decoration decoration

When you want to know more...
For layout only
Site Map
About Groklaw
Legal Research
ApplevSamsung p.2
Cast: Lawyers
Comes v. MS
Gordon v MS
IV v. Google
Legal Docs
MS Litigations
News Picks
Novell v. MS
Novell-MS Deal
OOXML Appeals
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v Novell
Sean Daly
Software Patents
Switch to Linux
Unix Books


Groklaw Gear

Click here to send an email to the editor of this weblog.

You won't find me on Facebook


Donate Paypal

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.

What's New

No new stories

COMMENTS last 48 hrs
No new comments


hosted by ibiblio

On servers donated to ibiblio by AMD.

The Second Class Action Lawsuit over Microsoft's WGA
Wednesday, July 05 2006 @ 06:43 AM EDT

Here's the Complaint [PDF] in the second class action lawsuit filed against Microsoft over WGA, Windows Genuine Advantage. I was sure you'd want to see it. This one was filed in the US District Court, Western District of Washington at Seattle on June 30. It's Case no. CV6-927R, Engineered Process Controls, LLC, Univex, Inc., Edward Mifsuid, David DiDomizio, and Martin Sifuentes v. Microsoft Corporation.

This story is not going away.

The first lawsuit emphasizes injunctive and equitable relief, changes in Microsoft's behavior, "prohibiting Defendant from engaging in the acts of unfair competition or deceptive trade practices alleged" and requiring Microsoft to delete "all data surreptitiously or otherwise collected" and "ordering data, funds or other assets obtained by unlawful means as alleged above to be impounded, or a trust imposed, to avoid dissipation, fraudulent transfers, and/or concealment of such assets by Defendant."

In short, it wanted Microsoft to cut it out. And within a day of filing the lawsuit, Microsoft had announced some changes. I don't personally see how calling home once a month instead of every day solves the problem, in that most of us don't want our computers calling Microsoft at all and we certainly don't want personally identifiable information about us being collected. At least I don't. What does Microsoft do with it? Does it store it? Does it share it? Does it put it together with other information about customers?

Of course, Microsoft denies any connection between the changes it has made and the first litigation filed. But when you don't stress billions in damages, it's a lot easier to get a problem resolved, one would assume.

This second complaint is asking for compensatory and statutory damages, including treble damages, and disgorgement of profits "realized as a result of the unlawful conduct of defendant", on top of cutting it out. Plaintiffs also want Microsoft to have to fund and implement an advertising campaign to let victims know "the potential security and other risks associated with WGA Software, to allow the consumers on whose machines the software is installed to protect themselves from further damage. The publicity campaign should include, at a minimum issuing a public statement describing the risks and providing information about how to uninstall the program." Microsoft has now provided uninstall instructions, but it involves fiddling with the registry, which some of us love to do, but most are appropriately scared to touch, and then there is this notice:

Important These instructions have not been tested on the general release version of the WGA Notifications. Therefore, these instructions are not supported. Microsoft will offer the general release version of WGA Notifications to users who uninstall the pilot version at a later date. These users will obtain the general release version through the Microsoft Automatic Update service. WGA Notifications is part of the Windows Genuine Advantage program....

Regardless of genuine status, users are not denied access to critical updates. However, users who have not validated their computers as genuine are not able to install other updates such as those for Microsoft Internet Explorer 7.0 and Microsoft Windows Defender.

I read that as saying they are not going to cut it out altogether, and you are utterly on your own as far as uninstalling the "pilot" version of WGA. If you mess up your computer, don't call them. Most people will not be able to follow the instructions, I don't think, or more accurately will be too scared to try.

Interestingly, one other unique aspect of this complaint is that it asks the court to decide if the terms of the EULA, some or all of them, are unconscionable, specifically the limitation of warranties and limitations of damages at $5. I've asked myself that question too. Can one be said to have agreed to a EULA's terms if they come from a monopoly software company requiring you to accept software you don't want as a precondition to getting software you do want and feel you need? And when you bought your computer, did you agree that WGA was going to become a fixture in your life? If you had known, would you have purchased XP? Here's's definition of unconscionabale:

adj. referring to a contract or bargain which is so unfair to a party that no reasonable or informed person would agree to it. In a suit for breach of contract, a court will not enforce an unconscionable contract (award damages or order specific performance) against the person unfairly treated, on the theory that he/she was misled, lacked information or signed under duress or misunderstanding. It is similar to an "adhesion contract," in which one party has taken advantage of a person dealing from weakness.

I think it's clear no one wants WGA except Microsoft. But is it bad enough that one could be said to have agreed under duress? And should Microsoft have to pay more than $5 in damages if you've suffered more than that?

The first lawsuit mainly asked for alteration in behavior, then, and in fact Microsoft did alter its behavior to a degree. This second lawsuit looks to be harder to settle out quickly or to satisfy the Plaintiffs. The introduction begins:

Microsoft created serious security, privacy and consumer protection problems that damaged Plaintiffs and the members of the class by installing a "spyware" computer program as a "critical security update" in millions of computers nationwide....

WGA is "spyware" that transmits data to Microsoft's central computer ("phones home") every time a PC is booted up and every 24 hours thereafter. Microsoft does not advise users of these phone home capabilities. WGA gathers data that can easily identify individual PCs and WGA can be modified remotely to collect additional information at Microsoft's initiation. WGA is in daily contact with Microsoft's servers and it can download other software and morph itself for whatever purpose Microsoft desires. Software hackers can exploit WGA to not only collect data but also modify users' computers. "

This was likely written before the changes in Microsoft's WGA process, but the security issues presumably remain, and for a time period there were issues as to whether users knew what was happening to their computers or meaningfully said OK.

The first lawsuit, filed by Kamber & Associates, relied upon the following statutes:

  • Washington State's Consumer Protection Act
  • Washington Rev. Code Section 19.86.020
  • Washington's anti-spyware laws, specifically Washington Rev. Code Section 19.270.040
  • the California Consumer Legal Remedies Act
  • California Civil Code Section 1750 et seq.
  • California's anti-spyware laws, specifically California Business & Professions Code Section 22947.4
  • California's Unfair Competition Law, California Business & Professions Code Section 17200.

