Windows XP: Genuine Disadvantage

Windows Genuine Advantage (WGA), Microsoft’s latest anti-piracy measure, is causing headaches for Windows XP users who’ve been good about loading the latest security patches for Windows and Internet Explorer (IE). Why? Two reasons:

Genuine Disadvantage

(1) Initial attempts to download and use WGA may give you an erroneous error message stating that valid product keys for your genuine version of Windows XP are invalid. It’s not surprising that an earlier version of WGA was hacked within 24 hours. Computer technicians everywhere were faced with another change to Windows software requiring they either troubleshoot the problem or find a way to bypass it. Thus, another hack was born. Why does WGA initially report that valid product keys are invalid? Basically, because it’s encountering a problem, it doesn’t know how to interpret it differently. The problem is:

WGA can’t run without ActiveX. ActiveX is a purely Microsoft technology that integrates interactive content on web pages, like Java applets. Unfortunately, ActiveX has been exploited by hackers who discovered technology vulnerabilities and used them to run their own malicious software on your computer. As a result, one of the Windows updates you ran in the not-so-distant past turned off ActiveX to block this vulnerability. There’s the catch: You can’t run Windows Update until you validate your license with WGA, which won’t run until you re-enable ActiveX and lower your browser’s security so you can load new security patches! (2) You need to re-enable ActiveX for WGA to run. Good thinking!

Microsoft’s support page (in typical “Microspeak”) does warn you that you are potentially exposing your system and that you will want to re-enable your browser’s security after you help Microsoft make sure you aren’t stealing Windows:

Important These steps may increase your security risk. These steps may also make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We recommend the process this article describes to enable programs to operate as they are designed to or implement specific program capabilities. Before you make these changes, we recommend that you evaluate the risks associated with implementing this process in your particular environment. If you choose to implement this process, take any appropriate additional steps to help protect your system. We recommend that you use this process only if you really require this process.



CYA We designed WGA to run off of ActiveX technology, software components we know will make your computer vulnerable to attacks because we wrote ActiveX (that’s right, we created it) and left a lot of holes in it that could be exploited. Basically, you’ll need to re-enable ActiveX and make your system vulnerable so that WGA will work the way we designed it to work. Then and only then can you get the latest Windows updates to make your system run, um, “safer.” But first, we recommend that you decide for yourself that you really need to run WGA so that you can’t come back and sue us if a virus attacks your computer while you’re running WGA to validate your license, which we also made you validate when you bought your computer, which of course came with Windows because we own 99% of the market (tee hee). But anyway, we like to see you jump through hoops and make you repeatedly prove you own it because Microsoft is “antitrust.” Oh, and when you’re done, don’t forget to make your system, um, “safe” again by turning on whatever you use to block ActiveX or load our cool WGA ActiveX control, which is basically just a toggle that turns ActiveX on and off whenever we feel like exposing your system to more security risks so you can load more security patches that will work until someone figures out they don’t.
The earlier version of WGA was compromised, and I expect the current version will be too if it hasn’t already. As usual, tech-savvy people get around measures designed to protect copyright, and less tech-savvy people are left pulling out their hair trying to figure out ways to undo what Windows does for programs to “operate as they are designed to.” Microsoft continues to prove it needs better designers. They can’t seem to get away from ActiveX, although other programs do just fine without it. (Mozilla Firefox doesn’t use ActiveX to enable web page interactivity. That doesn’t mean it’s 100% safe, but I’ve never had to lower security to patch Firefox.)

Microsoft needs to get rid of WGA. It’s completely ridiculous to have to lower security to run patches designed to heighten security. In this case, Microsoft wants you to do that entirely for their benefit, not yours. Microsoft argues software piracy is costly for everyone, and so anti-piracy measures help you. That may or may not be true, but it’s not the point. WGA is simply a bad anti-piracy measure. It’s a backdoor approach that won’t stop or even slow down piracy. Both genuine and counterfeit versions of Windows will still run without the updates, which means:

Users who know they have a counterfeit version won’t validate, won’t run the updates, and will still enjoy the use of Windows; Users with a counterfeit version they unknowingly purchased through a disreputable OEM vendor, online auction, or software pirate will think Windows is broken, will forego further updates, forever curse Microsoft, and possibly purchase a Mac. At any rate, very few will ever realize they have a counterfeit version and are unlikely to add to Microsoft’s bloated profit margin. Licensed users with genuine product and valid product keys will continue to prove ownership if they want to run needed updates. They will have to expend more time and money troubleshooting what Microsoft does to protect its own interests, which will forever curse Microsoft and eventually purchase a Mac.

Anti-piracy measures have to be applied at the source, not at the user end. Microsoft may achieve better results through the more controlled production of its software products at the assembly line. However, the company has been greedy. You take shortcuts when you rush to market with a product you want to make as widely available as possible. Now Microsoft is backpedaling in an attempt to recoup its perceived losses. It’s being shortsighted and selfish and may well lose money in the process by implementing WGA and other user-end anti-piracy measures and increasingly antagonizes its paying customers. Imagine driving down the street in your car and being pulled over every other block so you can show your car title. “Yes, I own it. Yes, I own it. Yes, I own it.” Microsoft rolls out updates on the second Tuesday of each month as needed. So, pretty much every second Tuesday of every month, you have to lower your Internet security just so you can say, “yes, I own it.”


Alcohol scholar. Bacon fan. Internetaholic. Beer geek. Thinker. Coffee advocate. Reader. Have a strong interest in consulting about teddy bears in Nigeria. Spent 2001-2004 promoting glue in Pensacola, FL. My current pet project is testing the market for salsa in Las Vegas, NV. In 2008 I was getting to know birdhouses worldwide. Spent 2002-2008 buying and selling easy-bake-ovens in Bethesda, MD. Spent 2002-2009 marketing country music in the financial sector.