Genuine Windows Blog

Announcing the new Genuine Windows Blog on http://windowsteamblog.com/

It's been over three years since I first launched the Genuine Windows Blog, and a lot has changed in that relatively short time. Not only did we continue to release updates to our technology for Windows XP, we also introduced a new experience and technology for activation and validation in Windows Vista and Windows 7, called Windows Activation Technologies.

I'm happy to announce that the Genuine Windows Blog will now join the Windows Team Blog family.  This is a plus because a lot of you already go there for the latest and greatest news about Windows and related products.  The look and feel of the blog will change some, and you can expect improved communications from us on a more regular basis and on a wider range of topics.  The new blog format will also include postings from other members of the genuine Windows team - they have a lot to say about what Microsoft is doing to help protect customers from the risks of counterfeit software, and what we're doing about fighting piracy.

Even though the blog location's changing, I hope our interaction won't.  This blog has always been a great way for me and the genuine Windows team to stay in touch with our customers.  I appreciate your willingness to comment and express your opinions about genuine Windows, and I hope we'll continue to hear from you. 

Please visit us at our new Genuine Windows Blog location! (http://windowsteamblog.com/blogs/genuinewindows/default.aspx)

- Alex

Windows 7 OEM Product Key Leak

Yesterday we were alerted to reports of a leak of a special product key issued to an OEM partner of ours. The key is for use with Windows 7 Ultimate RTM product that is meant to be pre-installed by the OEM on new PCs to be shipped later this year. As such, the use of this key requires having a PC from the manufacturer it was issued to. We've worked with that manufacturer so that customers who purchase genuine copies of Windows 7 from this manufacturer will experience no issues validating their copy of Windows 7. At the same time we will seek to alert customers who are using the leaked key that they are running a non-genuine copy of Windows. It's important to note that no PCs will be sold that will use this key.

Windows 7 already includes an improved ability to detect hacks, also known as activation exploits, and alert customers who are using a pirated copy.  There is a hack that is said to enable, when paired with the leaked key, a system to install and use a copy of Windows 7 Ultimate. Both the hack and the key are indications that a copy of Windows may not be genuine. The Windows Activation Technologies included in Windows 7 are designed to handle situations such as this one, and customers using these tools and methods should expect Windows to detect them. 

Our primary goal is to protect users from becoming unknowing victims, because customers who use pirated software are at greater risk of being exposed to malware as well as identity theft. Someone asked me recently - and I think it's worth noting here -- whether we treat all exploits equally in responding to new ones we see. Our objective isn't to stop every "mad scientist" that's out there from dabbling; our aim is to protect our customers from commercialized counterfeit software that impacts our customers' confidence in knowing they got what they paid for. That will continue to be our focus as we continue to evolve our anti-piracy platforms, and respond to new threats that we see emerge in the future.

Activating Windows 7

Now that the Windows 7 Beta and RC are out, and the official general availability date has been announced, it's a great time to talk about Windows activation and how it's going to work. For customers who are already familiar with activating Windows Vista this will feel pretty familiar and, as far as the user experience goes, it's not to different from Windows XP. Of course as I discussed in a previous post Windows Activation Technology is pretty different from it's predecessor in Windows XP but this post is about the customer experience and making it easy to understand.

Activation is the initial process by which a Windows running on a PC is determined to be properly licensed and genuine, and it's really quick and easy.   A lot of folks don't realize that activation is required, so our team decided to put a little video together about Windows activation to help explain what it is, why it's required, and how to do it.

Check out the Product Activation in Windows 7 video below and let me know what you think.

Just a little bit of housekeeping before I forget:  if you are running the Windows 7 Beta on your PC, read helpful information about expiration and moving to the Windows 7 Release Candidate.  If you are running the Windows 7 Release Candidate on your PC, check out some frequently asked questions for the Windows 7 RC, including how to locate your product key for activation. 

 -Alex Kochis, Director, Genuine Windows

Microsoft works with local Chinese govt. of Hangzhou to reduce piracy

As I write this post I'm about to depart China after a week of travelling through three cities and visiting with dozens of customers and partners and also locally based colleagues. While I was here our Beijing office announced a plan to work with the government of the city of Hangzhou to reduce piracy while Microsoft works to support increased developement of Internet new applications and business models for cloud computing in that city. We also announced a second technology center and additional support for existing efforts.

