Windows Vista To Take New Tough Line On Counterfeits
Windows Vista, which Microsoft has said will ship to business customers in November and to consumers in January 2007, will be the first operating system to include technologies that the Redmond, Wash. developer called "Software Protection Platform."
Under the new plan, counterfeit copies of Vista will not run the Aero interface, the OS's much-touted updated graphics look; will disable ReadyBoost, a feature that lets users add memory to systems by plugging in a USB flash drive; and will cripple Windows Defender, the anti-spyware protection tucked inside Vista. Previously, Microsoft had said it would strip some features, including Aero, from non-genuine Vista, although Defender was not among those mentioned.
Product activation, which debuted in 2001 with Windows XP, but is now part of Software Protection, will also be dramatically revamped. If a copy of Vista is not activated within 30 days, the operating system will only let the user run the default browser, and then only for an hour at a time before logging off. Legitimate copies that for some reason later fail the ongoing validation tests will have another 30 days to re-activate or purchase a new license before the PC slips into what Microsoft dubbed "reduced functionality," while copies detected as fake during the validation process will also be downgraded after 30 days. In addition, users of genuine Vista must reactivate within three days of "a major hardware replacement," said Microsoft, or face a crippled computer.
"This is actually a little more open in Vista [than in Windows XP]," said Cori Hartje, the director of Microsoft's Genuine Software Initiative. "Today, if you don't put in a key [within 30 days], you can't use the computer at all."
"But is she talking about validation or activation?" asked Joe Wilcox, analyst with JupiterResearch, who thinks Microsoft is making the wrong move at the wrong time and giving legitimate users another reason not to upgrade to the new OS.
In the Software Protection Platform, the two -- validation and activation -- which were separate entities in Windows XP, will be intertwined. "The Software Protection Platform brings together new anti-piracy innovations, counterfeit detection practices and tamper resistance into a complete platform that provides better software protection to programs that use it," Microsoft said in the white paper it released Wednesday (file in Word .doc format).
Microsoft will also extend activation and validation to enterprise volume license users for the first time with Vista, said Hartje, and require them with Windows Server "Longhorn," the server software follow-on. "One of the big holes we've had [in our anti-piracy efforts] is in our volume keys. It's a very open process, with the keys in clear text and easily stolen and misused," Hartje said.
Volume licensees will be required to manage keys and run activation using one of two services, KMS (Key Management Service) or MAK (Multiple Activation Key), with the former targeting shops with more than 25 machines that are always connected to the organization's network. MAK, on the other hand, is similar to the retail product activation keys, and lets one Windows PC connected to Microsoft to vouch for multiple machines.
"Why do you need two mechanisms?" asked Wilcox. "I think that [enterprise IT] management becomes much harder now. Microsoft's increasing the complexity of Vista, which decreases its appeal compared to XP."
"The process of setting up key management is really very straight-forward," countered Hartje.
The crackdown, she said, is necessary to protect users and Microsoft's OEMs. "We need this to protect consumers and partners. Consumers want to make sure they get what they've paid for."
Wilcox, however, sees it as a mistake. "Microsoft's making software potentially harder to use. I don't think it's a good move for them to make things hard when competitors are making things easier."
As examples, Wilcox cited the free or low-cost choices that users now have via the Web. "Web 2.0 is bringing change to how people consume technology, you have all this stuff that's available for low-cost or free. Contrast that to what Microsoft is doing on the desktop, putting potentially onerous safeguards on Vista.
"It's important for Microsoft to make Vista as appealing as possible. But how appealing is it when you go up to your new home and you have to undo five locks to get in the door and there are bars on all the windows?"
Wilcox also slammed Microsoft for scaling back Windows Defender's protection. "That means it's partly disabled. It means [bad] stuff can still get through. Either your priority is security, as Microsoft has repeatedly said, or it's not. There's no gray area."
On a counterfeit copy of Vista, Windows Defender will not be turned off, but only "severe, high-critical patches" will be provided, said Hartje. "Users will still see the other patches to show them what they're missing," she added.
In the end, said Hartje, Microsoft believes that the new measures of Software Protection are warranted, and won't impact legitimate users. "We don't expect that end users will see any of these issues," she said.
Wilcox sees it differently. "I don't believe it when Microsoft says this will benefit the customer. I can't imagine that the majority [of customers] are asking for this.
"Microsoft has two fierce competitors. Itself is the first, with 'good enough' [attitudes] and difficulty in convincing people to upgrade. The second is piracy.
"They may be going after one at the expense of the other."