Windows Vista can be run for at least a year without being activated, a serious end run around one of Microsoft's key antipiracy measures, according to Windows expert, Brian Livingston.
Livingston, who publishes the Windows Secret newsletter, said that a single change to Vista's registry lets users put off the operating system's product activation requirement an additional eight times beyond the three disclosed last month. With more research, said Livingston, it may even be possible to find a way to postpone activation indefinitely.
"The [activation] demands that Vista puts on corporate buyers is much more than on XP," said Livingston. "Vista developers have [apparently] programmed in back doors to get around time restrictions for Vista activation."
Microsoft Calls it a Hack
Microsoft promptly labeled the registry change a "hack," a loaded word that is usually synonymous with "illegal."
"Recently it has been reported that an activation hack for Microsoft's Windows Vista operating system has been identified," said David Lazar, the director of the company's Genuine Windows program, in an e-mail. "Although these reports are purely speculative at the moment, we are actively monitoring attempts to steal Microsoft intellectual property."
"This is not a hack," Livingston shot back when Lazar's e-mail was read to him. "This is a documented feature of the operating system." To back up his view, Livingston pointed out links to online support documents where Microsoft spells out the pertinent registry key. Nor is it speculative; Livingston demonstrated the procedure live via a Web conference session Thursday and claimed "we have run this dozens of times."
Livingston last month revealed that a one-line command lets users postpone Vista activation up to three times. Combined with Vista's initial 30-day grace period, that meant users could run Vista for as long as 120 days before they had to activate the OS. At the time, Microsoft seemed unconcerned with the disclosure, and flatly stated that using it would not violate the Vista End User License Agreement (EULA).
"The feature that I'm revealing today shows that Microsoft has built into Vista a function that allows anyone to extend the operating system's activation deadline not just three times, but many times," Livingston said.
Microsoft documented the key on its support site in a description of what it calls "SkipRearm". In it, Microsoft explains that "rearming a computer restores the Windows system to the original licensing state. All licensing and registry data related to activation is either removed or reset. Any grace period timers are reset as well."
By changing the SkipRearm key's value from the default "0" to "1," said Livingston, the earlier-revealed "slmgr -rearm" command can be used over and over.
In tests with several editions of Vista purchased at different times, Livingston found that copies of Vista Ultimate and Vista Home Premium obtained at the end of January would accept the SkipRearm change only eight times. Together with the three postponements made possible with slmgr -rearm and the opening 30-day grace period, that would give users nearly a year (360 days) of activation-free use. A copy of Vista Home Basic bought March 14, however, ignored the SkipRearm registry change.
"Microsoft has slipstreamed something into Home Basic and Home Premium," Livingston said. "But from my reading of the support documents, Microsoft needs to keep this feature in its business editions, Vista Business, Enterprise and Ultimate. It seems that Microsoft is sympathetic to enterprises' difficulty in rolling out Vista within the activation deadlines."
Lazar did not answer several questions e-mailed to him Thursday, including one that asked why Microsoft had included the SkipRearm feature in the first place. However, he indicated that the feature could be blocked if Microsoft desired. "It is important to note that these hacks are, at best, temporary. Microsoft has systems in place to detect and block piracy."