Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft WGA Phones Home Even When Told No

CmdrTaco posted more than 7 years ago | from the huge-shocker-here dept.

Microsoft 403

Aviran writes "When you start WGA setup and get to the license agreement page but decided NOT to install the highly controversial WGA component and cancel the installation, the setup program will send information stored in your registry and the fact that you choose not to install WGA back to Microsoft's servers."

Sorry! There are no comments related to the filter you selected.

fr0st p1ss (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18263370)

gnaa 4 life yo

So? (0, Redundant)

DJCacophony (832334) | more than 7 years ago | (#18263374)

So?

Re:So? (0, Redundant)

DJCacophony (832334) | more than 7 years ago | (#18263442)

Why was I marked redundant? That's not redundant at all.

Re:So? (5, Insightful)

sqlrob (173498) | more than 7 years ago | (#18263478)

Ethics. If you choose not to install something, it shouldn't do anything.

Re:So? (4, Insightful)

DJCacophony (832334) | more than 7 years ago | (#18263558)

You chose to install the Windows Update ActiveX control, didn't you? And you clicked "I agree" when it told you it could send this info to Microsoft, didn't you? So why would you be angry when it does exactly that? Perhaps people need to read the licensing agreements they agree to before agreeing to them, instead of just clicking "yes, I agree" like a madman.

Re:So? (5, Insightful)

Rob the Bold (788862) | more than 7 years ago | (#18263696)

Perhaps people need to read the licensing agreements they agree to before agreeing to them, instead of just clicking "yes, I agree" like a madman.

Ya, that would fix it. Maybe, just maybe, some of us don't have an army of lawyers at our disposal to determine if what we're clicking on really means what we think it means. It seems to me that it is unethical to have a consumer product license that is unreadable/unparsable to an average consumer. The "madman" here would be anyone who thought that such nonsense was an enforceable contract.

Like the GPL? (5, Insightful)

Anonymous Coward | more than 7 years ago | (#18263888)

it is unethical to have a consumer product license that is unreadable/unparsable to an average consumer.

Oh my fucking god.

Have you ever tried to read the GPL?

Re:Like the GPL? (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#18263926)

HA HA!! THANK YOU!

Re:Like the GPL? (2, Insightful)

jorgevillalobos (1044924) | more than 7 years ago | (#18263962)

Have you ever tried to read the GPL?

Unreadable as well. Your point being...

Re:Like the GPL? (2, Insightful)

BarryJacobsen (526926) | more than 7 years ago | (#18264062)

Have you ever tried to read the GPL?

Unreadable as well. Your point being...

Exactly! The GPL is GIVING YOU EXTRA RIGHTS, while EULAs are TAKING THEM AWAY. This may just be me, but I'll allow the verbiage that gives me something extra to be considerably more esoteric than the verbiage that tries to take something away from me.

Re:Like the GPL? (5, Informative)

Knuckles (8964) | more than 7 years ago | (#18264030)

AC said: "Have you ever tried to read the GPL?"

The GPL is not a consumer product license. In order to use the software you don't even have to agree to the GPL. Only if you distribute are you bound by its terms, and software distribution is a complicated topic.
Even so, when you compare it to proprietary EULAs, the GPL is entirely readable in its main parts. Furthermore, the GPL is not written in caps as most EULAs are (IMHO this obvious attempt at obfuscation alone should make EULAs unenforceable).

Re:Like the GPL? (4, Informative)

mrchaotica (681592) | more than 7 years ago | (#18264074)

  1. The GPL is much more understandable than any Microsoft EULA
  2. The GPL is a distribution license. If you're doing anything that causes it to apply to you, you're no longer an "average consumer!"

Re:Like the GPL? (1)

LocalH (28506) | more than 7 years ago | (#18264284)

The GPL isn't a "consumer product license", it only applies to developers and those who redistribute binaries.

Re:So? (1)

iminplaya (723125) | more than 7 years ago | (#18264278)

The "madman" here would be anyone who thought that such nonsense was an enforceable contract.

Ca-ching! $50 million plus. Such madness! The solution is to block Microsoft until you find an alternative. To keep it really safe, run a live cd.

Re:So? (3, Interesting)

Anonymous Coward | more than 7 years ago | (#18263914)

You chose to install the Windows Update ActiveX control, didn't you? And you clicked "I agree" when it told you it could send this info to Microsoft, didn't you?

