 |
 |
| ActiveWin | Anonymous | Create a User | Reviews | News | Forums | Advertise | Career Portal | Users Online: 339 |
|
|
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
Active Network |
|
ActiveMac |
|
ActiveWin |
|
ActiveXbox |
|
Careers |
|
DirectX |
|
Downloads |
|
FAQs |
|
Interviews |
|
MS Games & Hardware |
|
Reviews |
|
Support Center |
|
TopTechTips |
|
Windows 2000 |
|
Windows Me |
|
Windows Server 2003 |
|
Windows Vista |
|
Windows XP |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
Apple/Mac |
|
Xbox/Xbox 360 |
|
News Search |
|
XML/RSS Newsfeeds |
|
Pocket PC Site |
|
|
|
|
|
|
|
FAQ's |
|
Windows Vista |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows Server 2003 |
|
Windows XP |
|
Windows 7 |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox 360 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
Latest Reviews |
|
Xbox/Games |
|
Fable 2 |
|
|
|
Applications |
|
Windows 7 |
|
IE 8 |
|
|
|
Hardware |
|
Microsoft Arc Mouse (Red) |
|
|
|
|
|
|
|
Latest Interviews |
|
Mike Swanson |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Advertise |
|
Affiliates |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
Sponsors:
Search Engine Optimisation
exterminator
lawn care
Search Engine Optimisation
Search Engine Optimization
Search Engine Marketing
PPC Management
Search Engine Optimization
Search Engine Optimisation
search engine optimisation
Cheap Web Hosting
Webanalyse
online credit card processing
Lenovo Laptops
Text Links
Business Gifts
SEO Services
SEO
Chat
Search Engine Optimization
SEO Consult
Demand Generation Software
Celebrity Autopsies
Network Software
 |
WPA wars resume over WinXP SP1 beta | |
|
||
| Time: 10:55 EST/15:55 GMT | News Source: The Register | Posted By: Alex Harris | ||
|
Here we go again? Shortly after the beta of WinXP Service Pack 1 was released, locking out installations using leaked activation keys, a workaround with what appears to be a replacement key began circulating on IRC. We can therefore look forward to a repeat of the Windows Product Activation wars that were waged during the original XP beta, as crack and block alternate until the product actually ships. At which point, barring the invention of an entirely new and uncrackable system, the final crack will be unveiled. At the moment, the SP1 beta won't install on systems using at least one widely-leaked activation key. The workaround circulating appears to include a replacement key, but given that this could be easily blocked by Microsoft in future builds, its main importance is that it explains a procedure for deactivating the system and entering a new corporate key. Which could even be a genuine one. You never know. | ||
|
Write Comment
Return to News |
Displaying Comments 1 through 25 of 80 Last Page | Next Page |
The time now is
3:40:32 PM
ET.
Any comment problems? E-mail us |
| #1 By kirk26 (229 Posts) at 6/11/2002 11:14:56 AM |
| It's no war really. We easily defeated them in the first round. Now begins the second.... |
| #2 By Cthulhu (709 Posts) at 6/11/2002 11:34:57 AM |
|
There's a simple answer that MS faield to understand when I wrote them about it a long time ago... All they needed to do was keep a listing of all valid keys in a database somewhere, none of which would have been generated by any program, and each is unique, if a key appears to be "in use" more than once, you cancel that key until the user calls in. They wouldn't even need their obtuse hashing system, rather just a simple passing over the internet (or via phone) what the key actually is (encoded or not) and if it's unique, valid, and unused it's approved, if not, then it is instantly rejected and killed.
There wouldn't have been these cracker-jack system key generators or any of that mess as the key MUST reside on MS' server. Then the only way around it would be if someone managed to actually hack the code DLLs so that registration wasn't needed, which is harder to do than just generate a butt-load of valid keys (which is what happens now), or to hack into MS and place a valid code each time (as they would be one-use only, except for Corporate Codes), which would be nigh-impossible; and it's more-or-less secure against the corporate key problem as those are "special" and if the IP address of the requester system doesn't match the owner then the corp key is rejected and nullified until verification can occur. (The only way I see around that is IP Spoofing, and there's nothing that can be done about that.) Include this authentication methodology in every SP or hotfix and eventually you'd get a lot of the fake keys out of circulation and kill a lot of illegal XP systems (and nobody would shed even a single tear for them.) Instead of the above (which is simple, regardless of my heavy-handed attempt to explain it ina short space) they went with the insecure model they designed. Until MS extracts it's corporate head from it's corporate bottom the cracker/hacker will eventually get the upper hand. |
| #3 By JaggedFlame (2581 Posts) at 6/11/2002 11:48:01 AM |
|
"All they needed to do was keep a listing of all valid keys in a database somewhere, none of which would have been generated by any program, and each is unique, if a key appears to be "in use" more than once, you cancel that key until the user calls in."