The second lawsuit, filed by the Houck Law Firm, lists the following statutes and claims:

  • The Computer Fraud and Abuse Act, 18 U.S.C. Section 1030, alleging Microsoft "intentionally access[ed] a computer without authorization or exceeds authorized access, and thereby obtain[ed] ... information from any protected computer if the conduct involved an interstate or foreign communication" in violation of this Act.
  • Washington State's Consumer Protection Act ("Microsoft's actions are unfair and deceptive...Microsoft has represented that its WGA software have characteristics, uses or benefits which they do not have....Microsoft installed the WGA programs in defective prerelease condition ... Microsoft's policies and practices are unlawful, unethical, oppressive, fraudulent and malicious. The gravity of the harm to all consumers from Microsoft's policies and practices far outweighs any purported utility those policies and practices have.")
  • Washington's Computer Spyware Act, RCW Section 19.270.040 ("Microsoft takes control of the Class's computers and modifies settings that could cause damage to their computers or lead to the stealing of the owner or operators personally identifiable information in order to commit fraud....Microsoft induces an owner or operator to install its WGA software onto the computer by intentionally misrepresenting the extent to which installing the software is necessary for security or privacy reasons.")
  • Breach of implied covenant of good faith and fair dealing.
  • Intentional misrepresentation.

The plaintiffs also ask that Microsoft work with anti-virus, anti-spyware tools to find and completely clean up everyone's computers. That seems a bit useless. Microsoft has been using your computers to call itself every day for a while now. Did your anti-virus, anti-spyware applications block it? Did they even tell you? Did they warn you about Sony's rootkit, for that matter? Well, one did, finally. But if there is one obvious lesson to be learned from these two events it's that anti-virus companies have been asleep at the wheel. At least.

Here's the thing. The Computer Fraud and Abuse Act is a federal statute. The first litigation was under state laws. The CFAA is one of the serious, heavy-handed computer abuse laws Hollywood and other content owners dream about, designed to deal with "pirates" and "hackers". And now, ironically enough, it is being applied to Microsoft, and I have to say, if all you look at is the actions and compare with the statute, it does seem to match up.

There is the disjoint that Microsoft isn't motivated like a cracker. It isn't going to sell your identity to an ID thief or put charges on your credit card or anything like that. It isn't going to post it on the internet either or cause other damage we normally would associate with the statute. But the law doesn't exactly distinguish such things. In discovery, there may be some digging to see what Microsoft was/is doing with all that data. Does it sell it to partners, for example? If it does, and it told you it was for your advantage, a necessary security update, is that fraud? Section 1030 of the Act is titled: "Fraud and related activity in connection with computers." The criminal penalties are significant. If you are a cracker, for example, found guilty of violating the Act, they can throw you in prison. This is civil only, so that isn't going to happen here, but it's not an insignificant thing to be accused of violating the CFAA. It's like I always say. Be careful what laws you pass, because they won't be used just the way you are thinking. Lawyers are creative.

Judges can distinguish motives, because they are human beings, and juries can, but the charge is actually quite serious. The complaint does ask for a jury trial, by the way, and if the jury is made up of Microsoft XP users who installed WGA or had it installed on them -- and how could it not? -- Microsoft might be in for a rocky ride.

Of course, Microsoft maintains that WGA is not spyware. Here are some slides of a PowerPoint presentation on research on privacy issues and how to make computers less vulnerable, and one slide puts Elitebar in the spyware category for the listed reasons:

TRUST, Berkeley Site Visit, April 26-28, 2006

Cyberlaw Clinic: Enternet

* Enternet Media (EM)
o Internet ad firm in CA
* EliteBar a.k.a. Elite Toolbar

o distributed through websites
o no notice of installation
o prevents uninstallation
o collects personal information

* EULA: unconscionable terms

Hmm. Check, sorta, check (it did before), check, and we'll see.

The real issue with all spyware, to me, isn't just technical. It's the bigger question: what happens to the personal information that is collected? That is the piece we really don't know in the Microsoft WGA story, but it does look like this second lawsuit might just find out.

You could just switch to GNU/Linux, of course, if you wish to escape such problems. I hope you do. You can get it for free and use it on as many computers in your home or business as you like. Then go to your mom's and install it on her crippled XP computer that is doing heaven knows what, so you know she's safer, and then give it to your best friend to do the same. And nobody will ask you or your mom or your friend or his family and friends what you are doing or demand you register or report back or prove you are "legitimately" using the software, which doesn't snoop to see if you've been good.


The Second Class Action Lawsuit over Microsoft's WGA | 466 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Corrections here
Authored by: Winter on Wednesday, July 05 2006 @ 06:53 AM EDT
So that Pamela can find them in a single swoop.

Revenge, Justice, Security, and Revenge, chose any two.

[ Reply to This | # ]

Off Toppic
Authored by: feldegast on Wednesday, July 05 2006 @ 06:54 AM EDT
Please make links clickable by submitting as HTML

The above post is (C)Copyright 2006 and released under the Creative Commons
License Attribution-Noncommercial 2.0
P.J. has permission for commercial use

[ Reply to This | # ]

MS Motives ?
Authored by: Anonymous on Wednesday, July 05 2006 @ 07:45 AM EDT
There is the disjoint that Microsoft isn't motivated like a cracker. It isn't going to sell your identity to an ID thief or put charges on your credit card or anything like that. It isn't going to post it on the internet either or cause other damage we normally would associate with the statute. But the law doesn't exactly distinguish such things. In discovery, there may be some digging to see what Microsoft was/is doing with all that data. Does it sell it to partners, for example? If it does, and it told you it was for your advantage, a necessary security update, is that fraud? Section 1030 of the Act is titled: "Fraud and related activity in connection with computers."

Perhaps not, but what about this< /a> ?

There's also the matter of laptops. Accroding to some reports the things has insisted on dialling out on boot - does that mean it halts the boot until it has succeeded, if so how is a laptop user on the move supposed to sue his system (or are they really not that stupid ?)

[ Reply to This | # ]

Authored by: Carlo Graziani on Wednesday, July 05 2006 @ 07:50 AM EDT
PJ, would you perform an exegesis of the CFAA statute for us? I'm not certain
what that law forbids, but on its face, I don't see that it applies to this case
at all.

The thing is, the language of the statute appears to qualify either the
information obtained through unauthorized access or the nature and purpose of
the compromised computer in such a way as to exclude most people's home

Basically, if the unauthorized accesser didn't obtain government secrets or
financial information, or if the computer isn't "protected" ---
meaning, apparently, transacting financial information or used for
"interstate communication", this law doesn't seem to apply.

I understand that courts have read "used in...interstate
communication" as in some sense e-mail-capable, although I'm not clear on
whether that means server-only or client too. In the latter case, then
"protected computer" would appear to be a synonym for
"computer", but I have a hard time believing that the courts would
indulge in such naked editing of the law. But, what do I know...

