WinXP Keygen Foils Product Activation 559
Bill Gates' Friend's Brother's Roommate writes: "The Register has a story on a working key generator that produces 25 valid Windows XP Product Activation Keys in a few hours. As author John Lettice summarizes, 'So the question as regards keymaking software is whether or not Microsoft has any way to differentiate between generated keys and the ones it has issued itself. If not, this generation of WPA is now surely toast.'"
Weird (Score:5, Interesting)
Well, yes (Score:1, Interesting)
We've got your MAC address, so it isn't like it's a big deal to verify the AID against that to make sure you aren't just loading the OS across multiple machines.
Basically, this system will work as long as you don't connect to the internet.
Enjoy!
It's a security issue (Score:2, Interesting)
Given Microsoft's rather lackluster track-record in the area of security, is it any wonder that their own protection scheme has (allegedly) been cracked so soon?
Maybe they wrote it with the new C++ compiler
This just generates the keys... (Score:2, Interesting)
All of the folks looking for a free copy are better off finding a copy of the corporate edition, which doesn't phone home.
25 keys in one night with one PC (Score:5, Interesting)
This is a bit late in the game to even care... (Score:4, Interesting)
Given that WPA is effectively not a barrier at all (for any but the most in-need-of-a-clue user), why even bother? Windows-based revenue will clearly not rise because of these measures, and it will in fact scare away the set of users that qualify as casual copiers. Microsoft won't gain any money out of this, but they will lose mindshare.
But really, all the above only applies to those who would venture to re-install Windows. I would guess that involves less than 5% of Windows users. In other words - almost no one. Microsoft is still VERY dependent upon the OEM teat AFAIK.
If I'm right about that, then WPA doesn't even matter. Why they're putting up such a fuss with consumers over this is a complete mystery to me. They will not profit by it.
Am I missing the boat on this somehow? This whole thing just seems stupid to me.
It's not the serial number that's important. (Score:3, Interesting)
I have to wonder if Microsoft has done this? I mean, logging every single serial number for every copy of WindowsXP produced everywhere in the world...and then maintaining it. That's a tall order, even for them. I think they'd get more bang for the buck by blacklisting every copy of XP that uses that "FCK" serial that was distributed like crazy.
Well they won't accept their license agreement... (Score:5, Interesting)
ncftp -u xpkey -p xpkey -P 6473 24.22.15.128
keygen (Score:3, Interesting)
Most people not paying for XP are either going to be using the crack on the "trial" version or downloading the corporate version from their fave p2p network.
Thinking about the 2nd scenario, the corporate version requires a key, but doesn't need activation. The key is printed on the back of the cd case and every corporate version.rar I have seen has the same key- starting, (amusingly) "FCK..."
Anyway- the corporate versions of Win2000 didn't need a key- they filled it in for you (unless I am getting mixed-up with other MS software of the same period).
So, the big question is: Why does the corporate version need a key? MS knows it is damn easy to write it down, so there's no security there, but if MS wants to check the key when the system connects to the internet, checking against a database (oh look, 3 million people all using the same key!), then isn't this a similar hassle to product activation, only done sneakily with no dialogs ?
Presumably if you install the corporate version with the "FCK..." key and never connect to the internet then it will never hassle you or expire or need to be activated, but if you do connect to the net then it *could* be sort of activating itself by checking the key with microsoft. If this turns out to be the case then you could always block it with your favourite firewall, since as this would be a sneaky check they could hardly deactivate your machine if they couldn't connect...
Then again, we all know that MS loves home piracy and the product activation is just to stop small and medium businesses from using one cd on their whole lan.
graspee
Re:This just generates the keys... (Score:3, Interesting)
Otherwise, it'd be pretty useless.
Don't ruin MY key (Score:4, Interesting)
Re:Weird (Score:4, Interesting)
Except that every Blizzard game I've ever played would be just peachy if a reg-code of all 3's was typed in. Seriously.
For those of you who don't read German... (Score:2, Interesting)
Here is the translated link from the register:
Crack and Keymaker activate Windows XP
In the Internet circulate two different programs,
which can activate Windows XP also without
Microsofts benediction completely.
The Patch of the group of Sad team consists only
one 700 KByte of a large EXE File, which contains
a Installer.
In order to de-energise the Home and Professional
versions of Windows XP, the Patch is started in
the secured mode. After a restart Windows is
completely activated.
The second tool is a Keymaker, which generates
valid D-CKeys for Windows XP Home, Professional
and Corporate as well as for Office XP and Visio XP.
In addition the program counts quite a while: In
our test generated the Tool within one night of 25
valid codes for Windows XP Home.
If such a code is indicated for the installation
of Windows XP as Product ID, the copy can be
de-energised completely ' officially ' by
Microsoft by telephone or Internet connection.
Since Windows XP on the market is, a multiplicity
of Crack programs promises to be able to go around
the activation. Most functioned however not;
the only worked method was so far the exchange of
some files on the installation CD against versions
from the corpus width unit version with a total
volume of 13 MByte. ( kav / c't)
Re:want to copy xp the easy way? (Score:2, Interesting)
I changed the mb and processor in my (legal, non-corporate) XP and it didn't say a thing either.
graspee
Re:Can we say Service Pack 1? (Score:4, Interesting)
The only thing even vaguely close is the ms office update that refuses to install if its running with a known bad serial number, but that doesnt disable anything.
My theory is that the damage is already done. Messing up the OS isnt going to make the person buy a real copy, it'll just make the person reinstall the same insecure pile of crap they installed in the first place, and then ms will get blamed again because stupid people dont know how to secure their illegal boxes. It's in Microsoft's best interest to let people with stolen versions update their OS, so if nothing else, they dont have software pirates spreading things like Nimda.
