Dvorak on Windows Genuine Advantage 236
PadRacerExtreme writes "Vista includes the much maligned 'Genuine Advantage' layer inside, which ensures that your copy of the OS is legit. If you're running a non-validated copy you get no upgrades, no security protection, nothing. That's all well and good, but what happens if a cracker tweaks that Genuine Advantage layer for its own good? Dvorak sees a huge problem, just waiting to happen. What's the vulnerability?" From the article: "I suspect the policeman [WGA] will actually be hacked before the OS. It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version. There is some irony to that idea. But that's none of my concern. I'm more worried about some joker creating a virus or exploit that turns the good cop into a bad cop, and I can only imagine the destruction and hassle that will ensue."
Sadly (Score:5, Insightful)
Re: (Score:2, Insightful)
Re: (Score:3, Insightful)
I agree with you, and I generally can't stand even reading his articles... but he's probably got a pretty safe prediction with this one. It seems that those who say "It'll probably be hacked" are seldom disproven.
Re:Sadly (Score:5, Insightful)
1. Make a bootleg copy look authentic.
2. Make an authentic copy look bootleg.
Figureing out how to do one means you have done at least 80-90% of the work to figure out the other. That's essentially twice the normal incentive to crack a Microsoft product. #1 has an obvious financial incentive, but #2 may have one too, if the cracker is willing to consider extortion or similar modes of funding. If the cracker is doing it just to spite MS and/or MS users, the same double whammy applies.
Re: (Score:3, Insightful)
I think it would be far easier to patch WGA in order to make it FAIL authentication than it would be to make a counterfeit Windows version PASS authentication, because of the cryptography involved (ie; probably all that would be required to make it fail would be to patch a conditional jump instruction in the executable code, but cracking the cryptography involved to pass authentication would be virtually impossible).
Re: (Score:3, Interesting)
It's definitely going to be easier. All one will have to do is figure out where WGA stores the registration code, replace it with one that's known to fail WGA, and then cause the system to try and authenticate. Of course, the end user will then just be able to re-enter the good key, which on an OEM system is usually stuck to the front of the machine
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
2. If it really is that "virtually impossible" to make counterfeits pass, someone who fails at it may well decide to use what they have learne
Re:Sadly (Score:5, Interesting)
Re:Sadly (Score:4, Interesting)
That said, they're probably foolish enough to try, and the blackhats will rejoice.
Re:Sadly (Score:5, Insightful)
Re: (Score:3, Interesting)
Why dont setup some bootnets to authenticate every possible product key at Microsoft Site? This way rendering the registration process useless, as they wouldnt be able to differentiate the good ones from the fake ones!
Re: (Score:3, Interesting)
Anti-piracy measures only annoy legitimate customers and thwart 14 year old morons - the "professional" pirates will eventually crack WGA, they have too much illicit profit incentive not to crack it and pirate it.
So I think it will happen, and MS will spend too much money, time, and effort in combating piracy instead of actually making a OS that's worth a damn. Let's face it - when all they do is pop up a message box when a process wants elevated permissions,
Re:Sadly (Score:5, Insightful)
I could list about 20 more, but I'm tired of this. Almost any measure or law that reduces the rights/privacy of normal citizens do nothing to thwart (for more than a day or two) those who would pirate, steal, kill, etc. Yet we march on to the same tune, never ever learning from the lessons of the past.
So who's really surprised by WGA? Guess I'll have to head on over to astalavista.box.sk to download a copy of the WGA crack, just in case MS one day decides my copy of Vista is no longer legitimate.
Re: (Score:2)
Nah - just head on over to distrowatch.com and pick a Linux distro. I personally dumped Windows at home 5 years ago and I've never looked back.
You can argue whether or not the Linux Penguin is retarded, but at least you know he means no harm...
Re:Sadly (Score:4, Insightful)
Re:Sadly (Score:5, Insightful)
Don't say that too loudly, as that comment fits the Slashdot community all too well. People who live in glass houses....
