Slashdot Mirror
Single Verizon IP Address Used For Hundreds of Windows 7 Activations
An anonymous reader writes with this story from TorrentFreak: A presumed pirate with an unusually large appetite for activating Windows 7 has incurred the wrath of Microsoft. In a lawsuit filed [in] a Washington court, Microsoft said that it logged hundreds of suspicious product activations from a single Verizon IP address and is now seeking damages. ... Who he, she or they are behind address 74.111.202.30 is unknown at this point, but according to Microsoft they're responsible for some serious Windows pirating. "As part of its cyberforensic methods, Microsoft analyzes product key activation data voluntarily provided by users when they activate Microsoft software, including the IP address from which a given product key is activated," the lawsuit reads. The company says that its forensic tools allow the company to analyze billions of activations of software and identify patterns "that make it more likely than not" that an IP address associated with activations is one through which pirated software is being activated.
This great piece of history still rings true today:
http://en.wikipedia.org/wiki/Open_Letter_to_Hobbyists#/media/File:Bill_Gates_Letter_to_Hobbyists.jpg
Many here should read, learn, and abide...
Probably a single shop selling pre installed M$ apps and O$s or possibly a legit shop doing repairs and a bad tech who is not using the customer's licence information because it is "already installed on their machine" or some such.
Oh, sorry. Was I not supposed to do that?
Makes me wonder if this is a proxy, a Tor exit node, or some other form of gateway through which hundreds or thousands of PCs get some kind of Internet connection through.
On the other hand, my work has 30,000+ computers that communicate through no more than ten public IP addresses, so if we weren't using a corporate solution for Windows activations then we might pop up in much the same way.
Do not look into laser with remaining eye.
"It's easier for our software to compete with Linux when there's piracy than when there's not." -Bill Gates, Fortune Magazine, July 17 2007
How exactly does that work?
I thought Microsoft's online activation system was designed so that you couldn't register a single key on more then one machine, something or other wouldn't check out and the system would reject you (ie, different motherboard/BIOS UUID, etc). If the Windows 7 installations were "activated" from that IP address, does that not mean that Microsoft was actively allowing those systems to be activated in the first place, and that their serials were therefore legit?
I understand "one key, many IP addresses" as being suggestive of licence violations, but why would "many keys, one IP address" be?
You are not alone. This is not normal. None of this is normal.
Could it be a small computer business shop that did windows activation on the behalf of their customers?
IP address is part of the
product key activation data voluntarily provided by users
Ahhh. This must be some strange new usage of voluntarily, of which I was previously unaware.
Recycle PCs and build a wireless community network www.hillsborough.org.nz
I thought they didnt look at taht?
Haha, IP Addresses are people now too
This makes me wish I had gone to law school. I scanned the .pdf. It seems that some kind of investigation by FBI or someone similar is appropriate before filing a lawsuit. M$ makes a terrible leap of logic with all this crap.
Here's my thinking:
1) you can make changes to your system which at some point will cause Windows to re-authenticate. I think most of us know that.
2) Windows (and most software these days) is full of bugs. A software bug could cause a Windows computer to believe it needs to re-authenticate, and it could do so very often. I've seen many 3rd-party drivers and apps cause all kinds of craziness (we all have, right?) There could even be some kind of malware causing this. It is possible.
M$ should be fined big $ and put on notice if this turns out to be something other than piracy.
User is using a fresh vm image on boot snapshoted before activation.
Does the Seatle public library offer free WiFi without a login?
If so then I would bet a lot of people go there to activate Windows illegally, to avoid getting caught.
If not then a Starbucks in the urban center.
In any case I am curious exactly what it is.
Wrong, its really verizon.
Maybe he's an empathetic Canadian hacker and didn't feel right using pirated windows botnet without at least activating ;)
I don't know about that account, but I do know that at my workplace tons of legit copies of windows 7 have started complaining that they are invalid copies. Clearly Microsoft has issues with their authentication procedures.
I'm going to make sure I visit more friends more often and 'borrow' their wifi, spread it around a bit.
http://en.wikipedia.org/wiki/Gary_Kildall
I don't see anyone who did the core work on the early operating systems nearly as rich as Bill Gates.
Pot. Kettle. Black.
maybe it's a single windows machine riddled with some virus
Nullius in verba
Appears to have been originated from Murietta, Riverside county, California.
* It sure isn't a TOR exit node (because Microsoft would have reported others and TOR tends to rotate exit nodes with each timely use).
* It isn't likely to be a residential node (due to static IP assignment) unless they too paid for static IP addressing scheme.
* LSANCA in the domain name found during traceroute implies San Jacinto, probably Sodoba Casino.
https://www.robtex.com/en/advisory/ip/74/111/202/30/
I'm not sure noticing massive re-occurrences of the same IP address really counts as using 'forensic tools'.
Microsoft has lowered the expectations of the whole of human civilization.
Probably ran a Windows inside a VM resulting in multiple activation.
You'd think it would make more sense to simply shut off the "suspicious" activations for a given IP before they got to hundreds. That would seem to be a whole lot faster, easier, and cheaper than filing a lawsuit. (Let's do the math: 200 copies times maybe $100 each = $10,000.)
For comparison, I recently installed a new website using Wordpress, which I'm relatively new to. I got the excellent "Wordfence" security plugin running early-on, which uses a default limit of 20 failed logins within 5 minutes before it bans an IP. My new site evidently got attacked by a botnet (I assume) a few days later because there was a burst of 14 failed logins within the span of a few minutes, each one from a different country. The logins were pretty-much a tour of the ragged edges of the Internet: they came from Russia, India, Mexico, Brazil, Thailand, Belarus, Vietnam, etc. When all that failed because I had used an obscure admin account name and a strong password - and because Wordfence shut all those IPs down - the botnet evidently gave up.
Though a limit of 20 worked fine, even that seems like more than is necessary to allow normal/legitimate login failures, so I might lower it. I certainly wouldn't raise it to 200. Or file a lawsuit about it.
Why wasn't Verizon subpenaed for the identity of the lessees of the IP and named in addition to the Doe's? Additionally, how does John Doe (1-10) defend against process that hasn't been served, how can a court try a civil case in absentia?
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Interestingly enough that IP seems to lead to city property and perhaps even the LAPD
(via map software available from Verizon here: "https://db-ip.com/74.111.202.30")
Anyway the IP seems to originate on Spring and west 1st in LA.
I didn't believe it but I actually went on Google street view and sure enough it the LAPD building there as far as I can tell.
At the same time it is also true that Microsoft is famously tolerant and encouraging of software professionals. Offering software at cost (like offering me Office 2000 for a hundred bucks, way back when), providing dev tools and beta products for free or close to it, and tolerating staggering levels of out-and-out piracy...in the interest of having their products used by a truly large sample size.
If it wasn't for Microsoft, we would still be on mainframes and mini-computers. Paying jacked up prices. For crap, frankly.
The only part of the Microsoft game I don't care for is trying to ship old wine in new bottles (i.e. every version of MSOffice since 2000) and especially the force-marching of us to a worse product (the downward progression away from XP). With XP, Microsoft could have created a decent 64-bit version. They could have given us (essentially) unlimited RAM usage on 64-bit XP. And they could have left it to us to decide when to move on to a product...IFF we thought that product was better. But then they would have had to make a real effort at making future Windows products truly better.
I come here for the love
He bought so many licenses! What is the problem with that? If I was to activate my own copy all day multiple times, I had to phone it after the 5th attempt I think, so I assume those were all different keys, but that just means someone has either stolen or bought that many. Either way, first thing to check is Microsoft's own database, see if those keys were legit or still not handed out to anyone.
If you can't reinstall it 100's of times until it starts working, what else are you supposed to do? Pay Microsoft for support, that smells like anti-trust to me.
“Common sense is not so common.” — Voltaire
A small shop installing *legal* windows 7 onto PCs would be a normal explanation and would be a single IP with many activation. How the heck do they come to "one IP+many key==pirate" ? A pirate would activate only 1 key. In fact it would be more like 1 key+many IP.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
using Windows 7 instead of Windows 8.
probably that copy of windows azure the little system looters kick to you when they think your a threat to the chips and card counting.
Someone at Verizon give the White House this IP!
The verizon IP address is located in California, USA. Traceroute is showing it as in Los Angeles.
http://www.ip2location.com/74.111.202.30
8 305ms 286ms 299ms B200.LSANCA-LCR-21.verizon-gni.net [130.81.209.255 (US|CALIFORNIA|LOS ANGELES|VERIZON ONLINE LLC)]
9 * * * Request timed out.