Why yes, I did. And yes, I did agree.

So now, explain what that has to do with me telling WGA to not install, and not agreeing to allow it to send this information, and it sending it anyway. You are aware that contracts do have limits and only apply to the particular transaction, right? If I buy two cars from a dealership and agree to pay $300/mo for one and $200/mo for the other, the dealership cannot bill me $600/mo while claiming that my agreement to pay $300/mo covers both cars, as you seem to claim that my agreement to allow WU to send information to microsoft overrides my disagreement for WGA to do the same.

Re:So? (5, Insightful)

rainman_bc (735332) | more than 7 years ago | (#18264106)

You chose to install the Windows Update ActiveX control, didn't you? And you clicked "I agree" when it told you it could send this info to Microsoft, didn't you? So why would you be angry when it does exactly that? Perhaps people need to read the licensing agreements they agree to before agreeing to them, instead of just clicking "yes, I agree" like a madman.

Okay, despite your trollish comments, I'll bite.

1. WGA != Windows Update. RTFA.
2. Has the validity of an EULA ever been tested? AFAIK, an EULA cannot violate your privacy rights, even if you sign those away. Argue as you like, statute always trumps contracts.
3. Microsoft releases an OS that's broken and tells you the only way they'll fix it is if you'll subject yourself to their privacy terms. Not freaking cool. My copy of Windows is paid for, but that doesn't mean I want them invading my privacy.

Ever installed XP without any service packs? Do you know how many minutes it takes before the machine is pwn3d? IMO that's not a functional OS any more.

Ever tried getting that refund from your hardware manufacturer for the part of your purchase that went to Microsoft? It's a freaking pain in the arse, and one where you have to usually drag a vendor to small claims court to get your money.

Re:So? (1)

Junior J. Junior III (192702) | more than 7 years ago | (#18264274)

Nope, I tried reading the agreement, and even that doesn't disable the WGA phone-homing. Back to the drawing board! I'm guessing I'll have to set up a rule on my firewall if I really want to stop this traffic...

Do I have a choice on which button I click? (0)

Anonymous Coward | more than 7 years ago | (#18264390)

When I get a FUCKING UPDATE on a piece of software, I have to agree to a *new* EULA. What a choice! Keeps bugs and security holes, or click "agree".

Anyway, here in Canada, an EULA is non-binding (in theory, nobody has the money to test this in court) because you have to pay before being able to read the contract.

Re:So? (-1, Redundant)

DJCacophony (832334) | more than 7 years ago | (#18263482)

Why was I marked redundant? That's not redundant at all.

Re:So? (1, Funny)

DJCacophony (832334) | more than 7 years ago | (#18263522)

Why was I marked redundant? That's not redundant at all..

Re:So? (3, Funny)

spun (1352) | more than 7 years ago | (#18263838)

You posted a short, one word post with no information content and an inane question in order to get first post. Mods love to bitchslap anyone who does this.

The question "So?" is redundant because it doesn't need to be asked. If you feel this isn't an important issue, explain why you think it isn't important.

Software that sends personal information about you back to its master when you say you don't want to install it is generally considered spyware.

I see your "So?" and raise you a "Because!"

Re:So? (4, Funny)

whargoul (932206) | more than 7 years ago | (#18263984)

Yeah, and?

Re:So? (2, Insightful)

Flibz (716178) | more than 7 years ago | (#18264226)

Nice response....

Plus, on this occasion I thought "So?" was a reasonable response too.

It's not sending personal information, so I'm assuming it's tracking pirated keys stats or something, for which you can't really blame Them (ooh no, not Them!).

But it's good to bash MS anyway...

I guess (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#18263382)

E.T forgot to Phone Home....

Gibberish (2, Insightful)

AmateurCruzer (982736) | more than 7 years ago | (#18263386)

Anyone have any insight what exactly they're sending back?

Re:Gibberish (3, Insightful)

NinjaTariq (1034260) | more than 7 years ago | (#18263454)

I would have thought this kind of thing would be annonymous usage or configuration, simply so that they know how people use it... Though i don't know.

Re:Gibberish (0)

Anonymous Coward | more than 7 years ago | (#18263606)

I wouldn't bet on it... I'd be very surprised if they didn't log your Windows install key and IP address as a minimum (from which they could get your ID from your ISP if they decided you committed a crime). OTOH only a moron would be running WGA in the first place if they knew theye wern't running a legit copy, so I guess it's just darwinism in action.

Re:Gibberish (2, Funny)

Anonymous Coward | more than 7 years ago | (#18263636)

Your comment is not anti-microsoft enough, so it has been bitchslapped.

Re:Gibberish (1, Insightful)

xzvf (924443) | more than 7 years ago | (#18263500)

Doesn't matter. The only home software on my computers should have is my home.

Re:Gibberish (4, Insightful)

Rogerborg (306625) | more than 7 years ago | (#18263916)

We're not sending anything. Trust us.

Oh, you checked, did you?

Then what we meant to say was... it's nothing to worry about.

Trust us.

Re:Gibberish (1)

Opportunist (166417) | more than 7 years ago | (#18264136)

I don't trust MS as far as Steve can throw a chair.

Re:Gibberish (4, Informative)

gigne (990887) | more than 7 years ago | (#18263946)

I have no idea, but it looks like some sort of unique id.

an image from the now slashdotted page is here, it shows what gets sent to MS

http://img266.imageshack.us/my.php?image=wgahp5.pn g [imageshack.us]

Re:Gibberish (2, Informative)

TubeSteak (669689) | more than 7 years ago | (#18264054)

http://www.heise-security.co.uk/news/86294 [heise-security.co.uk]

There's an english language article about the same packet dump
Some of the data is encrypted, some of it are just acronyms you don't know

the route your kids take to school, of course (3, Interesting)

swschrad (312009) | more than 7 years ago | (#18263422)

probably all the apps information. naysayer, meet the Business Software Association, also known down around the docks as "the muscle."

can't RTFA because they're slashdotted already.

Re:the route your kids take to school, of course (5, Informative)

DarthChris (960471) | more than 7 years ago | (#18263646)

Interesting you say it's slashdotted because I can read it fine.

It's very light on details, however. There is a screenshot from wordpad of the data sent; it's an XML-type document which appears to have pulled a couple of id/hash numbers out of the system registry, e.g. OS version, but no personal info. They can't really get any personal info anyway, since data protection laws here in the UK and other countries would land them in shite, and also I suspect that they have more important things to do than snoop random people's names.

Personally, I think that they're just trying to get an idea of the number of people who won't install it. These people either have pirate copies and know they'll fail validation, or simply are opposed to the idea of their OS phoning home. From a cynical viewpoint, it's important for MS to gauge the reaction to this early so they know how far they can push these sorts of thing without there being a massive backlash.

Re:the route your kids take to school, of course (5, Interesting)

lazlo (15906) | more than 7 years ago | (#18263862)

So, how hard might it be to generate random but valid data to fill out this XML? And then have a little daemon that does nothing but post it over and over 24/7? "Wow. Looks like a NAT/proxy server with millions of users behind it who really don't like WGA."

Petty, I know, but fun.

Re:the route your kids take to school, of course (0)

Anonymous Coward | more than 7 years ago | (#18264302)

Indeed, if someone can provide technical details a quick script could cause Microsoft to consider a veritable avalanche of WGA refuseniks.

I've nothing else to do this evening anyway.

why I said TFA was slashdotted (1)

swschrad (312009) | more than 7 years ago | (#18264358)

CGI overload message. this means server fart under load.

And the surprising thing is...? (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#18263448)

I don't understand why this qualifies as news

Huh? (-1, Flamebait)

Ethercircuit (1057996) | more than 7 years ago | (#18263452)

Who cares? Why would you even use windows when you it doesn't let you have complete control over the computer you BOUGHT and OWN. ::cough cough slackware cough cough::

time to modify the hosts file (4, Insightful)

GuyverDH (232921) | more than 7 years ago | (#18263460)

notepad %windir%\system32\drivers\etc\hosts

127.0.0.1 genuine.microsoft.com

Re:time to modify the hosts file (4, Informative)

$RANDOMLUSER (804576) | more than 7 years ago | (#18263532)

Or use a firewall that checks egress, too. I use one, and find that RealPlayer and Adobe Reader also phone home even when you tell them not to.

Re:time to modify the hosts file (3, Interesting)

rainman_bc (735332) | more than 7 years ago | (#18263712)

and find that RealPlayer and Adobe Reader also phone home

All the old Macromedia studio products also phone home too...

That means Adobe Dreamweaver etc...

Re:time to modify the hosts file (0)

Anonymous Coward | more than 7 years ago | (#18263714)

what firewall do you use? Most that I have found suck.

