Saturday, September 13, 2008

Less than honest computer shops using WGA as a con-trick?

I know the digital rights and privacy advocate in me should really hate Windows Genuine Advantage, and I do generally hate it, but the software engineer in me sometimes thinks "hey, companies have a right to protect their IP don't they?" So while I might not agree with how Microsoft does things, I can at least see why.

However, what started out as an annoyance seems to have changed into something else altogether. WGA and its consequences are now part of the everyday lives of regular computer owners, which means that less than trustworthy characters can start to exploit the misunderstandings of members of the public to their own devious ends. A colleague rang me today to tell me about a somewhat shocking story that happened to a friend who took a PC to be repaired to a local computer shop in London. The PC would no longer boot and we believe said computer user had been the victim of some kind of Windows live messenger based phishing virus, which uses an infected system to prompt friends to download malware.

Taking his PC to the store and explaining that Windows would not start, the 'technician' didn't even bother to power the system on and instead explained that it was a pirated copy of Windows and that "Windows had blocked the computer". How he could tell this without even powering the machine we don't know, in the absence of a licence sticker there is still the possibility of a genuine retail copy of Windows being present. Of course, even with a pirate copy of XP on the machine, Windows is not 'blocked'. If your machine fails the Windows Genuine Advantage check, this is what happens:- (source - Wikipedia and my own research).

On Windows XP - If an instance of Windows does not seem to have a valid license, WGA displays a specific notice to the user and prevents non-Critical updates from being downloaded from Microsoft. That's it, that's all that happens, your PC is certainly not "blocked".

On Windows Vista, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables Windows Aero, Windows defender and ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system is disabled and Windows reverts to reduced functionality mode. Although since Service Pack 1 this no longer happens, instead you simply get prominent nag notices on systems not found to be genuine. Even in reduced functionality mode you can still boot your PC.

Even more shocking, when the victim asked the computer shop to install him a fresh copy of Windows, the 'technician' explained that this was pointless, the computer would be 'permanently blocked by Windows' and that it was now only good for scrap. Of course, he then pointed to his own range of 'fully legitimate' PC's and explained how they would never have any trouble with those. Just in case anyone isn't completely clear on this, this is complete and utter tripe. Systems which fail WGA can easily have a genuine licence applied to them, heck, Microsoft even give you the link in order to buy a genuine licence on any PC that fails WGA.

Sadly, this is yet another story of DRM gone bad. Anyone who fell for a story like this is not likely to have a positive impression of Microsoft and while WGA is designed to maximise their profits, stories like this only highlight how such draconian measures hurt the reputation of the companies they are supposed to protect.

No comments: