Illegal KMS server appears on the Internet

The business launch of Windows Vista is only a few days behind us and already the attempts to pirate Windows Vista are underway.  Recently I stumbled on news of a rogue KMS servers that has appeared on the internet with information on how to activate a copy of Windows Vista VL against the server. Once activated your illegal copy of Windows Vista will be good for 180 days before it needs to talk to the KMS server again.

KMS, which stands for Key Management Service, is part of the Volume Activation 2.0 scheme to protect Windows Vista and Longhorn Server from piracy. As part of your license agreement with Microsoft you agree to not bring up a KMS server on the public internet.  This server is a clear violation of that agreement, which I doubt they had.

To complicate matters this server appears to be setup somewhere in China.  Which I assume would make things a little difficult for Microsoft from both a political and technical standpoint. The domain name which is registered to Shenzhen COMEXE Communication Technology Co. Ltd. has a history of shady activity. It was a domain name that a variant of a recent zero-day bug in word was trying to communicate with.  Coincidence?  Unlikely!

So what does this mean?  Well hopefully Microsoft can get the server shut down in pretty short order, and even if they can't then the key will likely get flagged and anyone that has used it will no longer be able to download anything that requires Windows Genuine Advantage.

I think we might see the occasional rogue KMS server that Microsoft has to shutdown, but the real question is....Do you think Microsoft will succeed at protecting Windows Vista from large scale piracy?


Posted Dec 03 2006, 07:40 AM by Josh Phillips
Filed under: , ,

Follow Me on Twitter

Did you enjoy this article? If yes, then subscribe to our RSS 2.0 feed or

Comments

Robert McLaws: Windows Vista Edition wrote Illegal Vista Activation Server Pops Up
on 12-03-2006 12:20 PM

Josh over at WindowsConnected is reporting that an illegal Key Management Service (KMS) server has popped

jayson knight wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 1:04 PM

In a word, no...but then again you'd have to define "large scale."  

Josh Phillips wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 1:08 PM

Very true...Scale can be a big factor, let say 100,000 and up?......and the other question is how successful (Painful) they can be at killing leaked keys.

AlphaAlien wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 1:23 PM

Anti-piracy is a fundamentally flawed idea and one which has (despite over 10 year's of effort) never worked. Name a single anti-piracy mechanism that has successfully protected a piece of software that someone was serious about cracking. You can't. With Vista the eventual *real* crack will probably be done using a self built image via WAIK which uses the alternate MAK (Multiple Activation Key) and a modified FBA to report it as being authenticated.

graphicartist2k5 wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:05 PM

who didn't see this coming? i think this needs to be filed under the "no ***" category. it'll be a matter of time before Vista is cracked, and everyone will have their own copies of it. just give it time.

TellusCitizen wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:29 PM

.. and in other News, Scientist discover that water is wet ...

the alchemist wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:30 PM

The question should really be, why are people trying to pirate Windows Vista? My take is that they want to:

a) get an early copy, since January 30th is an unbearable wait

b) Microsoft charges *way* too much for Windows, and most people feel like they're being ripped off. Likewise, this is the same reason people steal music. Ironic, considering Microsoft is paying UMG a fee for every Zune player they sell, because Zune customers are stealing music, right?

The idiocy of corporate America abounds.

Winston wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:31 PM

I think MS has finally hit their targets. Yeah you'll still have people who pirate software, but you will no longer have the typical home user having an illegal copy no more. If you think about the XP days, where your cousin,uncle, aunty asked you for a copy, you'd probably pass them an illegal corp edition copy and then if they're really that illiterate you'll install it for them as well and then that's the end of the story, but with all these issues with the OS having to have to talk back to servers again etc, it just wouldn't work when you're using an illegal copy, then your aunt's, uncles etc will be pulling you over every 2 months to get you to re-apply some updated crack/bypass method or some sort. This annoyance will definitely turn down the mass market of illegal users.

