A tool provided by Microsoft could let people get around a check meant to prevent those with pirated copies of Windows from downloading additional MS software, according to a security researcher.
Bypass found for Windows piracy check
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Its just a matter of time for people to get creative and find away to bypass copy protection. Now let the Microsoft bashing begin!
I couldn’t validate my pc even though it was perfectly legit.
Get an acer with xp home, upgrade to pro using msdn cd’s and confuse the genuinecheck.
bull.
I’m really surprised they didn’t crack this before. Hackers are growing lazy these days
“I’m really surprised they didn’t crack this before. Hackers are growing lazy these days
”
Or well…maybe the hackers find more reason in using Linux than wasting time on pirating Windows 😉
Without pirates, M$ Software can’t spread as wide as it spread nowdays
M$ interested in pirates 
They do some marketing 
And if you consider that time is money, they work for free
>Bad news for you pirates, the game is over.
Since decades people still believe in this fairy tale.
Too bad I tend to download stuff from Microsoft’s download center with a genuine copy of Debian Linux. I guess I’m SOL.
Microsoft is actively promoting a more insecure internet and promoting the use of alternative OSes with free for all updates. Thanks, Microsoft. First they want every windows user to update their OS and keep it that way, and then they block access to updates so that the (very many) illegal windows copies can be turned into spam drones and DDOS bots. Tsk.
Oh well, I guess it’s a sales strategy.
Like Microsoft didn’t see this coming…I’d suspect ulterior motives.
lol i use firefox for downloading and even so, many generated keys will pass the validation anyway.
this will force genius minds to create alternative quality products without wasting time on “copy protection”.
then they block access to updates so that the (very many) illegal windows copies can be turned into spam drones and DDOS bots.
Where did you read that? Updates/hotfixes will remain free…
It is the moral obligation of all people with any computer skills whatsoever to subvert any copy protection they encounter. Selling a license to information (not even selling the information itself) that someone else needs is morally wrong. If your friend needs some info you have got would you withhold it in order to extort money from them? That is equivalent to information warfare. Money should be made from services in the software industry. Services amount to showing users how to exploit the information you have provided for free already, in other words support. Creating a dependance on old ideas is the wrong way to go, and it stifles innovation. I realize that this would mean that the whole software industry would have to change at a fundamental level. That is the point.
[quote]then they block access to updates so that the (very many) illegal windows copies can be turned into spam drones and DDOS bots.
Where did you read that? Updates/hotfixes will remain free…[/quote]
Patience, young padawan 🙂
I see the writing on the wall. It might not be true today..or tomorrow, but the day after will come.
the reason no one has hacked this yet is becuz every less then legit copy of xp i hav seen passes the genuine test to begin with. the only peeple i hav seen that failed it had real copies. how funy is that
[quote]Where did you read that? Updates/hotfixes will remain free…[/quote]
Not necesarilly. Yes, I don’t own a legitimate copy of XP, and I was unable to install SP2 until I found a valid key.. not very hard, but I WAS blocked.
Whatever, anyway I use mostly FreeBSD.
Selling a license to information (not even selling the information itself) that someone else needs is morally wrong. If your friend needs some info you have got would you withhold it in order to extort money from them?
Since you think information should be shared for free, can you please give me the information I need to access your bank account?
I’m no fan of Microsoft, but that doesn’t make it right to use their software without paying for it just because you don’t think you should pay for information. It can be morally justified to bypass copy-protection if you have a legal right to use the software in a way the copy-protection stops you from doing, but it isn’t if you are just doing it so you or others can avoid paying for the software. I would also consider it morally wrong to withhold or charge for information that will save someones life, but software generally isn’t a matter of life and death. So if you don’t like Microsofts licenses, protest by not using their software.
M$ empire exisit only becouse of piracy. The majority of windows copies are illegal in most countries. Many people feel windows is free (as in beer) because they don´t really have to pay for it. It came pre-installed (illegaly) on their (illegaly) imported machines. Or they go to lot´s of places an buy a CD-R for $3 bucks and install the OS (and illegal copies of office, norton/mcafee, and lots of other softwares).
You know, back in the day I used to be all about that… Until I got yellowdog running on my mac at work. I haven’t even considered looking for pirated software since… There’s always a good alternative on the linux side of things, and for those things you can’t do without, (like reason), $200, or whatever it costs is worth it to support the company, really… Just not microsoft.
I’ve found since doing installing yellowdog, i tend to swear much less at my computer than i used to. It’s been very freeing, and my coworkers no longer scowl at me…
@z1xq: Man, what a rant! If you want to benefit from somebody elses work and he would like to see some kind of remuneration for it, this is not “morally wrong”. If you want free software, get Linux. If you want to justify your greed with pseudo-communist drivel, go to siberia.
