Nutz & Bolts of the PC

When you were a kid and ET wanted to "phone home" you thought it was cute, but how would you feel if a program was running on your PC that secretly called home to report in? If your like me you'd be a little concerned, and rightly so. ArsTechnica is running an article that describes this exact behavior in Windows Genuine Advantage (MGA). The code is intended to spot illegal copies of Microsoft XP and prevent users from applying the latest fixes. The problem is that Genuine Advantage also calls home to check in with the Microsoft mother ship, so frequently that a few security sleuths noticed the traffic.

According to Microsoft Genuine Advantage's phone home capability is to prevent the program from malfunctioning. One would wonder why exactly this would be a problem since MGA only validates the installation, right? Not exactly. It seems that further investigation has uncovered the built in ability for Microsoft to payload any code they wish in with an MGA update, thus allowing them to execute code on your machine. Sound scary? Of course, especially since Microsoft doesn't have the greatest track record for security. How soon do you think someone could exploit this delivery system, or vector, for malicious purposes?

It seems that everything Microsoft does these days causes the company to be hammered in the court of public opinion. While I'm not as afraid of someone at Microsoft rooting my system, I am concerned that 3rd party hackers could take advantage of this obvious back door. Furthermore, my experience with Genuine Advantage is one of great frustration and tendency to question the package's usefulness. Sure it's a great anti-piracy tool; it is obvious that the package is hastily updated to keep up with the latest cracks.

A few weeks ago I reinstalled a copy of XP to a new hard drive. My previous copy of XP was fully patched and working well, however I wanted to start from scratch because over the lifetime of the install I'd changed hardware a few times. So I blew away the hard drive and loaded XP offline. Since I was behind a firewall I decided that I'd hit Windows Update for all the necessary patches. My first order of business was to install Service Pack 2, however I quickly found out that Update needed some upgrades first. So I installed the Update upgrade and rebooted. Next Updated wanted to install Windows Genuine Advantage. I said sure since I have a legit copy and my prior version was fine. But then it happened, the great uh-oh moment. Apparently Genuine Advantage said I wasn't genuine. I was furious.

To make maters worse I was taken to a generic Microsoft page that relayed no useful information, nor did it tell me the cause of the problem. It simply told me to contact a Microsoft customer service rep. Bullshit I scream! So I decided that I'd install SP2 on my own and sort this problem out later. So I downloaded SP2 offline install from MSDN and ran the patch. After a quick reboot I decided to hit Update once more to see if Genuine Advantage had pulled its genuine head out of its ass. To my surprise it not only installed successfully, but after the reboot asked me to install genuine advantage once more. Simply put I was flabbergasted. Not only was SP2 a requirement for Genuine Advantage which was never made apparent, but the copy of MGA that was installed wasn't the latest and greatest.

The only thing I can say to that is COME ON! What the hell are you guys smoking that you can't write a single, authoritative copy of your damned verification software? This gives me less faith in an already insecure product that's secretly traipsing around my hardware calling home to "mommy" every afternoon. If there was a flaw in one of these releases could Microsoft patch the app and deploy it and still be sure they'd replaced all the affected copies? I strongly doubt it.

Get a friggin grip guys. I fully support your right to protect your software from copy-theft, but I really thing your not doing yourself any favors by haphazardly implementing this little progies and hoping no-one wises up to your antics. In times likes these when your OS is under fire from Apple, your Internet Empire from Google, and countless other sharks circling just waiting for the slightest slip-up, don't you think it behooves you to be more careful?