While Hangzhou is a special city because it its the home of Alibaba.com, one of China's largest internet search providers, our team also announced our hope that we could work to develop similar activites elsewhere. See the Wall Street Journal's report here.

I think this kind of work is essential to increasing awareness among customers and users of Microsoft products in countries that have relatively high piracy rates. I believe our focus on education and awareness have been central to the progress we've made over the last few years.

-Alex

Pirated Windows 7 RC builds a botnet

Just a quick follow up on my recent post about the Windows 7 RC being available over bittorrent sites but with malware embedded. There are now reports, such as this one from cnet, that the malware infected downloads were actually building a botnet. It is being reported that the botnet added over 25,000 clients in just over two weeks.

Trend Micro is also reporting that in the last ten days they've found malware that's masquerading as a download of Windows 7 RC. On their blog they say

"The file which arrives with the file name setup.exe is detected as TROJ_DROPPER.SPX. TROJ_DROPPER.SPX drops TROJ_AGENT.NICE."

As many of the news stories I've seen on this are reminding people - the best and safest way to get the Windows 7 RC is direct from us at this site. 

 -Alex

New BSA Piracy Rates for 2008

In the last few days the Business Software Alliance has released the BSA Global Software Piracy Study for 2008. The study establishes piracy rates for all packaged software products in over 100 countries. This year's results were mixed with over half of the countries included seeing their rate decline. The rates also declined for many of the large high-piracy markets like China, Russia, India and Brazil. But while the rates declined individually for each of these markets they're large enough to push up the overall rate as the growth of these markets continues to outpace others in the world. For this reason the overall rate grew this year from 38% to 41%.

In many ways, the conclusions and logic are not surprising - high piracy markets are growing faster than low piracy markets so the overall piracy rate goes up.  But a few things about the study piqued my interest and I wanted to share my thoughts on.  Once again, I was reminded of the global/local dynamic of the challenge - while improvements can be made in one area, they are often outweighed by piracy advancements in other areas.  We spend a lot of time thinking about both very local approaches - working with local officials, providing benefits for genuine users tailored to local markets, and identifying local partners with whom we can work.  But we also think globally - what engineering changes can we make in our products (such as our recent announcement of Windows Activation Technologies in Windows 7) that will work across every geography where Windows is available.

As mentioned above, the study attributed most of the growth in piracy to the growth in emerging markets, and cited a continued emphasis on intellectual property rights as key to minimizing piracy growth.  While we certainly agree with that, we also think that there is more we need to do.  Sometimes in high piracy markets it can be challenging to even find genuine software and be confident that it is in fact genuine and not just a high quality counterfeit. Having spent the last week in China I can say that while genuine software is readily available there's not as much of it as there should be and it can sometimes be hard for the customer to know what to look for to be confident that they're really getting what they paid for.

I also wanted to point out that while we don't release specific piracy rates for Windows we have historically described them as broadly in line with the rates for overall software piracy as documented in this annual study. This is the first year that I can recall that our internal estimates are diverging from the overall rate. This year we have seen our estimates of piracy of Windows not increase with the overall BSA rates. We believe this is a result of more partners wanting to work with us, more customers checking if their software is genuine, and generally more demand for a genuine product.   We believe if you focus your program on delivering a good customer experience and helping your partners and resellers to provide better service and deliver a better experience, make genuine product easy to obtain, and help customers who have been victims of software piracy you can make a positive difference for your customers, partners and your business. I believe that's what we've seen happen over the last year.

-Alex

Windows Activation Technologies: Activation and Validation in Windows 7

Earlier today we posted on Microsoft's Press Pass site an interview with our group's General Manager, Joe Williams. In the interview he discusses our approach to anti-piracy in Windows 7. The full details can be found here; but basically the interview covered the following points.

The Windows 7 activation experience will be familiar to users of Windows Vista SP1

The Windows 7 activation experience is based on that of Windows Vista SP1 and should appear familiar to users of Windows Vista SP1. This includes the notifications that alert customers if they need to activate their copy of Windows and helps them with issues that may occur -- including the possibility that they might be a victim of software piracy.

