Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security Of Windows/Office XP Activation Code?

Cliff posted more than 13 years ago | from the more-security-thru-obscurity? dept.

Microsoft 219

merodach asks: "In pondering the next versions of Windows and Office (XP), the wonderful save-us-from-ourselves product activation, and MS's repeated public blunders with security I began to wonder about the security around the activation code, itself. Specifically, I was wondering how it would impact my job as an IT Consultant with regards to Melissa-type viruses and trojans which might: surreptitiously use the transmission code to send sensitive info to competitors/enemies of my customer; and (assuming that the software checks this periodically) change the activation info and damage/destroy the ability to repair that info (in short order rendering an entire network useless). As I don't have access to the beta versions or the code I was wondering if anybody in the Slashdot community would be able to list or explain what, if any, precautions are being taken on this." As it happens, TechRepublic has an article about this very subject. Thanks to Deecyl for the link.

cancel ×

219 comments

Sorry! There are no comments related to the filter you selected.

Re:Activation code won't change anything (1)

Anonymous Coward | more than 13 years ago | (#375630)

The point is (according to a news.com article) that Microsoft is trying to crack down on casual copying, such as borrowing a friend's (legal) copy and installing it on your machine, or using one copy for an entire business. These are the people that won't be downloading cracks for the most part, because once you do that it makes people think about the fact that (according to Microsoft et al) they're now stealing. Just borrowing someone's cd kinda helps people get over that, because they're making no effort to bypass any security.

Re:Reinstalling WON'T require activation? (2)

dattaway (3088) | more than 13 years ago | (#375638)

Siemens uses the 'key' in the MBR trick for its PLC dev. software... virus scanners used to kill it all the time.

I know about this. And Allen Bradley is boneheaded about their software too. This makes their PLC's often out of reach on nightshift from debugging when the person who has the key, dongle, whatever is not reachable. Its a joy to watch manufacturing lines churn out thousands of pounds worth of scrap because a software key can't be had until morning. In my opinion, this makes the lesser known vendors who sell non-proprietary PLC's much more attractive.

Re:Reinstalling WON'T require activation? (2)

dattaway (3088) | more than 13 years ago | (#375639)

What is so disgusting, is that people are threatening to sue MS over defective software that hasn't even shipped yet, and the customer is buying the software knowing of the risk ahead of time.

Sure I know about it, but that doesn't mean I don't have to use it. You see, I work at a large manufacturing plant. Large. When software has a quirk and decides to halt, the manufacturing process halts. With plastic extrusion, any stoppage of the process can be quantitized in terms of several thousands of dollars in scrap per event, not to mention the burden downtime. When NT just decides to halt the entire computer, I become acutely aware of how serious a problem is.

I don't purchase proprietary software and its licenses. I never will. But there are people unknown to me that I work with who do. The COO even backed me about my complaint with shitty software, but he's powerless to do anything about it. Politics at work just seem to go with whatever products are marketed the strongest. Its sick, but its what I have to deal with daily.

Pointless (1)

cpt kangarooski (3773) | more than 13 years ago | (#375640)

There is no need for MS to bother with this. They can still sue the crap out of anyone who pirates the software in most jurisdictions, yet there doesn't have to be a license or serial number at all in distributing it.

A strongly implied part of the copyright contract is that works have to be useful. A book that's so heavily encrypted as to be unreadable has not effectively been published, and will not enrich the public domain when it enters it. MS can leave the door wide open, and not lose a shred of their legal shield. Indeed, they're granted that shield on the condition that they leave the door open. Now if only Congress or the courts would revoke copyrights from publishers who seem to want to grant and enforce them themselves. They'd be welcome to try, but would get no help from Uncle Sam.

Re:Reinstalling WON'T require activation? (1)

bbcat (8314) | more than 13 years ago | (#375642)

Another way that companies use is to encode
with the serial number of drive C:

Lattice is one.

Borland seems to be doing something like
that for the Delphi try out.

If Microsoft use this then when you format
the drive it would be kind of hard to get
the same code.

Re:It talks to Microsoft.... (1)

Noke (8971) | more than 13 years ago | (#375643)

Microsoft has an 800-number for people to call and speak with someone to get the activation code.

Re:It won't last long... (2)

jms (11418) | more than 13 years ago | (#375645)

In other words, Microsoft is implementing the exact strategy of the MPAA's CSS encryption.

Even if someone were to figure out how to circumvent the activation system, what are the odds that the hack will find its way onto the web?

Activation codes (4)

jms (11418) | more than 13 years ago | (#375646)

The article asks:
OK, if product activation isn't the answer, then what is? Imagine you're running the Windows or Office business at Microsoft-how do you keep your product from being stolen without inconveniencing your customers or holding their PCs hostage? I'll take the best suggestions and pass them along to Microsoft.

Here's a simple approach. Cut deals with all of the hardware manufacturers so that they are forced to purchase a copy of Windows for each machine they sell, whether or not the user wants it. This way, Microsoft will receive automatic license payments on probably 95% of all PCs manufactured, leaving only the 5% or less of PCs that are built from scratch vulnerable to Windows piracy.

Oh wait ... they're already doing that.

Re:How useful is this? (1)

esper (11644) | more than 13 years ago | (#375647)

It's actually slightly worse than that... If you click on the 'it won't look as cool' link, you get dumped on TechRepublic's front page - it doesn't appear to even try to send you to the article you were originally headed for.

The world really needs fewer sites like that.

Difference between Select and non-select CDs? (2)

swb (14022) | more than 13 years ago | (#375651)

The rumor mill has it that the Select version of XP will be register-free, to help companies that do imaging and the like. To my eyes these look like the non-Select version of the same install CD. My question is, what's to prevent someone from comparing a select and non-select XP CD and finding the N files that are different (presumably they will largely be the same) and producing either a binary patch set or just distributing those files?

Re:Reinstalling WON'T require activation? (2)

Sloppy (14984) | more than 13 years ago | (#375653)

What is so disgusting, is that people are threatening to sue MS over defective software that hasn't even shipped yet, and the customer is buying the software knowing of the risk ahead of time.

Anyone who knows the risk before purchasing, shouldn't be allowed to sue. This R. Kinner sounds like a seriously irresponsible asshole.

It's like if I sued the maker of these cyanide tabl--Arrr.... *thud*


---

How useful is this? (1)

sharkey (16670) | more than 13 years ago | (#375655)

And I quote:
TechRepublic.com is optimized for the latest versions of Microsoft Internet Explorer and Netscape. You probably received this redirect page because the browser you just used to access our Web site does not meet this criteria. TechRepublic is the IT professional's source for many exciting articles and features developed to help you succeed in your career. This information can't be found in a book or manual - it's written for you by professionals who, like you, are in the trenches. In addition, TechRepublic offers forums to get you answers to pressing IT problems, as well as job and peer directories. Why not upgrade to a more current Web browser? You'll be glad you did. Alternately, you can view our site with your existing browser, but it won't look nearly as cool.

Apparently TechRepublic feels that "looking cool" is the most important thing. It's more important to them that their website is "kewl," rather than having me read it using my browser of choice. (I did see the link dumping on my browser, but letting me in the site, so don't say it. The redirect is irritating, and makes me not want to read anything on their site.)

Anyone have a mirror that is not designed to piss non-Microserfs off?

--

Re:It talks to Microsoft.... (2)

TWR (16835) | more than 13 years ago | (#375656)

How does it know two weeks have passed? Why can't I just set the clock on my computer to the year 9 billion, install XP, and then fix my clock?

-jon

Have you ever updated Helix GNOME?? (1)

Steve Hamlin (29353) | more than 13 years ago | (#375662)


"Please wait while Helix GNOME update downloads a list of updates available for your system. This is done without any data being sent to Helix Code, Inc."

"oh-ok - I dont mind then..."

Did YOU read the source code? No? Then I guess you "don't mind then" if the Update Agent sends your email/passwords to Helix/Ximian.

I am not a huge fan of Microsoft either, but the silly SlaphDash.org knee-jerk "Micro$oft suxors" reaction to any mention of them is just moronic.

Great for Linux! (1)

patrixx (30389) | more than 13 years ago | (#375665)

If this becomes true, the installed Windows and Office base will most likley get smaller and older (people wont upgrade), thus leaving a bigger opening to Linux and Linux software in the home/desktop market.
The mere threat will contribute to this as well.

When the snowball starts to roll... ;-)

Precursor to software rental (1)

Dhrakar (32366) | more than 13 years ago | (#375666)

Rather than look at this from the one-time activation viewpoint, look at it from the perspective of what Microsoft wants to do with .Net... That is, since they are going to the subscription model for Office, Windows, etc. then it makes sense why they are creating a unique 'fingerprint' of your system. What better way to track the software you are renting from them?
So, I suggest that Microsoft does not care whether or not the XP scheme is cracked. They just want to get unique fingerprints for all these systems on file for when .Net is rolled out.

It's an Interesting Question (1)

daviskw (32827) | more than 13 years ago | (#375667)

The referenced article doesn't really answer it except to say that customers who buy a site license would probably not have to worry about this feature.

The bigger question really is: Why does Microsoft think it's okay to declare war on individual users? By their own admission their biggest customers will be left alone. Individuals, on the other hand, who still go out and buy their licenses on a regular basis, like me for instance, are going to be put out in a big way over this issue. Basically it boils down to: I want to install Windows but I don't have a modem hooked up yet so I can't activate Windows to make it work.

From my perspective of this, the moment Microsoft tries to sell me something that requires activation, I'm out of here. I've gone through this with Rational Rose 2000 addition and I know that both KDE and Gnome are getting good enough for my wife and kids to use. If they implement this feature then I have bought my last copy of Windows.

Anyway, the'll never do it because most customer's are going to be so pissed off it'd be like shooting themselves in the feet.

OT: Techrepublic, stop nagging me about my browser (1)

knarf (34928) | more than 13 years ago | (#375669)

Aw shucks, here we go again... Instead of the article, I was presented with a nag screen telling me 'TechRepublic.com is optimized for the latest versions of Microsoft Internet Explorer and Netscape. You probably received this redirect page because the browser you just used to access our Web site does not meet this criteria.'.

The screen goes on about Techrepublic being 'the IT professional's source for many exciting articles...' and more marketing-drivel, finally trying to coax me into upgrading:

Why not upgrade to a more current Web browser?
You'll be glad you did.

...followed by the usual Download Microsoft Internet Explorer Now! command.

Hm, I'm running a freshly compiled version of Mozilla. Maybe they don't like my Junkbuster proxy [junkbuster.com] ?

Anyway, why don't they stop nagging me, and let me decide what browser to use, and let me decide whether their site is 'exciting'? If it is, I'll come again, and I'll spread the word. If it isn't, no matter how often they use those e* words I won't be back.

Re:Reinstalling WON'T require activation? (2)

Azza (35304) | more than 13 years ago | (#375671)

Read the quote again, specifically The activation will be automatic.

Call me stoopid, but I can't see how this would work without Office storing the code on the HDD somewhere.

Reinstalling WON'T require activation? (4)

Azza (35304) | more than 13 years ago | (#375672)

From the TechRepublic article:

Every time you reinstall Windows, you'll need a new code.
R. Kinner is already prepared to join a class action lawsuit against Microsoft: "If I, as a home user, am forced over the course of a year to reinstall XP five times, and MS refuses me a sixth code, they are the ones breaking the commerce contract that was begun when I purchased the software." Call off the lawyers! You can reinstall Windows or Office XP an unlimited number of times on the same hardware. The activation will be automatic.


This has to be bullshit. If I reformat and reinstall, how could Office possibly know that I already have an activation code? Where, exactly, is Office storing the activation code? On the hard drive I just formatted?

Ditto if I upgrade the hard drive. Am I missing something here?

Re:No major problems? (2)

Langdon (44221) | more than 13 years ago | (#375680)

Major problem - if you're an MIS tech suddenly faced with upgrading hundreds or thousands of PCs at once, this activation thingy is another thing that can go wrong. Anything that makes MIS's job harder is one less thing they'll be inclined to order.

One reason for the sucky sales of Win2000 - out-of-the-box, it doesn't play well with existing NT installations, so lots of corporate and government MIS departments haven't upgraded yet. This is MS's main revenue stream, the one which pulls in the big bucks. Doesn't matter if the MIS head is a Microserf or not, if the upgrade causes more lost revenues in terms of downtime and tech support than benefits, it's not gonna happen. And yeah, there are a lot of stereotypical PHBs out there, but if an upgrade causes a company to lose actual $$$, as opposed to the "benefits" and "increased productivity" of the upgrade (especially those that have been burned by the Win9x -> Win2k upgrade) even a die-hard non-tech PHB is going to take a second look before signing those purchase orders.

Re:Activation code won't change anything (1)

BigNachos (50202) | more than 13 years ago | (#375683)

Increases in sales won't actually mean greater revenue, just greater gross profits. The revenue would be offset by the development and maintainence costs of the registration system. Small increases in sales could mean that MS would be losing money...

Did I say that right? I sucked at econ...

It talks to Microsoft.... (2)

NetJunkie (56134) | more than 13 years ago | (#375686)

After you've installed XP you have like 2 weeks to "activate" it. You'll start getting notices. If you don't activate it within the two weeks the app and OS (Whistler does this too) stops working.

To activate it the software connects to a Microsoft server and verifies your key hasn't been used by 20 other pirates.

Actually, you are _already_ in trouble ;) (1)

JPS (58437) | more than 13 years ago | (#375687)

Activation code or not, it is very possible that windows is already sending sensitive information away. There are some incredibly subtle way to do this so that any statistical analysis on the output would fail.



I would make perfect sense that MS has installed a backdoor which leaks information slowly. I mean, they'd have the ultimate spying tool ever...



I would never use Windows or any closed source product to handle sensitive information, activation code or not.

