Microsoft's anti-piracy team has acknowledged that hacks against Windows Vista's OEM BIOS activation scheme are circulating, but seemed to say it has no plans to immediately counter the threat.
Alex Kochis, senior product manager of Windows Genuine Advantage (WGA), spelled out the hacks, which try to spoof how major computer makers pre-activate Windows Vista before shipping systems to customers. To make original equipment manufacturers (OEM) jobs easier, Kochis says, Microsoft has long let them add a marker in the motherboard's BIOS to identify PCs licenced to boot Windows.
OEM BIOS hacks aren't new, he says. But ironically it's Vista's new anti-counterfeit defences that may make them more popular. "Because there were easier ways to pirate Windows XP, I don't think much attention was ever paid to [OEM hacking]," says Kochis. "However, because Windows Vista can't be pirated as easily as Windows XP, it's possible that the increased pressure will result in more interest in efforts to hack OEM Activation 2.0."
At least two OEM BIOS hack strategies are in use, Kochis says, including one that uses software to trick a pirated copy of Vista into thinking it's running on a legitimate OEM-activated system.
Kochis, however, was ambiguous about whether the WGA group is planning immediate action against these hacks. "It's worth noting we prioritise our responses, because not every attempt deserves the same level of response," says Kochis. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows.
"Our first goal is to disrupt the business model of organised counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialised."
If true, the stance would be at odds with past behaviour by Microsoft and its WGA team. Last month, when a web site posted a tool that its maker claimed could crack Windows Vista's activation process, WGA reacted the next day, saying it was investigating the hack.
Microsoft did not immediately respond to a request to clarify whether WGA is now on the OEM BIOS hack case.
