Illegal KMS server appears on the Internet

The business launch of Windows Vista is only a few days behind us and already the attempts to pirate Windows Vista are underway. Recently I stumbled on news of a rogue KMS servers that has appeared on the internet with information on how to activate a copy of Windows Vista VL against the server. Once activated your illegal copy of Windows Vista will be good for 180 days before it needs to talk to the KMS server again.

KMS, which stands for Key Management Service, is part of the Volume Activation 2.0 scheme to protect Windows Vista and Longhorn Server from piracy. As part of your license agreement with Microsoft you agree to not bring up a KMS server on the public internet. This server is a clear violation of that agreement, which I doubt they had.

View: Entire Article @ Windows Connected

Report a problem with article
Previous Story

Vista Shortcut Overlay Remover 1.2 Released

Next Story

Office 2007: First impressions of an average user

62 Comments

Commenting is disabled on this article.

I think it's because microsoft doesn't spend that much on anti-piracy. or any other companies either.

I mean... it takes one person to hack something completely.

it takes one person to create the algorism for encryption or whatever.

it takes about 6 man to implement it. (come on, how else would a program install and *integrates* into system? especially with places like sourceforge and gnu and open-source places and the algorism already made for production.)

and they have the world to gather ideas from, remember they have a reword program for those with good ideas.

The cost?
For building anti-piracy codes:
reward for Idea --unknown
7 man with salary at 80g a year, contracted for 3 month -- 140g
Cost to varify the codes for other production - one person or automatic scripting machine - 10g to operating cost
Total: about 200g, 1 million if you want, not even a percent of their gross.

But they make more than 1 million by using protection methods. Average os is 300 dollors, forcing the people who is fed up with the protection to buy the software probably raises more than 1 million.

There's no way they would lose money. They know it's futile, but even recovering some of the money lost to piracy is favorable, so they put up a front with a strong voice. It's the right thing to do after you found you've been cheated. Think people.

But it works for a short amount of time, after XP sp1, lots of people actually bought it, that's why they continued it. Or the os would return to win98 me and 2000 format with no checks. The person who thought up windows genuin activation must have been reworded alot, cause all of this is a variation of it. Wether it be a outsider or employee.

I agree with the other person who said that microsoft is only keeping a front so they won't get accused. I mean, all their cracks are leaked from corporate editions. But they HAVE to make a corporate edition for business, or they'll switch to unix or other os that has mass distributions.

With open source projects like wine and other compatibility layers, all they have to do is sent a team of experienced man and the compatibility would be complete in like... 6 month. with all the documentations and stuff, backward enginneering is much simpiler than it seems, it just needs dedication and some real hacking knowledge. Hell, so many people already made a complete java runtime alternatives even when they're closed source. One of the distributions didn't even look at java sources, he made it from scratch. ONE PERSON (cause I can't find the patch upload thing) and it's free.

My conclusion, they spend more on marketing and developing than anti-measurements. they have a department for ideas, not just for anti-measurements, but to gather ideas and responses about tons of things, and process them, seeing which is worth their while, then promotes it, then makes it to the head, who agrees to do something like that...

Same thing with video/audio, it works. until someone cracks it, but even then, they make some profit out of it. marketing is really powerful. and companies like microsoft works on ideas, they're not service providers like cable who just maintain the service and make money, sending support when costomers need it. They need everything that can make a decent profit.

as for making registered people miserable, yea right, everything is automated unless it's a pirated copy, everything can be preset in windows xp and vista, there's freewares that does that. Even slipstreaming office into the installation.

Microsoft always have a vunrability in their anti piracy fetaures.

First with XP they introduced activation and then made a copy that dident need activation ( Oh Knowssss people are leaking VLK keys )

Then they introduce a VLK Server and simply tell administrators "Dont run them on a Public Server" are they just overly stupid or both?

I've always wondered... what if someone doesn't have ANY internet access on a machine with Vista - then how is the KMS server going to communicate with that computer?

You only have to activate every 6 months, so presumably every 6 months you could connect it, activate, and disconnect. Plus, most machines would at least have a connection to the corporate network, even if they had no internet connection.

How many pieces of software, code and ideas did M$ pirate over the years?
M$ is naive to think people won't do to it what it constantly does to other companies. Plus its products are always over-price to include a cushion for piracy. The $hit they shuffle every year about losing money from piracy is simply bull.. I dont see them suffering from it. They got all the money in the world but they can't think outside of the box to save their lives: considering how much money they've always had, they should have been the first to come up with a decent search engine like google, they should have thought of youtube, myspace, flicks, PDF format .. long ago, after all, they have been in the business since the early 80s.
When was the last time M$ came up with a product or idea that revolutionized the world and made everyday users go: waw ? Outside of crappy old windows, absolutely nothing- No impact on users whatsoever. Take m$ out of my computing world, I'll switch over to linux and nothing else will be afftected. Take out google, myspace, ebay, youtube, bittorrent, mp3, .. and my life will be seriousely affected. None of these companies is older than 10 years.