Re:time to modify the hosts file (1)

$RANDOMLUSER (804576) | more than 7 years ago | (#18263894)

Tiny Personal (I use the older free version on my Win2K box), but you have to understand IP addresses and ports and stuff - it's not for your granny.

My Firewall is Full of Herons (1)

spun (1352) | more than 7 years ago | (#18264072)

Or use a firewall that checks egress, too.

How does a firewall check female herons [wikipedia.org] ?

That is what an egress [tp.org] is, right?

Re:time to modify the hosts file (2, Insightful)

penguinstorm (575341) | more than 7 years ago | (#18264128)

Does anybody use Adobe Reader anymore? That thing's become so insane I don't even waste time -- I just open things in Preview.app

Is anybody actually surprised that Microsoft is spying on them in ways that they're not disclosing?

Re:time to modify the hosts file (1)

mrchaotica (681592) | more than 7 years ago | (#18264152)

Is there a WRT54G firmware that can do that? I wouldn't trust anything like that running on a Windows host...

Re:time to modify the hosts file (2, Informative)

holdenholden (961300) | more than 7 years ago | (#18264338)

Add an entry in your (hardware) firewall or router. Most modern routers allow "Block by URL" and "Block by IP" for outgoing connections.

Re:time to modify the hosts file (2, Informative)

Technician (215283) | more than 7 years ago | (#18264154)

Anybody do installs without a network connected? I wouldn't install any MS OS with a broadband connection live. Is the program silent then? Does it complain that it can't find your connection? MS assumes everyone is online.

Back when Optical Mice first hit the scene, I picked up a MS optical mouse for a machine I was building on my coffee table. I loaded the driver and the install stalled and nagged me because it could not find my network connection. Please configure up your networking or start your dialer...without a mouse driver installed! I wonder to this day if the software would have informed me that it was attempting to phone home if it did find a connection. That mouse got put back in the package and passed along to some other sucker. I would rather throw the brand new mouse away than permit that driver on my system. The lack of a configured network connection is probably the only way I would have discovered that the mouse driver phones home. I've stuck with Logitech mice since then for that very reason.

With several Linux distro's being easy to install and use, when WGA came out, I stopped MS upgrades and started moving to Linux. Love my Ubuntu box.

Anybody tried a WGA refusal with the network disconnected? Does it nag for a connection?

Re:time to modify the hosts file (1, Informative)

ColinPL (1001084) | more than 7 years ago | (#18263534)

0.0.0.0 genuine.microsoft.com
is better, because 127.0.0.1 redirects the request to a local webserver.

Re:time to modify the hosts file (1)

AmiMoJo (196126) | more than 7 years ago | (#18263584)

This probably won`t work. You can`t, for example, redirect Windows Update. The IP address of the server is hard coded into the Update service, and bypasses hosts etc.

If you did it at the router level it would work, but I cant find any info on this. I am betting that the IP info is sent to is not the same one used for the web host.

Doesn't work (5, Informative)

alexhs (877055) | more than 7 years ago | (#18263604)

Seems you haven't read the past story about MS bypassing HOSTS file [slashdot.org] for microsoft sites.

Re:Doesn't work (4, Insightful)

peragrin (659227) | more than 7 years ago | (#18263738)

In MSFT's defense it is a smart move. That way a virus can't modify update.microsoft.com .

The last time i had to set apt-get's update I used the IP address as well.

Re:Doesn't work (2, Informative)

billcopc (196330) | more than 7 years ago | (#18264216)

I have to agree with you, the first thing most decently smart people do when their computer acts wonky is update their malware scanner(s) and OS. It is trivial for any malware to finagle with the HOSTS file on a Windows system, which is hidden in such a dumb obscure place (C:\winnt\system32\drivers\etc), a far cry from the self-explanatory /etc/hosts of every other goddamned OS on the planet.

Anyway as I was saying, once a virus takes over the HOSTS file, it could fool the common user into downloading malicious "updates". If someone put a little effort into it, they could use McAfee/Symantec's auto-update feature to replace the scanner with a 100% evil application that merely simulates the scanner's interface. The user points it to his/her/its sensitive files and lets the dumb app chug away for hours.. rather than scanning for viruses, it could be compressing and shipping off confidential data over the net.

While it may seem like just another entry vector to vulnerable machines, it's actually far more dangerous than most security holes because it has the potential to impersonate trusted hosts and exploit that trust to full effect.

