Welcome to RCF - WHF

Nightrider · Sep 25, 2004

Confirmation of stealth Windows Update

I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists - because I’ve detected its presence on a machine at the PC Doc HQ.

At the PC Doc HQ we have several systems set not to update automatically. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don’t update automatically (it was set to download and notify) - and within seconds I found what I was looking for...

These updates without notification is a slippery slope. I just don’t like the idea of having updates foisted upon systems without being aware that they are coming in and having the option to postpone them. Why? Simple. IT’S MY PC!!! If a user chooses not to have updates installed automatically, Microsoft needs to respect this decision. Period. If this is not possible, notifications should be made after the update has been installed clearly identifying the updates, describing what it does and giving users a way to roll back the system if they want to.

More...

Silly rabbit. If you installed XP or Vista, it is no longer your PC even if you paid for it. It now belongs to M$...

violent1

rb2d2 · Sep 25, 2004

Wow! You would think that would be a crime. Like trespassing? A person could find their machines unbootabe and never know why.

If not for his documentation I would not have believed MS could do that.

Crying or Very sad

fishead · Feb 09, 2005

rb2d2 · Sep 25, 2004

Nightrider · Sep 25, 2004

I doubt that there will be a real challenge the M$'s EULA until they start shutting down PCs on a mass scale. By then, a lot of people will pay dearly though. The EULA probably won't stand up in court, but that won't help the majority who are adversely affected by it...

It amazes me that there are still a lot of people who don't believe that M$ will pull a stunt like this or worse. The warnings are there. Unfortunately, most will be surprised when it actually happens to them and few will be prepared for it...

violent1

Katy · Sep 28, 2004

I'm lost!!! Why would MS want to shut down PCs??? I would think they would want the opposite...

Nightrider · Sep 25, 2004

They could shut down PCs for several reasons. Now that it has full control over your PC and can scan for what's stored and installed on it, M$ can choose to shut down the PC if it believes there is illegal content on the PC, even if it doesn't have anything to do with them. And they have a bad track record for determining what is legal and what is not so far. Once M$ stops supporting an OS, it can be able to shut down the PC until you have upgraded to an OS that it does support. So bascially you won't have a choice whether to remain at an older version of the OS. If they shut down your PC due to an unsupported OS, then you may lose all of your personal data until you pay M$'s ransom and update to a supported OS...

M$ is currently using the DRM (digital rights management) to determine whether to disable your PC or not. The technology is built into Vista and can be updated in previous OS versions to act and work the same:

Piecing Together Microsoft's DRM Puzzle

In a nutshell, this is the dilemma Microsoft faces as it prepares to launch Windows Vista. By any standard, Vista's new DRM capabilities -- aimed at protecting the rights of content owners by placing limits on how consumers can use digital media -- hardly qualify as a selling point; after all, it's hard to sing the praises of technology designed to make life harder for its users.

Microsoft itself defines DRM in straightforward terms, as "any technology used to protect the interests of owners of content and services." In theory, it's an easy concept to grasp; in practice, however, modern DRM technologies include a multitude of hardware-, software- and media-based content-protection schemes, many of which have little or nothing in common.

DRM at the hardware level

Vista's DRM technologies fall into several distinct categories, all of which are either completely new to the operating system or represent a significant change from the technology found in previous versions of Windows. The Intel-developed Trusted Platform Module (TPM) makes DRM harder to circumvent by extending it beyond the operating system and into the PC's hardware components.

A set of related technologies grouped under the name Output Protection Management (OPM) also takes DRM to the hardware level. Perhaps the most prominent (or notorious) OPM technology, known as Protected Video Path (PVP), provides a good example of how hardware-based DRM works and what it can do. PVP content-protection technology is supported both in Windows Vista and within a small but growing number of high-end graphics adapters, high-definition displays and even digital display connector cables. It is intended, first and foremost, to protect the high-quality digital content that is slowly becoming available on the next-generation Blu-ray and HD-DVD optical media technology.

PVP eliminates these security gaps, enabling a series of DRM measures that keep a high-resolution content stream encrypted, and in theory completely protected, from its source media all the way to the display used to watch it. If the system detects a high-resolution output path on a user's PC (i.e., a system capable of moving high-res content all the way to a user's display), it will check to make sure that every component that touches a protected content stream adheres to the specification. If it finds a noncompliant device, it can downgrade the content stream to deliver a lower-quality picture -- or it can even refuse to play the content at all, depending on the rights holder's preferences.

What does all this mean to a typical Windows Vista user who just wants to sit back, relax and watch a movie on his brand-new, state-of-the-art multimedia dream machine? That depends, of course, to a great extent on what he wants to watch; the latest Hollywood blockbuster is far more likely to require a PVP-compliant system than less mainstream fare. But sooner or later, most Vista users will probably encounter PVP-protected content -- and more often than not, they will walk away from the encounter at least a little frustrated, disappointed or even angry.

Matt Rosoff, lead analyst at research firm Directions On Microsoft, asserts that this process does not bode well for new content formats such as Blu-ray and HD-DVD, neither of which are likely to survive their association with DRM technology. "I could not be more skeptical about the viability of the DRM included with Vista, from either a technical or a business standpoint," Rosoff stated. "It's so consumer-unfriendly that I think it's bound to fail -- and when it fails, it will sink whatever new formats content owners are trying to impose."