I hate drive-by spam posts even more than spam email, which can at least be filtered.
If some people are really so against paying for (good) software, why don’t they just settle for something that’s actually free. This is just damn pathetic, no matter what the motivation was.
Love to see how they are going to pull off checking Win 2000 systems. Since there is no WPA in Win2000, best they could do is look for a list of known “bad” keys maybe.
More reason to avoid XP, stick with W2K/98, or….Linux.
My 2 cents worth.
> “Love to see how they are going to pull off checking Win 2000 systems. Since there is no WPA in Win2000, best they could do is look for a list of known “bad” keys maybe.”
Maybe not. By modifying setupp.ini you can make the setup on every Win2000 installation think that it’s a volume license and doesn’t need a CD key.
My corporate copy of XP uses a pirated key, the key passes all legit windows checks. Workarounds have been in place for their system since the debute of SP2. They are just generally not needed. For all intents and purposes, microsoft thinks i have a legal corporate copy of XP Pro.
Does anyone know if this prevents users of Linux and WINE from accessing the site?
I’m no fan of Microsoft, but that doesn’t make it right to use their software without paying for it just because you don’t think you should pay for information. It can be morally justified to bypass copy-protection if you have a legal right to use the software in a way the copy-protection stops you from doing, but it isn’t if you are just doing it so you or others can avoid paying for the software.
————————————————————–I couldn’t validate my pc even though it was perfectly legit.
Get an acer with xp home, upgrade to pro using msdn cd’s and confuse the genuinecheck.
————————————————————–
The fundamental problem is that legit users are getting the raw end of the deal. People that have acquired a license legitimately are getting punished.
Think about XP, when hardware configuration changes, you must re-register (via phone). You only have 3 shots before you have to go onto the registration bandwagon. Any hardware change requires a call to MS.
Keep in mind that their are plenty of people who swap out hardware / upgrade: IE (new hard drive, video card). Not sure about CD-ROMs. Then during the re-registration process, you get questiones like:
1) how many machines is this installed on?
2) are you sure that you only have 1 machine?
3) hom many PC’s do you own?
Guess what, legit users are treated like criminals. It gets old real fast.
Now lets consider where this is leading. MS has enouraged other software vendors to purse the same path. Now imagine how many vendors your going to have to re-register to get your machine back into functional order. The number of apps on your system will dictate the number of calls to vendors. The time on the phone will eventually take longer than the install.
1) Call MS for windows (is it the same number for ms 1office)?
2) Call adobe for photoshop
3) Call Roxio / Nero for CD/DVD software
4) Call Real for their media player
Now keep in mind:
1) Not all software companies will provide 24×7 re-registration support. AKA your going to have to wait for that application to (potentially) function.
2) Companies will have to hire more people for the registration process. This is an additional cost that will eventually raise prices.
I have no problem with companies gettig paid their fair share. But making customer go through this process is insane.
Some suggestions to MS (if your reading):
1) Re-register for a CPU or MOBO change. But not a freakin video card.
2) Don’t push your anti-piracy beliefs onto other companies. Re-registering 50 applications is going to take a week or more (baring any complications).
The expense of running your products is starting to exceed its usefulness. I own a copy of w2k and xp. Hoever, I don’t run xp due to your anti-piracy junk.
The time it takes to:
1) Install the OS
2) Install / download huge Service Packs. (yes i know you can order the cd but alot of people are unaware).
3) Tighten the security on the box because you do not believe in secure by default stance.
4) Now, potentially re-reg’ng all apps on a system.
FYI: creating images of an install is starting to turn into a double edge sword. Now creating images for even minor changes. Is it worth it?
Treating consumers as criminals is not a good business practice.
Sorry all about the rant.
Its interesting to know some of the people who complain about windows and threaten to move to linux; or just troll about how bad windows is didn’t even bother to buy a valid license.
“Still, somebody would be able to generate a key and use it immediately on a PC with a pirated copy, or pass it on to a friend.
‘This is more of an individual method of pirating. We don’t see this as too different from people who take legitimate software, burn it to a CD and distribute it to their friends that way,’ the Microsoft representative said.”
Apparently Microsoft isn’t like the RIAA and doesn’t mind sharing with your friends/relatives. Its only mass P2P sharing with people you don’t even know that they’re after.
Now lets consider where this is leading. MS has enouraged other software vendors to purse the same path.
————————————————-
Yea, this has irritated me. Not that Microsoft was the first, but as far as I know XP was the first widespread consumer product to do this. I only purchase programs that need to be activated if I know before hand there is a way to get around it. My legal copy of Adobe Photoshop, for example, I have a keygen where I choose to register by telephone and then I put in the numbers that I would read over the phone into the program and I get the unlock key.
