Join 3,372 readers in helping fund MetaFilter (Hide)


DRM strikes again!
August 25, 2007 4:04 PM   Subscribe

If you tried to validate a legitimate copy of XP or Vista today before 2pm, you were in for a nasty suprise. It seems that all Windows Genuine Advantage servers failed at once sometime today. One BoingBoing reader who contacted Microsoft was told to try again on Tuesday, as they expected the servers to be down for a few days. Rob Knop of the ScienceBlog Galactic Interactions responds with an entertaining rant.
posted by [expletive deleted] (28 comments total) 1 user marked this as a favorite

 
I swear I didn't know about SCDB's post when I did this. Two unrelated DRM posts in a row. We are dorks.
posted by [expletive deleted] at 4:16 PM on August 25, 2007


I knew this shit was going to happen eventually. This is one of the reasons I loathe XP.
posted by loquacious at 4:21 PM on August 25, 2007


So true, i didn't expect them to hold off that timebomb for so long.
posted by CautionToTheWind at 4:29 PM on August 25, 2007


This is tech support at it's finest:
Thank you for your response.

I’m sorry to inform you that the Windows Genuine server might be down for few days. I have escalate the issue to our Genuine team, kindly try to validate again on Tuesday 28 Aug 2007.

Thank you for contacting Microsoft Technical Support.
This is why, even though I have a legit copy of XP, I'm going to use a hacked DRM free copy of TinyXP and Ubuntu.
posted by [expletive deleted] at 4:35 PM on August 25, 2007


Sorry, that should have read I'll be using TinyXP and Ubuntu for my next build.
posted by [expletive deleted] at 4:38 PM on August 25, 2007


Since the day Adobe released their new CS3 suite, my Studio 8 suite has asked me to re-authorize every time I start an application (even though I did so when I activated when I first got it.) I input my number and upgrade number and it refuses. If I just push cancel, it works anyway.
posted by juiceCake at 4:40 PM on August 25, 2007 [1 favorite]


It takes MS more than a day to restore their own servers. One would think a company with that much liquid green on hand would have every single piece of its server infrastructure mirrored in several places around the country. Bad PR. In other news, Server 2008 is kind of lame.
posted by Burhanistan at 4:41 PM on August 25, 2007


Is it suspicious to anyone else that they are so effortlessly assuring customers that Tuesday is the day to try again? Why Tuesday? If this is a malfunction, how can they know? Hm.
posted by Shakeer at 4:47 PM on August 25, 2007


Looks like it has been fixed by now. Still, imagine if it were a weekday that this happened. Probably a lot more people would be pissed.

Windows 2000 for me. Makes me want to look into Unbuntu despite the fact that I'm not very tech savvy. But I do use Gimp for photo editing. No frickin' validation issues for me.
posted by Mister Cheese at 4:53 PM on August 25, 2007


Ubuntu is pretty well supported and user-friendly for a Linux distro. You should definitely look into it. With OpenOffice, Gaim, GIMP and Firefox included, it basically does 90% of what you want a PC to do right off the bat, no DRM, no mess.
posted by [expletive deleted] at 5:25 PM on August 25, 2007


Newbies will still face a learning curve getting Ubuntu to work the wireless cards, but learning curves are what makes boys into men.
posted by Burhanistan at 5:26 PM on August 25, 2007 [1 favorite]


Touching curves makes them into men too.
posted by Burhanistan at 5:28 PM on August 25, 2007 [4 favorites]


So, the irony here is that everyone using a pirated, hacked, illegitimate version of XP is totally unaffected. Awesome.
posted by armoured-ant at 5:31 PM on August 25, 2007 [4 favorites]


This is now a Ubuntu thread.

Two things I hate the hell out of in Ubuntu:

1) the constant sudo this sudo that to get anything done.

2) the general brokenness of the gui based config applets, like for sharing folders. Granted, this has always been a problem with all distros, but I thought Ubuntu had fixed things. It hasn't. There are long, annoying, out of date how-tos for Samba on Ubuntu scattered here and there. Why tease us with the broken point and click toy if we have to resort to editing files in /etc in the end?
posted by fleetmouse at 5:36 PM on August 25, 2007 [1 favorite]


It being ole plantation hot today in the NY suburbs, I spent the day playing "My hard drive died" (Windows 2000 version)

I started with last night's ntbackup backup, a newly formatted disk, and my shiny gold Windows 2000 Pro Service Pack 3 CD.
Also, another working computer to talk to the internet,

It took six hours to get it all done--not bad considering. And when I was done, I had a good copy of the original drive. The MS website has absolutely vital information for making this work, though,

The rough sequence was:

1. Use the CD to install Windows 2000 SP 3. Reboot per instructions.

2. Install display drivers so I can stop looking at 640x480 16 colors. Also load the good USB2 driver (the one that works) for step 5. Disregard importuning for boring print drivers and the like.