10 203ms 201ms 193ms static-74-111-202-30.lsanca.fios.verizon.net [74.111.202.30 (US|CALIFORNIA|LOS ANGELES|VERIZON ONLINE LLC)]
However, it could be a machine infected by malware or Tor exit.
Could it not be a computer repair shop or something of the like? I know we've activated Windows 7 hundreds of times in our shop. Those activations would most certainly be coming from the one IP. What makes it suspicious? Did they use the same key each time?
Most of the *ahem* "activation workarounds" i've seen use a mini-KMS server which as far am i'm aware takes the "communicating with Microsoft" out of the equation.
so they can accuse me of piracy when installing it on the same machine a few times.
Voluntarily?
I'm pretty sure that no Microsoft product I've ever activated has asked me whether or not I wanted to provide activation data.
Even if they did, it would probably be pretty useless. Everybody I know always click "no" to those requests, even when it's to their own advantage to send the data (people click no to sending error reports, even when I tell them that those do get looked at, and MS even has a system that checks for known problems, which will give you a link to the update that fixes the problem).
http://74.111.202.30:4567 requests a username and password for an ActiontecBHR router.
https://db-ip.com/74.111.202.3...
Seriously, someone is pirating hundreds of machines. Then what? What the hell is someone doing with hundreds of Win7 loaded PCs?
Isn't it possible that the fucking activation is bollocks? My Win7 insists that it's bogus after it's been on for more than 6 hours straight. And it stops saying it's illegal if I open the activation tool, click cancel (or something, I've not cared about it's whining for years now), it definitely IS valid. But next time I boot up, a few hours later, "This version is not genuine" turns up and a nag screen when opening Wordpad I just click cancel on.
Activation is fucked.
It's a load of bullshit too.
But if it's fucked for me like this, no doubt it's entirely possible these "hundreds of suspicious activations" are just their stupid fucking activation being a pile of crap that demands you PROVE your innocence, then RE-PROVE it every time. As if somehow your purchase is anulled by some time travelling troll deleting your purchase order in the past.
I am not a Pirate! I installed one copy of Microsoft Windows on single computer.
It took like 50 attempts to run the installation again and again untill it booted without crashing. Then the Windows Update. It goes for hours, and then it tells me to restart to complete the update. But it won't start again. So, now i have reinstall the windows again. From where i started couple of days ago. Now i activated another 50 times. And now there are the Drivers to install. Another 5 days and 50 activations (thanks to nVidia).
In the end i only have one computer with one copy of Microsoft Windows, and it still sucks.
How about "Carrier Grade NAT"?
I think we'll be seeing more of this, going forward.
Wow, it's not like every PC has a non shared T1 running direct to Mickeysoft.
I am the unwilling control for my Origin.
It's a store that pre-activates Windows on your new pc, for your convenience.
no, I don't have a sig
From a Slashdot submission last year (OK it was one of mine, but that is NOT the point!):
Four people accused of sharing illegal copies of the movie "Elf-Man" persuaded a federal judge there is not enough evidence to support copyright infringement claims against them. ... make factual contentions regarding an Internet subscriber's infringing activities based solely on the fact that he or she pays the Internet bill," Lasnik wrote in the order.
Elf-Man LLC, producer of the direct-to-DVD release "Elf-Man" sued Eric Cariveau et al. in Federal Court a year ago, accusing them of sharing a peer-to-peer file of the movie.
Elf-Man claims the defendants illegally copied and distributed the movie online.
"Despite the industry's efforts to capitalize on internet technology and reduce costs to end viewers through legitimate and legal means of online viewing such as through Netflix, Hulu, and Amazon Prime, there are still those that use this technology to steal motion pictures and undermine the efforts of creators through their illegal copying and distribution of motion pictures," Elf-Man's attorney Maureen VanderMay wrote in the complaint.
U.S. District Judge Robert Lasnik granted Elf-Man's motion to initiate discovery on the IP addresses of defendants, but noted that "the risk of false positives is very real."
"It is not clear that plaintiff could
Elf-Man named 18 individual defendants in its first amended complaint. A default judgment was ordered against two of them; claims against the Doe defendants were dismissed. Claims against four other named defendants were also dismissed on the grounds of their implausibility.
Source: http://slashdot.org/firehose.p... (news for nerds, my arse!)
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
DAZ activator is cleaner and does not report you by trying to activate.
Do not look at laser with remaining good eye.