Most IT guys are the only ones who would be keen to pirate it, but if you also think about it, a lot of IT guys are probably working or have an occupation where they can acquire a legal copy of it as well.

beth wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:43 PM

Piracy has been solved as soon as Microsoft replaces WGA with MMA.

Whats MMA?

Microsoft Mafia Advantage.

"Hey you copy my Vista? Now I break your legs."

Delson wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 5:47 PM

Winston, the cousins and aunties are probably are very small minority of the people using cracked Windows. The vast majority are young people, who are technically skilled, and can't afford to pay for the OS. Even if they could afford it, they would pirate it anyway because it's so easy.

Never has there been an anti-piracy scheme that has not been overcome. You can be pretty sure that cracked Vista will be easily available, like all cracked Windows before it. And if the new anti-piracy schemes are a new hurdle now, they will soon be better understood and new, easier circumventions will appear.

sujayakar314 wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:01 PM

anti-piracy is a lost cause.  There will always be people out there waiting for their next challenge to crack.  The only anti-piracy measure that i can think of working is valve's steam.  the very nature of it (checking in with valve's servers everytime you play) is practically impossible to crack.

Nikoli wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:05 PM

Wouldn't the whole "required contact to the server" thing be a problem for people with no internet?  Not everyone has internet, therefore not everyone can contact the KMS Server.

Justin wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:14 PM

The only anti-piracy that works is Pro-Tools, because the external harddrive actually does alot of the processing.

Steven wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:18 PM

Not everyone will have a cracked version now, which is good for MS, since people don't want hosed down systems. Sure they're be cracks, but WGA is getting annoying already, and forcing people to check every 180 days will force people to buy it.

manwith1nipple wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:39 PM

hay, that's a great idea! install a client-side activation server, and use HOSTS to forward requests to that server! is this doable? :O

dJCL wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:41 PM

Options to crack:

1) Virtual Key Server - something you just run on your firewall or another box that convinces windows that it is legal.

2) Just a cracked windows, and for windows updates you use a torrent site with an rss feed to download the cracked updates - probably even have a seperate program to do all this for you - it will be more convenient then the MS solution and not need IE!

3) The master encryption keys at MS get leaked/cracked and all hell breaks loose!

adogg wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:44 PM

did i mention that you can only register your vista activation key 10 times that is it, Im already on my 2nd install leaving me only 8 more times I am able to install vista that is another way to stop piracy

SteveyDevey wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 6:53 PM

Just for the record, Valve's steam copy-protection was broken long ago. You still have to validate to play on their servers last I heard, but you can play offline games with cracks that are easily found out on the interweb.

Also, ProTools doesn't use an external harddrive as part of the lock, just the devices themselves (mbox, select cards, keydrives, etc). But again, there are emulators for some of that hardware to get around it.

Copy-protection will always fail. Companies have their team to develop a method of protecting what they've got. If people want to break that protection, they can put as much effort into it as they want, with as many other interested people. Just my 2c though, I guess.

Josh wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 7:38 PM

I'm just wondering what is in store for Windows users who do not have internet access.  Lets face it, not every Windows box is going to be able to check-in with MS every 180 days.

Josh Phillips wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 7:41 PM

They would phone activate.....they do have a phone, right?

jrghoull wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 7:57 PM

@ josh

i'm guessing that the legal version of windows wont need this? though yeah this *** is gonna be a bit of a problem...though how many people can afford to buy a computer good enough to handle vista...but not internet?

it'll be interestin to see what happens

(course i dont know how we'll see this seeing as how they wont have the internet, hence wont be able to blog about their problems :-P)

Chris wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 8:00 PM

How about a custom copy of the OS prepared with WAIK, with a key server built in and bound on localhost, then a hosts file entry for the real MS keyservers pointing at 127.0.0.1?

There's no end of solutions for the problem. If only Microsoft would just sell the damn thing for a reasonable cost, few would bother to pirate it. I know I'd have no problem paying $50 for it, but it's a moot point as most new PC's will have a legitimate copy preinstalled, so by the time it's stable (~ 3 years) you'd be hard pressed to buy a new PC without it being there anyway.

