Feeds

Microsoft admits WGA update phones home

Click cancel to continue

The smart choice: opportunity from uncertainty

Microsoft has admitted that the latest update to its Windows Genuine Advantage program will phone back to Redmond even if the user clicks cancel.

WGA is meant to help Redmond fight piracy, but has been criticised on privacy grounds and because previous versions have incorrectly labelled people with genuine software as pirates.

But if you cancel the installation of WGA, maybe because you dislike the privacy implications, the software will still phone home. Microsoft stresses that WGA does not take any information which could identify you as an individual, but is only used to collate statistics on WGA use.

Microsoft UK anti-piracy manager Michala Alexander said in a statement:

The data collection and transfer in question are part of some of our update download services, such as the Windows Update service. As with other programs downloaded via these services, the success or failure of WGA Notifications' installation is sent to Microsoft.

If the user interrupts installation of WGA Notifications, we send the number of the screen on which installation stopped (first, second, etc.). In order to establish an accurate count, we also generate several globally unique identifiers (GUIDs) that do not contain any personal information. We use the GUIDs to tally the number of individual machines without identifying the user. Other data sent includes user and machine language settings and whether or not the machine was joined to a domain.

We use the information collected to generate aggregate statistics that help us improve the WGA user experience and quality of service.

Protecting the privacy of our customer's information is very important to Microsoft. That is why we have detailed what information is collected in the Windows Update privacy statement. In addition, the Microsoft Genuine Advantage privacy statement and the Windows Genuine Advantage Notifications End User License Agreement describe this data collection. As documented in these disclosures, the information collected is not used to identify or contact the user.

For more on this, have a look at Ars Technica, which got the story from HeiseOnline. ®

Securing Web Applications Made Simple and Scalable

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.