Re:time to modify the hosts file (1)

QuietLagoon (813062) | more than 7 years ago | (#18263952)

Microsoft bypasses the hosts file [securityfocus.com] for their own hosts.

Re:time to modify the hosts file (1)

alx5000 (896642) | more than 7 years ago | (#18264044)

You are about to send Micros... download nice new MSN emoticons. Cancel or Allow?

Spyware? (1)

Quaz and Wally (1015357) | more than 7 years ago | (#18263476)

Doesn't that make it spyware? I'm sure there's something about it in the license agreement to make it legal. Boy that does suck.

Re:Spyware? (1)

Opportunist (166417) | more than 7 years ago | (#18264176)

Spyware isn't illegal in most countries. Actually, given the amount of Spyware being used by many not so shady corporations, I'd be surprised if it was.

As long as you are informed (usually in about 100 pages of legalese)...

Re:Spyware? (1)

blindbug (979761) | more than 7 years ago | (#18264230)

When you start WGA setup and get to the license agreement page but decided NOT to install...
Doesn't this mean that you do not agree to the license agreement? Wouldn't that also mean that anything in the license agreement that would make this "legal" become null and void, since you did not agree to it?

What it really does... (1, Funny)

Iphtashu Fitz (263795) | more than 7 years ago | (#18263486)

It actually uploads an entire bit-for-bit copy of your hard drive so that MS investigators can perform a forensic analysis on it and determine exactly what MS software you have installed illegally since not installing WGA is an implicit admission of guilt. You can expect to be arrested by the MS Police within a few days of declining to install WGA if you have any pirated MS software on your machine.

Re:What it really does... (0)

Anonymous Coward | more than 7 years ago | (#18264078)

Geez. Some mods apparently have no sense of humor whatsoever. I feel bad for people who can't tell what satire is.

Re:What it really does... (1, Informative)

Iphtashu Fitz (263795) | more than 7 years ago | (#18264262)

Probably got modded as a troll by somebody who works at/for Microsoft.

English version of the original article (1)

Peter Simpson (112887) | more than 7 years ago | (#18263498)

Re:English version of the original article (1)

ColdWetDog (752185) | more than 7 years ago | (#18263610)

When asked by heise Security, Microsoft merely stated that it collected DATA ton improve the quality OF the WGA for users. Part OF that process, the vendor said, which knowing where the user cancel LED setup. Ton of COUNTs reliably, the GUID is used, though Microsoft says the user is emergency identified. Microsoft says that the OTHER DATA transmitted ton talking moon contain information about the version OF Windows used and the LANGUAGE and more whether the machine is registered in A domain. Microsoft did emergency explain why setup does emergency inform the user that DATA of acres being sent, much less GET the user's consent. It is thus emergency CLEAR more whether there wants A future updates after this one that does without communication with Microsoft concerning cancellations. Those who want ton of protect of themselves from unsolicited DATA transfer CAN DO so,

: That's English? My head asplode!

I guess Microsoft did something bad again and they're trying to weasel out of it by saying they NEED the data to make Windows SAFE (or protect the children, or get Osama, wasn't all that clear).

Back to our regularly scheduled bashing of Microsoft.

Adobe, will you PLEASE either code Photoshop for Linux or just let it run in Parallels? Oh, and while you're at it, I'd like a pony.

Interesting (4, Insightful)

jesusphish (1072854) | more than 7 years ago | (#18263516)

Yay, I believe RMS's essay on treacherous computing may apply here. Not to start an argument over RMS and his stance with open source and free software. But i believe we should all have the right if you use windows to know what they are sending. I use gnu/linux so i really don't affect me much.

Re:Interesting (1)

Sneakernets (1026296) | more than 7 years ago | (#18263650)

No kidding. I know it's FUD but, at least I know what MY computer is doing.

Most people just don't care.... (1)

EmbeddedJanitor (597831) | more than 7 years ago | (#18264124)

Sometimes the only way to exercise your rights effectively is to just walk away (as you and I have). Ranting sure does not work. Enough people have yelled from the rooftops of Vista's crapness and MS's evil methods but that will not stop sales. DOJ does not work. MS just ignore them.

The masses are not concerned with threachery, privacy, liberty and other high-browed virtues. Give them a full belly and a reality TV show and they are happy. Take away XP and substitute Vista and they will buy Vista.

