Berlind's Testbed

David Berlind
Home / News & Blogs / Berlind's Testbed

Windows Activation trips up virtual machine clones, even on same system

By | June 7, 2007, 3:03pm PDT

This blog entry is simply to clear things up regarding virtual machine software (like VMware), the way it can make clones of existing virtual machines, and what if any impact such cloning has when it involves software that requires some form of online activation like Microsoft’s operating system and Office software do. The reason I’m writing this is that, going back to my last blog entry regarding VMware Workstation 6 (the latest release of VMware Workstation), the TalkBack’s disputed my assertion that moving a virtual machine that has Windows as its operating system from one system could be a jarring enough of a hardware change that it would invariably awaken the licensing Gods at Microsoft.

I probably wasn’t clear regarding the scenarios I had in mind and thus some (but not much confusion). First, a quick bit on how virtual machine software works (in case you’re new to this). Virtualization products like VMware Workstation and Microsoft’s Virtual PC can, with software alone, emulate the hardware of an Intel-based PC (other hardware too, but we’ll focus on Intel-based PCs). In other words, you can use VMware Workstation to create a software-based instance of an Intel-based PC (which is why they call it “virtual”) and then you can treat that instance or “virtual machine” (VM) as though it were a real hardware-based PC or “real machine”. You can install an Intel-compatible operating system on it (like Windows XP, Windows Vista, Linux, etc.) and then install applications on top of that just as you would if the operating system was installed on actual PC, or, on what the virtual machine folks refer to as “bare metal.”

There are many benefits of running in VMs vs. on bare metal. I won’t go into them here. That’s not the purpose of this post. Given the way VMs involve the idea of software pretending to be hardware, it should come as no suprise to you that when you create a virtual machine (for example, one that runs a copy of Windows XP or Windows Vista), the whole enchilada is stored in just a handful of files that live on the hard disk of your computer. The fact that an entire VM is stored in a handful of files means something else: they’re easily copied and/or cloned.

In my last post — the one that may have caused some confusion — I talked about how the act of copying a Windows virtual machine from one computer to another might awaken the licensing Gods at Microsoft. What did I mean? Under the guise of Microsoft’s Windows Genuine Advantage (WGA) program, Windows includes an anti-piracy technology that prevents software pirates from installing one copy of Windows on many computers. Each computer must have it’s own license and to make sure that each unique copy of Windows is somehow married to a unique computer, WGA tries to establish a unique signature or thumbprint for your computer that’s based on its hardware configuration. While Microsoft’s will talk in generalities about how its fingerprinting algorithm works, the actual code is a secret. Even the folks at VMware — a company whose solutions are impacted by Microsoft’s anti-piracy policies — aren’t exactly sure how it works (and they’ve studied it).

Attempts to install or even run an already-activated copy of Windows on a computer other than the one it was originally married to should, if Microsoft’s Windows Genuine Advantage software is working properly, be met by a dialog like the one below (generated by Vista).

windows vista activation screen

So, will copying a VM from one physical computer to another wake up the Microsoft licensing Gods? And, why would you do such a thing? One reason I like to have this option at my disposal is that I beat up my notebook computers pretty badly. Over the years, most of my notebook PCs have had to go in for one repair or another. This is bad news if everything you need (your data, applications, bookmarks, etc.) is on a notebook that has to be sent back for repairs. Unless of course all of your software and information is loaded into a VM rather than into the operating system that was installed on the bare metal. In that case, you get to experience one of the chief benefits of VMs: you can just move them (copy the files) to another computer.

In the case of VMware, you don’t even need a full-blown copy of VMware on the other PC to open up those files and start the virtual machine. You just need VMware’s virtual machine “player” — a virtual machine runtime that’s freely downloadable from VMware’s Web site.

But the question is, in the process of copying a virtual machine from one PC (maybe a busted one) to another, will Microsoft’s WGA program detect a change in the underlying hardware and assume that you’re a pirate making an illegal copy? In my previous attempts at doing this, when I moved a VM between an Intel-based notebook and an AMD-based notebook, I totally sprung the WGA trap. Hold that thought.

