Pirates Already Cranking on Windows Vista

It’s confirmed: internal build 5840 was leaked to the Internet through a Chinese web link and distributed via eMule and bittorrent. This build does not have the build watermark on the desktop anymore and does not accept beta keys. We are getting closer to RTM! Interestingly enough, this build still does not require a product key if you boot it from the DVD. If you try an in-place upgrade, it will require a key. Of course, the pirates have been trying to get around the activation part since they don’t have a key. The hack seems to center around file slc.dll and supposedly has existed since the Windows XP days. Basically, it resets the activation counter back to 14 days up to 3 times. After 3 times, it ceases to work. This sounds quite like what sysprep does. Looking on Microsoft’s knowledge base, we find this article. Indeed, the pirates are just invoking a function that is normally called by sysprep: nothing fancy here. However, pirates have already found where Vista stores its activation status and have already figured out that the operating system locks the user (even administrators) out of this area of the registry.

There are now web sites and communities dedicated to the cracking of Microsoft activation technologies. Get your popcorn out, because this time it’s really going to be a cat and mouse game! Speaking of keys, here’s a snapshot of my copy of RC2:

Key finders still work! Granted, this is not a RTM escrow build, but it goes to show you that if you have a Vista product key you better keep it very safe. It’s very likely that the built-in key on the DVD will be banned from getting Windows updates and of course from activating.

– Soli Deo Gloria

Technet Direct Plus

Microsoft recently offered Technet Direct Plus as one of their Technet service offers. Under this program, a single user can download any full version of any of Microsoft’s offerings for evaluation purposes right from Microsoft’s web site. The first year is $349; after that it’s $249 per year. I just signed up tonight. As an IT professional, I always have to hunt around for trial versions. The nice thing is that there are also special activation perks as well. Take Windows Vista. You can install and activate using the key they gave you up on 10 machines. On the same hardware, Microsoft won’t decrement the activation count, meaning you can activate over and over again on the same hardware.

You also get two free PSS calls, how cool is that?

I asked Technet support if you can still use the software if you do not renew the subscription and I was told yes! So this is a very sweet deal indeed.

Listed below are some of the goodies you get to play with:


FrontPage 2003

Office 2003

Office Business Scorecard Manager 2005

Office Communicator 2005

Office Small Business Accounting

Office System 2007

Office Project Portfolio Server 2006

Office SharePoint Portal Server 2003

OneNote 2003 with Service Pack 1

Outlook 2003

Project 2003

Project 2003 Server

Virtual PC 2004
Virtual Server 2005

Virtual Server 2005 R2 Virtual Server 2005 R2

Visio 2003

Microsoft Dynamics

AX 4.0
Axapta 3.0
Customer Relationship Management (CRM)
GP (Great Plains)
Navision 4.0
Point of Sale 1.0
Small Business Accounting
Small Business Manager

Internet Explorer

Internet Explorer 7 Beta 3

Windows Vista

Windows Vista August 2006 CTP (Build 5536)
Windows Vista Beta 2 (Build 5384)
Windows Vista July 2006 CTP (Build 5472.5)
Windows Vista RC1 (Build 5600)

Windows XP

Windows XP Professional
Windows XP Tablet PC Edition


BizTalk Server
Commerce Server
Content Management Server
Data Protection Manager 2006
Exchange Server

Host Integration Server 2004
Identity Integration Server 2003, Enterprise Edition

Identity Integration Server 2003 (English)

Identity Integration Server 2003 Service Pack 1 (English)

Microsoft Identity Integration Server Host Access Management Agent Feature Pack 2 (English)

Update for Microsoft Identity Integration Server 2003 Service Pack 1 (English)

ISA Server

ISA Server 2004 Enterprise
ISA Server 2004 Service Pack 2

ISA Server 2004 Standard
ISA Server 2006 Enterprise Edition
ISA Server 2006 Standard Edition
Live Communications Server
Microsoft Operations Manager
Software Update Services
Speech Server 2004

SQL Server

SQL Server 2000
SQL Server 2000 Enterprise Edition

SQL Server 2000 Reporting Services
SQL Server 2005
System Center Capacity Planner

Systems Management Server

Systems Management Server 2003

-Soli Deo Gloria

Vista Release Date Part Deux

According to Mary Jo Foley, Jim Allchin (big cheese of Windows development) said Windows Vista won’t RTM on October 25th, 2006. There’s also another interesting article showing that the general availability release date is set to January 30th, 2007 and also shows Vista pricing for each SKU. I still predict October 25th as RTM or very close to it (October 26th).

