backtop

Software Microsoft Sued Over WGA
Brandon Hill (Blog) - June 30, 2006 11:33 AM
Print E-mail del.icio.us 46 comment(s) - last by gtnbuckeye.. on Jul 7 at 11:40 AM
More trouble brewing in Redmond

Just when you thought that Microsoft's WGA problems were over with the release of an updated version of the utility and instructions on how to remove older versions completely, things have taken a turn for the worse. A Los Angeles resident is now suing the software giant saying that it violated spyware laws.

Brian Johnson is seeking class-action status for his claims that Microsoft was too light on the details when it delivered its WGA anti-piracy utility to Windows based machines. As detailed in the suit, "Microsoft effectively installed the WGA software on consumers' systems without providing consumers any opportunity to make an informed choice about that software."

A spokesman for Microsoft dismissed the charges and responded that the WGA utility is installed only after the user gives permission to do so. The Seattle Post Intelligencer reports:

Microsoft's Desler disputed that assertion and said the suit shouldn't obscure what he called the "real issue," software piracy. "The WGA program was carefully developed to focus on what is really an industrywide problem in a manner that is lawful, and provides customers with the confidence and assurance that they're running legitimate software," he said.

For those of you still want to get rid of the WGA utility and don't want to jump through hoops by editing the registry, a new utility has been released to make the process much easier.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
about time too.
By ForumMaster on 6/30/2006 1:19:18 PM , Rating: 2
maybe ms will finally stop their unacceptable behavior now. personally, i have a legit copy of windows, but did not install this crap. i already know that my copy is legit, why run an extra service that takes up resources? screw ms and their ways. i need to get linux.




RE: about time too.
By Morpth on 6/30/06, Rating: 0
RE: about time too.
By masher2 (blog) on 6/30/2006 2:09:54 PM , Rating: 2
Honestly, the idea of a man suing over his own decision to intentionally install a piece of software is laughably ludicrous, and further highlights current abuses of our legal system.


RE: about time too.
By kattanna on 6/30/2006 2:22:00 PM , Rating: 3
actually if you have your system set for automatic updates it would have installed itself on its own. And since it wasnt a truly "critical" update, ie security fix or such, there was no need for it to be there.

at worst though, it will make people leary of setting their systems to use automatic updates, which would be more harmfull in the long run.



RE: about time too.
By masher2 (blog) on 6/30/2006 2:33:13 PM , Rating: 1
> "actually if you have your system set for automatic updates it would have installed itself on its own..."

Through the implied consent you gave by turning on that feature. The definition of "automatic" in conjunction with "update" is pretty damn clear to me....what about you?

> "it wasnt a truly "critical" update, ie security fix or such..."

Nowhere does Microsoft define "critical update" in a manner which disallows WGA. The definition is in the eye of the beholder. Furthermore, one could certainly argue that WGA does provide "security", by safeguarding users against purchasing pirated copies of Windows.

I realize how desperately the anti-Microsoft crowd wants to assign blame for nonexistent problems, but really one has to ask-- what's the issue here? I've used a lot of high-end software that automatically "phones home" each and every time you start it up. If you don't like it-- don't use it. Its a free country. You're free to avoid products you don't like, and companies are (or should be) free to design products as they wish, and protect them in any manner they so desire.




RE: about time too.
By bob661 on 6/30/2006 2:41:54 PM , Rating: 2
quote:
Its a free country. You're free to avoid products you don't like, and companies are (or should be) free to design products as they wish, and protect them in any manner they so desire.
What if you choose to use a particular software but do not want to choose to have that software phone home everytime it launches? Shouldn't we have the "freedom" to make that choice also?


RE: about time too.
By masher2 (blog) on 6/30/06, Rating: 0
RE: about time too.
By Lord 666 on 6/30/2006 3:52:45 PM , Rating: 1
>I've used a lot of high-end software that automatically "phones home" each and every time you start it up. If you don't like it-- don't use it. Its a free country. You're free to avoid products you don't like, and companies are (or should be) free to design products as they wish, and protect them in any manner they so desire.

>Essentially you're wanting to force someone else to produce a product to fit your needs. It's a free market. If no one wants to provide your needs, you fill them yourself, or go without.

Masher, the issue here is WGA Notifications is something new and introduced long after people have purchased and installed Windows XP legally or illegally. At one point it met peoples needs and was not spyware, but it now has changed. For those who own legal copies, but WGA has false positives (I am one of them because of being a hardware enthusist) it begs to question how far MS is pushing contractual law let alone anti-spam laws. I don't have an issue with software phoning home, but to have this mechanism installed 5 years after release and create false positives is absurd, counter productive, and against established public policy.

