Slashdot Mirror
Dvorak on Windows Genuine Advantage
PadRacerExtreme writes "Vista includes the much maligned 'Genuine Advantage' layer inside, which ensures that your copy of the OS is legit. If you're running a non-validated copy you get no upgrades, no security protection, nothing. That's all well and good, but what happens if a cracker tweaks that Genuine Advantage layer for its own good? Dvorak sees a huge problem, just waiting to happen. What's the vulnerability?" From the article: "I suspect the policeman [WGA] will actually be hacked before the OS. It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version. There is some irony to that idea. But that's none of my concern. I'm more worried about some joker creating a virus or exploit that turns the good cop into a bad cop, and I can only imagine the destruction and hassle that will ensue."
i cant wait to apply this to my hax0red copy of vista!
Dvorak's forecast of the future is often wrong.
Great new book on Evolution: The Greatest Show on Earth by Richard Dawkins
For instance, chainsaws are designed to cut off limbs. Tree, human, what's the difference?
WGA and successors are designed to disable Microsoft systems. OK, I'm sure that there are those who appreciate the help.
Lacking <sarcasm> tags,
The guy writes some symphonies back in the late 1800s, then in the early 1900s designs a keyboard that nobody except a few nerds can type on, and NOW he's criticizing Windows?!?!
Not only is this guy old, he should be commenting on things like piano typewriters or something like that...
TDz.
More complicated security simply means more circumstances for the code to be vulnerable. Windows continues to bloat in every direction and as a result, it continues to be an easy target. Now that so many systems areon the web, one wonders if there will ever be an exploit so complicated and devisive that it will shut down a significant portion of the windows user base. If this Security Cop layer of Vista gets hacked, a huge DOS will be easier than ever.
Funnypics
... on a virus right now that effectively shuts down any Vista computer by causing WGA to always detect the OS as a pirated copy.
Actually, for some reason, I had never thought of this before. You probably wouldn't really even have to mess with WGA all that much, just change whatever it's checking to see if the OS is valid. Not sure how easy that would be, but considering the number of false positives that are cropping up on XP, it should be quite doable.
Everything I say is a lie. Except that... and that... and that, and that, and that, and that... and that.
Isn't Dvorak basically just an Internet whore? Why does slashdot link to his articles?
Not that it is impossible or even unlikely but I am curious how it will get around having to contact microsoft to validate the windows version.
I often have trouble remembering which way is out of bed in the morning.
Whether or not you pass WGA, you still get critical security updates. It's not in Microsoft's best interest to have a few million illegal Windows installs out there being compromised because it harms the user base as a whole.
The real problem here is that Dvorak might die old, alone, and invalid. He must come up with this crap to feel like he's important. What if a hacker did this or that? I don't really care unless a hacker actually does it. People have been talking about someone pointing auto-updates to a 3rd party that would be able to install anything, but I've yet to see any widespread auto-update hack.
or else!
Most of us don't expect MS to release secure and bugfree software. What we don't expect is such blatent reaming of their customer base. Treat the user as a criminal, and they have to become one anyway.
MS is turning into an *AA in their business practice: Their cash cows are dying and instead of looking for new interpretations to their products, they refuse to believe their model is incorrect and enact strongarm tactics to keep people locked in. WGA, legal courses and even not-so-subtle threats documented as research.
It's not working for the *AAs; it won't work for their software.
I'm glad I switched last year. I don't have to care for all that Microsoft crap anymore.
Why don't they make Vista out of the same stuff that WGA is made of, that way you wouldn't have any security issues.
davecb5620@gmail.com
"It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version."
This is exactly what I was thinking when I heard that volume licensed versions of Vista would no longer take the product key's word for it (bye bye FCKGW), but authenticate and activate with a local server. I bet the first pirated versions of "Vista Pro Corp" will include a proxy patch or HOSTS entry that will point the OS to a server run by a warez release group, or maybe 127.0.0.1 with a host-side server.