Michael Niehaus has 10 things you need to know about Windows Vista deployment. Read about it here.

Build 5808 of Windows Vista has been released for a select group of testers (unconfirmed reports indicate these people are part of the TAP program).

Update (10/23/06): This just in from Paul Thurrott:

Exclusive: Microsoft Overcomes Final Vista Hurdles, Heads to RTM

A week and a half ago, online reports about an internal countdown clock at Microsoft verified my early 2006 report that the software giant was pushing for an October 25 Windows Vista release to manufacturing (RTM) date. But last week, Jim Allchin, co-president of Microsoft’s Platforms and Services Division, admitted that the company had run into a snag and that Microsoft wouldn’t make its planned RTM date. As of today, however, Microsoft is back on track because it has a working Vista build in escrow.

In an interview with Mary Jo Foley at “ZDNet” last week, Allchin said that Microsoft wouldn’t be able to release Vista to manufacturing by October 25. “We are in pretty good shape,” Allchin told Foley. “And there are still months before (the January 2007) launch.”

Allchin was alluding to an internal timetable that I previously reported on in WinInfo: He had told the Windows Division that Microsoft could afford to postpone Vista’s RTM date to as late as November 8 and still meet its November and January launch dates.

However, each delay comes with a price, Allchin said: For each day past October 25, Microsoft will ship one fewer localized, language- specific version of Vista in the January launch.

I’ve found out that the source of Allchin’s concerns was an unexpectedly buggy pre-RTM build of Vista. The previous Friday, Microsoft pushed Vista build 5824 into escrow, hoping that the build could qualify as the final shipping version. But a catastrophic problem with the build destroyed any systems that upgraded from Windows XP, requiring complete reinstallations. After several frantic days of trying to find the bug, Microsoft finally fixed the problem last Friday and reset escrow. On Friday, Microsoft internally released build 5840, which didn’t include the bug. Testing over the weekend produced positive feedback.

Vista build 5840 includes a surprising number of brand-new and final icons, and a new set of final wallpapers, including a default wallpaper that’s a variation of the Aurora “swoosh” that Microsoft has been using as a Vista identifier since it announced the branding in July 2005. There aren’t any major functional changes in this build.

Oh, and that internal countdown clock? Last week, it was reset to count down to November 8, not to October 25. It’s not clear, however, whether Microsoft will release Vista to manufacturing before November 8, and which–if any–language-specific versions of Vista will be dropped.

– Soli Deo Gloria

Vista Release Date?

Here’s an interesting snippet from Winbeta.org:

A Microsoft executive has leaked a general release date for Vista, Exchange 2007 and Office 2007.

Speaking to IT professionals, parliamentarians and senior law-enforcement officers at the Parliament and Internet conference in London on Thursday, Microsoft revealed its release plans.

“We will officially launch Vista, Microsoft Office 2007 and Exchange 2007 on 5 December,” said David Hipwell, a Windows client sales professional at Microsoft. The business version of Vista – Vista Business – is expected to ship November 2006.

Update: ZDNet has removed the release date story without any explanation

Seems like someone let the cat out of the bag, oops!

Another interesting feature of Windows Vista is its ability to report back to Microsoft the issues you have encountered on Windows Vista and send resolutions back to the user. Below is one I got for Ahead Nero 6.6:

The only problem was I was running the latest version of, so not sure this hint would really help me.

How secure is Internet Explorer 7? Take a look at this guy that loaded every conceivable spyware toolbar into Internet Explorer. After you stop laughing, take a look at his cleanup effort.

Microsoft also recently revealed changes about what you can do and not do with Windows Vista. Appearly, you can only run certain versions of Vista in a VM environment. Unlike XP, you are only allowed one transfer of a license for Windows Vista to another PC. Does that mean if I replace a motherboard twice I have to buy a new copy of Windows Vista? At this point, it seems so and many people are very angry about this!

