Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Key Leak Threatens Mass Piracy

Posted by ryuzaki0 on from the red-hat-is-looking-for-their-key-too dept.

lou_soyur writes "A key code for installing Microsoft's Windows Server 2003 has leaked onto the Internet. Rampant piracy sure to follow fears Microsoft, so it's a safe assumption that their lawyers "would scour the Internet looking for the leaked code". The joy of closed source security at work."

4 of 597 comments (clear)

  1. Re:A single key? by DJayC · · Score: 5, Informative

    There are probably ten or fifteen leaked keys by now. Finding Windows keys isn't difficult, and never has been. Why is this news?

    I think the reason why this is such a big deal is because, if you read the article, it is a key that can be used to install Windows Server 2003 WITHOUT activating it on the internet. It is a multi-license key usually given to system builders and the like. I think Microsoft is correct in stating that this will lead to more piracy since the key can be used on an "unlimited" amount of machines.

  2. First Pirate Post! by teamhasnoi · · Score: 5, Informative
    YAR! Shiver me timber!!

    Only a scurvy dog would run the likes of this barnacle cover OS, yar.

  3. Re:Missing Link by Anonymous Coward · · Score: 5, Informative

    According to serials.ws (mind the porn popups):

    Windows 2003 GER Server Full

    Added: 2003-04-04

    C4C24-QDY9P-GQJ4F-2DB6G-PFQ9W

    Badonkadonk.

  4. Some additional history and details by nachoboy · · Score: 5, Informative

    In the land before time, or rather, the world of software before Windows XP, Microsoft OS's didn't require activation, but they did require CD Keys. Mostly this was a fiasco as ANY legitimate cd key could be used ANY number of times for that version of the software. Many will remember the NT4 days and the ever-popular 111-1111111. Microsoft got smarter for Windows 2000, but not by much. The not-so-easily-forged 25 character cd key introduced with Windows 98 was used, which at the very least prevented people from making up cd keys. However, it was soon discovered that with a simple change of no more than TWO characters to an easily-editable text file, the cd key requirement could be eliminated! Toss those keys away! This one made it super convenient to install Windows, and the piracy raged on. This hole is still wide open, even with the latest service pack.

    Microsoft did start wising up, however. Summer of 1999 saw the first ever "activation" efforts implemented in Microsoft Office 2000 in certain markets, notably US education, Australia, and New Zealand. This was a successful pilot program and with the release of Office 2000 SR-1 in summer of 2000, all retail versions of Office 2000 incorporated this technology (known back then as "registration.") This, too, however, was quite simple to defeat using a corporate install feature normally reserved for large-scale deployments.

    The release of Windows XP saw another big step forward for Microsoft's anti-productivity tools (excuse me, "anti-piracy efforts"). Same 25-character cd keys, but you have to "check in" with Microsoft to verify you haven't handed the key out to 25 of your closest friends. Windows XP activation is actually quite a bit more lenient than most people realize... you can change a significant amount of hardware and not be forced to reactivate, and the biggest secret is that if you don't check in with MS Activation servers for a period of 4 months, they'll wipe your history clean and you can activate anew with ANY hardware configuration. Enough room for even the heaviest geek to make all the changes he wants.

    Once again, however, product activation was easily defeated. It wasn't long (well before the retail release for that matter) before someone got ahold of a corporate copy (no activation required) and let it loose on the net. The biggest change with Windows XP was that the difference between retail and corporate versions was a whopping 10 files, including one that was almost 13 MB. Not so easy to make your retail copy activation-free, but it can be done. The ramifications were clear: there was to be no more swapping of retail and corporate keys. It was too easy for Joe User to find a few characters on the net and defeat all the anti-piracy efforts MS had spent months developing.

    And here's where we connect with the article. First of all, cd keys to install Windows Server 2003 have been out since before it was originally posted on MSDN (which, by Microsoft's own admitting, was less than 4 hours after RTM). The problem was, all those cd keys were from retail distributions which required activation. Yes, a "reset" patch was quickly coded which virtually made the activation requirement non-existent, but these things have been known to have been "corrected" in service packs. The public was clamoring for a "corp" release, which would eliminate the activation altogether. Insiders had access to the corporate release but it was worthless without a key... a key somebody was probably going to lose their job for if they divulged it. Almost a week went by, and then early yesterday morning, a key was located and the corporate release has been forthcoming. This wasn't the first key and it's not the only key, but it is special in that it is the first "volume license," or "corporate" key to be released.

    The article fails to mention that the key MUST be matched with a corporate release. Once again, the unique files from retail and corporate editions are about 13 MB, but those files can be found on the web in