There’s another way to copy a VM that’s literally called “cloning.” Using VMware Workstation’s menus, you can select an existing virtual machine and clone it. What’s the difference between cloning and copying? I asked VMware about this. The differences are subtle, but important in the context of awakening the licensing Gods at Microsoft.

When you clone a virtual machine, it asks you what to name the new VM and then it makes all of the necessary changes to all of the filenames. When you copy a VM, all of that information (filenames, directories, etc.) stay exactly the same. But something else happens when you clone an VM that doesn’t happen when you copy it. Since VMs are completely software-based versions of an Intel-based PC, they also include a virtual networking interface that, like real PCs, has a unique MAC address (the unique address that helps networks tell network attached device apart from another). When you clone a PC, the clone gets a new MAC address. When you copy a virtual machine, nothing changes.

activatenow01.jpgAlthough no one outside of Microsoft knows Microsoft’s formula for fingerprinting hardware to the point that, if the fingerprint changes, the licensing Gods are awakened, the folks at VMware are pretty sure that changes to the MAC address are a red flag. That corresponds directly to the experience I had with a clone of one of my Vista-based VMs. Even though I was running the clone on the very same system (no hardware changes to theoretically awaken the licensing Gods) that the original VM (from which the clone was cloned) was running on, I received an activation warning (pictured, above left) anyway.

But, since copying the original VM to another computer and running it on that computer with VMware’s free player, I have yet to see any signs of the activation Gods at Microsoft. That said, there is something interesting that happens when you move an existing VMware-based VM from one computer to another. The first time you try to run that VM, it detects that the VM was moved and asks if you want to keep it associated with VMware’s unique identifier (known as the UUID) for that virtual machine, or if you want to create one. According to VMware, if you create a new UUID, that will trigger a change to the MAC address which in turn could awaken the licensing Gods at Microsoft.

It’s complicated stuff. But it’s important to know if you’re working with virtual machines and you want to walk delicately around Microsoft’s anti-piracy technology.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Berlind's Testbed”

Topics

Software, Clone, PC, Microsoft Windows, VMware Inc., Hardware, Virtual Machine, Computer, David Berlind
33
Comments
Add Your Opinion

Join the conversation!

Just In

You answered your own question.
frgough 20th Jun 2007
Read your first sentence again.
View in thread
0 Votes
+ -
Productivity reductions attributable to Microsoft
terry flores 7th Jun 2007
If somebody sat down and added up all the productivity hits caused by Microsoft, it would amount to BILLIONS of dollars per year just in the US alone. I can't tell you how many hundreds of man-hours my company loses every year because of Windows Activation problems, Licensing issues, and general fumbling because of Windows software quality issues.

Somebody told me it would take a billion dollars to create a new PC operating system to compete and beat Windows. My only question is: So?

The government dumps that kind of money down the Iraq drain every WEEK. Why can't they take a week off over there, funnel the money into developing a good OPEN STANDARD PC OS, and then publishing the standard? It would be the most massive booster to public productivity since the Eisenhower's Interstate Highway system project.

I know this has little to do with VMs, but the fact that every single innovation on the PC platform (VMs, dual cores, dual boot, you name it) runs into this kind of haywire problem is a sign that things have gone seriously wrong in this industry.
0 Votes
+ -
Very interesting ...
MisterMiester 7th Jun 2007
So no cloning or accepting a new UUID if you want to move the VM image to another machine without any hassles. As far as the machine identifiers for Microsoft I was under the impression that it was a combination of the processor, hard drive, and OS serial numbers. Well maybe that was for their DRM instead, I really can't recall. happy
0 Votes
+ -
Is that the right question?
Yagotta B. Kidding 7th Jun 2007
Is it more important to avoid the WGA tripwire or to comply with the terms of the EULA that you agreed to?

That's a personal question, but I will note that my own excursion into software libre was in part driven by an ethical insistence on complying with both copyright law and the terms of any licenses I agreed to (no matter the questionable validity of such coerced "agreement.")

