Re: Is WGA used to violate your privacy or not?

nubian wrote:
I was reading this article, then I came to this paragraph and was
shocked!
"Microsoft traced most of the pirates through its online validation
program, Windows Genuine Advantage (WGA). Some of the defendants
were reported to the company's antipiracy hotline."

http://www.sci-tech-today.com/news/Microsoft-Sues-eBay-Software-Pirates/story.xhtml?story_id=10000B5Y3NUO

If WGA is touted to protect and respect the privacy of thos who use
Windows, how could it do this without violating privacy?!?

I checked the FAQ and privacy policy of WGA:

http://www.microsoft.com/genuine/downloads/PrivacyInfo.aspx?displaylang=en

http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en

"Q: What information is collected from my computer?

A: The genuine validation process will collect information about
your system to determine if Windows is genuine. This process does
not collect or send any information that can be used to identify
you or contact you. The only information collected in the
validation process is:
* Windows product key
* PC manufacturer
* Operating System version
* PID/SID
* BIOS information (make, version, date)
* BIOS MD5 Checksum
* User locale (language setting for displaying Windows)
* System locale (language version of the operating system)

Q: How does Microsoft use this information?

A: The information serves three purposes:

* It provides Web page flow, tailoring the pages you see based
on your responses.
* It conveys demographics, which help Microsoft to understand
regional differences in Windows usage.
* It confirms user input. User input is often compared against
data collected from the PC in order to determine whether to grant a
user's request for additional access."

And I repeat,

"This process does not collect or send any information that can be
used to identify you or contact you."

Then how the heck did ""Microsoft trace most of the pirates through
its online validation program, Windows Genuine Advantage (WGA)."?!?
Is it just me, or is this a gross misuse of WGA?

gw wrote:
Possible scenario:

Clueless (or not) person buys "cheap" software from ebay.
Installs software and fails validation.
Cries wolf to MS.
MS *does* keep a list of cracked keys.
MS inquires as to source of product.
I'm sure they're building up a database when the complaints come
in: Key, where & when purchased, etc.
User points MS to ebay auction.
Seller has sold a known cracked or invalid key.
MS goes after seller.

There is no way the evil WGA program could track the key back to
the seller, only the user. How could they tie an invalid key back
to an ebay seller? I don't see any big effort to prosecute
individual users, only those who distribute.

capitan wrote:
But if you read the quoted paragraph from the article, it says
that only SOME were phoned in. It also says that MICROSOFT
TRACED MOST through WGA.
I don't think that equates to ALL being caught through being
reported over the phone. I see nubian's point.

gw wrote:
Yes - TRACED - As in, found out where they came from. Show me
where MS is prosecuting an individual user for installing a
pirated copy. It's not happening. They have nothing to gain by
punishing the user - they just scare off a potential customer. I
imagine if they really wanted to, they could tie WGA to a download
that would destroy an invalid installation.
Again, even if MS *TRACED* (using personal information) the
illegal copies using WGA, how would that lead them to prosecute an
ebay seller?? Wouldn't they be prosecuting the individuals who had
installed the copies?

nubian wrote:
I see what you are saying, the sellers would have had to have it
installed to have it "trace" back to them. I still don't trust MS
as far as I can throw them!


I don't think that is what gw was saying.
Same as been said elsewhere in this thread.
Those being sued now are those that were caught SELLING the pirated copies.

A call comes into Microsoft, says the user bought this copy from eBay and
now the user is getting a message they cannot install SP2 or they cannot use
the WGA to validate their copy - can they report it and possibly get a free
copy to replace it. (Not saying it was given or not - but I know I would
call in to report it and rat out the people who screwed me AND ask for a
free copy (license) in return.) So these people are PO'd - they call and
report to Microsoft the eBay seller's name and when they bought it. Knowing
how easy it is to sell on eBay and how much money one would be making from
selling a CD they burned themselves for $100 - this was unlikely the ONLY
person to get PO'd and to find out how to call and to do so. Now you have
multiple calls from likely multiple places all over about this single
seller. Likely enough to investigate.

In the eBay rules of selling are listed some things deemed to be prohibited.
I can see an unauthorized Windows XP license/copy fitting there..
http://pages.ebay.com/help/sell/policies.html#prohibited

It is easy enough to report bad listing to eBay and after many reports to
eBay and Microsoft - I bet they might even work together to crack down on
this - for both their benefits.

