javascript:void(window.g_sDisableWGACheck='all')
Piece of cake.
Posted on 07/31/2005 11:59:22 PM PDT by nickcarraway
Single line of JavaScript allows systems to simply ignore authentication check
Hackers have found a way to circumvent a check in Windows that aimed to prevent users of pirated copies from accessing software updates.
By pasting a special JavaScript command in the address bar of the browser, users can disable the Windows Genuine Advantage 1.0 check that Microsoft took live last week.
The Microsoft technology uses an ActiveX tool to force the user to go through an authentication check before he is allowed to access certain download sections on the Microsoft.com website. The JavaScript command simply instructs the computer to disable the WGA check and take the user straight to the downloads.
Users of pirated Windows copies still get access to security updates without passing the WGA check.
In addition to blocking users of pirated copies, the WGA check also unlocks access to a set of free software applications that Microsoft values at $450. Another part of the programme gives qualifying users of pirated copies the chance to buy a legal licence and swap in their software CD for a genuine one.
A spokesman for Microsoft acknowledged the hack to vnunet.com.
"Because of the high value that we provide to Windows Genuine Advantage users, we're not surprised that hackers try to circumvent the safeguards," he said.
Microsoft is investigating the hack and will take action to disable it.
The spokesman further pointed out that this isn't a security vulnerability and that users aren't put at risk.
Last May an Indian security consultant published another workaround that allows users to circumvent the WGA check by entering the validation key that the software provides on multiple machines.
so where's the script?
And Microsoft wants us to think they regard security as job 1 They can't stop their own "burglars."
And there are still apologists running around who claim that Microsoft malware is more secure. Bah... Nothing but whores for Redmond.
javascript:void(window.g_sDisableWGACheck='all')
Piece of cake.
Thanks.
That's why Microsoft wants a protected path on your "trusted" machine -- it is not so that *you* the owner somehow gains trust in your computer, it's so Microsoft [and the "content providers"] will trust "your" computer to do what they want.
It would be, if it were the only product around. but 99.44% of the users in most offices in the world simply need a document processor, spreadsheet, email, and web.
There are a few applications, typically in medical offices that just don't exist in any other world but Windows, and Joe Small Businessman wants Quicken.
(And many of these work under CrossOver Office)
But other than that there is really nothing holding most businesses on Windows platforms other than Fear of the unknown, Uncertainty of how to migrate, and Doubt that anything else works. FUD.
Sometimes it really sucks to have to eat your own dogfood.
The word processing/spreadsheet needs are filled quite admirably by OpenOffice. Scribus, an open-source attempt at PageMaker's functionality is quite impressive as well. It has a way to go, in my opinion, but it's getting there.
Crossover Office works fairly well but I only resort to that if native apps are too primitive. Admitedly, this happens less and less as time goes on.
We moved our flagship application to Linux.
We've found that the big FUD point isn't Office. After we have them play with OpenOffice, that particular fear evaporates. The big sticking point are the apps they download and install. (These are small businesses where people can get away with that sort of thing) Little photo albums and such. They no longer have the ability to amble over to OfficeMax or Staples to buy software. This is anther concern.
You know, it's not like i'm using any copeis
od MS's OS on more than one machine, but a do a lot of upgrading and cannablizing to make "piees parts" PCs,,
and i've allready hace had my fill over the last 4
years of having to call MSs Activation Center to
amnually type in new authenticaton code strings....
I *do* find myself sorely tempted to use the Javascript
the next time i have a bad mobo or a HDD goes bad on me...
bttt
If MS ever is successful in completely shutting down pirated software, a billion or so people will immediately start shifting to open source OS and applications. That would be a catastrophe for MS as they would not make one more nickel than they do now, but would provide a tremendous impetus to improve the open source products. Sometimes I wonder if, knowing this, they deliberately make these protection schemes more an irritant than anything else.
Microsoft is so last century.
The Microsoft technology uses an ActiveX tool to force the user to go through an authentication check before he is allowed to access certain download sections on the Microsoft.com website.
I never thought I’d bitch about Microsoft – but here I am doing it.
CAD (as in AutoCAD compatible). I've yet to find a decent Linux CAD package.
Ah, shucks. I LIKE being treated like a criminal every time I add a hard drive or some RAM.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.