July 23rd, 2002 08:03 AM
Sad news for the XP warez world
Looks like MS has gotten pretty aggressive in the war to stop MS warez. Take a look at this.
It's the price they pay for giving the average user so much grief, i.e ME! I don't use XP corporate yet, but I plan to in the near future, for IIS 5. This feature seems like a good idea for MS but extremely annoying for corporate users who have to deal with this.
Microsoft is planning what could end up being quite a shock for the Windows XP warez world, and what currently looks to be one of the most amazing moves made by Microsoft since Windows Product Activation was introduced.
Currently, Microsoft is in the works of completely rewriting the algorithm for the way Windows XP Corporate keys are generated, and is rewriting the code for Windows XP to recognize this new algorithm. This new code will be an added ‘feature’ of Service Pack 1 due out later this year.
At the present moment, an upgrade to Windows XP SP1 from Windows XP with no SP installation will not give any problems or errors about an invalid CD-Key on a corporate version of Windows XP. This is because the new algorithm feature has been switched off in SP1 upgrades. To get to see this new feature, you would have to slipstream SP1 into the Windows XP installation media and setup Windows. Once you’ve reached the CD-key, no current Corporate Windows XP key (none of the 75 that we’ve tried) will work, as they are all invalid. Even if a corporate key is managed to be found, the chances of it working when SP1 final comes out are slim to none, as Microsoft is rumored to ‘still be working on the algorithm for SP1 for Corporate customers’.
So why is Microsoft keeping this a secret? To put it mildly, they are a bit perturbed that warezers have been able to exploit the corporate edition of Windows XP to completely bypass WPA. They are planning to keep it a complete surprise until SP1 final has been released and shut down as many warez users from using Windows XP as possible. They know if it’s made widely known what they are planning, nobody will upgrade to SP1 until an appropriate patch has been made.
I'm sure a crack for SP1 will be made shortly after its release. Not saying that MS isn't doing a good job, but there are tons of people who love to screw over MS, can't say I blame them, though I don't completely condone warez, I do enjoy seeing a company that releases software with holes some script kiddies can find, somewhat disturbed by the amount of warez that exists of their products.
And as far as patches go, as far as we can guess right now the only patch that is going to work will be the ever popular "Reset" patch. If you slipstream a corporate version of Windows XP as you’re supposed to do, it will upgrade the algorithm. Note that the slipstream patches the DLL files which generate the CD keys, it doesn’t replace them. This is why you cannot slipstream a non corporate version of Windows XP and drop the corporate files in and expect the installation to work properly. Windows also checks for the DLL files version numbers and if they don’t match, errors will be created during install. It could be possible to find these DLL’s, replace the version numbers with those of SP1, and put them back into the installation media, but you’d also have to find a way to replicate the Microsoft signature on the DLL’s as well as the CAB files for setup to actually copy the files to the hard drive.
Geez, that would be rough. So if a small, local company, had a disgruntled worker who stole and published their key, then MS would sue the company? Seems awful wrong to me.
The first thing that comes to mind when thinking about this is that the current Corporate users of Windows XP are going to have to get a new CD-key reissued for their versions of Windows with SP1. Microsoft has decided that the cost of current corporate customers having to get a new CD-key is less that what they are losing in the market of Windows XP being distributed as a corporate installation amongst warez users. Microsoft is also planning to warn those with corporate editions of Windows XP to not let the CD-keys slip into the mainstream. The EULA is going to be rewritten to fit a new type of ‘Corporate release’ and it’s been rumored that if a customers key is to get into the market, Microsoft may take legal action against those consumers.
So I have to watch my XP all day to make sure it doesn't dial some 1-800 number? How would a cable/dsl user protect against that. That feature, if included would be extremely disturbing, I hope that somebody gets a patch out for that pronto. I don't care what they claim it will transmit, I don't trust anybody, and that policy usually works well, but if I can't trust my computer, well, then what do I do? I can't babysit it all day, maybe a new job will be created, computersitter. People who do nothing but watch a computer to make sure it doesn't give MS any info. I wouldn't mind being one of those, if the pay was good.
Another rumor that is running rounds at Redmond is that Microsoft may actually include a type of “Phone home” feature in the corporate versions of Windows XP only. This feature would connect to a Microsoft server upon connection and deliver the IP address of the connected computer and what the Installation ID is. Before privacy advocates begin screaming, realize that if Microsoft was to want to do this, they could very easily make provisions in the EULA that they (Microsoft) have included a feature that makes sure the Corporate edition of Windows XP is not installed on more computers than it’s contract is made out for, and the computers IP address and the Installation ID may be transmitted to a local Microsoft server thought 128-bit encryption. No more information would be transmitted to the servers, and for more information, see the Microsoft Privacy Statement. It’s a possibility, as corporate versions of Windows aren’t exactly tailored for use by home and everyday users, so the EULA could very well be expanded to include such a feature.
Too true, it is one feature we could all do without. But one MS says we will have nonetheless, truly annoying. I hope the decide on something a little less, well, disturbing. Maybe something that is a little less active. Something that will let users opt-out of that phone home feature. The article, though I posted it all, can be found at http://www.betaone.net/archives/00000060.php
As far as activation goes on a legal copy of Windows XP, we slipstreamed our copy and it installed and activated without any problems. The algorithm for normal customers will stay the same apparently. So far, only the corporate version of XP gets the new revamped algorithm feature. It’s one less feature I can do without personally