Posted on May 14th, 2009 by Darien Graham-Smith

Windows 7’s Disingenuous “Advantage”

Last week, Microsoft announced some details of anti-piracy measures in Windows 7. It sounds like they’re going to be slightly less intrusive than those in Vista, and probably roughly as effective.

I don’t exactly resent all this product validation stuff. I’d prefer it if Microsoft didn’t feel the need to do it; but I accept that the company has a legitimate interest in dissuading casual copying, and to me a one-time online authorisation doesn’t seem an unreasonable way of going about that.

But I do resent all the weasel words and spin that surround the process.

A dubious history

I mean, let’s go back to the start. When online authorisation was introduced with Windows XP, Microsoft described it as “product activation” – a name that made it sound like a trivial necessity. Of course, that was (to put it kindly) a euphemism: how is a fresh installation of XP “inactive”?

Then in 2005 the company started talking about “genuine” Windows, and contrasting it with “counterfeit” software. Er, what? Is there a sweatshop in China somewhere where programmers are churning out knock-off DLLs and shonky service packs?

Of course not. The passing off of fake goods is a real problem in the Far East, but so far as I’m aware it’s not a major concern in the English-speaking territories at which this rhetoric is aimed. The focus on counterfeiting looks rather more like an attempt to discredit unlicensed software with a term that suggests it’s of inferior quality.

In reality, of course, the difference between “genuine” and “counterfeit” software is often nothing more than a 25-character code.

An advantage you can’t refuse

To promote its new notion of “genuine” software, the company also started touting the “Windows Genuine Advantage” – another heavily nuanced term. The “advantage” here was that if you allowed Microsoft to verify your Windows licence you wouldn’t be punished.

But if your installation wasn’t validated as “genuine”, your access to OS updates was restricted. And if Microsoft considered that your product key had been used too many times, it installed software on your machine that would nag you to buy a new licence.

And the best bit is that, after hobbling your Windows installation in this way, WGA then sympathetically explained that perhaps you had been “a victim of software counterfeiting”.

Of course, if you’re using Windows without a licence you have no right to expect a full Windows Update service. And arguably you’ve no right to complain when the developer modifies the code in unhelpful ways. Like I say, it’s not Microsoft’s anti-piracy measures I object to: it’s the slimy way they try to dress them up as somehow for our benefit that sticks in the throat.

Don’t believe what you read in the papers

WGA and “product activation” were developed further in Vista, and at the same time Microsoft stepped up its spin campaign, putting out three reports bewailing the dangers of unlicensed software.

The most credible was the first, a 2006 IDC report entitled The Risks of Obtaining and Using Pirated Software (PDF). This study found that “obtaining and using pirated software can pose a serious security risk.” That’s true, so far as it goes – though the danger identified by the researchers came from malware hosted on warez sites, not from the pirated software itself.

The other two reports were less persuasive. Last October’s Harrison Group report, Impact of Unlicensed Software on Mid-Market Companies (PDF), claimed to show that unlicensed software caused “poor business performance”; but as I noted at the time, its methodology was fundamentally flawed.

And then, in March, came Microsoft’s own anti-piracy paper, The Surprising Risks of Counterfeit in Business (PDF). Despite the title, there was nothing surprising in this paper: it effectively just parrotted the (questionable) findings of its predecessors.

But that’s all right: simply by keeping up a steady flow of such papers, the company is establishing a body of published research that seems to support the idea that unlicensed software is inherently dangerous and unreliable.

Moving with the times

In the meantime, the team that actually develops Windows has undergone a significant philosophical shift. The hubris of the Vista launch has given way to a fitting humility. Managers are acknowledging past mistakes, and making honest efforts to fix them. Windows 7’s improvements in responsiveness, usability and customisation suggest a new respect for the user.

And this change in tone is visible even in its anti-piracy technologies: “reduced functionality mode” isn’t coming back, and there’s no longer a forced delay in logging on to a system that’s out of its activation “grace period”.

In the glow of this optimistic new dawn, last week’s announcement was only the more aggravating.