Either way, it's going to really suck when people need to run a one or more instances of Vista Ultimate in a VM (yes, Ultimate can run in a VM) for testing and staging but quickly run out of licenses on the local activation server.
Server certificates are the basis for SSL, SSH, HTTPS, etc. AFAIK, nobody can make a fake policeman without faking Microsoft's certificate. I don't think Dvorak's scenario is reasonable.
"I do not even want to think of the consequences of Vista turning itself off in enterprise situations such as airline reservations or a hospital full of patients on life support."
The Vista cop will likely cache authentication like so many other things. And, airlines, hospitals, and other large organizations won't be moving to vista with any gusto anyway.
Still, the mere idea of a self-disabling software product make me want to use something else even more than a product that breaks down just because its poorly [designed | built].
"We are all geniuses when we dream"
- E.M. Cioran
Viruses can cause windows based computers to be unable to function properly, access windows update, or lock out the user.
More news at 11.
MS gets beat up all the time here on /. - but what if they're right? I mean, what if suddenly all those people that run illegal installations of XP suddenly have to pay up for Vista (even though most people are hesitant to upgrade anyway) because they can't effectively get around the WGA controls.
Say, by 2008, there are twice as many Vista installs (according to MS) than XP installs as of today. Wouldn't that prove that MS was correct in forcing this level of validation upon us? Given today's saturated market, the only conclusion would be that illelgal XP installs were replaced with purchased versions of Vista.
Just one possible outcome.
If you hate enough some random guy, create a small application that will rename boot.ini something else (boot.dat?). Nothing more, nothing else. This will cross any antivirus, is not a virus. Will kill that poor bastard on the next reboot.
Of course, with WGA will be much more espectacular and fun, but you can already cripple a system with a simple change.
-Woof woof woof!
Beware. Vista is an OS like no other. I'm for one am not going to upgrade after reading part of the EULA. 4. Problem-solving prohibited. "You may not work around any technical limitations in the software." http://wendy.seltzer.org/blog/archives/2006/10/19/ forbidding_vistas_windows_licensing_disserves_the_ user.html/
Dvorak? What does he know about computers?
A lot. He used to hang out with Charles Babbage. I'm wondering how he got so dumb since then.
What I think that he is stating is that one could easily cause denial-of-service on the clients of Windows Update. If you can make the system look tampered with or pirated, that host won't be able to get updates automatically without intervention by the user.
The user will know that their copy is suspected of being pirated, but may not know how to fix it. This could potentially ensure that a large amount of devices that were compromised stay compromised and unpatched for a period of time.
v4sw6PU$hw6ln6pr4F$ck 4/6$ma3+6u7LNS$w2m4l7U$i2e4+7en6a2X h
He's an idiot. Stop submitting his articles. Nobody in the tech field (should) take(s) him seriously.
didn't WGA used to be an activex on the windows update site? What was wrong with that? It sure would have worked a lot better leaving the genuine validation function on a webserver. They'd have to make it not go crazy if the computer wasn't connected to the internet though but who isn't?
Is it just me or is it not going to upgrade to Vista in here?
Couldn't a virus just change the local cd key, as documented by MS, to a pirated one? Then effectively they have a machine that can't be updated.
Even though he's occasionally mis-aligned himself, he DOES have a very valid point.
.. it's OSS .. but closed source stuff, why not)
... "DUN DUN DUN!!!" SKYNET...
But to what end? Why couldn't any kind of software do this?
Free anti-virus..(not Clam
SpyBot S&D
Ad-Aware
Hi-Jack This!
Could ALL be spyware-in-disguise. We don't know. How could we?
It's not just Vista's WGA we need to worry about. I mean, what better way to take over the world. Develop some cool little free app that EVERYONE starts using. Get it installed on a bajillion computers, then it grabs an auto-update and WHAMMO! You've got
= Grow a brain...
