Cancelling WGA Installation sends a report to Microsoft

[cooldude75ph]

---

Cancelling WGA Installation sends a report to Microsoft

The German computer magazine CT (English translation using google translate) analyzed the new WGA Notification that is installed during Windows Update. They decided to cancel the installation and immediately after doing so the firewall reported that update.exe tried to connect to the internet. This caught their attention of course and they decided to analyze the data that was send after the connection was established.

They used Wireshark to analyze the traffic and found out that update.exe sends data to genuine.microsoft.com. Some of the data seems to be encrypted while some could be identified. It sends registry information, namely the SusClientID as well as information about the version of the WGA tool, the windows version and the language of the operating system. It also sets a cookie which contains a GUID which could possibly be used to identify the computer.

Microsoft confirmed to the magazine that data is send but it would only be used to optimize the service. The GUID in the cookie would only be used to count all attempts in the most thorough way possible, it would not be used to identify the host.

It is however questionable why Microsoft is not informing the user that data is send using his internet connection.

One way to prevent this would be to either configure your firewall to block access to genuine.microsoft.com or add the following entry to your hosts file “127.0.0.1 genuine.microsoft.com”

[dark_humbz]

[Chipmunk888]

ang mga pirated ramay dapat magproblema ani. if you have genuine software.... there isnt a need to worry.

Go Genuine!

Piracy its not the point here. Its the privacy.

[Metz]

Its just one of the ways for MS to detect pirated copies. Sa pagsabot nko sa WGA kay it will just check your Product ID sa comp and if di valid hasol hasolon nka sa MS. It works two ways, it helps detect pirates or it makes sure that the copy of windows that you got is valid, kay usahay kung ipa troubleshoot nimo ug mga technicians, ilang reinstallan ug lain nga copy and unknowingly causing piracy or you were sold a Volume license copy, very common in US.

Pero karon dili naman lng WGA saligan sa MS, IE7 and WMP11 has its built in WGA na hehehe. Pero kung kamao ka mo pirate kamao lang sad ka mangita ug lusot, and kung naa ka sa pinas I recommend nga OEM versions ra palita ayaw ang Full Retail product kay way gamit imong warranty unless willing ka mag long distance for tech support.