Slashdot Mirror
SP1 Unsuccessful in Preventing Vista Hacks
"The other A. N. Other" writes "It seems that Microsoft has been unsuccessful with SP1 in preventing hackers from turning a pirated, non-genuine copy of Vista into genuine copies that pass activation. The article initially looked at two of the most popular hacks (OEM BIOS hack and the grace timer hack) but after a little digging ZDNet were able to transform a non-genuine install into a genuine one. 'After a few minutes of searching the darker corners of the Internet and a few seconds in the Command Prompt I was able to fool Windows into thinking that it was genuine.'"
A Windows upgrade leaves Windows vulnerable? It didn't fix the problem? I'm shocked! SHOCKED, I tell ya!
-mcgrew
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
So, if the screen goes black on users who have a genuine copy, maybe they can use this hack? Or would this be illegal? Although it would then be like tricking Windows into -realizing- it is genuine...
And it's because of people doing this that stuff gets tightened down and in the end, its not the thieving bastards who suffer but the rest of us who pay for what we use instead of stealing it.
I only please one person per day. Today is not your day. Tomorrow isn't looking good either. - Scott Adams
MS doesn't want to stop all Vista piracy. Sure, they want to stop commercial outfits producing fake Vista DVDs but stopping all Vista piracy is bad business. Using Vista (even a pirated copy) keeps you locked-in and makes it easier for MS to get people using more MS software. After all, Vista was an industry-wide attempt to get everyone buying new hardware. Yeah it failed (hardware sales have been well below expectations) but using free Vista still encourages you to get new hardware like DX10 video cards & other DRM-riddled hardware.
I'm torn here. Should I be happy I can now install and activate the ISO of Ultimate I've had for the last six months, or be sad that Microsoft haven't played their usual PR ace and made about a quarter of a million legit systems go 640 x 480 x 16 colours?
You may not agree with what I say, but you should fight to the death to allow me to say it, by modding me up.
was the time most peoples pirate copies of XP got found out due to activation exploits being broken.
Will be the same in Vista I'd imagine.
Acid House saves Souls
After a few minutes of searching the darker corners of the Internet and a few seconds in the Command Prompt he was able to get fired for hacking using a work computer...
I've often thought that for Microsoft to significantly damage Linux on the desktop for Windows 7 for instance, all it would need to do is make Windows 7 licensing about as intrusive as the Win2k licensing. I.e enter a serial during setup, and that's it.
Geeks complain about WGA and then crack it anyway, n00bs buys their boxen with it pre-installed and so the audience WGA seems to be the most effective against are the casual upgraders that don't have the cash to shell out, but want the shiniest and latest software regardless.
Another angle; several friends of mine have to my pleasant surprise, asked me before if I knew of a retailer that would sell PCs with Linux on. Upon querying if they're sure they want Linux what with most commercial software being incompatible etc, the answer has always been the same; "no, but I'd save fifty quid (pounds) on Windows and then install it anyway".
Invariably, if this process was easy to do, it would beg the question; without the hassle of cracking Windows, would Linux even be considered? I think not, but increasingly it is.
throw new NoSignatureException();
Sure, they've always found a crack. And every time you try to get updates, the crack will break and you need to find a new one. It's not about making it impossible, just about making it annoying, timeconsuming or scary because you don't have the latest security fixes. To paraphrase a little: "pirated Windows is only free if your time is worthless". While I'm sure it makes some people pay for Windows, I do hope it also brings some people over to Linux mhere apt-get distupgrade "just works".
Live today, because you never know what tomorrow brings
M$ could lock it down and make it much more difficult but why? With everyone using it because it's easy to pirate they maintain their market share, and it appears there is no shortage of people willing to pay for that crap called Vista.
I have to say the other post about "the ones that steal it making it harder for everyone else" is one of the most naive and ignorant post I have ever seen.
It isn't "stealing" it's copyright violation, and you have fairly naive view of human behavior.
Relax there are more important things to worry about than some crappy OS.
"If any question why we died, Tell them because our fathers lied."
If they tighten it down too much, everyone bitches that they can't get legitimate copies to pass. If they don't tighten it down enough, people like this find ways to pirate copies and chide MS for it. So how are they supposed to come up with a happy compromise in a no-win situation?
SJW: Someone who has run out of real oppression, and has to fake it.
