WGA: What You Need to Know

Taking a guilty-until-proven-innocent stance, on Jul 26, 2005, Microsoft introduced it’s new anti-piracy measure named “Windows Genuine Advantage,” or WGA for short. To sum it up for you, you run an ActiveX app (or downloaded exe) on your PC, and it checks the key that you used to install your copy of Windows ME/2000/XP against it’s Microsoft’s database of keys to see if you’re running a legitimate copy of the operating system.

Big deal, right? Well it is if you’re running a pirated copy of Windows XP. After WGA performs the check to see if it’s being run on a legit copy of Windows, it then sends information about your PC, not to mention your IP address, to Microsoft. The information sent to MS includes, and may not be limited to (source):

• OEM product key
• PC Manufacturer
• OS version
• PID/SID
• BIOS info(make, ver, date)
• BIOS MD5 Checksum

Microsoft states that it needs to gather this “information on counterfeit sellers in order to get information on illegal practices and to work with authorities to enforce anti-piracy policies and laws,” and that the information will be used for “three [other] purposes: Web page flow, demographics, and to confirm user input. Web page flow means tailoring pages presented based on the user’s responses. Demographic information helps Microsoft to understand regional differences in Windows usage, and helps us tailor responses appropriately. User input is often compared against data collected from the PC in order to determine whether to grant a user’s request for additional access.”

Apparently the product key and PC manufacturer, and BIOS information will be used for web page flow, to confirm user input, and for demographics while the OS version, PID/SID, and BIOS MD5 Checksum will only be used for demographic data.

Microsoft has stated that they “will not bring legal action against the people who participate in the genuine Windows offer,” which is a special offer they have for those people who are running a version of Windows XP that does not pass the check. For just $99 for XP Home, and $149 for XP Pro, users can purchase a Windows Genuine Advantage Kit, which will include a new product key and the “Windows Product Key Update tool,” which converts the current install of windows to a genuine Windows install. Customers can also have a new CD mailed out to them, but first they have to rat out the person who gave them the original copy of the pirated OS by filling out a counterfeit report.

I can see this expanding much farther than just selling a copy or two of licensed Windows operating systems, Microsoft has something up their sleeve. Could it be MPAA-style mass-copyright infringement lawsuits against all those who failed the check, or I expect that every Microsoft download in the future will restricted to work with only the “Genuine Windows” operating systems. Currently, only a few certain updates are offered to Genuine Windows users. Basically, what I get out of this whole situation is that Microsoft will require users to buy Windows or they’re gonna fuck your shit up. I can even see MS singling out pirated installs and requiring them to download an “update” which may hinder the operation of Windows until a legit copy is purchased. Of course, this is all just speculation.

WGA isn’t without it’s flaws. And don’t even get the WINE users, or those who are blind started.

Posted on an official MSDN blog, Jedro Blogo, in an interesting bit of info:

“As an owner of a pirated copy of Windows the only thing you lose is the ability to log on to Windows Update and manually select the updates.”

That’s right, those running the a pirated copy of windows can still download Security updates (but will not be able to log into the Windows Update website), provided they have the Windows Automatic Updater installed. Read Up on installing Automatic Updater in Windows ME, 2000 and XP.

Also it has been reported that Debasis Mohanty (why are all ‘hacker’ sites black and green?) has discovered a way to defeat the check and reported it to the software giant. Microsoft criticizes security guru’s proof of concept stating that “The generated code is partly made up of a timestamp, which would prevent use after a short period,” but Mohanty has had Microsoft’s beta software with the genuine check enabled, and has had it running fine for over 6 weeks since he originally discovered the problem. Download a copy of the PoC here.

Apparently there are a coupe of other workarounds to keep WGA at bay. Either you can paste “javascript:void(window.g_sDisableWGACheck=’all’) (no quotes) into the address bar of Internet Explorer before clicking the “Express” or “Custom” installs in the Automatic Update feature, or try opening IE, click Tools, Manage Addons, then select the ‘Addons that have been used by Internet Explorer’ option and disable the “Windows Product Advantage” addon. Both options have been tested and work, at least as of this post.

I hope this sheads a little light for those who have been wondering about all the Windows Genuine Advantage hype. I’m very interested to see just how far Microsoft goes with this new WGA validation, and to see just how much havoc is wreaks. Stay Tuned!

Update: Apparently it was Rafael Rivera who originally came up with the idea befind the wga bypass. Gotta give credit where credit is due!

Related Links

• Windows Genuine Advantage
• Official Microsoft FAQ
• Debasis Mohanty’s post titled Defeating Microsoft WGA Validation Check
• Installing Windows Automatic Updater in Windows XP, 2000 and ME
• Windows Genuine Advantage

digg this / del.icio.us / bloglines / Posted: July 29th, 2005
Category: Software
Wanna trackback?

One Comment