PDA

View Full Version : The Windows "Kill Switch"??



Tex Arcana
06-29-2006, 04:53 PM
June 27, 2006
Is Microsoft about to release a Windows "kill switch"?
Posted by Ed Bott @ 8:06 am
Digg This!

Two weeks ago, I wrote about my serious objections to Microsoft’s latest salvo in the war against unauthorized copies of Windows. Two Windows Genuine Advantage components are being pushed onto users’ machines with insufficient notification and inadequate quality control, and the result is a big mess. (For details, see Microsoft presses the Stupid button.)

Guess what? WGA might be on the verge of getting even messier. In fact, one report claims WGA is about to become a Windows “kill switch” – and when I asked Microsoft for an on-the-record response, they refused to deny it.

Last week, a correspondent on Dave Farber’s Interesting People list posted some comments about his experiences with Windows OneCare Live. In the middle of the post, he added this tidbit:

I like to review updates before they are installed. The only update that I have not installed is the latest WGA because of the security issues related to it.

I called Microsoft support to see if there is a hidden option to say, "yep, I've got updates turned to manual… it's okay." The rep said, "No and why wouldn't you want to get the latest updates to Windows."

I responded with the issues relating to WGA. He spent some time telling me that WGA was a good thing, etc. I reiterated that I have accepted all the updates except WGA and just want to review the updates before they're installed on my machine.

He told me that "in the fall, having the latest WGA will become mandatory and if its not installed, Windows will give a 30 day warning and when the 30 days is up and WGA isn't installed, Windows will stop working, so you might as well install WGA now." [emphasis added]

I'm wondering if Microsoft has the right to disable Windows functionality or the OS as a whole (tantamount to revoking my legitimate Windows license) if I do not install every piece of software that they send it updates.

That can’t be true, can it? I’m always suspicious of any report that comes from a front-line tech support drone, so I sent a note to Microsoft asking for an official confirmation or, better yet, a denial. Instead, I got this terse response from a Microsoft spokesperson:

As we have mentioned previously, as the WGA Notifications program expands in the future, customers may be required to participate. [emphasis added] Microsoft is gathering feedback in select markets to learn how it can best meet its customers' needs and will keep customers informed of any changes to the program.

That’s it. That’s the entire response.

Uh-oh. Currently, Windows users have the ability to opt out of the Windows Genuine Advantage program and still get security patches and other Critical Updates delivered via Windows Update. The only thing you give up is the ability to download optional updates. Hackers have been working overtime to find ways to disable WGA notification. If WGA becomes mandatory, would it mean that Microsoft could prevent Windows from working if it determines – possibly erroneously – that your copy isn’t “genuine”? That’s a chilling possibility, and Microsoft refuses an easy opportunity to deny that that option is in its plans.

Over at Ed Bott’s Windows Expertise, I’ve been soliciting feedback from Windows users who’ve been burned by WGA. So far, I’ve received 20 comments. Here’s a sampling:

*
I have an XP Media center with a promise RAID 0 4-disc array. When I installed the WPA it broke the drivers for the array by causing failed delayed writes (half of the array just “disapears”.) If I do a system restore to before the installation of the WPA everything goes back to working just fine.
*
[S]ince installing WPA … I’ve had blue screens and a total inability to boot. I had to run the XP repair function to get the computer to boot. I had a damaged boot sector on the hard drive. I am running two drives on a RAID 1 config.
*
I purchased a SEALED OEM copy of XP Professional. WGA said the license key was already used. I called MS and they said I should uninstall and buy another copy. I told them I wasn’t made of money and hung-up.
*
Microsoft rejected the product key that came with the ThinkPad I’m using. I had to call in and they gave me another code to enter which supposedly worked but now I get the blue screen of death about every other time I reboot. I’ve also lost all internet connectivity.
*
I sent my Compaq Presario notebook for service repair, and it fails the WGA check. I have a legal version of windows xp professional on it. But I have no way to correct this problem.

What’s most disturbing about this whole saga is Microsoft’s complete lack of transparency on the issue. And before the ABM crowd jumps in with predictable “What did you expect?” comments, let me argue that Microsoft actually has a fairly good track record on transparency issues in recent years. Windows Product Activation is very well documented, and when a similar uproar occurred in 2001, it was squelched quickly by some fairly prominent postings from high-level executives who provided details without a lot of spin. Likewise, the Microsoft Security Response Center has done an exceptional job at providing quick responses to security issues. (Just ask Adam Shostack.)

Currently, no one at Microsoft is blogging about this fiasco. No executive has been quoted on the record about it. There are very few technical details available, and those that have been published are being tumbled through the spin machine and spit out as press releases.

If Microsoft really does plan to turn WGA into a kill switch in September, be prepared for an enormous backlash.

:eek2:

Silver_2000
06-29-2006, 09:39 PM
Running RAID on XP pro has always been tricky

I would need to see the whole story before I believed anything

Its the internet you NEVER get the whole story

Doug

Tex Arcana
06-30-2006, 11:47 AM
Running RAID on XP pro has always been tricky

I would need to see the whole story before I believed anything

Its the internet you NEVER get the whole story

Doug
Hence why I linked the original story, which had the other original story linked to it.

I got it from my programmer friend, who's pretty knowledgable about this stuff; I also have two separate friends who got nailed with this: one with an illegal copy, one with a legal one; so I believe it, not to mention that I"ve been seeing this happening for years now, that MS is headed toward subscription-based computing, and that they will actively obsolete product in order to force "upgrading". :hammer:

Silver_2000
06-30-2006, 12:39 PM
Hence why I linked the original story, which had the other original story linked to it.

I got it from my programmer friend, who's pretty knowledgable about this stuff; I also have two separate friends who got nailed with this: one with an illegal copy, one with a legal one; so I believe it, not to mention that I"ve been seeing this happening for years now, that MS is headed toward subscription-based computing, and that they will actively obsolete product in order to force "upgrading". :hammer:

That will be a god send for both apple and Linux
Both OS's are VERY close to being a significant threat

Subscription might work for corporations but not for home users

Tex Arcana
06-30-2006, 12:44 PM
That will be a god send for both apple and Linux
Both OS's are VERY close to being a significant threat

Subscription might work for corporations but not for home users

Coroporations are DROOLING over that and MS's "anti-whistleblower" programming in Office. Kiss any sort of corporate oversight goodbye. :(