This is ZDNet we're talking about here. When he says "searching the darker corners of the Internet" he's probably talking about his cluttered address book, looking for the phone number of his friend who knows how to hack vista.
What I find really funny is how many people I know who pirated Xp and/or Vista but bought microsoft office for almost the same price....
Whereas if they paid a bit more, and bought XP... they'd have fewer hassles... *sigh*
not what I would of typed...
"After a few minutes of searching the darker corners of the Internet and a few seconds in the Command Prompt I was able to fool Windows into thinking that it was genuine."
would be..
"After a few minutes of searching the darker corners of the operating system and a few seconds in the Aero interface I was able to decide that Vista was the vile spawn of the devil and was to be ditched pronto and my new laptop would be graced by Ubuntu."
And really, it's run with nary a profanity or complaint ever since.
Does anyone think MS really cares?
In an age of copy protected floppies and copy protection on games and virtually every type of software, MS still shipped DOS and Win 3.1 unprotected. Friends would install it, and even geeks would go, wow, a GUI that works and I can even multi-task my DOS applications.
Corporation and distributor fraud has been at the heart of the MS movement for Geniune. Yes, they are stupid about it, as WGA has screwed users more than it ever should have with XP and Vista, but prior to WGA, even if you were a legit OEM MFR of computers you often had a 50% chance of getting pirate copies of Win9x/Win2K and especially Office.
I know from being an OEM and buying through distribution channels that 50% of the product that came through the door was not legit. It was so bad that even employees at some of the larger vendors, would place your MS software orders to their 'friends' and invoice it separately without your knowledge or the knowledge of some of the distributors.
This also wasn't from fly by night wholesalers. Our corporate IT people also had problems, even orders from companies like CDW and others had a large chance of being fake.
So MS added WGA and activation, this cut down the problem, but put a strain on legitimate users. MS would have been served to just put more monitoring and pressure in the distribtution channels, but again there are retailers and OEMs that would take advantage shady 'good' deals, and the customers would again be using forged copies, not even knowing that their local shop was screwing over people.
SP1 lightens WGA, and MS has internal plans to further lighten WGA on the websites and for allowing updates. They are looking into taking the burden of WGA off the end-user. I would look for more OEM tools and OEM activation, and keeping Corporate IT activation systems intact and WGA for consumers going away eventually.
This is a good thing and now SlashDot makes the article read like Vista is 'hackable' in a 'bad' way, instead of a 'good' way.
Also remember MS has already put out enough copies of Vista, that they probably don't care about the few *nix users hacking it for a VM or dual install, nor even the OSX Mac base.
Counting the entire sales history of Macs as total base, and the entire *nix installation base, Vista is still millions of copies ahead and still growing, and THIS is even if you only count the retail copies sold, not even the OEM portion which is substantially even larger.
MS can afford for people to Hack Vista, especially when there are cliches in the Mac community that love the hardware, but like Vista better than OSX and use it as their primary OS and great if they hack and install Vista, and find out that it runs better on Mac hardware than OSX. MS has a win win, even if the people don't like Vista, and it didn't cost MS anything for the % that did prefer Vista. (See online articles comparing Vista to Leopard or running native Intel binaries under OSX compared to Vista. (Adobe products and OpenGL games are great selling points for Vista, all running faster under Vista than OSX on the same machine.)
Can someone please explain to me how they can get a non-genuine copy to "pass activation"? I can understand hacking WGA so that it doesn't request activation or hacking WGA so that even when Microsoft tells it that its failed, it reports a success.
However this article suggests that you can feed a duff key to Microsoft and they'll incorrectly report it as fine!?!
I'm assuming here that WGA sends the CD key, Microsoft check it against a database of known shipping CD keys and known leaked keys and report yes or no depending on the outcome of that.
However with this set-up, you'd never technically "pass" WGA - you'd just be hacking around it.
Avantslash - View Slashdot cleanly on your mobile phone.
The DRM overhead in Vista finally made me take the Ubuntu plunge. Happily using Linux for nearly a year now, and getting great pleasure out of reading about the various Vista issues!
I wonder how much money Microsoft spends on this WGA crap, versus how much is actually lost in pirated software, versus, the monetary benefits of having people using a non-legitimate OS copy. Seriously, maybe spend that money on bettering the compatibility of Vista with it's own brothers (XP, 2000, etc.) and sisters (Samba network shares, etc.).
