Changes to the Windows Genuine Advantage program

Microsoft has changed how the WGA program works in XP. Instead of checking in with Microsft everytime a machine starts up, it will now only check in every 90 days.

Instead, the tool reports back over longer periods: every 90 days for
installations with Microsoft’s Volume License keys. The company
justifies this, saying that its blacklist of counterfeit keys is
constantly being updated.

I know you can search the internet and find warez sites who have pirated Windows XP keys, then install XP on as many machines as I wanted to at home – so I can understand why Microsoft is running the WGA program.

The question is how many corporations are doing this? I am sure there are some companies that are doing this, but how wide spread is it? I honestly didn’t think this was a big issue.

But now, I have to wonder what Microsoft is seeing with the data being collected since they are talking going to make WGA a feature of Vista and require Volume License Keys to be activated.

• Are they seeing more Windows XP machines showing up than they knew about?
• Are they seeing tons of pirated corporate keys showing up?
• Are they seeing a corporate key, for say a cusotmer located in a couple of states, being reported all around the world?

They must be mining this data to see which keys are being used, where they are being used, and how many of them are being used.

Vista to require activation for volume license keys

While this should make life fun for some of the corporate IT guys…

Starting with the release of Vista and “Longhorn” Windows server next year, customers will be required to register their volume license keys (VLK) with Microsoft within 30 days of
acquisition and report their license usage on a monthly basis,
executives said.

So much for the good faith plan that Microsoft has used in the past. Just another reason for a company to implement a software asset management plan now.

One way to force users to Vista

I didn’t know that Microsoft was going to stop supporting Windows XP SP1 in October…

Microsoft reminded solution providers and end users Wednesday that support for Windows XPService Pack 1 (SP1) will end Oct. 10.

Don’t worry if you are still running SP1 right now though, Microsoft has an upgrade path for you…

company recommended that Windows XP SP1 customers consider migrating directly to Windows Vista when it becomes widely available in January 2007.

There are so many things you can say about this, my first thought would be – is your current Windows XP SP1 machine able to run Vista or are you going to have to just buy a new machine?

Spwyare in the workplace

We all know spyware is a pretty big problem right now for home users. Raise your hand if your defacto IT person for one of your friends, who has teenage kids and who's home computers is constantly having problem. I don't know about you, but I usually figure out the kids downloaded some "freebie" piece of software off the internet and now the machine is hosed.

You know the best option is to wipe the machine out and start all over, but you don't feel like wasting your entire weekend for your friend. So you run all the spyware utilities you can find and hope that fixes the problem. If they don't have them installed, you install them and hope for the best.

Now I'm starting to see more and more people talking about spyware in the workplace. I just saw this story on Techspot about spyware in the workplace.

With many smaller companies not having adequate protections in place or proper policies, and larger companies making it harder to maintain control over fleets of computers, it's estimated that 20% of companies have some form of activeinfestation in their network, up from 12% a year ago, according to Websense.

I like this comment…

Will this wake companies up and have them locking down their machines tighter? One would hope, but likely not.

I think companies should be locking down their machines, I would ask why are they not doing this? Because the machines are not locked down, the company has to spend money on – antivirus software, patch management software, antispyware software, and maybe endpoint management software.

• How much does all this extra software cost?
• How much overhead does this add to each machine?
• How much time is wasted by the help desk because of issues caused by spyware?

I forgot about Patch Tuesday

I was traveling on Tuesday and forgot all about one if the IT Worlds best days… Microsfot Patch Tuesday. That once-a-month event that we all live for – NOT.

This turned out to be a pretty big release….

Microsoft released a slew of patches to fix eight "critical" security flaws in Windows and Microsoft Office. The patches released yesterday mark the biggest security update from Microsoft since February 2005.

The good news is only 8 out the 13 are critical, there is a relief. One of them is for the zero-day Word vulnerability.

Searchwinit has a good summary.

Yahoo Mail Worm

I work with a fair number of people who use the Yahoo email client at work, this story about a Yahoo email worm/virus is not a good thing.

New MSN Messenger Worm

Here is story about a new worm making its way around the world via MSN.

A new worm that carries a message reminiscent of movies such as
"The Ring" or "FearDotCom" is currently making rounds in the MSN
Messenger community according to antivirus specialist Panda Security.

 Another reason for corporations to starting thinking about a corporate IM solution.

Windows Genuine Advantage Phones Home

While this isn't the same as E.T phoning home it does make for a good story. It was my understanding that WGA was a one time only check that Microsoft did against your machine to see if the installation of Windows XP was legal or not.

Now it sounds like this is not the case, it looks like it checks in every time you machine boots up. So now the question is being asked – "is this spyware?"

Microsoft says it is not collecting any information, but they also told us this was a one time check.

Now I want to know how this is going to be the same way the Office Activation works in Office 2007 when it is added? Is Vista going to have this "feature" in it too?

The BSA & SIIA are equal to the Mafia?

Here is a Network World story that basically says there is a new "Software Mafia" and that it is controlled by the BSA. Talk about scare tatics and some misleading statements.

It all comes down to company's need to have some one on staff that understands software license agreements, you need to have a process in place to inventory the machines in your environment, and you need to reconcile that data with what you have purchased.

Why is it that every one of these stories seems to ignore that fact? Most of them seem to point out that software piracy is illegal, which I think they do because they have to. But then they start talking about how difficult it is to understand license agreements, because they have small print (duh, don't all legal contracts have small print?) and that they are confusing.

Then they like to point ot that the BSA rewards people for "snitching" on their current or former employees. Of course no one likes a snitch and any one that uses the information obtained by a snitch is wrong. Um, I guess that means the orgainizations like Crime Stoppers or America's Most Wanted must be corrupt too, since they offer rewards to people who lead to the arrest and conviction of criminals.

So since license agreements are hard to read and understand, I guess that means you don't have to actually obey them?

Software Audits in New Zealand

Here is a story about software audits in New Zealand, pointing out that this is not only an issue in the United States. Overall the story is just a general overivew of software compliance, why audits occur and why CIO's should be paying attention.