Slashdot Mirror
Activating Vista Enterprise Using a Spoofed Server
Ruvim writes "It has been mentioned in previous Slashdot discussions as possibility, and now it became a reality: Information Week reports that a spoofed server has been released that can be used to activate Microsoft's Vista Enterprise versions. It is being made available on several pirate Web sites and spoofs a Key Management Service server, used to activate a large number of copies of Windows Vista in enterprise environments." From the article: "Vista is the first version of Windows that Microsoft requires volume license customers to activate. Besides KMS, the Redmond, Wash. developer also offers Multiple Activation Key, which resembles the retail version's activation process. PCs activated using KMS must reactivate at least once every six months. The MelindaGates hack uses a VMware image of a KMS server to activate -- and keep activated -- a pirated edition of Windows Vista Business. 'Looks like Windows Vista Volume Activation 2.0 is a big bust,' wrote a user identified as 'clank' on the PirateBay Web site Friday. "
Vista Business and friends are the most likely to be cracked due to volume licensing. However, features are removed in a way that it is advantageous to businesses but turn away most home users. It'll be interesting to see how that works out.
Interesting...our network is completely self contained and does not touch the internet at all. I wonder how this will work for networks like mine (no plans to upgrade anytime in the near future, and since we use the workstations to run Citrix-based apps, it doesn't matter what OS we use.)
Even better is that the torrent tracker referred to is The Pirate Bay -- who mocked microsoft's legal threats, resulting in Microsoft appearing to pull strings that lead to an unprecedented, although ultimately unsuccessful, raid on their servers.
.torrents for me!
So, when the first hacks for Vista start popping up, it's nice to know that I can rely on The Pirate Bay to host those
Which is good enough. If Joe 6pack has to jump through hoops to pirate, he might just buy the product. Even better, Joe 12pack (twice as smart) might even be more wary of searching sites because of a legitimate fear of fake pirate sites that have viruses.
In games this is even more prevalent - the goal of fighting piracy isn't to prevent the inevetable - somewhere somebody has enough spare time to crack your stuff, but to _delay_ it. If Johnny 6cola can't get his game right away, then he might have to suck it up and buy it. The most sucessful ones have locked out pirates for 30 days or so. If you've been waiting for months for a game, waiting another month might not be an option. (Some of those might be from pirates distributing a game which still has parts of it not working and crashes half way through - even better for publishers). Obviously this is unique to games, as other software publishers want to keep people out for good.
I'm sure that Microsoft must have thought of that as a possibility. Since a unique product key is required to activate a KMS, why can't Microsoft just deactivate that compromised KMS key?
If YOU were a pirate, would YOU download an update which adds this "functionality"?
The problem is that there's just too much "fame" in cracking windows authentication. We used Telelogic Tau SDL in university, and it was only available on the university computers, and even there there was a limited number of licenses. We contacted the company to see if we could get some cheap/free licenses. They said no, and that licenses cost around $2000. Which was almost as much as a semesters tuition. Anyway, we also looked to pirating it, and couldn't find it anywhere. The problem was that it wasn't a popular enough program that anybody would bother cracking it. However, with windows, everyone wants it cracked, and everybody wants to be the one to crack it. So it's going to get cracked. I mean, look at the game consoles. People solder chips into the to crack them, but I don't think you'd find a way to install Linux on the v-Tech notebook. People are going to crack what they want to crack.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
Well, I was with you until you started gushing over Linux. Don't get me wrong, I like Linux too, but I yearn for the day that people don't end a comment about Microsoft with, "Why don't you just run Linux? It's so great!" That may be true, but this is Slashdot - we know that already!
