Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Vista Keygen a Hoax

Posted by CowboyNeal on from the too-good-to-be-true dept.

An anonymous reader writes "The author of the Windows Vista keygen that was reported yesterday has admitted that the program does not actually work. Here is the initial announcement of the original release of the keygen, and here is the followup post in which the same author acknowledges that the program is fake. Apparently, the keygen program does legitimately attack Windows Vista keys via brute force, but the chances of success are too low for this to be a practical method. Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"

10 of 154 comments (clear)

  1. OEM_BIOS_Emulation_Toolkit by ekasperc · · Score: 5, Informative

    OEM_BIOS_Emulation_Toolkit_For_Microsoft_Windows_V ista_X86.v1.0-PARADOXThis has been floating around for a few minutes now, and according to the history of this group, i guess this is a bulletproof solution ..
    But i don't know what will be the impact for online upgrades since i don't use Vista myself.

    1. Re:OEM_BIOS_Emulation_Toolkit by Anonymous Coward · · Score: 5, Informative

      OEM activation works by having OEM identifiers and SLIC table stored in the BIOS and Microsoft then sign a cert per OEM (also required). The softmod uses vista boot manager to spoof flashed BIOS. Patching a VM should be even easier.

      Once again, product activation is only a PITA for legit customers.

    2. Re:OEM_BIOS_Emulation_Toolkit by gEvil+(beta) · · Score: 4, Informative

      Hmmm, I wasn't aware of this. Then again, I haven't been paying much attention to Vista stuff anyways. A few minutes of digging around brought up this site, which looks to have links to modified BIOS files for quite a few motherboards. Pretty sneaky, sis...

      --
      This guy's the limit!
    3. Re:OEM_BIOS_Emulation_Toolkit by Anonymous Coward · · Score: 3, Informative

      Links... PARADOX's OEM emulation tool is out on the various torrent sites. Here is the link from Demonoid.

      Pantheon released a full Windows Vista Ulimate CD with their own activation tool using the same principle. Here is the NZB set (click NZB to download the file) to facilitate downloading from Usenet. Posts are two hours old so they may need a bit longer if you're not using Giganews, Newshosting, etc.

  2. When in reality by Alien54 · · Score: 3, Informative

    The 25 digit key is in base 36 (0-9 plus A-Z), providing 8.08281277e+38 possible keys, without accounting for various error checking and validation schemes

    --
    "It is a greater offense to steal men's labor, than their clothes"
    1. Re:When in reality by jrockway · · Score: 2, Informative

      > If a 100 millionth of all possible keys will work, then you will have to produce, on average, 100 million keys before you hit one that works.

      Actually, it's 50 million on average.

      --
      My other car is first.
    2. Re:When in reality by solitas · · Score: 2, Informative
      The 25 digit key is in base 36 (0-9 plus A-Z), providing 8.08281277e+38 possible keys, without accounting for various error checking and validation schemes

      Actually, there should be a lot less than that since some characters are always letters and some characters are always numbers.

      --
      "It's time to take life by the cans." ~ Bender ("Bendin' in the Wind", ep. 3-13)
  3. Might not even have to validate keys at all anymor by gd23ka · · Score: 5, Informative

    I see no reason why they even have an algorithm to check whether
    a key is valid before submitting it to their server for signing.

    If I were them I would do what prepaid mobile phone has been doing
    for years: generate completely random keys and at the signing server
    end just check if that key is in the database and if it's not already
    used. If that's the case then all they would have to do is sign the
    key and the computer configuration and return that to the client code
    that would in turn check if the signature is valid.

    That way there would be no way to brute force keys because they have
    control over the validation server and can put a stop to that and there
    is no key validation code exposed from which someone might derive a
    key generator or at least get hints at how the keys are distributed
    in key space.

  4. Re:People lie on the internet? by secolactico · · Score: 2, Informative

    My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?

    Uh? Never heard of that hoax. Is there any reference on the web? A cursory google search turns up nothing.

    --
    No sig
  5. Done smart is NOT DONE AT ALL by Vryl · · Score: 2, Informative

    Work out the size of the keyspace.

    When you have done that work out how long it would take if you used every computer in the world.

    Express it in terms of billions of years, and compare it to the lifetime of the sun.

    Then get the cluestick and hit yourself repeatedly on the head.