For while Joe Williams, general manager for “Genuine Windows”, confirmed the new, less intrusive anti-piracy measures in Windows 7, he also made clear that the party line on piracy hasn’t evolved at all. Here again was “genuine high-quality Microsoft product”; here again was “malicious code” supposedly lurking within “counterfeit software.” Here, again, the constant empty reassurance that all this hoopla is really for our benefit.

Within the software too, the high priests of WGA cling to their dogma. In Windows 7, if you don’t “activate” your OS within Microsoft’s stipulated timeframe, it brings up this warning:

Really, you have to wonder how many people are won over by all this slanted rhetoric and how many (like me) are insulted by it. Hell, I’d be far happier giving my money to Microsoft if it didn’t feel so much like caving in to manipulation.

It’s high time the “Genuine Windows” boys took a lesson from the Windows developers… and start playing straight with us.

If you enjoy getting angry at disingenuous rhetoric, may I also recommend Microsoft’s WGA Blog, penned by Microsoft product manager Alex Kochis? The reader comments can be particularly entertaining.

Tags: activation, deceit, misinformation, piracy, rhetoric, spin, validation, wga, Windows 7

Posted in: Rant, Software, Windows 7

Permalink | Trackback

Follow any responses to this entry through the RSS 2.0 feed.

Social Bookmark this article: What is this?

17 Responses to “ Windows 7’s Disingenuous “Advantage” ”

big_D Says:
May 14th, 2009 at 8:19 am
Ironic that you post this, at the same time that a Windows 7 RC, distributed over bittorrent as opposed from the free download from Microsoft, has “additional” code in it to add the machine to a botnet!

Although pirating / torrenting a free product seems rather daft, but it does point at being certain about where you source your software…
Darien Graham-Smith Says:
May 14th, 2009 at 8:35 am
You’re right; I didn’t mean to suggest that Microsoft had actually fabricated that risk.

It’s more a question of emphasis. Based on my own experience (in numerous universities and businesses), I suspect that, in the real world, BitTorrent accounts for a tiny proportion of unlicensed installations. The vast majority of “piracy” I’ve seen has involved someone simply using an original disc more times than they should!
Ben Says:
May 14th, 2009 at 8:52 am
Why do Microsoft let you carry on using the ‘unactivated’ product? I don’t know much about software piracy, other than it seems people can pirate pretty much any software they like these days. But if I were Microsoft, instead of a patronising message, I would just lock the system or something so it was unusable. Ok so some people may not have internet access or something so couldn’t do an online registration, so maybe you could just lock internet connectivity until they were ‘activated’ so to use the internet you had to register your product online, and failure to do so would result in not being able to use internet or network capabilities. I may be being naive here about what hackers can disable in pirate software, but as you say a simple error message isn’t much of a deterrent and you relying on people honesty and morals to pay for it. And if MP’s are a fair representation of the morality of people these days, we know how likely people are to reach into their own wallet!
MJ Says:
May 14th, 2009 at 8:55 am
There have been a number of computer dealers recently who have admitted that they were installing multiple copies of Windows with the same licence, and publicly shamed. Presumably Microsoft wouldn’t get to know about these dealers without activation. And without such information, there would surely be many more making multiple copies and pocketing the money for themselves.

Sure, the wording stinks, but Microsoft are actually benefiting from it, and probably therefore the end customer in some minor way.
Joe Pace Says:
May 14th, 2009 at 9:48 am
I do believe that there is a security risk in this situation (and most of it due to Microsoft’s software requiring so many patches).

If one does not get updates because of the lack of a “genuine” OS, how will one be covered when some security loop-hole is patched by Microsoft? Of course, the question goes abegging: why should “genuine” software have so many loop-holes in the first place? What sort of product are we paying money for?
big_D Says:
May 14th, 2009 at 10:43 am
How many 100% bug free programs have you written Joe?

And how much pressure were you under to get it out by a specific date, as opposed to when it was 100% bug free?

Every program has bugs. Well, nearly every program. I’ve written a couple of little utilities which were 100% bug free, but there again, they only had a dozen or so lines of code.

