As the debate over Windows Genuine Advantage rages on, Microsoft is attempting to rein in speculation that the antipiracy tool could be used put an abrupt end to the use of pirated versions of Windows. A spokesperson for the company firmly denied that the tool would be used in such a manner, saying that "No, Microsoft antipiracy technologies cannot and will not turn off your computer." Confusion remains over just what WGA is designed to do.
Dislike for WGA and what it represents has been brewing for years, stemming back to the release days of Windows XP. At that time, Microsoft required new copies of the Windows XP operating system to "activate" over the Internet using Windows Product Activation (WPA), a process that required a user’s consent to send identifying information about their computer and OS to the company. While that information was essentially nothing more than an authenticity code coupled with select system specifications, many users were uncomfortable with the tactic. Still, it was much like a tetanus shot: one quick
prick click, and it was over.
Piracy, of course, lived on, and WPA has largely been assessed as a victory only to the extent that it stopped many forms of casual piracy. With Windows Genuine Advantage, Microsoft is looking to improve on the anti-piracy tools of 2001, and WGA is best understood as the heir to WPA. Whereas the original tools only required activation once in the first 30 days of use, WGA is designed to constantly monitor a system’s licensed state. In very general terms, the idea is to make life as a so-called pirate difficult.
"The game is changing for counterfeiters. In Windows Vista, we are making it notably harder and less appealing to use counterfeit software, and we will work to make that a consistent experience with older versions of Windows as well," said a spokesman in a statement.
Still, the company has not fully disclosed their vision for WGA, leaving many questions unanswered. After talking with several trusted sources about Microsoft’s plans for Windows Vista, I believe I can shed some light on the reasons why WGA behaves as it does, and why Microsoft will indeed be using antipiracy strategies that continue to monitor one’s licensing state long after the initial setup.
The itch that WGA scratches
WGA is designed to identify a computer’s licensed state and to report that state to Microsoft. Generally speaking, Microsoft wants this information for two reasons. First, they want to fight casual piracy, and this is one way to discourage it. The company believes that tools such as WGA will make it less likely for people to share OS copies or install the same OS throughout, say, their home.
Second, they want you to be wary of pirated software, and this is one way to encourage that. Microsoft believes that commercial forms of piracy are especially egregious because they typically involve a third party selling counterfeited software—software that Microsoft ends up supporting for free. WGA is designed to kill two birds with one stone by tying OS updates to WGA monitoring. The end result is that Joe Consumer has a good reason to make sure his software is legitimate (to get updates), but there’s also a new side effect: the company believes that if Joe Consumer learns that he was sold counterfeit software, he’ll help nab the crooks, as it were. You can see this aim in Microsoft’s policy regarding known cases of OS piracy:
"Qualifying customers who fill out a counterfeit report, provide proof of purchase, and send in their counterfeit CDs may receive a genuine copy at no cost. Customers may also purchase an electronic license of Windows XP Home for $99 or Windows XP Pro for $149, or from their favorite local resellers," the spokesperson told Ars Technica.
From Microsoft’s point of view, if you have pirated/counterfeit software on your computer, you’re either a victim or a pirate. If you’re a pirate and caught, or if you’re a victim but have no proof, you can buy legitimate keys. If you’re a victim and you can prove it, you get a free replacement. The program is clearly designed to smoke out counterfeiters while collecting licensing fees.
The move to constant monitoring
This still does not address the change from a one-time authenticity check to what is essentially constant monitoring. To explain this, I offer the following hypothesis: constant monitoring is going to become very important with Windows Vista. Here’s why: the new OS will be the first from Microsoft that supports upgrades on the fly, allowing users who purchased one version of Vista to "upgrade" to other versions by simply obtaining a new license key and inserting their old installation disk. Dubbed Anytime Upgrade, the program takes advantage of Windows’ modular design. When consumers head to the store to pick up Windows Vista next year, they will actually be picking up media that has all flavors of the desktop OS on it, regardless of what the box says. Joe’s Windows Vista Home Basic disc will also have all of the features found in Vista Ultimate, and Joe can activate those features for an upgrade price to be announced later.
The end result is that the OS can be upgraded "in place" using existing media. The benefits are obvious: Microsoft hopes that users will learn about features in the Premium and Ultimate versions of Vista and want to upgrade, and the chances of them doing so are much higher if they already have the media and a simple way to obtain a new licensing key. It could even become an impulse buy. (And I must point out that this can also be used to sell future updates to Vista as well.)
The potential rewards also come with risk. What is to stop users from buying the cheapest version of Vista (or even pirating it, for that matter) and then using hacks to easily upgrade to the best version? This is where WGA’s persistent monitoring comes in. Through updates delivered to the application, known exploits will eventually be identified, or so the company hopes. Post installation hacks, whether to gain new features or change product keys, can now be identified in the field and targeted dynamically instead of waiting for the next major service pack (which could be years away). Furthermore, valid keys that are leaked can also be quickly disabled, although the company hopes to have another solution for leaked corporate keys in place soon. The fight against key leaks explains why the persistent monitoring will also be applied to OSes such as Windows XP, which cannot take advantage of Anytime Upgrade.
As we move closer and closer to a world where portable physical storage formats will be replaced by high-performance networked storage, software developers are drooling for a safe way to sell software and software upgrades online, cutting out the middle man. Some are doing it already, others want in. For big-time targets of piracy such a Microsoft, the rush to sell software online must first be subjugated to antipiracy strategies. Microsoft and others know that post-installation exploits can be attractive for pirates, even sophisticated exploits that involve more than just replacing a specific DLL or editing a registry key. For Anytime Upgrade and its forthcoming brethren to be a success, persistent monitoring is going to be part of the equation.