# MS to intro product key check in WinXP SP1 WPA



## John Corn (Mar 21, 2002)

Microsoft has released details of the changes being made in Windows Product Activation (WPA) with WinXP Service Pack 1. As expected, SP1 will fail to install if either of "two well-known pirated product keys" has previously been used to activate the system, and such systems will also be denied access to Windows Update. But the changes will have a far wider impact than this, as Microsoft appears to be trying to cover all currently known holes in WPA security.

Activations taking place after SP1 has been applied (largely on new systems, one presumes) will include the product key in the installation ID. According to Allen Nieman, lead technical product manager i/c WPA, the full key will be sent to Microsoft in an internet activation, while telephone activations will include a hash value of the key, " in order to limit the increase in size of the telephone Installation ID." Nieman says "we should have included this in the Installation ID from the beginning," and now they have.

Full Story


----------



## MarkA (Mar 23, 2002)

These details were released quite awhile ago... I find it odd that it just makes the news now. I think Microsoft is trying to make this known to as few as possible while maintaining they notified the public about it.


----------



## John Corn (Mar 21, 2002)

I guess all them piraters are screwed and will have to go out and buy a copy. Gates finally beat them. 

Oh, wait. No, he's making them spend the 10 minutes to download a XP cd key gen, and change their CD keys.

Or they will go out and get a cracked copy of the service pack?

All MS has done is given the hacking community a project of the week. This will decrease pirating by maybe 1%, if that. Most people who actually have the corporate version (the one where you don't need to call MS and activate), know how to change a CD key...

I'd call it a valiant attempt, but really, it's not even.


----------



## MarkA (Mar 23, 2002)

"Oh, wait. No, he's making them spend the 10 minutes to download a XP cd key gen, and change their CD keys."

One, due to the complexity of the XP key systen, once you get the keygen it takes 15mins-1hr to generate a valid key. But that's not the point. Now the key is tied to activation and Windows Update. That means in addition to XP checking the key is valid, XP now sends the key to Microsoft when activating and MS checks it against the database of keys they created. That's not enough? For people using the corporate or somehow crack the new activation... It also sends the key to Microsoft to reach Windows Update and verifys it.


----------



## James_F (Apr 23, 2002)

Why do you care? If you don't like it download RedHat...


----------



## Steve Mehs (Mar 21, 2002)

> Now the key is tied to activation and Windows Update.


What if the user never performs a windows update? I've only done a Windows update once in 6 years and that was for IE/OE 6.


----------



## James_F (Apr 23, 2002)

Well that not quite true, it only checks to see if you have a pirated key, not who you are. Again it is anonymous, but if you have an illegal key, then you couldn't update. Average users don't have anything to worry about. Most likely this will reduce the cost of software since less pirated copies will be out there.


----------



## MarkA (Mar 23, 2002)

"Again it is anonymous"

WRONG! It is NOT anonymous. It WAS anonymous. Read Microsoft's info on how the new system works and tell me you consider that anonymous Not truly. They now know exactly what copy of Windows you are using, and therefore they may know (possibly, I'm not sure how good Microsoft's records are) the exact store you bought it in and about when you bought it. Now, I'm not sure if MS keeps those records yet, but under the new system they certainly have the ability to.


----------



## James_F (Apr 23, 2002)

Microsoft says they won't use it to identify you. I guess its down to if you trust Microsoft. I'd say they'd be careful since so many people are watching. Again though, you'd only care if you had an illegal copy. If you copy is legit, then whats the problem. If you don't trust Microsoft, why would you use XP anyway. Again, RedHat is for you. (Plus you can use GIMP in its native format )


----------



## MarkA (Mar 23, 2002)

"If you don't trust Microsoft, why would you use XP anyway."

Three reasons:

My nice shiny ATI All-In-Wonder Radeon 7500's video features are far more useful in Windows

My modem only works in Windows (my modem is on my replace list when I can afford a new one)

Games!