Program anything with more than a couple of hundred lines of code and it will have undiscovered bugs, multiply that up by the millions of lines of code in Windows, for example, and you will have thousands of errors waiting to be found.

A majority of the big probelms will come out during the various levels of testing, before the product goes live. But some obscure, and often dangerous, ones will remain, even after the product has gone live. Users and hackers do things with the program that no tester ever thought of doing.

Give some versions of some browsers a malformed header and it causes a buffer overflow… But how is it malformed? In what way? How big? A good testing team will certainly check for malformed headers, but they can’t come up with every possible combination of malformation.

Given the number of lines of code in Windows, if we waited until it was 100% error free, we’d still be waiting for Windows 3.11 to be released! The software developers have to take a judgement call of when a product is stable enough and enough of the major problems have been fixed, that the product will be useful and relatively secure in daily use. Then they have to rectify all the known problems, continue testing for other, unknown problems and accept user feedback on other problems which are ocurring in the wild.

With a dishwasher, for example, it has a limited function set and a limited set of conditions in which to work, so the number of possible errors is fairly small, and the severity of those errors is likely to be relatively minor.

A personal computer operating system or application, on the other hand, is a major undertaking. It has to work with unknow combinations of hardware – it is not possible for a company like Apple or Microsoft to test every possible combination of hardware and software that a user is likely to have – Apple have a far easier job, because they define exactly what hardware makes up a Mac, but they still don’t know what peripherals a user will have, or more importantly what [i]combination[/i] of peripherals the user will have. I think, when the Mac Pro was launched, Apple said that it had something like 4 million possible combinations of factory fitted hardware! Throw in the thousands of different models of printers, scanners, external hard drives etc. on the market and you can see that it isn’t realistic to test every possible combination of OS, driver and application.

They can ensure the most common combinations work, but if they tested everything, you’d never see a new release of an OS or application and it would cost several hundred thousand pounds, when it did finally appear!

That is why there are constant patches, and why it is important to keep the machine patched.
David Says:
May 14th, 2009 at 11:59 am
But this sort of irritating doublespeak is standard everywhere now. A bit like the train companies telling you that they’ve removed the buffets and now have a trolley which may or may not appear and that this has been done for the convenience of passengers – which it clearly hasn’t. Or the recent installation of ticket barriers at a number of stations allegedly being for the safety and security of passengers, when clearly it’s solely about revenue protection. Just a few of many examples.
muck Says:
May 14th, 2009 at 2:07 pm
Yeah I think you have issues Darien. It doesn’t bother me at all. I don’t even read it really. It means you need to validate that you have bought a legitimate copy. That’s it. We all know what it means. We know it’s for their own benefit and you can’t blame them for trying to fight piracy of their own software. Maybe reducing the prices would help but it shouldn’t bother you how they word it.
D Says:
May 14th, 2009 at 11:47 pm
I was using the same version of XP from a Mesh pc I bought years ago … and just reinstall it on each hardware upgrade… dont see the big deal I paid for it as part of my PC even as an OEM edition no matter what their EUA licence says …. My new computer has a vista ultimate licence that i paid for but it got wiped straight away and same version of XP banged on … I dont have any need for windows upgrades… my main computer has no internet access so no big deal…But microsfot would deem this as not genuine … if it comes up with this message then it will be cracked and removed … I dont download OS from torrent sites and more than likely get windows 7 when it is out … So anyone want a case with a vista licence … never and wont be used ha ha !!
Doc Says:
May 17th, 2009 at 9:09 am
:quote The software developers have to take a judgement call of when a product is stable enough and enough of the major problems have been fixed, that the product will be useful and relatively secure in daily use.
:quote

This is why I would LOVE to see the EU legislation go through, where software developers are actually liable for their code.

If a car manufacturer had done the same thing, it would be out of business. But software companies are getting of FAR to easy.
big_D Says:
May 18th, 2009 at 9:46 am
“This is why I would LOVE to see the EU legislation go through, where software developers are actually liable for their code.”

If that were the case, you’d be back to writing your own software to do anything!

“If a car manufacturer had done the same thing, it would be out of business. But software companies are getting of FAR to easy.”

