Newsgroup Chatter: Windows Anti-Counterfeit Tool Requires Loosening PC Security
One university administrator found that complying with Windows' new anti-counterfeit measures meant he had to open up the security reins on PCs in public places like campus computer labs.
Some system administrators are finding that Microsoft's new anti-piracy software is incorrectly labeling PCs used in public places, such as university computer labs, as counterfeits, and that the solution sidestep a basic security practice for out-in-the-open machines, according to a newsgroup discussion of the issue.
After Microsoft unveiled its Windows Genuine Advantage Notifications tool last week, a university system administrator -- who preferred to remain anonymous but took the name "GodOfLions" on the Microsoft "WGA Validation Problems" newsgroup -- said that lab PCs came back as running fake copies.
"I work at a University where we have a bunch of Windows XP SP2 machines setup in lab areas," said GodOfLions in a message on the newsgroup. "In these areas students are allowed to log on to the systems, but their accounts are restricted to what they can do. The problem with the WGA installation is that it works perfectly fine as long as you are using an account with administrative rights on the system. As soon as one of the students, or other non-administrative level account, logs on to the system it screams that it is not a valid copy of windows and it is counterfeit."
A Microsoft staffer monitoring the newsgroup intervened, eventually diagnosed the problem, and offered a fix: give everyone, including the student systems running under rights-restrictive accounts, write access to a file called "data.dat."
"Validation tool writes data to data.dat file during validation process," wrote a Microsoft staffer identified as "Satish." So 'User account' needs to have Write access to file."
The system administrator eventually gave in to Microsoft's solution, but blasted it as violating the security concept behind limited-rights accounts.
"It does not make sense to have to reduce security in order to validate the system," wrote GodOfLions. "Yes it is only allowing write to one file, but still that is another small area you can have users or viruses now write to on a system that it didn't have before."
He also pointed out that the Microsoft tech support document outlining the rights needed by data.dat were still incorrect, and needed to be updated. As of Wednesday, the document had not been modified.
"Our lead architect has been informed and we are noting the changes necessary," was the response from Philip Liu, another Microsoft staffer.
"I apologize sincerely upon the WGA team for causing this inconvenience for you," wrote Liu.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.