Of *course* they'll do it (2)

alister (60389) | more than 13 years ago | (#375688)

I'm having some trouble understanding the people who are saying that Microsoft won't do this. Of course they will. Who's to stop them? And Windows XP and Office XP will sell lots and lots of copies, because people just take this sort of crap from Microsoft.

I've got a select agreement with Microsoft where I work, and so I'll be getting CDs with no activation code required. So will lots and lots of other users, and one of them will post the ISOs somewhere (I won't - I've too much self-respect ;-)

However, the net effect will be lots of users with Office/Windows XP in their workplaces, and all new PCs being bundled with Windows XP at least. Home users will upgrade to be compatible with their workplace, but it's the new PCs that will drive sales. Windows XP will be the only OS available from OEMs.

Alister

Re:Reinstalling WON'T require activation? (2)

sconeu (64226) | more than 13 years ago | (#375691)

It will just go into that MBR of your HD that no-one but M$ should have code in there anyway....

Lets see... LILO, or other bootloaders....

Or here's an even more fun one... I had to patch a system because of a bug in the BIOS (this was before Flash) that caused it to misbehave with SCO Xenix (not Unix, Xenix). In any case, to make the patch transparent, I patched the MBR.

Get an fscking clue, dude.

Re:No major problems? (2)

sconeu (64226) | more than 13 years ago | (#375692)

Oooh, now you've given the 1337 5kr1P7 K1dd135 something useful to do!

Re:Activation code won't change anything (2)

sconeu (64226) | more than 13 years ago | (#375693)

That was Borland's No Nonsense License Agreement.

Re:It won't last long... (1)

Cuthalion (65550) | more than 13 years ago | (#375695)

It's competely unreasonable to say that each instance of piracy that is prevented leads to a sale. Given how widespread piracy is, that money that Microsoft and the RIAA claim as 'losses' simply does not exist.

It won't last long... (2)

Tassleman (66753) | more than 13 years ago | (#375696)

I don't honestly think this activation code will last long. Between the activation data being corrupted, destroyed (by accident, virus, etc), and whatnot, I think Microsoft will eventually be FORCED to pull the code in order for it's customers to have an easier time of it all.

That and it'll be cracked soon enough after release that the pirates can have their way with it anyways, rendering the whole grand plan by Microsoft to stop piracy useless.

Re:Oh great. (2)

po_boy (69692) | more than 13 years ago | (#375698)

You mean like the front door to your house, which disallows you entry until you prove that you are authorized by posession of the right key?

yeah - that is pretty facist.

All your event [openschedule.org] are belong to us.

me like activation code (3)

po_boy (69692) | more than 13 years ago | (#375699)

Now when I ask for my refund on windows, won't it be easy to verify that I've never used that installation and am entitled to the refund? Or perhaps it's already activated by the OEM when they installed windows.

All your event [openschedule.org] are belong to us.

What about code theft victims? (1)

Tsujigiri (77400) | more than 13 years ago | (#375702)

To activate it the software connects to a Microsoft server and verifies your key hasn't been used by 20 other pirates.

So what happens to a legitimate owner when 20 odd pirates steal his activation code? If the MS servers are registering multiple users and shut down that code, what happens to the legitimate user?

Hardware 'fingerprint' has been tried, failed (3)

Nonesuch (90847) | more than 13 years ago | (#375711)

This sort of scheme has been tried and failed, for two reasons-
  1. It's too easy to fake the 'system id' number, or just trick the code that checks it.
  2. It is too easy to accidentally do something that changes the number, causing the software to fail.

The hardware fingerprint is generally the MAC of the primary ethernet card (in a system with ethernet). So if you change your primary network card, the fingerprint changes.

This can be a major problem on laptops. My laptop did not come with onboard ethernet, and I switch out the PCMCIA ethernet card on a regular basis, plus each of my docking stations has an ethernet interface with it's own unique MAC.

It's often very easy to change the MAC on an ethernet card, but if you have two machines on the same network segment with the same MAC, strange things happen.

Re:WinXP crack (1)

_Shorty (98026) | more than 13 years ago | (#375713)

heh, this 'crack' was for an earlier version of the XP beta that didn't even have the activation code turned on yet

Re:Reinstalling WON'T require activation? (4)

F.Prefect (98101) | more than 13 years ago | (#375716)

It's not storing the code at all. Go up one paragraph in the article from the paragraph you quoted. It specifically says that the code is generated based on the hardware in your system. Unless you swapped out hardware as part of your format-and-reinstall, the code that is generated after the reinstall will be identical to the one that was generated before the reinstall.

Re:Reinstalling WON'T require activation? (2)

cybercuzco (100904) | more than 13 years ago | (#375723)

If it uses the same system as Mathematica 4.0 you will have to get a new code each time. Mathematica generates a code based on something within the machine. If for any reason you need to reinstall you need to get a new code. In theory you could run the software off the CD, but Mathematica wont let you do that either. It assumes that the legally purchased CD youre running the software off of is pirated. Regardless, if windows is using hardware as a basis, youll need a new code if you reformat and reinstall, and especially if you upgrade the HD.

Re:Best informed, "new" machine and .NET (2)

cybercuzco (100904) | more than 13 years ago | (#375724)

But seriously, it is not very clear how the "Microsoft Activation Center" is going to work.

Ironic that microsoft is using a MAC (which btw doesnt even require a serial to run, since you have to buy apple hardware.)

Alpha Micro and Activation Code (1)

tjgrant (108530) | more than 13 years ago | (#375727)

Long ago when I first graduated from college I worked for an Alpha Micro dealer. Alpha Micros were really cool little mini-computers that had a couple of unique qualities. One was that all software was distributed on VHS video tape. The second was that each Alpha motherboard had a unique ID chip. Any time new software was installed, we ran a programme that gave us a hash, called the software provider, read them the hash, and they gave us an unlocking code. This was an interesting copy protection system and worked quite well until one of the security chips went bad. Then, regardless of how many backups were available, it meant hours of phone calls to software providers to get new unlocking codes.

So, I'm not sure how MS is going to do their coding system, but I can guarantee that it will cause IT support people no end of headaches.

Stand Fast,

Activation code won't change anything (2)

Wizard of OS (111213) | more than 13 years ago | (#375728)

The main reason for introduction of the activation code, is to reduce the amount of illigal copies. Unfortunately for Microsoft, software crackers are usually very intelligent people that are challenged by such a nice new copy-protection schema. Therefore, I estimate that a crack for this new protection will be released within a week after the introduction of the new XP software

A rumor I heard (but I can't validate it, it remains a rumor) is that the guy who cracked a microsoft machine and had access to their network for about 2 weeks (article should be on /. somewhere) stole some snippets of code that were (coincidentally??) the ones dealing with the new activation codes. If that is true, than the crack can be released before the product ;-)


--

Re:Reinstalling WON'T require activation? (1)

metaphor (120934) | more than 13 years ago | (#375732)

Every Ethernet card has a hardware MAC address that is unique to every network interface in the world (supposedly). Many serious copy protection schemes are based partially on MAC address. While this can be changed on some cards, it won't work to have your machine and another machine with the same MAC address on the network. Microsoft can check your MAC address against a database of users' MAC addresses, too, to ensure you aren't faking it.

