Microsoft will change the user experience of its automatic anti-piracy checks in Windows Vista and also make it harder for hackers to bypass the system in the first service pack for the OS due out early next year.
Once Windows Vista Service Pack 1 (SP1) is installed on a PC, that computer will no longer go into limited functionality mode if a user or administrator fails to activate Vista on that system in 30 days or if the system fails Microsoft's Windows Genuine Advantage (WGA) validation, which checks to see if a version of Vista is pirated or counterfeit. In Vista, WGA is called the Software Protection Program feature.
In limited functionality mode, a computer will shut down after 60 minutes and then allow only browser use. Now, instead of going into that mode, a version of Vista that has not been activated in 30 days will start up with a black screen and a dialogue box that gives users the choice of activating Vista now or later, said Alex Kochis, a group product manager at Microsoft.
If users choose to activate now, the screen prompts will lead them through the proper activation system. If users choose to activate later, all the usual functions of Windows will start up, but with a black screen in the background instead of whatever customised background screen a user had set for the system.
Then, after 60 minutes of use, a balloon dialogue box will appear on the screen reminding the user to activate Vista. It also will reset the background to black even if a user had replaced the black screen with a customised view.
The experience will be similar for machines that fail the WGA validation, except that users will be reminded that their copy of Vista is not valid and that they need to purchase a valid copy of the OS.
Kochis said it was feedback from business and enterprise customers that inspired Microsoft to make the changes to the user experience. Many of these customers have been waiting until SP1 to upgrade to Vista, which means Microsoft has gotten their feedback on the Software Protection Program only recently. SP1 is expected to be available in the first calendar quarter of 2008.
In addition to these user-experience changes, in SP1 Microsoft also will include code to combat two of the most common hacker workarounds to the WGA system -- OEM Bios and Grace Timer exploits -- and their variants, Kochis said.
Many customers were unhappy with the way Vista's Software Protection System and the compulsory WGA checks for XP worked, as there were initially bugs in the systems that would deem valid versions of the OS invalid. Hackers came up with ways to bypass the system not only for nefarious purposes, but also for users who were frustrated by system errors.
The OEM Bios exploit bypasses the check by mimicking what Windows looks like during a normal installation by an OEM, thus fooling the anti-piracy check by appearing to be a genuine copy of Windows. The Grace Timer exploit allows a hacker to modify the 30-day activation system so an indefinite number of days or years can be set as the time the user has to validate Vista.
Microsoft also is building a feature into SP1 that can find new hacks in counterfeit systems and send out updates to Windows to stop new exploits before they can be used, Kochis said.
Source:- Reseller News > Boost to anti-piracy check in Vista SP1
Once Windows Vista Service Pack 1 (SP1) is installed on a PC, that computer will no longer go into limited functionality mode if a user or administrator fails to activate Vista on that system in 30 days or if the system fails Microsoft's Windows Genuine Advantage (WGA) validation, which checks to see if a version of Vista is pirated or counterfeit. In Vista, WGA is called the Software Protection Program feature.
In limited functionality mode, a computer will shut down after 60 minutes and then allow only browser use. Now, instead of going into that mode, a version of Vista that has not been activated in 30 days will start up with a black screen and a dialogue box that gives users the choice of activating Vista now or later, said Alex Kochis, a group product manager at Microsoft.
If users choose to activate now, the screen prompts will lead them through the proper activation system. If users choose to activate later, all the usual functions of Windows will start up, but with a black screen in the background instead of whatever customised background screen a user had set for the system.
Then, after 60 minutes of use, a balloon dialogue box will appear on the screen reminding the user to activate Vista. It also will reset the background to black even if a user had replaced the black screen with a customised view.
The experience will be similar for machines that fail the WGA validation, except that users will be reminded that their copy of Vista is not valid and that they need to purchase a valid copy of the OS.
Kochis said it was feedback from business and enterprise customers that inspired Microsoft to make the changes to the user experience. Many of these customers have been waiting until SP1 to upgrade to Vista, which means Microsoft has gotten their feedback on the Software Protection Program only recently. SP1 is expected to be available in the first calendar quarter of 2008.
In addition to these user-experience changes, in SP1 Microsoft also will include code to combat two of the most common hacker workarounds to the WGA system -- OEM Bios and Grace Timer exploits -- and their variants, Kochis said.
Many customers were unhappy with the way Vista's Software Protection System and the compulsory WGA checks for XP worked, as there were initially bugs in the systems that would deem valid versions of the OS invalid. Hackers came up with ways to bypass the system not only for nefarious purposes, but also for users who were frustrated by system errors.
The OEM Bios exploit bypasses the check by mimicking what Windows looks like during a normal installation by an OEM, thus fooling the anti-piracy check by appearing to be a genuine copy of Windows. The Grace Timer exploit allows a hacker to modify the 30-day activation system so an indefinite number of days or years can be set as the time the user has to validate Vista.
Microsoft also is building a feature into SP1 that can find new hacks in counterfeit systems and send out updates to Windows to stop new exploits before they can be used, Kochis said.
Source:- Reseller News > Boost to anti-piracy check in Vista SP1