From: Digest To: "OS/2GenAu Digest" Date: Mon, 3 Jul 2006 00:00:39 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 1323 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Sunday 02 July 2006 Number 1323 ************************************************** Subjects for today 1 Fwd: How to stop Microsoft's WGA phoning home - Tool versus tool : Robert Traynor (BobT)" 2 Fwd: Microsoft hides under duvet - As WGA blows up in its face : Robert Traynor (BobT)" 3 Re: Fwd: How to stop Microsoft's WGA phoning home - Tool versus tool : Gavin Miller 4 Re: OT: alternative to WinXP ? Was: How to stop Microsoft's WGA .... : Ed Durrant **= Email 1 ==========================** Date: Sun, 02 Jul 2006 08:49:51 +1000 From: "Robert Traynor (BobT)" Subject: Fwd: How to stop Microsoft's WGA phoning home - Tool versus tool How to stop Microsoft's WGA phoning home - Tool versus tool By Team Register Published Thursday 22nd June 2006 11:02 GMT A firewall testing website has released a tool it says will spike Microsoft's controversial WGA tool. Firewallleaktester dot com is careful to state its RemoveWGA tool does not affect the "validation" element of Microsoft's WGA software. The company's tool targets the "notifications" element of the WGA tool, preventing it from repeatedly connecting back to Microsoft to transmit information about users' software set-up. That said, FirewallLeakTester pulls no punches about its view of WGA. Once the tool has validated a copy of Windows, it says, "there is no decent point or reason to check it again and again every boot." It goes on to say that connecting to Microsoft " brings security issue for corporate networks, and privacy issues for everyone." And, unsurprisingly, it states "Microsoft used deceptive ways to make you install this tool (it was told you it was an urgent security update, whereas it is a new installation giving you no extra security) makes me calling this tool a spyware." Of course, the truly paranoid might balk at sending (hopefully) good code after bad instead of just reinstalling Windows from scratch. More details here:- ,-._|\ Robert Traynor (BobT) / Oz \ email rtraynor at removeme.optusnet dot com dot au \_,--.x/ ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Sun, 02 Jul 2006 08:50:04 +1000 From: "Robert Traynor (BobT)" Subject: Fwd: Microsoft hides under duvet - As WGA blows up in its face Microsoft hides under duvet - As WGA blows up in its face By Guy Kewney, Newswireless dot net Published Friday 30th June 2006 08:45 GMT Not since IBM invented a handwriting recognition system for banks, have I heard such cries of grief. To understand it, you have to know what WGA means. And if you've ever had a problem with Office, and been told by tech support "just install this patch" you'll know what it is: because it's the thing which, since September 2004, has told you it won't install it until you put your CD in the drive. And enter the key. That's WGA. You've probably heard of WAG, which in headlines, stands for "wives and girlfriends" of World Cup football stars. WGA, however, stands for "We're All Gone" as Windows Genuine Advantage, it seems, has dumped on its inventors. The problem is "false positives". In the case of IBM, it turned out the one thing you can't do to wealthy and self-important bank clients, is say: "That signature is a forgery". Not unless it is, and even 0.01 per cent false positives is way, way too many. IBM was getting 5 per cent. With WGA, I'm told, it's worse. It's too late to find anybody at home at Microsoft here in London, but my sources are insisting that the chatlines are red hot. What WGA does is looks at Windows on your PC, and reports back home if it is pirate stuff. The Genuine Advantage is, of course, Microsoft's advantage. The thing is, quite simply, a royal pain in the arse for the rest of us. This is, after all, 2006, and almost half the world's PC users use notebooks; and a large proportion of those do not have a built-in CD drive. So, if you're out and about and a software problem arises which is easily fixed if you have a CD drive and an Office install CD about you, WGA is the beast which means you're stuffed till you get home and can find where you put the thing, and have found a working CD on the network. And, of course, assuming you can remember the install key... Well, two weeks ago, it seems, Microsoft automatically updated Windows for all of us, and in doing so, updated WGA. That much is on record. The new update, unfortunately, was a pre-release version. And it has suddenly announced to the world that almost all the Windows software installed at two large corporate users, is pirated, according to sources. Really? Well, at the moment, it remains rumour. But if this turns out to be true, Microsoft could well face a horrid lawsuit, because installing pre-release code on a disk when the user didn't volunteer is, in every accepted sense of "moral behaviour ", way off beam. You just don't do that. And you really, really don't want to inform a client like Proctor and Gamble that it is pirating code; and, my sources insist, that's exactly what the beta code has been doing. The exact cause of the cockup isn't clear, but it seems that the software was supposed to ignore Windows applications with corporate licence numbers. The assumption was that all Microsoft code on P&G hardware was installed by the IT department, using the corporate licence. Well, apparently not. Individual users have bought their own copies and installed it themselves. And then, somehow, the WGA code looked for the corporate licence, didn't find it, and screamed blue murder: "Thieves! Pirates! Rascals!" - and P&G seems not to be amused. When the rumour started spreading, users got together to share outrage. It quickly became apparent that some of them weren't at P&G and instead of having corporate rank, were quoting military rank. Yes; the USAF has also been tagged, according to sources, as a corporate pirate. Of course, Microsoft will soothe the ruffled feathers in the normal way (90 per cent discounts, duh) and it will all blow over, and like UK ID cards, the fact that nobody likes it won't stop The Powers That Be from pushing ahead. But, meanwhile, if you find Windows Update telling you about new software, best to go for "custom" and look through for