Wouldn't it take a lot of work to maintain a list like that? And wouldn't it have the potential to create problems where valid users get locked out? Besides, the key generator can generate valid keys as well. This means that it could generate a key that Microsoft already used on a box, which is sitting in a store somewhere... and when someone buys that box, they're the ones locked out, not the pirate. |
| #4 By JaggedFlame (2581 Posts) at 6/11/2002 11:49:29 AM |
| Oh, and as for the checking IP addresses for the corporate edition, I don't think all corporations hook up all machines to the Internet. Some machines wouldn't even have IP addresses. They might have internal IP addresses as well. It would probably just be another inconvenience. |
| #5 By Anonymous (64.230.75.229) at 6/11/2002 12:01:31 PM |
| MS could develop the most stable wpa system then it'd be cracked over again. As for SP1 it's only a matter of time. |
| #6 By TechLarry (3677 Posts) at 6/11/2002 12:01:51 PM |
|
Man, this stuff is SO far out of hand. The man-power and money being consumed by this is probably more than what is being lost in the first place...
TL |
| #7 By sodablue (5245 Posts) at 6/11/2002 12:09:32 PM |
|
Or like in the case of DirectTV... the man-power and money being consumed by this is probably more than what it cost to just buy the product in the first place.
|
| #8 By montanagrizzly (471 Posts) at 6/11/2002 12:21:20 PM |
| There's always the hardware-based solution for protecting software. Long live the "dongle"! |
| #9 By Anonymous (63.242.201.230) at 6/11/2002 12:42:25 PM |
| There are always people who are going to go to great length to avoid buying software. MS can't do much about them. But having to go look for a new hack every time you patch your system will cause alot of people to give up and buy the product (or use something else). |
| #10 By Cthulhu (709 Posts) at 6/11/2002 12:52:22 PM |
|
JaggedFlame asked: "Wouldn't it take a lot of work to maintain a list like that?"
Nah, SQL server could do that, heck, I bet even Excel would do! And to create the keys would not be a problem either, and you wouldn't even need a generating program, you could do it by hand. "And wouldn't it have the potential to create problems where valid users get locked out?" Only if the key codes were in some way regenerateable, if each code was absolutely unique, and wasn't something that could be generated on the fly (by a hack program), and relied not on the equipment in a PC (except see below) but was somehow hardcoded into the installation method (like unique CD serial number) or some such stuff. MS has the resources to do that with ease. "Besides, the key generator can generate valid keys as well. This means that it could generate a key that Microsoft already used on a box, which is sitting in a store somewhere... and when someone buys that box, they're the ones locked out, not the pirate." Not if a keygen couldn't do what was necessary. And not if the caller would be able to proove ownership (not hard to do, really). You might need a special CD burner program that allows for a random or blank key to be inserted. That would require special knowledge and a knowledge of the install process, and that violates many laws (DCMA comes to mind), so protection is already there. "Oh, and as for the checking IP addresses for the corporate edition, I don't think all corporations hook up all machines to the Internet. Some machines wouldn't even have IP addresses. They might have internal IP addresses as well." MS already figured that, that's why a user can call them on the phone. Or they could do with the corp edition that it requires the MAC address instead. Chances are that the PC in a business environment that would use XP would have a NIC already. Then the only way around that is if you would spoof the MAC address. There are cards that let you do that, and my router at home lets me do it too...but that's something that really can't be controlled--like IP Spoofing (until IPv6 is mandatory.) Of course the absolute best method is to make the software not a piracy target (perhaps cheaper would do?) But I can get XP Pro for ~$80 USD. So that's not too bad, but still...(although I can find Linux distros that cost more than that.) |
| #11 By Anonymous (162.114.211.139) at 6/11/2002 1:00:11 PM |
| I don't think Excel could do it, it has a 65,000 record limitation, but Access could. |
| #12 By gosh (805 Posts) at 6/11/2002 1:03:55 PM |
|
This article just rambles on and on...After reading it im not sure what the point was, i didn't learn anything new about wpa. Hell anyone can write a sumary about wpa, this article was worthless. And besides xp sp1 is beta so some stuff like wpa will probably be changed before the final version of sp1.