Now - after having given that scenario - I believe - again - the original
article pointed to was badly written and misunderstood or just understood in
the way each reader *wanted* to understand it instead of understanding it as
it was actually done.

The sellers may have never installed their pirated copy other than to test
it. They have likely ripped off enough people that they are running Windows
2003 server on their new rack mounted server systems. Every 10 sales or so
is $1000, and if you think they only scammed one person - you are really
pretty naive. Their installation of the pirated copy is *not* why the
lawsuit was filed. The end-users that got ripped off and reported it are
not being sued (they likely found out because of WGA - and they may not have
found out until SP3 was released in late 2007 otherwise - as previous to
SP2, I cannot remember their being WGA for any patches - definitely not
required - and SP2 and many patches after it can easily be integrated into
the install, legal or not. It may have taken them months before they
realized they had a bum copy.) Only those that got reported as selling the
illegal copies on eBay (I would not be surprised if eBay is suing them as
well as Microsoft) are named in the lawsuit in the article given in the OP.

Trusting MS has nothing to do with this in the end. Trust them or not -
they are not the one who sold something to people that wasn't "real". It's
no better than me selling the Brooklyn Bridge to someone. I'm selling
something I do not have. I could sell you a genuine faux diamond - as long
as I do not pass it off as a genuine diamond. They were passing of the
genuine faux XP license and a genuine XP license. I wouldn't be surprised -
if they have been identified enough - that not only is MS suing them, but so
is eBay and each of those people who bought a product under false pretenses.

Now - that is not to say they didn't sell twice as many copies of non-legit
copies to people who knew it and will never report it because they can take
care of their copies just fine without worrying about WGA or any of that.
It likely happened.

Dislike/mistrust MS and other corporations all you like - but do it for
actual reasons and not those you make up based off (what seems to me anyway)
a mis-interpretation of an article or implied meaning and not actual facts
given in said article..

Is WGA annoying?
Yep. Can be. Even to those who have legit copies.

Has it caused any lawsuits against those *using* non-legit software (and not
those who sold it)?
Not that I have seen/read/heard about.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.

Relevant Pages

  • WARNING LONG - Brian Livingstons take on Windows Genuine Advantage
    ... Genuine Advantage is Microsoft spyware ... Some tech writers have said categorizing WGA as spyware is arguable. ... It causes serious problems for some legitimate Windows users and was sprung on customers with no notice other than a press release the day before. ... If an instance of Windows doesn't seem to have a valid license, display notices to the user and prevent any updates being downloaded from Microsoft.com except security upgrades that are rated "Critical." ...
    (alt.sys.pc-clone.dell)
  • Re: Windows Genuine Advantage - Big Brother is watching you
    ... Microsoft Provides Additional Clarity About Windows Genuine Advantage Notifications ... Some tech writers have said categorizing WGA as spyware is arguable. ...
    (microsoft.public.windowsupdate)
  • Re: WGAtray.exe (Windows Genuine Authentication) spyware. Can this be disabled?
    ... To disable WGA Notify, with minimal risk, download Sysinternals ... Microsoft discontinuance of supporting pirated versions of Windows ... I disable or remove their startup entries from the registry, ...
    (microsoft.public.windowsxp.general)
  • WGA - the most recent phase
    ... Microsoft has bowed to public pressure, releasing a version of WGA that no longer validates Windows using a server-side configuration ... Responding to pressure from irked Windows users, Microsoft released an updated version of its antipiracy program on Tuesday that changes the frequency with which the program checks for pirated or counterfeit copies of its client operating system. ... "Our customers have told us that they were disappointed with their WGA Notifications experience, and we have made an effort to improve that with this update," a company representative said in a statement. ...
    (alt.sys.pc-clone.dell)
  • Re: Explicitly specializing std::min() on VC++ 2005 Express Edition
    ... asking to reopen the report if the problem persists: ... Open a new case on connect, referencing the original feedback and adding ... You need an account with Microsoft in order to report a problem to them, ... (includes Windows Presentation, Communication and Workflow Foundation) ...
    (microsoft.public.vc.language)