A car is a relatively simple thing to develop and manufacture. Software is far more complex. And look at car manufacturers, there a regular recalls to take cars back to dealers for remedial work.

My Escort Mk 4 had a recall for the plastic wheel arch liners – there was a remote possibility that they could sever the brake lines!

My 5 series BMW was recalled because the engine bore linings were poorly coated!

My current Mondeo has had 2 updates to the engine management system and 2 updates to the onboard computer, which controls the music centre and the climate control, among other things. There is also a recurring problem with the antenne, I’ve had it replaced/repaired 5 times in 4 years!

GM had a huge recall on their off-road vehicles a few years ago, down to the OEM tyres they fitted. The GM (Vauxhall/Opel) Sintra was pulled from the market because it was too dangerous, the Chrysler Voyager failed most Euro safety tests, some of the cheape Chinese cars coming over onto the European market are failing German tests and are not being cleared for sale here. The previous generation of Dacias were deathtraps! The old Ford Pinto? That became a standing joke in Ameircan TV and films for over 3 decades! Shall I go on?

With software, it is even more complex and a lot of things only occur once the product is used in “real world” conditions. Users always find ways of doing things that you never thought about.

Yes, software companies should be held accountable for due dilligence and to repair faults quickly and efficiently, once they are discovered is fine. But to wait for Microsoft, Apple, Ubuntu, Adobe etc. to actually release 100% bug free software? It just isn’t realistic.

At a guess I would say we would see Windows 7 appear in 2040, OS X Snow Leopard in, maybe, 2035, the next Ubuntu in around 2050 and Adobe CS 5? Maybe 2070 or 2080… :-S And then you’d probably still find bugs in the code, once they were in users hands. And how much would they cost? :-O

Yes, some companies are worse than others. Some release software too early. But no reasonably complex software (i.e. operating system or productivity package, games etc.) can be 100% error free these days, there is just too much code in there!

Given the mixture of thorough testing, marketing and users complaining about how expensive software is, you are not going to get error free software in the current market. If you are willing to pay €50-100K for a Windows licence and wait until it is complete, THEN you might get relatively secure and bug free software.

But if you want it a) cheap b) backward compatible c) NOW you are going to have to settle for it being filled with bugs and security holes, which will get fixed as and when they are found…
KI4GSZ Says:
May 20th, 2009 at 2:45 pm
The thing not being said is Microsoft in their infinite wisdom thinks about the bottom line. When you use Linux or anything under Open Source, you are (generally) expecting some issues, because Microsofts’ strong arm tactics have caused alot of manufacturers to design their hardware to be MS compatible first for the Sheeple (Sheep + People) to follow what someone else thinks is best.

Paid products should be semi-stable upon release. Any wonder why the internet runs on Linux?

I don’t agree with MS anti-piracy tactics. I purchased a legit copy of XP & (being a Linux user) installed it on both of my machines… and then gave it away. I didn’t see anything saying I can’t give it away to my friend. I have since un-installed the buggy software because I can’t fix it myself like I do with Linux.

And just for the record, Ubuntu has regular updates and I get to chose what I want (or need).

big_D Says: “At a guess I would say we would see Windows 7 appear in 2040, OS X Snow Leopard in, maybe, 2035, the next Ubuntu in around 2050 and Adobe CS 5? Maybe 2070 or 2080… :-S And then you’d probably still find bugs in the code, once they were in users hands. And how much would they cost? :-O”

Reply – if you paid for it, I agree. But Ubuntu is FREE! They will send you a CD if you ask for it. FREE!! Please check the facts.

I know a major computer manufacturer preparing to roll out Ubuntu with their new machines and more are jumping ship away from Microsofts predatory practices… so continue to enjoy your buggy software. I can crash my machine if I decide to, not because I have too many windows open.
big_D Says:
May 20th, 2009 at 3:26 pm
“Any wonder why the internet runs on Linux?”

Having worked on openSUSE for a couple of years, Linux isn’t any better in terms of code reliability. It has its own share of quality and security issues. There might not be as many headline grabbing errors, but there are plenty out there – otherwise, why are there constant security patches for Linux and its supporting apps?

