Difference between revisions of "Timebomb"

From BetaWiki
Jump to navigation Jump to search
(Probably shouldn't keep instructions to remove timebomb/bypass activation, but revert if needed.)
Line 1: Line 1:
[[File:NTexpiredcrash.png|thumb|Windows showing a BSOD with the stop code of END_OF_NT_EVALUATION_PERIOD]]
 
 
 
'''Timebomb''' or '''time bomb''' is a software mechanism that renders a computer program unusable after a pre-set period of time. It is commonly seen in pre-release software, where it is used to discourage users from holding onto outdated testing versions.
 
'''Timebomb''' or '''time bomb''' is a software mechanism that renders a computer program unusable after a pre-set period of time. It is commonly seen in pre-release software, where it is used to discourage users from holding onto outdated testing versions.
  
 
== Windows ==
 
== Windows ==
 +
[[File:NTexpiredcrash.png|thumb|Windows showing a BSOD with the stop code of END_OF_NT_EVALUATION_PERIOD]]
 +
In Windows 9x-based builds of Windows, the timebomb is activated by <code>IO.SYS</code> and <code>MSDOS.SYS</code>. Once the timebomb is triggered, Windows will display a message on boot saying the pre-evaluation period has expired. Windows will then immediately shut down and will not boot until the operating system is reinstalled with the correct BIOS date. [[Windows 95 build 216]] is the first build to include a timebomb.
  
In NT-based Windows versions, once a timebomb is triggered, a bugcheck (BSOD) of 0x98, END_OF_NT_EVALUATION_PERIOD, is used.
+
In NT-based Windows versions, once a timebomb is triggered, a bugcheck ([[BSOD]]) of 0x98, END_OF_NT_EVALUATION_PERIOD, is used. While [[Windows 2000 build 1627.1]] is the first NT build with a timebomb, a [[Windows NT 3.5 build 807.1 (Korean Beta)|Korean Beta of Windows NT 3.5 build 807.1]] included concept of a timebomb as a message box that would change to tell the user to install a retail copy of Windows.
 +
 
 +
Most notably, most builds of [[Windows 10]] version 1507 and [[Windows 10 version 1511|1511]] have certificates on majority of the files. Should the timebomb activate, the bootloader will be broken due to expiring certificates.
  
 
=== Locations ===
 
=== Locations ===
Line 16: Line 18:
 
The location of the timebomb in [[Windows 2000]] is currently unknown.
 
The location of the timebomb in [[Windows 2000]] is currently unknown.
  
=== How to remove the timebomb ===
+
== macOS ==
''Note: These steps are only if you do not know how to hex-edit.''
+
Currently, only the [[Mac OS X Public Beta|Public Beta]] includes a timebomb. While the timebomb didn't allow the user to log into the user interface, it didn't affect the Darwin kernel or any other components not related to the Aqua interface.
 
 
# Locate the <code>tokens.dat</code> file.
 
# Search online (or in case from a base OS, use a file from another computer/virtual machine) for a <code>tokens.dat</code> file that is from the base OS or search for a broken timebomb <code>tokens.dat</code> file, and download the file.
 
# Use another OS to replace the <code>tokens.dat</code> file with the other.
 
# Reboot the machine and boot into Windows.
 

Revision as of 20:37, 19 June 2020

Timebomb or time bomb is a software mechanism that renders a computer program unusable after a pre-set period of time. It is commonly seen in pre-release software, where it is used to discourage users from holding onto outdated testing versions.

Windows

Windows showing a BSOD with the stop code of END_OF_NT_EVALUATION_PERIOD

In Windows 9x-based builds of Windows, the timebomb is activated by IO.SYS and MSDOS.SYS. Once the timebomb is triggered, Windows will display a message on boot saying the pre-evaluation period has expired. Windows will then immediately shut down and will not boot until the operating system is reinstalled with the correct BIOS date. Windows 95 build 216 is the first build to include a timebomb.

In NT-based Windows versions, once a timebomb is triggered, a bugcheck (BSOD) of 0x98, END_OF_NT_EVALUATION_PERIOD, is used. While Windows 2000 build 1627.1 is the first NT build with a timebomb, a Korean Beta of Windows NT 3.5 build 807.1 included concept of a timebomb as a message box that would change to tell the user to install a retail copy of Windows.

Most notably, most builds of Windows 10 version 1507 and 1511 have certificates on majority of the files. Should the timebomb activate, the bootloader will be broken due to expiring certificates.

Locations

Windows 10/8/8.1:
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense

Windows 7/Vista/XP:
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform

The location of the timebomb in Windows 2000 is currently unknown.

macOS

Currently, only the Public Beta includes a timebomb. While the timebomb didn't allow the user to log into the user interface, it didn't affect the Darwin kernel or any other components not related to the Aqua interface.