If I cant have a way to crack it, then I dont buy it. I use the MS Flight Simulator quite a bit and there is a huge community and industry of creating add on planes for it. Almost every quality game requires some sort of activation to use. Due to that and a lack of cracks to get around the activation, I just dont buy it.
I’m not even sure if the activation really stops piracy all that much anyways. Its probably just something to keep the investors happy.
I never said that one could not charge for their work. I said that information should be free….not held ransom. If a company wants to sell a program (information)that is fine, but the source should be provided and the information that I just paid for should then belong to me to do with as I will. Everyone should be paid for their work, but if their job is to “license” information it is extortion. In the next 10 years this will be the standard. The days of closed source are numbered. Oh yeah, I do use Linux.
If you want to own the information you’ve paid for; expect the price you are paying for software to increase greatly. As it stands now, companies recover their investment in program design and implementation by spreading the cost over a volume of sales. If you were to buy the application and complete rights to the source then it wouldn’t be unsurprising if you were expect to pay a large portion of the cost of developing the software.
For instance lets say SoftImage|XSI 4.5 costs about 4 million dollars to develop; in its present price model they sell licenses to the software and support at about 1,000 to 5,000 dollars depending on the features you’re purchasing. They can do this because they still retain complete rights to the idea they’ve spent money designing and testing – therefore anyone who wants the software has to purchase it from them and they can spread their cost of development over a large pool of potential buyers.
Now lets say they had to do things your way: they sell you the software and you get the source code with complete rights to do whatever you want. I’m willing to bet that if this were the case the price of that software would not be only 1,000 to 5,000 because you now have complete access to 4 million dollars worth of development they’ve created and you could turn around sell it as a competing product thus limiting their potential pool of buyers.
So yeah you can want information to be free – but most likely its going to cost you a whole hell of a lot more. Now here is a question for you – as a potential buyer which makes more sense?
Buying a piece of software for a couple of thousand dollars and having the support of that company or paying a few hundred thousand dollars for the program and its source so you can either waste your own productivity implementing features or paying more money for someone else to do it?
Most businesses buy software to allow them to perform their function more efficiently and to hopefully allow them to increase their profit margins. When you see non-IT companies talking about software they mention things like stability; gains in daily workflow ability; support and a close relationship with the software provider for both new features they want and maintenance.
Rarely, if ever, do you see something like “We use this software in our bakery because its license allows us to spend a few days not baking and implementing [or paying some third party to make] a new email server application in case we feel like it”.
I used to use Symantec products for anti-virus and firewall protection. When Symantec announced a strict copy protection scheme for the 2004 series of products, I let my subscription lapse. Copy protection was good in this case, because I saved money. Repeated blog entries in Ed Foster’s Gripe Log (http://www.gripe2ed.com/scoop/section/Columns) indicate I saved a lot more than just money.
I actually purchased every copy of Windows I used. I’m not talking about the version that comes on the computer when you buy it, but the actual, full Windows disk(s) from 3.1 through 2000. That stopped with Windows XP. The reason? The copy protection got too intrusive.
It was the Windows XP copy protection that made me get serious about checking out Linux. Copy protection, in this case, was a good thing, because without it I might never have learned about this alternative.
I value “free,” as in “freedom.” I’ll pay for my own beer, thanks.
In this country for example, there arent any fancy software stores where you can pick up a boxed copy of winxp or office2k3 or doom3 or half life2. Most people browse the web through public cafes since its expensive to own hardware, but those who do,
regardless of their money buy their hardware and go to these hamfest-like fairs to get their verbatim or imation cdr with all their software, mostly win + office. Nobody’s heard of linux, and they probably believe win and office’s official cost is $2.99. And most dont want to switch to
linux or “free” software, mainly ’cause they dont know about them. Even universities pirate software.
Reader wrote: “It is the moral obligation of all people with any computer skills whatsoever to subvert any copy protection they encounter”
Not exactly a biblical translation. Actually “do not steal” would be a more correct translation. If you have to have MS products then you should buy them. Otherwise there are now actually ways to get a sort of free OS and many apps.
You seem to be posting from Peru, although it’s easy enough to hide one’s true IP address. I find your description of the software scene there very “interesting,” indeed.
Clearly, Microsoft has benefited from software piracy to the extent that it has made them the dominant player world wide. I suspect the copy protection scheme in XP, now followed by the Windows Genuine Advantage program, are attempts to convert some of that dominance into cash.
Microsoft needs to pull off something of a balancing act. It needs to make pirating Windows enough of a pain, so that some will buy the genuine article. At the same time they want to avoid driving too many people to the alternatives.
I get the clear impression, Microsoft is still scrambling to find that magic combination for the Third World. Stripped down versions of Windows make no sense, because the full version is still too easily pirated. If a culture like Peru is too accustomed to getting Microsoft products for free, then I see no way for Microsoft to reap significant economic benefit and maintain its monopoly. Thus, I see Microsoft eventually backtracking on copy protection.
