In cryptographic protocols, we talk about “the adversary”, this entity that’s trying to screw up the security goals of your protocol. Applied security folks also talk about adversaries, though they talk more often about “threats” and “threat models.” In any case, there’s some dark, shadowy, evil figure fighting against you. In a well architectured system, one often talks about “secure by default,” which means that, if some specific use case is not specified, then access is denied by default. The system only grants access when it has a positive reason to. A potential adversary doesn’t get the benefit of the doubt. A potential adversary is guilty until proven innocent.
Windows Genuine Advantage is a Windows component that checks in periodically with Microsoft to make sure you’re not using a pirated version of Windows. As many others have noted, given its name, you would think that it is, in fact, an advantage for the user. But its purpose is not to serve the user, its purpose is to serve Microsoft. You, the user, are the potential adversary. Your very own computer, which you’ve just purchased with your hard earned cash, on which you’ve just installed Windows Vista, is going to treat you as guilty until proven innocent. You need to prove that you’re not using a pirated version of Windows.
It’s the same thing as Digital Rights Management, really: you are potentially a copyright infringer, so, by default, you can’t play that song, but if you provide strong proof that you, in fact, paid for the song to be played on this computer, then you can play it.
You are the adversary. You are guilty until proven innocent.
So what happens, if, say, the authentication servers fail? Well, by the natural principles of secure system design, (and as I’ve written before) the default policy is “deny.” Windows can’t contact the WGA servers? You must be a pirate. Apple’s DRM server goes offline? You must be a copyright infringer.
The issue with WGA is not that it’s a poorly designed security system. In fact, it’s a pretty well designed security system. No, the problem is that it’s designed to make you the adversary. If anything goes wrong, you’re not going to get the benefit of the doubt. Because you’re the adversary, and the default policy is “deny.”
Benlog 
Comments
2 responses to “Windows Genuine Advantage: Guilty until Proven Innocent”
I have two Dells. One came with Vista. One came with no operating system. I wanted to put Vista on the one that came with no OS and run Linux on the one that came with Vista. In other words, I wanted to switch the OS on each computer.
Vista accepted the registration key, but wouldn’t register. This was a fresh, never-used copy of Vista. Oddly enough, this was a completely legit thing to do in my mind.
I called MSFT support. I explained that I had a license for Vista, etc. They said that, no, in fact, my *computer* had a license for Vista and since it was an OEM version, I couldn’t install it anywhere else.
I don’t think that I’ve ever experienced software that has made me feel like I’m getting screwed as badly as Vista does.
I have two Dells. One came with Vista. One came with no operating system. I wanted to put Vista on the one that came with no OS and run Linux on the one that came with Vista. In other words, I wanted to switch the OS on each computer.
Vista accepted the registration key, but wouldn’t register. This was a fresh, never-used copy of Vista. Oddly enough, this was a completely legit thing to do in my mind.
I called MSFT support. I explained that I had a license for Vista, etc. They said that, no, in fact, my *computer* had a license for Vista and since it was an OEM version, I couldn’t install it anywhere else.
I don’t think that I’ve ever experienced software that has made me feel like I’m getting screwed as badly as Vista does.