Re:Interesting (2, Insightful)

shoemael (625156) | more than 7 years ago | (#18264198)

I use Linux also so I'm not vulnerable to this particular issue, however there are some other "phone home" issues that are cross-platform and totally hidden from most people. Have you ever taken a look at how much information you send to google-analytics.com? You're probably thinking 'None' but you're wrong. I added a firewall rule to log all the connections to google-analytics.com and there are hundreds of them established everyday for me alone (or there were until I decided to drop them all). The amount of data Google has on your website visits is scary... and you were never asked if you wanted to provide it. And turning off cookies, etc. won't help you at all. Now that's invasive, IMO.

Great... (2, Funny)

pchoppin (864344) | more than 7 years ago | (#18263546)

... Now you're going to tell me that all Microsoft is in business for is to make money. You're ruining a perfectly good fantasy. Thanks a lot!

Re:Great... (5, Insightful)

Catbeller (118204) | more than 7 years ago | (#18263706)

That Free Markets religion again. Businesses cannot do anything they like; they are corporations, fictional entities created by license of the people of the country through their government. They are granted super-powers as non-existent individuals, exempting real operators from liablity for their own actions. In return, they hew the line we set for them. They have more responsibilty to the nation that created them other than pleasing shareholders, no matter what propoganda they pump to the contrary. They are not gods. And Microsoft is a monopoly, ruled so by the courts, and is under even more stringent strictures, because they have constantly abused their power in the past to invade and hold new markets.

So, no, making money is not all they have to worry about. Deceit and chicanery should have consequences other than making them more money. And if they need to cheat to win, it might be time to think about a new concept: revoking the corporate license, and reinstituting personal responsibility for their underhanded actions, with civil and criminal penalties.

wall of fire (1)

mastershake_phd (1050150) | more than 7 years ago | (#18263548)

Use Zone Alarm or other free firewall, problem solved.

Re:wall of fire (3, Insightful)

failure-man (870605) | more than 7 years ago | (#18263750)

Do you really think the people who wrote the kernel can't get around all that ZoneAlarm silliness if they want to? They already ignore the hosts file and such for *.microsoft.com.

Re:wall of fire (4, Insightful)

Stefanwulf (1032430) | more than 7 years ago | (#18263922)

Use Zone Alarm or other free firewall, problem solved.
The problem isn't solved, you've simply put a local workaround in place.

Easy enough to deal with (3, Informative)

KC7GR (473279) | more than 7 years ago | (#18263568)

From the image in TFA, it looks like they're sending back the Windows version code, and the installation-unique CSID, along with some other stuff that I didn't recognize.

There didn't appear to be any identification of the specific user in there.

It seems to me that it would be easy enough to determine what port WGA is using to send this stuff, and lock down said port at one's firewall. That's the method I'd choose to deal with it (if I were even running anything with WGA installed -- which, thankfully, I'm not).

Re:Easy enough to deal with (0)

Anonymous Coward | more than 7 years ago | (#18263806)

From the image in TFA, it looks like they're sending back the Windows version code, and the installation-unique CSID, along with some other stuff that I didn't recognize.

There didn't appear to be any identification of the specific user in there.


OK, there's "other stuff that I didn't recognize" in the data packet, yet you assume there isn't any identification of the specific user in there.

Why do you trust that there isn't any, especially considering that the very topic you posted in was about how you cannot trust Microsoft not to send a data packet you told them not to send???

Sounds more than just a little bit stupid to me.

Re:Easy enough to deal with (1)

Rogerborg (306625) | more than 7 years ago | (#18263820)

Your IP address doesn't identify you? Someone should tell the RIAA that.

Re:Easy enough to deal with (4, Funny)

drinkypoo (153816) | more than 7 years ago | (#18263860)

From the image in TFA, it looks like they're sending back the Windows version code, and the installation-unique CSID, along with some other stuff that I didn't recognize. There didn't appear to be any identification of the specific user in there.

so let me get this straight. the ID that identifies your installation is there, and you don't recognize all of the other information, so you concluded that there doesn't be any identification of the user?

Truly, your intellect is astonishing.

Re:Easy enough to deal with (2, Insightful)

Slashcrap (869349) | more than 7 years ago | (#18263980)

It seems to me that it would be easy enough to determine what port WGA is using to send this stuff, and lock down said port at one's firewall.