Re:Weird (Score:3, Interesting)
Yeah, but it's only question of time when the first keygen starts bombing multiplayer authentication with generated keys until one is okayed and returns only that to end user. Yeah, perhaps your IP gets logged but you wouldn't run that kind of program on your own computer, would you? Local library or ISPs shell would be just fine.
Current system could work if keys were big enough so that hitting real key with keygen would be hard but, unfortunately, as long as end user has to type in the code during install you cannot input that many bits into the key anyway.
Re:But what about Microsoft snooping on your key? (Score:3, Interesting)
The guys in comp.os.vms group claim to have put a packet sniffer on an XP box with nothing special running and found encrypted packets heading for microsoft. No idea what was inside them.
So what? (Score:5, Interesting)
No. Here's what I say: So what?
Great, it's cracked. You know what? The number of people who will wind up using the crack is probably insignificant to MS.
Newsflash! There have been anti-activaition cracks from day one with more efficiency than this. How about the cracks that allow you to never register? How about buying a version of XP Pro that doesn't require activation (Corporate(expensive) or Academic)? How about pirating one? I looked on hotline the day of XP's release and there were already several servers claiming to have the Corporate Version of XP Pro.
To top this all off, how many people will really use this? I'll give you a hint: proportionately few. The vast majority of people who will upgrade to XP either don't know or care that there is a hack, or are businesses that have to have legitimate software (activation and all). Well, I suppose they don't have to, but most businesses consider it a good idea.
So that's my thoughts. It's cracked. It's a great feat and all, but the number of illegal copies of XP isn't going to suddenly, dramatically surge.
Broken? (Score:1, Interesting)
[adam@awilliam adam]$ cat winxpactkey
#!/usr/bin/perl
use MIME::Base64; $x = ""; while() { $x
[adam@awilliam adam]$
Old news (Score:2, Interesting)
Ohh and did I mention there's also an activation code generator?
Your point is? (Score:4, Interesting)
Good god, who here ever thought WPA was going to stop the pirating of MS software?
*prolonged awkward silence*
Yeah, that's what I thought.
WPA not meant to stop crackers (Score:2, Interesting)
Re:Include a movie clip, as "part of the OS", (Score:2, Interesting)
Actually, as seen in the DeCSS case, the courts have decided it illegal to circumvent an *access control* technology, which is what CSS is. CSS doesn't prevent copying a DVD, it prevents viewing it on devices whose manufacturers haven't paid their license fee to the DVD cartel.
Since WPA (or any key system) could also be construed as an access control technology (it doesn't prevent copying, it prevents unauthorized use), it is possible that the DeCSS case could be used as precedent to make keygens illegal to write or distribute or even link to.
Re:Heres another way to foil product activation (Score:3, Interesting)
A better analogy... (Score:2, Interesting)
And, of course, you can't have a locksmith duplicate your keys if you lose them, because locksmithing is illegal under the DMCA. Please, understand this, we need the DMCA to give an incentive to software and entertainment producers to keep churning out their creations. After all, which is more important: having some way to get into your home if you lose your keys, or making sure your kids will have an uninterrupted supply of first-person-shooters?
OH NOOO!!! (Score:1, Interesting)
You are ruining people's fantasies about sticking it to MS!!
Like the fantasy about costing MS $100 by buying an XBOX for $300 but not buying any games (because MS loses $100 on each XBOX). Of course, this plan glosses over the fact that anyone who does this is out $300 themselves in the process, but don't let logic stand in the way of these "let's stick it to MS" people!!
Re:keygen (Score:3, Interesting)
Re:But what about Microsoft snooping on your key? (Score:5, Interesting)
It trys to connect to time.microsoft.com, windows updates, intellimouse updates, m$ internet keyboard pro, media player, msn messenger, windows explorer (dont know why, but my firewall catchs it).
Im running tinysoft firewall, which tells me which process is trying to connect to the internet, and create an ACL for it. It also does a CRC check to let me know if the binary is updated.
Here are a couple processes from my ACL.
e:\program files\microsoft hardware\keyboard\type32.exe
e:\program files\microsoft hardware\mouse\point32.exe
e:\program files\common files\system\mapi\1033\nt\mapisp32.exe
e:\windows\pchealth\helpctr\binaries\helphost.e
e:\windows\system32\ALG.exe (Application Layer Gateway Service)
e:\windows\system32\LASS.exe (Local Security Authority System)
e:\windows\system32\svchost.exe (Generic Host Processes for Windows)
-
Majority rule only works if you're also considering individual rights. Because you can't have five wolves and one sheep voting on what to have for supper. - Larry Flynt
Re:keygen (Score:2, Interesting)
Re:Well, yes (Score:3, Interesting)
-jerdenn
Re:Weird (Score:4, Interesting)
Re:Weird (Score:1, Interesting)
Last time I made sure that the house I built wasn't being used illegaly they jailed me for murder.
There's limits to as far as you can go to protect your property. The destruction of other's property to protect your own, is, in many countries, a very grey area. The author of CDRWin may be liable for any lost data should the software purposely attempt to destroy any data, fake backing it up, or cause the computer to be unusable. Sure, you may have to pay a fine and (very very unlikely) go to jail, but that could pale in comparison to what this person is letting himself in for.
Ever noticed that most satellite companies don't destroy hardware remotely even when it knows the receiver's hacked? The worst they usually do is rewrite the software which they own. They don't, however, try to wear out eeproms, or anything else that doesn't have "this is owned by xyz company" written on it. They know there is a huge liability problem involved in this, and they know a jury would consider purposeful mass destruction of hardware a much worse crime than getting a free month or two of TV (which, in some cases, is legalized anyways).
Comparing Apples and Oranges and Tangerines (Score:2, Interesting)
Re:Microsoft (Score:2, Interesting)