If you do purchase a kit to become genuine, Microsoft attempts to inseminate a legit key, but they also warn your entire system might have to be reloaded. Should people be allowed to sue for time and effort to re-load an OS because of WGA malfunctions?


RE: about time too.
By masher2 (blog) on 6/30/2006 11:38:19 PM , Rating: 1
> "At one point it met peoples needs and was not spyware, but it now has changed."

Only for those people who chose to install WGA-- either directly, or by proxy, through agreeing to automatic updates. Furthermore, if you don't like it, its

As for it being "spyware", I consider that a highly specious twisting of the definition.

> "but WGA has false positives..."

I'd imagine 99% of the "false positives" are people who bought from a cut-rate vendor who resold the same OEM copy multiple times. And .9% of the remaing are just the usual anti-Microsoft suspects, posting false information to message boards, hoping to fan the flames.

I'm sure false positives can happen...but I'm equally sure its an extraordinary rare case. I know of one company in particular which had 80,000 machines validated at a whack. All without a single false positive.

> If you do purchase a kit to become genuine, Microsoft attempts to inseminate a legit key, but they also warn your entire system might have to be reloaded. Should people be allowed to sue for time and effort to re-load an OS because of WGA malfunctions?

Let me get this straight. You're buying a "kit" because you found out you're using pirated software. And since people who THOUGHT they were getting a legal copy are eligible for a free kit, that also means you're pretty sure you knew were breaking the law the whole time.

So instead of jail time and a $250,000 fine, you get an offer to buy measly $99 kit....and you're upset over the (rare) chance you might have to reload the OS?

Truth, sir, is stranger than fiction.



RE: about time too.
By RMTimeKill on 6/30/2006 3:59:58 PM , Rating: 2
Well your first problem is you wanted to buy a chevy... 3 wheels or not... you can keep it...


RE: about time too.
By kattanna on 6/30/2006 3:17:11 PM , Rating: 4
LOL...first off..im not anti microsoft. in fact, if anything, im a fanboy. I remember all to well the world of PC's before windows. command line hell..every piece of software had its own unique interface making going back and forth a nightmare..but lets move on...

quote:
Nowhere does Microsoft define "critical update" in a manner which disallows WGA


hmm..lets check...

http://support.microsoft.com/?kbid=824684

• Critical Update

Definition: A critical update is a broadly released fix for a specific problem that addresses a critical, non-security-related bug.

Additional Information: Critical updates are available for customers to download and are accompanied by a Microsoft Knowledge Base article.


• Security Update

Definition: A security update is a broadly released fix for a product-specific, security-related vulnerability. Security vulnerabilities are rated based on their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low.

Additional Information: Microsoft security updates are available for customers to download and are accompanied by two documents: a security bulletin and a Microsoft Knowledge Base article. For more information about the format of Microsoft Knowledge Base articles for Microsoft security updates, click the following article number to view the article in the Microsoft Knowledge Base:

hmmm..a little piece of code thats SOLE purpose is to check to see if your running a pirated copy. it doesnt seem to fit eithe one of those definitions.

and please masher..you dont seem dumb or gullible enough to me to buy that that they are doing it to protect the consumer.


anyways..to me its all a moot point because i dont really care as i run legit software...i just hope my main point doesnt get lost in all this

quote:
at worst though, it will make people leary of setting their systems to use automatic updates, which would be more harmfull in the long run.




RE: about time too.
By masher2 (blog) on 6/30/2006 11:44:04 PM , Rating: 2
> "hmmm..a little piece of code thats SOLE purpose is to check to see if your running a pirated copy. it doesnt seem to fit eithe one of those definitions. "

It most certainly does. It plugs a security vulnerability in Windows. The vulnerability of a pirated copy being able to masquerade as legit. A pirated copy that could easily have other, more sinister changes as well, unbeknownst to the user.

Now, you might not like that definition, but that doesn't change its validity.

> and please masher..you dont seem dumb or gullible enough to me to buy that that they are doing it to protect the consumer.

They're doing it primarily to protect their Intellectual Property...a point that changes nothing. Where is it written that changes to Windows have to only benefit the consumer?

However, that does not imply that WGA is *harming* the consumer. Far from it. Millions of people ARE being helped by WGA. They're receiving free copies of Windows to replace pirated versions. And they're finding out which of their vendors are trustworthy and which are not.