That leaves Europe, Japan, and North America in effect subsidizing the rest of the world. Microsoft may not like that, but they may benefit indirectly as a few individuals give back in the form of programming using Microsoft tools, or working in Microsoft equipped offices.
If you are a Peruvian university student running pirated software, you are still a valued, Microsoft guy or gal: an educated person that knows, and is comfortable with Windows and Office.
Yes, I am posting from peru. How did ya find that out? Cool ip scanner, would like to know where to get it. It’s really interesting, specially when comparing it to the US. The only way to get original software here would be to import it from the us.
And theres not an e-buying culture here either. People are not used to buying over the internet, mainly ’cause it’s a hassle, who would buy someting online that takes over 2 months for delivery that can be bought locally? Interesting, that not even those who crack software, the pirates meaning, know about linux. I asked them about linux and they went “What’s that?” They would probably believe miguel de icaza is some soccer player.
They know how to crack every copy protection scheme, i bet when longhorn comes out it will be available here within a month 2 month tops at $1.99, no online activation required. People also here do not browse the official ms site to activate anything, and if ms makes activation imperative then there will be no next window os installed. I dont know precisely about other latin american countries, but i believe it’s probably more or less the same. Maybe in more developed l american countries the situation is different, but it’s really more about the culture than economic status.
The users Im talking about are the computer literate and have money. and they dont know about the cool free pieces of software you can get. Probably ’cause most people here don’t speak english or care to use it, even though there are english academies everywhere.
Yes, I am posting from peru. How did ya find that out? Cool ip scanner, would like to know where to get it.
The “ip scanner” used was the command “whois” plus the IP# from a Linux command line. I entered the number that showed under your posts. I forget if Windows has a “whois” command at the shell or DOS prompt. Such tools are available on-line, too. A standard site is: http://samspade.org/t
Of course, none of that helps much if a person hides their IP address, like I sometimes do. The combination of TOR and Privoxy work well for stuff like that.
How do you hide your IP address??
I won’t go into detail here, but I use TOR and Privoxy:
http://tor.eff.org/
http://www.privoxy.org/
There are versions for Windows, Mac, Linux, and the various BSDs.
cool thanks
“Its interesting to know some of the people who complain about windows and threaten to move to linux; or just troll about how bad windows is didn’t even bother to buy a valid license.”
Well now, instead of discussing something in a rational manner, you imply that some people are functioning as thieves. Your debating skills leave alot to be desired.
” No offense but…
By NotaWindowsLover (IP: —.dhcp.sprint-hsd.net) – Posted on 2005-05-24 17:18:51
My corporate copy of XP uses a pirated key, the key passes all legit windows checks. Workarounds have been in place for their system since the debute of SP2. They are just generally not needed. For all intents and purposes, microsoft thinks i have a legal corporate copy of XP Pro.”
Actually Anonymous, I didn’t have to imply anything – notawindowslover blatantly said he’s using a corporate copy with a pirated key.
The only thing that leaves a lot to be desired is your reading comprehension skill.
Maybe Microsoft created its own piracy. For instance: McAfee distributed its anti-virus software for free then the users had to pay for the updates. It’s a good way to make a software popular.
So MS pirated its own products then later – when everybody uses it – they force the users harder to buy the softwares.
” No offense but…
By NotaWindowsLover (IP: —.dhcp.sprint-hsd.net) – Posted on 2005-05-24 17:18:51
My corporate copy of XP uses a pirated key, the key passes all legit windows checks. Workarounds have been in place for their system since the debute of SP2. They are just generally not needed. For all intents and purposes, microsoft thinks i have a legal corporate copy of XP Pro.”
Actually Anonymous, I didn’t have to imply anything – notawindowslover blatantly said he’s using a corporate copy with a pirated key.
The only thing that leaves a lot to be desired is your reading comprehension skill.
I forgot to add however, i DO have a couple OEM copies of XP pro that are legal, as well as windows 2000, NT4, NT3.5, 98, 95, and a disk set of 95 (upgrade, 13 disks) as well as 3.1 (6 disks.)
I use the corporate version because it doesn’t have the activation bullshit that Pro Retail has. Pro keys don’t work on corporate so you have to use a pirated key as well. Shame…
i got w2k server by buying a book that comes with a 120 day eval copy, and it specifically tells you it is a 120 day copy and to make sure your date is set correctly. DUH! So set it to 5 years in the future and tadaa you have a 5 year and 120 day copy
I at least had to modify the setupreg.hiv file to crack the 120 day limit in the windows2000 pro cds… makes me feel like M$ specifically made the 120 workaround even easier to make sure that everyone who wants w2k server has a copy…IMO