p2pnet.net news:- Bill and the Boyz have admitted their Windows Genuine (dis)Advantage police application is falling down on the job, but they’re not giving up.
“I know many of you are aware of reports of hacks that attempt to exploit our OEM BIOS based activation,” posts WG(d)A senior product manager Alex Kochis on the Microsoft WG(d)A blog. “We’re aware of this type of hack and I wanted to take a minute to describe how these work and how we plan to respond.”
He goes on:
First, what is OEM BIOS based activation?
Here’s a little more information on how OEM BIOS based activation works. This form of product activation is also known as OEM Activation or just OA, which is how Microsoft refers to it and how I will refer to it in this post. Back at the launch of Windows XP when Microsoft introduced Windows Product Activation, we recognized that as easy as end-user activation is, it still represented an extra step. In an effort to reduce the impact of even that extra step but maintain the overall effectiveness of product activation, Microsoft worked with OEMs to develop an implementation that would work best for them and their customers while keeping the goals of product activation clearly in focus. As we looked to develop a solution, it was important to ensure that product activation technology could still deliver an acceptable degree of protection, while at the same time, reduce the need for an extra step by the end user. A couple of key factors stand out as enabling the OA 1.0 solution that was delivered in Windows XP.
Large OEMs tend to ship large numbers of PCs with Windows preinstalled. They also have the ability during their manufacturing processes to identify systems that will ship with Windows pre-installed.
Also, because of the direct relationship Microsoft has with those OEMS, the company has a higher degree of confidence that a genuine COA will be attached to each PC and that there will be accurate reporting of the number of units shipped preinstalled with Microsoft Windows.
These factors lead Microsoft and the major OEMs to place a marker in the BIOS of the OEM’s motherboard to identify OEM systems that were to be pre-installed with licensed copies of Windows XP. This marker, which is added to a specific location in the BIOS of the motherboard, enables a copy of Windows XP to look for that known value in the BIOS of the motherboard and, when found, confirm it was booting on a PC that was sold by a specific OEM and licensed to boot Windows.
Not the first time
Over the years we’ve seen examples of BIOS editors that, with some work, allowed people to make an edited BIOS appear to be an OEM BIOS. In Windows XP this kind of BIOS editing wasn’t as difficult as it is in Windows Vista and frankly, because there were easier ways to pirate Windows XP, I don’t think much attention was ever paid to it. However, because Windows Vista can’t be pirated as easily as Windows XP, it’s possible that the increased pressure will result in more interest in efforts to hack the OEM Activation 2.0 implementation.
Windows Vistas OEM Hacks
There appear to be two primary variants of OA 2.0 hacks circulating. One is similar to the XP approach I described above where actual editing of the BIOS on the motherboard is done to make the motherboard appear to be from an OEM. It is a pretty labor-intensive process and quite risky. If you mess up editing the BIOS of any motherboard, you can quite easily render it permanently useless. So while this method works today, it’s potentially hazardous and really doesn’t scale well to large numbers of systems, which makes it less of a threat.
The second variant does not change anything in the BIOS itself, but uses a software-based approach to fool the OS into thinking it’s running on OA 2.0-enabled hardware. And while this method is easier to implement for the end user, it’s also easier to detect and respond to than a method that involves directly modifying the BIOS of the motherboard.
I do want to say something here about how we plan our responses. As I’ve said in the past, we focus on hacks that pose threats to our customers, partners and products. It’s worth noting we also prioritize our responses, because not every attempt deserves the same level of response. Our goal isn’t to stop every “mad scientist” that’s on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialized, thereby making victims out of well-intentioned customers.
blog – Reported OEM BIOS Hacks, April 10, 2007
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at thIs the endSurvey: How Did Copyright Infringement Become Equated with Robbery? (of the Net) nigh?zze University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use free p2pnet newsfeeds for your site
Tired of being treated like a criminal? They depend on you, not the other way around. Don’t buy their ‘product’. Do bug your local politicians. Use emails, snail-mail, phone calls, faxes, IM, stop them in the street, blog. And if you’re into organizing, organize petitions, organize demonstrations and then turn up on your local political rep’s doorstep, making sure you’ve contacted your local tv/radio station/newspaper in advance. Don’t just complain. Do something!