Bypass found for Windows piracy check...

[Zim Hosein]

A tool provided by Microsoft could let people get around a check meant to prevent those with pirated copies of Windows from downloading additional software from the company, according to a security researcher.

Researcher Debasis Mohanty outlined what he said was a technique to trick Microsoft's Windows Genuine Advantage validation check in a posting to the Full Disclosure security mailing list on Monday. WGA is a software tool that verifies whether a particular copy of the operating system is properly licensed.

Using a secondary Microsoft validation tool called "GenuineCheck.exe," it may be possible for people to trick the checking mechanism, Mohanty said in the posting. They could then download and run supposedly restricted software from Microsoft's Download Center on a PC running a pirated version of Windows, Mohanty wrote.

Microsoft confirmed that the technique could circumvent the piracy check, but a representative said Monday that the company is not worried.

"This represents very little threat to Microsoft," the representative said. "We expected counterfeiters to try a number of different methods to circumvent the safeguards provided by Windows Genuine Advantage."

The company has been testing the WGA piracy lock on its Download Center and Windows Update Web sites for several months. It has said that by an unspecified date in the middle of this year, all Windows XP and Windows 2000 users will have to validate their copy of Windows before they can download from the Web sites.

The GenuineCheck.exe tool used to bypass the check is meant to provide an alternative way for users to prove that their copy of Windows is genuine. The primary Windows Genuine Advantage checking mechanism uses ActiveX, which is not supported in all Web browsers.

GenuineCheck generates a code that can subsequently be used to validate a pirated copy of Windows, according to Mohanty's posting. However, a PC running a legitimate version of Windows is required to run the GenuineCheck tool.

The threat is mitigated because the keys generated by the GenuineCheck tool expire "rapidly," the Microsoft representative said. Consequently, it would not do anyone much good to put up a Web page with a list of keys. Still, somebody would be able to generate a key and use it immediately on a PC with a pirated copy, or pass it on to a friend.

"This is more of an individual method of pirating. We don't see this as too different from people who take legitimate software, burn it to a CD and distribute it to their friends that way," the Microsoft representative said.

Microsoft's Download Center and Windows Update Web sites offer applications such as Windows Media Player and the Windows AntiSpyware product, as well as security updates for Microsoft products. The trick with the GenuineCheck tool works only on Download Center, according to Microsoft.

When the Windows Genuine Advantage pilot program began last year, it was purely optional, with no benefit for verifying one's operating system and no penalty if the OS was found not to be genuine. Microsoft has gradually expanded the piracy check and is now withholding downloads for users of some international versions of Windows XP

Bypass found for Windows piracy check :laugh:

 

[Platypus]

I don't understand why it's to Microsoft's advantage to not allow people to update their pirated copies of Windows to protect against all the horrible flaws in their code. This is just going to further the spread of worms and be a huge loss of money for everyone involved.

You don't see Apple doing this sort of thing.

 

[MournSanity]

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

 

[TWills]

:beer:

 

[Platypus]

Originally posted by: MournSanity

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

Oh yeah, what mechanism exists to check this sort of thing?

 

[nakedfrog]

Originally posted by: CorporateRecreation
I don't understand why it's to Microsoft's advantage to not allow people to update their pirated copies of Windows to protect against all the horrible flaws in their code. This is just going to further the spread of worms and be a huge loss of money for everyone involved.

You don't see Apple doing this sort of thing.

Apparently they feel that increasing their profit is more important than preventing customers from losing money.

 

[Platypus]

Originally posted by: nakedfrog

Originally posted by: CorporateRecreation
I don't understand why it's to Microsoft's advantage to not allow people to update their pirated copies of Windows to protect against all the horrible flaws in their code. This is just going to further the spread of worms and be a huge loss of money for everyone involved.

You don't see Apple doing this sort of thing.

Apparently they feel that increasing their profit is more important than preventing customers from losing money.

Exactly.

 

[AMDZen]

Ummmm, this is really stupid because Microsoft lets you bypass that any way. Its an option before downloading any software that I've downloaded on MS's site. Just go try to download the MS Spyware Beta and it will ask you to do a Windows Authentication check or something, but there is another option somewhere on the page to bypass it and go strait to download. All of the MS software I have downloaded have this option.