– Soli Deo Gloria

Windows Vista News You Can Use

After giving Microsoft a tongue lashing, I decided to post about some of the things I like about Vista. Here’s a real nifty one: Reliability Monitor. You can track, over time, the reliability of your PC. Here’s a chart to see what I mean:

This is a chart of my work PC. As you can see the chart dipped around 10/2/06. This is around the time I did an inplace upgrade of my PC from build 5600 to 5728. On 10/9/06, I did an inplace upgrade from build 5728 (interim build) to 5744 (RC2). During the in-place upgrades, Windows flagged several programs as incompatible, thus the dip in score (along with a few explorer crashes!). The same historical data can be done for performance as well. This should be a welcomed featured for both users and IT professionals. Say you install a new program on a user’s machine and they state the computer is slower since you installed the program. You can now objectively look at the historical data and determine if that really is the case.

Windows Vista packaging. Take a sneak peak at what the boxes will look like for holding the Windows Vista media.

No Aero Glass for machines with 512MB or less of memory since build RC2. Here’s the workaround:

1. Ensure that you have the following registry value set to :

HKCUSoftwareMicrosoftWindowsDWMComposition set to 1 (32-bit DWORD)

HKCUSoftwareMicrosoftWindowsDWMCompositionPolicy set to 2 (32-bit DWORD)

2. Restart DWM by opening a command prompt with administrative privileges :

– Type ‘net stop uxsms’

– Then ‘net start uxsms’

Just remember I told you get nothing less than 1GB of memory for Windows Vista!

Looking to spice up your sidebar? Get the freeware version of a sweet sidebar call Desktop Sidebar. You’ll wow your friends over the bland sidebar that comes with Windows Vista. This sidebar also works on Windows 2000/XP/2003.

– Soli Deo Gloria

Microsoft Software Protection Platform

The Microsoft PR department is gearing up for the software pirates. Released on 10/3/06, this document describes Microsoft’s new anti-piracy efforts. BSA is quoted in the document stating “35% of all software installed worldwide is pirated or unlicensed“. Exactly how that it determined is beyond me (that’s liking quoting population numbers without taking a census). Microsoft also explains its new program called the Genuine Software Initiative (GSI). It wants to make sure its customers have genuine Microsoft software. The original name of the program was the Microsoft Cash Grab (MCG), but that didn’t sound as sexy so they changed it.

In terms of Windows Vista, users have 30 days to activate their operating system. After 30 days, the system goes into a locked down state where-in Windows Defender updates are turned off, Aero Glass is disabled, ReadyBoost is disabled and the only thing you use is Internet Explorer for 1 hour. After one hour, the system locks you out. You cannot even log into safe mode! In addition, if Microsoft detects that your copy of Windows is not genuine (through WGA, see my earlier article) all of these features listed above (except for the Internet Explorer part) are disabled immediately! The other interesting fact is that Windows Vista will run 14 days if you do not enter a product key. I guess this is to allow people to test out the operating system to see if they like it.

Volume licensing has also changed dramatically. No longer can you input a key to get around product activation. There are now two types of VLKs: KMS and MAK. MAKs or Multiple Activation Keys are pretty much like the old VLKs, except that you must activate the copy of Windows. However, once you activate a MAK over the Internet or telephone, it stays activated. A MAK is only allowed a certain amount of activations. For example: during the beta program our MAK was allowed 100 activations. That means we can activate 100 copies of Windows Vista Enterprise on 100 unique PCs. That means if a MAK leaks, Microsoft proactively plugs the hole by blocking the 101st activation from happening.

KMS or Key Management Service works by having one copy of Vista activate all the others. This assumes that the other Vista clients are “well connected” to the KMS (think “LAN”). This model also requires 25 physical machines before the service kicks in (don’t bother with virtual machines: someone tried it in the beta program and found it doesn’t work). Every 180 days, each copy of Vista must report to the KMS at least once, otherwise it deactivates itself.

Key finders won’t work with KMS, because the product key is protected in the trusted store of the KMS. However, key finders should still work on machines with a MAK.