(2.5 Can you get to the internet now? I could, so there was nothing to do with networking and the like. But I used the old computer name and workgroup when installing Windows. And couldn't they ask all those questions up front, instead of every fifteen minutes or so? Has that been improved in Vista? Has anything?)

3. Go to update.microsoft.com and upgrade to SP4.

4. Copy C:\boot.ini and C:\winnt\repair to a new folder (c:\backup) (This is where you really better have the relevant page from microsoft.com)

5. Run ntbackup and restore all the stuff in the backup file you so thoughtfully made (from a USB disk). Do not reboot until step 8.

6. Disregard gripes about the evil files you have loaded over MS's shining good ones.

7. Copy the c:\backup stuff from 4. over the backup-created stuff.

8. Reboot.
And that was it, a fully working copy (except that I moved one PCI card and had to reload its drivers ('new hardware found'). All the other drivers came through unscathed.

Painless, except that 1. 3, and 5. take a damn long time to run (the backup was about 15 gbytes),
posted by hexatron at 5:40 PM on August 25, 2007


Fleetmouse, to enable root on an ubuntu box, just do sudo passwd to set the root password. By default a sudo install lets you sudo whatever you want if you just type in your password, so you should be able to sudo passwd, type in your user's password for validation, then set the root password.

Then you can just su - as per normal unix.
posted by synaesthetichaze at 5:41 PM on August 25, 2007


So, the irony here is that everyone using a pirated, hacked, illegitimate version of XP is totally unaffected. Awesome.

The ready availability of cracks and keygens is a major factor when I'm making a purchase decision. I won't buy a product that I can't keep using if the company that makes it goes tits up or turns super evil.
posted by fleetmouse at 5:49 PM on August 25, 2007


Final Ubuntu comment: It's TERRIBLE on Macbooks.
posted by proj at 6:04 PM on August 25, 2007


*runs Ubuntu as a MS Virtual PC machine within Vista with no real problems, ya bitches*
posted by Burhanistan at 6:06 PM on August 25, 2007


This is a bad DRM model. I'm looking at you, Adobe.
posted by zek at 6:59 PM on August 25, 2007


Final Ubuntu comment: It's TERRIBLE on Macbooks.

Why in the flying fuck would you want to boot anything that runs X windows on a nice new Mac? Especially a laptop? The thing comes with the best Unix implementation out there for laptops, even if you don't boot the GUI.

fleetmouse:
sudo su - is your friend. Use visudo as root if you want to make it not ask you for a password.

Sorry, the GUI admin tools do suck balls. Ubuntu is intended to be 'hypothetical user' friendly, not 'power user' friendly (much less 'sysadmin' friendly). It doesn't help that they fuck with all the packages so you can't trust upstream documentation (and they have none for their patches). I use Gentoo.
posted by blasdelf at 9:38 PM on August 25, 2007


"Cracked" windows installs go beyond simple piracy, some of them are incredibly convenient, standalone installations complete with software suites for any possible need. Pirates have gone way beyond the market in providing incredibly useful, easy-to-use, consolidated products.

As an example, this (single cd!) contains, along with Windows XP:

- Service Pack 2 For Windows XP
- 133 Hotfixes Up To 12th June 2007
- Flash Player v9.0.28.0
- Opera v9.21 (only installed on options without IE7)
- Prio (Task Manager Priority Saver) v1.9.6
- Royale Noir and Royale Blue Themes
- Thunderbird v2.0.0.0 (only installed on options without OE)
- Vista Aero Glass Theme v4
- Vista Drive Indicator v3.1.1.0
- VMware 5 Tools v5.5.4 Build 44386 (only installed in VMware 5)
- DirectX DLL Libraries #24 to #33
- FoxIt PDF Reader Pro v2.0 Build 1312
- Java SE Runtime Environment 6 Update 1 v1.6.0_01
- K-Lite Mega Codec Pack v2.10
- NOD32 Antivirus v2.70.39
- Nero Micro (Express and Burning ROM) v7.9.6.0
- .NET Framework 2.0 v2.0.50727.42
- Office 2003 SP2 Lite v11.6568.6568
- Opera Browser v9.21
- PeerGuardian v2.0 Beta 6b
- Perfectdisk Defrag Server Edition v8.0 Build 64
- Photoshop CS2 v9.0.2
- Sygate Personal Firewall Pro v5.6 Build 3408
- Sound Forge v9.0a Build 297
- Thunderbird v2.0.0.0
- uTorrent v1.6.1 Build 490
- VMware Workstation v5.5.4 Build 44386
- Windows Live Messenger v8.1.0178.0
- WinRAR v3.70


It really sucks to be a legitimate user these days.
posted by mek at 1:27 AM on August 26, 2007 [5 favorites]


This happened to me Friday night, after installing a new graphics card and moving peripheral cards around. MS support said to reinstall Windows (the suggestion after a length wait, etc.).