So obviously MS doesn't care either way, and its been this way for a while. The entire article is irrelevant and so is the complant's so far by the typical haters

 

[Platypus]

Originally posted by: AMDZen
Ummmm, this is really stupid because Microsoft lets you bypass that any way. Its an option before downloading any software that I've downloaded on MS's site. Just go try to download the MS Spyware Beta and it will ask you to do a Windows Authentication check or something, but there is another option somewhere on the page to bypass it and go strait to download. All of the MS software I have downloaded have this option.

So obviously MS doesn't care either way, and its been this way for a while. The entire article is irrelevant and so is the complant's so far by the typical haters

The company has been testing the WGA piracy lock on its Download Center and Windows Update Web sites for several months. It has said that by an unspecified date in the middle of this year, all Windows XP and Windows 2000 users will have to validate their copy of Windows before they can download from the Web sites.

I think you forgot to read the article before you decided to bash on 'the typical haters' :roll:

 

[Mucho]

Originally posted by: MournSanity

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

I have my doubts on weather Jobs is less evil than Gates

 

[Platypus]

Originally posted by: Mucho

Originally posted by: MournSanity

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

I have my doubts on weather Jobs is less evil than Gates

It isn't a question of 'weather(sic)' anyone is 'evil,' it just doesn't make good business sense to do this to the rest of your customers. You are punishing the paying customers by letting those who didn't get infected and slam networks causing an unreal amount of monetary loss from everyone involved.

 

[simms]

Originally posted by: AMDZen
Ummmm, this is really stupid because Microsoft lets you bypass that any way. Its an option before downloading any software that I've downloaded on MS's site. Just go try to download the MS Spyware Beta and it will ask you to do a Windows Authentication check or something, but there is another option somewhere on the page to bypass it and go strait to download. All of the MS software I have downloaded have this option.

So obviously MS doesn't care either way, and its been this way for a while. The entire article is irrelevant and so is the complant's so far by the typical haters

Apparantly you didn't get the part where they're slowing phasing it in to make it mandatory...

 

[AMDZen]

Originally posted by: simms

Originally posted by: AMDZen
Ummmm, this is really stupid because Microsoft lets you bypass that any way. Its an option before downloading any software that I've downloaded on MS's site. Just go try to download the MS Spyware Beta and it will ask you to do a Windows Authentication check or something, but there is another option somewhere on the page to bypass it and go strait to download. All of the MS software I have downloaded have this option.

So obviously MS doesn't care either way, and its been this way for a while. The entire article is irrelevant and so is the complant's so far by the typical haters

Apparantly you didn't get the part where they're slowing phasing it in to make it mandatory...

Nope, didn't even read through half of it. My mistake.

I blame you Zim 😛 You should have highlighted that part since it was the only part of the article that mattered. Of course there are 100's of ways to get around this check, I just wasn't aware it was necessary. But who cares, there will be many more ways to get around it once its implemented since more people with no lives will figure out a way to bypass it.

The last article I read on it said that they were going to start doing this oversea's first, since obviously 90% of all copies over there are pirated. MS said it wasn't going to implement this in the states, but I guess they changed their minds. The article isn't clear on any of that.

 

[rh71]

I don't think MS will ever be hurting unless someone makes some really stupid and rash decisions. Piracy will stay and M$ will still be M$$$$.

 

[m2kewl]

Originally posted by: Mucho

Originally posted by: MournSanity

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

I have my doubts on weather Jobs is less evil than Gates

their both equally greedy. 😛

 

[Phoenix86]

Originally posted by: CorporateRecreation

Originally posted by: Mucho

Originally posted by: MournSanity

Originally posted by: CorporateRecreation

You don't see Apple doing this sort of thing.

They will once they grab a larger market share.

I have my doubts on weather Jobs is less evil than Gates

It isn't a question of 'weather(sic)' anyone is 'evil,' it just doesn't make good business sense to do this to the rest of your customers. You are punishing the paying customers by letting those who didn't get infected and slam networks causing an unreal amount of monetary loss from everyone involved.

Or... Why support non-paying customers?

Do you really expect your security to be based on what's on the internet? IE, why would you rely on MS patching *all* of their customers in order for you to be safe on the net? You don't. You enable firewalls, update your machine, run scanning/detection software, etc.

Preventing pirates from updating their code shouldn't hurt MS' customers since it's prudent for them to be protected from these types of attacks anyways.

There will always be unpatched machines...