(Image used under: Fair Use doctrine)

It looks like there's a legitimate working hack for Vista that kills their bogus activation scheme. Microsoft is saying that they're not going to do anything about it yet because they don't know if it will become a wide exploit. But I think this commentor (from the source article) has it more correct:

They didn't think it through as a "hacker" (pirate more like it) would, and now they have a problem. Millions of legitimate users are out there with legitimate hardware sold with Vista. MS can't simply pull the carpet out from under these users. They will need to devise a way that all users can continue using their systems without having to do something drastic like reinstall or update the BIOS because many users simply don't know how to. Even locating the product key on the sticker would be difficult for some.

MS can't simply pull the OEM keys and try again.

But on MS's side, the number of users using this method is very low. And MS have said they'd prefer we pirate Windows than use MacOS or Linux.

(Image used under: Fair Use doctrine)

So companies don't want Vista? Well, we can fix that…. (hand rubbing and evil snicker).

Microsoft will stop allowing companies to install OEM versions of XP by the end of the year.

(Image used under: Fair Use doctrine)

Good news: Here's an article on how to use Vista's compatibility mode to run older software.

Bad news: According to all the comments on the article, it doesn't work at all (which matches my experience with the XP compatibility mode).

(Image used under: Fair Use doctrine)

Though this is the first I've heard of it, a simple hack for any Windows machine since 2000 is to replace the executable file that run when you hit Shift 5 times (called sticky-keys). Since this can be run from the logon screen, as long as a hacker can gain root access to a machine once (say they're a legit user on a multi-user machine), they can use this to bypass logon.

(Image used under: Fair Use doctrine)

In a nod to people who actually understand the consumer psyche, here's an article explaining that users are likely to find the User Account Control so annoying that they'll just turn it off.

(Image used under: Fair Use doctrine)

There's buzz online about how a Symantec researcher has already broken Vista's firewall to pieces. This is hardly surprising, but what is surprising is how easy it was. While the firewall has a dialog box asking if a user wants to allow a program to access the Internet, Microsoft allows the program itself to click the OK button for the user. So basically, spyware programs can choose to get online or not. I wonder what they'll choose to do?

(Image used under: Fair Use doctrine)

Microsoft has now admitted that their software validation tool will check in with Microsoft servers even if you tell it not to.

But if you cancel the installation of WGA, maybe because you dislike the privacy implications, the software will still phone home. Microsoft stresses that WGA does not take any information which could identify you as an individual, but is only used to collate statistics on WGA use.

Who cares if it can't personally identify you (if that is indeed true)? The point is that you are not in control of your own software. For those non-technical among us who have always wondered by geeks hate Microsoft, it's because of stuff like this.

(Update:) ArsTechnica expands on this saying that this behavior is typical of ANY software distributed through Windows Update.

(Image is in the Public Domain)

Apple is laughing all the way to the bank with the release of Vista. In their recent ad campaign, you see two people where one represents a Mac and the other a PC. One of the more accurate ones describes the new security "features" of Vista that prevents you from doing nearly anything without constant warnings and dialogue boxes. It may be tounge-in-cheek, but it's pretty close to the reality.

It's stuff like this that make people turn off security features just so they can get work done.

(Image is in the Public Domain)

The Mac website is tearing Vista to shreds listing how many of its "cool features" have been in Max OS X since 2001. As I'm reading the nearly snide snickering articles about why Mac is (and has always been in their opinion) better than PCs, I noticed one important thing about the upcoming Leopard system.

Apparently, they plan to have a type of content management built into the OS which means that if you open a file to find it corrupted or accidentally made changes you didn't intend and saved it, the Operating System will let you "go back in time" to see earlier versions of that document.

This is not the same as Windows' System Restore feature that keeps backups of your system files, this is for each individual file and can be accessed without system restart.

(Image used under: Fair Use doctrine)

The Register has an article about a bogus Vista activation key generator, but lists this interesting bit near the end:

The latest attack exploits Vista's System Locked Pre-installation 2 (SLP2) mechanism, technology which allows Microsoft's favoured hardware partners to avoid users having to activate their Vista installs. SLP2 combines an OEM specific certificate along with markers in the machine's BIOS and an appropriate product key.

The hack involves creating a BIOS emulator that serves up the correct BIOS data when needed. Used in combination with the appropriate OEM certificate and product key this defeats the activation mechanism. Information on the OEM certificates and other information needed for the hack to work are available. Withdrawing the affected keys in order to defeat the hack would likely upset Microsoft's OEMs.