javascript:void(window.g_sDisableWGACheck='all')
Piece of cake.
Posted on 07/31/2005 11:59:22 PM PDT by nickcarraway
Single line of JavaScript allows systems to simply ignore authentication check
Hackers have found a way to circumvent a check in Windows that aimed to prevent users of pirated copies from accessing software updates.
By pasting a special JavaScript command in the address bar of the browser, users can disable the Windows Genuine Advantage 1.0 check that Microsoft took live last week.
The Microsoft technology uses an ActiveX tool to force the user to go through an authentication check before he is allowed to access certain download sections on the Microsoft.com website. The JavaScript command simply instructs the computer to disable the WGA check and take the user straight to the downloads.
Users of pirated Windows copies still get access to security updates without passing the WGA check.
In addition to blocking users of pirated copies, the WGA check also unlocks access to a set of free software applications that Microsoft values at $450. Another part of the programme gives qualifying users of pirated copies the chance to buy a legal licence and swap in their software CD for a genuine one.
A spokesman for Microsoft acknowledged the hack to vnunet.com.
"Because of the high value that we provide to Windows Genuine Advantage users, we're not surprised that hackers try to circumvent the safeguards," he said.
Microsoft is investigating the hack and will take action to disable it.
The spokesman further pointed out that this isn't a security vulnerability and that users aren't put at risk.
Last May an Indian security consultant published another workaround that allows users to circumvent the WGA check by entering the validation key that the software provides on multiple machines.
so where's the script?
And Microsoft wants us to think they regard security as job 1 They can't stop their own "burglars."
And there are still apologists running around who claim that Microsoft malware is more secure. Bah... Nothing but whores for Redmond.
javascript:void(window.g_sDisableWGACheck='all')
Piece of cake.
Thanks.
That's why Microsoft wants a protected path on your "trusted" machine -- it is not so that *you* the owner somehow gains trust in your computer, it's so Microsoft [and the "content providers"] will trust "your" computer to do what they want.
It would be, if it were the only product around. but 99.44% of the users in most offices in the world simply need a document processor, spreadsheet, email, and web.
There are a few applications, typically in medical offices that just don't exist in any other world but Windows, and Joe Small Businessman wants Quicken.
(And many of these work under CrossOver Office)
But other than that there is really nothing holding most businesses on Windows platforms other than Fear of the unknown, Uncertainty of how to migrate, and Doubt that anything else works. FUD.
Sometimes it really sucks to have to eat your own dogfood.
The word processing/spreadsheet needs are filled quite admirably by OpenOffice. Scribus, an open-source attempt at PageMaker's functionality is quite impressive as well. It has a way to go, in my opinion, but it's getting there.
Crossover Office works fairly well but I only resort to that if native apps are too primitive. Admitedly, this happens less and less as time goes on.
We moved our flagship application to Linux.
We've found that the big FUD point isn't Office. After we have them play with OpenOffice, that particular fear evaporates. The big sticking point are the apps they download and install. (These are small businesses where people can get away with that sort of thing) Little photo albums and such. They no longer have the ability to amble over to OfficeMax or Staples to buy software. This is anther concern.
You know, it's not like i'm using any copeis
od MS's OS on more than one machine, but a do a lot of upgrading and cannablizing to make "piees parts" PCs,,
and i've allready hace had my fill over the last 4
years of having to call MSs Activation Center to
amnually type in new authenticaton code strings....
I *do* find myself sorely tempted to use the Javascript
the next time i have a bad mobo or a HDD goes bad on me...
bttt
If MS ever is successful in completely shutting down pirated software, a billion or so people will immediately start shifting to open source OS and applications. That would be a catastrophe for MS as they would not make one more nickel than they do now, but would provide a tremendous impetus to improve the open source products. Sometimes I wonder if, knowing this, they deliberately make these protection schemes more an irritant than anything else.
Microsoft is so last century.
The Microsoft technology uses an ActiveX tool to force the user to go through an authentication check before he is allowed to access certain download sections on the Microsoft.com website.
I never thought I’d bitch about Microsoft – but here I am doing it.
CAD (as in AutoCAD compatible). I've yet to find a decent Linux CAD package.
Ah, shucks. I LIKE being treated like a criminal every time I add a hard drive or some RAM.
I get the feeling this script is just about downloading software. What about the activation itself?
There are any number of high-end CAD products for "UNIX" workstations, but not for "LINUX". Why that is so, I have no idea.
Can you say what company?
I've found some really cool stuff from some whacked sites before so that doesn't necessarily mean much. The lack of demoware would tend to argue against them as demoware in some form is pretty much standard these days.
So this one they'll fix promptly...
Which free apps are these?
AV sez, "This week, Microsoft started requiring users to verifiy their serial number before using Windows Update. This effort to force users to either buy XP or tell them where you got the illegal copy is called 'Genuine Advantage.' It was cracked within 24 hours." Before pressing 'Custom' or 'Express' buttons paste this text to the address bar and press enter: javascript:void(window.g_sDisableWGACheck='all')
It turns off the trigger for the key check.
True, but a friend of mine runs his AutoCad under VmWare on Linux.
Well, while you still have the all the Restoration CDs Nuke it all and install SuSE 9.3. (In fact you can install SuSE WITH windows still on the box and it will shirnk the windows partition for you).
SuSE comes with at least 3 office suites, and the will read and write Office Documents just fine.
No, I wanted to know about the $450 of free software.
No problem putting Linux with Windows?
I also run Windows inside a windows in Linux. No issues there either.
Which may be the route I ultimately take.
I might give it a try. Thanks.
Nope. Non-disclosure agreement.
Not with the right Linux distro... The How-To is here
Usual disclaimers apply.
I would say thats a GOOD THING(tm).
The crap-creap that happens when you allow just anyone to decide what to put on a company machine is one of the major problems.
I actually had someone try to install Norton Antivirus on their Linux box. (They got nowhere of course, but they did get an education). Its so nice to get back all the performance you lost to the anti-virus crapware.
Good! It even has the free evaluation version to check out. I’ll give it a try for free. I hate spending bucks on things that fail to work for me.
ping
LOL
I think MS is full of crud. Hubby bought XP and we were going to install on our other pc's. Can't do it unless you buy additional licenses at $100 each. If you have a large home network a smaller fee would be more reasonable imo. I wish there were a better alternative.
I have a Inspiron 8600 and have no problems for the eight months I have had it.
I use XP and office 97.
Must just be something missing from mine.
(running and ducking...) ;-)
There are, depending on your needs.
Granted I haven't fully researched the options but will the other OS work with the popular pc games? Seems I read somewhere that games are an issue.
Another solutiuon is VMware, an x86 emulator that you can install Windows on and run inside of Linux. A third solution is Transgaming Technology, a windows emulator that allows you to run some games within Linux itself.
That's because the high-end UNIX CAD systems cost dozens of thousands of dollars (actually dwarfing the cost of the machine to run them on in many cases).
It is well known in the workstation world that many people in the Linux community work very hard against actually paying for software (due to a misunderstanding of the true meaning of "free" software as pushed by Stallman, et. al.)
At this point in time, it would be suicide to publish a linux version of your $30,000 application, with the high probability that a free hack of it will be out on a Torrent within the week.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.