Langa Letter: 1,000 Posts Later: WPA Update - InformationWeek
12:52 PM
Fred Langa
Fred Langa
Faster, More Effective Response With Threat Intelligence & Orchestration Playboo
Aug 31, 2017
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the ...Read More>>

Langa Letter: 1,000 Posts Later: WPA Update

Fred Langa's last column about Windows Product Activation generated more than 1,000 messages in his Listening Post forum. This week, Fred presents some of the most thought-provoking and informative topics, along with a technical update.

Conflicting User Experiences
If 2005 is too far out to discuss in meaningful terms, you might think that at least we could find common ground about WPA in its current form. But even that's elusive. For example, Mike Butler (and several other readers) found WPA to be reasonably forgiving of hardware changes:

I have used the Beta 2, rc1, and rc2. ... I did change my motherboard, CPU, and RAM, and the system still ran fine. I did not have to reactivate it. I did then reinstall to a different hard drive and then I had to re-activate.

But Jerry Groskind (and others) had a very different encounter:

My recent experience (Aug. 22, 2002) with Windows Product Activation suggests that the data on Microsoft's site about when this is required is less than accurate. I am currently running Windows XP RC2 as well as Office XP and FrontPage 2002. I replaced a hard disk and added memory--according to Microsoft, this should not trigger the need to call Microsoft to get permission to run my programs. Not only did I have to call to reactivate Windows XP, but I separately had to call to reactivate Office XP and FrontPage 2002.

The Microsoft folks were nice, no one grilled me about what I was really doing, but I had to call three times and on two of those occasions had trouble getting through. I think XP is great--the most stable operating system I have used--but I frequently update computer components on several computers and I don't want to put Microsoft's activation personnel on my frequent caller's program. It's a major pain, and my experience is inconsistent with what Microsoft suggests.

Indeed, many other readers said that a simple change of hard drive triggered WPA's reactivation engine for them. Changing hard drives is one of the most common, most often-performed system changes, so there's a potential for large numbers of people to be forced into needless reactivation cycles.

Open To Interpretation
Because of conflicting experiences, because the XP operating system isn't fully finished yet, and because the final product-life-cycle answers may be years in coming, many variables in the WPA mix are, at present, intractable.

As a result, WPA is a kind of Rorschach test. If you trust Microsoft, you may interpret WPA's many ambiguities in a positive way, assuming that the as-yet-unresolved details will be worked out in a way favorable to users. Others, of course, see WPA the opposite way and fill in the blanks by assuming that Microsoft will only act in its own interests.

For example, here's how far apart the two sides can be. At one end of the spectrum, some pro-XP readers argued that I misrepresented WPA in the original article because it's not really "registration." They point out that the mandatory "product activation" is step one of a two-step process. Step two is what Microsoft actually calls "registration," and you may skip this step if you wish.

But to me, if you must contact the vendor and must provide some information (even if it's a hash code based on your system configuration) to get permission to use the software, that's "registration"--even if Microsoft calls it something else.

A reader named Joe agreed, but went much further in suggesting a possible reason Microsoft might want to create an arbitrary semantic difference between "activation" and "registration:"

Re: the current discussion on windows WPA--I know in some places it is illegal to require 'registration' for support/services/etc. This is an older law that was created so that when you buy a TV, [for example,] the maker can't deny you your guaranteed rights because you didn't fill out the registration material. I don't know if relates at all to the computer world, but it could. ...
At the very least, it would be Machiavellian to try to circumvent legal issues of "registration" by calling it something else, such as "activation." Whether this seems plausible or ridiculous to you depends on how you regard Microsoft as a corporate entity.

2 of 3
Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll