Anti-Piracy Update for Win7 is on it's Way

My name is URL

From Slashdot -

Lauren Weinstein sends in news of a major and disturbing Microsoft anti-piracy initiative called Windows Activation Technologies, or WAT. Here is Microsoft's blog post giving their perspective on what WAT is for. From Lauren's blog: "The release of Windows 7 'Update for Microsoft Windows (KB971033)' will change the current activation and anti-piracy behavior of Windows 7 by triggering automatic 'phone home' operations over the Internet to Microsoft servers, typically for now at intervals of around 90 days. ... These automatic queries will repeatedly — apparently for as long as Windows is installed — validate your Windows 7 system against Microsoft's latest database of pirated system signatures (currently including more than 70 activation exploits known to Microsoft). If your system matches — again even if up to that time (which could be months or even years since you obtained the system) it had been declared to be genuine — then your system will be 'downgraded' to 'non-genuine' status until you take steps to obtain what Microsoft considers to be an authentic, validated, Windows 7 license. ... KB971033... is scheduled to deploy to the manual downloading 'Genuine Microsoft Software' site on February 16, and start pushing out automatically through the Windows Update environment on February 23. ... [F]or Microsoft to assert that they have the right to treat ordinary PC-using consumers in this manner — declaring their systems to be non-genuine and downgrading them at any time — is rather staggering."

http://yro.slashdot.org/firehose.pl?op=view&type=story&sid=10/02/11/1735210

seamus

It will probably operate similarly to the genuine advantage patch on WinXP - i.e. you can choose not to install it and ignore it all you like, but once you choose to install it, it'll cripple your OS.

I don't see any major problem with it - you always have the choice to not install the patch, so they're not forcing anything on anyone.

Though it sounds like it would be easy enough to produce a "counter-patch" to this - you create a small server program which runs on the pirated machine. When the OS makes a call to microsoft to validate the software, the call gets looped back at the network level to the local server which reports that everything is A-ok and the OS knows no different.

LoLth

If it works like the genuine advantage patch it would be a case of "if you dont have this then you dont get X,y and Z updates"

not sure i agree with the heavy handedness of it but I can see the reasoning behind it and, lets be honest, if you have a valid system, its not going to make any difference to you.

users would always have the option of not installing it and not going online. Personally I remember the same argument about the WGA on XP and I've never had an issue with it (except for tearing my hair out once over a patch that wouldnt apply only to discover that the machine didnt have the WGA installed).

Wonder what will happen for machines that dont connect to the internet after the patch is installed? For example a streamlined install or batch updated system at build time that never goes outside the Local Lan. will WSUS not count as the dial out destination?

DarrenMSP

seamus wrote: »

I don't see any major problem with it - you always have the choice to not install the patch, so they're not forcing anything on anyone.

Exactly... No drama really...

seamus

LoLth wrote: »

Wonder what will happen for machines that dont connect to the internet after the patch is installed? For example a streamlined install or batch updated system at build time that never goes outside the Local Lan. will WSUS not count as the dial out destination?

That's one thing I was thinking of - most, if not all corporate networks will not allow their machines to connect externally over anything but HTTP. The setup permutations are too great for MS to be able to devise a system that will work in all scenarios.

You could add a "passthrough" validator to WSUS I guess, but there are many companies that don't use WSUS.

Naikon

DarrenMSP wrote: »

Exactly... No drama really...

Not on principle though. I got sick and tired of putting up with bs like this about five years ago. Moved to other operating systems and I will probably never go back to using MS tech for as long as I have a pulse.
Not to sound too preachy, but do something about it if you are not happy. If you don't care...fine but don't bury the issue under the carpet. It's NOT ok for Microsoft to implement these policies for paying customers.
What if Microsoft told you you can only use your PC if you authenticate with a central login server for every session? That you could not ever use the machine offline? Putting up with this patch is a sign of acceptance.

People should at least voice there concerns. Workarounds like 'do not install this patch' and 'be happy' are workarounds at best. Such concerns need to be nipped in the bud.
As said in the slashdot article, don't let your affairs with Microsoft turn into a Stockholm syndrome affair. The company needs to understand that people won't put up with this crap.

LoLth

seamus wrote: »

That's one thing I was thinking of - most, if not all corporate networks will not allow their machines to connect externally over anything but HTTP. The setup permutations are too great for MS to be able to devise a system that will work in all scenarios.

