http://www.infoworld.com/article/07/08/29/Microsoft-blames-human-error-for-WGA-glitch_1.html By Nancy Gohring IDG News Service August 29, 2007 Microsoft blamed human error for a Windows Genuine Advantage problem that identified legitimate Windows users as pirates last week. "Nothing more than human error started it all," Alex Kochis, senior product manager for Windows Genuine Advantage at Microsoft wrote on the company blog Tuesday night. New software was accidentally loaded onto the live servers running the system, he said. That ultimately caused the servers to decline activation and validation requests that were good, he wrote. While Microsoft quickly noticed the problem and rolled back the changes within a half hour, the problem continued to affect the validation service, he said. The activation process was fixed in that time frame, he said. The company is implementing some changes to make sure a similar incident doesn't happen again. It is improving monitoring in order to find out sooner if there is a problem, he said. Microsoft is also adding checkpoints that should prevent accidental changes to the servers. Kochis' explanation is fine but the incident is still troubling, said Michael Cherry, an analyst at Directions on Microsoft. "I think it's unsettling for people when it doesn't validate," he said. While it's great that Microsoft has put some new procedures in place, Cherry was surprised that it was even "feasible" for someone to accidentally load the wrong code into the live environment. "It just raises the question of what other things have they not done," he said. In his blog post, Kochis clarified that an existing policy will automatically validate all users if the WGA servers are down but that in this case, the servers weren't down, so that policy didn't kick in. With that policy in place, Cherry wonders why Microsoft didn't just take the servers down while they were diagnosing and fixing the problem so that legitimate users wouldn't continue to have issues. The problem began on Friday evening and lasted through Saturday afternoon. During that time, some users incorrectly failed the validation process, leaving them unable to use certain features including Windows Aero, Windows ReadyBoost, and some features of Windows Defender and Windows Update. Affected users also saw a message in the corner of their screen that said "This copy of Windows is not genuine." WGA has been criticized since its unveiling in 2005. The system, which works for Windows XP and Vista users, is meant to help Microsoft disable software pirates, but some users say it's cumbersome. In addition, Microsoft faces two class action suits that characterize WGA as spyware and cite concerns over how Microsoft uses data it collects about users through the program. ____________________________________ Attend HITBSecConf2007 - Malaysia Taking place September 3-6 2007 featuring seven tracks of technical training and a dual-track security conference with keynote speakers Lance Spitzner and Mikko Hypponen! - Book your seats today! http://conference.hitb.org/hitbsecconf2007kl/
This archive was generated by hypermail 2.1.3 : Wed Aug 29 2007 - 23:46:03 PDT