Microsoft Not Hacked Off by ‘Mad Scientist’

Microsoft  raises its hackles whenever hackers or
software pirates threaten to disrupt its business. However, the Redmond, Wash.-based software vendor downplayed the importance
of a hack currently getting its 15 minutes of cyber-fame.

The OEM Activation (OA) hack and its variant are sniffing around Windows systems, but, according to Alex Kochis, senior product manager for the Windows Genuine Advantage (WGA) group, they are not a priority, as Microsoft saves that for “hacks that pose threats to our customers, partners and products.”

The hack in question doesn’t rise to that level because it doesn’t scale easily and, therefore, won’t disrupt its channel partners’ business, Kochis said in a blog post, adding that the company isn’t going to try “to stop every ‘mad scientist’ that’s on a mission to hack Windows.”


The OEM Activation (OA) hack exploits a marker in the
BIOS of motherboards installed by original equipment manufacturers (OEMs)
that Microsoft installed to make it easier for its large OEM and retail
channel partners to authenticate its software.

The system enables a copy of
Windows to look for that marker in the BIOS of the motherboard and, when
found, confirm it was booting on a PC that was sold by a specific OEM and
licensed to boot Windows.

Over the years, hackers have discovered how to make an edited BIOS appear to
be an OEM BIOS. Kochis said that hackers began using this trick on Windows
XP, but Microsoft largely ignored it because “there were easier ways to
pirate Windows XP.”

Since WGA has made Vista harder to pirate, according to Kochis, the BIOS
hack has become a more appealing target for pirates. But he added the
payoff for potential crooks is still limited. “It is a pretty
labor-intensive process and quite risky… it’s potentially hazardous and
really doesn’t scale well to large number of systems, which makes it less of
a threat.”

There’s a second variant of this hack, which doesn’t change anything in the
BIOS itself but uses a software-based approach to fool the OS into thinking
it’s running on OA-approved hardware. But Kochis said that Microsoft is able
to detect and respond to this hack more easily than the BIOS attack method.

This is hardly the first time pirates have attempted to thwart the WGA
system. A code snippet supposedly allowing users to bypass WGA appeared on the Internet within days after
Microsoft first began making use of WGA mandatory for customers.

Microsoft has shown it is willing to track down software pirates that do
threaten it or its partners anywhere in the world, its software-pirate pursuits having taken the company to Jordan and Thailand.

News Around the Web