How to get free software from yesteryear's IT crowd – trick code into thinking it's running on a rival PC Before plug and play was blowing up Windows 98 on a Comdex stage, Windows 95 engineers were grappling with the technology – and on one fateful day they found some unusual text in the BIOS of several PCs that they had to work around. Plug and Play had a difficult birth in the PC world. Decades ago, there was no end of competing …
It reminds me that back in the XP days, some clever bods realised that all you needed was the letters HP somewhere in the BIOS SLP/SLIC tables and then an OEM version of XP that shipped with a Hewlett Packard PC. And then XP would install and be already activated no online activation or cracks required as it believed it was being installed at the manufacturer.
So they released a tool that would just patch HP into virtually any standard motherboards BIOS therefore making Windows think it was being installed on a official HP PC.
It still working today with Virtualbox and probably other VM software to add it to the config files and use a HP XP CD.
Lets just say when i was building PCs back in the 2000s they were all mysteriously beige box unbranded HP towers. LOL
I haven't had to check on this in well over a decade, but you could detect this trick and thwart it. The Windows kernel would report its last access date/time as the highest date/time the system clock had ever been set to since that version Windows installation. That kernel access date/time was updated continuously, but not if the last access date/time was ahead of the present system clock. So all you needed to do was compare the present time/date to the last access kernel time/date and if you saw the kernel had a future date/time, you knew someone had at some point set the system clock substantially forward. Depending on when you detected a discrepancy (if there was one), during install, after install, etc, you could devise strategies as to what you wanted to do. The main use we had for it was, since we made security tools, was if we had to craft a custom removal tool for a customer, was to embed an encrypted expiration date for the custom tool and use this trick to stop it from functioning past that expiration date if the user set the system clock back.
The changing the clock trick has been defeated in most cases by now, but not everyone who used to design limited time trials knew that, so it did once work and might work again depending on how much the writers of the mechanism thought this through.
Similarly, many limited-time trials today are implemented purely locally, by storing a file or registry key somewhere that stores that they've already been installed. If you can find it, then deleting that file and reinstalling the trial gets you another trial period. If enough people do that, the software writers can easily make the trial check something against a server before unlocking, but it hasn't proven necessary enough for everyone to do it. It's not that the problem has no solution but that some of the people involved haven't bothered to implement it.
"Similarly, many limited-time trials today are implemented purely locally, by storing a file or registry key somewhere that stores that they've already been installed. If you can find it, then deleting that file and reinstalling the trial gets you another trial period."
Indeed. Back in the early 2ks, when I did an awful lot of domestic PC repairs, it seemed that nearly everyone was familiar with cracking software. Users had CDs of the stuff, often obtained from computer fairs, or even the local market. Install software, apply crack was the standard procedure for them, and if they didn't have a crack they'd hop on this newfangled internet thing to find one.
That doesn't seem nearly as common now, and I suspect that most domestic users wouldn't know where to start. I'm not saying it doesn't happen - I'm sure it does - but it's not at anything like the level it used to be.
Also back in the 2ks, with a different hat on, I spent a lot of time thinking about how to make it difficult for unscrupulous users - ie all of them - to bypass time limits in shareware. These days, I don't think I'd bother with anything beyond a registry key - from what I've seen, that should be enough to fox the vast majority of users.
I don't know whether this represents a general dumbing down of the domestic user, or if the demise of computer fairs has something to do with it. The move to cloud based software might also play a part, I suppose. But the days of users having vast libraries of cracked software seem to be gone.
I have a different explanation for this. I think a lot of software that people used to use was made more difficult to pirate and easier to afford, although the methods used to get that were ones I don't quite like. Someone who used to pirate Microsoft Office will now find that harder because even the perpetual licenses* are linked to a Microsoft account and authorized by server. It probably isn't impossible to pirate it, but it's not as simple as having a simple crack file patch an executable or copying a license key string. Meanwhile, for anyone who would find the perpetual license too expensive, there are subscription plans which are cheaper. That's especially common for users of more expensive software, for example Adobe software, where everyone I know who uses it has decided to use a subscription instead of buying it outright. For context, I don't use Adobe software and I use LibreOffice instead of Microsoft Office.
MY experience with other software indicates that piracy is still quite common. I've worked with people who tried to write consumer software and failed because their products were heavily pirated, and this was in relatively modern times. The way they know that it was pirated rather than nobody buying it is that, although they did not use servers for license checks, they did have servers for downloading optional components that didn't need to be in everyone's installation to save disk space. Based on the usage of those servers, if they only had paying users, each paying user was running the software on a couple hundred machines. In fact, I've tried recently to find a way of workable copy protection that doesn't, in my opinion, bind the user unreasonably or cause too many problems if the server goes down for another possible project. I wouldn't be surprised that many people are still pirating those bigger names I mentioned, but just fewer because it's more feasible for people to obtain it legally in some way.