-gosh |
| #13 By Anonymous (64.80.156.66) at 6/11/2002 1:15:14 PM |
|
#10 The price of XP is currently the issue. At our local computer store it costs damn near 200 bucks! Many people I know are running that leaked XP copy just for the fact they can't afford it. And MS doesn't seem to be dropping the price ever for low-income people. I just can't for the life of me see an OS costing so much. $60-80 for Home Edition and 100-120 for Pro would be reasonable. Especially when you have 98% of the market, you think they could drop the price for the not-so-wealthy.
I'm just as broke as the next guy, but I still would like to use my computer on a stable Windows OS, 2K is great for stability, but as a Home pc for the family, XP is much much better. I just can't afford their pricing. |
| #14 By AWBrian (1944 Posts) at 6/11/2002 1:28:33 PM |
| #13...$200 is chump change compared to Adobe PhotoShop 7! |
| #15 By sodajerk (3382 Posts) at 6/11/2002 1:34:06 PM |
|
Kval, I can MAKE $200 profit in 4 hours owning Photoshop. Owning windows just makes me another sucker. It's amazing how cheap people are--and I'm not suggesting #13 is cheap, I'm saying Kval is. If you don't understand where the value in Photoshop is, you really don't have anyplace buying it or whining about it's price. Go out and buy PrintShop pro or whatever cheapass Windows software will do your bidding. This post was edited by sodajerk on Tuesday, June 11, 2002 at 13:34. |
| #16 By TechLarry (3677 Posts) at 6/11/2002 1:53:00 PM |
|
#14,
PhotoShop 7 isn't a required software package to enable you to run any and all programs you have on your computer. An OS is. TL |
| #17 By Anonymous (212.100.179.125) at 6/11/2002 2:01:01 PM |
|
Do you have Kazaa ? Great ! Now you can get like 15000 unique ID's ;-)
|
| #18 By n4cer (2054 Posts) at 6/11/2002 2:03:59 PM |
|
There are some people that can also make $200 in 4 hours with a copy of Windows.
An OS is a required software package for a computer, but Windows, especially the latest version, is not. You don't have to upgrade whenever MS does. |
| #19 By AWBrian (1944 Posts) at 6/11/2002 2:04:24 PM |
|
What's amazing is that you need an Operating System in order to run Adobe PhotoShop. Hence, you could make $200 profit in four hours which would cover the cost of the OS that you used to create the project in PS.
As for being a cheap ass, is there any reason to call someone names? I don't recall insulting you or taking any stabs at you. Are you always on the defensive? I am a commercial printer by trade, and I happen to own Adobe Photoshop (versions 4 through 7). Not to mention Quark, Serif, Microsoft and Corel products. One print job last week was enough profit to pay for my OS, all of my graphic software and the computers they run on. I spent $129.00 x 2 for two upgrades to my Mac systems for OSX this year, and spent 1 x $99 and 3 x $89 on Windows XP Home for my work system this year. I also purchased two Adobe Publishing Collection Boxes, one for the Mac and one for Windows, which, after taxes cost me $2100 just for those two. The $100 for the OS was pennies when the OS pays for itself in the first day. Not to mention, for personal use, spending $100 on an OS, use WordPad to create a Resume, and get a job will pay for the OS the first week of work. And yes, it is amazing how cheap people can be. Considering Linux RedHat 7.3 Personal is $60.00, Windows XP Home is $99 and Mac OS X is $129.00, I am not too sure who the cheap people are. But what I can tell you is that I would be the last person to try and insult you, or call you a name. I think everyone here can be mature about posting on these boards, don't you? This post was edited by KvalCom on Tuesday, June 11, 2002 at 14:17. |
| #20 By Drestin (158 Posts) at 6/11/2002 2:23:22 PM |
|
Unbelievable.
