their software is unlicensed. According to Microsoft themselves, it is legal to run Microsoft Windows without Windows Genuine Advantage . However, since non-critical Windows updates are not presented by Automatic Updates, installation of WGA is required for installation of such non-critical updates, which are only available through Windows Update or the Microsoft Download Center.
The version of Windows Genuine Advantage Notifications released November 29, 2006 had a changed install process to inform the user of what the program does, and can also be set to automatically update to newer versions of Windows Genuine Advantage Notifications. It also informs users that may have a non-genuine version of Windows why their Windows version isn't being reported as genuine. However, unlike previous releases, it started being only automatically delivered to Windows machines using four widely-distributed product keys.
The latest update (version 1.9.0040.0) was released on March 24, 2009.
no longer requires the user to pass a Windows Genuine Advantage test in order to download or install the software.
The WGA Validation Library is also included in the Microsoft Security Essentials 2.0 and validate the Windows installation whether it is legitimate or not. The program will stop working after 30 days once it failed the validation process.
The information is then used in the WGA Library to check for overuse of license keys.
software by the Windows Genuine Advantage application.
On November 16, 2005, Microsoft released a standard Netscape WGA plug-in to complete the Windows validation process from Mozilla Firefox
and other Gecko
-based browsers (including Netscape
) - although it does not use the Firefox extensions system, and thus is not supported by the latest version of the browser. It does not work in other NPAPI
browsers such as Opera
. Another workaround was released on December 25, 2005 to bypass WGA authentication by using a valid hash generated by a remote system. Microsoft responded with a cease and desist
letter to the website host, and the workaround was taken down on January 6, 2006. Many people continue to validate on the Microsoft website from a public computer using a genuine copy of Windows, then write down the hash and continue to use it at home or work. As of July 2006, Microsoft had not prevented people from disabling WGA in this manner. On May 4, 2006 Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicago-area resellers Nathan Ballog and Easy Computers.
Various workarounds to get past WGA authentication have been released on the Internet. Before Microsoft issued official instructions on removing the WGA Notifier (a desktop application which resides in the notification area and periodically displays messages, reminding users to authenticate their operating system), users simply had to remove 2 files in order to get rid of the software from their system (four files: one executable and one dynamic link library in C:\Windows\system32\ and their exact copies in C:\Windows\system32\dllcache\; only an administrator can rename/delete these files).
In September 2006, Microsoft dropped various required validations on programs such as ActiveSync
.
In June 2007 it was found to be possible to validate with WGA when running Linux
(see below). The WGA Validation Tool has undergone a number of version changes since then, so this may well no longer be true.
s, though not one embedded in Windows, may alert on the method by which wgatray.exe is started; in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems.
A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.
On October 20, 2008, many users of Windows XP in China received a black desktop, as Microsoft introduced its WGA system for Chinese language systems, in an effort to combat piracy, which is extremely high in China. This version of WGA is of a more hostile approach as compared to previous forms, as it provides a hindrance to users and trespasses on usability. Since the majority of users in China run on a pirated copy of Windows, many users have experienced what is described as a "black screen syndrome", where the operating system changes the desktop background to a black screen every 60 minutes, as well as displaying constant warning messages. Some users have even reported the disabling of Office programs such as Microsoft Word, PowerPoint and Outlook.
According to various polls carried out by Chinese portals such as Sohu.com, QQ.com, 21cn.com, and many others, a large number (over 60% of those surveyed) of Chinese Internet users are hostile to Microsoft Windows Genuine Advantage (WGA) and Office Genuine Advantage (OGA).
originally ran in reduced-functionality mode if found by WGA to be compromised if a product has not been considered genuine which has made some people compare WGA to time bomb software
. Windows Vista SP1 has removed this behavior and reverted to the nag-only methods of Windows XP.
-like behavior, "phoning home
" on a daily basis. Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware. Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day. Microsoft has also provided removal instructions for the pilot version of WGA.
Despite this, Microsoft was sued under anti-spyware statutes over WGA's non-disclosed "phone home" behaviour. The lawsuit has since been dismissed.
(incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons such as failed updates, etc. Microsoft has established a forum to help users encountering problems. In February 2007, a "Not Sure" section was added to the program, in case of an incorrect reading.
According to an editorial on the arstechnica.com technology website, WGA reported around 22% of 500 million Windows computers as failing the test; of these less than 0.5% were due to pirate software, with the balance (over 20%, or 90% of all positives) related to non piracy issues. Microsoft "refused to comment on the rate of pure false positives" beyond saying it was "under 1%" (or as stated, at most around 5 million users affected).
