Microsoft confirms Vista OEM hack

In response to widespread chatter on blogs and forums, Microsoft has acknowledged the presence of hacks that may allow pirates to bypass the product activation security feature in its Windows Vista operating system.

According to a post by Microsoft Senior Product Manager Alex Kochis on the Windows Genuine Advantage developers' blog, Microsoft has identified two ways in which hackers have broken the product activation security feature on original equipment manufacturer PCs that come bundled with Vista. But the Redmond, Wash.-based tech giant does not yet have plans to snuff out this threat.

"We focus on hacks that pose threats to our customers, partners and products," Kochis wrote. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims."

Microsoft first introduced product activation as a security feature with its Windows XP operating system, which launched in 2001.

Reports of a vulnerability in Vista's product activation began to surface last month with word of a crack called "Vista Loader 2.0," an enhanced version of the "Vista Loader 1.0" that was devised by Chinese hackers, according to a March 10 post on the My Digital Life blog. Vista Loader, the post explained, simulates an OEM motherboard's basic input-output system, software that is responsible for communication between the machine's hardware and the operating system. Consequently, with a BIOS simulator, the registration process that would normally lock out an unauthorized copy of Windows Vista could be bypassed.

While Microsoft is not immediately taking action, Kochis did acknowledge on the Windows Genuine Advantage blog that this could be a problem. "Because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to attack the OEM Activation 2.0 implementation," Kochis wrote.

Last month, it was believed that hackers had found a loophole in Vista's product registration, but Microsoft refuted the claim shortly afterward. Another alleged hack, this one involving a random product key generator, was also debunked in March.

[Macsaresafer]

You'd think that somebody at MIcrosoft

would remember the 80s. DRM was called copy protection back
then, and it didn't work. Software developers had given up on it
before the end of that decade. Today it doesn't work for the music
labels or the movie studios, yet somehow MS thought it was going
to work for them! Brilliant.

[robbtuck]

The simplest solution....

LOWER THE PRICE! Think of all the money you'll save by not having to engineer complex activation schemes, customer support, and enforcement personnel. Come on, Microsoft! You can afford to lower the price to something reasonable, like $50-$100.

[jleemc44]

I don't know

I dont know what the big rush is to hack Vista. It sucks.

[mstrhypno]

That Old Time Religion (the filk response)

(tune Give Me That Old Time Religion)

If your OS is bein stolen
and your bank account's not golden
add drm and reg, don't fold em!
And that's enough for ol BG!

Lee Darrow, C.H

[bradyme]

Why?

Why waist your effort and time? It's a waist of disk space.

[rcardona2k]

Vista doesn't need hacks, it's not worth pirating

I agree Vista has a waist. It's probably a waste of hardware too.

And silly rabbit! on Microsoft, hackers _always_ go after the
weakest link.

[rtripathi]

Can not use Vista, can not get XP

Vista is horrible and No one is selling me XP based PC. What to do? Looks like time to seriously look for Linux or Apple PC.

[jaiivanoff]

xps better

get xp 64 bit oem if you got new pc
tell them your the guy they sold hard drive to last week and it will save you heaps i think a genuine updated copy of xp is heaps better one week ago i upadted my systers new laptop while she was waiting for them to install her cable
it was servoce pac 2 to start with
by the time i was finished it had
internet explora 7 outlook express
windows defender
millious software removal tool
plussssss like 1001 hot fixes
ill wait to they stop updating xp till i update

[iRhapsody]

Lenovo

This month I bought a Thinkpad t60p, which I opted for Windows Xp Pro as the preloaded system.

[inachu]

Perhaps if MS started selling difff versions in USA

USA is a melting pot of all colors and creeds.

But to this end Microsoft still refuses to sell at retail stores its other versions such as:
Microsoft Windows Chinese edition in the USA.
Microsoft Windows Korean edition in the USA.
Microsoft Windows Japanese edition in the USA.
Microsoft Windows Russian edition in the USA.
Microsoft Windows Spanish edition in the USA.

Why is it only english is sold in the USA?
don't give me this historical BS how to adopt english. If this was so then there would not be any Chinatown in NYC or California.

[Swift2]

NO DRM

On music, or movies, or Windows. Sell it cheap. If activation is
used at all, it should be just to deny support. Or to put up a
reminder to pay once a day.

Everybody praises Gates for giving away his $45 billion, or part
of it, but why does he have all that money in the first place.

I'm on a Mac. If I try to use VMWare or Parallels to run Windows,
Billy wants me to pay for the Business edition. Why? A
virtualization tax. And I have enough horsepower to run Home
Premium, but it refuses to run on a virtual machine.

[fred dunn]

I love it when DRM gets hacked....

DRM is simply a challenge to those that want the end-product and a nuisance to the honest buyer of those products.
While I do not encourage or support "pirating" software neither do I support DRM. I have DRM on some of my music files that I have paid for and when I upgrade my machines I have to jump through hoops to get the licenses back. Yes, I know I can burn them to MP3 to remove the licensing but that is not the point.
DRM is just a hassle and gets in the way of the honest user and is not a hurdle (for long) for the dis-honest user.
Microsoft has so over-priced Vista that it should make up (in profit) for a good deal of the pirated versions.
I am a die-hard Windows user but I think all of us "die hards" are coming to a crossroad of alternatives whether that be Mac OSX or a decent Linux distribution. Microsoft has defintely crossed the line with Vista, both in resources required and in lack of privacy.

Fred Dunn

[rgnglzrd]

DRM and Copy Protection

As one of the top dawgs in copy protection removal from the 80's, I have only this to say to Microsoft: If 99% of the companies that used copy protection in the 80's had simply quit using it and lowered their pricing schemes, I would not be the calibre of programmer I am today. The need for my services way back when wouldn't existed and everyone would have been glad to buy a copy of their favorite game.

Look, in the 80's Microprose went so far as to create a disk with a non-standard format. That took me all of 2 weeks to pick apart and a few months of programming and testing to build a bug-free disc reader. If Microprose couldn't defeat the hackers in the 80's, what makes Mircosoft think they can today?

Basically, DRM and copy-protection don't work. Never have. Never will. Build a product worth stealing and price it where the masses can afford it. Better yet, just GPL it and don't charge. You'd be amazed at what you get that way!

[clip56]

wininit.exe what will get it gone

Process Library fond it on my new HP vista, just after I got it.Best Buy laughs at me but all there display computers have it.Seems to have stuff locked says my NOD32 antivirus now I'm off Norton which let it by.The aitivirus removals I seen don't show it on my computer.Not happy to give Geek Squad (at Best Buy) money after telling me Norton would do good.

[andrew.gray]

Well...

...It was only a matter of time!!

[Sumatra-Bosch]

Wasn't the DMCA Supposed to Make This Kind of Hacking Go Away?

Shocking that MSFT has to be victimized by such unethical hacking on the most secure windows ever.