Looking back on Windows XP piracy, we saw that pirates actually figured out the key algorithm to making Windows XP product keys. Microsoft plugged that hole by checking product keys against its database to see if they were ever generated by Microsoft (only keys with a resulting PID of 640 could actually be Microsoft generated). This time around its my guess that pirates will be using legitimate product keys and then use “time-cracks” to get around activation time limits. For example: when Windows XP first came out, pirates just came out with an activation reset crack. Since you have 30 days to activate Windows XP, that meant you just had to reboot once every 30 days. Grab a product key from MSDN and now you have 60 days.

How do you get legitimate product keys? By illegitimate processes! Think of credit card fraud to get legitimate product keys. Think of spyware and viruses that already port cookie information back to 3rd party servers. How much more would it be to grab a 25-character product key from your copy of Windows Vista?

Suffice to say, those pirating bad boys have nothing to do, but crank on Microsoft’s anti-piracy schemes day and night. It’s not a question of “if” Windows Vista’s copy protection will be broken, but “when”. While you are chewing on that, you might want to check out a paper I did on software piracy a few years ago.

Here’s an interesting post made by Chad Harris on microsoft.public.windows.vista.general on 10/7/06 on SPP, quoted in its entirety:

The problem is not that MSFT is addressing piracy with a legal staff
dedicated to it full time under the direction of Nancy Anderson, Associate
General Counsel.

Of course MSFT faces a huge, sprawling piracy problem as evidenced by the
maps and literature they hve circulated at their meetings from booths
attended by their attorneys and other employees over the years. It is
complicated by the fact that many governments don’t cooperate fully, and
there is a similar situation in India in respect to patents for
pharmaceuticals and in medicine in general in respect to HIV and the Avian
Flu pandemic and Mr. Gates is building on his learning curve in this area
right now.

Microsoft and its partners and its system builders certainly have crucial
concerns over the systemic implications of piracy.

The problem is that MFST is choosing to address piracy in an erratic fashion
that has already shown substantial evidence of inflicting massive collateral
damage and friendly fire on their customers. I hope that if they don’t
change this concept that has already proved to cause significant problems
with WGA in its new incranation as SPP, that they are forced to back off the
way they usually are– they face money loss. If they had been able to make
precise surgical tools, that would be one thing. But they already know that
they are killing Vista and Longhorn Server on boxes that have fully
legitimate licenses and they don’t seem to care. This is evidenced if you
read Ed Bott’s account of how stupidly they fielded the calls and messages
from a major Windows author, expert, and writer of columns on Microsoft’s

I don’t have any doubt there will be substantial litigation and possibly
class action suits for Nancy Anderson’s legal team at Microsoft, and while
many suits are baseless–these will not be and they will be filed by high
quality legal talent.

Ed Bott is doing a stellar job of tracking this, analyzing, and critiquing
this and Ed Bott co-authors one of the most complete and authoritative
Windows references for every operating system including the one that has
pre-sold nearly a million copies, “Windows Vista Inside Out” by Microsoft

Ed Bott’s Bookstore

Ed Bott’s Three Blogs

Ed Bott’s Microsoft Report

Ed Bott’s Windows Expertise/Tips, tricks, news, and advice about Windows and

Ed Bott’s Media Central

Ed Bott’s Columns on MSFT’s Site

The author of one of the major books on Windows OS’s and numerous
articles for MSFT over the year Ed Bott has taken MSFT to task for their
sloppy work with WGA repeatedly in the last few months and the same sloppy
work with SPP and MSFT has had totally ignorant spokes persons speak to
different questioners that are quoted on Ed’s two blogs currently with the
most inane and no knowledgable defenses of WGA which does not work correctly
and SPP which will not work correctly immaginable. They are making a fool
of themselves with the implemenation of WGA and SPP and they are going to
learn to back off when it hits them in the area they worship–their money.

See and note in these articles the inane responses of MSFT representatives
to the author of one of the best selling major books on their major
Operating System software and others–one more example of MSFT’s perception
of the public as stupid and their tin ear contempt for the public who are
their customers and put Windows on 97% of the boxes on the planet.