--

Re:XP encourages users to switch to Linux (1)

NiceGeek (126629) | more than 13 years ago | (#375738)

I agree...I use Windows (98 and 2000) but I dual boot with Linux. If MS makes this scheme of theirs as inconvient as it sounds, I WILL switch to Linux on a permanent basis. Playing the latest games is not a sufficiently compelling reason for putting up with this bullshit.

Re:Intel (1)

neuroscr (132147) | more than 13 years ago | (#375741)

I believe they've taken it out

Re:Activation code won't change anything (3)

rgmoore (133276) | more than 13 years ago | (#375742)

Crackers are responsible for very little of the vast majority of piracy. The vast majority is casual, where most people don't even realize they're breaking the law ("Hey jim, can I borrow your Office CD for a few minutes?").

But there's a serious question about how much this kind of piracy is actually costing Microsoft. Do you really think that every person who borrows an Office CD from work to install it on his home computer would really buy the full cost package from Microsoft anyway? I sure don't. I sincerely question whether this will actually be a money maker for MS in the long run. Discouraging casual copying won't actually increase sales very much (for the reason stated above), while the increased hassle of dealing with the copy protection scheme will make more people question the practicality of buying overpriced MS products. This will be particularly true unless there's an easier way of dealing with the copy controls for large businesses with huge numbers of PCs to manage. Just think about what dealing with all of those damn licenses will do to Microsoft's vaunted TCO.

Activation (1)

theancient1 (134434) | more than 13 years ago | (#375743)

I don't like this whole registration/activation thing very much. The less information I give Microsoft, the better. After reading this rumour [lockergnome.com] about a certain feature built-in to Microsoft's DCOM, I'd really rather not tell Microsoft who I am. Here's a snippet:
Microsoft has been compiling a massive database of names, registration codes, product keys, and linking them with data pulled from e-mail addresses stored in Outlook, Outlook Express, etc. as well as the serial numbers that can now be easily obtained from any Pentium-III CPU.


Microsoft has been coordinating their efforts clandestinely with other software manufacturers and predict law enforcement will be to a point where they can finally enforce copyright and anti-piracy laws by around 2005.
Keep in mind this is is only a rumour... but even if it's false right now, I woulnd't be surprised if we see this sort of thing some years down the road. This ties really well into the whole activation thing -- once Microsoft gets enough information on you, you're in their database. And with Microsoft integrating DRM into Windows XP [slashdot.org] , it's not too much of a stretch to wonder if every SDMI'ed MP3 you download will have an entry in Microsoft's little database. That's the big danger of having one company controlling too much of your software.

DoS Attack? (1)

wfaulk (135736) | more than 13 years ago | (#375744)

I don't know a hell of a lot about the proposed authorization scheme, but it seems to me that if you have to get authorization every time you start such an app (which would make sense to me, coming from Microsoft's addled brain), then it would be easy for someone to DoS your copy of Office or whatever. All you'd need to do is flood a network with a load of NAKs (again, assuming stuff I know nothing about). Of course, it should be equally possible to fake the ACKs, but is a legitimate company going to know how to do this if its small, or be able to convince its management, if it's large, that this is the only way to get their copies of Word to work, even though its intentionally hacking Microsoft's security measures?

Re:Activation code won't change anything (1)

caduguid (152224) | more than 13 years ago | (#375748)

Ballblazer. WAY fun.

Nothing to worry about! (5)

djrogers (153854) | more than 13 years ago | (#375749)

According to the article, "a Microsoft spokesman assured [the author]" that mundane upgrades wouldn't cause a problem. Whew! We can all rest easy, because we know a Microsoft spokesman would never mislead a member of the press....

Re:Activation code won't change anything (2)

Ig0r (154739) | more than 13 years ago | (#375750)

They have millions of people vendor-locked using copied software that they didn't pay for.
Now MS starts charging with no easy way around it, and those millions will start paying.

They aren't worried about anything but making more money.

--

WinXP crack (1)

DEATH AND HATRED (158846) | more than 13 years ago | (#375751)

1: Disconnect from any network
2: Start the install, but dont use dynamic update
3: After installation and on first boot, dont set up your internet connection when it asks. Click on next, or skip - the wizard will crash when you click next
4: Click Start/Run and type:
regsvr32.exe -u regwizc.dll
5: Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\Cu rrentVersion change RegDone to -1
7: Open up Internet Exploder. Open the Tools/Internet Properties, and change your home page to something that isnt Microsoft or MSN.
8: Reboot and before windows starts up, plug in your network connection.

Re:Activation code won't change anything (1)

crotherm (160925) | more than 13 years ago | (#375753)

Yep, I remember my brother bringing some C64 games home from school that were not released yet. One was a game from LucasArts or Lucasfilms. It was a 3D soccer-like game were two people drove a car and had to shoot the ball into a moving goal. FUN.


--Don't mind me, I just spent the last 2 hours in alt.beer

Re:Oh great. (2)

InfinityWpi (175421) | more than 13 years ago | (#375755)

'Innocent until proven guilty' is a maxim that only applies to the justice system. As a corporation, MS is free and clear allowed to do this.

If you pay money for it, feel free to complain. If you don't plan on paying for it, then nobody cares what you think.

From the Register (1)

the_other_one (178565) | more than 13 years ago | (#375758)

In this article [theregister.co.uk] in The Register [theregister.co.uk] It is mentioned that this is a one time registration. The OS is not going to regularly phone home to check the registration.

Once a cracker has gotten access to your Hard Disk he/she could probably change the registry to indicate that the product was unregistered, however, del *.* would save time. If anyone gets that far then you probably have bigger problems then the Product Activation feature.

By the way less than 24 hours after the release of WinXP 2446 the Product Activation has been cracked.

I'd like 5 billion keys, please! (1)

hal200 (181875) | more than 13 years ago | (#375760)

Why not simply collect (or figure out how to randomly generate) a number of hardware 'fingerprints', and write a daemon which continually (at regular intervals, of course...we don't want to paralyze the system for the customers who need the codes) submits requests to the Microsoft servers...Eventually, those servers will blue screen, or exceed the total available data storage capacity of the universe (Ok, eventually could mean a REALLY long time)

And, it's not EXACTLY a DOS attack...I mean, the service provided by the system is to release activation codes...you're simply requesting a large number of them. You're using the keyservers for their legitimate purpose. Sure, you're just forwarding the codes to /dev/null, but that's inconsequential at this point.

If they ask you why you're requesting so many activation codes, tell them that re-installing Windows /Office XP is your personal hobby. ;)

Also, what happens if some dark, evil, nefarious, nogoodnick hacker (the really bad kind, the kind that kick puppies) just HAPPENS to be running a packet sniffer between me and MS, and then publishes my key on the big, bad, scary Internet? Will MS-Lawyers bust down my door, and force me to read the EULA? I don't think I could stand that! ;(

What about VMWare? (1)

sunset (182117) | more than 13 years ago | (#375761)

So if the OS and other software is keyed to the machine, you can defeat the copy protection by using a virtual machine. It's already a pretty handy way to back up and share a complete installation, without the hassles of platform dependency.

Microsoft's new tactic will give their users yet another reason to install products like VMWare, and host it with an alternative platform such as Gnu/Linux.

Re:Reinstalling WON'T require activation? (2)

SubtleNuance (184325) | more than 13 years ago | (#375764)

how could Office possibly know that I already have an activation code

It will just go into that MBR of your HD that no-one but M$ should have code in there anyway.... ?

Siemens uses the 'key' in the MBR trick for its PLC dev. software... virus scanners used to kill it all the time.

Re:Actually, you are _already_ in trouble ;) (2)

SubtleNuance (184325) | more than 13 years ago | (#375765)

already sending sensitive information away

I once tried the "windows update" feature on my sisters computer - as the system was analyzing the PC for packages etc, a text box appeared: "Microsoft is Analyzing your Computer to create a set up updates for your system. No information is being sent to Microsoft" (or somesuch). I nearly fell down laughing. They could be sending M$ my fucking email for all I knew! I couldnt believe it.. funny thing is most sheeple would think 'oh-ok - I dont mind then..."

Intel (3)

SubtleNuance (184325) | more than 13 years ago | (#375766)

Does anyone know if Intel has 're-enabled' the UID in its CPUs in the P4?

Wouldnt it be nice if they could track exact CPUs....

What a fiasco this is going to be...

"Legal" cracking (2)

Mikeytsi (186271) | more than 13 years ago | (#375768)

I for one, am going to buy a legal copy of "XP" (shudder, someone tell MS to get the D&D'ers out of marketing!) and then crack the authorization.

Why? The big reason is that this kind of stuff pisses me off. It's a real hassle for me to have bother with calling the nimrods at MS tech support (speaking from experience, I used to work in PSS) every time I make a "major" hardware change, (which is often), and prove to them that it's a "legit" copy. I fdisk and reformat every 2 or 3 months for God's sake! If they have a problem with that, whatever.

What is it with calling it Windows XP? What's next, Microsoft Outlook +3, trojan-slaying? (It's not a memory-leak, it's a "bag of holding"!) Where does the madness end?

techrepublic.com is not any-browser compliant (2)

TrumpetPower! (190615) | more than 13 years ago | (#375773)

Below is a note I just sent to webmaster@techrepublic.com:

You might be aware that Slashdot just linked to one of your articles--if
not, have a look at http://slashdot.org/ and your server logs.

Slashdot, if you don't know, is one of the most popular news/discussion
sites for ``nerds'' and others with an interest in the tech community
and industry. It's given rise to the verb, ``to slashdot,'' which refers
to something akin to a denail of service attack when thousands upon
thousands of Slashdot readers attempt to view a page that is mentioned
on Slashdot.

If your servers can handle it, being slashdotted is a wonderful thing:
you get an astounding boost in traffic from an extremely savvy,
knowledgeable, and often influential crowd of people. If your servers
can't handle it, it can be a bit of a nightmare, of course.

While it would seem that your servers can handle the load, your site
expressly can't. Your insistence on only allowing people using the
latest browsers from Microsoft and Netscape is all but guaranteed to
royally tick off a significant portion of Slashdot readers--not to
mention, potential readers in general. Slashdot readers, in particular,
are likely to use Linux, one of the BSDs, or some other Free operating
system. I, for example, attempted to use the Konqueror browser under
FreeBSD to view your site. I had had Konqueror running continuously,
without quitting or crashing, for about a week...until I tried to view
the article despite your warning. Congratulations, yours is the first
site I've viewed (amidst some very heavy viewing) which has ever managed
to crash the latest version of Konqueror.

By designing your site in such a way, you are satisfying your own ego
(by producing what's probably an attractive site) at the expense of your
potential audience and your advertisors. Is it really worth it to use
the latest gee-whiz doohickies and, in turn, post a giant "GO AWAY! WE
DON'T WANT YOUR MONEY! YOU ARE STUPID AND PRIMITIVE!"
sign to everybody who doesn't march in lock-step with your idea of
which browser/platform is best? You might think so, but I doubt
your boss or your advertisers do.

There are two sites which you, as a Web designer, must know inside and
out before you create another page: http://www.anybrowser.org/campaign/
and http://www.w3.org/. The first has information more information about
why it's not a good idea to insult and lock out your potential
audiences; the second is the repository of the official defintion of
HTML.

Sincerely,

b&

TechRepublic == MS fanzine? (2)

sulli (195030) | more than 13 years ago | (#375777)

Did anyone else notice that TechRepublic is giving MS advice on avoiding bad PR rather than asking MS to forget this stupid feature-not-a-bug?

No major problems? (2)

achurch (201270) | more than 13 years ago | (#375779)

As much as I like to bash Microsoft, I can't see any significant problems here. It appears, from reading the article and the Microsoft info, that this "product activation" will only need to be done once, and once it's activated, that's it, end of story; there's no "connect to Microsoft every time and verify the code" (imagine how frustrated that would make modem users). As far as surreptitiously transmitting information, I can't see any way to do that through this code, at least as Microsoft describes it; at worst, you could have your DNS corrupted or packets intercepted, and someone might be able to find out what country you were in or how many computers you have. And if that bothers you, you can always do the registration over the telephone and cut out the network part entirely.

As for destroying the activation info, I don't doubt that sooner or later a virus will come out that deletes that info, but at worst you'll just have to activate the software again. And keep in mind also that killing the activation code doesn't mean you suddenly can't use the software any more; you can make use of the free trial period while you get the re-activation done. (Actually, depending on the implementation this might require a reinstall, but...) Yes, you'd lose some working time, but it wouldn't be too much worse than Melissa, I imagine.

--
BACKNEXTFINISHCANCEL

Re:No major problems? (2)

achurch (201270) | more than 13 years ago | (#375780)

I frankly think this activation scheme will last until exactly that happens, and then either users will get so pissed off that Microsoft will get rid of the activation code entirely, or they'll release a "temporary workaround" to make the software work without activation, which of course is as good as the same.

Well, one can't blame them for trying, I suppose...

--
BACKNEXTFINISHCANCEL

dont support it (2)

benshutman (202482) | more than 13 years ago | (#375781)

i have been using windows since i started with computers, use it now. i am an ASP, mssql etc programmer. However, i believe in the motto "you vote with every dollar you spend" (or in *nix's case, dont spend hehe) i have always been interesting in linux and open source, but never enough to do anything serious with it. however, i will not give in the xp bullshit. there is absolutely no reason i should not have complete control over my PERSONAL computer. so, my next upgrade will be to linux. welcome me aboard.


NEWS: cloning, genome, privacy, surveillance, and more! [silicongod.com]

Dealing with the Death of Companies (2)

Cerlyn (202990) | more than 13 years ago | (#375782)

The fundamental flaw I see with product activation schemes is when a company goes under. Unless they manage to make a "registration disabler" before they close, products installed after a company shuts its doors may never function.

I have yet to see a company mention how it plans to deal with this situation, no matter how uncomfortable it might be. Personal computers from the 1980s still work in my house; I see no reason for my current computer to fail due to non-installing software in 2020.

Massive DoS invite...? (1)

DanEsparza (208103) | more than 13 years ago | (#375783)

"If I, as a home user, am forced over the course of a year to reinstall XP five times, and MS refuses me a sixth code...."

Call me crazy, but isn't this inviting a massive DoS attack? If I happen to activate this code enough times over a few hours, what's going to happen to the poor saps who are waiting to activate their copy of Windows?

From MS's own site - http://www.microsoft.com/presspass/press/2001/Feb0 1/ProdActFS.asp [microsoft.com] - "Customers are not required to provide any personally identifiable information. Activation over the Internet takes just a few seconds; activation by phone through a Microsoft customer service representative takes just a few minutes. "

I can hear the hacktivists crashing through the gates now, Mr. Gates...

-----------------------------

Someday, I hope to live in a world

Oh great. (1)

graveyhead (210996) | more than 13 years ago | (#375784)

This is the first I've heard about this and I think it is amazing that MS can be this facist. This essentially assumes everyone is guilty, and then contacts MS to verify that they're not. In the article, dude goes to great lengths to describe how convienient and easy activation will be, but glosses over the individual rights argument entirely.

Re:Reinstalling WON'T require activation? (2)

skoda (211470) | more than 13 years ago | (#375785)

I understood that as saying that you won't need to acquire a new activation code. You'd use the one you already have.

Presumably, at some point, if you replace enough hardware, or install to a new machine, you'll have to get a new activation code. And then the MS database will scream bloody-murder because you already were given a code, and then you'll have to talk to someone and convince them that, no, you're not a pirate, you're just installing Office on a modified/new computer.

At least that's how I understood it.
-----
D. Fischer

Re:Dealing with the Death of Companies (2)

skoda (211470) | more than 13 years ago | (#375786)

But this is Microsoft. Since they'll never fail, this is a non-issue.

:)

-----
D. Fischer

Re:I think this guy is missing the point on privac (1)

man_of_mr_e (217855) | more than 13 years ago | (#375792)

Ummm.. all you need to do is port scan to find Windows users. Why would a list of IP's be worth anything? I could generate such a list easily enough, not to mention that things like dynamic IP addressing, NAT, Firewalls, etc.. mean that an IP is often times worthless as a way of identifying someone unless you have a search warrant to retrieve logs from your ISP.

Man, people.. *THINK* before you jump to wild conclusions about how this or that is such a horrid security or privacy violation. This information is freely available from thousands of differnet sources.

Re:It won't last long... (1)

man_of_mr_e (217855) | more than 13 years ago | (#375793)

No, that's not it at all. MS knows it will make it's way onto the web, and quickly at that. It's just that the vast majority of "casual" pirates either don't use the web, or use it rarealy and wouldn't be able to find a crack, if they even knew one existed in the first place.

Re:Activation code won't change anything (1)

man_of_mr_e (217855) | more than 13 years ago | (#375794)

Why does everyone always take the extremist view? "It won't completely stop piracy, so why bother?" "Not EVERYONE will buy it, so why bother?" "It'll be cracked in no-time, so nobody will buy it, why bother?"

It's not an all or nothing prospect. Even if 10% of the people that casually pirate go out and buy it because of the new antipiracy crap, that's still a big gain in revenue.

One might argue that they might lose as many paying customers who don't want to deal with it, but I doubt it. Few people stopped buying PIII's over the Processor ID, Intel just got tired of dealing with the vocal minority that kept making a big stink.

Re:It's an Interesting Question (1)

man_of_mr_e (217855) | more than 13 years ago | (#375795)

You're basing your argument on invalid data.

You don't have to connect to the net to activate. MS will have a toll-free number to call to activate as well.

Re:Activation (1)

man_of_mr_e (217855) | more than 13 years ago | (#375796)

Geez man, the article is *CLEARLY* false. Anyone who "worked for MS" and had enough inside information to know about this "clandestine" feature, would also have enough knowledge to know that you can't just disable RPCSS without breaking virtually everything in your system.

So, by the fact that the author of the letter suggests disabling the service, they're admitting that they don't know enough about the OS to know that you can't do it, therefore admitting that they don't know enough to know about any such alleged plot.

So please, do us a favor and stop spreading things like this. This is how false rumors quickly become "fact" reiterated by thousands of people (like the Windows 95 regwizard that steals your product information without your knowledge).

But, to address your point, even the DMCA does *NOT* give MS the right to violate your privacy, and if they were doing this, they would be liable to massive civil rights lawsuits. MS isn't that stupid.

Re:Activation (1)

man_of_mr_e (217855) | more than 13 years ago | (#375797)

Also, you don't have to tell MS who you are to activate the product. You just tell them what country you're in. If you're paranoid enough to think they might trace your IP, call from a phone. If you're even more paranoid and think they might trace your phone number, simply call form a pay phone in another part of the city.

Geez.

Re:The worst part for Microsoft... (1)

man_of_mr_e (217855) | more than 13 years ago | (#375798)

Please, read the process before jumping to conclusions.

1) You have 30 days to activate the product from the time you install it. If you are reinstalling eveyr 30 days or so anyways, you have no reason to activate in the first place.

2) Because you have 30 days to activate, that gives you plenty of time to call MS whenever it's convenient for you.

Re:Privacy vs. Piracy (1)

man_of_mr_e (217855) | more than 13 years ago | (#375799)

They don't have the exact same hardware ID's. There are lots of unique ID's, even on identical hardware. For instance, Network cards have a unique IEEE mandated ID, Hard drives have serial numbers unique to the drive, if you have a PIII with processor ID enabled, that's another, etc..

Re:Actually, you are _already_ in trouble ;) (1)

man_of_mr_e (217855) | more than 13 years ago | (#375800)

Exactly. Everyone is bitching that this could be used to track you. Well, guess what? If MS *REALLY* wanted to track you, they could do it without you even knowing about it.

They have no reason to implement such a public policy and get everyone riled up for something they'd want to keep secret and clandestine.

This leads to the inescapable conclusion that maybe, just maybe, this isn't a nefarious plot to steal your credit card information or figure out if you've got illegal pr0n, but it's really what MS says it is. They have much easier methods to do anything more sinister.

Re:Reinstalling WON'T require activation? (1)

man_of_mr_e (217855) | more than 13 years ago | (#375801)

Ok stoopid. Automatic means, you still enter the CD-key. The activation wizard goes out and sends them your hardware hash. If it's the same, no problem, it activates autmotically again without problem. If your hardware has changed, then it compares it to your allowed number of different hardware activations, and if you've exceeded that, then you have to call MS and explain. The phone jockeys don't have to get approval or anything, they can give you the key over the phone if you tell them "I've upgrade my hardware 3 times in the last year and reinstalled". No big deal.

Re:Pointless (1)

man_of_mr_e (217855) | more than 13 years ago | (#375802)

This isn't about suing people. MS can't sue everyone, or even a tiny percentage of everyone that pirates. This is simply about preventing them from pirating in the first place.

Re:It won't last long... (1)

man_of_mr_e (217855) | more than 13 years ago | (#375803)

I didn't say that, so stop putting words in my mouth. In fact, I gave them the benefit of the doubt by saying that only 25% of the users would go and buy it, 75% would either find a crack or not use it in the first place.

Re:It won't last long... (2)

man_of_mr_e (217855) | more than 13 years ago | (#375804)

You're looking at this from the wrong angle. MS isn't trying to stop professional pirating with the activation method.

They're trying to stop Joe Sixpack from giving his CD to his friend to install, or to stop a small company from buying one copy of Office and installing it on 20 machines.

Sure, you can find a crack somewhere on the web, but the vast majority of casual copiers aren't going to be that resourceful.

Even if it reduces piracy by 25%, it's still a lot of money for them to recover from people that would otherwise buy it if they couldn't just use their friends CD.

This isn't saying I like activation, just that it's not trying to accomplish what you claim it is.

Re:Activation code won't change anything (3)

man_of_mr_e (217855) | more than 13 years ago | (#375805)

Crackers are responsible for very little of the vast majority of piracy. The vast majority is casual, where most people don't even realize they're breaking the law ("Hey jim, can I borrow your Office CD for a few minutes?").

Sure, any protection will be cracked almost immediately, but very few people (compared to the people that use Office) will know how to get those cracks, or will be scared that MS will know that they've cracked it. (That's the real purpose, to scare people into complying, not whether the damn thing works or not).

Professional pirates will find ways to defeat it, and there isn't a lot any company can do about that.

This is a lot like putting locks on your doors. Any professional thief can bypass them. They even sell machines to do it automatically for people to use with little to no skill, but it keeps the vast majority of people from just walking in and taking what they want.

The worst part for Microsoft... (1)

Spackler (223562) | more than 13 years ago | (#375806)

Most of the people who are installing MS operating systems multiple times, are the ones that newbies look to when they have a problem. I've reinstalled NT server at home at least 20 times. Not because it had problems, but because I was testing different things. Sure, I paid for my copy of NT server, but I'll be damned if I'm going to keep tossing Bill Gates money just so I can answer peoples questions. If I need to call MS every time I am reinstalling (usually at 2am), the software will be useless to me. My ME (which I tested for 2 days) was bootleg, but I only tried it to be able to answer questions (my answer was "don't").

Here is my answer to Microsoft: Go ahead. Put this new registration scheme in place. Nobody will buy this, because nobody will be able to help new people. Meanwhile, as you make it harder to use your product, Linux takes over the desktop as well. Please explain to me where your profits will be then? (jerks)

-Spackler

Re:No major problems? (1)

boskone (234014) | more than 13 years ago | (#375810)

What happens if a virus does delete the activation key from many (think hundreds of thousands) computers at a time? Is Microsoft scaling their registration servers to handle this (with the same forward looking architecture as their old DNS structure?)? I think this product release will push me to 100% Linux/Solaris computing...

Best informed, "new" machine and .NET (2)

Codeala (235477) | more than 13 years ago | (#375813)

IT professionals are among the best informed and most sophisticated of all Microsoft's customers.

Really? Too bad you don't know some of the MSCEs I have meet. (Start with joke, checked :-)

But seriously, it is not very clear how the "Microsoft Activation Center" is going to work. For example if I call them up and tell them "I have complete overhaul my computer please give me the new code", but the truth is I've just install it on another machine. Or if it helps, build the second machine with some parts from the first one. But how are they going to know the difference? Come to my home and take a look?

Maybe there is a way to disable the old code remotely? Of course you can get around this by not connect that machine to the net. But what this is really about is this:

If you read the last question on the Microsoft Product Activation Q&A [microsoft.com] , they finally mentioned .NET. I think the only way to really enforce this code is to have a OS/software that are completely useless unless you connect to a .NET server. That is where they can really monitor if a activation code is being used from different machines/locations.

BTW I hope you know that M$ can already "read" your W2K reg number when you visit their site, without actually submitting anything. Try getting windows updates from the MS site directly for with a machine using a special/cooperate license.

====

Re:Linux (1)

ybmug (237378) | more than 13 years ago | (#375814)

Many home users never actually upgrade their OS themselves. Many only get a new OS when they get a new computer and it is installed already on it. This is how they have built a userbase. The people that are actually concerned with upgades are 1) businness (at least some) and 2) powerusers.

Question (1)

Beowulf_Boy (239340) | more than 13 years ago | (#375815)

Does this activation code thing allow you to install the same verion of windows, on the same machine, more than once?
Such as say, you install Linux, then put Windows back on?

XP encourages users to switch to Linux (1)

palmer (243102) | more than 13 years ago | (#375817)

Windows XP is going to encourage users to switch to Linux & MacOS. It has nagware, intelletcual 'property' protection schemes, and MP3 ownership verification. And if they don't switch to Linux, they'll end up installing cracks to disable the "features" M$ put in to prevent copying.

Crack already out (1)

DaHat (247651) | more than 13 years ago | (#375819)

A friend of mine down the dorm hall from me has been playing with Whistler for a while now, since he got a copy of it with the authorization built in he's found a crack for it. In fact the latest version of Whistler/XP that he's been using has it pre cracked so that when it says you must contact Microsoft for the code, all you do is hit OK and you are done. Just like with CD checks for games, as soon as a new patch comes out for the game, someone comes out with a way to prevent it. Yea such a thing is against the DMCA, let em find me and sue me. I call it fair use.

Re:Activation code won't change anything (1)

XO (250276) | more than 13 years ago | (#375821)

The odds are pretty good that it will be out before the software is GA, anyway. That happens a lot within the pirate circles. 0-day and less warez are the coolest thing, and have been since the days of the Commodore 64...

Re:Reinstalling WON'T require activation? (2)

baptiste (256004) | more than 13 years ago | (#375823)

I had to deal with one of these "get a new activation code on each install" with a quota package we used on NT. Needless to say we had to rebuild our server a few times over the years and this was VERY annoying. Constantly having to call the main office to get a code - waiting a day or two to get it.

But beyond that, I say when this comes to pass, we reinstall windows monthly :) Heck you practically have to do it every 6 months anyway and given the advances in hardware, you are usually on new hardware anyway - might as well make them hire tons of phone staffers to give out codes :)

--

What's the difference? (1)

TheSHAD0W (258774) | more than 13 years ago | (#375825)

MS claims that this will prevent casual piracy. I don't see the difference in "convenience" between finding a serial # for software on a pirate site or a crack for MS's code. Why would MS add such a sophisticated yet ineffective scheme to their software? Is it a plan to collect information about what software people use?

I think I'll get a pirate copy of every piece of MS software I use -- even those I purchase, or receive free with the machine. Then I'll at least have some privacy.

Re:dont support it (2)

CaptPungent (265721) | more than 13 years ago | (#375827)

Wow, I thought that this mayhappen once people got wind of this (or just put all the peices together) but I seriously doubted it. Guess I may be wrong.

Well, welcome to Linuxland, fasten yr seatbelt and invest in some patience, since you have been using Windows all this time, there are some adjustments you have to make. And a lot of re-installing and tweaking. Don't get me wrong, I've been using Linux for over a year, I started on Slackware and thats where I still am (I've tried most of the major distros), and I absolutely love it. But, I am not such a militant anti-M$ Linux user. I still hate the company, but Win2k is actually decent (Course, its very UNIX-like), and I understand your position. Just a warning, as Tux's beauty isn't so easy to see at first. So, I encourage you to take your time, buy O'Reilly's "Running Linux" and, since you're a programmer, I suggest "Beginning Linux Programming" from Wrox Press. (Don't let the "Beginning" part scare you off. Linux is a very different beast, and you need to become familiar with the philosophy to program effectively. A good portion of Linux's speed comes from the frequent usage of shared libraries.) As for a distro, take your pick, check out the distro's sites to learn what each flavor is about, and head over to Cheapbytes [cheapbytes.com] and pick up your choice distro for pretty much the cost of shipping (or if you have a CD-Burner, download it). I wish you luck, and let us know if you have any questions.

C Pungent

I think this guy is missing the point on privacy. (1)

rahl (292047) | more than 13 years ago | (#375828)


"..but the only required data point on the product activation screen is the country you're in."

I admittedly don't know if the activation process makes you dialup to your normal ISP or directly to Microsoft, but if you're dialing up to Microsft, they now have a phone number (and all the data that they can find with that) to enter into their customer database.

And even if you aren't dialing up directly to them, they'll still have your IP. Who knows who will get their hands on that information? Can you imagine if the people who got into the Microsoft computers had gotten their hands on a complete list of the IP addresses of the users of all Microsoft products (complete with their traditional gaping security defects..).

The information average users need to be worried about isn't the information you enter into your screen. It's the stuff that they don't even realize they're giving away. On the other hand.. if it means Microsoft has a complete profile of them when they call tech support, maybe they won't care?


Privacy vs. Piracy (1)

deran9ed (300694) | more than 13 years ago | (#375829)


And you can expect a huge number of misinformed reporters to repeat the myths and misunderstandings expressed by fearful users.
Ive always expected misunderstanding, FUD, and myths about Mickeysoft products, its the way the company (MS) decides to provide clarity on what it is actually doing.

In three consecutive columns, I plan to tackle the product activation issue head-on. This week, I'll look at some of the unjustified fears engendered by this new policy. Next week, I'll focus on the legitimate concerns and unanswered questions raised by this policy. Finally, in two weeks, I'll use your suggestions to tell Microsoft how they ought to run this scheme.
Not such a bad idea to go and tell Microsoft how to address issues regarding their company, after all I'm sure their entourage of highly paid employees haven't assessed these matters previously.

First, here's an overview of how product activation is supposed to work. When you install Windows XP or Office XP from a retail CD, you'll have 30 days to contact Microsoft to get an activation code. For most users with an Internet connection, this will happen automatically. The activation process generates a "fingerprint" based on the hardware in your system and associates that with your 25-character Product ID. If you reinstall the software on the same system, you can reactivate it automatically. If you try to install the software on another machine with substantially different hardware, however, you may have to call Microsoft to get a new activation code.
So whats the big hooplah about, Microsoft wants to ensure no one is going to pirate their work. One thing a lot of people don't seem to zero in on, is Microsoft is not like the Unixes, it is not OpenSource and they don't have to answer to anyone at any given time. What if it were your program, would you feel slighted if someone stole your work and took money out of your pocket? I'm sure you would, now how would you feel if people we're ranting on because you want to make sure this doesn't happen? Why does this seem to always be a double edged sword?

Every time you reinstall Windows, you'll need a new code. R. Kinner is already prepared to join a class action lawsuit against Microsoft:
Here we go again with suits waisting tax payer dollars. Solution if the product bugs you that much don't use it.

"If I, as a home user, am forced over the course of a year to reinstall XP five times, and MS refuses me a sixth code, they are the ones breaking the commerce contract that was begun when I purchased the software."
Solution: Move away from using Microsoft products, whats the horror in this. If its so damn bad toss it.

You'll need to call MS for permission every time you replace a piece of hardware. Member PRT wrote, "It could be a nightmare if each install on the hardware generates a different key, requiring a new activation.
NOW THIS IS BS!!! and I'm glad I don't have to use Microsoft. I think MS will know the downfalls of doing this and find a better solution. (hopefully for their sake)

Re:What about code theft victims? (2)

philovivero (321158) | more than 13 years ago | (#375843)

Don't worry. Microsoft has an army of lawyers to deal with victims of pirated copies.

Probably they just castrate you and give you a new activation code.


--

Linux (2)

crustpunk (322762) | more than 13 years ago | (#375845)

People look at this as a bad thing, but the slashdot community is all about the open source community. This is our chance to attack and gain a good marketshare. People arent going to want to upgrade to Whistler because a)They're going to have to pay for it, and b)Emulating 98 inside of Win2k is going to be so incredible fast, people will have to update hardware to maintain the same speed they're used to. With IBM starting it's huge linux ad campaign, and Microsoft doing this, Linux is looking to gain a lot in the next year. All the script and warez kiddies with their pirated win98 disks are going to want to update, but not pay for it. Linux is becoming a viable game platform, so thats one group. Next, people with older hardware arent going to want to watch their machine slow down even more with this new bloated peice of crap, so Linux could be just what people are looking for. Microsoft making their system copy proof may seem like a bad thing, but really their only locking themselves out of a user base. (Even though it's the piracy base that they dont want anyway)

Re:Actually, you are _already_ in trouble ;) (1)

Spanishlnquisition (322890) | more than 13 years ago | (#375846)

When a company takes the time to remind you that they're not going to screw you, you know they're up to no good.

Article is only whatis, not hackerattack (1)

neothdoeuni (323339) | more than 13 years ago | (#375847)

The article link is a promise of vulnerability stuff next week (week? I'll have forgotten this within days).

More amusingly, the possibility of remote shutdown of someone's network using this appears to be no worse than with any other Micro$oft product. It doesn't seem to do anything more than irritate existing users.

I have the "trial" version of Office on this machine and the anonymity thing seems to be nonsense - I had a look at the packet and it clearly says "product xxx, registration key YYY", which as we all know lets them link it to anything you expose on the net. Like, say, your email address in Outleak, or the "owned by" details that most corps helpfully make you fill out with your name and so on in Word. It's a good way to provide enhanced traceability of anyone using M$ products to access the net.

And of course, sniffing those details lets you point the finger at anyone you choose. The worry is that M$ will try to claim positive ID based on this stuff, and that the id is non-copyable and secure, since forging or altering it is an offence under the DCMA.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>