Microsoft’s Genuine Advantage broken in 24 hours

Microsoft’s Genuine Advantage was broken in 24 hours of the release. GA was supposed to sniff the operating system to check if it was legitimate or not and report pirated operating systems. Now with a simple URL hack, the key check is disabled.
Genius.
Via BoingBoing

  • Darkmoon, our post reminded me it was about time to do a Windows update. It required that I update the software first (which I assume was GA) and, just for kicks (my operating system is registered), I pasted the URL code from above.
    Related or not, I don’t know, but maybe you can tell me the significance of this. When Windows Update started “checking for the latest updates for [my] computer” I started getting a lot of outgoing TCP connection alerts from my firewall software that svchost.exe was trying to connect to several addresses at savvis.net and level3.net. I assume that this was Update “looking” for updates. Legitimate?

  • Darkmoon, our post reminded me it was about time to do a Windows update. It required that I update the software first (which I assume was GA) and, just for kicks (my operating system is registered), I pasted the URL code from above.
    Related or not, I don’t know, but maybe you can tell me the significance of this. When Windows Update started “checking for the latest updates for [my] computer” I started getting a lot of outgoing TCP connection alerts from my firewall software that svchost.exe was trying to connect to several addresses at savvis.net and level3.net. I assume that this was Update “looking” for updates. Legitimate?

  • darkmoon

    svchost is supposed to look when you go to update.microsoft.com. I’m not sure what it was getting from savvis or level3 unless that’s who your provider is. Then it probably goes out and pings microsoft from savvis. Without more detailed logs, that’s pretty much all I can tell you.

  • darkmoon

    svchost is supposed to look when you go to update.microsoft.com. I’m not sure what it was getting from savvis or level3 unless that’s who your provider is. Then it probably goes out and pings microsoft from savvis. Without more detailed logs, that’s pretty much all I can tell you.