December 14, 2006 11:12 AM PST
Microsoft tries to stop Vista piracy monster
The software maker said Thursday that the update is aimed at thwarting a technique that was letting some people use pirated versions of the operating system without going through the software's built-in product activation. Microsoft has dubbed the approach "frankenbuild" because it works by combining test versions of Vista with the final code to create a hybrid version.
"Windows Vista will use the new Windows Update client to require only the 'frankenbuild' systems to go through a genuine validation check," Microsoft said on its Windows Genuine Advantage program blog. "These systems will fail that check because we have blocked the (product) keys for systems not authorized to use them."
Although Vista was only released to businesses last month--and won't hit retail shelves until late January--it has been making the rounds on the Internet, and there have been several reported hacks to bypass its built-in security mechanisms.
A second known issue, Microsoft said, involves using virtualization technology in conjunction with the mechanism Microsoft uses to allow large businesses to activate multiple copies of Vista.
"Piracy is evolving and has made the expected jump from Windows XP to Windows Vista," David Lazar, director of Genuine Windows, told CNET News.com. "We are already starting to see some workarounds to the Vista licensing requirements."
In a statement, the software company said it hoped the actions would help discourage people from trying to bypass its security mechanisms.
"Microsoft hopes that by taking this action now, we can send a message to counterfeiters and would-be counterfeiters, and help protect our legitimate customers from being victimized by further distribution of these tampered products," the company said.
Microsoft has been more aggressively targeting pirates over the past two years, including a stepped-up program for checking to make sure software is properly licensed. With Vista, software that doesn't pass such authentication will go into severely reduced functionality after 30 days. At that point, only the Web browser will work and then only for an hour at a time.
In addition to that reduced-functionality mode, users can also still boot into Windows "safe mode." That allows full access to data and applications, but offers limited screen resolution, fewer colors and prevents the use of most third-party software drivers.
While Thursday's update addresses only the "frankenbuild," Lazar said Microsoft is also working on a method to counteract the other hack, which uses virtualization and Microsoft's Key Management Service.
"The update that we are releasing today does not specifically address that, but we are working on an update that will specifically address the KMS workaround," Lazar said.
Vista represents Microsoft's strongest technical effort yet to build antipiracy features into its software. In addition to the activation requirements, some features within the operating system require the software to be validated as genuine. Those include the Windows Defender spyware fighter, Aero user interface and ReadyBoost, a technology that uses USB flash drives as added system memory.
"Vista is the hardest system to pirate that we have yet released," Lazar said.
55 commentsJoin the conversation! Add your comment