Windows 7 includes an updated notifications experience for product activation

We heard feedback from customers that while the notifications that appeared in Windows Vista were effective at helping alert customers, there might be more we could do and say that would be helpful. So for Windows 7 our goal was to do a better job of helping customers make decisions with confidence about which action to take. In Windows 7, we're being more descriptive about what Windows is actually doing and providing more information about what, if any, actions the user should take as a result.

In the Windows 7 timeframe, one of our goals is to improve support for deployment and activation in the enterprise and other large organizations

We also heard from enterprise customers that there were some scenarios where our activation tools could be improved, to help ease the burden on IT departments. So we've added to some of the existing tools for IT professionals and made them easier to access to better support those who need to manage Windows activations at an organizational level. One example is the new support for activation in virtualization scenarios where KMS now counts virtual clients. This is important for customers who have fully virtualized environments or customers who have dev/test environments where virtual clients are used heavily.  

Other changes

Though not a core part of the Windows 7 product experience, one of the changes we are making to our anti-piracy efforts is to better distinguish between the generations of technology we're deploying. As many of you know, our online validation program, known as Windows Genuine Advantage, is a program designed for use with Windows XP. It was also designed to be added to the existing product activation technology that began shipping broadly with the versions of Windows XP that were already in the market. The addition of WGA to the anti-piracy technology used to protect Windows XP was key in that it enabled us to be much more agile in our response to techniques used by counterfeiters and pirates. As a result of the success of WGA, we built validation technology into Windows Vista from the beginning. These components were new and were built for use in Windows Vista. The same components, though tuned up a bit, form the basis of our activation and validation technology in Windows 7. To better reflect this latest generation of technology we will refer to the activation and validation components in Windows Vista and Windows 7 by a new name, Windows Activation Technologies.

In this latest generation of the technology activation and validation work together to protect Windows from being compromised or tampered with for the purpose of working around product activation. The notifications experience and the steps required to resolve issues are largely similar between Windows Vista and Windows 7 though we have made a number of improvements. In most cases a customer simply needs activate Windows with a genuine product key to resolve issues.

One of our design goals in this generation of the technology is to enable Windows to get smarter over time so we added the ability to receive new information that Windows can use to detect and protect against the latest activation exploits, tampering or other attempts to circumvent product activation.

We've also added to the online service that supports activation and validation on the Microsoft side with extensive systems monitoring, geo-redundancy and a focus on accuracy.

Overall, Windows 7 represents the latest technology in the tools and methods Microsoft has developed fight software piracy. As we look ahead, we know there will be new exploits that pirates will try once Windows 7 ships. In fact, we've already begun to see evidence of these efforts; our customers and partners have our pledge that as long as pirates keep trying to exploit Windows for their own ends, we'll be working to beat them through the technologies we develop and the programs we run to protect our customers, partners and Microsoft's intellectual property.

To see some of the changes between Windows Vista and Windows 7 take a look back at my post here about the notifications experience from the Windows 7 Beta, I don't expect much to change between that and our final release.

Windows 7 RC torrent files infected with trojan

Wow that was fast, though I don't suppose I should be surprised. Earlier this evening I visited the blog of a colleague of mine and saw in a post of his (thanks M3!) that leaked Windows 7 RC files that were obtained through bittorrent have been found to have been infected with a trojan. I say that I shouldn't be surprised because in research we supported a couple off years ago we discovered that the typical methods that someone would use to find and obtain unlicensed software (much of it over bittorrent) exposed users to significant risk from trojans and other malware.

Not that I have anything against bittorrent. In fact I invited Bram Cohen, creator of Bittorrent and it's protocol, out to Microsoft a few years ago to have an informal conversation about the relationship of the Internet and technology such as Bittorrent to software piracy. As I recall it was a good conversation and I certainly respect him and the technology as innovative and powerful.

I do hope that no one has had any problems as a result of the infected files. This example unfortunately shows that there are those out there who see the significant interest in something such as Windows 7 as an opportunity to try to take advantage of others. In the end this is the same motivation as those who create and sell counterfeit software, to fool users or customers for the purpose of taking advantage of them. When getting something that is free or should be paid for it really is best to go to the source or through authorized distribution to avoid the risks of this kind of thing.

