Mary Jo Foley (who has been excellent recently, a must-read) reports that both Windows Vista and Office 2007 have a “Kill Switch”; if you can’t prove you’re properly licensed, the software turns itself off. Maybe I’m missing something, but this seems like complete batshit-looney territory. Let’s see, suppose I’m a black-hat profiteer sitting beyond the reach of Western law but with control over a few botnets. If I can get my hands on your Kill Switch, I’ll have a nice little extortion business, as in “Pay up or all your desktops will decide they’re unlicensed and turn off.” It’d work best in a sales-centric business near end-of-quarter. Another potential victim would be any government (or company even) that has a lot of enemies; they don’t want your money, they just want to take you down. So, without thinking too hard, here are some attack vectors I’d consider: If I can subvert your network routing, gotcha! If I can subvert the registry on your desktop machines, gotcha! If I can subvert the NTP protocol (how most computers learn what time it is), gotcha! I’m sure that an actual seasoned network engineer could think up a half-dozen more attack scenarios over a cup of coffee. Finally, never ascribe to malice that which can be explained by incompetence; WGA is software and software has bugs and if one of those bugs flipped the Kill Switch on your sales infrastructure offline during the Christmas rush, well, there wouldn’t be any malice involved, but it’d sure be a pity. What prudent businessperson, I wonder, is going to install critical infrastructure that can be turned off remotely, trusting the claims that only the good guys will be able to find the key to the “off” switch?