's official website) using Internet Explorer
with IEs4Linux
and Wine
, running on Linux
, without even having a Windows
-family system installed.
usage occurs. This flaw has not yet (July 2009) been fixed, although it still prevents critical system updates.
On October 5, 2006, a WGA failure occurred, incorrectly flagging some systems as being non-genuine.
On August 25, 2007, the Microsoft WGA servers suffered an outage, resulting in many legitimate copies of Windows XP and Vista being marked as counterfeit. The issue was solved about twelve hours later. According to Microsoft, "fewer than 12,000 systems were affected worldwide."
On July 18, 2008, reports of Microsoft's WGA and OGA servers being offline surfaced again. Microsoft later responded that only offline verification was temporarily down.
Copyright infringement
Copyright infringement is the unauthorized or prohibited use of works under copyright, infringing the copyright holder's exclusive rights, such as the right to reproduce or perform the copyrighted work, or to make derivative works.- "Piracy" :...
system created by Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
that enforces online validation of the licensing of several recent Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s when accessing several services, such as Windows Update
Windows Update
Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components, including Internet Explorer...
, and downloading Windows components from the Microsoft Download Center. In Windows 7, WGA is renamed Windows Activation Technology. WGA consists of two components: an installable component called WGA Notifications that hooks into Winlogon
Winlogon
In computing, Winlogon is the component of Microsoft Windows operating systems that is responsible for handling the secure attention sequence, loading the user profile on logon, and optionally locking the computer when a screensaver is running...
and validates the Windows license upon each logon and an ActiveX control that checks the validity of the Windows license when downloading certain updates from the Microsoft Download Center or Windows Update
Windows Update
Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components, including Internet Explorer...
. WGA Notifications covers Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
, Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and current versions of Windows 7. It does not cover other versions of the Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...
family, such as Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
, Windows Server 2003
Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
and Windows XP Professional x64 Edition, or the Windows 9x
Windows 9x
Windows 9x is a generic term referring to a series of Microsoft Windows computer operating systems produced since 1995, which were based on the original and later modified Windows 95 kernel...
family. The ActiveX control however checks Windows 2000 Professional
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
licenses as well.
WGA also advertises the latest service pack for Windows XP, which requires manual intervention to disable. Previously voluntary, it became mandatory for use of these services in July 2005.
Despite its name it does not actually evaluate the integrity or security of any computer.
Features
The WGA validation process validates the present installation of Windows and its license key against the detected hardwareHardware
Hardware is a general term for equipment such as keys, locks, hinges, latches, handles, wire, chains, plumbing supplies, tools, utensils, cutlery and machine parts. Household hardware is typically sold in hardware stores....
and determines if the software was licensed from Microsoft. It is accessible by either a stand-alone program, a Netscape-compatible web browser plug-in, or as an ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....
control within Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
, the latter of which is relevant to any attempt to access Microsoft updates via its browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
. It includes the following steps:
- Upon their first visit to Windows Update or certain updates on the Microsoft Download Center, users receive a message requiring them to validate their copy of Windows by downloading an ActiveXActiveXActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....
control which checks the authenticity of their Windows software. If successful in validating Windows, it stores a license file on the PC for future verification. - After successful validation, the regular update download can continue.
If the software decides the instance of Windows does not have a valid license, WGA displays a specific notice to the user and prevents non-critical updates from being downloaded from Microsoft.
The ActiveX control is downloaded on the first validation and when a new version is available, but the validation itself can be performed any time the user connects to a Microsoft Website to update.
- On Windows VistaWindows VistaWindows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
RTM, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables Windows AeroWindows AeroWindows Aero is the graphical user interface and the default theme in most editions of Windows Vista and Windows 7, operating systems released by Microsoft. It is also available in Windows Server 2008, but is not enabled by default. Its name is a backronym for Authentic, Energetic, Reflective and...
, Windows DefenderWindows DefenderWindows Defender, formerly known as Microsoft AntiSpyware, is a software product from Microsoft to prevent, remove, and quarantine spyware in Microsoft Windows...
, and ReadyBoostReadyBoostReadyBoost is a disk cache component of Microsoft Windows, first introduced with Microsoft's Windows Vista in 2006 and bundled with Windows 7 in 2009...
. The user is given a grace period in which to then pass validation, after which most of the operating system is disabled and Windows reverts to reduced functionality mode. This behavior however has been removed in Service Pack 1 of Windows Vista in favor of prominent notices on systems believed unlicensed.
