Skip to main content

WGA Notification Phones Home during Windows Start-Up

The Windows Genuine Advantage Notifications tool repeatedly nags computers that use pirated copies Windows XP. Windows Validation is required for all genuine Windows downloads on Microsoft Download Center.

The anti-piracy tool attempts to contact Microsoft over the internet each time the computer boots. The connections occur even if you do not have Windows Automatic Update enabled.



Lauren Weinstein is of the opinion that Microsoft Genuine Advantage tool may itself be considered to be spyware under commonly accepted definitions.
I fail to see where Microsoft has a "need to know" for this data after a system's validity has already been established, and there may clearly be organizations with security concerns regarding the communication of boot-time information.
Microsoft has responded quickly to Lauren's concern and some more interesting facts have emerged from his conversation with Microsoft:

» Microsoft receives user IP address and date/timestamp data relating to systems' booting and continued operations, which MS would not necessarily otherwise be receiving.

» Even after a copy of XP has been validated, MS may choose to "revoke" that validation (via communications with their Windows Update site) at a later date if activation codes are found to be pirated in the future.

» Why is the new version of the validity tool trying to communicate with MS at every boot? At this time the connections are to provide an emergency "escape" mechanism to allow MS to disable the validation tool if it were to malfunction. Apparently these transactions will also occur once a day if systems are kept booted.

The validation checks can be disabled by either blocking the WGA tool from communicating with Microsoft using ZoneAlarm or disable the WGATray.exe process.

If you try to validate Windows with an invalid Windows Key, it will say "Validation Failure: Invalid Product Key" - The product key associated with your copy of Windows was never issued by Microsoft. [Why it did not validate 0x80080222]

Once you suppress the WGA notifications, it is possible that the notifications will be re-activated when a new update for WGA Notifications is installed.

Popular posts from this blog

How to Download Contacts from Facebook To Outlook Address Book

Facebook users are not too pleased with the "walled garden" approach of Facebook. The reason is simple - while you can easily import your Outlook address book and GMail contacts into Facebook, the reverse path is closed. There's no "official" way to export your Facebook friends email addresses or contact phone numbers out as a CSV file so that you can sync the contacts data with Outlook, GMail or your BlackBerry. Some third-party Facebook hacks like "Facebook Sync" (for Mac) and "Facebook Downloader" (for Windows) did allow you to download your Facebook friends' names, emails, mobile phone number and profile photo to the desktop but they were quickly removed for violation of Facebook Terms of Use. How to Download Contacts from Facebook There are still some options to take Friends data outside the walls of Facebook wall. Facebook offers the Takeout option allowing you to download all Facebook data locally to the disk (include

PhishTank Detects Phishing Websites by Digg Style Voting

OpenDNS, a free service that helps anyone surf the Internet faster with a simple DNS tweak , will announce PhishTank today. PhishTank is a free public database of phishing URLs where anyone can submit their phishes via email or through the website. The submissions are verified by the other community members who then vote for the suspected site. This is such a neat idea as sites can be categorized just based on user feedback without even having to manually verify each and every submission. PhishTank employs the "feedback loop" mechanism where users will be kept updated with the status' of the phish they submit either via email alerts or a personal RSS feed . Naturally, once the PhishTank databases grows, other sites can harness the data using open APIs which will remain free. OpenDNS would also use this data to improve their existing phishing detection algorithms which are already very impressive and efficient. PhishTank | PhishTank Blog [Thanks Allison] Related: Google

Digital Inspiration

Digital Inspiration is a popular tech blog by  Amit Agarwal . Our popular Google Scripts include  Gmail Mail Merge  (send personalized emails with Gmail ),  Document Studio (generate PDFs from Google Forms ) and   File Upload Forms ( receive files  in Google Drive). Also see  Reverse Image Mobile Search , Online Speech Recognition and Website Screenshots , the most useful websites on the Internet.