As a representative of the PADL (Pirate Anti-Defamation League), I protest to your inclusion of rape in the list of activities characteristic of pirates. According to Captain John Phillip's Pirate Code,
Article IX. If at any time you meet with a prudent Woman, that Man that offers to meddle with her, without her Consent, shall suffer present Death.Please cease and desist from further defamation of pirates. Or prepare to be pillaged yourself! (And note that the article only applies to the prudent Woman.) YAAAR!
"Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
Its ironic that if you are sometimes better off hacking Windows to pretend it is genuine, than using the clean bought install. Case in point: I have a legitimate Windows XP install on a MacBook Pro, using BootCamp. First due to a few install issues I ended up having to activate it three times and for the final, but successful install, had to call Microsoft. Later on I decided I would use Windows with the help of Parallels, but found the even if I was using the same install, it required me to activate it again. Yet another call to Microsoft and trying to explain that yes this was the same machine. With the cracked version I wouldn't have to worry about calling Microsoft once in a while.
I understand why Microsoft does this, but I wonder if it is really solving the problem?
Jumpstart the tartan drive.
Really, I read the /. and thought - nothing. It doesn't surprise me one bit. An MS program that works well and as intended - now THAT I'd find surprising...
Seven Days with Ubuntu Unity
It's microsoft, they are the joke in security... what did you expect...
Nom de dieu de putain de bordel de merde de saloperie de connard d encule de ta mere.
What the arcticle fails to tell you is this: Since SP1 was in RC stage it has done the same thing. Disabled known software BIOS exploits, and has done nothing to the Hardware BIOS hack. The current RTM of SP1 is the SAME as RC Refresh 2 that was released a few weeks ago. None of the Service pack releases have any WGA code that will stop the BIOS hacks... YET.. Im sure once SP1 is rolled out to the public in March, there will be a WGA update disguised as a critical update that will come out soon after. Then we will be seeing headlines of "SP1 disables BIOS hacks". Mark my words, this is not over yet by a long shot.
Maybe if M$ unlocked Vista to make it easier to share with friends and family, it would enjoy a greater market share. If it helps to keep Micro$oft's lock on the market, they will still be making money. Yeah, I am basically advocating that Micro$oft consider giving Vista away for free. Vista Ultimate, at that, not the lesser cripple-ware versions.
Bearded Dragon
If you buy a copy of Home/Student Office 2008, you get 3 license keys (3 installs) for $130 at Amazon. That's $44 per install for those of you keeping score.
That is probably a truer indication of it's worth. Basically, you're paying $44/machine to moves office files to/from work. That's a reasonable price.
As for the several hundred dollars MS wants for the "corporate" version... not so much.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
If Microsoft keeps with its typical "I don't care if we piss off our users" M.O. then Microsoft will present some update to WindowsXP that will make WinXP so annoying to use that it makes Vista look attractive by comparison. Off topic? I'm not so sure, because for the most part, people are going with their "downgrade" option quite a bit and Microsoft will want to prevent or dissuade people from using that option if possible.
Looking around for a small installer to put in vmware, i found tiny xp premium, they do a nice reduced version of vista too, lots of vulnerabilities turned off and quick as sh1t off a shovel.
I don't know about Britain, but in the US, computers with Linux pre-installed are usually $50 more than the equivalent hardware with Windows. Personally I wouldn't mind buying a computer with XP or Linux. But for the time being I refuse to buy a Vista computer so I don't become another "sale" in support of Microsoft's current tripe.
Maybe Microsoft should release a new patch every week, that requires the user to call a long distance phone number and manually enter in a 32 digit reactivation code. That would surely be a convenient way of avoiding piracy.
"reinstall XP" and "WGA is happy" ought to be mutually exclusive, no?
I mean, why ruin a perfectly not-as-horrible-as-Vista XP installation with spyware?
