WGA notification cancellation sends info to MS

The Windows Genuine Advantage Notifications application in Windows XP has been the cause of much user discontent and even a couple of lawsuits since Microsoft introduced it last year. Now, Heise Security reports that Microsoft may be quietly keeping track of users who opt out of installing the software via Windows Update.

Heise says that, unbeknownst to end users, Windows Update sends data to a server at http://genuine.microsoft.com when a user refuses to install the software. The data transmitted includes encrypted strings as well as information about the user’s version of Windows, the version of the WGA notification tool, and the language of the operating system. According to Heise, Microsoft might even be able to identify individual computers with some of this information. The site asked Microsoft about the subject, but the company said the purpose of the data collection was to “improve the quality of the WGA for users,” and that the data did not identify end users. Nonetheless, the company reportedly declined to explain why the software doesn’t inform the end user that data is being sent—or ask for his or her consent.

Comments closed
    • albundy
    • 12 years ago

    thats if you use Winblows updates. there are other ways of getting the updates.

    • Usacomp2k3
    • 12 years ago

    Why aren’t people installing the WGA update? I’m confused.

      • lethal
      • 12 years ago

      because the taskbar icon is ugly 😛

      • Shintai
      • 12 years ago

      Maybe because they downloaded their version of windows from torrentsites.

    • WaltC
    • 12 years ago

    The problem with “phoning home” is that people assume that this has some dastardly context–even in the face of a complete lack of evidence to support such conjecture. Do people realize that if their computers stopped to “ask permission” about all the things going on in the background that (a) they wouldn’t know what to permit and what to decline, and (b) they’d never, ever be able to get much of anything done…;)

    I think it’s very irresponsible of so-called “security firms” to make these kinds of implications in the complete absence of hard proof that *anything* is being done with the data aside from routine housekeeping on the server end. It may come as a shock to some people–but client and server machines are *supposed* to communicate…;) If they didn’t–then they couldn’t connect. To say that, when connecting, machines “may do this or that” is about as unprofessional as it gets. Guessing games aren’t needed–information is what is needed.

      • d2brothe
      • 12 years ago

      Do you actually think microsoft is actually collecting this data for a reason other than to attempt to locate software pirate…I really don’t think so…all they have given us is marketing BS…err…PR

        • Mithent
        • 12 years ago

        In fairness, I don’t feel very sorry for people if it does mean that Microsoft catches them doing it… it irritates me that some people seem to think they have a right to run pirated software while I pay for mine. It’s especially audacious to expect Microsoft to fix patches in software that hasn’t been paid for (which is why Automatic Updates is turned on on these systems).

          • d2brothe
          • 12 years ago

          Well, that may be so, piracy is a whole different arguement though, I think this is more to do with invasion of privacy, but I won’t voice an opinion, its far too long an argument to get into while at work :P…my point was simply it doesn’t matter what MS says, we all know WHY they are doing it…

    • flip-mode
    • 12 years ago

    This news post has been at the top of the page all morning. There’s gotta be something more interesting to talk about.

      • BiffStroganoffsky
      • 12 years ago

      Maybe Damage could have another kid and post his/her pictures on the front page again.

    • lethal
    • 12 years ago

    Before anyone get /[

      • Shintai
      • 12 years ago

      Now you just try to be realistic about it. Please no, we must bash MS for their potentially ultra small encrypted amount of data. And not how all others absicly let everything flow out and unencrypted aswell.

      So please, only anti MS and trolling/flames allowed!

      /sarcasm off

    • Fighterpilot
    • 12 years ago

    The constant trickle of “Hey guys check out another problem with Microsoft” on TR’s front page no doubt keeps the MS haters coming back for more tho….

      • Sargent Duck
      • 12 years ago

      you do realize, that this sort of news will be posted on every major tech site, such as Anandtech, [H]ardOCP, Ars, Toms…….

        • Fighterpilot
        • 12 years ago

        Yup,sadly you are correct……after all the mantra is “There’s no news like BAD news”

          • Logan[TeamX]
          • 12 years ago

          Just like sex, death and violence sells more than peace and tranquility ever will.

    • grug
    • 12 years ago

    Time to block genuine.microsoft.com in the hosts file.

    • Shintai
    • 12 years ago

    Sometimes people amaze me. MS could, may, potentially send some info. Yet we complain over this possibility. While we gladly continue our installations of games and programs that send ALL our personal information behind our backs. Talk about wrong priorities.

    • FranzVonPapen
    • 12 years ago

    I would hope to spit that the Windows Update website is storing the data locally, on your PC, as to what updates you have installed/have declined to install. Hello, Registry.

    Hey, I liked that bit at the end about needing the info in order to take over the world. Very original and witty. Are you some sort of Microsoft apologist or something?

      • flybywire
      • 12 years ago

      y[

    • DrDillyBar
    • 12 years ago

    duh.

    • mikehodges2
    • 12 years ago

    Isn’t part of that info to tell microsoft to “not attempt to install this item again”?
    Maybe they need a little info about the operating system to make sure you don’t get sent that update again.

    Or maybe microsoft are using little bits of information about your OS to try to take over the world!!

      • DrCR
      • 12 years ago

      Denied it ~3x or so. Actually, I’m tempted to switch my XP box to what I was doing on a WinME (lol) box not too long ago — Install it with NO updates and lock it down hard with Jetico.

        • Usacomp2k3
        • 12 years ago

        Why would you want to deny it?

          • pureevilmatt
          • 12 years ago

          The software provides absolutely no benefit at all to people who are actually legit, and introduces a number of potential problems. Maybe he knows that his software is legit, and doesn’t need or want a couple of extra buggy process running in the background.

            • Shintai
            • 12 years ago

            Actually it provides benefits and it does no harm. So anyone denying it is very highly likely someone with an illegal version.

            I dont want a licenseplate on my car either, and it serves no purpose for me. Yet I have to.

            • DreadCthulhu
            • 12 years ago

            I have seen WGA claim that several perfectly legitimate copies of Windows were pirated, which is annoying to explain to someone you sold a $1500 computer to. (Up until a few months I ago, I to built & sold computers on the side, and would always include an OEM copy of Windows, purchased from Newegg along with the rest of the hardware.)

Pin It on Pinterest

Share This