A lot of people have WGA wrong, and are commenting based on old info. At first, WGA did indeed prevent people from downloading security updates. That is no longer true as of sometime around March this year. MS came to their senses on that one, and now the validation is only needed to get fixes that are not security related. Not allowing security updates until validation made worse the chicken and egg problem in which a system could not download patches over the Internet until it'd been patched to prevent it from being pwned the instant it was hooked up to the Internet. Before WGA spoiled things, I worked around that problem by downloading the patches under Knoppix, or by having a CD full of patches that I'd downloaded and burned in Linux. Now that MS has relented, I can once again use Linux to help support Windows.
I hope Vista serves to further highlight fundamental problems with security. Ever since 9/11, there's been even more push for more security, a lot of people talking as if security was pure unadulterated goodness and as if there's no such thing as too much security, and a lot of bad security and abuse of security. Witness such things as confiscation of nail clippers and bottles of shampoo by airport security. When security becomes security for MS or the entertainment industry against evil pirates, that's not security for our benefit anymore however much MS tries to spin it so with such things as the "Advantage" part of the WGA name. Where's a Genuine Advantage program for software we write? When security gets perverted to mean "security for MS profits" and most definitely not "security for users against losing what they've paid for", people notice. When file format lock in gets justified with security, as in "preventing unauthorized programs from accessing and corrupting your valuable data" as if OpenOffice was written by a bunch of irresponsible hackers, that can give security a bad name. When "I can't tell you that for security reasons" is used as a cover for "I don't want to bother finding an answer", security is looking bad. A lot of Windows users have already tentatively decided they're going to stick with XP, because, ironically, they don't trust MS's intentions. So much for security increasing trust.
I particularly like this bit: (Score:5, Insightful)
Re:I particularly like this bit: (Score:5, Interesting)
That, and the fact that most of our nuclear power facilities are still running on Win2K. I'm not kidding. I work for a company that makes software for nuclear power facilities (and other places) and most of our customers just transitioned from NT4 within the last 2 years. By the time they start using Vista, Microsoft Windows X should be out.
Oh, and yes, I was as surprised as anybody that these places aren't running UNIX.
Re:I particularly like this bit: (Score:4, Informative)
-Graham
Re: (Score:3, Informative)
http://www.microsoft.com/windowsautomotive/defaul
Hopefully it doesn't have anything to do with the car itself, only GPS things and the like.
Re:I particularly like this bit: (Score:5, Interesting)
Perhaps not life support, but I was interested in getting LASIK surgery at one time. I went to a presentation given by a doctor that came highly recommended from some of the locals. When they were showing off the actual laser equipment that performed the surgery, it turned out the machine was controlled entirely from a PC workstation running Windows NT. I asked one of the doctors what would happen if the controller "blue-screened" during the procedure and was told they would have to contact the developers and research that and get back to me. I never received a reply, and they never received my business! I'm not taking any chances with my eyes, I'll stick with glasses.
Re:I particularly like this bit: (Score:5, Funny)
I never received a reply, and they never received my business! I'm not taking any chances with my eyes, I'll stick with glasses.
glasses are nothing more than tiny little windows.
Re: (Score:3, Insightful)
Even if it is, that doesn't automatically take Wintel machines out of the loop.
A friend of mine develops industrial control systems, many of which are life-safety critical. The actual devices are controlled by PLCs, which are pretty damned bulletproof, but the control and monitoring software runs on Wintel machines.
Re:I particularly like this bit: (Score:4, Informative)
Re: (Score:2)
Low-hanging fruits (Score:5, Insightful)
For instance, chainsaws are designed to cut off limbs. Tree, human, what's the difference?
WGA and successors are designed to disable Microsoft systems. OK, I'm sure that there are those who appreciate the help.
Re: (Score:2)
Re:Low-hanging fruits (Score:5, Insightful)
WGA is a key to every Windows box on the planet and a giant club with which to beat Microsoft over the head if it's every hacked, and you can bet that's not going to go unnoticed by those with the capability to pull this off. It would be the hack of the freaking century.
The day the spam stopped (Score:3, Interesting)
Whihc brings me to another question. What happ
Re:The day the spam stopped (Score:4, Insightful)
If I recall correctely, you have 30 days to authenticate or the WGA cop disables everything except IE. "Everything" probably includes the ability to be a spam-bot, but I'm still not sure.