I've activated at LEAST 150 to 200 Windows 7 keys on my IP in Australia over the past 3 years (re-building one of my 4 machines regularly, friends and machines I also sell)
There's only ONE thing which Microsoft should be focusing on here.
IS IT A VALID KEY
Period, that's it - is the key valid? Not being used a second time? Yes or no, period. Doesn't matter if he or she activates 1 or 1000 codes, for fucks sake.
Oh! It was optional to provide that info?
"Consensus" in science is _always_ a political construct.
long lost Microsoft activation server?
i think windows 7 pirated version is activated with a freaking activator, i beleive activates every version, having a single ip runing some kind of pirated service to activate windowses would make sense on 8 with kms servers and all that bullcrap, but then again that would be like 2 computer tops since no one uses that turd operating system. But in seven you get the loader and thats IT, and i think you dont even have to be online for it to work. Next time i activate windows 7, and it will be a next time because 8 and 10 are turds, i will try to use the activator with the ethernet cable disconected just to see if it works, but i have the feeling it works fine
"GEM ... was pig awful, but better then Windows at the time."
GEM worked. It ran Ventura Publisher. I had investigated previous typesetting platforms; they cost $1.4 million.
The 1st version of Windows was just a toy, a dishonest suggestion that Microsoft should get respect, in my opinion. The second version of Windows had problems with fonts.
Far later, Windows 98 had an unstable file system.
MIcrosoft makes more money if its products have flaws.
# nslookup microsoft.com
Server: 75.75.75.75
Address: 75.75.75.75#53
Non-authoritative answer:
Name: microsoft.com
Address: 74.111.202.30
100s does not mean much if this IP is a corporate gateway. In a campus with a dedicated gateway/proxy one may observe just such behaviour. Now if it is a continuous stream of registrations things change. In any case $soft may well enough research it just to see what is hidden behind it and quite frankly I would like to know too to see if my non-assumption is correct. Regards .A.
Hundreds of copies! If I activated mine copy more then 3 times a year I had to call that stupid 1800 number to get the dam code.
It never ceases to amaze me when M$ has their little astroturfers revise history to show M$ in a positive light and that they were the reason for the microcomputer revolution just as they have for the Internet Revolution. M$ not seeing the potential for the internet is quite similar to Bill Gates assuming no one will ever need more than 640k. It was Netscape that were the true pioneers of the Internet revolution and now Netscape is Firefox. Now the M$ addicts are claiming otherwise by listening to the astroturfers from M$ and now claiming it was Internet Exploiter that revolutionized the internet just as Windoze revolutionized the desktop. M$ will do anything they can to try and stay relevant even when free software can do anything non-free software can do, and more. It is time for M$ to be afraid, very afraid as their attempts to revise history will backfire.
--
Friends don't help friends install M$ junk
Friends do assist M$ addicted friends in committing suicide.
Indeed there was an entire revolution away from the large data center mainframes and minis toward desktop/workstation environments. If MS hadn't done what they had, Apple was doing it. The Lisa came to market before the IBM PC did. And other, better operating systems were available for the 808x architecture before and after MS-DOS.
1980: Xenix (licensed by MS from AT&T)
1981: Pilot (originally used on the Xerox Star and which provided ideas for MacOS),
1982: QNX
1983: Lisa, Coherent, GNU, SunOS, and DNix
and many more: http://en.wikipedia.org/wiki/Timeline_of_operating_systems
I have a computer repair business with a non-static but rarely changing IP address. We sold and activated Windows on at least 100 desktops last year and had to reinstall Windows on probably about 50 plus activate them. So if they think 100 is suspicious, they're idiots.
He's probably a TOR exit node....
Probably an exit node for Tor being run on Verizon.
I cut my teeth on Applesoft BASIC, but I used only the integer subset; the floating point was too demanding, although now I don't recall why. Whether it ran too slowly, was too resource intensive, or-- probably-- was too hard to program and debug. I did some home accounting/budgeting, but did it all in pennies rather than dollars, and avoided division operations.
And that was a brilliant idea.
Floating point can have weird rounding errors if you don't understand clearly how they behave. (see here for an example).
Using an integer number of a smaller unit (pennies) is better in those cases, and "LONG" data type can still represent a big amount of pennies for your situation.