You could add a "passthrough" validator to WSUS I guess, but there are many companies that don't use WSUS.

and if they do use WSUS whats to stop them just not approving the later updates if their tests show that it affects a pirated copy they use in the company (eeeevil!) ?

will the WAT keep allowing updates etc if its installed but hasnt been updated in a year?

Capt'n Midnight

Naikon wrote: »

It's NOT ok for Microsoft to implement these policies for paying customers.
What if Microsoft told you you can only use your PC if you authenticate with a central login server for every session? That you could not ever use the machine offline? Putting up with this patch is a sign of acceptance.

actually it's perfectly OK for microsoft to do this.

The biggest problem is that so few people read the terms and conditions before clicking Yes.

If people bothered to read the EULA ... then again for most honest customers it's a non-issue , just another little annoyance.


And as you rightly say there is nothing stopping customers jumping ship anytime they want.



TBH it's nowhere near as bad as the movie industry where the only people forced to watch 3 minutes of propoganda accusing them of being thieves (rather than copyright infringers) are those who have bought legit DVD's

But DRM is a whole other issue and has little to do with software, since with software there usually alternatives.



Also the tighter microsoft squeeze their grip on pirated software the less casual copies there will be - and that is something that should have been sorted out 15 years ago.

My name is URL

DarrenMSP wrote: »

Exactly... No drama really...

Nobody said it was a big drama. If it's included in the next service-pack then the choice to not install it means very little

It's not going to affect me anyway as I have a genuine install, but they're essentially forcing people that have already paid for a product to assist them in cracking down on piracy. I'm sure there'll be false positives too, it happened with the XP patch

If I buy a car I don't expect to have send off my keys every 3 months so that the person that sold it has proof that I'm still driving it

LoLth

el reg has an article about it now:

http://www.theregister.co.uk/2010/02/12/windows_7_genuine_patch/

interesting bits:

In addition MS will make WAT available for download through its Microsoft.com/genuine website on 16 February. The Microsoft Download Center will get the update a day later, it said.

“Although the Update will not be directly offered through Windows Server Update Services (WSUS), which is used by enterprise customers to manage the distribution of software updates in their IT environment, a WSUS administrator can import this update into WSUS through the Microsoft Update catalog,” said Windows Genuine boss Joe Williams.

“I’d like to stress that the Update is voluntary, which means that you can choose not to install it when you see it appear on Windows Update.”

so there's the carrot, wonder what the stick will be? Bundled into SP1 as URL mentioned?

seamus

My name is URL wrote: »

If I buy a car I don't expect to have send off my keys every 3 months so that the person that sold it has proof that I'm still driving it

It's a tough metaphor to make because it's impossible for you to make an exact copy of your car for nothing and give it/sell it on to someone else while keeping your own.

From MS's point of view, they're basically trying to make it difficult for anyone who's on a cracked version of Windows.
If you use the car metaphor and imagine that Toyota offer a car where the owner gets free basic maintenance periodically for the life of the vehicle. You ring up Toyota and someone comes out to fix your car. Someone finds a way of exactly duplicating the vehicle (incuding the VIN) as many times as they like and selling it on.
Now they have hundreds of people ringing up and getting free maintenance who never paid Toyota for their car.
So Toyota implement a policy whereby customers must supply their VIN over the phone before an appointment can be made. VINs which have been forged or duplicated are blacklisted and the person gets told over the phone, "Sorry, you're on your own, no maintenance for you", and gives them the option of buying a new VIN for their vehicle so they can avail of their free maintenance.

This isn't really any different except for the valid customer, they will not notice any difference whatsoever because the validation takes place in the background.

Overheal

Im not that pushed about all this.

Im just waiting for them to announce a sale on Upgrades. Lots of us are still on the Evaluation Build.

clint_silver

Ive a problem with this, Im a geek like most lads on here I fix virus laden and slow laptops for me mates which Im sure most of ye do.

3 times in the last year Ive had to format and reinstall as theyre were using vista genuine check and they could log in as the laptops were failing the check. Malware had altered whatever files windows checked to see if it was genuine. After several attpemts to restore to last know backup, complete cleanse with pro AV tools I could find no solution to this other then to wipe and reinstall.

All copies of windows were valid and licenced. most frustrating thing ever.

Fysh

clint_silver wrote: »

Ive a problem with this, Im a geek like most lads on here I fix virus laden and slow laptops for me mates which Im sure most of ye do.