Re: (Score:2)
Re: (Score:2, Flamebait)
Re: (Score:2)
Cute dig at the Free software supporters. Ya got balls to make it so blatant right in the middle of the enemy camp here on slashdot. Just for the record, Free software is NOT communisim any more than copyright is communisim, and nothing about Free software is sympathetic to malware.
Re: (Score:2)
Not true. All of those NEED the operating system to work to either show you ads, or to send spam from your computer. If your computer is disabled, then they have failed. I CAN see someone making a virus that will make your Vista install appear to be bogus, just to wreak havok on:
1. Micr
Re: (Score:2)
Wouldn't either of these things be more of a hassle than simply rebuilding machines that got hosed by a virus? (I dunno, I'm not IT)
Re: (Score:3, Informative)
Not as much as you'd think. Corporate Windows systems generally have updates disabled anyway, at least from Microsoft. The whole Windows Update system was designed to allow corps to run their own update server, so that they could a) pick and choose what updates they want to go to what boxes and b) use the mechanism to not only install their own software, but to prevent modification to the software. The corporate
Re: (Score:2)
Sure, if you turned WGA on users through a exploit, MS would lose massive credibility.
Re: (Score:2)
Not to mention disabling the ability to update the WGA tool too.
Dvorak? What does he know about computers? (Score:5, Funny)
Not only is this guy old, he should be commenting on things like piano typewriters or something like that...
TDz.
Re:Dvorak? What does he know about computers? (Score:4, Funny)
It looks like you're composing a letter in the key of G, would you like some help?
Re: (Score:3, Funny)
Complicated = Buggy (Score:3)
I'm going to start working... (Score:2, Insightful)
Actually, for some reason, I had never thought of this before. You probably wouldn't really even have to mess with WGA all that much, just change whatever it's checking to see if the OS is valid. Not sure how easy that would be, but considering the number of false positives that are cropping up on XP, it should be quite doable.
Just change the cd key? (Score:5, Interesting)
Multiple infections... (Score:4, Interesting)
If MS takes steps to ensure that valid product keys can always be activated, then they'd introduce a new way of pirating keys.
Re: (Score:2)
Imagine a virus which is very hard to get rid of, if not a rootkit which for the average user (read: knows nothing about computer) would as good be impossible to get rid of, then MS's WGA policy would have to stop. Say someone gets this virus and doesn't know how to detect or remove it they'll be ringing MS up and co
Re: (Score:2)
Re: (Score:2)
I personaly hope MSFT gets widespread distribution of Vista before someone pulls out that virus that disables WGA from authenticating properly. Maybe twith 30-50 million users calling in complaining will MSFT stop being so greedy.
Maybe somebody beat you to it (Score:2)
Considering the number of false positives that are cropping up, perhaps it has already been done. B-)
Who Polices the Policeman? (Score:5, Funny)
Re:Who Polices the Policeman? (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Hold on just a second there chief. (Score:2)
The real problem here is that Dvorak might die old, alone, and invalid. He must come up with this crap to feel like he's important. What if a hacker did this or that? I don't really care unless a hacker actually does it. People have been talking about someone pointing auto-update
Re: (Score:3, Informative)
Wrong. One of our other sites just got nailed by a trojan because some machines weren't updating because they had never installed WGA. I found this behaviour several months ago and ran windows update on the offending machines just to install WGA. (we use WSUS for updates) The machines mysteriously resumed updating after installing WGA. Fortunately I check the patch status of windows machines around here. Obviously our sister site did
Re: (Score:2)
WGA is the system blackbox .. (Score:2, Insightful)
Devilsown will make a client-side server (Score:5, Informative)
This is exactly what I was thinking when I heard that volume licensed versions of Vista would no longer take the product key's word for it (bye bye FCKGW), but authenticate and activate with a local server. I bet the first pirated versions of "Vista Pro Corp" will include a proxy patch or HOSTS entry that will point the OS to a server run by a warez release group, or maybe 127.0.0.1 with a host-side server.
Either way, it's going to really suck when people need to run a one or more instances of Vista Ultimate in a VM (yes, Ultimate can run in a VM) for testing and staging but quickly run out of licenses on the local activation server.
Re: (Score:2)
The volume licensing EULA specifically allows for VM usage (one VM per machine only), so I'd expect the licensing server knows about this and can deal with it.