Denying unlicensed Windows instances access to security upgrades does to the Internet ecosystem just what denying poor people access to vaccines and other public health does: it creates incubators for plagues. The "underground" class of unlicensed Windows instances will offer criminals, vandals and spies a cesspool in which to multiply, and launch attacks on everyone. Since Microsoft cannot exterminate completely the global unlicensed Windows population, nor ensure licensed instances are invulnerable to these attacks, their WGA program is making everyone less safe.
--
make install -not war
Someday in the future a worm will set off a wildfire, disabling every windows box in the world in a single day. Everyone else will only notice that there suddenly was no more spam and wonder why. Then the spammers will notice all their bots are dead and they will create a new worm that goes out and fixes the vulerability in the few remaining zombies they have left.. So mircosoft's problem will be solved by the spammers faster than you can say Patch-tuesday.
Whihc brings me to another question. What happens when the WGA cop is triggered. Your machine still functions right? you just can't get updates or fixes for vulnerabilities....
Some drink at the fountain of knowledge. Others just gargle.
Whomever creates the crack of the century and turns the good cop bad, Please PLEASE be patient. Don't just send out the bots 2 days after Vista's launch, give Vista a chance to permeate the bowels of the gulible and self opressed - Then - and ONLY THEN can the bots be launched, creating a wondrous show for the rest of use to enjoy.
Microsoft has long been due the fruits of their incidious labor and it is only just that they reap the true rewards.
Woah! Someone check the weather, 'cause it's gonna be a cold day down in you know where. Dvorak just said something that makes sense! Of course, it's the same chain of thought that's been going on for weeks here at Slashdot, so it may not be his own original reasoning. But nonetheless, that's the first article of his I've read in longer than I can remember that didn't make me want to highlight all the flaws in his reasoning and send them along with proof of their idiocy to his editors.
Sunwalker Dezco for Warchief in 2016
"destruction and hassle"? perhaps... or maybe not... if it leads to Microsoft having to strip off WGA, I say bring it on!
-- Old Man Kensey
Now, I wonder how upset they're going to be if something like this gets loose? Hmmm....
Lacking <sarcasm> tags,
what will happen then? A big pile of badwill for M$. OK, if it's overly complicated to hack it will also be overly complicated to administrate by IT departments and also very sensitive for businesses as a whole.
It seems to me that every step M$ takes to make sure that no illegal copies are around it will also create more work for the IT department. And what if there is an unexpected problem popping up causing all legitimate copies to be locked from the users due to a flaw in WGA? Who will be paying the standstill cost? Not M$ in the first turn.
It seems to me that alternative solutions like Linux and the BSD variants will benefit most from this. The latest versions of the Linux distros aren't really that complicated to install and use, even if there still are flaws. (most notably the X11 config, which can be a real pain to get right, even if Fedora Core 5 seems to work acceptable there). Another item that can cause severe dandruff is the SELinux package, but I assume that there are work in progress on that.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
I didn't RTFA, but the quote in the summary might be the first thing I've read that Dvorak wrote that wasn't mindless trolling. He actually made a good point. I wonder how long he can keep it up.
why mod parent down as flamebait?, he is speaking the unvarnished truth...
considering microsoft's heavy hand & draconian EULA and abuse of monopoly powers, the parents post is a practicle suggestion... --not posting anony_mouse_cow_herd
Politics is Treachery, Religion is Brainwashing
I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament. Granted, I'm sure somone will write it to see if they can, and it'll make it's way to a few people, but it seems counter productive for any big time cracker to do this.
Most of the people who send out these exploits aren't doing it to piss people off, they are doing it to make money. The thing is, a botnet only works when the zombied machines are running. If you are Joe Cracker, you want those machines up so they can be sending your spam, performing your DDOSes, and collecting information for you to sell to ad companies. What you don't want is for the machine to stop working so that the owner takes it in to be fixed - especially when the person fixing it might just put some antivirus software on there that will stop your bots from running (for a while).
Famous Last Words: "hmm...wikipedia says it's edible"
i wondered how long it would be before someone either wrote a daemon to handle the task, or even better for some laymens, wrote simple firmware for a cheap home router/firewall that would intercept and handle these requests automatically...when we started seeing l*nksys ports of linux, i thought for sure someone would take those ports to the next level.
