The other day, WGA decided that my volume licensed copy of Visio was a pirated copy. This is laughable… and annoying. Luckily, the situation sorted itself out; I have Visio 2007 installed and I was able to use that until Microsoft used the rubber hose on WGA’s servers.
But it got me to thinking how a hostile Trojan could cause massive disruption. Product IDs are easily tamperable. If the user is an administrator, all a Trojan or virus has to do is change the Product ID for Microsoft products (Windows, Office, etc) to random values. It doesn’t need to set it to known pirated Product IDs, but just random ones. These are unlikely to validate under WGA, and millions of folks will end up with software which can open, but not print or save documents. Or in Windows’ case, not boot after 30 days.
Microsoft’s only solution for this would be a massive program of issuing new ProdIDs to legitimate customers at a massive cost to everyone (including Microsoft), or to give up on WGA altogether.
If product IDs are susceptible to change, and they are, they must be better protected by the WGA process. If I’ve thought of this, and I’m not precisely hostile, imagine what the organized crime dudes can do.