Doubt this is possible (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
It would certainly be difficult if Microsoft retained control of all the authentication servers. But then it would be impossible to install Windows on a machine not connected to the internet.
Re: (Score:3, Insightful)
Faking the certificate would only be necessary for falsifying updates and so on. I'm actually surprised you haven't seen more malware through auto-update attacks for Windows, though I suspect those clever enough to do it are perhaps clever enough not to have that detected.
Re: (Score:2)
Windows a time-bomb (Score:2)
The Vista cop will likely cache authentication like so many other things. And, airlines, hospitals, and other large organizations won't be moving to vista with any gusto anyway.
Still, the mere idea of a self-disabling software product make me want to use something else even more than a product that breaks down just because i
News Alert (Score:4, Funny)
More news at 11.
Forbidding Vistas: Windows licensing disserves the (Score:5, Informative)
Re:Forbidding Vistas: Windows licensing disserves (Score:3, Insightful)
So this is a client-side DOS attack? (Score:2)
The user will know that their copy is suspected of being pirated, but may not know how to fix it. This could potentially ensure that a large amount of devices that were compromised stay compromised and unpatched for a period of time.
You missed the best part (Score:2)
Now, I wonder how upset they're going to be if something like this gets loose? Hmmm....
Stop submitting this dolt (Score:3, Informative)
He has a point ... (Score:3, Interesting)
But to what end? Why couldn't any kind of software do this?
Free anti-virus..(not Clam
SpyBot S&D
Ad-Aware
Hi-Jack This!
Could ALL be spyware-in-disguise. We don't know. How could we?
It's not just Vista's WGA we need to worry about. I mean, what better way to take over the world. Develop some cool little free app that EVERYONE starts using. Get it installed on a bajillion computers, then it grabs an auto-update and WHAMMO! You've got
Windows, Pestilence and Plague (Score:3, Interesting)
Please Wait (Score:5, Interesting)
Microsoft has long been due the fruits of their incidious labor and it is only just that they reap the true rewards.
Is there a front coming through? (Score:4, Funny)
So if WGA really screws itself up? (Score:3, Interesting)
It seems to me that every step M$ takes to make sure that no illegal copies are around it will also create more work for the IT department. And what if there is an unexpected problem popping up causing all legitimate copies to be locked from the users due to a flaw in WGA? Who will be paying the standstill cost? Not M$ in the first turn.
It seems to me that alternative solutions like Linux and the BSD variants will benefit most from this. The latest versions of the Linux distros aren't really that complicated to install and use, even if there still are flaws. (most notably the X11 config, which can be a real pain to get right, even if Fedora Core 5 seems to work acceptable there). Another item that can cause severe dandruff is the SELinux package, but I assume that there are work in progress on that.
What?! (Score:2)
No Incentive to Cause Failure (Score:3, Interesting)
Most of the people who send out these exploits aren't doing it to piss people off, they are doing it to make money. The thing is, a botnet only works when the zombied machines are running. If you are Joe Cracker, you want those machines up so they can be sending your spam, performing your DDOSes, and collecting information for you to sell to ad companies. What you don't want is for the machine to stop working so that the owner takes it in to be fixed - especially when the person fixing it might just put some antivirus software on there that will stop your bots from running (for a while).
Re: (Score:2)
You're young-ish, aren't you? (Score:2)
I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament.
To answer your question, please read this. [wikipedia.org] To summarize, some people are flat-out bastards.
Really? (Score:2, Insightful)
Dvorak!
This man is a looney but the second he says something people want to hear they chant his name like he's the new Moses leading you guys out of Egypt? Come on now. Get real.
Any other time 90% of the comments are "Dvo-crack is teh r3tard" but now everyone's all "Maybe this will mean Linux will meet the masses". I've been hearing this for years. Every week or so a new "Microsoft killer" is announced here... I'm sorry but everytime one of these c
Re: (Score:2)
Re: (Score:2)
This is to say that, when it comes right down to it, there are more credible sources. Heck, at least half of the slashdot community has just as much, if not more, insight as Dvorak. I think I would be better off doing my own study instead of listening to Gimpy, er, John.