Activation is already a part of XP, and Genuine Advantage software has already been installed on lots of Windows computers. I'm not saying this will never happen, but it is not like this issue will be new with Vista. Rather, it's a problem for which we are already waiting to happen.
Right here http://malfy.org/
The upgrade market for PC's is very small. Those days were long ago when Windows 3.1 and Windows 95 were the hot OS. There's no incentive to pay $200 for a copy of an OS when $500 gets you a whole new machine with a copy already installed.
XP installs are almost all OEM copies, Vista will be the same way. The only people it affects are white box PC's (which are rare these days). Every PC that comes from a name vendor already has a license for Windows, which makes me wonder who the target is for these WGA activation patches.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
What's even more unreliable and short sighted than WGA?
Dvorak!
This man is a looney but the second he says something people want to hear they chant his name like he's the new Moses leading you guys out of Egypt? Come on now. Get real.
Any other time 90% of the comments are "Dvo-crack is teh r3tard" but now everyone's all "Maybe this will mean Linux will meet the masses". I've been hearing this for years. Every week or so a new "Microsoft killer" is announced here... I'm sorry but everytime one of these come up we keep hearing that it's the straw that's going to break the camels back but I'm still just not seeing it.
Dedicated Cthulhu Cultist since 4523 BC.
he should be commenting on things like piano typewriters
It looks like you're composing a letter in the key of G, would you like some help?
Their cash cows are dying
I would like to see some proof for this statement. MS is far from dieing, as are Office and Windows. Windows still has a 90+ % marketshare in Personal Computers. Just look at how 5 years without a new desktop OS has hardly scratched them.
Otherwise Dvorak could actually be right!
In any case. I'm guessing this "software cop" will be down in the portions of Windows that are "impossible" for a user to modify. You know, the same part that won't let you play the latest Britney spears album without paying for it. If the Windows Platform Security Initiative has any success, then this "software cop" should remain uncorrupted. If not, people will do whatever the heck they want and Microsoft is going to have a really messed up userbase.
Oh, and don't forget the implications of the DMCA. Anyone caught hacking WGA or palladium is going down for 5-10, whether they're trying to help the situation or not.
Two big problems with his proposed scenario:
#1: After vista 'detects' that your version is not legit, it gives you 30 days to fix that before actually shutting down.
#2: "Once a virus that makes the cop refuse to authenticate Vista hits the Net, then how can the problem be fixed? By definition and the way I see it, this will be an impossibility."
Well, while a small # of users will already be effected, I see something that prevents vista from being upgraded by paying customers is one of the few things that could convince MS to patch out-of-cycle. Fix the bug in WGA and release it after a couple days of QA.
...so there isn't much point in repeating it.
Learning HOW to think is more important than learning WHAT to think.
Without Roland's web-site whoring, the editors had to turn somewhere else to satisfy their fetish.
Better yet, what happens if the virus repeatedly switches the product key? MS would likely give instructions to victims on how to switch the product key back to the one glued onto the machine's case, but each time you switch it back to a legitimate key, it'd have to reactivate. Eventually, the key will refuse to be activated on suspicion on key sharing.
If MS takes steps to ensure that valid product keys can always be activated, then they'd introduce a new way of pirating keys.
I really fail to see what incentive a cracker would have in making someone's legitimate copy of Vista appear to be illigitament.
To answer your question, please read this. To summarize, some people are flat-out bastards.
Weaselmancer
rediculous.
I'm going to start working... on a virus right now that effectively shuts down any Vista computer by causing WGA to always detect the OS as a pirated copy. ... considering the number of false positives that are cropping up on XP, it should be quite doable.
Considering the number of false positives that are cropping up, perhaps it has already been done. B-)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I find it very unlikely that someone will create a virus that will massively disable Windows machines around the globe. It won't happen for the same reason viruses typically are not destructive anymore. Once a virus has taken the system out of commission it ceases to spread to other machines. Virii need to keep their hosts alive in order to propogate. They WILL crack it to authenticate illegitimate versions of Windows, because that's like being able to print your own money.
