Category: 
April 13, 2007Microsoft Senior Product Manager, Alex Kochis, has finally responded to reports of a working OEM BIOS hack. It’s interesting to read Microsoft’s opinion and response to this working hack, as it has turned Vista activation into one-click with instant success. The previous versions of this OEM bios hack, as Alex details, was very risky. It involved..
…actually editing of the BIOS on the motherboard is done to make the motherboard appear to be from an OEM. It is a pretty labor-intensive process and quite risky. If you mess up editing the BIOS of any motherboard, you can quite easily render it permanently useless. So while this method works today, it’s potentially hazardous and really doesn’t scale well to large numbers of systems, which makes it less of a threat.
Alex then details the ’software emulation’ activation crack (this is the utility now widely circulating, involving one-click activation):
The second variant does not change anything in the BIOS itself, but uses a software-based approach to fool the OS into thinking it’s running on OA 2.0-enabled hardware. And while this method is easier to implement for the end user, it’s also easier to detect and respond to than a method that involves directly modifying the BIOS of the motherboard.
What is rather interesting is Microsoft then proceed to state that…
we focus on hacks that pose threats to our customers, partners and products. It’s worth noting we also prioritize our responses, because not every attempt deserves the same level of response. Our goal isn’t to stop every “mad scientist” that’s on a mission to hack Windows. Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialized, thereby making victims out of well-intentioned customers.
Well, this is confusing; it implies that Microsoft isn’t going to address this activation crack. Am I reading this wrongly? I don’t think so: other websites are reporting the same interpretation as well.
I simply do not understand Microsoft’s take on this. There are two implementations of the software hack:
- A grub-like boot-loader that loads the crack before the OS starts. This utility has become a one-click process.
- Software emulation of an OEM enabled BIOS. This crack is the most widely distributed and used. It, like the boot-loader process, is a one-click activation process. Microsoft assert this will be easier to defeat.
Both implementations of this activation crack are absolutely ’scalable and can be easily commercialized’. Am I the only one to suspect that the real reason Microsoft have taken this stance is because they are acutely aware that these cracks are not going to be at all easy to defeat. They would have to revoke Asus’ OEM Vista key for starters. This decision could not be taken lightly, and i’m sure ASUS and their customers’ would have something to say.
…did someone say ‘Genuine Advantage’? I think not. WGA is a menace, and a disadvantage to every legitimate user. Microsoft is reaping what it has sowed. The real loser in every instance is the genuine consumer.
I will resist the urge to write about free-software and the GPL in this blog post. GPLv3 cannot come soon enough.
Sorry, no comments yet.