- Currently, my setup is a dual boot with Windows XP Pro and Lycoris Desktop/LX Amethyst Update 2 (just installed today replacing Mandrake 8.1). Lycoris Desktop/LX however isn't really my cup of tea (though it looks GREAT for newbies). I'm thinking of buying SuSE 8.0 when I get my Linux compatible modem When I can afford a new modem, Windows will be exclusively for video editing and games.


----------



## James_F (Apr 23, 2002)

Good Luck! :righton:


----------



## MarkA (Mar 23, 2002)

Thanks

PS. For any Linux fans reading this can you suggest a distro? I need something which:

1.) WORKS well, few broken features out of the box (don't mind it being hard to setup. I mind installing 500MB of useless packages as part of a default install)

2.) Doesn't look too much like XP (my main complaint with Lycoris  )

3.) Something fun to use and easy to use on a daily basis (don't mind difficulty of setup)


----------



## James_F (Apr 23, 2002)

Never seen Lycoris Desktop/LX before. Not too bad. I've decided I'm a RedHat man since that is what we use at work. KDE all the way.


----------



## MarkA (Mar 23, 2002)

" I've decided I'm a RedHat man since that is what we use at work. KDE all the way."

That kinda contradicts itself in a way Red Hat used to be strong opposed to KDE (back in the days of RH6). Mandrake started as "RedHat with KDE and pentium enhanced kernel".


----------



## James_F (Apr 23, 2002)

True, but you can have either GNOME or KDE now. Gee an OS with a choice of GUIs. What a country!


----------



## MarkA (Mar 23, 2002)

I know, ain't it great I'm a huge Linux fan. Used it most of the time on class at high school. Very nice OS. Rock solid, very user-friendly (okay, maybe the VERY isn't the most true thing. But neither is Windows. MacOSX is for people who need a truly user friendly system). What's not to like about Linux except support? And unless people start using it, it won't be better supported. Yes, I paid lots of money for XP and I'd rather use an OS I can get for free (or cheap for a boxed set which I'll probably do soon). I bet Bill Gates has a hard time understanding that one That people prefer a free system to his mega expensive one - for reasons other than cost!

Also, it should be noted that the user friendliness of Linux varies a lot. Lycoris Desktop/LX is far more user-friendly that Windows. Mandrake is about the same. Slackware isn't


----------



## Steve Mehs (Mar 21, 2002)

> If you don't trust Microsoft


I may be the only one out there but I do trust Microsoft, I don't like the let's tie IE into Windows and make it impossable to uninstall, idea, but since Communicator is RIP, that doesn't bother me much anymore. At the TiVoForums there was a thread about going entirely MS free, I could never do it.


----------



## MarkA (Mar 23, 2002)

"Communicator is RIP"

While AOL has basically trashed Netscape, you gotta check out Mozilla 1.1 at www.mozilla.org - it's great!


----------



## James_F (Apr 23, 2002)

Mozilla = 1%

Not good news. But that 1% is a powerful bunch!


----------



## bogi (Apr 3, 2002)

I could of sworn there is already an early release for pirates of a leaked SP1 with out any problems for CDKeys.Microsoft has already lost.


----------



## Steve Mehs (Mar 21, 2002)

Correct Bogi, anyone wanna guess what I just found on Kazaa.


----------



## bogi (Apr 3, 2002)

Here is the NFO of Kazaa,They seem to be using a corparate account key.
§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

88""Yb .dP"Y8 Yb dP dP""b8 88 88 dP"Yb 888888 88 dP""b8

88__dP `Ybo." YbdP dP `" 88 88 dP Yb 88 88 dP `"

88""" o.`Y8b 8P Yb 888888 Yb dP 88 88 Yb

88 8bodP' dP YboodP 88 88 YbodP 88 88 YboodP

presents...