Now I have to disable my network card and re-enable it before I can get an Internet connection.

Thak you, Microsoft, for making my weekend a slow hell. If I didn't need to use Windows applications for work, I'd use a Mac. On second thought, since Macs can now run Windows (with additional software), maybe it is time to switch?
posted by paddbear at 7:58 AM on August 26, 2007


Then you can just su - as per normal unix.

sudo -s starts a shell as the sudo'd user.

root should remain password disabled so that remote attackers cannot brute force or access the system without using a compromised regular account.

A tad bit more secure.
posted by id at 11:04 AM on August 26, 2007


It really sucks to be a legitimate user these days.

Boy howdy, that's sure right.

Your product install disc contains DRM, licensing, annoyances, old software, unpatched exploits, security risks, bugs... the list does not stop.

It's very interesting to note that pirates are in effect competing in the market, and winning. Their product is better, easier to get, and free.
posted by id at 11:09 AM on August 26, 2007


Burhanistan: It takes MS more than a day to restore their own servers. One would think a company with that much liquid green on hand would have every single piece of its server infrastructure mirrored in several places around the country. Bad PR. In other news, Server 2008 is kind of lame.
I find it astonishing that this did happen, as well. I used to work at MSN (which likely hosts the Windows Advantage Servers although I don't know for sure), and there were groups, including my own, that knew how to keep a site up. Geolocating your datacenters, 3rd party caching and proxying systems like Akamai (and load-balancing those so you can switch between if an Akamai itself fails), rapid detection of failure and automatic repairing without human intervention. Hell, we could and did provision an entire multi-thousand server datacenter from scratch in one day: catch the 6:30a flight from Seattle to the Bay Area, with a crew rolling in the few hundred pre-made racks and bolting them to the floor and connecting the uplink cables as we entered the datacenter a little before 10am. Plug my laptop into one server to put one copy of the bootstrap + full application suite onto a server and then sit back, watching lights flicker on across the servers as it self-replicates to the other few thousand servers. Grab lunch down the street, then catch the 5pm flight home with all your servers running, crawling the web, and happy.

The point is, Microsoft has the internal operational technology to run systems better than probably anyone outside of Google. In addition, as we all know Microsoft does have deep pockets- very deep pockets- and is very willing to spend the money. If a Systems Engineer identifies a capacity or disaster recovery need for additional hardware or geolocating costs to ensure uptime... you will get the funding. If anything, they overspend on physical assets, because they can.

So for the WGA servers to go down... well, that implies one of three things happened:
  1. The architecture of the servers has single points of failure somewhere, and is poorly designed
  2. There's something suspicious going on, resulting in this outage being related to something sinister (the "How can they know it'll be up Tuesday?" question)
  3. The systems engineers working on that operations group are inept and didn't think of how things could fail, how to design around failure cases, and then to have an emergency plan bringing the system completely online in N minutes/hours, as needed.
So... having worked at MSN, 3 is the likely choice; they either didn't anticipate a type of failure, or don't know how to recover quickly. Lord knows that Windows would have paid plenty of money if needed for the infrastructure to ensure this didn't happen; that they didn't means that someone in operations didn't ask for the funding. Some operational groups were not the best of the best, and not everyone was, well... me. :)
posted by hincandenza at 2:00 PM on August 26, 2007 [1 favorite]


A remote attacker could only brute-force root if you didn't have sshd set to disable root login. I can't believe anyone would leave sshd configured to allow root... unless you are referring to some other method?
posted by synaesthetichaze at 5:07 PM on August 26, 2007


I, for one, leave sshd configured to allow root. That shit is annoying. Someone isn't going to brute force your password unless it is very very shitty. OpenSSH doesn't let you try to log in with any decent frequency, and the attempt is computationally expensive, so it doesn't really happen.

I occasionally see evidence of attempts in my logs, and laugh.
posted by blasdelf at 10:57 AM on August 27, 2007


« Older The hot new PC game "Bioshock"...  |  The Official Berkeley Breathed... Newer »


This thread has been archived and is closed to new comments