Microsoft has announced the transition of the Windows Genuine Advantage (WGA) pilot to a version 1.0 launch with worldwide availability.
Based on the successful pilot of the WGA program, which started on 16 September 2004, Microsoft released version 1.0 of the WGA service on 26 July.
"WGA is part of our ongoing commitment to protect customers from software counterfeiting, and to help support partners through education, engineering and enforcement of policies and laws," says Jonathan Hatchuel, Windows client business group manager at Microsoft South Africa.
"Previously, there was not that much of differentiation between an authentic Windows copy and a counterfeit one," he comments. "However, with WGA, we hope to drive down the amount of counterfeit copies doing the rounds, and show users the benefits of owning authentic software."
Awareness
Hatchuel goes on to say that the point of this program is not to catch users with pirated Windows versions, but instead to create awareness. "Should a user go through the authentication process, and find that he or she is using counterfeit software, the user has the option of buying an authentic version, or sending their counterfeit CD to Microsoft for further investigation."
Microsoft believes that a lot of users and resellers have inadvertently bought counterfeit software. "Giving the users the option to send the CD to us, gives us the chance to possibly find the person creating the CDs. Some individuals have gone the distance of including the hologram and all other authentication details, meaning that the difference will go unnoticed to the untrained eye," he says.
"Customers are required to validate their copy of Windows prior to accessing most Windows XP-related content from the Download Center and the Windows Update site, with the exception of security updates," says Hatchuel.
"Customers who validate successfully will be offered additional value in the form of free and discounted downloads, designed to reward them for their use of genuine Windows," he adds.
During the 10-month pilot of WGA, 40 million customers chose to participate in WGA because they were concerned about piracy, and wanted a way to determine whether their Windows software was genuine. This customer feedback was used to make changes to the product and prepare the final release of WGA version 1.0.
WGA 1.0 offers a number of advantages over previous Windows validation methods. Driven by customer feedback, the WGA validation logic was enhanced, and will no longer require a 25-character product key. Validation is now required to receive most Windows downloads through Download Center. The Microsoft Update and Windows Update sites also require validation.
Although details are very sketchy at the moment, Hatchuel went on to say that the company may soon be extending the WGA to other Microsoft products, such as Microsoft Office.
WGA cracked?
Only one day after the WGA anti-piracy system went into effect a crack was found. During the authentication process, the system asks users to download an ActiveX control, which scans Windows to determine whether it is legitimate. If the software checks out, the control installs a key, allowing future downloads.
However, a simple JavaScript hack has been circulating, and all users had to do was paste a JavaScript URL into the Internet Explorer browser window at the beginning of the process; this turned off the key check, according to users.
Microsoft says it is investigating the hack, but did not consider it to be a security flaw. The company says that it may not take immediate action to fix the problem.
"The fact that a hack has emerged so soon, just goes to show how valuable the content of the Windows Update site is," concludes Hatchuel.