[ Reply to This | # ]

Multiple reboots
Authored by: Anonymous on Wednesday, July 05 2006 @ 07:53 AM EDT
If you read the instructions here it requires 2 reboots of your machine to completely remove the thing. One day M$ might actually up with a system of installing/removing software that doesn't require a reboot with every change.

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 07:55 AM EDT
"Microsoft has now provided uninstall instructions, but it involves
fiddling with the registry, which some of us love to do, but most are
appropriately scared to touch, and then there is this notice:"

It just amazes me how easy and pretty it is to use and install windows software
but when you want to remove it, well that is another story, it isn't so pretty
and easy to remove.

funny in linux it is the same no matter what you use.

if you use a dpkg base or an rpm based system the commands to install and
uninstall software are the same you just use different switches. And it
actually REMOVES the program.

And they say linux needs standardization.

[ Reply to This | # ]

A frustrated M$ shop administrator
Authored by: Anonymous on Wednesday, July 05 2006 @ 07:59 AM EDT
WGA is b.s. I am an M$ administrator for a small school which has 30 Gateway
desktops with XP. WGA does not accept the keys on the back of 5 of the desktops
that WGA is installed. Since the WGA key authenciation fails, WGA won't let
anyone use the computers. They are all useless. I try to follow
Gateway tech support to disable WGA, but it seems like WGA is a very elusive
spyware/root kit. I delete the files in the obvious places and check the
registry for it but none to be found. However, at bootup WGA is still there to
cripple the computers. So now I try to disable the automatic update and will
not install WGA on any of my computers. Of the five cripled computers, I use
Norton Ghost and put an image without WGA. Here's the twist. Micro$oft tech
support blames Gateway for using pirated Winblow$ and keys, and it's going to
charge me $150 for each key if I want to buy from M$.


[ Reply to This | # ]

Worm poses as WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 08:00 AM EDT
Its starting...
Worm poses as Windows Genuine Advantage

The Cuebot-K worm spreads via AOL Instant Messenger, registering itself as a new system driver service called 'wgavn'. It carries the display name 'Windows Genuine Advantage Validation Notification', and runs automatically during system startup.

Users who view the list of services are told that removing or stopping the service will result in 'system instability'.

Once in place the worm disables the Windows firewall, and opens a backdoor to infected computers which allows hackers to gain remote access, spy on users, and potentially launch distributed denial-of-service attacks.

[ Reply to This | # ]

Unconscionable, misleading and void.
Authored by: MathFox on Wednesday, July 05 2006 @ 08:06 AM EDT
I like to see that the lawyers in this lawsuit ask the judge to declare the MS
EULA "unconscionable, misleading and void." I've argued the same under
EU consumer protection laws. (IANAL, just a webmaster)
I predict that MS will try to settle this lawsuit, to avoid a verdict that
declares their holy EULA (partially) unenforcable.

If an axiomatic system can be proven to be consistent and complete from within
itself, then it is inconsistent.

[ Reply to This | # ]

Microsoft's WGA may well be the reason...
Authored by: webster on Wednesday, July 05 2006 @ 08:14 AM EDT
...they have never made Windows secure.


[ Reply to This | # ]

PJ future plans
Authored by: Anonymous on Wednesday, July 05 2006 @ 08:18 AM EDT
Well PJ,

I'm hoping the SCO saga will be over within 12 months (if not earlier through
summary judgements). With the public becoming more savvy with the kind of
things that WGA and other spyware etc present, lawsuits like this might become
more prevalent. Is following those suits the kind of thing you see yourself
doing after SCO is buried?

I only ask because you do it so well!


[ Reply to This | # ]

Microsoft's WGA removal instructions
Authored by: RogerB on Wednesday, July 05 2006 @ 08:36 AM EDT
Just to be clear, I'm talking about Knowledge Base article 921914.

It doesn't help that these instructions actually assume knowledge that a
non-geek probably hasn't got.

Firstly, they want you to check the WGA version number using "Add/remove
programs" but they don't tell you that "Add/remove programs"
won't have the item they want you to look at in its list unless you tick the
"Show Updates" check box. (Also, in my copy, when you do find it it's
actually called "Windows XP - Software Updates" and not "Windows
XP - Software" as it's called in the article).

Secondly they assume that you'll know that %Windir% means "the Windows
folder, which is probably, but might not be, C:Windows".

Not a big deal if you know what you're doing, but if you've already been scared
by just reading the removal instructions it doesn't help to find they're wrong
and confusing when you try to carry them out.

- Roger

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: ThrPilgrim on Wednesday, July 05 2006 @ 08:39 AM EDT
Micro Soft had better have regestered that they wanted to move personal data
from computers in the UK to the US or they will be in serious trouble with the
UK data protection register

[ Reply to This | # ]

Process Control connection
Authored by: Anonymous on Wednesday, July 05 2006 @ 08:48 AM EDT
Interesting to see a "Process Engineering" company as one of the

Process control systems are often insecure, being designed for reliability and
performance and usually for deployment on an isolated network. Should anyone
want to use Windows on a process control system (most likely in a non-critical
SCADA role, one hopes), it would normally be unable to "phone home".
BUT would still need to be patched against all the happy bugs that turn up in
complex software (& so would probably pick up an WGA infection as a

So if WGA interfered with the operation of process control systems, it could
have enormous safety repercussions - not to mention plant stoppages etc.

Now this is pure speculation, but it seems like a very good reason to sue a

Mark H

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 08:56 AM EDT
Of course, Microsoft denies any connection between the changes it has made and the first litigation filed.

Which is certainly true. No way Microsoft makes changes to code, tests them and rolls them out in one day.

[ Reply to This | # ]

Changing the Rules after play started
Authored by: tel_cor on Wednesday, July 05 2006 @ 09:02 AM EDT
What irritates me about WGA is that MS is effectively changing the rules after
game play started, or in this case after purchase. Suddenly, I am no longer able
to even procure certain updates without installing WGA or going to extreme
lengths to procure them without WGA. Software, once offered for any and all MS
Windows users, now suddenly require me to install WGA.

Where is the power of the free-market consumer? There is none it all rests with

My computer only displays LI-
Is that the only part of Linux my computer can run?
- Anonymous

[ Reply to This | # ]

Authored by: Slimbo on Wednesday, July 05 2006 @ 09:32 AM EDT
The EULA, "specifically the limitation of warranties and limitations of
damages at $5."

What exactly came you have done to your computer that will cost $5.00? Simply
having a hard drive installed will cost you around $100.00 for labor alone.
Doing repair work to fix any software damages usaully cost a minimum of two
hours of labor even if it only took 30 seconds.