Your misuse of the word "pirate" above, and your lack of balance regarding the ideas that MS, Apple, Xerox, Amiga, and Linux have taken FROM EACH OTHER, shows you have no bloody idea what you're talking about. I wish I could digg ya down.

Quote - excalpius said @ #20.1
Your misuse of the word "pirate" above, and your lack of balance regarding the ideas that MS, Apple, Xerox, Amiga, and Linux have taken FROM EACH OTHER, shows you have no bloody idea what you're talking about. I wish I could digg ya down. :)

a rose by any other name.....

Do a little research and you'll find the articles where MS used pirated (cracked) software during the creation of Win95 & Win98.

Quote - MasterArcher said @ #18
If MS made their OS $49 per copy, piracy would be greatly reduced. Same with Office.

also means they'd have to sell 6 to 8 more copies to recoup what they could have made from one person buying it. I'm sure the ratio of buyer to pirate is less than 1:6 - maybe more like to one copy sold 3 are pirated. It's easy to say lower the price but you have to remember Microsoft have many departments dedicated to marketing - it doesn't make sense to charge a smaller rate.

In addition piracy (in moderation) is a good thing for Microsoft - ensures they keep a steady market share. The reason they try to make it difficult for pirates is because otherwise they would be accused (and rightly so) of allowing people to pirate windows when others have forked out a small fortune for it. Pirates will always pirate - it's not even so much about the cost - it's more like a hobby for the real hardcores. If there was a 100% way of stopping pirate copies of Windows then Linux market share would increase significently and there would also be a far slower transition into Vista becoming mainstream! Definatly something Microsoft don't want.

Quote - MasterArcher said @ #18
If MS made their OS $49 per copy, piracy would be greatly reduced. Same with Office.

I'd definitely buy if they were that cheap.

Absolutely, but they're far too greedy to do that.
They rather pay a vast amount of money for anti-piracy measures than lowering the price to a reasonable amount. Even far worse off are those in non-US countries: in the UK, it's on average 2/3 more expensive, and in Germany most editions are nearly twice as expensive! Talk about rip-off.

The price of Vista isn't because it's so great. It's because they have to recoup that 5+ billion they wasted when they scrapped the project twice and started again (yes, not from scratch). The best way to make that money back is to gouge the consumer. The next version will probably cost $1000 or more.

this whole thing its kinda lame, microsoft its not annoying pirates only legit users, as i said many times if im in a enterprise i wont get vista at all, need a server to activate?, have to activate? waste my bandwidth and my companies resources so microsoft find its customer to be no guilty of piracy of a software that we bought.

I find it stupid in anyways, they already got wga and oga very annoying btw and now with this it shows 1 more time that hackers and pirates can ALWAYS get away with it.

the volume licensing versions of vista phone home to make sure they are legit its just someone made there server public

Ok so I'm a bit hazy on what this actually means. Is there some server in China that's happily activating copies of Vista or something?

Didn't take long... I'd expect a LOT more of this to happen... Reverse engineered protocols for hacked server to have them never "phone home" and always say "yep, you're activated!" will perhaps become the #1 piracy method of Vista. I also saw the stuff about cracks coming up right after it went RTM, but I don't think Vista client-side cracks will be their long-term method of doing what they want, but rather this method.

There's no way to stop pirating of computer software. People are always going to do it.

The average user didn't even know how to pirate Windows XP.

I'll admit to seeing both sides of the argument. For once I'll put a point across backing software developers. (for a change!)

I think the major point here is that people pirate primarily as they see it as a "perk of the net". They don't see it as crime. If they did, I think the vast majority of small time piracy (the odd download of a few apps etc) would cease.

How do you get people to see piracy (of all kinds) as a crime? Good Question....glad I'm not the guy who has to figure this out.

I don't think it matters how cheap things are. For example, e-books are sodding pirated and these things cost pittance compared to Vista.

Make people see piracy as a crime and come closer to stopping it.

it wouldent if MS lowered the price,it would still get piraited. becasue you will find lots of people who
dont want to pay no matter what.

Best way to fight piracy is lowering the price to make it accessible to everyone.... so there would be no need for cracked copies of the OS or w/e software...

That and to release it on fricking time.

Half the people pirating Vista now are doing just because they want the latest OS and would probably buy it if possible.

Best way to fight piracy is lowering the price

Vista price is same as XP.
You want Ultimate? Why? Do you drive a car $1Mil+ worth?

Quote - RealFduch said @ #9.2

Vista price is same as XP.
You want Ultimate? Why? Do you drive a car $1Mil+ worth?

WTF... I sure hope you are not expected to be driving a "1Mil+" worth car in order to afford Vista Ultimate. Vista Ultimate should be affordable for everyone. I think a more reasonable pricing scheme would be $99 for Home, $149 for Home Pro and $199 for Ultimate.

Quote - RealFduch said @ #9.2

Vista price is same as XP.