Those with tender sensibilities will be reluctant to propagate infringing copies regardless of whether the "WGA gods" are invoked.
0 Votes
+ -
WGA sometimes more restrictive than EULA
kmatzen@... 7th Jun 2007
Avoiding the "WGA gods" isn't necessarily a violation of the EULA. If you have a full retail license, you should be able to move it between machines whether you copy it or clone it. If you have an OEM license, it would forever be tied to the original PC whether it is installed as a host or guest.

Presumably, Vista Ultimate can be installed as both a host and a guest. It would be interesting to see how WGA handles that. It would also be interesting to know if the guest version could be run on a PC other than the one the host is on.

If only Microsoft would tell you up front, what it's going to cost to do what you want to do.
0 Votes
+ -
False dichotomy.
Resuna 8th Jun 2007
Is it more important to avoid the WGA tripwire or to comply with the terms of the EULA that you agreed to?

Since you can invoke the WGA tripwire without violating the terms of the EULA, that's a false dichotomy. Knowing how to avoid the WGA tripwire is worthwhile in its own right.

The idea that changing the MAC address of a computer would be considered a change in the computer is ludicrous. I've got more than one computer where the MAC address is changed on a regular basis, simply because they don't have ethernet on the motherboard.

I agree with you that simply not buying any version of Windows that includes WGA is the rational response.
0 Votes
+ -
Use the right OS for the job
NonZealot 7th Jun 2007
If you need 3 virtual Windows machines, you need to be prepared to pay for 3 licenses. This makes sense.

If you don't like it, you have 3 options:
1. Use Windows but choose not to create virtual images... your choice.

2. Use Linux and make as many virtual images as you want... your choice.

3. Use OSX and you can't create any virtual images due to OSX's build in DRM ... Jobs' choice.

I'll take #2 please!
0 Votes
+ -
False trichotomy
Yagotta B. Kidding 7th Jun 2007
If you need 3 virtual Windows machines, you need to be prepared to pay for 3 licenses. This makes sense.

If you don't like it, you have 3 options:
1. Use Windows but choose not to create virtual images... your choice.

Or pirate the copies. It's an alternative, even if it has disadvantages.
0 Votes
+ -
Is it really
Freebird54 8th Jun 2007
a case of piracy, if you are running more than instance on the same machine that the license was for? If it is (by MS logic) then it is definitely time to opt out of their vision of correct use of their products.

Whatever happened to the simple model of 'run on only one machine at a time' - which is what actually makes sense?
0 Votes
+ -
Not suggesting EULA violations
dberlind 7th Jun 2007
I was offering a clarification to my last blog where MisterMiester mentioned that I had my facts regarding VMs and activation wrong. The bottom line appears to be that you can copy a VM without tripping WGA. But you can't clone a VM.

Regarding licensing in general, I think activation is a rathole that will get software companies in trouble. Microsoft, for example, needs to understand why customers might have an interest in desktop virtualization and realize it's not about trying to pirate Windows, but rather, about getting the most out of a desktop computing experience. If I think virtualization is the best way to get the most out of my desktop/notebook (including the ability to quickly recover from a failure, one of the chief benefits), does a restrictive licensing policy make sense? Isn't the point of the OS to get the most out of a system?

My interest in cloning/copying has nothing to do with wanting to run multiple copies of an OS. It has to do with partitioning my applications and network flows.

db
0 Votes
+ -
Both of you must be unhappy
TonyMcS 7th Jun 2007
The question is - how many people need to worry about virtualisation, besides those people doing reviews and tests? Even allowing for those people who may have legitimate security reasons for virtualisation it's a vanishingly small part of the user market.
0 Votes
+ -
Vanishingly small?
dberlind 8th Jun 2007
I'd argue that it's a nascent market on the verge of a growth spurt. Or at least it should be. The advantages when it comes to virtualization are not just for security (although that is a clear benefit). My prediction? Today, I like to partition my apps for a variety of reasons. One of them is that I maintain separate accounts with the same online Web sites... accounts that I might want to have open simultaneously. For example, I have my family set up for Google Apps, and then I have my small business setup for Google Apps. Today, maintaining two separate identities with the same service (for legitimate reasons) is doesn't work well. Everything from the browser autocompleting certain fields to the confusion if you try to maintain open connections to the service under both identities at the same time. The easiest way to overcome the problem is to artificially partition the instances by using different browsers for each (IE for one, Firefox for the other). Or, you can use virtual machines. Same goes for other identity related services. For example, instant messaging. The benefits of virtualization are so many and the hardware vendors (Intel and AMD) are forging ahead so fast in that space, that I disagree with the adjective "vanishingly." I think the problems will be resolved with a "meeting" in the middle. With the help of hardware, I think we will one day see fully virtualized versions of the operating systms. What I mean by this is that they'll have virtualization baked in and you'll be able to launch applications from within partitions that are essentially VMs, but that don't require a completely separate instance of the OS. And you'll be able to virtualize the network interface in a way that allows you to redirect traffic on a per partition basis.