If MS can fix these things for $5.00, I need to start a business and out source
all of my work to them.

[ Reply to This | # ]

  • $5.00? - Authored by: Anonymous on Wednesday, July 05 2006 @ 11:58 PM EDT
    • $5.00? - Authored by: Anonymous on Thursday, July 06 2006 @ 04:17 AM EDT
WGANotify.settings file in c:windowstemp
Authored by: TAZ6416 on Wednesday, July 05 2006 @ 10:05 AM EDT
I have WGA installed on my Work PC which is legit. However I noticed that there
is a file in c:windowstemp called WGANotify.settings and the content is

Refresh Frequency on every 14 days
Show notification for every 1 logins
DaysBeforeBuyNow Unactivated = 31
DaysBeforeBuyNow Nongenuine = 14
Server DisableAll = false
Server DisableVLKID = true
Server DisableGetSP2 = false
User ReducedReminders = false
User ReducedVLKID = false
User ReducedGetSP2 = false
BalloonInterval = 2 hours
BalloonIntervalVLKID = 24 hours
BalloonIntervalGetSP2 = 504 hours

I wonder if you have a legit copy of XP that is being flagged as pirated would
editing the file in Notepad be an option?


[ Reply to This | # ]

  • More likely - Authored by: Anonymous on Wednesday, July 05 2006 @ 05:23 PM EDT
The issue at hand
Authored by: Anonymous on Wednesday, July 05 2006 @ 10:19 AM EDT
The issue of unconsciounable actually seems to me to rest on the viability of
this statement of PJ's:

"You could just switch to GNU/Linux, of course, if you wish to escape such
problems. I hope you do."

If that is true, then there really is an alternative out there and you can't be
said to agree to the EULA under durress.

But here's the rub. It's not a true statement.

It's true for some, but not all, home users, but it's hardly true for all or
even most businesses.

Companies that are large enough to have an IT staff like having relatively
homogonized environments, because it lowers the number of technical skills that
you need to screen for, and help eliminate single-point-of-failure HR issues
where only one guy knows how to keep the business critical server up and running
because he's the only "insert whatever os/software it runs" guy in

Most companies of any size will have at least one business critical application
that requires a Microsoft OS. It's something they MUST HAVE in house.

By contrast I don't think there's any business critical apps for which there are
no other OS verisoned solutions in the Linux and Mac worlds.

Here's the real rub -- Microsoft has been found to be a monopoly, and Microsoft
is often the only game in town for a large number of applications. As such,
businesses who rely on the underlying OS have no choice but to agree to the
license terms or lose competetive advantage.

[ Reply to This | # ]

I think that I may have been wrong
Authored by: Alan(UK) on Wednesday, July 05 2006 @ 10:22 AM EDT
I predicted that the end will come for M$ when they stop support for Vista. This
was on the grounds that people will buy Vista machines when they need a new PC,
when they need to replace their Vista machines, Linux machines will be ready and
waiting for them.

The way M$ is behaving now, I see a market-led situation occuring, the PC
suppliers will not be putting out Linux machines in the hope that someone might
buy one - the CEOs of our top companies will be ringing the CEOs of the top PC
suppliers and telling them that they want Linux.

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: greybeard on Wednesday, July 05 2006 @ 10:33 AM EDT
I am surprised that the suits do not claim damages in addition to the violation
of CFAA.

I am working for a small hardware startup who is forced for reasons of economy
and speed to contract many engineering tasks including simulations, signal
quality analysis, and some optical modeling. On at least two occasions, we have
lost a complete day due to a combination of WGA, imperfect system
administration, and the use of multiple systems to speed tasks through
processing in parallel. In each case, long after the staff had gone, a
workstation contacted MS, downloaded whatever crap MS thought was needed, and
rebooted; thus destroying a day's worth of on-going simulation or data
reduction. Naturally, the engineering service company made us whole to the
best of their ability, but the time was still lost. There does not seem to be
any way to easily detect the presence of this MS malarky from a neighboring
machine, so automatically distributing a run over N available processors is

I wonder how many other small companies that deploy box-standard workstations
from Dell and the like have also been the victim of MS's inability to conceive
that one might have some higher priority than endlessly re-executing their
redundant and repetitious malware?

From our point of view as we grow avoiding MS products is a high priority. I
hope more technical users are beginning to ask vendors about non-MS support and
tell them that in the long term, "no linux, no sale".


[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 10:57 AM EDT
This is pretty hilarious if you think about it. Imagine
a jury trial. You get a bunch of prospective jurors and
you find that most of them are plaintiffs in the case
because they use Windows XP - so they can't possibly serve
as jurors. OK, so who does that leave you with? Folks that
run Linux or use a Mac, who are presumably a little bit
more knowledgeable and are more likely to convict, or
people who don't use computers at all (and how many of
them are you likely to find).

[ Reply to This | # ]

Jury Trial? What about the voire dire?
Authored by: mexaly on Wednesday, July 05 2006 @ 11:27 AM EDT
If there was a jury trial, what would teh voire dire be like?

It would be hard the monopolist to kick off anyone who uses MS Windows. Would
they want to do such a thing?

What about the questions like

"Are you an IT professional?"

"Have you ever had any trouble with your home computer not working?"

"Do you use Microsoft Windows in your place of business?"

"Do you own any stock in a technology company?"

What kind of jury filters can the adversaries legitimately try to use?

My thanks go out to PJ and the legal experts that make Groklaw great.

[ Reply to This | # ]

Can jurrors be class members?
Authored by: Anonymous on Wednesday, July 05 2006 @ 11:58 AM EDT
P.J. brings up an interesting point. It's a class action and it's pretty likely
that there would be lots of class members in the jury pool. Would they be
disqualified from serving because they might benefit from the outcome?

[ Reply to This | # ]

Self Help was controversial earlier - It's still malware even if OK clicked
Authored by: tz on Wednesday, July 05 2006 @ 12:40 PM EDT
I think it was in the UCTIA debates (universal commercial code) where they
wanted enforcable EULAs that would allow software vendors to dial into user's
computers and disable software (for whatever reason).

This just happened.

One thing I'm not clear on is there is WGA which I think has been around for a
while, and the WGA notification which demands to phone home and won't let you
boot or update. Do we have a taxonomical chart of which pieces and updates do
what? (I have exactly one application which hasn't been ported to Linux yet
that I need to run occasionally so I only boot XP monthly if that so I don't
really keep up).