When computers cost $2000, Windows represented about 5% of the price of the entire system.
Now computers cost $500 and Windows represents about 20% of the price of the entire system.

The price of all other components have fallen except for the software component.

That's one reason why I like Linux, OpenOffice, FireFox and other freeware.

Yes, I'm referring to Linux as an OS and not as a kernel. The code nazis can eat it.

A question to the above posters if you where a Microsoft employee in charge with preventing illegal copies being made and used how would you do it ? I’m thinking a hardware device you have to use to install the software (usb key)

Quote - NiceCarpet said @ #7.1
It would only be a matter of time before a USB Key emulator came out (Just like what Daemon Tools does for CDs)

yeah, if it can be made it can be broken.

Copy protection is a joke and a waste of resources. Eventually you spend more on these rather than on the product itself instead and you are still not ahead in the end.....

Their best bet is to make it more affordable. Yes it won't completely stop piracy, but it does work. Just look at what iTunes, and similar services, are doing for music. They've sold over a billion songs so far for around $0.99 each.

Pointless cat and mouse game. Encryption is only safe if the decrypter isn't directly infront of you giving a prime example of what you need to mimic. Or if what is protected doesn't gain interest in the ones smart enough to break it(the people that made it got paid to do so, the people breaking it are doing it for nothing but personal use or fun).

I totally predicted this last year here on Neowin. I also described how it was a BAD idea for MS to have a killswitch on everyone's OS, because someone could "hack" everyone to shutdown externally. So now we see someone who can fake the MS authentication. If MS had gone through with the killswitch, isn't it obvious that these people can cause a FAILED response even easier than a PASS response?

AHEM!!!

This is WHY Microsoft has NO BUSINESS verifying our OS after it's been installed etc. Every time it phones home, you have another potential point of failure.

QED

Pretty much all your deductions are wrong.

If someone is stupid enough to use a 3rd party KMS server that he has no idea who is running, that person deserves to get shut down by a "killswitch". And how exactly are they faking MS authentication? It's just a normal KMS server on a public network. Nothing fake going on.

Might as well take out that QED since you haven't proven anything :P

Quote - Stebet said @ #6.1
Might as well take out that QED since you haven't proven anything :P

Maybe he was backronyming and wanted to say "quod ego dico" ("Because I say so")

Stebet, I was taking the logical deduction leap to the next step, in that if it is possible for someone nefarious to send people to the WRONG KMS server, through social engineering etc, they could be shut down. It wouldn't necessarily require installing spyware, etc. etc., but we know something will get through the Vista defense at some time, and if there was a killswitch in Vista, this would be an attack vector. If there isn't a killswitch, then failing authentication (false KMS or true KMS) isn't anything more than an annoyance to a handful of IT people out there.

And a rogue 3rd party KMS could be set up to authenticate a gazillion pirated Vista VL machines, couldn't it?

If someone nefarious could do that it would be a lot easier for in his nefariousness to just tell the user to format his hard drive. I'm also pretty sure you'd need administrator privileges to change the KMS server settings. So this is no more of an attack vector than telling someone to do "format C:".

And so what if a rogue 3rd party KMS authenticates a bunch of Vista installations. Those installations will "shut down" shortly after that 3rd party KMS server is taken down when the installations need to renew their activation (they need to do that every once in awhile).

People will always pirate software.
Most business [at that I’ve dealt with] prefer to use legal software I’ve heard the IT guys at my work talking about how they have made the organization legal now.

As for the people who create these pirating techniques if they are caught they should be forced to handwrite the Microsoft ULA.

well it was only a matter of time and to be honest i wouldn't expect anything less , MS should realise that doing this sort of stuff wont really effect the pirate as you can clearly see the work around is in effect and that's before its even hit the shops to the average joe user , sure they have a right to protect their stuff , who hasn't , but maybe they should think of a different strategy than this because it clearly shows it isn't working

Quote - RealFduch said @ #4.1
Did you persnaly use that? I don't think so.
So even if You pirate Vista, this KMS server is not the cause.


sorry i don't get your point , i was pointing out that their strategy on combating pirates isn't working , infact if anything its making legit users life's a pain in the rear end with all this extra malarkey that you end up having to do , yet the pirates navigate around it and don't have anything like the legit users do

My point is there are certainly many ways to pirate Microsoft products, but lets count how many people use each of them.
MS just tries to shut the most used.

So now basically anyone can "run" their own internal KMS server to validate licenses internally. It's the old DONGLE protection scheme all over again. Don't crack the software, just LIE to it by saying yes all the time.

The ultimate secret to piracy = the ultimate secret to a successful marriage?

Who'd a thunk it?

Quote - excalpius said @ #3.1

The ultimate secret to piracy = the ultimate secret to a successful marriage?

Genius!

As part of your license agreement with Microsoft you agree to not bring up a KMS server on the public internet. This server is a clear violation of that agreement, which I doubt they had.
Trying to circumvent copyright protection is always a violation of the license agreement. Duh.