Microsoft has a Genuine Software checker for Windows Phone 7; complicates custom ROMs

Although there have been reports of people porting over WP7 to the HTC HD2 and some chatter of people being able to make ROMs (though not load them), there may yet be one final hurdle that could be very difficult to overcome: PVK.

PVK are the private keys Microsoft evidently uses to sign off on the OS that is also tied to the hardware. Specifically, some aspect of the OS looks for and then pulls these keys from the device motherboard for verification. If the keys cannot be found, the motherboard must be replaced or serviced. While elements of the phone/OS might still work without the PVK key, core elements such as Xbox, Marketplace, Windows Live or Zune...basically any "cloud service" will not.

The challenge to developers/hackers would be to circumvent this security, much like folks have managed to get around Microsoft's Genuine Software checker for Windows 7 and Office products. No easy task, we imagine.

In addition to the above image, there is an accompanying "Service Advisory" on one of the HTC internal sites that reads:

Description:This Service Advisory aims to resolve invalid PVK or PVK missing issue for any returned WP7 unitsCondition(s) to follow this service advisory:1. When customer complains about can not access Microsoft services such as XBOX, Marketplace, Windows Live and Zune on the WP7 devices.2. When ASP performs diagnostic program test, ASP needs to follow the below repair actions if the diagnostic program detects invalid or missing PVK.If the PVK is invalid or missing, there will be message on device as following when user try to login to Windows Live service.

To all of this we say good on Microsoft for throwing down some serious security, but alas, the ROM community now has a challenge ahead of itself. Of course, this is probably more motivated by piracy concerns than ROM cookers, but we imagine Microsoft welcomes that as a wanted side effect as well. Combined with the Xbox Live security (see earlier coverage), cracking this OS wide open may be far off.

Thanks, Conflipper, for the info

Daniel Rubino

Daniel Rubino is the Executive Editor of Windows Central, head reviewer, podcast co-host, and analyst. He has been covering Microsoft here since 2007, back when this site was called WMExperts (and later Windows Phone Central). His interests include Windows, Microsoft Surface, laptops, next-gen computing, and arguing with people on the internet.

4 Comments

WP7 is not going to be hacked. I have proof of this: Zune hardware!!!
The media related DRM side of things is needed so you have services like Zune, netflix and so on. Of course they'd add things to stop you from accessing the system in some way that could lead the piracy, it's a given. Look at what Netflix said as far as Android support goes, since they don't have one standard DRM for all Android devices they can't do a netflix client. Now you'll be lucky if your droid does get one since it seems only a limited group of them will at some point.
A better example would have been Apple Laptops since they use TPMs. Apple's operating system looks for TPM hardware before it proceeds with the installation, if it can not find it, it does not continue. Hackers have manage to simulate its existence via software on hardware that does not have it. [@ Ricardo Dawkins Zune Hardware was hacked long ago, in fact here is their development wiki for developers. http://zunedevwiki.org/wiki/ ]
Honestly, as long as "rooting" is possible at some point, I don't really see a great need for custom ROMs (at least yet). The reason we needed them so bad on WinMo is because lots of OEMs left lots of stuff out (or left in lots of bugs), but with OTA updates, that becomes less of a big deal on WP7. It's a small and biased sample group, but I don't personall know very many Android owners using custom ROMs. I knew one guy that did and the only reason was because he had a really old ass phone that only updated up to Android 1.5 and wanted 2.0. On the other hand, every iPhone and Android user I know has jailbroken/rooted their phone. :-) What concerns me about this certificate model MS uses is that your cert can be revoked at any time. As soon as the phone dials into the cloud, it will know whether to lock you out. It's too early to tell, but if MS starts locking users out of their phones (or at the very least, the cloud services) if it discovers DRM violations or rooting, this could really be a very, very difficult issue. A TPM module would be a lot easier to work around, because it wouldn't "phone home" every time you boot your phone with the potential of locking you out of the cloud. It would just require a patched DLL or driver or something.