Archive for the ‘software’ Category

UPDATED: Hackers – 1 : SP1 – 0

[UPDATE 02/11/08 4:55pmFurther information has been posted about this hack here.]

[UPDATE 02/11/08 3:30amJust to answer a few questions I’ve received with regards to this post:

  • No, the hack is not complicated – download, run, wait a few seconds, reboot, done.
  • I have no idea whether it has any side-effects. Given how it works it is possible that it could hose a system.
  • Yes, I have video, but no, I’m not posting it.
  • No, I’m not making any links to hacks available.
  • No, I won’t publish virtual machine images of the compromised OS.
  • I’m not sure if Microsoft can sift out real genuine systems from fake genuine systems … probably can though.

I hope you understand.]

[UPDATE 02/10/08 5:05pmIt does seem that Microsoft hasn’t been successful in closing off all the hacks that allow non-genuine copies of Vista SP1 to pass off as genuine ones. After a few minutes of searching the darker corners of the Internet and a few seconds in the Command Prompt I was able to fool Windows into thinking that it was genuine, turning this:

Microsoft slams the door on Vista pirates (a little)

… into this:

Microsoft slams the door on Vista pirates (a little)

Microsoft slams the door on Vista pirates (a little)

Close, but no cigar. ]

[UPDATE 02/10/08 4:00pmI’m getting scattered reports claiming that there is still a hack for Windows Vista SP1 that works. I’ll investigate further later.]

With the launch of SP1 Microsoft promised to put an end to two popular hacks used by pirates to allow a non-genuine install of Windows Vista to function in the same way as a genuine install. Testing that I’ve carried out in the lab today suggests that Microsoft has been true to its word.

Microsoft shuts the door on Vista piratesThe two most common hacks used were the OEM BIOS hack and the grace timer hack (of which there were two flavors which were widespread).

Testing both these methods of circumventing Windows activation and Windows Genuine Advantage (WGA) has shown me that SP1 effectively ignores both these hacks. Systems that previously were shown to be genuine prior to the installation of SP1 then require activation – and if the system isn’t activated it is marked at non-genuine and enters the nag state.

Pirates trying to apply these hacks to new installations of Vista which include SP1 will find that neither method works.

I’m certain that when SP1 hits the Windows Update servers that there are going to be a lot of people out there surprised to find that their systems aren’t as genuine as they thought they were. This will no doubt put a few more bucks into Microsoft’s coffers.

Will this put an end to the counterfeiting of Vista? Some I’ve spoken to in the underground community say it will, while others are confident that new circumvention methods will be discovered.