Great idea. Except that obviously you can't filter by the source port because that will be almost random. And then you find that they're using Port 80 as the destination port anyway because it's about the only port guaranteed to pass through most firewalls/proxies.

So you filter it by IP address instead, but then find that they're using a huge range of probably Akamized IPs. Eventually you give up and just put an entry in your Hosts file. Which is bypassed for MS sites.

You could just filter it based on the name of the executable. I'm sure they wouldn't dream of changing or randomising that just to piss you off.

Re:Easy enough to deal with (1)

silas_moeckel (234313) | more than 7 years ago | (#18264210)

Or you could filter via a layer 7 rule ditching connections to port 80 asking for anything *.microsoft.com there are better filters than early 90's ip proto and port based.

Re:What Port You Ask? (1)

mpapet (761907) | more than 7 years ago | (#18264212)

I have an older version of Kerio's firewall and most recent "phone home" applications do so on port 80. Older apps use custom ports. Kerio's product is very good in this way.

I'm not sure why this is an issue _now_. It's been this way for years starting with Microsoft's MSI installers that phone home to certificate servers and certificate revocation list servers. I have screenshots to prove it should there be any doubt. It should be obvious by now they are slowly paving the way to a PC with their OS that is mostly like an Xbox.

Given the Microsoft fan boys/astroturfers typically don't post on stories where there is no opportunity to spin the story in a manner that enhances their image, I'm probably preaching to the choir when I state this is another reason users should choose another OS. Today.

Resistance if Futile (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18263582)

It matters because it could give them justification to pursue an investigation along the lines of "Well, if they are innocent, why not prove it? So, they must be hiding something. knock knock knock - Microsoft Police."

This is good (5, Interesting)

Devir (671031) | more than 7 years ago | (#18263618)

While many think this is bad and invasion of privacy, think of it as this:

when we normally click "I DONT Agree" the software does nothing. But if it sends the message back home with statistics of how many dont agree, it tells the software company some people dont agree.

We can argue EULA's till our fingers are raw and bloody, but it doesnt matter if the company in question doesnt read the conversations.

In short, by clicking the Dont agree button and having it sent home to MS we're telling them we dont want that crap on our machines. Maybe (deity willing) MS will start to listen. More companies may adopt that approach and we'll get less and less one sided (retarded) EULA's.

anyone Remember Borland's |"like a book" EULA? Great stuff.

Re:This is good (1)

MaggieL (10193) | more than 7 years ago | (#18264190)

But if it sends the message back home with statistics of how many dont agree, it tells the software company some people dont agree.

I guess "the software company" doesn't read Slashdot, or they'd already know.

on a related note (4, Interesting)

jjeffries (17675) | more than 7 years ago | (#18263666)

This is kinda old, but some years ago my neighbor got a new Win ME (!!!) machine, and I helped him put in a NIC and put it on our little neighborhood network. I was curious if it was going to phone home, so I had a sniffer running on my router...

The damn thing picked/guessed a valid (NATted) IP address, netmask, and gateway without using DHCP (arp tricks?), and sent a load of mystery packets to an address in a Microsoft IP block. Only then did the computer do the "new device detected" routine, but could not find a driver for the NIC and I had to go fetch one on another machine.

W T F ?

Unfortunately I have since lost the pcap dump.

Moderation: -1, no proof

Re:on a related note (4, Insightful)

Slashcrap (869349) | more than 7 years ago | (#18264118)

The damn thing picked/guessed a valid (NATted) IP address, netmask, and gateway without using DHCP (arp tricks?)

Did that IP resemble 169.254.x.x by any chance?

But really there's no point trying to find technical explanations when the obvious one is at hand - you can't read a sniffer trace for shit.

Having the ability to install Ethereal does not magically confer on you the ability to interpret the results correctly.

Ok, say Joe Sixpack installs WGA..... (1)

8127972 (73495) | more than 7 years ago | (#18263682)

.... is it as simple as going to add and remove programs to uninstall the two components for WGA or does it "break" something when you try to uninstall it? Or worse, does it leave anything behind?

Re:Ok, say Joe Sixpack installs WGA..... (1)

J0nne (924579) | more than 7 years ago | (#18264120)

You can't uninstall it. You need to find a third-party program to remove it (I don't remember the name of it, but the tool works).

Sound advice - wtf? (0)

Anonymous Coward | more than 7 years ago | (#18263700)

"Those who want to protect themselves from unsolicited data transfers can do so, for instance, by using an application-based firewall that detects and blocks the attempted contact."