Sammy wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 9:04 PM

It isn't an "illegal" server unless its operation somehow breaks the law in the jurisdiction it is located in.  Josh seems to assume that this is an illegal server, but is he familiar enough with Chinese law to say so for sure?

Brad wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 9:55 PM

See, the thing about the current activation is that it is still so lax.

If your key runs out of activations, call them using the telephone option and say it has never been used before.

Works every time.

Rick wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 10:13 PM

Maybe Microsoft needs to go at this issue the same way Putin did

angel wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 11:23 PM

i broke, i wait for friendly neighbourhood crack.

asdf wrote re: Illegal KMS server appears on the Internet
on 12-03-2006 11:36 PM

"Anti-piracy is a fundamentally flawed idea"

Get real, all it's going to take is a group smarter and more agile than MS

Furo wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 12:17 AM

Vista will be pirated to the same extent as XP, without question. The issue at hand is the leaked keys. It's simply not possible for any corporation of size to keep all of their keys under wraps, and if Microsoft thinks that corporations are going to jump through a lot of hoops to re-key a large number of machines because of one disgruntled employee, they are kidding themselves (or even an employee that has a key ripped off by a sneaky acquaintance... it happens). They already aren't terribly popular with IT departments that now MUST put up dedicated resources, time and personnel just to bow to Microsoft volume licensing demands. If Microsoft then comes back and says "you have to re-key five thousand workstations because the key was leaked and we're disabling them", I'm guessing the response won't be terribly friendly.

Vista will get a foothold, without question, but it won't be anytime soon. The marketing numbers will show a gazillion licenses sold due solely to the software assurance line items changing from XP to Vista and OEM pre-installations that will get wiped in favor of XP, but that will not even closely resemble the number of PCs actually running Vista. A lot of companies are still running Windows 2000 on desktops. More than you'd think... large companies... even large technology companies. No way they drop everything and spend scads of money from precious IT budgets just to ensure that Vista has it's 256MB of video RAM and a 2GB flash module for ReadyBoost. Not going to happen. It'll be a niche OS for the first 2 years, which is saying a lot. The TCO of Vista is absolutely enormous.

-Furo

McFly wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 1:12 AM

They really don't want to get Vista completely impossible to pirate. Thanks to that piracy, Microsoft has today's market share. Most of people won't pay for Vista if that happens, so ¿Vista could become in the latest home OS from Microsoft?

Betty Remple wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 4:27 AM

It stands to reason that the people in IT departments have more than enought things to do than wait endlessly on tech support lines for Microsoft with nice music playing and will not be too happy with the whole process especially when they have other much more important things to do and as well have paid legitimately  ( or their companies have paid) for legitimate keys.

You can save a dollar , prove who is boss and yet antagonize and infuriate your core business base.

Look at the US Car companies with their overpaid executives to see an example of clueless stupidity prooving  "who is boss" .

Hokgiarto wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 4:32 AM

Vista will be pirated. I thing few solution for Microsoft are:

- Sell Vista cheaper if it is bundled with hardware (exp. Buy Laptop get Vista)

- Make Local Vista with Local Price (exp. Vista Business Indonesian Edition with price that Indonesian People can afford)

- Make sure that Original Vista is better than pirated one (Not like many protected game that only make the original buyer having many problems, while the pirated one is not)

bill doors wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 4:33 AM

vista is just promoting linux. after seeing the price of vista most pc enthusiasts would be convinced to make the switch.

Michael wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 5:02 AM

After seeing Apples interface in Vista and some of the same exact desktops it really says, steel this and steel that,  amazing how the backlogged ie 7 for so long and what was it like witth in a week there were numerous exploits and hacks and gosh who knows how many security updates out for it.  Now comes Vista,  the main thing that amazes me is that how many programmers are working for M$ and they still cant get it right,  they spent what 4 billion on R&D and it got them where?    At least now M$ can push all the hardware makers to change and upgrade and come out with higher costing platforms to run there shiny OLD OS.    Now whats the new release after Vista?   Linux is so becoming more and more the peoples choice,  along with Apple computers with the new Intel chips is coming more into the main stream,  I do NOT think that Apple with ever dominate,  but they do have a good thing going.  