It's a guess, but a logical one, I think.

db
0 Votes
+ -
Big Iron?
Yamust B. Kiddingme 9th Jun 2007
That description sounds suspiciously like a mainframe. If I remember right, that usually requires a small army (OK, just a brigade), of Ph.D endowed honchos, just to keep it happy. Heaven help "Tech Support" when that finally becomes a consumer scenario.

On the other hand, one must always be careful of predicting technical issues based on current technology. A quintessential example would be the 19th century pediction that London, England would not exist by 1910, as it would be buried under a pile of horse manure. Well, along came the automobile to put the kibosh on that prediction!
0 Votes
+ -
Businesses with legacy software
Michael Kelly 8th Jun 2007
worry about virtualization. However the nice thing is that with legacy Windows operating systems (except XP, which our dear friend Mike Cox assures us now qualifies as legacy;)) is that you don't need to worry about activation.
0 Votes
+ -
I think you show
Freebird54 8th Jun 2007
vanishingly small understanding of the benefits of virtualization! One the neat things you can do with it is to install Vista to a virtual machine environment that actually has all the drivers you need (despite the existence of hardware on the physical machine that does NOT have 'matching' drivers for Vista).

Another use is for earler versions of the software to run simultaneously, so as to run legacy apps on your new machine. Yet another is to run considerably customized environments for certain apps that are not compatible with each other.

Another is for development work - you can run different environments as test beds for your project. Sure it should work - but how much nicer it is to KNOW it works!

Greater security/recoverability are just bonuses.
0 Votes
+ -
Know what you talk about...
vmaatta 8th Jun 2007
As apparently you don't.

3. Use OSX and you can't create any virtual images due to OSX's build in DRM ... Jobs' choice.

Your link about some kind of built in DRM is quite questionable.. even the writer of that says "It's simple: it is not clear whether the newMacs with the Intel chip inside that are now on sale do have a TPM chip installed in them or not. And I am not likely to buy a Mac (indeed, I would not even buy a toaster) if it contains a spy chip whose operations I cannot control."

Come on.. Don't know.. not gonna buy and find out.. it might have something bad .. IT'S GOT TO BE BAD.

I USE a mac. I CAN use VM's. Of course.. You've quite clearly stated earlier and you you it again.. You have no idea what you're talking about.
0 Votes
+ -
Show me
NonZealot 8th Jun 2007
I USE a mac. I CAN use VM's.

Show me how you boot up 2 virtual OSX instances on your Mac. Thanks!
0 Votes
+ -
Still on your anti-Mac jihad?
Linux User 147560 8th Jun 2007
Looks like... yup VMWare on a Mac.

And while not perfect... yet there is this one as well.

And then there is [url=http://www.parallels.com/en/products/workstation/mac/]Parallels[/url ] you know that VM software that allows you to run Linux and Windows on the Mac... and I am sure you can install several instances of OSX on in Parallels as well. Care to try again?! devil
0 Votes
+ -
You are smarter than this
NonZealot 8th Jun 2007
OSX cannot be virtualized. Companies have to be very careful about standardizing on OSX since they have completely removed the option of ever virtualizing it. If they've standardized on OSX, why would they care if they are able to virtualize Windows... they don't use Windows!!
0 Votes
+ -
Perhaps
Freebird54 8th Jun 2007
He is asking to run OSX virtually on something else? That would be the trick, no?

