Vista Activation Cracked by Brute Force

Bengt writes "The Inquirer has a story about a brute force Vista key activation crack. It's nothing fancy; it's described as a 'glorified guesser.' The danger of this approach is that sooner or later the key cracker will begin activating legitimate keys purchased by other consumers. From the article: 'The code is floating, the method is known, and there is nothing MS can do at this point other than suck it down and prepare for the problems this causes. To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing.'"

MS would owe at least the key

[yagu (721525)]

From the article summary:

To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing.'

I don't see how this is possible, or credible speculation even for a company a evil as MS is perceived on slashdot. I'm no MS fanboy, but I've had reasonable "service" from MS on issues of keys to activate my machines under some unusual circumstances.

This may get sticky for MS, but for goodness sake we've got to find better bashing material on MS (and I believe there be plenty) if we want to maintain any street cred. There's no WAY MS won't be giving license keys to legitimate purchasers of XP (especially considering the vast majority are pre-activated shelf-delivered versions).

(Aside: pure speculation on my part, but one of the most glaring weaknesses of this "claim" may be the notion of brute force, and that that is even a possible approach. Most validation handshakes require a reasonable length of time between attempts to circumvent brute force attacks... if it takes one second between attempts for billions of combinations, you're going to eventually be activating an obsolete OS. Further, after 3 or 4 incorrect attempts, any validation scheme worth its salt will quiesce for some longer inconvenient time... requiring a "cooling off" period before one can make further attempts. This story falls under the heading of "I heard someone say they knew someone whose sister's brother has figured out a Vista activation hack..." Sigh.)

Re:MS would owe at least the key

[DJCacophony (832334)]

Any customer who gets their key "stolen" by this program can just take it back - Vista comes with several activations on the same key. Once the customer uses the key, the previous user of it will eventually be required to re-activate.

Re:MS would owe at least the key

[catch23 (97972)]

Unfortunately most of the users of their new operating system will eventually be corporate users. And I'm fairly sure the company is not going to put up with re-activation every few days because a bunch of users in China are stealing their keys. So either the company will ditch the new operating system (bad for microsoft), deal with it (a serious pain for the company), or ask microsoft for a pre-activated key that cannot be reactivated (more trouble for microsoft but saves everyone's butt).

Re:MS would owe at least the key

[GIL_Dude (850471)]

Business users (at least large ones) won't be using Retail media on many machines. Since this is a crack for retail there would be no effect on people using MAK or KMS validations as the majority of corporations would be doing. (Yes, I know that for those few corps that want to use Ultimate on some of their machines this could be an issue because Ultimate requires retail activation). However for VL (Business and Enterprise versions) MAK and KMS would be unaffected.

Re:MS would owe at least the key

[PitaBred (632671)]

So wait... Microsoft is requiring you to run a server just to run their fucking operating system? It adds NO value whatsoever to the company using it, yet takes their electricity, time and resources to maintain? Does that sound absolutely asinine to ANYONE else? Wouldn't a CTO/CIO be slightly annoyed at having to allocate extra resources just to run an operating system whose only real function is to allow the real work to get done?

Re:MS would owe at least the key

[deathy_epl+ccs (896747)]

So wait... Microsoft is requiring you to run a server just to run their fucking operating system? It adds NO value whatsoever to the company using it, yet takes their electricity, time and resources to maintain? Does that sound absolutely asinine to ANYONE else? Wouldn't a CTO/CIO be slightly annoyed at having to allocate extra resources just to run an operating system whose only real function is to allow the real work to get done?

Your assumption here seems to stand on rather shaky ground, though... I'm sure that you can run more services than just the authentication mechanism - I would expect that you'd probably want to run the license authentication service on your domain controller or something similar, unless you're in a really gigantic shop.

Re:MS would owe at least the key

[deathy_epl+ccs (896747)]

How is it any different than needing a corporate license server for Autocad, or Rational, or any of the other software commonly licensed this way on the corporate level? It's not like these license servers are terribly difficult to maintain.

I think you imagine the maintenance to be a lot harder than it really is. Maintaining a single license server has, in my experience, been easier than maintaining hundreds of keys individually.

Re:MS would owe at least the key

[PitaBred (632671)]

But those programs you listed actually DO something tangible contributing to the business, rather than just being there to enable OTHER programs to work. If AutoCAD license were essentially forced on companies, then I'd be upset in the same way. But now to just get basic "turn my computer on and use it to run other programs" functionality, you now need yet another service (or perhaps entire server) eating up network bandwidth and administration resources, because they're the de-facto standard due to monopolistic tendencies?

Re:MS would owe at least the key

[DJCacophony (832334)]

Yes, I believe it is every six months, as that is the interval by which Windows Vista retail must be re-activated anyways.