I want people to note this conversation because it speaks volumes about
MSFT’s inane contracted support and MSFT’s oversight of it and MSFT’s
attitude as to how little it means when they represent themselves to their
customers–this is a conversation that Ed Bott had with “MSFT PSS” probably
Convergys of Ohio contracting:

From Ed Bott at http://blogs.zdnet.com/Bott/?p=84

“I called Microsoft support to see if there is a hidden option to say, “yep,
I’ve got updates turned to manual: it’s okay.” The rep said, “No and why
wouldn’t you want to get the latest updates to Windows.”

I responded with the issues relating to WGA. He spent some time telling me
that WGA was a good thing, etc. I reiterated that I have accepted all the
updates except WGA and just want to review the updates before they’re
installed on my machine.

He told me that “in the fall, having the latest WGA will become mandatory
and if its not installed, Windows will give a 30 day warning and when the 30
days is up and WGA isn’t installed, Windows will stop working, so you might
as well install WGA now.” [emphasis added]

I’m wondering if Microsoft has the right to disable Windows functionality or
the OS as a whole (tantamount to revoking my legitimate Windows license) if
I do not install every piece of software that they send it updates.

That can’t be true, can it? I’m always suspicious of any report that comes
from a front-line tech support drone, so I sent a note to Microsoft asking
for an official confirmation or, better yet, a denial. Instead, I got this
terse response from a Microsoft spokesperson:

As we have mentioned previously, as the WGA Notifications program expands
in the future, customers may be required to participate. [emphasis added]
Microsoft is gathering feedback in select markets to learn how it can best
meet its customers’ needs and will keep customers informed of any changes to
the program.

That’s it. That’s the entire response.

Uh-oh. Currently, Windows users have the ability to opt out of the Windows
Genuine Advantage program and still get security patches and other Critical
Updates delivered via Windows Update. The only thing you give up is the
ability to download optional updates. Hackers have been working overtime to
find ways to disable WGA notification. If WGA becomes mandatory, would it
mean that Microsoft could prevent Windows from working if it determines –
possibly erroneously – that your copy isn’t “genuine”? That’s a chilling
possibility, and Microsoft refuses an easy opportunity to deny that that
option is in its plans.

Over at Ed Bott’s Windows Expertise, I’ve been soliciting feedback from
Windows users who’ve been burned by WGA. So far, I’ve received 20 comments.

Here’s a sampling:

a.. I have an XP Media center with a promise RAID 0 4-disc array. When I
installed the WPA it broke the drivers for the array by causing failed
delayed writes (half of the array just “disapears”.) If I do a system
restore to before the installation of the WPA everything goes back to
working just fine.
b.. [S]ince installing WPA : I’ve had blue screens and a total inability
to boot. I had to run the XP repair function to get the computer to boot. I
had a damaged boot sector on the hard drive. I am running two drives on a
RAID 1 config.
c.. I purchased a SEALED OEM copy of XP Professional. WGA said the license
key was already used. I called MS and they said I should uninstall and buy
another copy. I told them I wasn’t made of money and hung-up.
d.. Microsoft rejected the product key that came with the ThinkPad I’m
using. I had to call in and they gave me another code to enter which
supposedly worked but now I get the blue screen of death about every other
time I reboot. I’ve also lost all internet connectivity.
e.. I sent my Compaq Presario notebook for service repair, and it fails
the WGA check. I have a legal version of windows xp professional on it. But
I have no way to correct this problem.
What’s most disturbing about this whole saga is Microsoft’s complete lack of
transparency on the issue. And before the ABM crowd jumps in with
predictable “What did you expect?” comments, let me argue that Microsoft
actually has a fairly good track record on transparency issues in recent
years. Windows Product Activation is very well documented, and when a
similar uproar occurred in 2001, it was squelched quickly by some fairly
prominent postings from high-level executives who provided details without a
lot of spin. Likewise, the Microsoft Security Response Center has done an
exceptional job at providing quick responses to security issues. (Just ask
Adam Shostack.)

Currently, no one at Microsoft is blogging about this fiasco. No executive
has been quoted on the record about it. There are very few technical details
available, and those that have been published are being tumbled through the
spin machine and spit out as press releases.

If Microsoft really does plan to turn WGA into a kill switch in September,
be prepared for an enormous backlash.”