Further, MS denies WGA is malware. But from what I've been following, some of
the recognized malware programs were installed with a EULA not that much
different from Microsoft's and the user had to click agreement somewhere. The
"from time to time we may update the software and send information from
your computer" boilerplate isn't usually thought of as downloading zombie
mailbots and sending the results of keystroke logging, but I don't see the

If you asked for a layman's definition of malware (I'll leave legal definitions
to the lawyers), it would have most of the following features:

1. It is difficult to remove. Basically anything that doesn't appear plainly in
the Add/Remove control panel or doesn't include an uninstall.bat file that
completely removes it (note that some expired trialware won't run if
reinstalled, so they aren't completely removed either).WGA qualifies.

2. It degrades system performance or causes other problems or annoyances
unrelated to its advertised function. WGA causes extra dialouts and renders a
system unbootable until it can connect (someone brought up laptops or what if
the network is down). It also reboots the system as part of its operation
causing dataloss for unattended systems at a minimum.

3. It is used for extortion or sabotage. Pay $10 for a removal tool. Or $150
for a genuine XP key (although there is one on the holographic sticker and
certificate it won't accept). It might be annoying to add a "Not
Genuine" watermark to the desktop background upon failure, but instead it
renders the system unusable.

If it worked perfectly, and was unobtrusive (even with the failure
notifications), maybe M$ could get out, but it doesn't and isn't.

User X has a license for XP (who knows about failed hardware which may have been
replaced). He does a "critical security update" (this is also the
extortion case - install this or else! is the implication). He can't use his
system. He needs lots of technical support and maybe a new license before he is
allowed to run his programs (note: Knoppix, live Ubuntu and others will access
XP partitions and files).

The whole point of using holograms and other document validation tools was to
make sure the stickers couldn't be copied, or that copies would be detected. In
many cases - including probably a large number of the 80% of alleged piracy,
they have stickers with valid keys.

It would be interesting to phone the Genuine number and describe my key and they
could tell me if it is legit. Maybe M$ should suggest users do that while in
line at CompUSA - open the box and phone - just to make sure the copy is valid;
and I wonder how many users are told their sticker is valid by that service but
invalid by WGA?

The other problem with false positives is that assume 80% of XP users are legit,
and 20% are pirates. Then assume the 20% false positive rate. The number of
falsely accused pirates would be just a little less than the number of actual

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 12:41 PM EDT
WGA turned up on my windows box a few weeks ago (I don't use it much, and didn't
want WGA installed).

I wasn't too happy to have my computer 'checked', and even though it passed, I
immediatelly used system restore to go back to the day before and removed it. I
bought their product in good faith, its a shame that faith can't be reciprocal.

If WGA becomes mandatory then I'll seriously consider just doing away with
windows and converting that machine to gentoo.

I am *so* tired of windows needing to talk to microsoft. It's not just WGA,
windows installer asks to connect to the net as well. Why? When I say no,
nothing changes, the thing I'm installing still gets installed. Linux does have
some apps that call home, but they explain what they're doing, and you get a
choice. If I didn't have a firewall on (by this I don't mean microsofts
firewall), I wouldn't even know what windows installer was doing. Not that I'd
dare not use a firewall with windows, and especially not the microsoft one.

As it is I don't use the microsoft web/email/media tools, they just aren't good
enough, security warnings aside. It's not an anti microsoft thing, I prefer
quality software. Sometimes that means using solid apps with a smaller feature
set that do what I want, and do it well, I'm not the bells and whistles type.

If this is a precursor of what we can expect with Vista, then I have no
intention of buying it.

Skip (can't get my pasword to work...)

[ Reply to This | # ]

The Homeland Security Administration's Dream Application
Authored by: chrisbrown on Wednesday, July 05 2006 @ 12:41 PM EDT

A few weeks ago I traveled to Florida on business. While there I used my company-owned laptop both from the hotel and the manufacturer's office. It runs Windows XP, and because we are required to keep company computers fully updated with Microsoft's updates, had WGA installed.

I assume it "phoned home" each time I booted it, thus providing Microsoft information, via IP address, my general location. It is topical news recently how, in the guise of protecting us from terrorists, the federal government is utilizing and aggregatting ever increasing amounts of information about us. I can quite imagine Homeland Security would find combined access to Microsoft's database of computers, phone records, and ISP records an outstanding method of tracking people's movements.

I would imagine the administration would ask how we could deny them this new tool in the "War on Terror".

I obviously have no knowledge how Microsoft intends to use this new information, but I don't have any doubts what would happen if it was subpoened; it would be turned over in a heartbeat with real-time access.

Personally, I believe if the "war on terror" can only be fought by giving up our privacy and constitutional rights, then we've already lost.

[ Reply to This | # ]

Retroactively changing the licence/purchase contract?
Authored by: hardcode57 on Wednesday, July 05 2006 @ 12:59 PM EDT
I bought a copy of XP a few years ago. At the time M$ was stressing the
availabilty of online updates, and they could reasonably be construed as part of
the package I bought. Do they have the right to place new conditions on the
availability of updates fixing bugs in the software they sold me subsequent to
the purchase?

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: fredex on Wednesday, July 05 2006 @ 01:05 PM EDT
This WGA fiasco seems to get uglier and uglier.

Here's another ugly little piece of it that I've not seen reported anywhere...

At work I use a Win2k box (actually W2K in a VMWare guest on a RHEL box). Our
corporate IT has manadated that every windows box shall have installed the
latest version of MS's anti spyware tool.

cool. That's fine.

However,... Periodically it will pop up a box once a day telling you there's a
new version you should install with a button to click to have it downloaded and
installed for you.

That's cool too. But it doesn't actually work. It downloads it and trundles
around "installing" it for a while then pops up another box saying
that the new version needs another package (whose name I forget) and telling you
to go to a particular MS URL to download it.

Well, when one goes to that URL and attempts to download it, you are informed
that before you can download it, you MUST download and install Windows Genuine

so even though I'm not using XP they're still trying to slide/slime their
spyware into my system.

I declined the kind offer to install their spyware and instead went and removed
the existing version of their anti-spyware tool. And good riddance!

[ Reply to This | # ]

Microsoft Uninstall Doesn't Work
Authored by: Anonymous on Wednesday, July 05 2006 @ 01:20 PM EDT
Microsoft's instructions for uninstallation don't seem to work any longer -- I
guess they worked for the pilot version of WGA but not for the now-deployed
production version. Their file protection mechanism prevents it.

Here's a method that works for sure.