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

Windows XP SP1 (c) 2002 Microsoft

§§§§§§ [rELEASE iNFO] §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§ §

§ [ sUPPLiER]: #betas [ rELEASE dATE]: 06.06.02 §

§ [ cRACKER]: PsYcHoTiC [ rELEASE tYPE]: Service Pack §

§ [ pACKER]: PsYcHoTiC [ pROTECTiON]: There is? §

§ §

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§§§§§§ [cOMMENTS] §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§ §

§ Yay! Its Windows XP Service Pack 1 §

§ §

§ Works on both Professional and Home Edition §

§ §

§ THE DEVILS0WN CD KEY AND/OR THIS KEY: §

§ FCKGW (EDITED) WILL NOT WORK! READ BELOW §

§ ON HOW TO CHANGE YOUR CD KEY! §

§  §

§ See http://www.microsoft.com for more details! §

§ Thanks to #betas on irc.betas-online.com for the §

§ original file... §

§ §

§ 1 more thing. PRINT this nfo out. You'll need it! §

§ §

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§§§§§§ [iNSTALL nOTES] §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§ §

§ Read READMESP.HTM for more info... §

§ §

§ Run update.exe from the Update dir to INSTALL! §

§ Do NOT run deactivate.reg unless I told you to do so. §

§ §

§ DO THIS ONLY IF U ARE USING DEVILS0WN WIN XP PRO!!!!! §

§ DO THIS IF U ARE USING FCKGW(EDITED) §

§ DO NOT DO THIS IF U ARE NOT USING WINDOWS XP PRO!! §

§ §

§ Er, its a bit hard... But... Oh well... Here goes! §

§ §

§ 0. Run a system resore to create a new checkpoint in §

§ case you need it. §

§ §

§ 1. Run deactivate.reg to deactivate the current §

§ activation... §

§ §

§ 2. Choose run from start menu and type in this command: §

§ %systemroot%\system32\oobe\msoobe.exe /a to get the §

§ activation screen and go to the second option which is §

§ activate by phone. §

§ §

§ 3. In the new screen choose the option to change product §

§ key, and type in the new product key (your Corporate one §

§ only). K2KB2(EDITED)
§ §

§ 3a. If it brings you back to the prior screen after §

§ entering the new key click remind me later and then §

§ reboot. §

§ §

§ 4. Close that window, reboot your system and enter the §

§ command in step 2 for the second time to verify your §

§ activation , you should see "windows is already §

§ activated". §

§ §

§ 4a. Now install SP1 §

§ §

§ 5. If you have done this wrong or without a valid key §

§ you will not be able to boot. hit F8 and select last §

§ known good configuration §

§ §

§	Thanks to whoever you are for the key and BigFoot for §

§ the tutorial and hot_wired13 for the regfile... §

§ §

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§§§§§§ [gREETiNGS] §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§ §

§ The members of PsYcHoTiC and all those who keep the §

§ scene alive... U know who u are! Special greets to §

§ Storm-FXP and FTP Unlimited... §

§ §

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§§§§§§ [cONTACT] §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§ §

§ eMAiL: [email protected] §

§ wWW: Dun have. And dun want to have. §

§ iRC: #PsYcHoTiC @ ElderNet (if u know where that is) §

§ §

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§

If u work in a game/media/software company, or are someone

that can get us betas or finals of software, or have a

 connection that is at least a 10mbit, or able to provide

dumps or shells, please contact us.

§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§


----------



## James_F (Apr 23, 2002)

Right, but they can block that key as soon as the figure out it exists. My wifes company had to change all their keys since Microsoft identitifed that their corporate key was on the internet. Its easier to change the keys on a few thousand computer than let pirates take over. That key will be dead as soon as someone upgrades to SP1 or uses windows update. As long as you don't do either, you are fine.


----------



## Rick_EE (Apr 5, 2002)

> _Originally posted by Zac _
> * Though they've done so, IMHO, by using unethical business practices and violating the rights of their legitimate customers like myself. *


They may have unethical business practices, but protecting their intellectual property is not one.

They are not violating your rights, you signed them away when you pressed accept on the EULA. (Sticky question if you are under 18)

Don't like it- talk to James_F.


----------