Can we get Hugh Jackman as Genuine Windows spokesperson?

Working on counterfeit and piracy issues at Microsoft for so many years now has given me a finely tuned ear for interesting piracy stories outside of software.  On this note, there’s recently been quite a bit of chatter and news about Fox News columnist Roger Friedman and allegations that he knowingly viewed and then reviewed a pirated copy of the upcoming new X-Men movie X-Men Origins: Wolverine.

As is often the case with high profile movies, leaked versions started to showing up online well in advance of the release (X-Men Origins: Wolverine is due in theaters on May 1).  But, unlike most cases where the leaked content is traded around in shadows, the Fox News columnist took his experience mainstream and actually reviewed the film for his audience. 

While the story is an interesting read in and of itself (and funny in some ways because the film is actually owned by the parent company Fox Corporation) I found the outcome interesting.  In my recollection this is one of the few times swift and measureable action has been taken against someone who blatantly participated in what we think of as “social pirating”.  The story started off slow over as the first reports did a bit of “wondering out loud” if a fairly prominently reviewer had openly admitted to watching the pirated version.  By the weekend, there were rumors that action was going to be taken and by Monday, he was fired.  It continues to be a top news item.

In fact, X-Men Origins: Wolverine star Hugh Jackman agrees.  His local Australian press quoted him as saying  "It's a serious crime and there's no doubt it's very disappointing -- I was heartbroken by it…”.  Maybe we can get him as a spokesperson for our team?

“Hugh Jackman Rips Wolverine Leak”

“Piracy Sinks Fox columnist Roger Friedman”

“Columnist out of work after reviewing pirated film”

The Surprising Risks of Counterfeit Software in Businesses

I pretty regularly see people in forums and blogs comment that DRM or anti-piracy technology doesn't work and does nothing but hurt the good paying customer. After years of developing and managing anti-piracy technology that protects Microsoft products from being counterfeited and pirated I can say that programs such as this can be effective at protecting products and customers. One of the reasons Windows Genuine Advantage has been as sucessful as it has been is the focus we put on educating and alerting customers when their Windows software wasn't genuine. By alerting the customer we make it more difficult for counterfeiters and others to make victims out of people. I have seen many times customers who have been directly helped by the program. Microsoft recently released a whitepaper that provides some good examples of businesses who were victims of counterfeit software and were largely unaware of it.

 

In March Microsoft released a whitepaper titled The Surprising Risk of Counterfeit Software in Business (PDF), this whitepaper follows up on a previous paper (published by IDC in 2006), which explored the risks customers are exposed to when seeking out and acquiring counterfeit or pirated software online.  The paper focuses on the risks of counterfeit in midsize business computing environments, based on a study conducted in the UK where  randomly selected midsize businesses environments were examined for the presence of counterfeit software.  37% of software found in the businesses examined turned out to be counterfeit.  Furthermore, all of the counterfeit found was of high quality, which means that the businesses likely purchased it in good faith but spent money on software that was neither licensed nor genuine.  Check out the paper at the link above and let me know what you think.

 Thanks

- Alex Kochis

Director, Genuine Windows

Update to WGA Notifications for Windows XP Pro

Starting this week, we will begin deployment of the latest version of WGA Notifications for Windows XP.  In addition to the usual updates to validation that improve WGA's ability to detect the latest stolen or fake product keys and other attempts to circumvent product activation, this release will also include a couple of other significant updates.

With this release we've improved the design making it easier to install the update and to stay up to date with the latest release of WGA. This release focuses on the product edition that we find is most often counterfeited, Windows XP Professional. 

This update includes the latest validation information including recently stolen or misused product keys and other information. Also changing with this update is the installation process. It has been updated so that once the update has been downloaded by Automatic Updates (completely in line with your existing AU settings) after the next login or reboot the install wizard (below) will be presented to the user and they will be able to choose whether to install the update in the same way as in past releases.

 

Customers who installed the last update will simply have the validation information (new product keys etc.) be updated without their needing to go through the install process again.