$
This last month I bought and downloaded cod4 and dirt from Direct2Drive. Same cost as everyone else, and just had to wait the couple hours for the download. What you say is true: no CD checks, great. But beware of game patches/updates. For example, cod4 would not allow me to play online. Turns out I needed a patch, but the only patch that works for cod4 from D2D is the patch from D2D. Turns out my copy of cod4 is different than the box version, and as such, I would imagine that there could be a small delay in getting any new patches (and same with other games). Hopefully not. I really like buying games this way.
damaged by dogma
False positives is one reason I haven't bought a copy of Windows since Windows 2000. I half expected that Microsoft would put their Vista-style disable code in XP, and the overhead and annoyance of the extra insecurity features in XP has made me glad I've stuck it out.
Just need to keep finding ways to bypass those unnecessary "we're not going to install on anything but XP" checks idiot hardware manufacturers put in their driver installers.
Vogons have landed and are now posting to /.
- To introduce and try to copy-protect the OS?
- To put effort into cracking an OS that you probably won't use anyway.
OK, the second issue is probably answered by "Because I CAN".If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
monumental terrible flop, terraflop, or terroflop?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I recently came across a PC that had a hacked Vista install... the curious thing is it used some sort of Linux bootloader before the Vista loader, which apparently does something to the A20 line. It flashed much too quickly for me to read anything else, but this loader presumably stays resident and convinces Vista that it's legit.
I would expect that one to be rather difficult to fight, seeing as it loads before the OS itself. Make the boot sector read-only (in the BIOS) and even MS can't tear it out.
-Billco, Fnarg.com
Yep, only on Slashdot will you find anti-MS or Vista posts ALWAYS being +5 funny or insightful, but if you say even ONE thing anti-Linux, you get +2 troll. Only on Slashdot.
case of diversionary tactics, or diverticulitis... Oh, bummer... bummed, but not down or out...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
If you're running a hacked copy of Vista already, then run voatk tools v2.5 to uninstall previous cracks, reboot, then run VST X-Free 2.1.2.1.2 to activate with the following instructions:
1. open tool
2. click "install key"-button and wait for OK-box
3. click install (the install button to the right, in the Select OEM... area)
4. click activate and wait for OK-box
5. click reboot
6. done smile
This works on both x86 and x64 systems.
http://tinyurl.com/2mzmah
Next up, ZDNet Reports "Windows Vista Unable To Prevent Blue Screen Of Death"
... any real point to pirating software (on any sort of significantly large scale, at least) like windows, which comes effectively "for free" with any new computer purchase that isn't a Mac. Pirating Windows really seems like a case of "I do it because I can, not because I necessarily need to or even want to".
File under 'M' for 'Manic ranting'
I can still get a buggy piece of software that makes my computer run slower for FREE! :D
This is rather the opposite. Microsoft has finally understood the importance of piracy: to build up a large userbase, and then lean back and relax whilst the synergy effect takes care of business.
Whimp!
...
You gave up just when things have clicked.
At least you use XP and not VISTA.
PS: 2008 is the year
Don't make your problems my problems!
And all this continues to prove how the majority of people in the world would rather STEAL Windows... rather than get Teh Lunix for FREE.
How does MS compete with free? By being better.
And so do most of the commenters.
The point of the WGA and Vista Activation is not to prevent every single end-user hack of Vista. No. It has never been. The point is to prevent organized criminal mass pirating. The kind of pirating when you as an unsuspecting client go to a store and buy a Vista disk that you think is geniune. You come home and install it on your PC, but it turns out that you bought a pirated version and you are unaware about it.
The point of WGA is to prevent some criminal pirate from selling you a hacked Windows. Without WGA and Activation you have no way of knowing whether the copy of Windows you paid for really came from Microsoft of from a Joe hacker's basement.
If you've been burned by buying a non-genuine version of Windows, Microsoft allows you to exchange your copy for a geniune version for free. And now Microsoft finally recognizes that the user is not at fault by removing the pointless "reduced functionality mode" of WGA.
SP1 clearly fails at preventing even cracks made in 2007 before it was even final. Crackers have had time to adapt a BIOS crack on the SP1 beta builds to workaround the protection. The emulated BIOS, which is lower level than the OS, cannot be detected by any WGA mechanisms within the OS itself. It is a more effective crack method than any of the XP cracks out there really. The only thing that seems to mess it up is installing multiple Vista OSs on the machine and then deleting them, which refreshes the bootloader. All one has to do is reinstall the crack once installing/uninstalling new copies of Windows.
collective intelligence of the internets > collective intelligence of microsoft big surprise