Cool your jets.... happy
0 Votes
+ -
There is a fourth option-
markdean 8th Jun 2007
Well, not so much for home users, but SOHOs and small companies may want to look into buying 1 (one) copy of Windows Server Enterprise Edition (EE) and when they do that, they get (as in permission from Microsoft) to do the following:

For Enterprise Edition, you can run either of the two configurations:

1) Windows 2003 EE as Host OS - with a virtualization technology on top of it, and 4 guest instances of Windows 2003 EE (or other Windows OS's through downgrade rights-and this is the big key here so this means you can run XP or 2000, NT etc.

*Note the Host OS can only be used for the purpose of running the virtualization technology. You can't run SQL too, or other apps/services on the host, only the virtualization technology.

2) VMware ESX, Linux with VMware Server/Xen/etc, and 4 guest instances of Windows 2003 EE (or other Windows OS's through downgrade rights).

If they have Datacenter Edition (doesn't everyone?), they can run unlimited Windows OS VMs.
0 Votes
+ -
Unalterable facts
reedjjjr 8th Jun 2007
Whatever Micros~t comes up with, they will always have many features in their operating system that exist solely to protect their financial interests.

That these features hamper their customers means little.

When you buy their system (as you should if you want to use it) you are clamping on your own chains and allocating memory and CPU time to activity which profits you nothing.
0 Votes
+ -
I thought this was old News
fwfulton 8th Jun 2007
You forgot about the very very important lines in the "vmx" configuration file :

ethernet0.present = "TRUE"
#ethernet0.addressType = "generated"
#ethernet0.generatedAddress = "00:0c:29:68:34:6d"
#ethernet0.generatedAddressOffset = "0"

ethernet0.addressType = "static"
ethernet0.Address = "00:50:56:00:34:8d"
ethernet0.AddressOffset = "0"


if you copy/move a VM from one machine to the other if addressType is "Generated" a new MAC may or may not be generated if you are "static" you are better off.

Happly VMing since version 2
0 Votes
+ -
Always a good idea along with
markdean 8th Jun 2007
making sure that you install the tools and assign enough memory, etc. before any activation. If you do that, then you minimize the hassle of activation.

For those of us who are involved in testing stuff on Windows OSes and run as VMs, there really is no need to activate unless the test goes beyond the 60 days (or whatever) grace period.
0 Votes
+ -
What happens....
aulax@... 8th Jun 2007
A little off topic, but what happens if you need to replace your NIC card? Would this then trigger MS's activation?
0 Votes
+ -
WGA and Parallels
jerryh@... 8th Jun 2007
It's not just VMWare (which we use on a linux cores everywhere) to XP/Vista. We had several MacBooks running Parallels with XP / Vista. The first installs were a little shy of memory, so we edited Parallels to update the memory available for XP / Vista and WGA blew up. Its always fun trying to explain that to MS Licensing support and convince them you're not trying to get more out of your licenses....
0 Votes
+ -
Activation
frj111@... 8th Jun 2007
Folks,

I am not at all sure why anyone would put up with Microsoft?s bogus activation when there are perfectly good cracks available. After my third Ghost restore of Windows XP and Microsoft telling me I had an illegal copy I simply cracked the code. Yes I did purchase genuine copies from eBay for all three systems. But I ran the crack on all three. Problem solved.

Rather than repeat the process with Vista I used the Vista Activation Crack from the get go.

Do as you wish and I am not advocating theft of code. That said the activation process leaves a great deal to be desired.
0 Votes
+ -
Cloning will also change...
Jeremy.Lloyd 8th Jun 2007
the operating system's SID (security id). The SID is used to uniquely identify the computer to the network, Active Directory etc, from a security perspective.
0 Votes
+ -
if you have a PC or laptop or mac why would you need vm for backup
SO.CAL Guy 8th Jun 2007
if you have a PC or laptop or mac why would you need vm for backup. that is the most stupid excuse I've ever heard for using VM crap.

with the advent of flasdrives and with all the backup software why in the world would you need it. the writer of this article in his on words says my "laptops" have been sent to the shops.

i mean this guys is a so called IT pro back your crap up god.

my documents back up to a network computer and the backup software i use backs up my stuff to a 2gig usb jump drive.

and if i get all geeky and want to use another of i use something like gotomypc over my LAN. and hey i got my other os running and i don't take a performance hit using VM software.
0 Votes
+ -
Backups are approximately useless in comparison.
fuzzyeric@... 8th Jun 2007
A VM is runnable. Backups of documents are not. Given a set of document backups and a freshly sawed in half laptop, you are at least several hours from active access to your documents.