Boot your favorite Linux Live distro.
Login as root.
Open a command-line window and do this:

mkdir /mnt/foo
mount -w /dev/hda1 /mnt/foo
cd /mnt/foo/windows/system32
echo blah blah blah blah > WgaLogon.dll
echo blah blah blah blah > WgaTray.exe
echo blah blah blah blah > LegitCheckControl.dll

Shutdown & reboot

[If your Windows system is not on C: then you might
have to use something other than /dev/hda1 .. perhaps
/dev/hda2 or /dev/hdb1 or ... you get the idea.]

Also, I *think* what's below works, but I have no affected
systems to try it on:

In Windows,

back up to a configuration before WGA was installed

Don't forget to disable "automatically apply updates" in
control-panel or WGA will just go ahead and install
itself again. (You can still manually apply other

Of course the best solution of all is to install your Linux Distro over top of

[ Reply to This | # ]

Yarro's Law
Authored by: Anonymous on Wednesday, July 05 2006 @ 02:02 PM EDT
I'd really appreciate it if someone in Utah would sue MS over WGA using Yarro's

law. "Cyberterrorism", etc.

I'm not sure if the irony police would technically call it ironic, but it would
delicious none the less.

- Tony

[ Reply to This | # ]

Alert: Win 2000 now insists on WGA before DirectX
Authored by: trevmar on Wednesday, July 05 2006 @ 02:09 PM EDT
I installed a fresh copy of Windows 2000 PRO SP4 yesterday, with a valid
license, and I noted that DirectX had not been installed by the product CD.

So I went to
and clicked on the download links, only to find that MS insisted that I install
WGA on my fresh Win2000 before it would even let me have DirectX.

I found an old DX 8.1 distribution and installed that. I couldn't get Windows
Update to operate beyond that point, maybe it was my ineptitude. But at least
the Windows 2000 PRO installation works fine :)

MS has said that they will stop you downloading 'features' for XP without WGA,
but DirectX for Win2000??? Up until this point Win 2000 has escaped most of the
heavy-handed stuff...

So I used and that worked fine...

ps: After this experience I decided to upgrade my wife's Win98SE to Xandros
Linux (since I have a copy of the newest version of that distro on CD...)(can't
be persuaded to do another Win2000 fresh install right now...)

[ Reply to This | # ]

Validity test for EULA?
Authored by: overshoot on Wednesday, July 05 2006 @ 03:57 PM EDT
I suspect that Microsoft will settle the second one very quickly. The last thing they want is a court looking into the validity of their EULA.

After all, what is it? The only thing the user gets in exchange for "agreeing" to its onerous terms is that the software he's already paid for (and can't return) will now run. I'd love to see some competent legal analysis of a contract like that.

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: PR3J on Wednesday, July 05 2006 @ 04:09 PM EDT
Some time ago I worked as support manager for a big company with a huge contract
with M$ ... With limited human resources, the only way to install and maintain
so much XP boxes was using an image of a basic installation.
It means, we installed one box, create an image of it, and replicated the image
to all others.
It was done with MS support (at installation time we got a MS team in house
helping us to do that).
Now, with WGA, every XP box installed will alarm and block. Actually, I'm really
glad, because I'm not in the support team there anymore.

"[T]he IQ of a mob is the IQ of its most stupid member, divided by the number of
mobsters." - Terry Pratchet - Maskerade

[ Reply to This | # ]

Yes I DO want my OS calling home
Authored by: Anonymous on Wednesday, July 05 2006 @ 04:12 PM EDT
From TFA, PJ wrote: in that most of us don't want our computers calling Microsoft at all and we certainly don't want personally identifiable information about us being collected. At least I don't.

What a surprising (to me) lack-of-trust some people have in their OS vendors!

The Debian popularity contest callls home which not only reports which packages I install, but which I use and how often I use them. This is important to me because it lets my OS vendor know which packages are most important to its customers, and makes sure it maintains them well. And of course my computers are also set up to "call home" nightly via a "apt-get update; apt-get upgrade".

Personally I *DO* exptect to trust my OS vendor to help keep my system secure (the nightly update) and to keep focusing on the packages I use (through tools like the popularity contest package). Calling home is one valuable tool to help doing this. If you can't trust your OS vendor with access to your data, you seriously need to start looking for a different vendor; because it's hard to tell (especially for closed souce vendors) what back-doors they have even if they don't call home..

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 04:44 PM EDT
EULA: unconscionable terms

OK, here's a question for all the legal eagles. When does an EULA become
unconscionable? How complex and verbose does the EULA have to be before it's
truly beyond the ability of a normal member of the public to make a truly
informed choice?

Some of the EULA's are so long and comlex that I personally, despite being
university educated and a lifelong professional in the world of IT, have a hard
time plowing through them.

Taking my father in law as an example. He is an ordinary guy, he completed
highschool (such as it was) and has worked his entire life. If you asked him to
read a Microsoft EULA it wouldn't take him long before he would be in over his
head. Now, he's been a business man most of the last 15 years, he understands
some finance and contracts. He's a good approximation of an average person (he'd
dispute average and request that I add above before average, and then add very
before the above). But I am certain he would be unable to make an informed
choice based on the EULA terms on most software products these days.

My question is a wide ranging one, but I see EULA terms and conditions popping
up everywhere. Software downloads, CDs, software, DVDs, residential ISP
contracts and so on and so forth. Almost no one ever reads these terms and
conditions because they can't. The T&C are long, complex and wordy. So, how
can they be enforced? If the T&C are beyond the ability of most people to
understand sufficiently to make an informed decision, then are they valid or

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Wednesday, July 05 2006 @ 05:01 PM EDT
> But is [the WGA license] bad enough that one could be
> said to have agreed under duress? And should Microsoft
> have to pay more than $5 in damages if you've suffered
> more than that?

Will you *personally* suffer $5 in damages? Yes. But not at the hands of your
own computer. It will come at from all of the computers that Microsoft has left
out in the cold.

The implications of this are staggering. The cost to the world will be billions
of dollars. Consider...

Windows is fundamentally insecure. What will happen when Microsoft stops
supporting the millions of illegal copies of Windows? Within a VERY short time,
we'll have millions of zombie bots. Some will be controlled by "script
kiddies" who do it for fun, but the mafia-type organizations, as well as
the very well funded and sophisticated terrorist organizations, will quickly
take over and push the script kiddies out. We'll have "bot nets" the
magnitude of which is staggering. Millions of computers, controlled by the
world's most dangerous criminals.

Extortion is currently directed at online casinos and other high-cash-flow
businesses, but it will spread. With tens of millions of PCs, terrorists could
attack the entire web infrastructure of a country. We've seen several types of
DDOS attacks, ranging from overwhelming traffic to attacks on DNS and routers,
etc. Consider what would happen if 10, 20 or even 100 *different* attack types,
run from a million computers, were launched simultaneously against the network
infrastructure of the United States or Europe. Government and news sites down
through overwhelming traffic. DNS servers taken out. Routers everywhere
overwhelmed. And all at the same time, from computers on every major network in
the world.