RE: about time too.
By Martin Blank on 6/30/2006 4:58:43 PM , Rating: 2
quote:
Nowhere does Microsoft define "critical update" in a manner which disallows WGA.


Would you like to put some money on that one?

Critical Update

Definition: A critical update is a broadly released fix for a specific problem that addresses a critical, non-security-related bug.

Additional Information: Critical updates are available for customers to download and are accompanied by a Microsoft Knowledge Base article.

Source: http://support.microsoft.com/?kbid=824684

The average person would not associate a pirated key with a bug. I know of few technical people who would do so, including those who are quite familiar with Microsoft and its patching practices. What bug does WGA address?

quote:
Furthermore, one could certainly argue that WGA does provide "security", by safeguarding users against purchasing pirated copies of Windows.


WGA does nothing to stop the purchase of pirated copies of Windows. It may help to find out that the copy was not legitimately sold, but that's an economic and issue associated with licensing and proper use, not a security issue associated with fixing bugs.

It can be more easily argued that the presence of a program which contacts an outside entity -- whether or not that entity is Microsoft -- without the user's knowledge is a security risk. Further, it has not been established whether this process could be used for more nefarious purposes by redirecting the information.


RE: about time too.
By mindless1 on 7/1/2006 2:02:33 AM , Rating: 2
Complete nonsense.

Turing on the feature does NOT give MS consent to do whatever they want to your system. Likewise, going to a website that has a java app, and knowing it does run, does not mean you give that website blanket authorization to install a virus on your system.

Nowhere is there ever a situation where MS gets to do whatever they want unless previously, explicitly denied.

One could not argue that WGA provides "security" because even if they had bought a pirated copy of windows, that would have to have happened ALREADY.

You must be intentionally trolling to so completely argue nonsense concepts that are clearly wrong.

The issue is quite clear. There is no possible thought that YOU have, that matters to anyone else when it comes to whether they are going to run code that does what they do not want on equipment THEY own.

If we don't like that, MS is an unauthorized user of the system and those responsible should be in prison. You're free to disagree and it doesn't make even the tiniest bit of difference because it is not YOUR system.

You are the only one arguing against it being a free country, and we know we are not free to avoid products because of the monopoly.

Companies are not free to protect products AFTER they were purchased. carte blanche addendums to contracts after their acceptance do not stand up in court and it doesn't matter if you think otherwise because again, it's not your system nor your money.


RE: about time too.
By masher2 (blog) on 7/1/2006 4:33:31 PM , Rating: 3
> "Turing on the feature does NOT give MS consent to do whatever they want to your system..."

It gives them consent to alter it in any way they so choose, as long as -- in their opinion-- they are correcting bugs or increasing security. Period.

You obviously don't like those cold, hard facts. They exist, however, and no amount of bleating laments will change that.

> "One could not argue that WGA provides "security" because even if they had bought a pirated copy of windows, that would have to have happened ALREADY"

So? A patch that detects malware or damage to system files can be downloaded after the fact as well, and that certainly falls into the realm of "providing security". In fact, Microsoft has already distributed such tools in the past, without a peep from anyone. You're going to have to do better than this.

> "MS is an unauthorized user of the system and those responsible should be in prison..."

Never troubled to learn much about our legal system, did you?

> "Companies are not free to protect products AFTER they were purchased..."

Not unless you give them permission to do so. Which you clearly did, by virtue of allowing AUTOMATIC UPDATES. Whatever did you think that phrase meant?

> "You must be intentionally trolling to so completely argue nonsense concepts ..."

Try not to live up to your name, Mindless1.





RE: about time too.
By jtesoro on 7/2/2006 10:43:28 AM , Rating: 2
The bottom line is that what Microsoft did with WGA and AutoUpdates betrayed some level of trust that a lot of people put into these features. While there is a benefit that WGA gives to consumers, having it surreptitiously "phone home" so often seems to have gone too far.

For myself, I've switched off the automatic installation of downloaded updates.


RE: about time too.
By masher2 (blog) on 7/2/2006 10:47:59 AM , Rating: 2
> " While there is a benefit that WGA gives to consumers, having it surreptitiously "phone home" so often seems to have gone too far..."

I suppose you don't realize that automatic update itself has to "phone home" to see if updates are available. How else do you expect such software to work? And no one seems to be upset by it pinging a Microsoft server on a daily basis. Why is that?

Similarly, WGA checks a database of compromised product keys. Quite obviously it has to get them from somewhere. Did you think telepathy or smoke signals were involved?