what, exactly, they are updating. And if it's Windows Genuine Advantage, probably best to skip it for now. Because right now the question: "WGAF?" has an easy answer: "P&G does!" ,-._|\ Robert Traynor (BobT) / Oz \ email rtraynor at removeme.optusnet dot com dot au \_,--.x/ ---------------------------------------------------------------------------------- **= Email 3 ==========================** Date: Sun, 02 Jul 2006 09:38:01 +1000 From: Gavin Miller Subject: Re: Fwd: How to stop Microsoft's WGA phoning home - Tool versus tool Hi All, Just wanted to jump on the band wagon with this. Not exactly to topic but... I have Windows installed for games mainly; Wintendo I like to call it; anyway... I disabled auto update, configured networking so netbios over tcpip was disabled and usually have my nic disabled until I want it. One day I wondered if there was a demo of Splinter Cell Double Agent, so I thought "Hey I'm in Windows now, why not save time and check now instead of booting into ecs, download, copy to usb drive and boot back...". I managed to pick up a virus just by logging on to the site. I will no longer consider Windows a viable option for Internet purposes and have no longer installed networking. WGA hasn't got a hope on my machine ;-) Cheers G Robert Traynor (BobT) wrote: > How to stop Microsoft's WGA phoning home - Tool versus tool > > By Team Register > Published Thursday 22nd June 2006 11:02 GMT > > > A firewall testing website has released a tool it says will spike > Microsoft's controversial WGA tool. > > Firewallleaktester dot com is careful to state its RemoveWGA tool > does not affect the "validation" element of Microsoft's WGA > software. > > The company's tool targets the "notifications" element of the WGA > tool, preventing it from repeatedly connecting back to Microsoft > to transmit information about users' software set-up. > > That said, FirewallLeakTester pulls no punches about its view of > WGA. Once the tool has validated a copy of Windows, it says, > "there is no decent point or reason to check it again and again > every boot." > > It goes on to say that connecting to Microsoft " brings security > issue for corporate networks, and privacy issues for everyone." > And, unsurprisingly, it states "Microsoft used deceptive ways to > make you install this tool (it was told you it was an urgent > security update, whereas it is a new installation giving you no > extra security) makes me calling this tool a spyware." > > Of course, the truly paranoid might balk at sending (hopefully) > good code after bad instead of just reinstalling Windows from > scratch. More details here:- > > > > ,-._|\ Robert Traynor (BobT) > / Oz \ email rtraynor at removeme.optusnet dot com dot au > \_,--.x/ > > > > > ---------------------------------------------------------------------------------- **= Email 4 ==========================** Date: Sun, 02 Jul 2006 10:11:03 +1000 From: Ed Durrant Subject: Re: OT: alternative to WinXP ? Was: How to stop Microsoft's WGA .... Another piece of information, that I have come across is that as well as the project to clone OS/2, there's also a project to produce a binary compatible OS to Windows. This is called REACTOS and is at a very early beta (or even alpha) stage - there are install and Live CD images to download and try. My experience with the Live Cd variant is that it is Awefully slow - however as I said, this is early code. http://www.reactos dot org/xhtml/en/index.html It loaded, and ran an looked like a linux implementation of a windows desktop. But perhaps this OS in the future could be useful to run in Virtual PC or SVista on eCS to run those Windoze apps that wont run under ODIN ?? Or of course as a separate bootable OS, to either run alone or to run eCS on top of. The advantage over MS Windoze is that the virus attractors of IE and Outlook are not forced installs. And of course no WGA ! Cheers/2 Ed. Gavin Miller wrote: > Hi All, > > Just wanted to jump on the band wagon with this. Not exactly to topic > but... I have Windows installed for games mainly; Wintendo I like to > call it; anyway... I disabled auto update, configured networking so > netbios over tcpip was disabled and usually have my nic disabled until I > want it. One day I wondered if there was a demo of Splinter Cell Double > Agent, so I thought "Hey I'm in Windows now, why not save time and check > now instead of booting into ecs, download, copy to usb drive and boot > back...". I managed to pick up a virus just by logging on to the site. > I will no longer consider Windows a viable option for Internet purposes > and have no longer installed networking. WGA hasn't got a hope on my > machine ;-) > > Cheers > G > > Robert Traynor (BobT) wrote: >> How to stop Microsoft's WGA phoning home - Tool versus tool >> >> By Team Register >> Published Thursday 22nd June 2006 11:02 GMT >> >> >> A firewall testing website has released a tool it says will spike >> Microsoft's controversial WGA tool. >> >> Firewallleaktester dot com is careful to state its RemoveWGA tool >> does not affect the "validation" element of Microsoft's WGA >> software. >> >> The company's tool targets the "notifications" element of the WGA >> tool, preventing it from repeatedly connecting back to Microsoft >> to transmit information about users' software set-up. >> >> That said, FirewallLeakTester pulls no punches about its view of >> WGA. Once the tool has validated a copy of Windows, it says, >> "there is no decent point or reason to check it again and again >> every boot." >> >> It goes on to say that connecting to Microsoft " brings security >> issue for corporate networks, and privacy issues for everyone." >> And, unsurprisingly, it states "Microsoft used deceptive ways to >> make you install this tool (it was told you it was an urgent >> security update, whereas it is a new installation giving you no >> extra security) makes me calling this tool a spyware." >> >> Of course, the truly paranoid might balk at sending (hopefully) >> good code after bad instead of just reinstalling Windows from >> scratch. More details here:- >> >> >> >> ,-._|\ Robert Traynor (BobT) >> / Oz \ email rtraynor at removeme.optusnet dot com dot au >> \_,--.x/ >> > >> >> > >> >> > > > ----------------------------------------------------------------------------------