Just my ten cents,  

Michael

sure wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 5:10 AM

oh will the linux/mac lovers  ^^^^ stop putting oil in the flame your OSes only have 1% market share for a reason, microsoft did/is doing something right

anyways vista has been running great here for the last week and didnt cost me a cent

god bless usenet

baslan wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 6:26 AM

If this is true: http://www.guru3d.com/newsitem.php?id=4621, then microsoft can except many to get a pirated copy.

I wouldn't pay $700 for an os when I can get one for free, and especially when it costs less then half in another country.

RSi wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 6:46 AM

first of all, 1% market share means what? i bet you 90% of os x users have a legal copy of the OS. Can you say that for windows?

and yes, from a business standpoint M$ is doing good for themselves. That doesnt mean they care about their software or their end-users.

good software companies will hold back and delay releases if theres even a chance of any exploit. Theres a reason we are on 10.4.8 instead of 10.4.238234324, as there are already updates and security fixes to anything M$ has released within 3-5 days.

and just to boot, my friend had a workstation, with a legit copy of XP. Everytime it boots up, dialog box comes up that says "Thank you for migrating to Windows 3.11".

Shows you exactly how NEW the resource hogging Aero GUI is.

If microsoft actually wrote decent code, and shipped it out at a resonable cost, they might still have the market share they do, but this time with people actually paying for the software.

You cannot stop piracy. You can make people jump through hoops, but theres always people who have the time and the skill to make those hoops wider and easy to jump through.

Its just sad to see that people need to validate to M$ to get updates. Only because the OS NEEDS updates. By writing crappy code, M$ is ensuring that people will have to validate. What a terrible excuse for a company.

Bill Gates can be as philanthropic as Mother Teresa, but Microsoft's greed and terrible ethics offset that by a factor of 10.

oorza wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 7:02 AM

@ sure,

ok, I don't want this to become a windows/linux flame war, but the reason that windows has 90%+ of the market is that they give discounts to computer manufacturers for volume licenses depending on how easy they make linux/mac availabe.  Know why lenova thinkpad's cost so much? Lenova has to pay more for windows because they sell linux laptops.  Also, most people don't even know an alternative exists.  If Dell shipped with Ubuntu + some modifications to make a low-end user hardly notice the distnace, no one would care, except the people saving $50 a compuiter :)

Mark wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 7:04 AM

I think Vista will be cracked eventually, each time MS released an update to WGA, it got cracked and there are always computer programmers and coders out there who thirve on the challenge of breaking the latest anti-piracy methods!

I remember when HL2 came out and it was thought to be "un-piratable" due to the activation needed on the steam server and each game generating a unique ID no. How was it cracked? Someone dumped to installed games folder onto a DVD and voila! You can't play online but this was ages ago now - it just struck me as one of the most basic ways to copy a game and it worked despite this fiasco needed to install it!

Chris Conner wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 7:25 AM

I can see that there is still a lot of disinformation out there.

For starters, KMS - Key Management Service is a service that is activated ONE TIME with Microsoft - Yes, that means that if you have a business or agency where your computer do not get on the internet you just phone activate the KMS service.

A business must have 25 Vista enabled PC's to use the KMS feature. These Vista PC's will activate INTERNALLY with the KMS service. The KMS service will NEVER TALK to Microsoft when each of these Vista PC's activate against it. Then, the machines that were activated will reactivate against this service once every six months.

Why is this cool? Imagine that I have a company employee who is a sales person with a laptop with Vista installed on it - as long as he / she comes into the office once every six months OR VPN's into the office - they can get Vista reactivated. If this individual no longer works for me, I don't necessarily have to be concerned about my licensing - that PC will go into reduced funcationality mode at the most 6 months from today - thereby forcing the user to get another copy (hopefully legit) of Vista.