After installing this version of WGA Notifications on a copy of Windows XP that fails the validation a users experience of Windows would include (same as with the last release) first a message at their next logon indicating that they might be a victim of software counterfeiting. They would see that their desktop has changed to a plain black background and they will see a persistent desktop notification above the system tray as well as messages from the system tray offering additional information and ways that the customer can report the piracy or obtain a genuine copy of Windows. See this previous blog post for more info on the included notifications experience.

 As always, feel free to offer your feedback.

 Thanks!

-Alex Kochis

Director, Genuine Windows

Update to Windows Vista Activation Exploit detection begins today

Last year around this time, I blogged about some changes for Windows Vista that were released with SP1. These changes included an update for Windows Vista users which helps detect the presence of activation exploits, then alerts the customer (if affected) and provides some guidance and a Web link to learn more about what can be done to fix it. I'm excited to announce that beginning this week, and over the next several weeks depending on where you are, we will be releasing an update to that particular technology to help Windows Vista Ultimate Edition based systems detect the presence of additional activation exploits, namely the activation exploit commonly referred to as the 'SoftMod hack'. We're releasing this update to Windows Vista Ultimate Edition only at this time and only to systems with English as their primary language. As I've said before, we continuously evaluate the risk each reported hack poses to our customers, our partners and the protection of Microsoft's intellectual property; then we plan our activities accordingly.

Below is a screenshot showing what a user would see on a system that has detected the SoftMod activation exploit:

Comments and thoughts appreciated!

-Alex

 

Windows 7 Beta

In the last week or so I've received a few questions related to the product activation experinece in the Windows 7 Beta and what, if anything, changes now that Microsoft is no longer offering broadly new downloads of the beta. First, I would like to point out that while the downloads are no longer available people who already have the image can obtain product keys for activation from the Windows 7 Beta site. Now that the beta download has ended and we're more than 30 days past the beginning of the broad availability of the beta some users of the beta might start to interact more with the activation experience in the beta. Specifically i'm going to address the part that occurs once the 30 day grace period has passed and the system still hasn't been activated. I'll go into more detail below but the summary is that while we've improved it in a number of ways it is based largely on the experience that is part of Windows Vista SP1.

Before I dive into the experience in the beta I wanted to sound a note of caution to those that are looking to download the beta from other sources or that might want to try to use hack tools to activate copies they've obtained previously, sometimes these things are offered together. I would urge people to remember the risks they might be exposed to when downloading software from unknown sources or when trying to find hack tools to try to work around activation. We looked at this some time ago and found that many sites that offer or claim to offer hack tools will try pretty aggressively to infect systems that connect to them with Malware.

In fact there was a pretty well reported incident of this happening recently when pirated copies of Apple's iWork suite that were offered for download were found to include malware. Estimates from a few weeks ago had pegged the number of infected systems at over 20,000 and now it looks like the same malware is infecting people who download and use pirated copies of Adobe's Photoshop for the Mac.

None of this is surprising given what we found when we looked at the ways people commonly search for and obtain pirated software online or are looking for hacks that try to work around product activation and other anti-piracy technologies.

As far as the Windows 7 Beta goes now that we're just over 30 days since the broad availability of the beta I wanted to explain a little about how the 30 day activation grace period works and the experience customers will have if they do not enter a product key and activate by the end of the grace period. As with Windows Vista and Windows XP the Windows 7 Beta includes a 30 day grace period for activation (generally copies that are pre-installed by major OEMs and copies distributed through Volume Licensing do not require activation to be performed by the end user). During the setup process an option is provided that enables Windows to attempt to activate itself automatically after three days of use. If automatic activation is not selected, after the third day, you will begin to see a message from the system tray that reminds you to "Activate Windows Now" and the time remaining in the grace period.  Clicking on the "Activate Windows Online Now" option will begin the standard activation process.

If you take no action and click on "Ask me later", you will be presented with a message asking you to "Activate Now" on a daily basis until the 27^th day. After 27 days, if you have not activated the software you will receive the message every four hours.

On the 30^th day, messages will appear every 60 minutes. When you log into their computer you will be presented with a message that asks you to "Activate Windows now" and that the activation period has expired.  If you click on "Activate now" you will be launched into the standard activation process.  If you click on "Ask me later" you will be presented with a notification that describes the risks associated with using non-genuine software, the benefits of genuine software, and helpful resources.

