Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News

      Is Mandatory Windows Validation a Security Risk?

      By
      Ryan Naraine
      -
      January 26, 2005
      Share
      Facebook
      Twitter
      Linkedin

        Microsofts plans to clamp down on the way illegal copies of its flagship Windows operating system receive updates—including security patches—could have a major impact on the SOHO (small office, home office) market and increase the risk of malicious hacker attacks, experts warned Wednesday.

        The warning follows an announcement out of Redmond, Wash., that the “Windows Genuine Advantage” anti-piracy initiative, hitherto voluntary, will be mandatory by midyear.

        The program calls for Windows users to validate product keys, PC manufacturers and OS versions to allow Microsoft to crack down on cracked versions of the operating system.

        “This shouldnt surprise anyone. We all know this was coming once Microsoft went to an activation model for Windows XP,” said Rick Fleming, chief technical officer at Texas-based security outfit Digital Defense Inc. “From a pure business standpoint, I understand it. Software vendors are losing the war against piracy, and they have to make some tough decisions.”

        However, Fleming said any move to limit the application of critical security fixes will “create bigger headaches” for everyone.

        “The security implications concern me,” he said. “Even now, with patches available to everyone, we know there are folks who ignore software security. There are others who will simply refuse to validate, and their unpatched machines will be a bigger threat.”

        For its part, Microsoft said it will continue to push out critical security updates to customers through Windows Automatic Updates, with or without product key validation.

        /zimages/2/28571.gifIs the Windows anti-piracy program nothing but a triviality? Click here for a column.

        Mike Cherry, an analyst at Directions on Microsoft, agreed that unpatched machines could be used as zombies for spam runs and denial-of-service attacks, but he argued that its unfair to expect Microsoft to provide fixes for stolen software.

        “At some point, I dont think Microsoft has the responsibility to fix something that wasnt obtained legally. Why should Microsoft bear the burden for fixing something that was stolen? Im not even sure that the patches would even work properly on pirated, non-genuine versions of Windows,” Cherry told eWEEK.com.

        Cherry said he thinks the onus on locking down zombie machines used for spam and worm attacks should be on ISPs. “The reality is that if someone isnt aware that they have a genuine copy of Windows, what are the chances theyre using anti-virus software and applying patches in a timely manner?”

        Yankee Group analyst Laura DiDio said she thinks more software companies will follow Microsofts lead and take a hard-line approach to fighting piracy. “Too much money is being lost. In the past four years, the percentage of revenues from new software licenses was down across the board. The vendors really have no choice but to get tough,” DiDio said.

        Once the program becomes mandatory, Digital Defenses Fleming said he thinks businesses in the SOHO market will be the most affected. A large number of small businesses typically purchase a single copy of a software product and install it on multiple machines, avoiding volume licensing fees.

        “I think Microsoft is going to see some backlash from the home users and small systems users. What are their choices? Either they pay up or find another solution,” Fleming said.

        “I think you will see that segment looking elsewhere because they just cant afford Microsofts premium prices.”

        He suggested that the company implement an amnesty program to cushion the impact for a potentially lucrative market segment.

        Yankee Groups DiDio agreed that an amnesty offering discounts could be used to persuade small businesses to buy into legitimizing their software installations.

        However, Cherry argued that amnesty programs tend to penalize people who paid to do the right thing in the first place. “When I spend all my money to do things the right way and you give amnesty to my competitor, that only encourages people to break the rules. What next? An amnesty extension?”

        The Directions on Microsoft analyst said Microsofts gradual implementation of the Genuine Windows Advantage program gave people “lots of time to determine whether theyre running legitimate software” and enough incentives to get their houses in order.

        /zimages/2/28571.gifCheck out eWEEK.coms for Microsoft and Windows news, views and analysis.

        Ryan Naraine

        MOST POPULAR ARTICLES

        Cybersecurity

        Visa’s Michael Jabbara on Cybersecurity and Digital...

        James Maguire - May 17, 2022 0
        I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
        Read more
        Cloud

        Yotascale CEO Asim Razzaq on Controlling Multicloud...

        James Maguire - May 5, 2022 0
        Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
        Read more
        Big Data and Analytics

        GoodData CEO Roman Stanek on Business Intelligence...

        James Maguire - May 4, 2022 0
        I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
        Read more
        Applications

        Cisco’s Thimaya Subaiya on Customer Experience in...

        James Maguire - May 10, 2022 0
        I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
        Read more
        IT Management

        Intuit’s Nhung Ho on AI for the...

        James Maguire - May 13, 2022 0
        I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
        Read more
        Logo

        eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

        Facebook
        Linkedin
        RSS
        Twitter
        Youtube

        Advertisers

        Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

        Advertise with Us

        Menu

        • About eWeek
        • Subscribe to our Newsletter
        • Latest News

        Our Brands

        • Privacy Policy
        • Terms
        • About
        • Contact
        • Advertise
        • Sitemap
        • California – Do Not Sell My Information

        Property of TechnologyAdvice.
        © 2021 TechnologyAdvice. All Rights Reserved

        Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

        ×