More on: WGA False Positives

  • Article

An Information Week article was posted earlier today that attempted to calculate the rate of false positives for WGA by using a rate quoted at one point in time as a lifetime average for the program. This does not produce an accurate view of the false positives as that number isn't a real average throughout the history of the program. There was also a thread on Slashdot earlier today that in part took up this issue. In particular one poster asked what I thought were a few very good questions so I attempted to answer them. Below is what I posted back to the thread:

Comment:https://slashdot.org/comments.pl?sid=218426&cid=17729810

I work on the WGA team and I wanted to take a moment to answer a couple of these questions. Btw, I think these are great questions.

1. How many installs are erroneously flagged as genuine?

> We don't have specific numbers on that but the system has been designed to give the benefit of the doubt in many cases. We are also in the process of designing a 'yellow light' scenario where instead of simply giving the benefit of the doubt we will be able to offer specific information to the user about whatever didn't seem right with the system. We can then offer tools to help them to figure out whether their copy is properly licensed and genuine and fix the cases where the system appears non-genuine when it really is genuine.

2. How many installs are erroneously flagged as not genuine?

> Not very many, there's an article now on Information Week that indicates the number is in the millions. This number was calculated by taking a previously disclosed 'half of one percent' estimate of false positives against into the total number of validations (512 million). Calculating the false positive isn't quite that easy, the rate of false positives climbs and falls when issues are discovered then fixed. Given that the false positive scenarios are time bound in this way it's not right to just use that number as a lifetime average.

3. How many installs are not seen by WGA?

> As has been pointed out in numerous places probably many of those that are aware that their copy isn't licensed or genuine won't visit one of our sites that require validation or attempt to install an application (IE7, WMP11 etc.) that have validation built into their setup. How many systems don't we see? Hard to say but it's a point worth making.

4. How many of those are genuine/not genuine?

> Again, I don't know but it's still a good question.