Pirates crack Vista Activation Server

Pirates have released another ingenious workaround to Vista's copy protection: a hacked copy of Microsoft's yet-to-be-released volume licencing activation server, running in VMware.

Volume Activation 2.0 is one of the more controversial features of Vista: it means that every copy of Vista has to be activated, even the Business/Enterprise volume licenced editions.

However, to make life easier for administrators, Microsoft worked in a more convenient system of in-house for en masse activation of PCs called KMS – Key Management Service.

The idea behind KMS is that you have a single PC running KMS which can then handle activation for all your Vista clients, so that they don't have to connect back to Microsoft every single time.

The downside of KMS is that the activation is only good for 180 days, to discourage people bringing in their home systems, activating them and wandering off again.

Bearing in mind that KMS wasn't scheduled to be released until next year, pirates have managed to get hold of KMS and produce a standalone, fully-activated KMS server called "Windows Vista Local Activation Server – MelindaGates". Tongue-in-cheek of course…the first "cracked" version of Vista was called Vista BillGates.

The download is a VMWare image, and the idea behind it is that you download and install VMWare Player (a legal free download), boot the image and use some VBS script (supplied with the activation server download) to have the client Vista machine get its activation from the local server. And that's it – no communication back to Microsoft.

Of course, in line with the Volume Activation 2.0 model, this only works with Vista Business and Enterprise editions, as they are the only ones which will accept KMS keys.

Home and Ultimate editions still use normal single-use activation that calls back to Microsoft for validation of the product ID.

On one hand, this is strikes a serious blow to Vista's activation model. Simply possessing the Vista DVD (which was released on the boards about two weeks ago) wasn't enough to get you past the robust activation requirements. But if you can load up a local activation server and activate Vista that way, it sort of makes the whole thing redundant.

There are two caveats though. Vista still has to be installed with a KMS product key, so if that activated system ever goes through the WGA system with a known pirated key, Microsoft will be able to track it down and eventually close the loop.

The second is that this is a true KMS server, so the activation is only good for 180 days, then the client needs re-activation.

It's also still not a crack. In this instance, as with the Vista BillGates release, it's an activation workaround. Admittedly a very clever one, and one that Microsoft will have a lot more trouble stamping out, but the fact that it's taken the acquisition of a KMS server shows that Vista activation is still holding strong in its own right.

But is that of any comfort to Microsoft right now, while its yet-to-be-widely-released OS is being pirated like crazy?