Slashdot Mirror
WinXP Keygen Foils Product Activation
Bill Gates' Friend's Brother's Roommate writes: "The Register has a story on a working key generator that produces 25 valid Windows XP Product Activation Keys in a few hours. As author John Lettice summarizes, 'So the question as regards keymaking software is whether or not Microsoft has any way to differentiate between generated keys and the ones it has issued itself. If not, this generation of WPA is now surely toast.'"
Don't they have some kind of database with all the keys in it.. (after all, a lot of games out there such as anything newer by blizzard works that way)!
But fix the security hole they put in box, as well!
Woohoo! :-D
That means you probably could get 25000 keys in one hour if distributed.net was setup to do that. Even DES is harder to crack. That should tell you something about the extent of Microsoft's understanding of security issues if they can't even protect their own bread and butter correctly.
There's no way to make a crackproof piece of software. If a user has access to software, he can crack that software. Period.
:), but these keygens only work for the offline version of the game. As soon as the someone tries to use that game online, they're denied access by the game server because their genned key isn't in the database of valid keys in the field.
However, as the article notes, cracked software can be detected. No matter how good the cracker, there's little that can be done against online verification. If MS keeps a record of all valid keys, then anyone attempting to use online MS services of any kind with a genned key can be detected and denied/disabled.
This is an old trick for online games, etc. Crackers come out with keygens for such games almost simultaneously with the release of the games (or even before
So, this story has little import as far as MS' protection being faulty. I have no doubt they expected it, and I have no doubt that they don't care too much. Using Win XP w/o the ability to update or connect to certain online services safely will probably end up being more than sufficient protection from MS' viewpoint.
I was trying to decode this, but was having trouble with it until I figured out that it is in base64 encoding, not uuencode (as it appeared at first). If your Linux or Unix distribution does not have base64 installed by default, you can get it at http://www.fourmilab.ch/webtools/base64/. Thank you, Fair Use Guy, for promoting this tool.
Loneliness is a power that we possess to give or take away forever
The article makes mention of Microsoft possibly breaking illegally copied versions of XP corporate via patch in the future. They have not done this yet, and I do not think they will. Think of the public relations nightmare that would ensue if MS broke even some legitimate copies (licensed copies with wrong serials).
It has been said before, but the determined "pirate" will not be deterred by inconvenience.
I think they know its not worth their while.
By allowing me to decline their license and give me the refund they promise if I do so, I don't see why I should accept it and activate periodically.
ncftp -u xpkey -p xpkey -P 6473 24.22.15.128
#!/usr/bin/perl
.= $_; $x =~ s/[\r\n\t ]//g; } print decode_base64($x); exit 0;
use MIME::Base64; $x = ""; while(<>) { $x
Just find a copy of the license pack edition - it requires no activation. I use this at work - you can even change a whole motherboard out and it doesn't say a thing. Perfect for ghost (which is what we use it for)
What if someone using this keygen generates my key that has already been activated? It will look to Microsoft like the key-in-question is being installed on a different computer with different hardware. Then the next time I go to re-install XP my legitimate key won't work.
No, I don't want to explore the Recycle Bin.
That isn't a "keygen" per sae.. it is just a program that spits out a random, probably stolen, key.
Thanks for trying, though.
Uh, they havent started doing that with win2k, win98, winme, or any of their other products, why would they start with xp ?
The only thing even vaguely close is the ms office update that refuses to install if its running with a known bad serial number, but that doesnt disable anything.
My theory is that the damage is already done. Messing up the OS isnt going to make the person buy a real copy, it'll just make the person reinstall the same insecure pile of crap they installed in the first place, and then ms will get blamed again because stupid people dont know how to secure their illegal boxes. It's in Microsoft's best interest to let people with stolen versions update their OS, so if nothing else, they dont have software pirates spreading things like Nimda.
Video for Online Dating Profiles
Now there's two copies of WinXP out there with the key, one of them bad. Simple solution, right? First guy to use the key is legal, second guy is the pirate. But wait - suppose Joe Script-Kiddie gets the key and installs a pirated WinXP before Joe Sixpack gets home from Best Buy. Now the situation is reversed, since the first guy is the pirate. And I doubt that any serial number database MS would set up would have something so obtuse as where each individual copy of Windows is sold - it would defy logic to think that the serial number of every copy of Windows is tracked with that copy's physical location. So you can't really sort out who bought Windows legally, and who's installing with a bogus key. Sounds like a tough nut for MS to crack - well, tough shit.
But what does my opinion matter, I just vote here. It's not like I have any money or anything.
Are you sure posting this is a good idea? Now Slashdot is a distribution channel for illegal circumvention devices, which is a terrorist act.
They'll be coming after YOU next.
Welcome to the 21st century.
waiting for the 4-line Perl version.....
Nice theory. Too bad it runs afoul of one inconvenient fact: the copies of WinXP in use in most companies do not have WPA in them at all. Only the retail versions get the activation, OEM and Enterprise-license copies are essentially pre-activated or don't require activation.
It was cracked. Big deal. Everyone is saying "Now we can use this and won't have to register it with MS!" or "They probably have an archive of keys and can see the fakes, who will then be arrested!"
No. Here's what I say: So what?
Great, it's cracked. You know what? The number of people who will wind up using the crack is probably insignificant to MS.
Newsflash! There have been anti-activaition cracks from day one with more efficiency than this. How about the cracks that allow you to never register? How about buying a version of XP Pro that doesn't require activation (Corporate(expensive) or Academic)? How about pirating one? I looked on hotline the day of XP's release and there were already several servers claiming to have the Corporate Version of XP Pro.
To top this all off, how many people will really use this? I'll give you a hint: proportionately few. The vast majority of people who will upgrade to XP either don't know or care that there is a hack, or are businesses that have to have legitimate software (activation and all). Well, I suppose they don't have to, but most businesses consider it a good idea.
So that's my thoughts. It's cracked. It's a great feat and all, but the number of illegal copies of XP isn't going to suddenly, dramatically surge.
and then you can protect the whole shebang under the DMCA.
Right now, it's not illegal for someone to make a key generator, it's just copyright infringement to use it *for a pirated copy*. Presumably it's legal to use the key generator to activate a legitimately purchased copy of XP.
But by including a movie clip and citing DMCA, the mere act of writing a key generator becomes a crime.
The living have better things to do than to continue hating the dead.
I bought Sierra's "Tribes 2" game a number of months after it originally came out, and when I went to register and sign into the online portion of the game for the first time, it came back with a message that I was using a pirated CD key! Considering I had just brought the game home from Electronics Boutique and read the key off the back of the shrinkwrapped case, I figured this was unlikely.
Eventually I got in touch with Sierra and they had me fax them a photocopy of the store receipt and the back of the case clearly showing the CD key (which was a bitch since I don't have a copier). Within minutes of doing so I was back in business. I can only assume Microsoft has a similar policy, where if you can prove ownership, they'll unblock your key.
Rock over London, Rock on Chicago. Wheaties: Breakfast of Champions.
Good god, who here ever thought WPA was going to stop the pirating of MS software?
*prolonged awkward silence*
Yeah, that's what I thought.
You posted the wrong keygen.
about this one they are talking.
here it is:
--snip--
UEsDBAoAAAAAANZ6TiwAAAAAAAAAAAAAAAA5AAAAc29mdHdhc
--snap--
base64-enc, some
greetz,
deucalion
To: Bill Gates, Chief Software Architect, MSFT
From: XP Activation Team
Sir, the XP Activation team would like to sincerely apologize for today's unfortunate occurence. In order for you to better understand exactly why this happened, we would like to outline the following sequence of events:
1) Per the mandate from Sales and Marketing, every single machine on the Redmond campus has been upgraded to XP, including the XP Activation servers. (By the way, we would like to congratulate Procurement on the expedited delivery of ten new servers - while traffic has not substantially increased, our ability to process requests seemed to require additional hardware after the upgrade. Technical Support has informed us that nothing is wrong with the XP system itself, they believe our code is not optimized so we are investigating this issue).
2) In response to the recent posting of a so-called "XP key generator" by the Rebel Alliance, we turned on the "UnauthorizedKeyLockDown.asp" page that you designed, wrote and had us install right into the production Activation servers.
3) Immediately after turning on the module, all valid Activation and Authorization requests were denied while all invalid requests were approved. We are attempting to trace the source of this problem - we currently have it narrowed down to the "UnauthorizedKeyLockDown.asp" page. As this page contains over 10000 lines of code, we have yet to identify the root cause of the problem.
4) Additionally, it appears that once an authorization request is denied, the "UnauthorizedKeyLockDown.asp" page locks up the requesting computer, forcing it to display an animated glove which proceed to make several inappropriate gestures and repeatedly shouts "Die OpenSource scum!!!"
5) Becuase the XP Activation servers actually run on XP, they attempted to authorize themselves - while normally this request is approved, please see item 3 above.
6) The XP Activation servers responded correctly to the UnauthorizedKeyLockDown commands. Nor can they be unlocked until they can access a functioning Activation server. All valid authorization attempts from any client continue to receive the UnauthorizedKeyLockDown commands.
7) Our machines are now among the several thousand computers affected across the campus.
8) While several suggestions have been made on how to remedy this problem, all of them have procedural or policy issues for which we are waiting a response from Legal. For example, can we downgrade the XP Activation Servers to Windows2k? Our license agreement specifically forbids this, so we would need a waiver. The same thing is true for trying to use an invalid key - we have strict no-piracy policies which we have not been able to obtain permission to workaround.
9) At this point, we have no estimated resolution for this issue. Because we already have an open issue with Technical Support (see 1 above), they are unable to provide any further assistance until that issue is closed, which we are unable to currently accomplish (see items 1-8).
Please provide us with some guidance on how to proceed,
Sincerely, the XP Activation Team.
Initiating karma burn in 3...2...1...
:)
Minimum wage is supposed to be a learning wage, not a living wage...
You're an arrogant little cock, aren't you? Pardon me while I feel bad that you're paying an extra dime or two for a fucking hamburger while somebody else slaves away earning billions for somebody else, while they themselves earn only enough to pay for maybe half of their living costs. There's some half-witted retard two posts down or so that thinks that without welfare, we wouldn't have a recession - this, despite the wage-slaves at the local Mickey D's probably aren't on fucking welfare...they have jobs, after all and you, who apparently doesn't think that everybody in this country deserves a livable wage. Isn't that why people came to America, to get out from under the thumbs of the ruling class and find a way to make a living, despite (horrors!) maybe being somewhat behind the curve? Equality of all humans means jack shit to you, does it?
--Begin wanton flamage--
I guess it's just not good enough for you, Oh Mighty Fast-Food Devotee. But we all see right through you, you fucking prick: all the "hard work" and "education" you do (and that your mommy and daddy probably pay for anyways) will never allow you to grow up enough to help out somebody who's on the skids, or is just trying to make their way through this fucked-up world. Your own life is so pathetic that you have nothing better to say about those "below" you than gripe about their existence on subsidence wages in this, the greatest country in the world. Well fuck you and the horse you rode in on, dickhead.
--End wanton flamage--
Besides, numb-nuts, you're not subsidizing the guy for whom a house and car is "enough" (like not being a bitch of consumerism is a bad thing...) - you're subsidizing the three-piece suit who runs the chain. Remember that, next time you feel self-righteous when purchasing fast food. Jackass.
Karma burn complete...
Eh, what the hell, it was worth it.
But what does my opinion matter, I just vote here. It's not like I have any money or anything.