Every type of information would be halted -- TV, radio, telephone, web, VOIP ...
everything relies on the internet these days. We wouldn't even be able to
communicate enough to figure out that we were under attack. All financial
institutions would be halted. Power grids, gas pipelines, and other nationwide
infrastructure would collapse.

We'd never know what hit us. Only the military networks would keep working.
The ham-radio operators would be the only ones with long-distance communications
capabilities. To contain the attack, the military would first have to cut off
the USA from the rest of the world. Then they'd have to get out the word to
every citizen in the USA to turn off their PCs, and leave them off. Businesses
would be instructed to implement strong firewalls that blocked virtually all
outgoing traffic. Bit by bit, piece by piece, the routers and DNS servers would
recover, and the internet would start limping along again. But it could take
weeks, even months.

And we can thank Microsoft for cleverly looking after their own bottom line,
rather than considering that *they* created this trap for themselves.

Will you *personally* suffer $5 in damages? Yes. But not at the hands of your
own computer. It will come at from all of the computers that Microsoft has left
out in the cold. Are they illegal? Sure. Does that help the innocent people
who will fall victims to this terrorism? Not one bit.

Windows computers around the world will become the single most powerful weapon
of mass destruction available, and Microsoft is going to give it to the
terrorists for free. Microsoft should bite the bullet and swallow their
medicine. They created this mess, and they should just shoulder the burden and
keep supporting Windows wherever it's installed.


[ Reply to This | # ]

Microsoft seeks to legalize this behaviour
Authored by: perrye on Wednesday, July 05 2006 @ 05:55 PM EDT
Recall that MS, with several large communications companies, have funded the authoring of legislation in Oklahoma, and probably other states: Groklaw comment

The proposed legislation would make it legal for software vendors (ISP's included) to gather information about your identity, system, and useage, and turn this information over to third parties. They need only have some approriatetly vauge verbage in the EULA.

Seems MS jumped the gun by rolling out WGA before the polititicians had done the dirty work for them. Perry, aka. tuxokc

[ Reply to This | # ]

Any non-Microsoft filewall will probably block WGA...
Authored by: nerd6 on Wednesday, July 05 2006 @ 07:33 PM EDT
I have a new laptop and it came with XP configured with Automatic Updates on. I
have never used Automatic updates before but I thought "It won't hurt to
try it"... well it wasn't long before I got a pop-up from the Zone Alarm
filewall saying that WGA was trying to connect to the internet. I clicked on
Deny (always) and that was that.

However I fear that Microsoft will treat that as "WGA not installed"
and refuse other updates... we'll see.

This is yet another reason not to trust the Windows firewall.

I haven't tried any anti-spyware programs on this computer, I wonder if they
will flag WGA? (Of course Windows anti-spyware won't, ha ha).

[ Reply to This | # ]

What significant harm did the plaintiffs suffer?
Authored by: Anonymous on Wednesday, July 05 2006 @ 08:27 PM EDT
"Engineered Process Controls" seems to be sales agents for a number of
product lines used in large process industries. It's hard to tell if their
product line covers any PC based systems. If they have to show actual
significant harm to their business, then its not easy to tell at this time just
where that occurred.

Is it possible that they were accused of supplying a system with included a PC
with "pirate software" because a WGA warning popped up on a customer's
system? That would be very damaging to their reputation. They are selling some
very expensive hardware and the cost of an MS-Windows license would be
comparatively insignificant. I doubt they would knowingly infringe copyrights to
save a small amount of money.

The other company mentioned is Univex. There seems to be more than one company
by that name, but the most likely candidates appear to be either one that
manufactures commercial food processing equipment, or one that manufactures
metal coating equipment.

I find the choice of lead plaintiffs rather unusual. These aren't companies that
you would expect to know enough about computers to have heard of WGA. There may
be an interesting story behind this beyond the WGA class lawsuit angle.

[ Reply to This | # ]

The Second Class Action Lawsuit over Microsoft's WGA
Authored by: Anonymous on Thursday, July 06 2006 @ 12:19 AM EDT
We have a pile of Windows-based instrumentation; spectrum analysers, chip
testers, and so on. This equipment is expected to have something like 20-year
life; it's good stuff.
We can't apply Windows patches, in general, because the application software
checks the version of the underlying system (it was certified with that; the
test equipmennt vendor is not in a position to recertify)
It would be nice to put this equipment on the corporate Intranet, so we could
run it from our desks and include its output in our reports. But doing that
would risk the test equipment going down with viruses, so we can't.
We run the stuff on isolated networks, rather like a hospital patient in an
isolation ward.
We don't mind, or anything; we're researchers, we will live with it. But it's
not quite how we expected things to be. And it's unlikely we will let it happen
for the next generation of equipment.

[ Reply to This | # ]

Question For international users of M$ software
Authored by: chris hill on Thursday, July 06 2006 @ 03:01 AM EDT
Doesn't the action by Microsoft invite the following questions:
  • If this is spyware, and it is installed as part of the base operating system, doesn't this mean that Microsoft can effectively open up holes in International security?
  • If this is not spyware, is the installation of WGA, without properly giving user notice, and including it in 'critical updates' meet the definition of espionage for the purposes of international border relations?
  • By installing this software, doesn't Microsoft, by definition in some parts of the US, performing acts of cyberterrosim?
  • Doesn't Microsoft become litagatible in several countries under spying on government systems.
  • Doesn't Microsoft invite international scrutiny into the policies purported to be supported by the White House if the White House does not come down hard on Microsoft and stop them from using and distributing WGA?
  • By definition, doesn't WGA put into jeopardy international security agreements between the US and other countries?
  • By definition, hasn't Microsoft made themselves guilty of Federal crimes in several countries, including Canada, the US, Great Britain, Austalia, Japan, and France, to name only a few countries? Responses on this are appreciated. And any lawyers in Canada that can explain what this means for Canadians.