Check out my lame java blog at www.javachopshop.com
That's so right! If you detach the 'net update module, how does Wista get the update that fixes it?
I'll tell you why it waits 30 days; because M$ believes that it can mail-out an update CD (more like DVD) to all of their regsitered users before the time runs out.
Here's the question, though: How will M$ know when to mail them out?!?!?!
- justThinking (crime or not)
I'm on dial-up, you insensitive clod. Leave my modem alone!
Faster! Faster! Faster would be better!
I appreciate your attempt to sound sophisticated by using "whomever", but in this case (the nominative), the correct word is "whoever".
If they go ahead with the code to disable the operating system, Vista will be the first ever OS to ship with its very own payload. Virus writers will only have to find a way to trigger it. I say there's about a 25% chance of that happening, and that's too much. WGA is a security nightmare.
Expect Volume License editions that do not have this WGA "payload" built in on the insistence of corporate customers who will rightfully describe the OS shutdown code as an utterly valueless feature and potentially crippling attack vector.
WGA *subtracts* value if there's code for anything beyond nag screens.
And in follow-up, expect that VLK edition to be leaked to the public. The only people getting shut down by the "Vista WGA virus of 2007" will be the legitimate users!
Way to go Steve Ballmer. You're company is now producing a "malicious" OS.
--
Toro
I believe this is a result of market research:
- "Lots of people are paying $$$ to fix their spyware and troyan infections!"
- "Hey... it should be MS the one receiving the $$$!"
- "Yessir, I'm working on that!"
So, home users, expect to pay a lot $$$ in renewing licenses when you get hit by a virus.
We are Turing O-Machines. The Oracle is out there.
If there was a quickly propagating virus written that made every infected machine report an invalid WGA then the call center that handles the WGA reactivation would collapse. It could be weeks or months before they could Handel that back log, unless the windows update website check for WGA was switched off so patches could be distributed to everyone (including the virus fix) - the side effect being that everyone for a period would be able to get windows updates.
Eventually the whole WGA approach would fail if more and more virus variants came out. It would be more trouble than it is worth. (how to tell the virus infected legit customers form the smaller minority of illegal users).....
I bet there are more consequences if given some more thought...
Uhm, perhaps they're meaning "You may not hack Vista Home Basic (or whatever the cheapest version is named) into Vista Ultimate by changing a registry key".
It is stated in the last few Windows EULA (I don't have the XP version in front of me) that it is not a real time OS and it should not be used for "mission critical" applications like medical equipment, power plants, aero-space, high power applications, etc. I highly doubt they'll retract this for Vista. In any event, reguardless of your feelings about Windows using a desktop for a "99.9997% uptime" application is insanity. You need a very different operating system for these types of applications.
And besides, many pieces of software, free and closed, including operating systems have a "No Warrenty" clause that says they are not responsible if the software blows up your hardware or destroys your data. If something goes wrong it isn't their fault. I'm fond of pointing this out because neither Microsoft nor any Linux kernel developer make the same level of assurances that their stuff not only works but doesn't destroy things (which is none from both).
These aren't all the same Dvorak. The composer was Antonin Dvorak, John's grandfather. The keyboard designer was Dr. August Dvorak, his father. Unfortunately, this family line of geniuses stopped cold there, with poor Johnny being an idiot child and getting into journalism, making a successful career somehow of writing moronic columns in computer publications for 25 years.
It doesn't matter what they mean; what matters is the exact wording of the license. The license says you can't work around any technical limitations. That sure sounds like you're not allowed to work around any bugs to me.
I for one hope they strictly enforce this clause on users.
