Vista Licensing Hacked Already?

Naturally, those that want to hack the any process and take the time and effort to focus on it can find a way. Given the huge target Microsoft is for such attacks, you may not find it surprising that ways to circumvent the process have already begun to surface. One involves copying some files from a release candidate version in order to avoid activation (which has been coined “Frankenbuild”), and there is another that provides a positive response to local activation requests. Here, I will cover how Microsoft is handling volume licensing with Vista and how Microsoft intends to deal with these hacks.

In the past, a “Gold” version or corporate key has been available so that those in a corporate environment would not need to activate. Typically, it is this that would make its way into to the public domain which provided a way for people looking to avoid paying to avoid activation with a hot copy of the operating system (or other software like Office). It was not too long ago we started seeing the Genuine Software Initiative (GSI) which surfaced by way of scans recommended by Microsoft, then such scans became a requirement for certain downloads from the Microsoft website and finally the scan was released via Windows Update. In keeping with this initiative, in order to further efforts to avoid abuse and pirating of their software, all systems will require activation with no exceptions. For businesses, there are a couple of possibilities on how to go about activating:

Multiple Activation Key (MAK) - uses a technology you may be familiar with if you have dealt with what is being used with MSDN Universal and Microsoft Action Pack subscriptions. Each product key can activate a specific number of computers. MAK activation should only be required once (unless there are significant hardware changes that fool it into thinking it is a different computer).

Key Management Service (KMS) – lets you perform local activations for computers in a managed environment without the need to connect to Microsoft directly. A special KMS key is used to enable KMS on a computer to service activation requests locally. KMS activation is intended for environments where more than 25 computers are connected to a corporate network. Computers running Windows Vista must still activate, but may do so by connecting to a Windows Vista or Longhorn Server computer running KMS.

Microsoft’s response to the Frankenbuild

The following is a quote from an MSDN blog you may find at http://blogs.msdn.com/wga/archive/2006/12/14/the-frankenbuild-monster.aspx

Windows Vista will use the new Windows Update client to require only the "frankenbuild" systems to go through a genuine validation check. These systems will fail that check because we have blocked the RC keys for systems not authorized to use them. In other words, the wrong key is being used. The systems will then be flagged as non-genuine systems and the experience will be what we announced back in October including losing certain functionality (e.g. Aero, ReadyBoost) and the system will have 30 days to activate with a good product key. If they don't produce a new product key within 30 days, they will then only be able to access their system in what we call reduced functionality mode - a mode which limits their use to one hour with their default web browser.

Words of Warning
Despite the fact that Microsoft is not taking piracy lightly and any “crack” you may employ will likely cause you grief later, sites that offer illegal cracks and serial numbers are well known for being very dangerous sites to visit. If you like your computer at all, I’d strongly recommend against giving into any curiosity to see how you might take advantage of cracks and hacks like this. To get an idea of just how this can go talk to someone that’s been bit or watch this short video and be happy it’s not your computer taking the beating!

Video of key generator system infection