Microsoft WGA phones home?

Found on Ars Technica on Saturday, 10 March 2007

Analysts over at the German web site Heise Online have uncovered a curious behavior with the latest Windows Genuine Advantage (WGA) update.

According to tests conducted with an Ethernet sniffer program, if the user clicks the close button to cancel the installation of this WGA update, Windows sends some information back to Microsoft over the wires.

This information includes version numbers of both Windows and WGA, the language of the operating system, some registry information, and a cookie. Some hackers are worried that Microsoft is going to use this information to identify potential pirates, but Microsoft claims that the data is only used to try and diagnose failures with the WGA utility itself.

The outgoing data can be blocked, if desired, by personal firewall software or hardware router.

No software should phone home (or access the net) without permission. It also should clearly state the information that is collected, and its purpose.

Browse all articles« Previous « » Next »