3 times in the last year Ive had to format and reinstall as theyre were using vista genuine check and they could log in as the laptops were failing the check. Malware had altered whatever files windows checked to see if it was genuine. After several attpemts to restore to last know backup, complete cleanse with pro AV tools I could find no solution to this other then to wipe and reinstall.

All copies of windows were valid and licenced. most frustrating thing ever.

Frustrating though this is, the problem wouldn't have arisen had the people using the generally-quite-expensive-tools-in-question learned how to use them properly and paid attention to the safety dos & don'ts.

On a wider basis, this is slightly tedious but still only correcting a problem that should never have become this prevalent anyway.

clint_silver

oh agreed and I left them locked up to the hilt when they got their laptops back with instructions on safe surfing. but still, should one be locked out of the OS? Its like being burgled and not being able to get back in the front door of the house even with a key... I mean, you hate being burgled but locked out!!

testicle

clint_silver wrote: »

Ive a problem with this, Im a geek like most lads on here I fix virus laden and slow laptops for me mates which Im sure most of ye do.

3 times in the last year Ive had to format and reinstall as theyre were using vista genuine check and they could log in as the laptops were failing the check. Malware had altered whatever files windows checked to see if it was genuine. After several attpemts to restore to last know backup, complete cleanse with pro AV tools I could find no solution to this other then to wipe and reinstall.

All copies of windows were valid and licenced. most frustrating thing ever.

If you used the OEM key on the machines, you'd have no problem other than having to ring MS to activate. I don't see what the problem is.

My name is URL

seamus wrote: »

It's a tough metaphor to make because it's impossible for you to make an exact copy of your car for nothing and give it/sell it on to someone else while keeping your own.

From MS's point of view, they're basically trying to make it difficult for anyone who's on a cracked version of Windows.
If you use the car metaphor and imagine that Toyota offer a car where the owner gets free basic maintenance periodically for the life of the vehicle. You ring up Toyota and someone comes out to fix your car. Someone finds a way of exactly duplicating the vehicle (incuding the VIN) as many times as they like and selling it on.
Now they have hundreds of people ringing up and getting free maintenance who never paid Toyota for their car.
So Toyota implement a policy whereby customers must supply their VIN over the phone before an appointment can be made. VINs which have been forged or duplicated are blacklisted and the person gets told over the phone, "Sorry, you're on your own, no maintenance for you", and gives them the option of buying a new VIN for their vehicle so they can avail of their free maintenance.

This isn't really any different except for the valid customer, they will not notice any difference whatsoever because the validation takes place in the background.

It only happens in the background if it works flawlessly though, the XP WGA system flagged around 5 million machines incorrectly.

It seems like it could be a bigger headache than it's worth for MS, it won't recoup the losses caused by pirated installs and after a quick Google it seems that there's already a tool available to permanently disable the WAT feature on Win7

I'd imagine that most people using pirated OS's are people that would find it hard to afford genuine products. Is it not better to allow them to use the software for free rather than a different OS altogether?

DarrenMSP

Naikon wrote: »

What if Microsoft told you you can only use your PC if you authenticate with a central login server for every session? That you could not ever use the machine offline?

But the update doesn't do that. So its a null point to make.

Naikon wrote: »

As said in the slashdot article, don't let your affairs with Microsoft turn into a Stockholm syndrome affair. The company needs to understand that people won't put up with this crap.

Its not like Slashdot is in anyway biased again MSFT :rolleyes:

Naikon

DarrenMSP wrote: »

But the update doesn't do that. So its a null point to make.



Its not like Slashdot is in anyway biased again MSFT :rolleyes:

No, but it's a good way to gauge if people really give a sh4t about their software freedom. Install the patch == you don't mind Microsoft pushing you around like a schoolyard bully. Slashdot is justified in their hatred of MIcrosoft. Monopolies are terrible for innovation.
Would you be content with a future where crappy products reign supreme because one vendor does not have to justify making good products due to their market share? Microsoft are great when it comes to marketing, but software...not so much in my experience.
I bet you think Microsoft is the holy grail for 'innovation' and progressing the computing sector as a whole. I used to believe this too, but a bit of research goes a long way. Copying existing software implementations and destroying open standards is not acceptable.

DarrenMSP

Naikon wrote: »

No, but it's a good way to gauge if people really give a sh4t about their software freedom. Install the patch == you don't mind Microsoft pushing you around like a schoolyard bully.