WGA: The next generation

One of these, dubbed the Software Protection Platform (SPP), deals mostly with the integrity of Windows itself. The next generation of Microsoft's Windows Genuine Advantage (WGA) program, SPP requires that users validate their version of Vista with a software license key within 30 days of its activation. Users who don't validate the operating system will be prevented from using certain features, including the new Aero graphical user interface, the ReadyBoost system performance application and, most controversially, the Windows Defender antispyware program.

After 30 days, Vista goes into a reduced functionality mode, similar to Windows Safe Mode -- users have access to a Web browser (so they can validate or purchase a copy of Vista), but none of their computers' other functions. (For details, see "The Skinny on Windows DRM and Reduced Functionality in Vista".)

More...

What's the truth about Microsoft's controversial new antipiracy measure?

November 10, 2006 (Computerworld) -- One aspect of Microsoft's Windows Vista operating system that has raised users' hackles is its new antipiracy system, called Software Protection Platform (SPP). To understand SPP, it's necessary to take a few steps back. Microsoft began its aggressive campaign against software piracy in Office XP and Windows XP with functionality called Office product activation (OPA) and Windows product activation (WPA).

In July 2005, Microsoft unleashed Windows Genuine Advantage (WGA), which required users of Microsoft's Windows Update, Microsoft Update and Microsoft Download pages to install the first component of WGA, subsequently dubbed WGA Validation. One of the first pieces of software requiring a WGA check was Windows Defender. At that time, Microsoft began requiring that you either install WGA Validation or not use any of Microsoft's download sites. (It was still possible to get Microsoft's security patches through Windows XP's Automatic Updates without installing WGA Validation.)

WGA Validation is a piece of code that runs in Windows and that determines all on its own whether the installed copy of Windows it's running in might have been pirated or improperly authorized. Earlier this year, Microsoft delivered the second component of WGA, called WGA Notifications. Its purpose is to inform the user that WGA Validation has found a problem with the installed copy of Windows. It also tries to help the user find a solution, including asking for money to relicense Windows.

WGA Notifications ran into a buzz saw of criticism when an early version of it reconnected with Microsoft servers in the background on a daily basis. Even more important, there was a wave of reported false positives. WGA Notifications is technically an optional install from Windows Update or Automatic Updates, but the manner in which you choose not to receive it is not intuitive for most users.

WPA and WGA work together on Windows XP machines they're installed on. WGA is also capable of running solo on Windows 2000 computers.

Enter Windows Vista. Microsoft took the opportunity of a new Windows release to unify the processes of WPA, WGA Validation and WGA Notifications. Possibly because of the bad press WGA received over the summer, Vista's new antipiracy system is called Software Protection Platform.

The most overt change in SPP is that Microsoft's antipiracy measures now have an enforcement action. Whereas WGA Notifications just nagged you, with little negative fallout other than the nagging itself, SPP carries a big stick. After numerous warnings and a grace period, SPP will automatically and without option force Windows Vista into what Microsoft terms "reduced functionality mode" (RFM).

How SPP works

Perhaps because many of the early reports about SPP and RFM were based on a series of whirlwind press briefings, an online FAQ, and later a white paper (download Word document), a lot of conflicting reports included different descriptions of how RFM works. We asked Microsoft to provide some clarity on SPP and RFM. Here are the company's answers, relayed by its public relations firm:

CW: What exactly is SPP's reduced functionality mode?

Microsoft: When a user enters RFM, the default Web browser will be started and the user will be presented with an option to purchase a new product key. There is no start menu, no desktop icons, and the desktop background is changed to black. The Web browser will fully function and Internet connectivity will not be blocked. After one hour, the system will automatically log the user out. It will not shut down the machine, and the user can log back in.

CW: When does SPP's RFM begin? After 30 days?

Microsoft: A copy of Windows Vista can go into reduced functionality mode under two scenarios:

If any of the following events occurs (for each license type):

Retail License (or corporate user with a MAK):
- Failure to activate within the grace period (30 days after installation)
- Failure to renew activation within three days of a major hardware replacement
OEM License (or non-volume-license enterprise with OEM-sourced, preactivated Vista image):
- Failure to activate within three days of switch to a non-OEM motherboard
Enterprise License using KMS:
- Failure to activate with KMS within 30 days of installation
- Failure to renew activation with KMS within 210 days of previous activation
- Failure to renew activation with KMS within 30 days of hard drive replacement
A copy of Windows Vista may be required to reactivate for the following reasons, and failure to successfully reactivate during the 30-day grace period will cause the copy of Windows Vista to go into reduced functionality mode:
- The activation process has been determined to have been tampered with or worked around, or other tampering of license files is detected.
- A leaked, stolen or prohibited product key is detected that is blocked by Microsoft product activation servers.
Before being placed into RFM, users will always have a grace period to resolve the situation. During the grace period, reminders will pop up to inform them that they must activate within the specified time period or else they will lose Windows functionality. During the last three days of the grace period, the reminders are displayed with increasing frequency.

More...

Katy · Sep 28, 2004

Thanks for the info NR... One question; Are you running windowa??

Nightrider · Sep 25, 2004

Yes, I am running W2K. I will not upgrade to a newer M$ OS because W2K was the last OS that didn't phone home and give M$ the ability to shut down the PC at any time for any reason...

munky2

fishead · Feb 09, 2005