Good thing palladium is unbreakable (Score:2)
In any case. I'm guessing this "software cop" will be down in the portions of Windows that are "impossible" for a user to modify. You know, the same part that won't let you play the latest Britney spears album without paying for it. If the Windows Platform Security Initiative has any success, then this "software cop" should remain uncorrupted. If not, people will do whatever the heck they want and Microsoft is going to have a really messed up userbase.
Oh, and don
Two big issues with his doom and gloom scenario: (Score:3, Insightful)
#1: After vista 'detects' that your version is not legit, it gives you 30 days to fix that before actually shutting down.
#2: "Once a virus that makes the cop refuse to authenticate Vista hits the Net, then how can the problem be fixed? By definition and the way I see it, this will be an impossibility."
Well, while a small # of users will already be effected, I see something that prevents vista from being upgraded by paying customers is one of the few things that could convince MS to patch out-of-cycle. Fix the bug in WGA and release it after a couple days of QA.
He stole my /. comment... (Score:2)
Microsoft's genuine disadvantage.. (Score:5, Interesting)
One company didn't do it. Microsoft got miles of cool points for making their operating system, and eventually their applications, easy to copy. There were legal barriers to reproduction but no technical barriers. People bought MS at premium prices because they could copy. System administrators knew they would have no difficulty making backups, or "educational" copies to take home to put on their systems. They also knew that things would not be difficult if they had to do a reinstallation. It was viral marketing at its most effective. The license agreement of course forbade such practices, but Microsoft winked at personal duplication. Licenses had to be bought, of course, because support was needed, especially in a large enterprise. My personal opinion is that the bugs in early iterations of Microsoft software were their insurance against wholesale ripoff. This is just a feeling.
I thought activation was a big mistake. I actually do think it slowed the adoption of XP if you can recall back that far. However it was easy to crack so the viral thing happened. Anyway Microsoft continued to thrive. I was living in Eastern Europe at the time of XP's introduction and cracked copies were everywhere. Pirate copies of the beta were in the electronics market in the months running up to final release. I am in Western Europe now so I don't know what the Russian and Ukrainian guys have done with WGA, but I can only guess. Vista will be zooted as soon as it hits the market. The Russian and Chinese pirates will not be slowed down at all from putting cracked versions onto hardware. Legitimate customers however will have no end of headaches. It's a crying shame.
The fact that this WGA is vulnerable to hacks is merely the bitter coating on the poison pill of this new form of copy protection, which is always a bad idea because it hurts your customers. DRM and copy protection are ideas that corporate lawyers dream up. Marketing men instinctively know they suck.
I actually think Vista might not even fly very well. Net services are coming. Linux could be attractive to eterprise in some circumstances. And there is always Apple waiting in the wings with good stuff. Corporate prejudice against the "toy computer" might well melt now that the OS is riding on an Intel platform. And there is also the iPod effect. Nothing sells like success.
Meanwhile, Microsoft's latest patch automatically installed itself and rebooted my computer even though I have set the update options to stop at the download. Feh! I didn't have any process running, so I skated, but that is practically a crime in my book. If Vista is going to walk all over me like that I won't want the thing. Certainly I am going to wait as long as I can before I get it. And if I can get away without getting it I won't get it.
Please Don't Feed the Dvorak (Score:3, Funny)
Re: (Score:2)
Re:Validating (Score:5, Informative)
Re: (Score:3, Interesting)
I have my own DNS server on a dedicated BSD machine. Let them try to block that one ;-)
Technically, I see no reason why someone couldn't make a small DNS caching service that installs on a Windows machine and then set all DNS lookups to be redirected to localhost:53, bypassing the %SystemRoot%\System32\drivers\etc\hosts file.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Actually no (Score:3, Insightful)
XP installs are almost all OEM copies, Vista will be the same way. The only people it affects are white box PC's (which are rare these days). Every PC that comes from a name vendor already has a license for Windows, which makes me wonder who the target is for these WGA
Re: (Score:2, Insightful)
Re: (Score:2)
An interesting idea, but one that will never happen.
Speaking for myself, the only, umm, non-legit versions of Windows I have are on boxen that I don't really care about (a dedicated PC to run security cam software, my 4 year old's PC, and a couple of others). Even if Vista turns out not to be the train wreck it appears to be, it simply isn't worth the money to make tho
Re: (Score:3, Interesting)
Re: (Score:2)