A Potential Dark Side of Volume Activation 2.0

In a press pass release yesterday Microsoft unveiled what it is calling the Windows Software Protection Platform.  It sounds like a really long name for an anti-virus program, but it is in fact an umbrella of technologies that Microsoft’s is going to use to protect Windows Vista, and over time other products, from piracy. These will include built in WGA for consumer SKU’s and for Volume License (VL) customers they will have Volume Activation2.0

Volume Activation 2.0 is the set of activation schemes that will be required of enterprise customers who use VL media. This media, largely a target of pirates, will now also require activation.  This activation will occur either to an internal service in the form of a Key Management Service (KMS) or over the internet to Microsoft with a Machine Activation Key (MAK).

The KMS role will be installable on Windows Server 2003, Windows Vista, and Windows “Longhorn” server.  Volume license media will look up this service automatically via an SRV record in DNS or they can be manually pointed at a server.  This service will require a minimum of 25 clients or 5 servers to begin activation. Clients using VL media will check in with the server periodically, every two hours, until they have activated. Once activated, they will need to check in again with the server every 180 days.  So every machine that you build in this manner will need to have access to this server periodically.  Machines that will be off your network for a period longer than 180 days or never connected to your corporate network to begin with would need to use a Machine Activation Key or MAK.  

These MAK keys will be allocated a certain number of activations when generated. A machine that you input a MAK key on will then activate over the internet against a Microsoft servers and decrement the MAK Key’s license count.  These keys will prove an attractive target for people who traffic in windows piracy since they contain multiple activations.

Let’s assume you create a MAK that contains 500 licenses and you use it to activate one of your machines over the internet. This key for whatever reason leaks onto the internet. So, what happens when or if these MAK leak? Well your purchase agreement with Microsoft is for a certain seat count.  Today’s VL media makes this basically a trust scenario. You say you have 5,000 seats and pay for 5,000 seats.  There is no formal audit and you true up periodically. This key that you issued now gets used by 499 people on the internet and is no longer valid.  Who pays for those 499 seats?  Yeah, you guessed it: you are now potentially floating that bill for those copies of windows.

A number of things would have to have happen to make this a true scenario, like VL media would have to leak and a would be pirate would have to come up with a way to either social engineer a key out of you or capture it on input.  However, the likely hood is certainly there and so not only does Volume Activation 2.0 mean more work and more infrastructure to support, it also appears that you could be paying for someone who is pirating windows.