'Cause it did to me, when it was announced: http://64.233.183.104/search?q=cache:G1hJ62O_NM4J: www.rachaelandtom.info/node/1369%3FPHPSESSID%3Dee1 3b39483045a55f2f217b75f26d5e4+site:rachaelandtom.i nfo+www.rachaelandtom.info/node/1369&hl=en&ct=clnk &cd=4
That may be what they mean but it isn't what they said. If its one thing I figured out about legal stuff is that its all in the words. Also I doubt they will make it easy to find the regsitry key.
Bugs are not technical limitations. Converting a cheaper version into a more expensive is. Hacking a non-administrator account into full-access is.
Hell, I think that they may be referring to "don't try to run Vista RC2 after the beta license expires". Or "don't try to install drivers that are known to cause crashes and are forbidden to be installed".
I can't remember the details but I've read that changing XP Home into XP Pro is REALLY easy. Something like changing a reg key, an integer in a *.inf file on the installation CD or running some program (already included with Windows) with weird parameters.
I've been tossing around this idea for a while. Corps with massive Vista installations are now tethered to MS. What if someone DOSs WGA or figures out how to make the volume licensing corporate WGA middle-servers unable to auth back to MS? Every desktop in your company goes completely down
I thought MS was finally starting to get it, but it looks like I'm staying as far away from Vista as I can.
"Lawyers are for sucks."
- Doug McKenzie
On 10/9 on a This Week in Tech podcast (http://www.twit.tv/72), Dvorak said that Google will never buy YouTube. I haven't listened to it yet, but in this weeks podcast, I think he talks about it (http://www.twit.tv/twit73.
Bugs are not technical limitations.
How is a bug not a technical limitation? A bug can certainly limit your use of something, and it's most definitely technical in nature.
The genuine advantage software downloaded on one client machine, before I could tell windows to ignore downloading it. I logged in as administrator and registered it, and then later the end-user logged in, as a non-admin user, got the genuine advantage prompt and they ran it, clicked the wrong thing, and it disabled windows. Even though I had already completed the process, for some reason it stayed active and let a non-administrator user manage the license for the software. Why is that allowed? I ended up having to spend 3 hours on the phone talking to an indian guy reading codes over the phone to get it back up and running.
Except for one thing:
Microsoft's 'built-in payload' does not PROPAGATE the virus. It just STOPS the PC from working. Now, tell me, how is a virus going to affect a large number of machines when it can't even REPLICATE ITSELF?
This is why viruses don't format your C: drive anymore. It's a lot easier to backup your machine now than it was when viruses erased your C: drive. Viruses like mydoom and nimda hit the front page of the NYTimes because they propagate, propagate, propagate!
"#1: After vista 'detects' that your version is not legit, it gives you 30 days to fix that before actually shutting down."
If I am able to co-opt WGA enough to make Vista think you're a pirate, what's to say I can't make it think you've been that way for 31 days too?
Ok Ok .. I know there are illegal copies available and yes, are in use by a few people but when 90 plus percent of all computers manufactured are shipped with a licensed copy of Windows, how much piracy can there be?
How many valid, bought and paid for licenses have been abandoned from computers now running Linux?
China?
That demographic can't afford to shell out for legitimate copies of Windows and if Microsoft manages to shut those machines down, they will switch to Yellow Dog Linux or the equivalent. Is not YDL the official OS of China anyway? If not Yellow Dog it is some version of Linux, not anything by Microsoft.
Russia?
I don't see Russia as a well spring of new Microsoft licensing.
Rest of the world?
As far as Microsoft recouping any OS license money, that's a financial desert as well.
In short, I believe MS has overstated and overreacted to the problem and will be lucky to recoup the money they have spent in trying. Plus, by impinging on existing users, legitimate and legal, they are losing goodwill already found in short supply.
Microsoft forgets that they became the most popular and richest software company on the planet during a time when piracy of their software was rampant.
Microsoft also fails to acknowledge that much of that piracy was frivilous. People having copies of Office installed they certainly didn't need nor would ever pay for even though it did help establish Office as a standard. In effect, piracy greatly helped bolster MS into a world standard across the board.