* Perpetual licenses for Microsoft Office: yes, they have modern ones. I wouldn't suggest buying them directly from Microsoft because resellers can often offer much better prices. They are out there and work quite well. I know this because people often ask me to find them. No matter how often I suggest that they try LibreOffice to see if it can do what they need, which it can because these are personal users, they prefer paying for an MS Office license rather than even trying it.
I knew something like that existed for volume-licensed versions, but I didn't know whether you could use that on single licenses on personal machines. In fact, after a little searching, I'm still not entirely sure whether you can. It doesn't matter too much to me as I don't have it installed, but I would prefer that activation method to logging into a Microsoft account if I had to have MS Office.
It's entirely possible to install a genuine MS office without a MS account. Yes, you have to bludgeon the Windows OOBE to allow you to get to the desktop without one, but the office activation works absolutely fine. (Shift-F10; start ms-cxh:localonly)
Of course if you don't sign into an account you'll have to keep a record of your key and potentially validation code, but that's a minor price to pay.
Different times... Nowadays if you go searching for cracks, keygens etc you will likely find something laced with malware / RATs / infostealers (especially Lumma last year / you name it. Even in a disposable sandbox VM I wouldn't, there's some incredibly nasty stuff out there. What's ironic is that there's cracks for some of the C2 tools that bad actors like to use that, yes, are laced with the same stuff.
Given the number of computers I had to clean out or completely reinstall after someone did that back in the day, I'm not sure that's a new thing. I think malware writers have long recognized the benefits of attaching their code to something illegal that nobody complains about for their own sake and doesn't even require your own servers to distribute.
"I gave up and made it freeware."
For a while, I hoped that adware would be the solution - free software that still made the author a few quid. I went as far as experimenting with a couple of the big early players, but that optimism was short lived. The adware companies destroyed themselves through greed, and became synonymous with bad news. In the end, I too went freeware, then gave up altogether.
At the start of the PC clone era, plenty of BIOSes contained "NOT IBM" for basically this reason.
Someone (Digital Research?) was hoping to licence some bit of software (GEM??) on a manufacturer by manufacturer basis. As the point of a clone is that it'd run software written for the IBM PC, the various BIOS authors weren't about to let them succeed....
Microsoft has several fake company and product names it uses for illustrative purposes in its documentation.
How many IBM old timers <raises hand> read this and thought "ah, PanootaCalc"?
IBM had an iron-clad rule about not naming competitors. Because they were so powerful, any mention of another vendor could be seen as an implicit recommendation, so mentioning other companies by name was forbidden. That's why their modems weren't Hayes compatible, like every other modem was, Instead, they used the "industry standard AT command protocol".
An imaginary competitor, PANOOTA, was created for documentation purposes. There was PanootaCalc, PanootaWrite, PanootaDB, etc. Of course, there was no actual Panoota company (they checked), but it was ubiquitous in (internal) IBM documentation.
When I asked a co-worker where the name Panoota came from, he explained that when they were brainstorming for a name, someone said they should "Pull A Number Out Of The Air", and so the term was born.
IBM may be the stodgy, humourless old fart today, but they had their moments, back in the day.
Compatibility was worse in 1982-83. I worked in a local computer store while in college. We sold DR-DOS, MS-DOS and CP/M computers. We had S-100 systems in the back.
The claim of being IBM "PC compatible" was new and unreliable.
I was one of three CS college students employed there. One of us inserted a "PC-compatible" card, I don't remember what it was for, in a so-called PC-compatible from Columbia Data, or maybe the card was from Columbia Data and we inserted it a "PC-Compabile" from another company (DEC?). Anyway, we turned the PC on without its cover and the card's capacitors exploded, sending a couple of molten pieces arcing through the air like ejection from a volcano. Super cool! The tech who did it wore thick glasses, thankfully, but didn't get hit. The boss didn't see it.
We sold the first wave of IBM PCs for $4k-$5k USD each with 2 floppies and no hard drive. Inflation adjusted that'd be $13,250 USD. At one point we sold Kaypro CP/M computers w/5MB or 10MB? (mega, not giga) hard drives for $3k USD.
Bill Gates recently bought DR-DOS, renamed it MS-DOS and sold it to IBM through him mom's blue-blood connections. Windows wasn't yet an incubus gleam in Bill's eye. The Apple Lisa came out around the time I quit.
"Bill Gates recently bought DR-DOS, renamed it MS-DOS and sold it to IBM through him mom's blue-blood connections"
Most sources say that MS-DOS (and thus PC-DOS) started life as "Q-DOS" (or 86-DOS) from Seattle Computer Products which Gates bought.
If I recall, Digital Research's DR-DOS came quite a bit later, well after Gates failed to license a version of CP/M from Kiddle and instead bought his OS from Seattle Computer Products.
"Most sources say that MS-DOS (and thus PC-DOS) started life as "Q-DOS" (or 86-DOS) from Seattle Computer Products which Gates bought."
Correct.
"If I recall, Digital Research's DR-DOS came quite a bit later,"
DRDOS came out when MS-DOS was already at version 3 in late 80s.