If you do not activate the software within the grace period you will receive persistent notifications, including a message from the system tray every 60 minutes that reminds you to "Activate Windows Now", a persistent desktop notification that Windows is non-genuine, a non-genuine message that appears when the Control Panel is launched, and the desktop will be set to a plain black background.  While you can change the plain black background to any background you choose, if changed the background will reset to a plain black background every 60 minutes.  This experience will continue until the Windows 7 Beta is activated. Also, you will not be able to receive optional updates from Windows Update unless the copy of Windows is properly activated.

I would like to remind folks that the beta isn't necessarily the final experience that will appear in the released product and that based on feedback some of the specific elements of the product activation experience could change.

Thanks and as always please let me know through the blog if you have feedback!

-Alex

Updated genuine Web site

Earlier today we rolled out an updated look and feel  to the Genuine Microsoft Software Web site.  I  wanted to take a minute here to update you on what changed and what we have planned for future updates to the site.

What changed? The new look and feel is now more consistent with other Microsoft sites, such as Windows.com.  We've also added site navigation to the top of the page, so people will be able to find the information their looking for more quickly and easily.  Reporting piracy is also easier, including the process of applying for a complimentary replacement kit if you have been sold counterfeit software.   

Here is a snapshot of the site and what it looks like:

 

What's coming next?  Over the next months we have a number of content updates planned including providing more information about our program and products, additional information about activation and validation technologies, as well as how Microsoft has been fighting piracy and making it easier for customers to avoid buying counterfeit Microsoft products. 

Check out the new look and feel and please send your feedback to me through the blog (you can use the email link in the upper left hand corner of the page) or post comments.

Thanks,

Alex

Director, Genuine Windows

New How to Tell Counterfeit Gallery Design and Features

Recently, we launched a new design for the How to Tell Counterfeit Gallery.  The design includes new navigation, is based on Microsoft Silverlight, and makes it easier to view the different categories of available counterfeit samples. The more that people can learn about the different types of counterfeit software that are out there, the easier it is for them to identify the piracy prevention features of genuine Microsoft software - that way, they know what to look for when purchasing a new copy of Windows or Office.

Here's a preview of the new look and feel of the Counterfeit Gallery:

The new Counterfeit Gallery navigation includes the typical three types of counterfeit, high-grade or high quality, mid-grade quality and low-grade or low quality counterfeits. Also included with this release of the counterfeit gallery is the ability to submit your own image. Here's some more detail about the categories of counterfeit you'll see in the gallery:

1. High-grade counterfeit samples. This is software that appears professionally produced and attempts to include the piracy prevention features of genuine Microsoft software. One example is a counterfeit copy of Microsoft Office that has a sticker adhered to the face of the disc in place of the embedded image of the copper edge-to-edge hologram. You can see close up images of this type of counterfeit in the gallery.

2. Mid-grade counterfeit samples. This type of counterfeit is software that may appear professionally produced, but makes no attempt to include the piracy prevention features of genuine Microsoft software. These counterfeits often include the Windows logo and branding and familiar images from the packaging, but does not at all resemble the actual product disc and does not attempt to completely replicate the genuine product. With even a passing familiarity with the anti-counterfeiting features included in Microsoft products these types of counterfeits are easy to avoid.

3. Low-grade counterfeit samples: This is software that does not attempt to appear to be genuine Microsoft software. Examples of this include a CD or DVD with the product name, possibly a piece of paper that accompanies the media and describes what software product is on it and sometimes even a product key handwritten on the surface.

4. Submit your own counterfeit example. Now, it's easier for you to send in your own examples of counterfeit Microsoft software by using the direct e-mail link from the Counterfeit Gallery. Simply click on the link and upload any digital photographs of counterfeit Microsoft software that you have, and your submission might be included in a future update to the gallery. You can also submit a counterfeit report directly from this page and your submission may qualify for complimentary replacement.

Visit the redesigned How to Tell Counterfeit Gallery now. And let us know what you think by leaving a comment or sending me a note through the blog. Thanks!

-Alex