To be honest, Microsoft isn't forcing me to install it and they are not running any marketing campaign around it telling me I have to install it.

Your points (and most of slashdot's users) seem to border on scaring people into if we install the patch, Microsoft will control every aspect of the software world, telling us what to do and controlling our desktop experience.

The update is to scan for over “70 known and potentially dangerous activation exploits” in Windows 7. Seriously such a big deal :rolleyes:.

They don't want people pirating the OS they paid thousands of developers, 100's of thousands to build.

From what I've read online so far -

1. Its a voluntary patch
2. When non-genuine copies detected, the OS functionality is NOT reduced
3. It does notify you that you're not using genuine software.
4. The goal seems to be to reduce the number of Windows installations using pirated copies (as many of which include malicious code)

Naikon wrote: »

Microsoft are great when it comes to marketing, but software...not so much in my experience.

I'd disagree there, MSFT marketing seems pretty terrible to me, Remember the Windows 7 party video? The Bing Videos? The Poland blunder image blunder??

On the other hand, I love Windows 7, Office 2010 is pretty cool, MSE is one of the best free anti-virus out there and I love Bing maps (the beta one from the US)/Photosynth...

EDIT: You added this.

Naikon wrote: »

I bet you think Microsoft is the holy grail for 'innovation' and progressing the computing sector as a whole. I used to believe this too, but a bit of research goes a long way. Copying existing software implementations and destroying open standards is not acceptable.

Why are you trying to make it about personal belief now??
Where did I say anything about Microsoft been Innovative??
Where does my opinion on that, matter in context to the thread??
What has the WAT patch got to do with Open standards?

Naikon

I can't even buy a computer in the shops without a MIcrosoft OS installed. In effect they are forcing people to buy their OS 'because other os's can't run office' and other
nasty propoganda like this: http://www.microsoft.com/canada/windowsserver/compare/compare_unix.mspx I love this line 'Old technology, outdated vision' The level of ignorance is scary.
Microsoft has a lot to owe to UNIX. Embrace, extend and extinguish in action. I can't think of even one fundamentally innovative advance Microsoft has made to CS.

Naikon

DarrenMSP wrote: »

EDIT: You added this.
Why are you trying to make it about personal belief now??
Where did I say anything about Microsoft been Innovative??
Where does my opinion on that, matter in context to the thread??
What has the WAT patch got to do with Open standards?

Look, I should not have mentioned lack of innovation. It is just a fact. I won't derail the thread any further because it will end in an ugly mess. I just feel stupid measures like these are not good for anyone.

DarrenMSP

Naikon wrote: »

I can't even buy a computer in the shops without a MIcrosoft OS installed. In effect they are forcing people to buy their OS 'because other os's can't run office' and other
nasty propoganda like this: http://www.microsoft.com/canada/windowsserver/compare/compare_unix.mspx I love this line 'Old technology, outdated vision' The level of ignorance is scary.
Microsoft has a lot to owe to UNIX. Embrace, extend and extinguish in action. I can't think of even one fundamentally innovative advance Microsoft has made to CS.

Seriously..... Whats that got to do with the thread?
Anti-Piracy Update for Win7 is on it's Way

All your doing now is Microsoft bashing....

Naikon wrote: »

Look, I should not have mentioned that. It is just a fact. I won't derail the thread any further because it will end in an ugly mess. I just feel stupid measures like these are not good for anyone.

I'll finish with what I do believe..... Religious support of any technology is bad. Be it Unix, NT, iPhone, Gmail, Hotmail, Firefox, OpenOffice. Each has their own strong points and own weaknesses - I believe the more choice and the more innovation the better. No matter what or who is behind it.

Naikon

DarrenMSP wrote: »

Seriously..... Whats that got to do with the thread?
Anti-Piracy Update for Win7 is on it's Way

All your doing now is Microsoft bashing....

I agree with you. I won't derail the topic from now on.

Naikon

DarrenMSP wrote: »

I'll finish with what I do believe..... Religious support of any technology is bad. Be it Unix, NT, iPhone, Gmail, Hotmail, Firefox, OpenOffice. Each has their own strong points and own weaknesses - I believe the more choice and the more innovation the better. No matter what or who is behind it.

I agree, but Microsoft is not content with this principle sadly. By blindly following Microsoft though, you are directly hurting innovation. Practically forcing people to use your software is a bit cheeky.

