Microsoft has issued an update to Windows Vista that's intended to stop a piracy monster.
The software maker said on Thursday that the update is aimed at thwarting a technique that was letting some people use pirated versions of the operating system without going through the software's built-in product activation. Microsoft has dubbed the approach "frankenbuild" because it works by combining test versions of Vista with the final code to create a hybrid version.
"Windows Vista will use the new Windows Update client to require only the 'frankenbuild' systems to go through a genuine validation check," Microsoft said on its Windows Genuine Advantage program blog. "These systems will fail that check because we have blocked the [product] keys for systems not authorised to use them."
Although Vista was only released to businesses last month — and won't hit retail shelves until late January — it has been making the rounds on the internet, and there have been several reported hacks to bypass its built-in security mechanisms.
A second known issue, Microsoft said, involves using virtualisation technology in conjunction with the mechanism Microsoft uses to allow large businesses to activate multiple copies of Vista.
"Piracy is evolving and has made the expected jump from Windows XP to Windows Vista," David Lazar, director of Genuine Windows, told CNET News.com. "We are already starting to see some workarounds to the Vista licensing requirements."
In a statement, the software company said it hoped the actions would help discourage people from trying to bypass its security mechanisms.
"Microsoft hopes that by taking this action now, we can send a message to counterfeiters and would-be counterfeiters, and help protect our legitimate customers from being victimised by further distribution of these tampered products," the company said.
Microsoft has been more aggressively targeting pirates over the past two years, including a stepped-up programme for checking to make sure software is properly licensed. With Vista, software that doesn't pass such authentication will go into severely reduced functionality after 30 days. At that point, only the web browser will work and then only for an hour at a time.
In addition to that reduced-functionality mode, users can also still boot into Windows "safe mode". That allows full access to data and applications, but offers limited screen resolution, fewer colors and prevents the use of most third-party software drivers.
While Thursday's update addresses only the "frankenbuild", Lazar said Microsoft is also working on a method to counteract the other hack, which uses virtualisation and Microsoft's Key Management Service.
"The update that we are releasing today does not specifically address that, but we are working on an update that will specifically address the KMS workaround," Lazar said.
Vista represents Microsoft's strongest technical effort yet to build antipiracy features into its software. In addition to the activation requirements, some features within the operating system require the software to be validated as genuine. Those include the Windows Defender spyware fighter, Aero user interface and ReadyBoost, a technology that uses USB flash drives as added system memory.
"Vista is the hardest system to pirate that we have yet released," Lazar said.
Talkback
As I have had to jump through hoops to show my copy of XP is legal which Microsoft admit it is, even though I was repeatedly denied access to automatic updates will I be up-gradeing to Vista? NO, because if the same thing happens again I will not even be able to use my system. How can I have confidence in a produce which in the past has been admitted a similar product has flaws?
I wonder if MS are telling the full story.
Although I don't use an unauthorised copy of Vista, I have heard that the Frankenbuild of Vista will still disable itself even if automatic updates have been turned off.
This suggests that either Vista has a phone home mechanism built in to continue monitoring the its use and reporting back to MS to iniate some further action to disable the computer, or that there is an internal monitoring mechanism which turns automatic updates back on again.
As a legitimate user of Windows etc., I take great exception at the idea that I might be spied upon by my system, possibly without the sanction of law, or at all.
See here for the beginnings of a more informed view concerning the demerits of Vista
http://badvista.org and http://badvista.fsf.org