(Get machine, install OS, download updates, install drivers, download freshly discovered updates, install security software, download more updates, install apps, download fiddly updates that the vendor won't release in standalone installers, install backup/restore software, wait for world's slowest tapes to restore data (or, if using USB, wait even longer because tape transfer rates are actually better), ...)

However, if the laptop hosts a VM and you can either copy the VM or access a backup of the VM, your entire system is immediately available from *any* computer, whether attached to a network or not. New, old, borrowed, rented: doesn't matter. 2000 miles away from your GoToMyPC install media: doesn't matter. Your entire OS, set of applications, personal settings, and data are instantly available.

Want to upgrade to a new laptop, but don't like spending days getting the settings that are wedged into the registry and therefore not particularly portable? No problem. Copy the VM from the one to the other. Done. All settings migrated, even ones you don't know about or can't find. Want to move from a desktop to a laptop: same thing. Want to change the host OS to access some new doohicky that doesn't have legacy drivers: same thing. In fact, it no longer matters whether there are hardware drivers for your guest OS, they just have to exist for the host. So Windows's execrable out-of-the-box driver support is irrelevant when hosted on an OS with a wide range of built-in drivers.

Want a working firewall wrapped around the joke firewall built into your guest? No problem; firewall the host and proxy the guest through the host.

Want to upgrade an entire office's hardware overnight and produce no upgrade friction for the employees? Copy their VMs to the new machines. Done.

Wish that irritating application that always blue screens about twice a week didn't kill whatever else you were doing (and always screw up your Outlook postoffice)? Stuff it into its own VM. Done. Now it can only take down its VM; everything else putters along without interruption.

VMs are not backups. Backups are backups.

VMs lift the meaning of "portable computing" far beyond what a mere, physical laptop can accomplish. Backups are "stone knives and bear skins" in comparison.
0 Votes
+ -
A cloned machine is a different machine
Yamust B. Kiddingme 9th Jun 2007
Cloning a VM is akin to cloning the hard drive of a physical machine, and then transferring the new drive into another physical machine with identical hardware components. Everything will match except the ethernet MAC address (which must be globally unique, or at least appear to be), and the system GUID, which incidentally, you can actually make the same as the original machine.

As M$, in its unique and infinite wisdom, has chosen to use the ethernet MAC address as part of the data for calculating its WGA hash - no doubt on the basis of the aforementioned putative uniqueness of said address - unfortunately, of you clone a virtual machine, you will necessarily invoke the wrath of the WGA gods.

On the other hand, copying the VM is akin to moving a physical computer from your home office to your den. Nothing changes. Ergo, the WGA gods remain blissfully asleep.
0 Votes
+ -
So why can't OSX run in a VM?
NonZealot 9th Jun 2007
unfortunately, of you clone a virtual machine, you will necessarily invoke the wrath of the WGA gods.

OSX has no restrictions on its use (other than it be run on a Mac), no WGA, no onerous licensing conditions, it is perfect in every way! So why can't OSX run in a VM on a Mac? You are still running it on a Mac. You are keeping the spirit of the license alive. So why can't OSX run in a VM on a Mac? At least Microsoft allows this as a possibility, WGA or no WGA. You yourself admit you can get around WGA by copying instead of cloning. So why can't OSX run in a VM on a Mac?
0 Votes
+ -
You answered your own question.
frgough 20th Jun 2007
Read your first sentence again.
0 Votes
+ -
another possible trigger
roday 9th Jun 2007
if you move a VM from one host to another and they have different CPU's that would almost certainly trigger re-activation though I haven't tried this. VMWARE reports the CPU as what ever the host machine has so you can end up switching from an Intel to an AMD CPU the other way around.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix