Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Key Leak Threatens Mass Piracy

Posted by ryuzaki0 on from the red-hat-is-looking-for-their-key-too dept.

lou_soyur writes "A key code for installing Microsoft's Windows Server 2003 has leaked onto the Internet. Rampant piracy sure to follow fears Microsoft, so it's a safe assumption that their lawyers "would scour the Internet looking for the leaked code". The joy of closed source security at work."

124 of 597 comments (clear)

  1. Closed source security? by wing.app · · Score: 5, Insightful

    I don't think leaks have anything to do with whether it is open or closed.

    1. Re:Closed source security? by Indras · · Score: 2, Insightful

      If it was open source, there would be no key code. That's the point.

      --
      The speed of time is one second per second.
    2. Re:Closed source security? by wing.app · · Score: 3, Insightful

      What about an enryption key?

    3. Re:Closed source security? by wing.app · · Score: 5, Interesting

      bleh. encryption. I mean, what if to use a key, a distribution put something like a modified GPG. and you had to put a key which would translate into a real key that the OS would confirm and install.

    4. Re:Closed source security? by thomasj · · Score: 5, Interesting

      What if FSF GPG private key leaked? Would that be nice?

      --
      :-) = I am happy
      :^) = I am happy with my big nose
      C:\> = I am happy with my OS
    5. Re:Closed source security? by evil_one · · Score: 5, Funny

      I'm sorry, but that's just too funny. I snorted coffee out my nose when I read that.
      Can you imagine posts to LKML digitally signed by RMS reading something like "ph33r /\/\Y 1337 HuRD 0f GNUs!!! LOL ROFL"

      That said, The key that has been leaked isn't that big a deal to pirates, it just makes it less dificult to do the initial installation. Nat a big deal. Windows ME & 2000 pirate releases usually have a binary patch to the installer so it doesn't need a key at all.

      --
      Desperation is a stinky cologne
    6. Re:Closed source security? by MrTangent · · Score: 3, Funny
      "C:\> = I am happy with my OS"
      I think you'd be happier if you typed:

      C:\> deltree \Windows
    7. Re:Closed source security? by binaryDigit · · Score: 2, Funny

      I think you'd be happier if you typed: C:\> deltree \Windows

      You're making an assumption that they are running Windows. This could be a happy DOS user (DOS 2.1 RULES!), or an OS/2 user who insists on going down with the ship :)

    8. Re:Closed source security? by Kadagan+AU · · Score: 2, Funny

      Wait a minute... you mean people actually WANTED to pirate ME? I paid NOT to have it on my system!

      --
      This space for rent, inquire within.
  2. A single key? by Levine · · Score: 4, Insightful

    There are probably ten or fifteen leaked keys by now. Finding Windows keys isn't difficult, and never has been. Why is this news?

    1. Re:A single key? by DJayC · · Score: 5, Informative

      There are probably ten or fifteen leaked keys by now. Finding Windows keys isn't difficult, and never has been. Why is this news?

      I think the reason why this is such a big deal is because, if you read the article, it is a key that can be used to install Windows Server 2003 WITHOUT activating it on the internet. It is a multi-license key usually given to system builders and the like. I think Microsoft is correct in stating that this will lead to more piracy since the key can be used on an "unlimited" amount of machines.

    2. Re:A single key? by ADRA · · Score: 2, Funny

      I wouldn't upgrade to SP1 if I were you nasty hacker pirates :-)

      --
      Bye!
    3. Re:A single key? by MortisUmbra · · Score: 5, Insightful

      Erm, no, because as the article ALSO states, the same case was tru for Windows XP, Corp. Vol. license keys were out before the retail package was!

      This is absolutely no different for the last....well....five Windows launches.

      There has ALWAYS been a key readily available even after WPA. And WPA has never been a problem. Sure SP1 blocked TWO popular keys but do you have any idea how many people have friends in IT depts. with access to keys?

      Me, my brother in law, my roomate, his brother, my brother, my brother in laws brother, his friend, my cousin, three of my other friends.

      ALL of us have access to different volume license keys.

      It's about as safely gaurded a number as you can get, short of plastering them on billboards and busses.

      --

      "The saddest words of mice and men, are not those which were, but should have been."
    4. Re:A single key? by evilviper · · Score: 3, Insightful

      That's assuming this key isn't being legitimately used. If some OEM has been assigned this key, and has thousands of system installed with this key, Microsoft can't very well just disable systems using they key, can they?

      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  3. What is it with Slashdot? by rritterson · · Score: 5, Insightful

    Of course the key was going to be leaked- it was only a matter of time. It's the same way with all key based systems. Microsoft will still make just as much money as ever. (Keys were leaked all the time before product activation anyway) the poster spins this as though this is going to cause mass hysteria and pandemonium. What is meant by "closed source security"? An open source security program would be exceptionally easy to bypass, I'd think, since you'd have direct access to any encryption mechanism used.

    --
    -Ryan
    AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
    1. Re:What is it with Slashdot? by davebarz · · Score: 5, Insightful

      An open source security program would be exceptionally easy to bypass, I'd think, since you'd have direct access to any encryption mechanism used.

      Knowing the algorithm doesn't really help with any decent encryption since you also have to know any number of other keys in order to deencrypt the data. Of course, if you're still using "A=26,B=25,C=24..." encryption, then you may be on to something, there.

      --
      barzelay.net
    2. Re:What is it with Slashdot? by BJH · · Score: 4, Insightful

      An open source security program would be exceptionally easy to bypass, I'd think, since you'd have direct access to any encryption mechanism used.

      Well, I've got this little free software program called ssh - perhaps you'd like to try and crack it.

    3. Re:What is it with Slashdot? by dicka_j · · Score: 5, Insightful

      An open source security program would be exceptionally easy to bypass, I'd think, since you'd have direct access to any encryption mechanism used.

      I think you will find that most, if not all strong ecryption algorithms are in the public domain. The algorithm used should be strong enough that the key is required to decode the message, and the knowledge of the algorithm is next to useless.

      Do a goole search for say DES, and you will find various articles explaining the implementation of the algorithm, and tripple DES is about as strong as you can get nowdays.

      security through obscurity NOT effective security.

    4. Re:What is it with Slashdot? by TerraFrost · · Score: 2, Insightful
      An open source security program would be exceptionally easy to bypass, I'd think, since you'd have direct access to any encryption mechanism used.

      actually, an open encryption standard that can withstand public scrutiny is more secure than a closed one, for the most part. closed ones may well be vulnerable to short cuts that the designers had not considered. i mean, despite hundreds of thousands of people trying, the only way you can crack a DES key is too brute force it. the only draw back to DES keys is the length - a short key can be brute forced faster, obviously. also, increasinly so, it is taking less and less time to try each key, so... as long as you keep the keys getting longer and longer you should be ok.

      you don't and really can't have this same kind of security with a closed encryption standard.

    5. Re:What is it with Slashdot? by afidel · · Score: 4, Informative

      SSH has been cracked quite a few times (especially SSH1, hence SSH2). Unless you really know what you are doing it's easy to make mistakes while doing cryptography, even the experts mess up once in a while, they're only human after all =)

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    6. Re:What is it with Slashdot? by skillet-thief · · Score: 4, Funny
      A=26! Wow! I never thought of that.

      I was still using A = 1 B = 2... Now my stuff is really going to be secure.

      --

      Congratulations! Now we are the Evil Empire

    7. Re:What is it with Slashdot? by Jordy · · Score: 2, Informative

      Sure, just let me have the same amount of access to it as I have to Windows 2003 while installing it. Give me your key and access to your machine/network stream while you ssh out and I'll hand you the decrypted plaintext of your session.

      Of course this has little to do with the security of this particular authentication mechanism which simply looks up a secret key in a database of issued to see if it is valid and has enough licenses available. Volume licensing is always the problem in this case.

      Repeat after me: There is no such thing as security in an insecure environment.

      --
      The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.
    8. Re:What is it with Slashdot? by sconeu · · Score: 2, Insightful

      the poster spins this as though this is going to cause mass hysteria and pandemonium

      RTFA. C|Net spun it that way. The poster was simply quoting the article.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    9. Re:What is it with Slashdot? by Tim+C · · Score: 4, Insightful

      I think the original poster's point was that with an open source product, one could simply remove the key checking stage entirely, rather than having to rely on acquiring a key.

      --
      It's official. Most of you are morons.
    10. Re:What is it with Slashdot? by glenkim · · Score: 2, Interesting

      Okay, I'm seeing a lot of people reply to this post, but they're not making a whole bunch of sense. So in order to clarify things for people who replied, I thought I'd say a few things. First of all, BJH is talking about knowing the encryption mechanism in SSH to crack the communications. If I'm interpreting him correctly, he's saying that with the public key encryption mechanisms that SSH uses, it's not possible to crack the encryption, even if you know the public key and the mechanism (namely because the best known algorithms for figuring the private key are intractable in runtime). So, if Microsoft had any sort of brains about them, they would have used an encryption scheme that would allow them to produce a key, where even if the algorithm is known, it would still take an unreasonable amount of computing power to figure out how to generate one's own keys.

    11. Re:What is it with Slashdot? by Hobbex · · Score: 2, Funny

      The top poster wrote: An open source security program would be exceptionally easy to bypass. The next guy responded to that. If the top guy wasn't, as you say, talking about security programs at all, but rather some silly fuckware, maybe he, and by extension you, are the idiots...

    12. Re:What is it with Slashdot? by LordLucless · · Score: 4, Insightful

      In an open source product, they would, presumably, not need to foist key-codes, activation and other sorts of crud to try and control piracy.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    13. Re:What is it with Slashdot? by AndroidCat · · Score: 5, Funny

      Use Double ROT-13 encryption, and your securitiy problems will be over.

      --
      One line blog. I hear that they're called Twitters now.
    14. Re:What is it with Slashdot? by fireman+sam · · Score: 2, Informative

      Actually, you determine the algorithm used by reading the ASM code, and then rewrite a new algorithm that works in reverse. For example: program does: username + key ==> hash value keygen does: hash value - username ==> key This is not trivial

      --
      it is only after a long journey that you know the strength of the horse.
    15. Re:What is it with Slashdot? by Zemran · · Score: 3, Funny

      You only have to use normal ROT-13 and it is illegal for any Russian to decrypt your data... The US gov will go to incredible lengths to catch these Russian spies now.

      --
      I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
    16. Re:What is it with Slashdot? by nadaou · · Score: 5, Funny

      And here I've been using A = 65 B = 66... damn.

      --
      ~.~
      I'm a peripheral visionary.
    17. Re:What is it with Slashdot? by Des+Herriott · · Score: 2, Insightful

      I think you're right, but the fact is that one can simply remove the key checking stage entirely from a closed-source product too. It just takes knowledge of the assembly code for whatever CPU you're using, rather than a knowledge of a higher level language (most likely C or C++). So it's a bit harder, but it's obviously entirely possible - just witness all the cracked commercial software that's floating about. And "a bit harder" means nothing once one person has put the effort in to crack the software.

    18. Re:What is it with Slashdot? by EpsCylonB · · Score: 2, Funny

      In soviet russia the data decrypts you.

    19. Re:What is it with Slashdot? by DickBreath · · Score: 2, Interesting

      My friend develops software. He released a program that used registration keys based on the summation of the ASCII values of the registrant's name, mod something. There was a key generation out on the net within a week! The poor guy didn't have a single user actually purchase the software though :(

      Use Public Key cryptography.

      You supply me your name and serial number. I MD5 hash those. Then I encrypt the hash using my private key. I return this to you as your registration code.

      Your copy of the program takes your name and serial number. It MD5 hashes those. So far, you should have the same result I started with. You then decrypt your registration key to see if it matches. Since you don't have the private encryption key, you cannot generate new registration keys.

      Now, some evil terrorist might just patch your program to skip the registration verification process.

      So the registration key I give you includes the MD5 hash of your name/serial number, but also includes additional bytes which make up some critical part of the program. This makes it more difficult to circumvent, but still, not impossible.

      --

      I'll see your senator, and I'll raise you two judges.
  4. In other news... by miketang16 · · Score: 5, Funny

    The apparent owner of the 'leaked' key has disappeared today. Microsoft states there is absolutely no connection between the 2 events...

    --
    -------
    "In times of universal deceit, telling the truth becomes a revolutionary act."
    -- George Orwell
    1. Re:In other news... by anthroboy · · Score: 5, Funny

      I was watching the TV coverage of this tonight, and they're saying that this is the work of Gates' evil henchman, the man known as "Intellectual Property Ali".

    2. Re:In other news... by _generica · · Score: 5, Funny

      The exact Press Release from Microsoft was:

      "We was out of town when that shit went down."

  5. Big Freaking Deal by Jah-Wren+Ryel · · Score: 5, Insightful

    Anybody who needs to run this server edition of windows is going to pay for it and probably buy a support contract to boot. Joe Downloader who decides he wants to run Windows 2003 on his piddly two generation old machine just to show how cool he is would never ever pay for 2003 in the first place, he'd just stick with the XP Home edition that his machine came bundled with.

    Mountains out of Molehills, or should that be mothballs in the case of a microsoft losing market dominance?

    --
    When information is power, privacy is freedom.
    1. Re:Big Freaking Deal by Soko · · Score: 2, Insightful

      Your post implys, IMHO correctly, that no matter the steps taken to protect software against piracy, there will be piracy. However, there will emerge in the end a need to by software from a vendor in order to get support. Hmmmmm...

      Seems to me there's a few companies out there who do something very much like that. Seems we have the answer for Microsoft, don't we?

      Soko

      --
      "Depression is merely anger without enthusiasm." - Anonymous
    2. Re:Big Freaking Deal by Anonymous Coward · · Score: 2, Informative

      its not a server edition, its windows 2003 server!
      its a family which has 4 branches,

      identified the leak as a 3-in-1 code, meaning that it would work with three different versions of Windows Server 2003.
      since the key was leaked anyone can burn a copy of any edition excluding web edition and run it!

    3. Re:Big Freaking Deal by indiigo · · Score: 2, Informative

      Apparently You've not used .net server. It runs better than XP home, due to the fact that most services are turned off by default, such as theme support and sound support, and it runs quite nicely even on a Ppro 200. It's a far better desktop OS than XP home.

      --
      fslg503-985-8686503-985-8686503-985-8686503-985-86 8650 3-985-fdsg8686503-985-8686503-985-8686503-9
  6. Missing Link by bsharitt · · Score: 5, Funny

    The poster forgot to link to the leaked key. A fix would be appreciated.

    1. Re:Missing Link by Anonymous Coward · · Score: 5, Informative

      According to serials.ws (mind the porn popups):

      Windows 2003 GER Server Full

      Added: 2003-04-04

      C4C24-QDY9P-GQJ4F-2DB6G-PFQ9W

      Badonkadonk.

    2. Re:Missing Link by Anonymous Coward · · Score: 2, Informative

      Or it might be...

      K4RBR-F3K42-M9RXG-48TPR-H6BPB

      (The number from the TMCiSO release.)

      Badonkadonk!

    3. Re:Missing Link by Anonymous Coward · · Score: 3, Funny

      Cracks.am usually has fewer popups, and generally better quality porn ads.

      The quality of their cracks/serials are usually acceptable, too.

    4. Re:Missing Link by NCFlipper · · Score: 3, Interesting

      Would the lawyers be able to do much if you said "it's the ascii equivalent of the numbers between the xth and yth digits of pi"?

    5. Re:Missing Link by ShooterNeo · · Score: 3, Interesting

      Although I don't have a proof for this, any sequence of numbers can be found in the digits of pi. (obviously some sequences will take much longer to find than others). Thus with a LOT of searching you could find a sequence of numbers that when encoded into characters using ASCII rules (65 as A, 108 as z, ect) correspond exactly to a valid Win2003 Server serial.

    6. Re:Missing Link by plugger · · Score: 3, Interesting

      If it is true that every possible sequence of numbers exists within PI, then why not just take the sequence which corresponds to the cracked Win2003 installer binary?

    7. Re:Missing Link by pacc · · Score: 2, Funny

      Come on now, I can't memorize any of these keys unless they start with FCK or something else that can be related to well known four-letter words.

    8. Re:Missing Link by Ian+Jefferies · · Score: 2, Informative

      NERSC has some information about pi and you can search through the first 4 billion digits. The server serial number doesn't code into their input form (numeric or letters only, not a combination), and it's restricted to a 10 character input anyway. The encoding could be converted to hex, but the odds of finding it in the first 4 billion digits are very slim indeed.

      It makes brute forcing valid serial numbers almost look attractive.

      Ian.

      --
      A physicist is an atom's way of thinking about atoms
  7. First Pirate Post! by teamhasnoi · · Score: 5, Informative
    YAR! Shiver me timber!!

    Only a scurvy dog would run the likes of this barnacle cover OS, yar.

    1. Re:First Pirate Post! by Chester+K · · Score: 2, Funny

      K4RBR is the new FCKGW.

      --

      NO CARRIER
  8. Caught between a rock and a hard place by DJayC · · Score: 5, Interesting

    (From the article)
    Those copies of the software installed using the leaked code "won't be able to install future updates or service packs of access Windows Update," the spokeswoman said.

    "They're caught between a rock and a hard place," Cherry said.

    It's funny.. she's basically saying "Yes, they can install the retail version BUT they are screwed when all of our security holes and bugs are found." She seems to imply that if you don't update Win2k3 (note this is stated before it is even released!) you are going to have a junky product. Funny stuff.. only Microsoft.

  9. every window I've got is locked by wadiwood · · Score: 4, Funny

    Locking all the windows in the house and the sliding doors with locks that require keys to open, is my token gesture at keeping my computer equipment in the house and burglars out.

    I know it doesn't work always. And my contingency escape plan is throw chair through window in case of fire. Which will work unless I install security window tinting. In which case I may need a special ice pick to get out. Hmm, that might double as burglar repellant.

    --

    -- it must be true, it's on the internet.
  10. anyone read the headline too carefully? by ejaw5 · · Score: 5, Funny

    "Windows Key Leak threatens mass piracy"

    If I'm reading it correctly (2am w/o coffee) it seems that the subject of the sentence --Windows Key Leak-- is acting --threatens(threaten)-- on the predicate --mass piracy--.

    If MS is worried about piracy, shouldn't they leak *more* codes?

    --

    $cat /dev/random > Sig
  11. Re:Be honest now by DJayC · · Score: 2, Interesting

    CNN will show detailed maps of when, where and how the US will attack Iraq, but God forbid an article starts out with "The Windows 2003 Serial Key, XP74V-RX7YQ...."

  12. They'll just patch it.. by Auriam · · Score: 3, Interesting

    Um, I guess no one here's heard of what MS did with XP SP1.. if you upgraded from XP, and were using a pirated corporate key, you were OK.. but if you tried to do a slipstreamed CD install (that is, with SP1 included on CD, a full install from that CD), you were SOL when you tried the old key. A Friend Of A Friend of mine had some trouble with that himself.. but luckily some smart person had apparently held back some of the corporate keys from wider release, fearing that this might happen, and released the new key as the SP1 key.

    Thus, a single keycode getting out isn't THAT much of a piracy threat - it can easily be patched. Now, a KEYGEN, on the other hand...

  13. And now that I know I can get it for free... by BooMonster · · Score: 5, Funny

    I still don't want it!

  14. Here is logic by ADRA · · Score: 2, Interesting

    "Microsoft is banking on the thrice-delayed operating system to increase its penetration into the enterprise. But the stolen codes show the difficulty the company faces in protecting its valuable intellectual property and potential sales from thieves."

    So, out of all the pirating going on, do you think that even 1% of it is coming from enterprise customers? I seriously doubt it, and I am sure they do as well.

    I think its a "scape goat" tactic to justify expected poor returns on their newest sinking flag ship product.

    --
    Bye!
  15. Just remember... by JohnA · · Score: 2, Funny
    When you use a leaked key...

    ...the terrorists win.

    This message brought to you by your Attorney General's office.

  16. with any luck by andih8u · · Score: 3, Funny

    with any luck they will go ahead and block that key code from upgrading to SP1, therefor saving us from the pesky memory leak that SP1 is bound to cause.

    --


    slashdot, news for crazed liberal socialist zealots
  17. Re:Fuck Money by Anonymous Coward · · Score: 2, Interesting

    That's not as far fetched as it might seem. You know, when the Russians had their revolution almost thirty percent of the population was required for agriculture. Today, with the changes in technology it's less than a fraction of one percent of the population that actually works in agriculture.
    How about this. Under the new regime, we will give higher bandwidth allocations to those who volunteer to operate agricultural machinery.
    Are ya with me!

  18. umm. the devil's own? by Anonymous Coward · · Score: 2, Insightful

    This is what became know as the Devil's Own key when XP came out. Same idea. You use the key, then you can't install service packs.

    It's your own fault for installing it. Just because you can't afford books for school doesn't mean you're entitled to learn. Same thing goes for new operating systems! Fucking pirates!

  19. The other foot by meta-monkey · · Score: 4, Insightful

    At first, when I saw this, I chuckled. Then, I thought about all the times I've seen stories on /. about some company using GPL'ed code in their closed-source product. That pisses me off. Microsoft has decided that, if you want to use their software, you need to abide by their license agreement, which includes the stipulation that you pay for their software. If you don't want to pay for their code, then don't use their software. Myself, I'm a Linux and Mac user. I obviously don't pay for Linux, and I gladly pay for OS X when I buy a Mac from Apple. Power of choice, people, but you can't have it both ways. Either respect other people's licenses, or don't be surprised when they don't respect yours.

    --
    We don't have a state-run media we have a media-run state.
    1. Re:The other foot by WasterDave · · Score: 3, Interesting

      Yeah, I'm with you on that one, and it's one of the rare occasions where I'm with Microsoft too. If you're going to use Windows, pay. If you're going to use Windows servers, pay more. And if you use Windows (particularly for business) and think you don't need to pay, you should get your arse kicked.

      The more people who are forced to pay, through the nose, for this shit.... the more we will see both a proliferation of open source AND a return to an active and competitive closed source software industry.

      Dave

      --
      I write a blog now, you should be afraid.
    2. Re:The other foot by egjertse · · Score: 2, Insightful
      At first, when I saw this, I chuckled. Then, I thought about all the times I've seen stories on /. about some company using GPL'ed code in their closed-source product.
      [snip]
      Either respect other people's licenses, or don't be surprised when they don't respect yours.

      Hmm, I'm not sure what you're trying to say here, but if you mean that it's OK for Microsoft to steal GPL'ed code because some kids are pirating windows, I have to disagree. Speaking from my own experience, piracy is not really an issue, except with games and maybe personal operating systems. Companies buy their licenses and try to keep legit - despite what the BSA will have you believe. Corporate "piracy" has more to do with poor license management.

      So is it OK for MS to rip off Free Software deveopers' code because some kid wanted to run Windows 2003 Server on his box at home?

      --
      ^]:wq!^M
  20. So, what is it? by epsalon · · Score: 2, Funny

    One thing missing - what's the key?

    --

    Make even shorter URLs - 8LN.org

  21. get your pirate name here: by Anonymous Coward · · Score: 4, Insightful



    pirate name generator

    I used to work for a microsoft help desk that was supplied with the corporate software disks known at the time as "select", we used to get four or more copies of everything in every langauge Microsoft could be bothered with, and not a single thing required us to enter the licence keys in. They were "pre-installed".

    The weird thing? was that we were allowed to make "evaluation" copies of these disks and "support" copies of these disks to give to our clients and engineers. And these evaluation and support disks used to get "lost" as fast as we could issue them. And after long discussions with the local microsoft office, they said they were fine with the evaluation and support disks. Ie microsoft sanctioned piracy, in the interests of having more client sites and more technicians with the skills to support them. Ie most of us technicians couldn't afford to pay for microsoft software to install at home so we could learn it. In fact I think that Microsoft and my company had an agreement that said that we were allowed to install microsoft software at home so long as we worked for that company (a microsoft solution provider). I later used this technique to get around the useless recovery disks that some PCs come bundled with, so that you can only re-build your system by formatting the hard disk again...Blech.

    Funny how installing IBM mainframe software at home was never expected or required. We couldn't take that work home with us.

  22. This is a deliberate leak to get a foothold by no_mayl · · Score: 3, Interesting

    They could have used a timed key (valid only for a couple of weeks). All the machines in that company that leaked the key would have had to be installed (no user prompting, but still requiring internet connection) within the timeout period. If somebody stole the timed key, and re-adjusted their computer time just to get by the install, it would fail, as the computer would still need to connect to a MS-owned server with its own notion of time.
    For something this easy (other companies like Symantec provide timed keys) not to be implemented can only be a sign of deliberate action.
    "I'll give out (oops! I meant leak out) this free OS. Once people get used to it, then I'll charge a huge amount for all these other softwares and services. And I'll give major parties (i.e. sueable) a chance to get back on the right track by purchasing a valid license."

  23. Keys leaked onto the internet? by seismic · · Score: 2, Funny


    So this enterprise product, targeted towards business, can now be installed by 15 year old irc warez monkeys on their home pc's?

    The subtle point is that their souped up gaming pc's will probably run this latest incarnation of windows better than the hardware available to most businesses.

    drag me drop me treat me like an object

  24. And this is different from other versions how? by unborracho · · Score: 4, Interesting

    uhm... hi. My name is _________ and I'VE NEVER PURCHASED A COPY OF WINDOWS IN MY LIFE!

    let's see here...

    Windows 98, got key from a friend
    Windows 98 SE, got key from a friend
    Windows ME, got key from a friend, uninstalled the next day
    Windows 2000, found a key on an altalavista search
    Windows 2000 Server, "borrowed" a key from work
    Windows XP Pro, hello mr. corporate no-registration key

    Don't get me started on other microsoft products. Office XP has its own registration work-arounds as well.

    I'm just surprised this made it to a /. story. Most anyone in this community would know where to go to get a windows key if they needed one.

    I would think this would be expected for any and all releases of software microsoft puts out. Hell, we can get software from my school for so dirt cheap, ($30 for Windows XP Pro) they might as well give it away for free.

    --
    "You had this look that of an angel, it was such a bad disguise" --Dishwalla
    1. Re:And this is different from other versions how? by horza · · Score: 4, Insightful

      Hell, we can get software from my school for so dirt cheap, ($30 for Windows XP Pro) they might as well give it away for free.

      On a related note, I've had youngsters telling me enthusiastically that there are people hanging around the school gates offering drugs for little or no money. I feel obliged to point out that once they become hooked, they'll be hit later for the full amount.

      Phillip.

      --
      Property for sale in Nice, France
  25. What i find funny.... by MortisUmbra · · Score: 2, Funny

    Well, ok, not funny, more like, extremely aggravating. Is the continued claims of groups like the BSA. They, and their research numbers, are about as believable as pretty much ANYTHING that comes out of the RIAA's mouth.

    Funnier still is this claim of increased piracy.

    By whom???? Bob college student dicking around with a spare PC in the corner?

    Ver few businesses will go without product licensing nowadays. It's just not worth it.

    And speaking of not worth it, I HIGHLY doubt that now that we have our Win2k server and Active Directory up and running, and functioning with all the other systems (payroll, accounting, timeclock, inventory, etc. etc.) we are going to shel out MORE money for a new Windows Server platform....forget that. Last thing I want is to setup Server '03 and pray to God nothing complains. For what? What do I REALLY gain from the upgrade? DICK!

    --

    "The saddest words of mice and men, are not those which were, but should have been."
  26. comment on tolkein sig -way off topic by wadiwood · · Score: 3, Funny

    >inexpensive, fast, good - choose two

    I have a similar thought about horse riding
    desired direction, right speed, balanced in the saddle - choose two.

    If I got speed and balance right, the horse was usually headed for the nearest low branch.

    If I got direction and speed right, I usually wasn't in contact with the saddle. Ie standing in the stirrups.

    If I got direction and balance right, usually the horse was stopped and eating.

    Hmm wonder how I could bring it back to topic?

    popular, secure, profitable - choose two?

    --

    -- it must be true, it's on the internet.
  27. Why have an initial Key on Install ?? by MadX · · Score: 2, Insightful

    Why do you have to have the initial install key ??
    Microsoft can simply give Windows (XP/2003) away for free .. (Hey .. it's a 30 day window period) and when you want to "Activate", you then have to pay.

  28. Windows pricing threatens mass piracy by Anonymous Coward · · Score: 2, Funny

    would be more like it

  29. Piracy is good for MS by AvengerXP · · Score: 5, Insightful

    Each pirated version of Windows running is one less copy of Linux or other variant OSes running. In order of their preferences, 1) Legit MS 2) Pirated MS 3) Alternative OS So they almost approve piracy.

    --
    Trolls dont like to be Flamebait, because they burn so well. Protect our Troll heritage!
  30. I suspect this was done deliberately by ites · · Score: 2, Insightful

    By Microsoft as a way of getting Win2003 Server onto lots of systems that would otherwise run Linux. "Oh, dear, we've lost our key!" One has to wonder why a product like this even needs a master key. Surely system-builders and so-on can use product activation like anyone else: even if they can use the same key multiple times, nothing says they cannot activate it on-line.
    Oh those damn pirates, now we will have to crack down even harder on all those people still using bootleg copies of Office 97!!!

    --
    Sig for sale or rent. One previous user. Inquire within.
  31. Too funny by FredFnord · · Score: 2, Insightful

    > Seems we have the answer for Microsoft, don't we?

    So your suggestion would be for MS to keep their source closed (they're going to anyway) and then give out the software, but sell the support?

    And this would encourage good, easy-to-use, easy-to-configure, bug-free software with a consistent interface, I bet, right?

    -fred

    --
    Sign #11 of Slashdot overdose: You see the phrase 'moderate Republican' and you wonder if that would be a +1 or a -1.
  32. Re:JB88F-WT2Q3-DPXTT-Y8GHG-7YYQY by Jeremiah+Cornelius · · Score: 4, Informative
    A simple peek at USENET confirms this to be the key- Useless without the corp edition versions of certain installation files.

    It appears that these files were made available on IRC, and are being subsequently transferred to ISO images of 2003 EE.

    I leave it to the reader to figure just which USENET group carries this traffic.

    MS needs to 'scour the Internet' for these people? They run one of the Websites in the C-Net article!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
  33. Re:isnt' this illegal? by Anonymous Coward · · Score: 5, Funny

    posting working serials here on slashdot? or are they all fake?

    well try this, does it make sense?

    Join the crowd
    Build a tower
    8 meters to the right
    8 meters to the left
    Forty meters in height
    -
    Wait for good weather
    Tear down the tower
    2 people will help
    Questions will follow
    3 days just have passed
    -
    Does anybody wonder
    Probably
    X is a hard letter
    T is much better
    Together they fit
    -
    You should know already
    8 again a typo?
    Good lord it's fun
    Help them spread there software
    Greed is a sin
    -
    7 sins there are
    You should have got it now
    You remember that 'fuck you' tombstone?
    Questions?
    You got it.

  34. If you couldn't get windows for free... by Saoi · · Score: 2, Interesting

    ... would microsoft have the dominance it has today?

    If people didn't have access to pirated versions of windows since day 1, how many average home users could have afforded it? I'm not talking about the advanced users I'm sure you all are, but the average mum & dad & 2.5 kids that have just bought a computer to write some letters up or send some email. These families use outdated hardware running old prepackaged software until a friend lends them a newer version of windows or msoffice or whatever to remain compatible with work or school. Without this pirated software would these children be exposed to the overpriced software and become reliant on it in later years?

    I propose that maybe just maybe, piracy aids microsoft in making the average joe reliant on their product so in later years when they can afford it, they dont even consider any other competitors. After all, as someone has already said, its not the big businesses that give ms their profits using these codes, is it?

  35. Anyone got the key for Windows 2003 Server Edition by PasteEater · · Score: 2, Funny

    Oh, never mind.

    --
    There are two kinds of people in the world: those with loaded guns, and those who dig.
  36. Internet Chat Relay by Zakabog · · Score: 2, Funny

    Stolen codes are often traded with the Microsoft software, typically on Web sites, newsgroups or Internet Chat Relay (IRC).

    That's from the news.com article, it's good to know that sites other than slashdot have lazy editors.

  37. It's not the crypto and this is bad news for OSS by dmeranda · · Score: 5, Insightful

    Security is only as strong as the weakest part, and I seriously doubt that's with the encryption algorithm here. Remember this system is not designed to protect your computer from outside threats (like SSH, etc), it is to protect the operating system from the user. The threat model and problem being solved are entirely different.

    Why attack the encryption algorithm directly? Instead reverse engineer and bypass the parts of the OS that invoke the license checks. Or fool the probes which try to determine your hardware signatures. "Borrow" a key. Or for that matter just be sure to run IIS, as it lets perfect strangers run any applications they want on your computer, it should just as easily let you use your own computer too without any security checks :-)

    I do have two important observations though:

    1. I suspect this is one of the reasons MS is pushing so hard for TCPA/Palladium or other Distrustful Restrictions Management (DRM, sic) in hardware. That would finally allow Windows to completely distrust the user with a vengeance, as well as a side effect of preventing other choices in OS (look at the X-Box as their prototype of a hardware-enforced monopoly).
    2. This is actually bad news for Open Source advocates as it widens the distribution and exposure of this product to people who otherwise may never intend or have the $$ to buy it anyway, futhering their illegal monopolistric grip on the modern world. I for one hate it when people pirate Windows or Office or even Windows Plus, that's one more person that doesn't "feel" the heavy price for using MS software and has no desire to look for other choices. Open Source people would love for more so-called piracy of their products! Perhaps GNU/Linux should require an activation key, maybe that would accelerate its adoption (I'm joking here).
  38. Re:isnt' this illegal? by Anonymous Coward · · Score: 5, Funny

    But I think you just made that up
    Unless you know something we don't
    Like you work for Microsoft
    Less chance of actually having a third valid serial
    So it seems, anyway
    Hey, or maybe you just nicked it from work
    I still don't believe you
    Thanks and goodbye!

  39. don't feel bad about it by g4dget · · Score: 3, Insightful

    I have had to pay for that f*cking operating system for about every PC that I have ever bought, even though I don't use it. It's only right that other people who actually want to use it shouldn't have to pay for it.

  40. Microsoft tactics again by stevenp · · Score: 5, Interesting

    >> The leaked key codes cast an unexpected shadow over the launch of Windows Server 2003 later this month. Microsoft is banking on the thrice-delayed operating system to increase its penetration into the enterprise. But the stolen codes show the difficulty the company faces in protecting its valuable intellectual property and potential sales from thieves.

    Microsoft tactics again, nothing else. They currently need to enter the server market and push Linux out of there. So they will try with all means to increase the instaled base of the WinServer 2003 - it doesn't matter with or without licence. Later they will come with BSA and collect the fees, no doubt. The current statement has a double purpose - first to show to the world how much Microsoft is losing on piracy and second to inform the people that they can install Server 2003 without paying. The first one is typical Microsoft FUD - "We are weak, pirates rob us constantly", this will help them also in the monopoly trial. The second one says generally "Hey there is a key on the wild, just get it and install WinServer if you need it"
    Are the MS executives stupid enough to beleive that a sysadmin that has received a key for installing a bunch of WinServer-s 2003 will not leak it on the Internet? No, they are smarter than anyone else when it comes to money, just the target is different - to get a maximum number of installations, become monopoly on the server market, and then ... fire-up BSA, colect the missing licences, charge as much as they want for new installation and so on.
    The same story is repeating again and again, they can not give WinServer 2003 for free (like InternetExplorer) because the DoJ will nail them immediately, thay can only play the "illegal but free" game and hope that the sysadmins will byte - and may will, especially in the poorer contries. So I beleave the fixed keys are built into the code exactly with the purpose to allow the "widespread piracy". Why does WinXP does not have such fixed keys? MS officials may say "Because it is a client OS, it is not installed in volumes". Bzzzzt - wrong, the clients are usually installed in volumes, the servers are usually 1 to 10 compared to the clients. The answer is because MS has already monopoly on the client side, they do not need new installations, they need money for the existing ones. The server market is different, MS needs "piracy" in order to become the de-facto standard on the server.

  41. It's the ANY key. by billstewart · · Score: 2, Funny
    You know, that big red switch on the side...


    Put the CDROM in the slot, boot the machine, and nobody gets hurt. ARRRRRRRR!!

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  42. Re:umm. the devil's own? by Spy+Hunter · · Score: 4, Informative
    You use the key, then you can't install service packs.

    Until you download the keygen with integrated key changer.

    What? You didn't know there was a working Windows XP keygen/key changer floating around out there? Consider yourself informed.

    --
    main(c,r){for(r=32;r;) printf(++c>31?c=!r--,"\n":c<r?" ":~c&r?" `":" #");}
  43. Hmmm by muyuubyou · · Score: 4, Insightful

    Yeah I guess piracy isn't a concern when you're giving away your stuff (code, soft) and making profit from somewhere else (maintenance, counseling, certification).

    But keep in mind that sometimes it just doesn't work any better (or implies "higher ethics"). When I know a company is releasing underdocumented or buggy code on purpose just to keep gauging from me ("deluxe docs", counselling...) there's a thin line you sometimes don't know where it exactly is.

    ... what's even worse is when they steal from you both ways (seen any macromedia packaged doc?)...

  44. Arrrgggh... Eh ? You're point is... by MosesJones · · Score: 5, Insightful


    A couple of things

    1) Open Security != Open Source

    2) Open Source != No Key (PGP ring any bells ?)

    So just to clarify

    1) If I create an SDA using PGP this is Open Source Software with a key

    2) There are closed source security elements that have put their code out for review, including by the Goverment

    3) Red Hat give you a key to access their premium rate support.

    4) You made a glib comment that hit the MS Bad, OSS good Slashdot button and got modded up

    5) This just means there are lots of people on Slashdot who don't understand this either.

    Sheesh, you can have key restricted open source software, that is the idea of privacy and security for starters, the whole aim of VPNs etc etc. The issue here is in part _how_ the key (think private key) is issued. What MS want to do is make it simple for volume installers. Now what they could do is supply a bunch of USB keys to these volume suppliers that must be inserted during install. So give them 20, or 30, or whatever ghosting 30 at a time is a reasonable upgrade plan (no-one in a large company goes overnight for a total upgrade).

    The issue is 1) Process 2) The nature of the security.

    NOT whether its open or closed source.

    --
    An Eye for an Eye will make the whole world blind - Gandhi
  45. no threat to piracy by frovingslosh · · Score: 2, Funny
    Windows Key Leak Threatens Mass Piracy

    That's silly. My piracy isn't threatened by this leak. In fact, if I were to guess, I would think this leak will increase piracy, not threaten it.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  46. REQ: Serial for Linux 2.4.20 by RenHoek · · Score: 5, Funny

    Hi, I need a serial for the latest Linux kernel, version 2.4.20, the old serial doesn't work anymore. I'd prefer a keygen over a crack.. TIA!!

    *now waits for the obligatory 'Me too!!' posts* :)

  47. How does the Publicity Work? by Harry8 · · Score: 5, Interesting

    Posts here seem to suggest that everybody who knows what a keyboard is, can find a Key using nowt but a search engine. So who benefits from the publicity?
    Software pirates? They already knew.
    People who don't like Microsoft? Good for a laugh for about half a second, I guess...
    Microsoft? More people with experience using their servers? Right now if you're a poor student you're likely to know a thing or two about Linux server configuration, especially since you can do it with a box you bought for $20. Or BSD...
    Microsoft again? Hey, a media storm for the ingnorant to support this Pallid Big Brother nonsense? Or is that too cynnical..?
    No more security patches for Fully paid up NT licences. Hmmm...
    You pays your money, and you takes your choice...
    apt-get lacks the option "stuffed" It's a feature.


    I don't hate them, the sheer speed at which really useful application can be developped in Excel VBA is a breakthrough. (XL97 is just fine, upgrade? Why?) But then Excel has all those unstable algorithms in their stats functions that everybody has known about for years and years...

    I've been given X, Gnome & KDE. Now Give me VBA in OOo, Gnumeric or Kspread, & I'll give you Linux, Undisputed king of the office desktop.

  48. Publicity stunt by SgtChaireBourne · · Score: 3, Insightful
    Since the key is for the server, not the workstation, its release is not a big deal. Businesses eager to hand their IT budget to Microsoft will purchase the key anyway. Others would not waste resources playing with a toy that would set them up to be cleaned out by a lawsuit.

    But I can guess at two reasons why it comes just now:

    Perhaps this "leak" is to take attention away from new releases of excellent servers: OpenBSD 3.3, RedHat 9 (even w/4 business hour response time), and Mandrake 9.1.

    Or perhaps it is to drum up sympathy in congress for new legislation which could be used to mandate DRM in the U.S. This would hamstring the U.S. IT sector and many public institutions by taking money out of already tight budgets and sending it to Redmond in the form of forced purchases of new hardware and software.

    --
    Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
    1. Re:Publicity stunt by evilviper · · Score: 2, Interesting
      Since the key is for the server, not the workstation, its release is not a big deal.

      Of course you realize that Windows "Server" can be used on a workstation. :-)
      The only reason to use Worstation versions instead of Server versions, is due to the reduced price of licensing. Those people not paying licensing anyhow, probably don't care.

      You are right that serious users won't take a chance on this, but I guarantee you will see numerous unlicensed Windows servers on the internet. Typically used for one-man-shops, porn sites, or any other tiny companies/individuals that don't stand to lose much even if they are caught.
      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  49. Try this by Anonymous Coward · · Score: 4, Funny

    make oldconfig deps modules bzimage install

    If that doesn't work for you, there are others!

  50. Windows Server 2003 Key Review... by GeneralEmergency · · Score: 5, Funny


    After spending several hours looking over this latest release from the 'Redmondian Army of Doom', I have mixed feelings about this key as a whole but I still find myself strangely attracted to a few of it's verses. It is as if parts of it were composed by choruses of lilting angels while other parts we're slapped together with the premediation of a four year old making mud pies. Lets take a look at this new key... verse, by haunting verse, shall we?


    C4C24-
    What a stunning beginning! Almost symetrical, yet still off balance even with the repeating C's and 4's. The 2 was a discordant shocker at first, but the more I read over it, the more I found that it acted as a 'front porch', if you will, for the firmly concluding 4.

    QDY9P-
    This is that "Mud Pie" verse that I alluded to earlier. After such a strong beginning with "C4C24", "QDY9P" is a total dissapointment. I think the problem here is the 9. The "QDY phrase is an intriguing start to this verse but the 9 just throws away any semblance of order.

    GQJ4F-
    This is without a doubt, the most playful and funky verse in the key. The central "QJ4" is a sassy and taunting invocation of some well known classical themes which takes on a whole different tone when sandwiched between the "G" and the slightly naughty "F".

    2DB6G-
    Probably the most memorable verse in this work, I kept humming "2DB", "2DB", "2DB", "2DB" to myself all afternoon. This cadence was a welcome change of pace and helped move this key back in the right direction toward the finale.

    PFQ9W
    What a triumph! This final verse had me on the edge of my seat in anticipation as each new character played on the preceeding ones with a curious mixture of both lust and fury. The "PFQ" opening is both sensual and vulgar at once, but when blended into a "Q9W" clarion call, the effect is awsome and should stand as one of the great Windows Key verses of all time.

    --
    "A microprocessor... is a terrible thing to waste." --
    GeneralEmergency
  51. Re:It's not the crypto and this is bad news for OS by dusty123 · · Score: 3, Interesting

    Well, I think you forget one huge fact:

    Pirated copies are very important for the distribution of Microsoft products.

    There are of course ways to improve security - why still use such general keys? Look at e.g. Mathematica, they have far better protection mechanisms.

    I postulate that piracy is tolerated and helpful for Microsoft, they will never try to generally stop it. They have of course their ways to reduce piracy, especially by intimidation and bad conscience.

    The more the Microsoft monopoly grows, the more they can pressure and reduce software pirates without losing market share.

    You will see: Palladium/TCPA will also not stop piracy.

    I would not wonder if Microsoft released this key by themselves..

  52. Some additional history and details by nachoboy · · Score: 5, Informative

    In the land before time, or rather, the world of software before Windows XP, Microsoft OS's didn't require activation, but they did require CD Keys. Mostly this was a fiasco as ANY legitimate cd key could be used ANY number of times for that version of the software. Many will remember the NT4 days and the ever-popular 111-1111111. Microsoft got smarter for Windows 2000, but not by much. The not-so-easily-forged 25 character cd key introduced with Windows 98 was used, which at the very least prevented people from making up cd keys. However, it was soon discovered that with a simple change of no more than TWO characters to an easily-editable text file, the cd key requirement could be eliminated! Toss those keys away! This one made it super convenient to install Windows, and the piracy raged on. This hole is still wide open, even with the latest service pack.

    Microsoft did start wising up, however. Summer of 1999 saw the first ever "activation" efforts implemented in Microsoft Office 2000 in certain markets, notably US education, Australia, and New Zealand. This was a successful pilot program and with the release of Office 2000 SR-1 in summer of 2000, all retail versions of Office 2000 incorporated this technology (known back then as "registration.") This, too, however, was quite simple to defeat using a corporate install feature normally reserved for large-scale deployments.

    The release of Windows XP saw another big step forward for Microsoft's anti-productivity tools (excuse me, "anti-piracy efforts"). Same 25-character cd keys, but you have to "check in" with Microsoft to verify you haven't handed the key out to 25 of your closest friends. Windows XP activation is actually quite a bit more lenient than most people realize... you can change a significant amount of hardware and not be forced to reactivate, and the biggest secret is that if you don't check in with MS Activation servers for a period of 4 months, they'll wipe your history clean and you can activate anew with ANY hardware configuration. Enough room for even the heaviest geek to make all the changes he wants.

    Once again, however, product activation was easily defeated. It wasn't long (well before the retail release for that matter) before someone got ahold of a corporate copy (no activation required) and let it loose on the net. The biggest change with Windows XP was that the difference between retail and corporate versions was a whopping 10 files, including one that was almost 13 MB. Not so easy to make your retail copy activation-free, but it can be done. The ramifications were clear: there was to be no more swapping of retail and corporate keys. It was too easy for Joe User to find a few characters on the net and defeat all the anti-piracy efforts MS had spent months developing.

    And here's where we connect with the article. First of all, cd keys to install Windows Server 2003 have been out since before it was originally posted on MSDN (which, by Microsoft's own admitting, was less than 4 hours after RTM). The problem was, all those cd keys were from retail distributions which required activation. Yes, a "reset" patch was quickly coded which virtually made the activation requirement non-existent, but these things have been known to have been "corrected" in service packs. The public was clamoring for a "corp" release, which would eliminate the activation altogether. Insiders had access to the corporate release but it was worthless without a key... a key somebody was probably going to lose their job for if they divulged it. Almost a week went by, and then early yesterday morning, a key was located and the corporate release has been forthcoming. This wasn't the first key and it's not the only key, but it is special in that it is the first "volume license," or "corporate" key to be released.

    The article fails to mention that the key MUST be matched with a corporate release. Once again, the unique files from retail and corporate editions are about 13 MB, but those files can be found on the web in

    1. Re:Some additional history and details by Anita+Coney · · Score: 2, Interesting

      "Enough room for even the heaviest geek to make all the changes he wants."

      I've read in other forums from hardware geeks who were told by Microsoft that they had to purchase new copies, as they were allegedly changing their hardware too much. They claimed that you could significantly change your hardware three times and still validate by the web. After that you have to start calling, and if you call too much (and there appears to be no precise number) you're eventually out of luck.

      I doubt very much these individuals were lying, as they weren't pushing any agenda other than telling their stories.

      As someone who's always changing his computer's hardware, I think I'll skip the whole product activation fiasco. I have no desire to ask permission to use my computer! I'll stick with W2K until I'm able to do everything I need on Linux. (And the only thing holding me back is an audio editor is good as Cool Edit Pro!)

      --
      If someone says he and his monkey have nothing to hide, they almost certainly do.
    2. Re:Some additional history and details by Anita+Coney · · Score: 2, Insightful

      I'm just stating what I read.

      I personally change my motherboard/CPU/video card about once a year. But I'm also swapping things out at least twice a month, e.g., I'll switch sound cards. And I'm buying new hardware about once a month. Just a few days ago I bought a new HD. The month before that I doubled my RAM to 1 gig. The month before that I bought a USB 2.0/FireWire combo PCI card. Etc, etc, etc.

      And I think you're missing the point. It doesn't matter if you change your hardware every day or every minute or never. It's YOUR computer. I'm not willing to ask permission to make change. And I'm also not willing to buy a product that expects me to ask permission, even if I never actually have to ask.

      It's my computer damnit, and no one will tell me what I can do with it!!! (Other than my wife of course!)

      --
      If someone says he and his monkey have nothing to hide, they almost certainly do.
  53. Oh The Humanity! by turgid · · Score: 2, Funny

    Just think of all those poor coders in Redmond who are going to be poor and starve as a result!

    --
    Stick Men
  54. Picture this... by sterno · · Score: 4, Funny

    Seedy bar. Toilet stall door.

    "For a Good Time "

    --
    This sig has been temporarily disconnected or is no longer in service
  55. I wouldn't get too excited by DrXym · · Score: 2, Interesting
    Perhaps the serial number will allow mass piracy but unless you're prepared to forever run the server unpatched and unexposed to the internet it won't do you much good. Microsoft will simply release a patch (perhaps an innocuous looking one) which will kill all known pirate keys in existence.


    If you think this is far fetched, consider that it has already happened for MS Office for OS X. Users who applyied the first service pack found their installations were nobbled if they had been registered using widely know serial numbers.


    It would be no more difficult for MS to do the same with Windows 2003 Server. And given the nature of the product and the huge revenue MS see themselves losing, you can expect them to pursue servers using the hacked serial numbers extremely vigourously with prosecutions and raids galore.


    Now I wonder how much revenue is *actually* lost as opposed to counting illegal installs and assuming all those equal lost revenue. People who use hacked serial numbers are not those who would be interested in spending $$$$ on the original in the first place.

  56. Security only as strong as customers' will by 192939495969798999 · · Score: 3, Funny

    "Company X, Here's an email with the key to unlimited software installs, and therefore more or less unlimited money. Please don't give it to other people. Thanks, Microsoft"

    add that to:

    "Hello employees, it's the boss of Company X. Here's the key to install all the software in your email -- please don't take it home and steal other software with it."

    SURE! There are a lot of people out there who wouldn't handle that responsibility well.

    --
    stuff |
  57. Re:Microsoft doesn't make its money off Windows... by Anita+Coney · · Score: 2, Informative

    Actually the only money Microsoft makes is on both Office and Windows. I can't remember the exact figures, but it's about 85% profit on Office and 80% on Windows.

    All of that excess is used to fund money losing projects including WebTV, WinCE, Xbox, MSN, and everything else.

    --
    If someone says he and his monkey have nothing to hide, they almost certainly do.
  58. Re:MOD PARENT DOWN by TheMidget · · Score: 4, Insightful
    No, it's 100% legal to post that on Slashdot. Check again in a week if you don't believe me. It'll still be there. The reason: it is legal to violate any intellectual property on Slashdot, except the Church of Scientology's. Just remember how quickly the OT VIII postings (Fishman affidavits) disappeared... Yes, I know. That page shows no comments for lazarus142. The reason: they disappeared. D'oh.

    Conclusion: Dave Miscavige is mightier than Bill Gates

  59. Product Activation has NOTHING to do with piracy.. by Anita+Coney · · Score: 5, Insightful

    Microsoft keeps arguing that the purpose of Product Activation is to stop piracy. That's ludicrous:

    First, weeks before XP was released there was the infamous leaked corporate copy of XP readily available for download in convenient ISO format.

    Second, Microsoft stated that anyone using the leaked version of XP would not be able to update to SP1. However, a week before SP1 was released tweaktown.com had figured out and posted a way around it.

    Third, now the exact same thing is happening to Windows Server 2003.