To everyone whinning about WPA and this latest move by MS - I say: Scue you cheap pirate bastards! You have ZERO right to whine about it WHATSOEVER! You have stolen the software (WHO cares about your reasons? They do not matter. Period) and so you have no rights to it whatsoever in any way shape or form. Period. How come you don't steal motherboards and processors? Oh, because they can track it down to you? Why don't you b1itch about that? To everyone who has a legit copy of XP - WE have absolutely no problem with WPA in any way shape or form. It works effortlessly, privately and doesn't concern us at all. Why should we listen to your poo? XP Pro costs $145 on-line for a perfectly legit copy and XP Home costs about $80. Are you telling me you can spend $400 for a GeForce 4 but you can't afford $80 for the OS to use it fully on? Are you telling me that $120 for memory is cheap but $145 for your OS is too much? How much did that motherboard set you back? $100-150? If you bought your computer premaid you got XP Home included, Pro was a cheap upgrade. If you built it yourself, you saved some money by doing it that way - guess what, that money saved can be partially used to buy a legit OS - and shut you the heck up from whinning to everyone who really doesn't care at all about what cheap broke pirates complaints. Oh, and SO WHAT if it's cracked in 1 day or 1 millisecond - MS didn't design it to be utterly bulletproof - they didn't have to. WPA, cracked and all, still beats the casual copiers - which is what it was designed to do. Many people don't know how to download 50 RAR files, unRAR them to an ISO, burn that, then use a corp key from an .NFO file - 90% of Windows users don't know what a NFO file is, how a corp key would work, how to unRAR or even where to go to find this stuff. Anyway - off my soap box - this is really lame reading about all the moaning about how they made it slightly difficult for everyone to use one stolen key and suddenly have to reactivate using a generated key instead. Big deal, like you are so elite. This keygen is so trivial, it's a brute force random generator - big whoop. When DAMN or CoRE creates one that spues keys out immediately every time it's run I'll be a little more impressed. I earn my pay running W2K and XP day in and day out, I make the cost of XP Pro in an hour so believe you me; one hour of my time to pay for something I make money on the other 45 hours x 52 weeks a year? How stupid do you have to be to not understand that formula. p.s., to every warez dood who runs Pro - get over it, you run pro cause you used Devils own and figured Pro is better than Home cause, well, it's called Pro. Unless you are connected to a domain, pro doesn't really do you sqaut. Grow up, spend the $85 on XP Home and then we don't have to listen to you whine! (or me bitch about it!) |
| #21 By Anonymous (24.55.247.67) at 6/11/2002 2:36:10 PM |
|
"Many people I know are running that leaked XP copy just for the fact they can't afford it. "
Thats the worst argument I've seen promoting the use of stolen software. I can't afford a Porsche but I'm certainly not going to steal one because they are too expensive. If you are arguing the cost, fine argue that its too expensive. But certainly dont state that its ok to rip them off because the price is too much. |
| #22 By CPUGuy (1772 Posts) at 6/11/2002 2:42:25 PM |
|
Of course, you are all missing the point of wpa. It's not to stop pirates from pirating Microsoft's software, it's simply to stop the casual copying that goes on so much... for instance if I had a friend who asked if he could borrow my XP CD.... that's what it tries to stop.
Microsoft both knows and has said that they didn't expect it to stop actual warez junkies, and that they expected WPA to be circumvented very shortly after release. The fact is, though, WPA still has NOT been cracked. |
| #23 By stubear (574 Posts) at 6/11/2002 2:48:16 PM |
|
Here's the solution to the problem. If Microsoft developed the algorithm to create the hash they can reverse it if they need to. If users want to use Windows Update, the WPA is cheched against the user's system components to ensure the hash could have originated from that particular PC. If not then send the user to a web page where they can enter a legitimate WPA or notify the user how they can legally obtain a legitimate WPA.
Alternatively, Microsoft could also check IP addresses. Have corporations register their IP addresses (those visible to the internet of course, not internal ones) and if a user logs into Windows Update with a corporate WPA, check their IP against the list of corporate IPs and if they don't match send them to the afore mentioned web page. While this won't catch ALL the pirated copies of Windows XP, it will catch those lifted from corporations without having to reissue new WPS keys every now and then. |
| #24 By JeffChapnet (412 Posts) at 6/11/2002 3:08:43 PM |
| Begun... this code war has. |
| #25 By Anonymous (151.201.63.4) at 6/11/2002 3:14:16 PM |
| #24....thats the best/funniest post I've ever read at this site...LUV YA! |
|
Write Comment
Return to News |
Displaying Comments 1 through 25 of 80 Last Page | Next Page |
The time now is
3:40:34 PM
ET.
Any comment problems? E-mail us |
