Activating Vista Enterprise Using a Spoofed Server

Ruvim writes "It has been mentioned in previous Slashdot discussions as possibility, and now it became a reality: Information Week reports that a spoofed server has been released that can be used to activate Microsoft's Vista Enterprise versions. It is being made available on several pirate Web sites and spoofs a Key Management Service server, used to activate a large number of copies of Windows Vista in enterprise environments." From the article: "Vista is the first version of Windows that Microsoft requires volume license customers to activate. Besides KMS, the Redmond, Wash. developer also offers Multiple Activation Key, which resembles the retail version's activation process. PCs activated using KMS must reactivate at least once every six months. The MelindaGates hack uses a VMware image of a KMS server to activate -- and keep activated -- a pirated edition of Windows Vista Business. 'Looks like Windows Vista Volume Activation 2.0 is a big bust,' wrote a user identified as 'clank' on the PirateBay Web site Friday. "

yep

[User 956]

Information Week reports that a spoofed server has been released that can be used to activate Microsoft's Vista Enterprise versions.

And you don't even need a separate computer. You can spoof the activation from the same machine.

History always repeats itself looks like

[ZDRuX]

The software, loaded with the long name of "Microsoft.Windows.Vista.Local.Activation.Server-M elindaGates" is available on several pirate Web sites. It spoofs a Key Management Service server, one of the two technologies that Microsoft debuted last month that let businesses activate a large number of copies of Windows Vista. KMS requires that at least 25 PCs be connected to a corporation's network.

All I can say is: [nelson voice]ha ha !![/nelson voice]

Not really new.

[Anonymous Coward]

This is exactly how cracks for flexlm based products (Maya, ArcGIS) work as well.

Link to the torrent.

[jZnat]

Brought to you by The Pirate Bay [thepiratebay.org] as usual. :)

Re:Microsoft has taken an interesting approach ...

[crabpeople]

No thats not true. Even VLK has to be activated. Aparently they will be having a machine ala SUS that makes all the authorization attempts for them. They said the activations are like 180 days or so.

Re:Short on details

[Anonymous Coward]

And you came into this conclusion because... Microsoft has such a good track record in security?

The only good MS security track record is in copy protection.

To get MS terminal server licenses activated you have to jump through many hoops - it's extremely annoying. On the other hand, I've never heard of any hacks for it.

Microsoft.Windows.Vista.Local.Activation.Server-MG

[Odiumjunkie]

Microsoft.Windows.Vista.Local.Activation.Server-Me lindaGates.torrent

unlike windows xp and volume activation 1.0 windows vista doesnt have any corporate
keys which will permanently activate it. volume activation 2.0 requires a corporate
user to either do a one time activation through microsoft servers (mak) or companies
can host a local activation server which does not talk to microsoft (kms). the only
difference is kms requires re-activation once every 180 days. however as long as
theres a local kms server its simple to keep windows activated. this release is a
vmware image of a permanently activated kms server which allows local activation of
windows vista business/enterprise edition. volume activation 2.0 is only built into
those two editions.

install vista business/enterprise edition with the key [removed, check .nfo].

using the latest vmware workstation, boot the image. disable vmware firewall.

on the non vm vista right click the command prompt icon and run as admin. type ...

cscript c:\windows\system32\slmgr.vbs -skms vm_vista_ip

cscript c:\windows\system32\slmgr.vbs -ato

windows should now be activated.

to check activation status type ...

cscript c:\windows\system32\slmgr.vbs -dlv

tested using echos windows vista enterprise and vmware workstation 5.5.3 but seems to
have issues with the billgates windows vista business.

Shhhh

[empaler]

Shhhh [catb.org]

Re:Very interesting

[astrashe]

You're right. They're not early adopters. They do painstakingly difficult code audits, and certify products for use years after they've come out.

This is a non-issue for a long time.

Re:Short on details

[Sancho]

A) doesn't phone home to MS on a regular basis

I've never read anything that implied this was the case for OEM/OTS versions. Got a citation?

B) dosen't need to re-validate on a regular basis and break if it doesn't

I haven't read anything about this, either, except for the typical WGA stuff. Is there any evidence that business customers don't have to run WGA stuff to apply updates?

C) doesn't throw a hissy fit if they do too many hardware upgrades, and,

I thought Microsoft caved on this one.

D) continues to work the way the product SHOULD work when they are actually legitimate customers, despite whatever bugs may exist in the validation software.

This one's a good point, but the validation is inherent in Vista. Nothing says the Business version might not freak out and think it needs to be activated with Microsoft (which, given that it will have a Business key, might not even be possible--I just don't know).

Anyway, legitimate users are probably better off playing by Microsoft's rules. They might get through a few patch cycles fine, but eventually Microsoft will release a patch that stops this behavior, and then they're going to have proglems.

Re:Microsoft.Windows.Vista.Local.Activation.Server

[nachoboy]

The part they don't mention is that the activation server only hands out activations on networks with 25+ computers. The machine may be permanently activated, but after 180 days, if you don't have 25 unique machines (and no, virtual machines can be detected and don't count), the activation server will deny your request to reactivate.

That doesn't preclude from downloading another pre-activated KMS Server, but this isn't really a permanent solution.

For those pointing fingers and laughing...

[lowe0]

Would you feel the same way if MS found a loophole in the GPL that allowed them to start lifting code wholesale?

MS has a certain motivation for developing software, and they protect it through technical and legal means. The Open Source community may have several motivations for developing software, but they all use their licenses to protect that which motivates them. If you don't agree with what they do, then fine, don't use their software, but how is pirating a copy of Vista any different from helping yourself to GPL code without giving anything back? Either way, you're refusing to abide by the terms of the exchange, and basically telling the creator "I'm taking your work, and I don't care what you say about it."

Re:Why?

[mrchaotica]

That's what they claim, but it's still, in reality, bullshit. You bought and paid for it -- with the store presenting it as a "sale" -- without reading or signing any kind of contract or license. Therefore, it is a sale and you own it.

The idea of "licensing" it only becomes true because you believe it.

Re:Self Contained Networks

[icepick72]

You can't "simply allow activation" if your systems aren't connected to the Internet!

Getting your info from the right sources? ... Microsoft says differently:
Q. Does MAK activation require Internet connectivity?
A. MAK activation can be performed either online or by telephone.
http://www.microsoft.com/technet/windowsvista/plan /faq.mspx [microsoft.com]

I argued the point that Microsoft will make it easy for you to activate their product because they want to sell it to you. Indeed they do.

Or you can switch to Linux and/or OSX. :)

Now I assume that smiley from your original post indicates a joke. You caught me!