I believe Microsoft is going in the right direction with regards to piracy. I do not believe they are going to totally get rid of it - but they are going to get rid of the casual piracy that plagues Windows XP.

I laugh when someone says they are not going to pay $500 for an OS - the most expensive version of Windows Vista is the ultimate edition - and it is $399!!! 90% of users out there DO NOT NEED this version. It is a combination of all the business and consumer editions of Vista PLUS the Ultimate Extras. Home Premium Edition is what I recommend for everyone at home. Cost? $239 for full edition and $159 for upgrade version - you DO have XP right? ;).

If you are going to moan that you need a legal copy of Vista to get security updates - I strongly encourage you to use Linux. It is free, has a great user community, and requires you to be at least technical in how it works to use it otherwise stop complaining and get legal afterall you DO have choices right?

graphicartist2k5 wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 7:38 AM

they may not "need" the ultimate edition of Vista, but i can guarantee you that that's the version everyone will want to have. why? because that's the version that will have a whole boatload of features, whereas other versions of Vista may be scaled down a bit more.

Chris Conner wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 7:56 AM

"Boatload of feature" - LOL

No it does not. The Ultimate Edition - in comparison with the Home Premium Edition that I mentioned above is only different in 4 aspects:

1) The ultimate edition has advanced backup features geared for businesses.

2) Business networking and remote desktop (i.e. you can join a domain with this edition as opposed to just workgroups)

3) Bitlocker Drive Encryption - whoppee - only important if you are a business traveller who needs to protect their data if your laptop gets stolen.

4) The Windows Vista Ultimate Extras - which is the primary reason of the price disparity between this and other editions. Microsoft is supposed to be providing "extras" - as yet unknown what they are (well one I know - the "live" background)

Like I said - 90% of the people out there are NOT going to need anything more than the premium edition of Vista.

On a side note, just because I'm thrilled - did you guys know that only two editions of Vista have the built-in DVD codec to play movies with Windows Media Player? Which editions? Yup thats right - its the Windows Vista Home Premium Edition and Windows Vista Ultimate Edition.

Here is the URL on the features comparison:

http://www.microsoft.com/windowsvista/getready/editions/default.mspx

To get prices on each edition - just click the details button for each edition and scroll straight to the bottom - should be near the last paragraph or so. I'm sure a lot of you will probably get the OEM version (whose prices are less than these).

Jonas wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 8:19 AM

@Michael - It's "steal" (not "steel), "to run their" (not "to run there"), "what's" (not "whats"), etc. Your opinions are as hopeless as your grammar. Linux is not becoming "the people's choice"... it has the same minority appeal as ever before. Mac is not becoming mainsteam... it is still hanging about on the fringes, appealing more to the 40+ age group than the young and hip image they like to portray.

However, I do, like yourself, wonder where the billions of dollars they invested went. Virtually all of the key features were dropped and, despite being a decent OS, it is a shell of what it was supposed to be (not to mention the huge delays). Then Microsoft has the cheek to turn around and charge £370 for Vista Ultimate / £230 for Vista Home Premium!!! I hate the arguement "I wouldn't pirate it if it was cheaper" but sadly I can understand that viewpoint - these prices are an insult to consumers, particularly when paying customers are effectively accused of being pirates and have to prove their innocence through WGA or whatever the latest scheme is that Microsoft has come up with.

NEway, these activation workarounds are all very nice but as long as automatic updates are enabled it seems inevitable that they will be of little use and will be tackled by Microsoft. I imagine that there will be a real clamp down on piracy with Vista, as evidenced by WGA. Microsoft had a lot of gain from piracy 10 yrs ago but now consumers have little option - they can either buy a considerably more expensive Mac or sacrifice program compatability / games / functionality / visual appeal / etc, and move to Linux. Neither is a truly viable option, so Microsoft has a captive customer base.

ck wrote re: Illegal KMS server appears on the Internet
on 12-04-2006 8:52 AM

"Quote: The ultimate edition has advanced backup features geared for businesses." I haven't seen this... would be good news.. what extras does it have?