"well after Gates failed to license a version of CP/M from Kiddle"
Kildall.
...and it was IBM that tried to license CP/M for their upcoming IBM PC but the negotiations fell through. IBM obviously needed some kind of OS so they went for DOS.
Thanks Sandtitz for your corrections to my errors.
I knew I should have checked Gary Kildall's name - and I've been watching The Computer Chronicles on YouTube which has Gary in it! Quite a blast from the past seeing the chunks of Micro Focus COBOL code in the opening credits.
If I recall, the licensing of CP/M fell through for some odd reason like Kildall wasn't at home when IBM turned up and couldn't be bothered with them - or something like that LOL
Q-DOS was a 'quickly' cobbled together clone of CPM which Seattle Computer Products would sell.
Gates procured a license to use Q-DOS, but NOT to resell/relicense it which he did to IBM.
Both of Gates parents were powerful lawyers and little Seattle Computer Products could not afford the continued litigation.
The case against Microsoft for the theft of Q-DOS was eventually won by the people that bought up the rights to Q-DOS but that was many years later.
"Q-DOS was a 'quickly' cobbled together clone of CPM which Seattle Computer Products would sell."
Yes. SCP made their own 8086 based computer board for which Kildall's Digital Research couldn't produce a version of CP/M for some reason; hence QDOS.
"Gates procured a license to use Q-DOS, but NOT to resell/relicense it which he did to IBM."
Afterwards Microsoft bought the whole 86-DOS from SCP in 1981. Then MS licensed it to IBM which IBM sold as PC-DOS.
"Both of Gates parents were powerful lawyers and little Seattle Computer Products could not afford the continued litigation."
Can you tell us which litigation this was?
According to Wikipedia, Bill's mother was not a lawyer nor did she even study law.
"The case against Microsoft for the theft of Q-DOS was eventually won by the people that bought up the rights to Q-DOS but that was many years later."
Theft of QDOS? Microsoft bought QDOS from SCP. Lock, stock and barrel.
I think you are mixing up the birth of QDOS and Kildall's opinion that it was based on CP/M code, but for which I haven't seen any evidence even though DOS source code is available.
"Q-DOS was a 'quickly' cobbled together clone of CPM which Seattle Computer Products would sell."
Tim Paterson cloned CP/M's API at the source level to make easy to port CP/M programs to 86-DOS. This included a utility for reading CP/M formatted disks and a program to do most of the work translating Z-80 assembly code to 8086 assembly code. The underlying structure was very different, with use of software interrupt 21H for accessing OS calls. One very distinct difference was 86-DOS kept records of file size in bytes.
FWIW, my first computer was an SCP S-100 system that came with the 86-DOS documentation.
Finally, the IBM PC and clones never properly implemented the time of day function call - SCP used an AMD 9513 for the clock and the time was incremented in 10ms steps.
Every time I read 'Fabrikam Computer' I just picture an innocuous beige box with a stupid blond wig.
I had a HP laptop and it needed a specific version of Windows XP to get it to work for free. It had to be the Windows XP Media Center Edition made for HP, thankfully you could get it online, then you had to add the service packs and only then the thing would finally get the Windows XP updates more or less okay.
Cracked software used to be very common in the late 90s and most of the 2000s.
Nowadays pirated software is still very common in places were the prices are too high or were they legally cannot get it.
Or as it's known in English-speaking countries, the APC-III. I somehow ended up in possession of a box of APC-III software including a MS-DOS 3.3 boot disk. Now, my PC clone (a Sharp PC-7000A) only had MS-DOS 2.11 which certain newer MS-DOS games would refuse to run on, so having a DOS 3.3 disk would be a total upgrade (mind, this was back in the days where having a hard drive meant you were stinking rich in this region, so us plebs made do with floppies, with the added advantage that they could be copied and swapped with your cousins).
Except that the disk wouldn't boot proper, it would just bootloop, showing the Sharp BIOS screen, the Starting MS-DOS message, and then reboot a second later. All the programs in the box also rebooted the system when run. I wrote it off as the box of disks being faulty and threw them aside.
I later found out that NEC had injected extra code into their version of MS-DOS for APC-III/PC-98, as well as their pack-in software, to look for a "Copyright NEC" string in the BIOS, and not finding it, reboot continuously until the machine is shut off.
Cheeky.
I later found a copy of MS-DOS 4.02 from an Epson machine and that one isn't sabotaged in that way. Sure it was widely considered the worst version of MS-DOS ever created, but it offer me reprieve in that games that previously refused to run with a "Requires MS-DOS 3.3 or Later" error could at least now make it to the title screen before locking up.
This reminds me of the Microsoft DR-DOS issue. If Windows (at this time it was a program not a operating system) found itself running on a PC running DR-DOS instead of Microsofts MS-DOS it generated a cryptic error just to scare the user.
https://en.wikipedia.org/wiki/AARD_code
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