- Microsoft has recently made some changes with a WGA update for Windows XP Professional and Windows 7 Ultimate as well that result in not just a pop-up balloon, but instead the wallpaper changes to black, and there will be a translucent notice in the lower right-hand section of the screen that the user cannot get rid of. However, they can interact with things placed behind it still. There will also be a notification at the login screen. The user can change their desktop wallpaper to whatever they want, but the notifications will remain, and every 60 minutes it will revert back to the black screen. However, This will only happened to the first user in the computer where you log on to, if you choose different user, it will not turn black, and your wallpaper will remain.
WGA Validation Tool
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
add-on is installed labeled "Windows Genuine Advantage". In early releases the tool could be readily disabled with the IE Add-on Management feature. A Windows Group Policy
Group Policy
Group Policy is a feature of the Microsoft Windows NT family of operating systems. Group Policy is a set of rules that control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications, and...
was added by later updates, causing this option to be unavailable by default, but still accessible if the policy were removed. As of July 2006, the latest update blocks management by other means.
The program uses either a stand-alone program to generate a key or an ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....
control to discover whether the license key
Key server (software licensing)
Key server for software licensing is a colloquial or generic description that refers to a centralized computer software system which provides tokens, or keys, to client computers in order to enable licensed software to run on them....
is valid; either way an Internet connection is required. If WGA determines that a user's copy of Windows is unauthorized
Copyright infringement of software
Copyright infringement of software=The copyright infringement of software refers to several practices which involve the unauthorized copying of computer software. Copyright infringement of this kind varies globally...
but was installed from seemingly-legitimate media (i.e., the CD
CD-ROM
A CD-ROM is a pre-pressed compact disc that contains data accessible to, but not writable by, a computer for data storage and music playback. The 1985 “Yellow Book” standard developed by Sony and Philips adapted the format to hold any form of binary data....
and holographic emblem present on real copies of Windows seems genuine), then Microsoft will supply the user with a new CD. Microsoft also offers discounts to people who want to purchase a legitimate copy of Windows but do not have a valid CD. Microsoft has indicated that they will continue to deliver critical security updates through their Automatic Updates service as well as via the Microsoft Download Center, so that all systems, including those that fail to pass validation, will still continue to receive critical security updates.
The company has made installation of Windows Genuine Advantage a requirement for use of the Windows Update
Windows Update
Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components, including Internet Explorer...
and Microsoft Update websites, in part to be sure that customers who use support resources of the company are aware when their software is unlicensed. According to Microsoft themselves, it is legal to run Microsoft Windows without Windows Genuine Advantage . However, since non-critical Windows updates are not presented by Automatic Updates, installation of WGA is required for installation of such non-critical updates, which are only available through Windows Update or the Microsoft Download Center.
WGA Notifications
On April 25, 2006, Microsoft began distributing Windows Genuine Advantage Notifications as "critical update" KB905474 to Windows users. For Windows 7, KB971033 has the same function. Back in 2006, users with pirated copies were exposed to alerts at startup, login, and during use of the Windows OS, stating that they do not have a genuine copy of Windows. Users with legitimate copies are not supposed to see the alerts (although some do anyway). On May 23, 2006, Microsoft updated the program, closing some forms of circumvention, but reportedly not all. It was updated again on May 30, June 6 and June 27, 2006, though some forms of circumvention are still usable. The latest versions do not roll out worldwide at the same time: the dates given are the earliest dates on which the versions appeared, so the actual version being offered in some places will be an earlier version than the latest release. It is still possible to opt out of receiving this update using the "do not show" option at the Windows Update site. In addition to these notifications, Windows Genuine Advantage will also notify users with the message "This version of Windows XP is no longer secure" if users on an XP Operating System are not using Service Pack 3, and it will provide a link to help users to upgrade their systems to the new service pack.The version of Windows Genuine Advantage Notifications released November 29, 2006 had a changed install process to inform the user of what the program does, and can also be set to automatically update to newer versions of Windows Genuine Advantage Notifications. It also informs users that may have a non-genuine version of Windows why their Windows version isn't being reported as genuine. However, unlike previous releases, it started being only automatically delivered to Windows machines using four widely-distributed product keys.
The latest update (version 1.9.0040.0) was released on March 24, 2009.
WGA Validation Library
Microsoft includes the Windows Genuine Advantage Validation Library in several products, such as Windows validation tool or Windows Media Player 11, to check the validation about all Windows software. As of version 7, Internet ExplorerInternet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
no longer requires the user to pass a Windows Genuine Advantage test in order to download or install the software.
The WGA Validation Library is also included in the Microsoft Security Essentials 2.0 and validate the Windows installation whether it is legitimate or not. The program will stop working after 30 days once it failed the validation process.
The information is then used in the WGA Library to check for overuse of license keys.
Circumvention
In September 2005, Microsoft filed lawsuits against a number of companies that sold unauthorized copies of software based on information from users who were told they have copyright infringingCopyright infringement
Copyright infringement is the unauthorized or prohibited use of works under copyright, infringing the copyright holder's exclusive rights, such as the right to reproduce or perform the copyrighted work, or to make derivative works.- "Piracy" :...
software by the Windows Genuine Advantage application.
On November 16, 2005, Microsoft released a standard Netscape WGA plug-in to complete the Windows validation process from Mozilla Firefox
Mozilla Firefox
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. , Firefox is the second most widely used browser, with approximately 25% of worldwide usage share of web browsers...
and other Gecko
Gecko (layout engine)
Gecko is a free and open source layout engine used in many applications developed by Mozilla Foundation and the Mozilla Corporation , as well as in many other open source software projects....
-based browsers (including Netscape
Netscape
Netscape Communications is a US computer services company, best known for Netscape Navigator, its web browser. When it was an independent company, its headquarters were in Mountain View, California...
) - although it does not use the Firefox extensions system, and thus is not supported by the latest version of the browser. It does not work in other NPAPI
NPAPI
Netscape Plugin Application Programming Interface is a cross-platform plugin architecture used by many web browsers.It was first developed for the Netscape family of browsers starting with Netscape Navigator 2.0 but was subsequently implemented by many other browsers, including all of the browsers...
browsers such as Opera
Opera (web browser)
Opera is a web browser and Internet suite developed by Opera Software with over 200 million users worldwide. The browser handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC, downloading files via BitTorrent,...
. Another workaround was released on December 25, 2005 to bypass WGA authentication by using a valid hash generated by a remote system. Microsoft responded with a cease and desist
Cease and desist
A cease and desist is an order or request to halt an activity and not to take it up again later or else face legal action. The recipient of the cease-and-desist may be an individual or an organization....
letter to the website host, and the workaround was taken down on January 6, 2006. Many people continue to validate on the Microsoft website from a public computer using a genuine copy of Windows, then write down the hash and continue to use it at home or work. As of July 2006, Microsoft had not prevented people from disabling WGA in this manner. On May 4, 2006 Microsoft announced lawsuits for allegedly distributing unauthorized copies of Windows against eDirectSoftware of Montana, and Chicago-area resellers Nathan Ballog and Easy Computers.
Various workarounds to get past WGA authentication have been released on the Internet. Before Microsoft issued official instructions on removing the WGA Notifier (a desktop application which resides in the notification area and periodically displays messages, reminding users to authenticate their operating system), users simply had to remove 2 files in order to get rid of the software from their system (four files: one executable and one dynamic link library in C:\Windows\system32\ and their exact copies in C:\Windows\system32\dllcache\; only an administrator can rename/delete these files).
In September 2006, Microsoft dropped various required validations on programs such as ActiveSync
ActiveSync
ActiveSync is a mobile data synchronization technology and protocol developed by Microsoft, originally released in 1996. There are two implementations of the technology: one which synchronizes data and information with handheld devices with a specific desktop computer , and another technology,...
.
In June 2007 it was found to be possible to validate with WGA when running Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
(see below). The WGA Validation Tool has undergone a number of version changes since then, so this may well no longer be true.
Notifications and firewalls
Some personal firewallPersonal firewall
A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy. Typically it works as an application layer firewall....
s, though not one embedded in Windows, may alert on the method by which wgatray.exe is started; in the case of Outpost firewall, it is identified as a "hidden process". The wgatray.exe process itself can be firewall blocked, without apparent problems.
A tool has been released by a firewall vendor to prevent WGA Notifications transmitting information from one's PC.
Data collected
Windows Genuine Advantage checks the following components:- Computer make and model
- BIOSBIOSIn IBM PC compatible computers, the basic input/output system , also known as the System BIOS or ROM BIOS , is a de facto standard defining a firmware interface....
checksumChecksumA checksum or hash sum is a fixed-size datum computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmission or storage. The integrity of the data can be checked at any later time by recomputing the checksum and...
. - MAC addressMAC addressA Media Access Control address is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet...
. - A unique number assigned to the user's computer by the tools (Globally Unique Identifier or GUID)
- Hard drive serial number.
- Region and language settings of the operating system.
- Operating system version.
- PC BIOS information (make, version, date).
- PC manufacturer.
- User locale setting.
- Validation and installation results.
- Windows or Office product key.
- Windows product ID.
WGA in China
According to various polls carried out by Chinese portals such as Sohu.com, QQ.com, 21cn.com, and many others, a large number (over 60% of those surveyed) of Chinese Internet users are hostile to Microsoft Windows Genuine Advantage (WGA) and Office Genuine Advantage (OGA).
Time bomb
Even if WGA does not really make the program unusable, no updates except critical ones can be downloaded from Microsoft. Rather than just disallowing updating, Windows VistaWindows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
originally ran in reduced-functionality mode if found by WGA to be compromised if a product has not been considered genuine which has made some people compare WGA to time bomb software
Time bomb (Software)
In computer software, a time bomb refers to a computer program that has been written so that it will stop functioning after a predetermined date or time is reached. The term "time bomb" does not refer to a program that stops functioning a specific number of days after it is installed; instead, the...
. Windows Vista SP1 has removed this behavior and reverted to the nag-only methods of Windows XP.
Spyware accusations
The notification tool has been accused of spywareSpyware
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's...
-like behavior, "phoning home
Phoning home
Phoning home, in computing, refers to an act of client to server communication where a client device or client application software reports its location on a network, the currently logged on user, or any other information to a server computer...
" on a daily basis. Microsoft subsequently admitted the behaviour, but denied that it amounted to spyware. Following pressure, Microsoft announced that in future the tool would only phone home once every two weeks, instead of every day. Microsoft has also provided removal instructions for the pilot version of WGA.
Despite this, Microsoft was sued under anti-spyware statutes over WGA's non-disclosed "phone home" behaviour. The lawsuit has since been dismissed.
False positive rate
The WGA program can produce false positivesType I and type II errors
In statistical test theory the notion of statistical error is an integral part of hypothesis testing. The test requires an unambiguous statement of a null hypothesis, which usually corresponds to a default "state of nature", for example "this person is healthy", "this accused is not guilty" or...
(incorrectly identifying a genuine copy of Windows as "not genuine"). This can happen for any number of reasons such as failed updates, etc. Microsoft has established a forum to help users encountering problems. In February 2007, a "Not Sure" section was added to the program, in case of an incorrect reading.
According to an editorial on the arstechnica.com technology website, WGA reported around 22% of 500 million Windows computers as failing the test; of these less than 0.5% were due to pirate software, with the balance (over 20%, or 90% of all positives) related to non piracy issues. Microsoft "refused to comment on the rate of pure false positives" beyond saying it was "under 1%" (or as stated, at most around 5 million users affected).
False negatives
On June 18, 2007, news surfaced that it is possible to positively validate as a "Genuine Microsoft Product" user (and– as a result– be able to download certain software from MicrosoftMicrosoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
's official website) using Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
with IEs4Linux
IEs4Linux
IEs4Linux is a free and open source script that allows a user to run Internet Explorer on Wine . It is possible to install Internet Explorer versions 5, 5.5, and 6; along with partial functionality of IE7 .This application...
and Wine
Wine (software)
Wine is a free software application that aims to allow computer programs written for Microsoft Windows to run on Unix-like operating systems. Wine also provides a software library, known as Winelib, against which developers can compile Windows applications to help port them to Unix-like...
, running on Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, without even having a Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
-family system installed.
Major failures in WGA system
From the moment that WGA was released, it had a flaw that allows a typical user to remove the program without uninstalling its root key, causing Windows to think that the software is installed although no "nagging" process or RAMRam
-Animals:*Ram, an uncastrated male sheep*Ram cichlid, a species of freshwater fish endemic to Colombia and Venezuela-Military:*Battering ram*Ramming, a military tactic in which one vehicle runs into another...
usage occurs. This flaw has not yet (July 2009) been fixed, although it still prevents critical system updates.
On October 5, 2006, a WGA failure occurred, incorrectly flagging some systems as being non-genuine.
On August 25, 2007, the Microsoft WGA servers suffered an outage, resulting in many legitimate copies of Windows XP and Vista being marked as counterfeit. The issue was solved about twelve hours later. According to Microsoft, "fewer than 12,000 systems were affected worldwide."
On July 18, 2008, reports of Microsoft's WGA and OGA servers being offline surfaced again. Microsoft later responded that only offline verification was temporarily down.
See also
- Office Genuine AdvantageOffice Genuine AdvantageOffice Genuine Advantage was a program by Microsoft similar to Windows Genuine Advantage which required users of the Microsoft Office software to validate their copy of Microsoft Office to download non-critical updates and other downloads such as addons, samples etc.This is different from Product...
- Windows Product Activation
- Digital rights managementDigital rights managementDigital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...