    [ Reply to This | # ]

  • Is Hewlett-Packard guilty as Microsoft?
    Authored by: KAKMAN on Thursday, July 06 2006 @ 10:00 AM EDT
    If you own an H-P printer, I have discovered it contacts home base, wherever that is, several times a day, sometimes six times in an hour, to make sure you have the latest up to date H-P printer software (hp officejet 4215 allinone). I have yet to figure out how to turn this off. I am not on dial up, I use AT&T/Yahoo! DSL (formerly SBC/Yahoo!), but it is annoying watching this "window" at bottom of my monitor open and close momentarily while checks in with H-P. Norton AntiVirus 2004/5 never had a problem with it, when I used it, nor does our current anti-spyware, anti-virus provider, SBC Yahoo! Online Protection, so I'm guessing the spyware firms differentiate between those pieces of software that call home to Microsoft, H-P, Adobe, Roxio, etc and those that are on a different list, the bad list. Since it appears other companies, respected and (supposedly) responsible companies use this type of phone home software AND apparently the major anti-spyware and anti-virus softawre providers aren't obviously blocking it (not on the list not doing any (supposed) harm), is there the appearance of collusion and or impropriety going on? Excuse me if I appear to be reaching here, I am a little past my bedtime.

    [ Reply to This | # ]

    Authored by: Jamis on Thursday, July 06 2006 @ 09:55 PM EDT
    The latest iteration of WGA (KB905474, July 06, 2006) to update to my work
    ThinkPad, had the above exececutable in it. I think this is the patch that
    came out on 07/01/06. Just for grins, I blocked this program at the firewall
    (Tiny Personal Firewall) and had the logging turned on for this program.
    WGATray kicks off every two hours or so and tries to connect to the outside
    world. After unsuccessful attempts every two hours all day today, at about 4 PM
    EDT, it went ballistic and fired up every two seconds. I won't be using the T42
    on Friday, Saturday, or Sunday, so I will have to wait until Monday to see if it
    repeats its actions. Windows Update still works as it did before WGA came about
    and with WGA blocked at the firewall.

    [ Reply to This | # ]

    The Second Class Action Lawsuit over Microsoft's WGA
    Authored by: Anonymous on Friday, July 07 2006 @ 05:01 PM EDT
    I had bought an OEM version of XP Pro for my home computer over a year ago. I
    had no reason to think it was not genuine since the software sales internet site
    seemed to be legit and it work for over a year without any validation problems
    when I needed to download updates. After a year... POP... You do not have a
    Genuine Windows. Well it was for over a year! What happened?

    Oh, and the site seem to be in trouble with Microsoft. Well,
    time for me to find out who is responsible? Microsoft for making it possible
    for me to be Genuine for a year and for a company to rip me off, or the guy who
    sold it to me. At least I didn't pay full price for it.

    Me being someone who likes to build my own PC setup rather than get that cheap
    DELL, another thing that ticks me off is that I can buy a PC with XP installed
    on it for about the same price as buying XP alone. The only problem is that I
    cannot use the XP on any other system if that PC breaks. You somehow don't own
    the XP you bought with the system.

    As I recall, this is why people went with PC instead of Mac. They wanted to
    tinker. They wanted upgradable options. If I wanted to buy a system without
    all the neat flexibilities, I would get a Mac and have less problems than the
    common PC problem (mostly the fault of M$). If the stinkin' game makers would
    make more Linux games, and there was more acceptance of Linux, I would be there
    completely with no need for M$. Then we could put some of this anti-trust stuff
    behind us.


    [ Reply to This | # ]

    speculation re industrial espionage
    Authored by: Anonymous on Monday, July 10 2006 @ 02:40 AM EDT
    Seems this one is coming very definitely from the point of view of Microsoft
    engaging in industrial espionage by this practice. I don't know why I never
    thought of it this way myself.

    For so long there has been a huge flood of publicity about 'personal privacy
    infringements', accompanied by the usually sensible-sounding 'well why would M$
    want to spy on little old me' counter-argument. Overall this has not touched M$
    as an industrial force one iota.

    Now I wonder whether this emphasis on personal infringement has been
    artificially driven, in order to keep us from wondering about this obvious and
    more likely scenario, that M$ is not interested in individual users personal
    details enough to spy on individuals, but that it profits greatly from the
    details garnered wrt the companies who install its products.

    As a monolithic entity with thumbs branching into more and more pies, well
    outside the scope of 'software provider', this information must be very useful.

    The risk/benefit equation makes this much more likely. Get caught spying on
    individuals, it brings an awful lot of bad press and government intervention.

    Get caught spying on other companies, for all I know (I am not a business
    analyst) it sends your stock price UP.

    Given the suspicious trend of questionable security inadequacies, I wonder
    whether we are going to finally see revelations that some of these were
    intentional? I think if there ever have been any intentional backdoors and/or
    spyware in Windows, that it is going to be infringed businesses who have the
    motivation and resources to pursue them and bring the truth to light.

    I think most are familiar with the purported fact that most international
    gevernmental espionage is actually passed on as commercial espionage. Is M$ the
    world's biggest spy agency?! Who would be surprised? Microsurfs =>
    MicroSMERSH! :D

    [ Reply to This | # ]

    The Second Class Action Lawsuit over Microsoft's WGA
    Authored by: Anonymous on Tuesday, July 11 2006 @ 04:10 PM EDT
    My take on all of these M$ issues is all related to the Mofia. M$ leaves open
    the holes so a hacker can expose the threat.

    Who these hackers are? Who knows. But, if the hacker is a 15 year old boy, who
    is just looking for trouble and supposedly trying to for a name for himself,
    then it's amazing that M$ can't figure out these little openings themselves.
    Why would they need to? Why would they not want to just purposely leave them?
    There are plenty of hackers out there who can expose them for free and a bunch
    of people out there who are willing to spend many more dollars towards other
    anti-virus/spyware programs, which are now usually requiring annual membership

    You know all those M$ investor probably have their $ invested into these
    companies as well as M$. And M$ can get you so paranoid about updates that you
    wont dare use a non-genuine version and not be able to get updates that could
    leave you EXPOSED!

    So, in short, you need to pay the Micro-mofi, M$ as the mob head and the other
    bullies going door to door collecting the dough, to protect yourself from them,
    the same people who are offering you the security.

    So, I guess this is nothing new since M$ has many times before been compared to
    the mofia for their bully tactics. This includes stealing ideas and technology
    from smaller companies and using the lawyer army to keep the little guy down.
    Using unfair tachtics to force other companies to market to their favor agian to
    keep the little (and many times better) guy down.

    Well, at least good ol $Bill gives plenty of that extra $ to the hungry. Can't
    argue with that. Makes me feel kinda bad for writing this little conspiracy
    theory and for even thinking that his OS is just a little overpriced.


    [ Reply to This | # ]

    Groklaw © Copyright 2003-2013 Pamela Jones.
    All trademarks and copyrights on this page are owned by their respective owners.
    Comments are owned by the individual posters.

    PJ's articles are licensed under a Creative Commons License. ( Details )