With licensing deals in place with all major manufactures and rudimentary license keys on software, piracy isn't what it used to be and this has been the case since at least version XP. To move beyond that level of limits and controls will simply serve to push people into looking at alternatives and that will begin to erode Microsofts base in turn.
It is almost as though Microsoft has become desperate and in a way we can see why. The company has the lions share of the market and cannot grow within that market any more in result. Microsoft is trapped at the end of the line and losing large chuncks of the market is odds on more likely than opening new markets to lionize. So the company takes more draconian measures in an attempt to maximise capitalization of their existing market which will encourage people to look at the alternatives.
At the same time, Microsoft believes that new money is to be found brokering media to their client base but to do that they have to appease those who control the content in a clash of monopolies. To realise this vision, Microsoft moving forward must be able to provide end to end security and control over content. This is the imputus of Microsoft Vista and it is therefore important that
Vista security not be broken. It is not a matter of piracy per'se but maintaining the confidence of the media providers that DRM isn't likewise compromised.
Piracy on the face of it, should not be that great of concern and any short term outlook for media exploitation of any Microsoft OS user base in China or Russia won't be bearing any fruit either. North America and the European Union is where the media money will be made if it is to be made at all.
Personally I believe the whole premise is a concept doomed for failure but that doesn't mean the Microsoft user base won't suffer in the interim.
My primary concern with the remote shutdown procedure is that there will be code, in exactly the same place, with exactly the same offsets, on every Vista machine in existence which is solely there to cripple a machine. Some rumours say that even Internet Explorer won't work.
In light of this, the challenge is far simpler than cracking Palladium or any of the impossible tasks being presented. All you have to do is activate that code! The payload is already there. All a malicious cracker needs is a valid jump table or a set of exports. He doesn't need to crack the user's registration hashes at all.
I imagine this would even be hard, as I'm sure no user context, not even Administrator, will be cleared to run that code, but even so it is still easier than cracking hashes.
Can anyone address the idea of just directly accessing the library?
You may be victim of software counterfeiting. This copy of Windows is not genuine and is not elegible to receive the full range of upgrades and product support from Microsoft.
Click Get Genuine now to get more information and resolve this issue.
[ Get Genuine ] [ Resolve Later ]
When ideas fail, words become very handy.
No there is no "warrenty" ..but the Linux (not windows) powred Mars rovers are still running long past expected. They are on day 973 of there 90 day mission.
I think he's perfectly aware of that, he's going for funny. :)
Did you leave your sense of humor at home today?
Are you a grammar Nazi? I'm trying to improve my English; please correct my errors!
Microsoft targets distinct market segments with Vista. In which the Geek is conspicuously absent.
Windows and the Mac split the PC market because users do not want to mess with the internals of an operating system.
I'm perfectly aware too. Did you read my post carefully? I'm pretty sure John C. Dvorak isn't closely related to either of the other famous Dvoraks (nor they to each other), but I was also going for funny with the bit about him being an idiot child.
Ah, sorry then. Way past my bedtime here now. Please ignore.
Are you a grammar Nazi? I'm trying to improve my English; please correct my errors!
If there is ever darkware that turns off all windows, it will be pluto's kiss and we will have to switch to Altimit OS a linux derivitive.
Tsukasa: All I really want, is to be left alone...
If a virus can get to the point where its torpedoing your keys or doing something similar to cause WGA to think you dont have a legitimate copy you are hosed anyway. It could just as easily delete all the autoupdate code that would be used to download security fixes if it has the ability to muck with WGA. This isnt some secret gotcha button attackers can use that no one thought about until Dvorak came along.
This sounds like a journalist speculating about things he doesnt understand.
Microsoft's 'built-in payload' does not PROPAGATE the virus. It just STOPS the PC from working. Now, tell me, how is a virus going to affect a large number of machines when it can't even REPLICATE ITSELF?
Why would it need to? WGA would already be in "a large number of machines".
/. If the government wants us to respect the law, it should set a better example.