DarrenMSP

Naikon wrote: »

By blindly following Microsoft though, you are directly hurting innovation

Are you talking about me or people in general, because if you mean me, your assuming again, which I learned in college, is the worst way to win your points over.

Naikon wrote: »

Practically forcing people to use your software is a bit cheeky.

There is nothing to stop anyone using Linux, OO.org, Firefox, Chrome, Google Docs and Gmail.

Again we are off topic and If you want to continue the debate PM me and I'll happily listen to your points.

Naikon

DarrenMSP wrote: »

Are you talking about me or people in general, because if you mean me, your assuming again, which I learned in college, is the worst way to win your points over.



There is nothing to stop anyone using Linux, OO.org, Firefox, Chrome, Google Docs and Gmail.

Again we are off topic and If you want to continue the debate PM me and I'll happily listen to your points.

No, just people in general. I don't want to keep harping on about this, so I will leave it be. You are right about people being able to use other technologies. The remark I made earlier was out of order. Sorry.

Fysh

Oh for the love of god, Naikon, stop posting about how you don't want to derail the thread any more and spend a minute or two reading the off-topic advocacy rule in the charter.

Given that legitimate windows users depend on the continued existence of Microsoft in order to receive updates & security patches, measures designed to eliminate pirate copies (whether intentional or unwitting) and alert people who may be running malware-infected versions of Windows are a good idea. If it generates the same number of false positives as the XP situation did Microsoft will ride out the complaints in the same way they did with WGA, particularly given that the court case concerning WGA was recently thrown out of court.

I'm genuinely curious as to whether WSUS users will get some sort of alternative option, though...

Biggins

New windows 7 antipiracy update to phone home regularly

Microsoft will be releasing "Windows Activation Technologies (WAT) Update for Windows 7" which, as its name implies, is an update for WAT, the set of built-in activation and validation components, in Windows 7. The update will detect "more than 70 known and potentially dangerous activation exploits" that attempt to bypass or compromise WAT and will determine whether the copy of Windows 7 that is installed on a PC is genuine. It is also supposed to improve the integrity of key licensing components on the OS and will run periodic validations every 90 days.

The update will be for all editions of Windows 7, although it will be distributed for Home Premium, Professional, Ultimate, and Enterprise editions first. It will be available online at Microsoft.com/Genuine starting on February 16, and on the Microsoft Download Center the following day. Later this month, the update will also be offered through Windows Update as an "Important" update, but it will not be directly offered through Windows Server Update Services (WSUS). The update will be voluntary (meaning that you can choose not to install it) and can also be uninstalled at any time. Enterprise customers use WSUS to manage the distribution of software updates in their IT environment, so it's surprising that Microsoft is skipping this area, though the company noted a WSUS administrator can import this update from Microsoft Update.

Microsoft also promised that the update will not jeopardize the user's privacy since none of the information sent to Microsoft's servers includes personally identifiable information. If the update spots known activation exploits and the copy of Windows 7 is found to be nongenuine, the antipiracy notifications built into the OS will spring to life.

PCs running genuine Windows 7 software with no activation exploits won't see any prompts since the update runs quietly in the background. Microsoft also says the customer will see no reduced functionality in their copy of Windows: applications work as expected and access to personal information is unchanged. During the quarterly validation, Windows will download the latest "signatures" that are used to identify new activation exploits (think antivirus software). The WAT update will run a check and repair weekly, however, if it discovers tampering, disabling, or missing licensing files.

Just last week, a federal judge dismissed a lawsuit over the Windows Genuine Advantage (WGA) component in Windows XP after more than three years. Still, Microsoft chose to make this WAT update optional, so clearly the company has changed its ways at least a little bit.

http://arstechnica.com/microsoft/news/2010/02/new-windows-7-antipiracy-update-to-phone-home-regularly.ars

Dartz

It's optional, but I won't install it.

I had a hell of a time with an OEM install on an old Toshiba that would randomly decide to de-activate itself, which was bloody annoying, and switched to Linux because of it. I only use Windows 7 because I got it cost-free.

I'm still having problems with XP activation in a virtual machine refusing to allow me to do something the Windows XP-Mode license pretty much specifically allows me to do (Run XP Mode in virtualisation software other than VirtualPC).

PogMoThoin

Its a thing which usually hurts legitimate customers much more than pirates