From Ed Bott on October 5, 2006:

UAC Good; SPP Not So Good

“SPP, on the other hand, is the successor to Windows Genuine Advantage. Both
initiatives have in common a reliance on Orwellian language that appears to
be in the customer’s benefit but is actually a horrible inconvenience and
potentially a nightmare. Despite Microsoft’s attempts to spin the new
program, there’s no advantage for the Windows customer, and the only thing
being protected is Microsoft’s revenue stream.”

Microsoft Issues Warning to VLK Customers Over WGA Fail

Guess there will be a WGA “Kill Switch After All”
Published October 4, 2006 by Ed Bott

Is Microsoft about to release a Windows “kill switch”?

Search on WGA

October 4, 2006 For Vista, WGA gets Tougher

Ed Bott Blog Readers Burned by WGA

WGA is a Mess

Microsoft Kill Switch in Windows Vista and threat to disable Windows (the
so-called Microsoft Software Protection Platform)

Microsoft’s Software Protection Platform: Protecting Software and Customers
from Counterfeiters

Microsoft’s Software Protection Platform: Protecting Software and Customers
from Counterfeiters

White Paper: Software Protection Platform: Innovations for Windows Vista
and Windows Server “Longhorn” Oct. 2006 (.doc file, 2.7 MB)

Microsoft Issues Warning to VLK Customers Over WGA Fail

Phil Liu of Microsoft has reported problems with the Windows Genuine
Advantage authentication method for Volume License Key (VLK) customers and a
temporary work-around.

“Just a heads up on an issue related to (Volume) VLK validation. On Monday
and Tuesday of this week (Oct 2-3), some VLK customers may have experienced
problems with WGA validation. If a Windows XP system with a VLK recently
began failing validation or reporting as non-genuine, then they may
experiencing this problem. The problem was the result of an issue on the
Microsoft server side, and we are still investigating the cause. We regret
any inconvenience this may have caused you, and I am personally working to
get the information you need to resolve this issue.

We do have steps available that affected customers can take to correct the
problem, and we’ll continue to work on solutions and post them on this

Customers who are affected can:
1.. Delete the data.dat file from Cocuments and SettingsAll
UsersApplication DataWindows Genuine Advantagedata (The drive letter will
depend on where the OS was installed)
2.. Revisit http://www.microsoft.com/genuine/downloads/validate.aspx to
confirm that the machine is now genuine.
3.. Run wgatray.exe /b from the command line to ensure that the latest
validation is updated for WGA Notifications. This command may not be present
on the user’s machine and should not be considered an error if it is not.
Please ensure that this is run as an Administrator. A reboot may be required
to remove all non-genuine notifications.”

Excellent article Chad!!

– Soli Deo Gloria

Windows Vista – Build 5728

We are only a month away from Microsoft finalizing the Windows Vista bits. Consumers won’t see it until Janurary 2007, but I will be running before then to get a jump on everyone. 🙂 For the first time, I attempted in-place upgrades with Windows Vista Ultimate over Windows XP Pro. The first experience was very horrible: the setup program failed to identify all the incompatible programs on my test system such as the SMS Agent, Track-IT! Remote Control Agent and VNC server until AFTER the setup was completely done. The inplace upgrade also takes forever. On a Dell GX520 with a standard build it took around 2 hours! Let me also state that you should NOT run Windows Vista with anything less than 1GB of memory. On a fresh build with just Office 2003 and the AS/400 client, the task manager showed 0MB available of physical memory and there was heavy hard drive thrashing.

We’ve also experienced some serious issues with Outlook 2003 not playing very nicely. On Windows Vista RC1 (and the build before), Outlook 2003 would eventually hang on start up. No amount of uninstalling and reinstalling Office 2003 would get it going again. If we deleted the Office key in HKCU, Outlook 2003 would work again, but for only one start. Office 2007 never seemed to have a problem on Windows Vista surprisingly.

Windows Vista x64 currently lets you disable driver signing, but Microsoft says they will remove that feature in the final release. I suspect that someone will develop a “crack” for this: who wants to go out and buy all new hardware just so the drivers are signed?

– Soli Deo Gloria