Don't worry; my attempt at humor probably wasn't that skillful and apparently fell flat on its face. It happens a lot. :-(
It's ok, though; every once in a while I hit pay dirt and get +5 Funny. I can handle a few failures.
One company didn't do it. Microsoft got miles of cool points for making their operating system, and eventually their applications, easy to copy. There were legal barriers to reproduction but no technical barriers. People bought MS at premium prices because they could copy. System administrators knew they would have no difficulty making backups, or "educational" copies to take home to put on their systems. They also knew that things would not be difficult if they had to do a reinstallation. It was viral marketing at its most effective. The license agreement of course forbade such practices, but Microsoft winked at personal duplication. Licenses had to be bought, of course, because support was needed, especially in a large enterprise. My personal opinion is that the bugs in early iterations of Microsoft software were their insurance against wholesale ripoff. This is just a feeling.
I thought activation was a big mistake. I actually do think it slowed the adoption of XP if you can recall back that far. However it was easy to crack so the viral thing happened. Anyway Microsoft continued to thrive. I was living in Eastern Europe at the time of XP's introduction and cracked copies were everywhere. Pirate copies of the beta were in the electronics market in the months running up to final release. I am in Western Europe now so I don't know what the Russian and Ukrainian guys have done with WGA, but I can only guess. Vista will be zooted as soon as it hits the market. The Russian and Chinese pirates will not be slowed down at all from putting cracked versions onto hardware. Legitimate customers however will have no end of headaches. It's a crying shame.
The fact that this WGA is vulnerable to hacks is merely the bitter coating on the poison pill of this new form of copy protection, which is always a bad idea because it hurts your customers. DRM and copy protection are ideas that corporate lawyers dream up. Marketing men instinctively know they suck.
I actually think Vista might not even fly very well. Net services are coming. Linux could be attractive to eterprise in some circumstances. And there is always Apple waiting in the wings with good stuff. Corporate prejudice against the "toy computer" might well melt now that the OS is riding on an Intel platform. And there is also the iPod effect. Nothing sells like success.
Meanwhile, Microsoft's latest patch automatically installed itself and rebooted my computer even though I have set the update options to stop at the download. Feh! I didn't have any process running, so I skated, but that is practically a crime in my book. If Vista is going to walk all over me like that I won't want the thing. Certainly I am going to wait as long as I can before I get it. And if I can get away without getting it I won't get it.
"No fear. No envy. No meanness." Liam Clancy
The guy is a troll who writes his "articles" by stringing as many buzzwords as possible into one paragraph. Pretty soon he'll be telling us that Vista will run on a Mactel as a browser-based application but only for those who subscribe to Verizon FiOS, is Google in on this and how will this affect Net Neutrality?
What about the hackers in China or North Korea?
Don't you think for a minute that disabling the entire infrastructure of the USA would be a score? What the heck did Nimda, Blaster and Nachi do to the good old USA? The company I work for lost an estimated $2 million just from Nachi.
Your Average Joe
Hey! I've been using the Dvorak layout for the last 4 years. It's done wonders for my wrists, and only took about 2 weeks to learn, after doing qwerty for 20 years.
People don't switch to it for the same reason people don't switch to linux. They think it's gonna be too hard. Dvorak was 10 times easier to learn than qwerty.
You have the right to remain silent. Anything you say will be misquoted, then used against you.
Terrorists. Vista will have a "kill switch" built in. Terrorists WANT to create havoc. It's easy enough to write a Trojan with some "cool" features that every damn Joe Sixpack is going to download and install. Then one day (how about 9/11/2007?) all these Trojans hit the the kill switch together. Poof. Gone.
The sad part of all this is that despite warning numerous previous managers of such poor choices, they usually perceive the thousand bucks saved by going Windows instead of an industrial-strength RT OS as a brilliant strategic move. And think of all the cheap programmers available! Oops, now we have "cheap" programmers building our life-critical app on an OS not really suited to task. One day the statement "Blue Screen of Death" may take on a very literal meaning. Hope your .net pacemaker doesn't gpf.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse