Only a couple of weeks have passed since Microsoft announced that its 'Windows Genuine Advantage' program had been put in place and was in effect. Already, Microsoft has bowed to the pressure of 'hackers' and admitted it is shirt of adequacy.

According to a statement made to the Fairfax Corporation, it's 'back to the drawing board' for WGA!


Several 'hacks' available on the internet make bypassing the legitimacy checks a quite simple procedure, apparently!

No surprise here. Creating an uncrackable anti-piracy mechanism that does cripple the software it is protecting is essentially impossible. I don't really understand why microsoft even cares. Their main strength is market share, and piracy only helps them in that department.

Even if microsoft could detect with certainty which copies of windows are pirated, it would be irresponsible of them to block those copies from recieving updates. It is detremental to the internet as a whole when people can easily build up botnets ranging in the tens to hundrends of thousands of compromised computers. These bots are used for distributed denial of service attacks, and as proxies for spamming. Even simple worms can spread so fast as to slow down the internet as a whole. For these reasons microsoft should distribute updates to even pirated copies of windows.

"Even if microsoft could detect with certainty which copies of windows are pirated, it would be irresponsible of them to block those copies from recieving updates. It is detremental to the internet as a whole when people can easily build up botnets ranging in the tens to hundrends of thousands of compromised computers"

No it's not irresponsible. Microsoft have stated repeatedly that computers running pirated copies WILL have access to security updates but ONLY to security updates.

It is indeed impossible to create a watertight defense for shrinkwrapped software. Any defense is of necessity a compromise between cost of implementation and potential benefit in increased income (from people now buying instead of pirating).

The only way to prevent piracy altogether is to have the user pay per use and run the entire application (except the display of the resulting information) remotely on your own servers.
That way anyone stupid enough to hand out his account info/serial number will pay for whomever else uses that information to run the application and there is no way for the protection to be removed as the actual software itself which is distributed is only a small stub for the real application which resides remotely.

There are some practical problems with a system like this though (as well as some social ones, but those can likely be overcome).
Main bumps are the fact that permanent highspeed internet access (which would be required) isn't yet universal (so your potential userbase decreases) and the payment receiving process (not everyone has access to a creditcard or similar service to pay you online).
The first will remain a problem for the foreseeable future, the second can be overcome by larger corporations by setting up regional offices handling payments through for example automatic bank transfers.

The social problem is mainly that people will have to become used to seeing software as a service instead of a product.
They're used to paying for services per use (or as a subscription allowing X uses for example), for software they expect to pay a lump sum once (for companies this is somewhat different as enterprise software more usually comes as a subscription service or at least includes a mandatory support contract).

How this could work for an operating system remains to be seen. Likely it would need to pull the entire codebase in some form over the wire at execution time and discard it when no longer needed.
This might be an avenue of approach for crackers as they could conceivably divert that stream of application code and find ways to send it from elsewhere.

why should M$ care about sending security updates, or any other kind of updates, to pirated copies of the os? People dumb enough to install a pirated os diserve all the worms and viruses they can get! I have absolutely no sympathy for those people.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.