Several real-world finance software do actually use the same approach (a integer "BIGNUM" of a small unit, instead of floating point).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Recently having had my former system "burn out" finally after 8 yrs. or so (Core I7 920), I purchased a NEW one (Core I7 4790k). The NEW mobo (ASUS as usual for me) has no CD-Rom based on older IDE technology (for the cabling slot). Only SATA 1/2/3. My ONLY CD or DVD (reader or rewritable etc.) here of a couple aren't SATA. So, knowing Windows can "pick up on" NEW hardware by simply reusing the existing OLD setup, I plugged it in, & Plug-N-Play picked right up on it (only signalling that it found new drivers for the new hardware, mainly the onboard video, since my 800 watt NEWER power supply I used in my last system was to power the NVidia GeForce 470 GTX I had. That PowerSupply only has a 6-pin power shunt for the CPU though, vs. the NEWER motherboard only having 4-pin slot for it... I was 'stuck' being unable to bootup, BUT, I had an older 4-pin 400 watt power supply from a long older system I kept around (glad I did, so I got around it, but can't power up the NVidia card due to only 400 watt PS capacity - no biggie: I use the Intel onboard CPU video for now @ least)).
* In other words: What IF some tiny shop is 'testing' that way, using an EXISTING OS disk to do mere setup & testing of what they sell, possibly online even, since I even paid for a pre-testing of this mobo, with the CPU sent me already mounted etc. with heatsink etc.?
I mean, hey - it's possible this IS 'innocent enough' on THOSE grounds alone... but, iirc (& you 'hardware heads' can 'set the straight' if you wish), Windows HAS LIMITS on the number of times you can 'flip' an HDD with an ALREADY existing OS setup' into a NEW system as I had to do (due to no IDE/EIDE etc. CD-DvD reader/writer here) - so, I *could* be "off" here - only offering possibles really (when hardware hasn't been my 'forte' since the early 1990's)
APK
P.S.=> In ANY event? It's why I wasn't here for a few weeks (2++ or so) - that, & doing 'spring cleaning' + maintenance of things too (it IS "that time of year" & what-not) - I am just happy "PnP" worked SO well, & that this NEW system is literally, around 50-55% FASTER easily on MOST tasks too (made it worth buying, which happened only 3 months before I planned to anyhow - as I buy NEW stuff, usually far better too per the trend over the decades now, only every 5-7 yrs. typically)... apk
Phen375 Review also contains caffeine that is responsible for increasing the energy required
for the calorie burning process. The Capsaicin is an ingredient that is essential for
increasing the blood flow in the body and for supplying you cells with sufficient
oxygen to perform the task needed for weight loss. All these ingredients combine
perfectly to enable you burn the extra calories without forcing you to sacrificing
your diet or food. The last ingredient, Sympathomimetic Amine helps to trigger the
sympathetic nervous system resulting in the production of Norepinephrine which is
responsible for increasing the metabolic rate.
http://iphen375review.com/
Cyberforensic methods? Yet they allowed the activations? Surely the activation shouldn't work if it's a pirate.....
Yes, I do.
One story: Corrupted PC's Find New Home in the Dumpster (July 17, 2005)
Most people don't have the technical ability or time to deal with computer problems. They buy new computers. That makes more money for Microsoft, because Microsoft get the full wholesale price again, even if the new computer has the same Microsoft operating system version.
Also, I wrote this article that discusses the conflict of interest: Microsoft Windows XP "end of life": Conflict of interest.
Hell the Commodore Amiga's DOS was FAR superior to MS-DOS. The ONLY reason Microsoft's stuff became more popular is because they were better at marketing and at "lock in" than anyone else. The Amiga was a FAR superior OS than what Microsoft had at the time. Hell the AmigaOS was doing Preemptive Multitasking when Windows was trying to still figure out how to do Task Switching properly! Hell Commodore even GAVE out to the public domain their intuition library - which was their multitasking library. Bill Gates cr@P for software is still JUST THAT CR@P! Look at the leaps and bounds Linux has made in the past decade alone. Heck Microsoft was turning a blind eye to the piracy of early versions of windows for the SOLE reason to get as many people using it as possible. Once they had the monopoly and and run most of the smaller players out of the market THEN they started clamping down on piracy of their software!
F* Microsoft!
The Truth is a Virus!!!
Naval Surface Warfare Center Corona Division.
It is in the service area and could be the fixed address
of some tunnel for security purposes. Simple google proximity
search no direct personal knowledge.
This topic could get very very quiet.
Truth is stranger than fiction, but it is because Fiction is obliged to stick to possibilities; Truth isn't. Mark Twain.