We are currently running LAMP servers for our websites. The number of memory leaks that PHP has is unbelievable – although post 5.2 it is much better. I tested an app on XAMPP on my Windows machine, it used a maximum of 13MB of memory. Moved it to the live server, which was using 5.1.6, the memory leaks meant that some things stopped working, FULL STOP and others blew the 512MB per process memory limit applied to the app! As we couldn’t update the production server, we had to re-write the code to work around the memory leak problems…

But, at the end of the day, Linux has the same problem that commercial software has. It can respond at times faster to critical security issues, but it also requires somebody to be interested in a specific package! There are a lot of good packages out there, which have severe errors, but nobody currently owning the project.

If software had to be 100% bug free, before release, Linux would have exactly the same issues as Windows or OS X. The thing with OSS software is, many people are willing to install it and put up with the bugs, because it is free.

Microsoft is an easy target, but no software company, and that includes bastions of OSS like IBM, Novell, RedHat and Canonical also suffer from the same sorts of problems, they just don’t get the headline grabbing stories.
Paul Says:
May 21st, 2009 at 4:21 am
So lets take the analogy to food. Would you be happy with food containing contaminants causing damage most of the time? No, there should be standards, if I pay 100% of your price, i expect 100% of your product. And with food or cars I have channels to ensure I get what I paid for, and what I expected to get. Not so with software and in particular, Microsoft software – to much glitz and bling requiring the millions of lines of extra code. Port the glitz coders to testing, that should help. But MicroSoft will eventually be irrelevant – no wonder they are trying to compensate by selling mp3 players…
Nigel Brereton Says:
May 21st, 2009 at 11:03 am
I like the WGA name change – The Windows Activation Technologies.
Steve Thackery Says:
May 21st, 2009 at 11:06 am
Paul writes: “Not so with software and in particular, Microsoft software”.

Obviously Paul hasn’t written any software if he thinks it is realistic to ensure it is 100% bug-free before launch. Even the most exceptional care – taking years – can still result in errors creeping through. Remember the loss of that Mars explorer?

The bottom line that Paul needs to understand is that if he expects all software to be 100% bug free, then he’ll need to move to some parallel universe.

Paul obviously hasn’t used much software, either, if he thinks Microsoft software is substantially worse than average for bugs. Having used dozens of OSs and hundreds of assorted applications since the IBM PC was invented, I can assure Paul that – in terms of bugs – there have been some truly appalling software products that make anything Microsoft has done look superb. And there have been some astonishingly good products that make Microsoft’s own look distinctly flaky.

Bearing in mind that most MS software tends to be pretty “big” – like operating systems or its Office suite, I have to say that it is really about average when it comes to bugginess.

Thack
big_D Says:
May 22nd, 2009 at 7:44 am
Just saw the ADAC (the German equivalent to the AA) recall notices for April, at least 8 notices for 6 manufacturers (including the Mercedes S-Class)…

Steve is correct.

I think a big problem is, the lay-man really doesn’t understand how software works or what goes into producing an application. If you haven’t actually written code, you can’t really understand about the processes involved and how hard it is to write error free code.

There are some bad programmers and companies out there, who produce junk code and should have their arses sued off… Microsoft isn’t among them. Considering the size of their codebase and the number of hardware configurations they use and the sheer number of users, their software isn’t that bad!

Could it be better? Yes, given time and money, any software can be improved. The problem is economics. People kick up about paying €150-200 for Windows now. Put the price up to €50,000 or €100,000 per licence to get it error free and not many people will be interested! The same goes for OS X, it (currently) produces fewer headlines, but look at the number of fixes for may, it was well over 50. Linux is the same, but instead of a bumped price, you will be talking years between releases…

You can’t have cheap and frequently improved AND bug free. It is always a trade-off. You get as many of the big, critical bugs out of the ways as you can find, before release, then you keep the team plugging away at holes as they crop up.

Car manufacturers do the same – in fact, they often do risk assessment to work out how many deaths due to a defect are “acceptable” (i.e. payouts to affected families), compared to the additional cost in R&D to fix it.