Really? You really want to keep using the OS that is doing things against your wishes? This kind of advice is ridiculous. Get a different OS, quickly.

Holy FUD, Batman (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18263702)

It goes on to say "While it does not specifically identify the user, it looks like it does send some identification of your computer and Windows version (see picture) to Microsoft servers."

If the user's about to install WGA it means s/he's planning to use Windows Update. That, in turn, means that Windows will be queried for the above information anyway. What exactly is the news here?

Why would you refuse? (1)

jlebrech (810586) | more than 7 years ago | (#18263774)

Obviously if you refuse a "Genuine Advantage" you must be up to no good.

Re:Why would you refuse? (0)

Anonymous Coward | more than 7 years ago | (#18263918)

No. Just no.
It's the principle of the thing, I don't want my computer that I paid money for "phoning" anywhere. It's like a snitch in my computer, and I don't treat snitches well.

I paid for XP, it's mine, so get out of my business, M$.

Of course, it's not really worth the 120 dollars when the OS doesn't even do what I want it to do. What the hell am I paying them for? To make my computer half as useful as a computer with a free OS installed?

I think I'm going to pirate OS's from now on... Starting with Vista Ultimate.

Perfect marriage of technologies? (4, Funny)

Joe Random (777564) | more than 7 years ago | (#18263814)

Sounds like a perfect place to use MS speech recgonition:
Computer: "Where do you want to go today?"
You: "Nowhere."
C: "I heard 'Microsoft Validation Site'. Is this correct?"
Y: "No!"
C: "I'm sorry. I heard 'Dear aunt, let's set so double the killer delete all'. Is this correct?"
Y: "NO!!"
C: "I understand. So 'Microsoft Validation Site' was correct. Redirecting now. Thank you for using My Microsoft Live Enterprise Genuine Advantage Ultimate. Have a nice day."

IPCOP + blockouttraffic (0)

Anonymous Coward | more than 7 years ago | (#18263846)

It won't from my network.

Holy cow, this is Bad (1)

blind biker (1066130) | more than 7 years ago | (#18263878)

I am no lawyer, but this seems very similar if not the same as wiretapping. The user, quite explicitly, doesn't want to even have the software installed on his/her computer, let alone have his information (the information stored in the registry is private) sent to a company or individual.

Maybe I am just not used to spyware (never had a piece of spyware installed on any of my computers) so I am still quite allergic to this stuff. But no matter how I look at this issue, I am outraged.

Re:Holy cow, this is Bad (5, Funny)

MightyMartian (840721) | more than 7 years ago | (#18264000)

I am no lawyer, but this seems very similar if not the same as wiretapping.
You're right. You're no lawyer.

And they will get away with it. (1, Insightful)

Caspian (99221) | more than 7 years ago | (#18263988)

Are you getting the picture yet? Powerful organisations (and politicians) really CAN and DO get away with anything they want. Microsoft is a prime example. I'll be very surprised if they ever get in any serious trouble for this (and no, for MS, a multi-million-dollar fine is not "serious trouble", it's a slap on the wrist. A $10,000,000 fine wouldn't hurt them. A $10,000,000,000 fine... maybe, yes.

Re:And they will get away with it. (1)

Opportunist (166417) | more than 7 years ago | (#18264286)

Well, the problem is, if you did that, you'd go to jail for 2 years or so. But how do you jail a corporation?

Stop complaining! (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18264244)

Stop complaining!

Just buy a Mac or install Linux and say bye bye to Micro$oft shit!!!

You will be glad after a few years that you switched from Redmond's crap toolset.

I detect hypocrisy (4, Insightful)

suv4x4 (956391) | more than 7 years ago | (#18264300)

I can understand people not wanting WGA on their PC-s as it can cause issues on legitimate installations as well, in certain situations.

But sending back a little XML that you denied the EULA? Don't you detect hypocrisy here. You send your "identification" in the form of IP, browser user agent string and what not to virtually any site you visit, without "agreeing" to this every time. Why is nobody whining about this?

Having privacy and right to deny something is cool. But I think some of the most vocal opposition is simply using pirated Windows and not being honest about it.

I don't install WGA on existing (legit) computers as it doesn't help me with anything. I don't have any problem with Microsoft getting my "no" back though. In fact, I *want* them to hear my no.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?