    Exactly how did Product Activation stop piracy? It didn't. What does it stop? It stops what I call sharing. That's when a friend uses his copy of Windows to upgrade a friend's computer. That is what Product Activation has stopped and nothing more. (I'm not saying that sharing is OK, but it's hardly piracy!)

    Maybe Product Activation is also Microsoft's attempt to get the average person used to paying for upgrades. Maybe it is a step in the direction of Palladium, i.e., getting the average person used to the idea that Microsoft controls their PC, and not the other way around. It could be a lot of things, but it is clearly NOT intended to stop real piracy.

    --
    If someone says he and his monkey have nothing to hide, they almost certainly do.
  60. Re:It's not the crypto and this is bad news for OS by jraf · · Score: 2, Insightful

    Windows piracy is definitely bad news for OSS. However, not to such a great extent in this case of Windows Server 2003, which won't particularly appeal to the average joe who's already got a pirated copy of Windows XP.

  61. Windows Update by Andrewkov · · Score: 3, Informative

    I believe it's happened in the past where Microsoft's patches will check for this key and deactivete the product if it's found. So if you go to Windows Update and download the latest service pack, it will disable your copy of Windows, citing a "Warez" key as the reason, and to please contact Microsoft to obtain a valid key. And with all the built in vulnerabilities, your basically forced to keep on top of the updates.

    1. Re:Windows Update by Utopia · · Score: 2, Informative

      The OS was never deactivated.
      Only downloads through windows update was not possible.
      However people could still download patches and Service packs from direct URLs in various technet articles and update their OS.

  62. Glib? by tommck · · Score: 2, Funny
    4) You made a glib comment that hit the MS Bad, OSS good Slashdot button and got modded up


    Anyone else read this as GLib?

    I need a hobby.

    T

    --
    ---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
  63. Re:Win XP Activation by smack_attack · · Score: 3, Funny

    I'm so angry I'm going to maybe go and type about it on the internet and search for a warez key and then I'm going to look at porn.

    WTF?

    ARG WHY ARE YOU SO EVIL MICRO$OFT?!?!

    Ok, and then I ate some breakfast and my vision came back after blacking out last night because I was so angry at microsoft that I drank three liters of rum in an hour straight and goddamn I had no idea there was an ACTIVATION CODE ON THE BOTTLE.

    So now I'm living in a bridge down by the river driking benzene and eating crickets laced in LSD 25. SCREW YOU MICROSOFT. GOD BLESS LINUX!

    --

    Hammer of Truth
  64. This hurts all of us. by stonewolf · · Score: 2, Insightful

    According to the article, Microsoft's responce to stolen activation codes is to make it impossible to apply service packs to software activated with those codes. That won't keep people from using the stolen software, but it will keep them from applying bug fixes and patching security holes in the stolen software.

    Let me say that again. It will stop people from applying security patches to the stolen software. That means that the next big MS worm will have a large installed base of unpatched, and unpatchable, MS servers to exploit.

    This situation hurts every person who uses the Internet.

    Stonewolf

  65. Eggs....Baskets... by 4of12 · · Score: 2, Interesting

    I can hardly believe that Microsoft would activate millions of installations of Windows 2003 with a single key.

    With all the trouble to put a unique identifier on each CD, it seems like it would be little enough hassle to require the user to enter the identifier on the web or over the phone to completely activate the OS. You know, give me your key and I'll give you Your Unique Magic Key.

    Didn't they even read the articles about how all DVDs were encrypted with a single key and got liberated in one fell swoop from that fantastic piece of copyright protection when the key was discovered and made public?

    My paranoid side says it's all a conspiracy to illustrate the perils of widespread piracy/terrorism/hackers (MS has enough cash to take a hit on the revenue loss) so that TCPA/Palladium gets a more receptive audience with lawmakers and the gullible public at large.

    --
    "Provided by the management for your protection."
  66. Re:umm. the devil's own? by MeanE · · Score: 2, Informative

    Oh there is one...you have to leave it running for quite awhile (I don't know exactly what it is doing) and it will create good XP (and office) CD keys.

    Take a look at the register article.

    http://theregister.co.uk/content/4/24065.html

  67. Something I don't get... by nkuzmik · · Score: 2, Interesting

    I understand some of the logic for Microsoft's Product Activation system. I get the whole activation after installation, but what I don't get is the shut-down part. The prog will take a snap-shot of your hardware upon installation. Then if you hardware changes too much it will shut you down. Will the system stay functioning if you make a number of changes over time, or is it just the number of hardware changes that sets it off? Either way, the program will still detect a number of recongized components. So how does it come to the conclusion that it has been pirated? At the risk of anthropomorphizing, until software is installed, it has no awareness. Once it is installed, it becomes aware of the hardware it is installed on. Pirated software is the same way, it is unaware of anything until it is first installed. Then once it is installed, it also becomes aware. All that said, what is the logic that was used when Microsoft decided that if software detects a number of hardware changes, it has been pirated. The best analogy I can think of is a person and their clone. Until you go to an outside source, there both the person and the clone will think they are the original. But Microsoft's deacivation system would be like the original person getting a heart & lung transplant and their immune system decides that they are now a clone. Can anybody explain this to me?

  68. Anyone remember this story? by grolschie · · Score: 2, Informative

    What I find funny is, that it's like this story (urban myth perhaps) about the woman who had a thriving business of disposing of peoples dead pets in a big city for about $50. Other disposal options were too expensive for many people, so she made a stack of cash.

    She would simply buy a cheap and nasty ($5) suitcase for a couple of bucks. Put the dead animal in it, and leave the suitcase at a crouded train station. Of course, the suitcase wasn't sitting there long before someone steals it.....

    You can draw many parrellels of this MS situation here. I guess after 911, this scenario might not be advisable.

    Anyways, the kind of people who rip off proprietary software, are not the types who would actually shell out the mega bucks for it anyways - even if it were no warez or serialz available for them.

  69. Piracy != theft by DaveWhite99 · · Score: 2, Insightful
    The linked-to article keeps using the word "piracy" where the word "theft" should be used. They are completely different things.

    If you repeat a lie enough times, it is eventually perceived as the truth.

    --
    Biodiesel : domestic, renewable, clean, and in the fuel tank of my bone stock 2002 New Beetle TDI
  70. What a change by Unregistered · · Score: 2, Informative

    I used (and i guess still could if i was so inclined) to install NT4 and Office 97 after i lost the keys just by typing random numbers into the keybox. I also still remember my win 95 serial. Now we have these 25 char alphanumeric keys and it's hell if you lose a box. And windows is still pirated. Fail imo.

  71. Is this such a rare event? by kavau · · Score: 2, Interesting

    I'm wondering why this does not happen more often!? This seems to be a really big deal for Microsoft, but naively I would think that such keys are leaked to the internet every day. Or are these keys usually heavily guarded as "company secrets"? Are there stiff fines imposed on the companies if their assigned key becomes public knowledge?

  72. Piracy not really a problem in this case. by TheCow · · Score: 2, Insightful

    I'm not sure about the places were everbody else works, but where I work we have so many oprotunities to no license things correctly, but we do because we are an organization (actually a university). I'm pretty sure that most companies also buy all of their software in good faith, or they at least don't knowingly steal from a software manufacturer. I think the only people that are probably stealing this software are the nerds that put this software on a computer at home because they are willing to pay the $500 to $2000 is costs to legally license Windows Server... It's not like the key codes aren't going to get out there after April 24th... The codes will get out from their OEM customers and the other groups that have product keys that don't need to be activated...

    This whole thing is just free press for Microsoft to help announce their release date. I didn't even know when the release date was and our organization is a Tech Net + subscriber and have the RC2 installed... Maybe my head is just in the sand...