But if you're not going to buy it anyways, what price is good enough? $20? $10? 5? It costs money to make these things no matter what. Again, you don't sound like a casual user. A casual user is someone who wants to play a game, and if its not on Bittorrent he might have to bite the bullet. Like frat guys at a Linux convention, they're here for the beer, not the source or speech. Put it another way: Two publishers put out two games at the same time. One has anti-copy protection, the other doesn't. Both cost $50. Our intrepid young gamer Johnny 6Cola has acquired $50 for his birthday and really really wants both games. The copy-free one is on bittorrent, the other is in the store. Which publisher would you rather be? Now in a month, both are on bittorrent, but games have a pretty short shelflife compared to Word or something similar. Another reason why its a different animal as far as copy-protection goes than other software. And for the time being MS still has a secure system against casual cracks. You can survive without Vista, but maybe someone wants it for XY or Z feature (or the next version of their favorite software might only support Vista, etc). If it takes several hours and a spare box to set this up, they might just bite the bullet and buy it. If the barrier to entry is 5 minutes and is 0 risk (no viruses, etc) all you've got is the moral issue to protect you, and despite the BSA's best efforts people still don't see taking money from Microsoft as wrong :)
An interesting twist from this is that the most feature-rich Vista Ultimate Edition may not be the most warezed one after all. Because these aren't supporting KMS activation, unlike Enterprise and Business who were both intended for this use.
Somebody will probably figure out how to drop the right DLLs from the Enterprise edition into any other edition to make it do KMS.
When information is power, privacy is freedom.
Actually, these days you're more likely to catch malware off of legitimate purchases (CDs, games containing StarForce, etc) than off a decent pirate site. (Torrent sites in particular tend to kill off torrents containing malware).
Isn't it ironic?
I'm a dreamer, the world is my playpen. But hey, I'm a serious person, I can't dream all the time.
There where ways.. it wasn't that hard.. in fact it was really easy to have the connecting client clear it's temp key so that every computer connecting everytime would appear to terminal server as a new cient and would issue a 30 day key.. and everytime they connected it gave them a new one.. and after 90 days the terminal server would drop the non active temp key.
or the better way was to manual configure the registry and get terminal server to run under internet connector license..
while it took some work it wasn't that bad once you figure it out.
'...if only "Jumping to a Conclusion" was an event in the Olympics.'
I think one of the biggest issues is the lack of media rejection. Back in the 80s when copy protection became rampant, the computer media (Byte, Computer Shopper, PC Mag, PC Week) led a concerted effort to educate users and rejected copy protection. Now it seems the old computer journalists have given up or become irrelevant (*cough* Dvorak *cough*).
Cheers.
what you probably don't know is that Microsoft has a reserved set of hostnames/ips in the kernel that do no go through normal name-resolution process. so even if you modify your hosts files, spoof dns servers and key servers, at some point it will try to contact them directly without going through "documented" name resolution process.
While their intentions may sound reasonable - bypass spyware and viruses that may have hijacked the OS to allow clean-up and windows updates sw through, it may also allow them to disable your system or collect enough information on you to prosecute.
Stick with XP or better yet, switch to linux.
On the contrary, there is negative security! Since you can't see the source code, there's no way to be certain that Microsoft itself (or a rogue programmer working there) hasn't put in any kind of backdoors or spyware or such. In a sane world, everyone including government agencies would realize that closed-source software like Windows can only be a liability.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
The key server is only half the issue...
During every 'Windows Update' (or perhaps quietly in the back ground) Vista will download a list of revoked key servers. As MS gets copies of the VM'd key servers, identifies them, their sigs go into the revocation list.
Your... erm, son of hacked key-server Vista copy downloads the revocation list, finds it's a bastard and promptly switches itself off.
Now... if you can hack the revocation part of Vista itself, you'll have the other 50% of a full Vista hack.
Or they will run out of keys to revoke.
An enterprising hacker might
a) seek out and duplicate the keys of other customers' installations
and/or
b) put in zillions of keys to be invalidated all at once, until all possible combos have been covered.
a) is nearly infinitely easier and more immediately devastating. Lots of high profile customers become enraged.
b) will make Vista completely unusable.
--- Grow a pair, liberals... stop letting the Republicans bully you!