Sit down, son. (I might have known your mother)

[Beardo the Bearded (321478)]

Read the "Surviving the first day of Windows XP".

Quit downloading everything in your email. If you don't recognize the name, delete it.

Don't click "Yes" to every security certificate. You should accept Microsoft's, and that's it.

You don't require new cursors or smiley programs for your emails. The new "Hyper-Exelent Surf 3000 Toolbar by Lucky 88 Company" is not going to make your life easier. Likewise, if you want to know the weather, look outside or in your local paper.

PC Cleaning programs from pop-up ads don't work. Actually, anything advertised on the Internet should be considered fraudulent. (Yes, even "those" pills. They're just bull semen and corn starch.)

Get your programs from sourceforge, not from the first link on Google. Make sure that Spybot and Mike's adblocking are installed on your machine.

The people who write viruses have anti-virus programs to test their work on.

For the sake of whatever god you believe in, get a hardware firewall!

Run ShieldsUP! from grc.com to make sure that you're invisible.

Re:MS would owe at least the key

[cswiger2005 (905744)]

Once Vista sets the activated flag, does it actually check for revocation of activation at some prescribed interval?

Why, yes. Rechecking the activation key against an updated list of revoked licenses takes place as part of the periodic updates to "Windows Validation" delivered via Windows Update. In practice under XP, this happens every month to every few months. Depending on your settings and whatever the future might bring, it might well be the case that machines will be checking for updates & possibly re-validating themselves every week.

Re:MS would owe at least the key

[AlHunt (982887)]

Why, yes. Rechecking the activation key against an updated list of revoked licenses takes place as part of the periodic updates to "Windows Validation" delivered via Windows Update.

I am *so* glad Linux has evolved to the point it is today. I still have an XP partition and probably will for a while, but why MS expects people to keep putting up with this "phone home" behavior is beyond me. XP still handles ACPI better than Linux, but I'm happy to trade off a little convenience for control of my own machine.

phoning home

[rucs_hack (784150)]

And yet some companies have intituted the same thing with no anger from users.

Valve managed it, and the rather wonderful prevx malware finder program and SETI@home all require constant contact with home, for example.

The difference is that these systems deliver customer satisfaction because the phone home service is there as part of the service you require or with to participate in. If you decide not to, you can quit and go elsewhere. Most people using windows don't see that they have a choice (yet).

Microsofts problem is that their system is one of guilt assumption. They have it solely to check up on customers, it delivers no added value aspect to the consumer. That they say it does is part of the problem. It is for microsoft alone, it gives nothing back.

No-one cares about microsofts needs, that's human nature, we are all selfish unless giving something away brings a valued return. For them to expect that people would *want* to take part with no benefit to themselves is a pretty hefty misconception.

I find these issues with Vista interesting. I really do have no intention of ever buying it. I tried it with open mind, thinking I might get it if it brought something new I might like, but there was nothing that interested me. I didn't hate it, but saw nothing of use. It's nowhere near as useful as Linux for my needs, and if I feel a need for a commercial OS, well there's OsX.

OsX does interest me quite a bit. I've seen many presentations at conferences that were done with macs, and they look *so* good.

Re:

[by Anonymous Coward]

It seems that this technique doesn't test against the microsoft server, but can tell if a key is valid on the local computer, which would actually be news.

it is useless

[WARM3CH (662028)]

It seems that this technique doesn't test against the microsoft server, but can tell if a key is valid on the local computer, which would actually be news.

This is not really that important if a key is validated in a local computer or not. Any key needs to be finally validated by the servers: Out of all possible valid keys that pass the validation on a local computer, only very very tiny number of them are actually keys that have been (or will be) issued by Microsoft. Think of it like this: with 25 symbols for the keys you have a huge huge search space A. Now, this program finds the keys that are valid according to the magic formula that Vista validation system uses. All these keys form a very very tiny subset of A, called B. However, the set of keys that Microsoft has already issued (or will ever issue), set C, is only very very tiny subset of B. This program finds random keys in the B but to actually validate Vista with them, user has to contact Microsoft's servers to see if the key are part of the C or not. This is where the whole things breaks down next to being totally useless. (this is the same story with the CD-Keys of the mutli-player games...)

Re:MS would owe at least the key

[notaprguy (906128)]

The commentator on the Inquirer Web site is obviously a total boob (trying to use a British-sounding insult). He's cheering theft which in its own right is sleazy. Worse, he seems to be happy that the legitimate and paying Windows Vista customers are going to be at best confused and worst case screwed because some idiot stole their key. I totally don't understand the bizarre perception that software thievs are somehow Robin-hood-like characters. They're the 21st century equivalent of pick-pockets.

Re:MS would owe at least the key

[mwvdlee (775178)]

I can understand the happiness a little.

If this truely starts to be a problem with legitimate users being bothered by having their keys taken, MS will have to loosen up activation. That would be a benefit to all legitimate users.

Re:MS would owe at least the key

[DJCacophony (832334)]

Or they could NOT loosen up activation, and it would be a hindrance to all legitimate users.

Re:MS would owe at least the key

[orderb13 (792382)]

In which case there will be lawsuits and EULA's will be challenged and a companies responsibility to it's consumers will be better defined. Sounds like a win-win scenario here, as much as anything in regards to this can be called a win.

Re:MS would owe at least the key

[SatanicPuppy (611928)]

When it's Microsoft's long costly lawsuit?

Sorry, couldn't resist.

In the end though, this sort of corporate behavior is hugely annoying. Microsoft rose to the top partly because it looked the other way on unlicensed use of it's products, and now that it's the standard, it's trying to lock down. Well, the problem is, now there is a huge group of people who have a vested interest in using that software for free, and there is no way that they're going to beat them using a purely technical solution...Crackers are proving that on a daily basis.

Smarter of them to leave things as they were.

Re:MS would owe at least the key

[VJ42 (860241)]

How is a long, costly lawsuit a winning scenario?

It's a winning scenario for the lawyers...

Re:MS would owe at least the key

[Lord Ender (156273)]

Copyright infringement is not theft. It is immoral of you to deliberately misrepresent the issue by using loaded terminology.

Using Microsoft's services, such as Windows Update, could be considered theft. But that is theft from Microsoft, not from consumers.

Re:MS would owe at least the key

[CmdrGravy (645153)]

I'm not sure boob is really typically British insult, I have a German friend with the same trouble who believes that the word ignoramus is in common enough use to pass himself off as a native although he is sadly mistaken in this.

For future reference you could try using words like:

Fuckwit, wanker, bastard, fuckhead, tosser, cunt, spanner, moron, dickhead or even shit for brains.

For example:

"The commentator on the Inquirer Web site is obviously a total fucking wanker. The fuckwit is cheering theft which is in its own right sleazy. Worse, the cretin seems to be happy that the legitimate and paying Windows Vista customers are going to be at best confused and worst case screwed because some idiot stole their key. What a fucking cock !"

I must admit I probably have the same problem in my belief that most Scottish people curse each other by calling them sassenachs.

Re:MS would owe at least the key

[ednopantz (467288)]

The irony is that this is an example where IP theft *is* actually taking the original out of commission.

Unlike duplicating an mp3, here the original copy is no longer usable. It isn't just making another copy for yourself and leaving the original functional.

But the victim is MS or their customers, so it must be ok.

Re:MS would owe at least the key

[drinkypoo (153816)]

The irony is that this is an example where IP theft *is* actually taking the original out of commission.

The irony is that you think violations of IP is theft.

The person who brute force discovers and uses someone else's code is not the one causing their Copy of Windows to be invalidated. Microsoft is doing that.

This is a very important distinction.

Re:MS would owe at least the key

[drinkypoo (153816)]

The irony is that you think violations of IP is theft.

Not so much ironic as subscribing to a different value system.

Unless you subscribe to a different dictionary, this is really quite irrelevant. Copyright infringement is not theft. It is copyright infringement. We have a whole separate area of law to address it specifically because they are not the same thing.

Ironic would be someone who pirates windows freaking out because somebody violated the GPL. Which happens all the time here.

Well, I agree with that assertion, anyway.

The person who brute force discovers and uses someone else's code is not the one causing their Copy of Windows to be invalidated. Microsoft is doing that. This is a very important distinction..

Exactly, like when I used your card number to order all that stuff. It wasn't me who took the money from your account, it was the bank. I just typed in some numbers. Why are you so upset? Credit Card numbers are information and information wants to be free. How could anyone be upset about that?

Heh heh. Information wants to be free. Yeah, and my car wants to go fast.

Seriously though, I don't feel that the two situations are analogous. If I intentionally used your specific registration code to invalidate your copy of windows, well, I'm still not stealing anything. I am taking an action that indirectly causes Microsoft to invalidate your copy of windows. I agree that doing that intentionally would be wrong, but I don't agree that it is theft.

For one thing, you are still the owner of the copy of windows, or if you believe the bullshit that the computer industry attempts to push on you, the licensor. I am not. Therefore Microsoft is illegally terminating your right to use the software (whether you are in legal fact an owner or a licensor.) The fact that Microsoft would take an additional use of your key (which, as should have been obvious after the Windows XP Key generator, can be brute-forced) as a sign that you have broken the EULA or otherwise no longer have the right to use the software is the problem here.

In addition, there are legitimate reasons to use a key which is not your own. You could have legally purchased the software but no longer have box or manuals (do you even get any manuals?) and you may not even have the disc - it could have been destroyed. You are still the legal licensor, under the "licensee" way of thinking. You are still entitled to run the software, but lack the means to do so without generating another key. Microsoft, however, prevents you from using the software for which you have paid. So, you might consider generating a key so that you can use the product. If Microsoft then chooses to invalidate someone else's copy of Windows, how is that my fault?

You're acting like Microsoft is reasonable and I am unreasonable. But what's reasonable about invalidating your copy of windows just because someone else has the same key? Once, the EDD made me use a fake social security number because some mexican (I'm a quarter mexican, not that you could ever tell by looking at me) was using mine to evade taxes. That meant that my history was lost, and a new account was started for me. Was that right? But that guy had no real choice; the US has been taking gigantic shits on Mexico and helping to preserve the utterly corrupt status quo for many, many years now, because if we don't have mexicans to pick fruit and veggies, you'll be paying four bucks for a head of iceberg lettuce and sixty bucks for a bottle of crappy wine. So in order to feed his family he came here, and in order to work he used my SSN. Was the EDD's response justified? That poor field workin' dude didn't use my SSN in order to cause me hardship, but it happened anyway - but not because of him, because of the ridiculous response from the EDD.

Re:MS would owe at least the key

[vux984 (928602)]

So you imagine he probably works for a non-commercial software company?

Regardless, its copyright infringement, not 'theft' and not 'piracy'. Its really quite simple, theft is when you physically take something that doesn't belong to you. Copyright infringement is, amongst other things, when you make a copy of something you aren't authorized too.

In fact in this case the real issue isn't even copyright infringement. Suppose I use this keygen on legally purchased software. What laws are being broken?

I didn't 'steal' your key, I happened to come up with the same number MS assigned to someone else independantly. Hell, I might have come up with the number before MS, which, if anything, would make it -my- intellectual property; and MS would be infringing my copyright by issueing you "my" key string.

Which is of course absurd.

Welcome to the non free world.

[twitter (104583)]

I don't see how this is possible, or credible speculation even for a company a evil as MS...

Sorry, that's their EULA. You have two choices when you purchase anything M$, return the package unopened for a full refund or use it. They do not and can not promise it will work and they are not responsible for the actions of others. They regard anything they do beyond the EULA a favor for which you should be grateful, just like they regard anything their software ever does for you. They think you should be so grateful that you do as they say. This is the nature of non free software. Your master may take care of you or they may not and those are the conditions you must agree to if you want to use non free software.

They don't trust you. They made the registration key in the first place to restrict the number of computers you can use before you pay them more. When you call and claim your key does not work, they can't tell the difference between you and someone who's shared their key. Once again, this is the nature of non free software.

Not in the UK

[Toby_Tyke (797359)]

Sorry, that's their EULA. You have two choices when you purchase anything M$, return the package unopened for a full refund or use it.

That may be the case in the US, but in the UK things work slightly differently. If I buy a copy of Vista from a store and it is faulty, for what ever reason, I can return it to the store for a full refund or a replacement. The legalese is "fit for purpose" and "of merchantable quality". Clearly, a copy of vista with an invalid licence key is not fit for purpose.

Incidentally, most of the big shrinkwrap software stores in the UK try to get out of doing this if they can. Just be persistent.

Re:Welcome to the non free world.

[julesh (229690)]

Sorry, that's their EULA. You have two choices when you purchase anything M$, return the package unopened for a full refund or use it. They do not and can not promise it will work and they are not responsible for the actions of others.

There's this little thing called an implied warranty of fitness for a particular purpose. When you buy something -- anything -- unless it has large letters on the outside of the box saying that it doesn't work, it comes with one. It states that, basically, if you use the product for the purpose for which it is marketed (i.e., with software, try to run it on a computer), it will perform that purpose to at least a basic level.

It is not legally possible for MS's EULA to disclaim this warranty, it's a basic right that you get when you buy something.

When you buy something that doesn't meet this warranty, you're entitled to a full refund. Whether you've opened the package or not.

What makes you think an EULA has legal force?

[Sycraft-fu (314770)]

That they include it means nothing. It is pretty certain that, indeed, an EULA doesn't have legal force and can't make you give up rights you normally have. For example:

I work for a state institution which means in a way I am a part of the state. One of the requirements of the job is that I can't sign any contracts for the state. Anything that requires a signature has to be sent to legal (and we have a hell of a legal team). Employees can't agree to contracts directly. We have, on occasion, gotten software that comes with a written agreement. It is sent to the lawyers, almost totally rewritten, then sent back to the company (who is usually quite surprised). However we've been told not to worry about EULAs or click through agreements. We are allowed to just click ok and go on about our business.

Now why do you suppose that is? Well it is because the legal team believes that they have no legal force, and thus there's no problem. I'm going to guess they are right, they have to be very careful about protecting the state against things like that.

So MS can say in their EULA "We reserve the right to take this software away from you at any time," but that doesn't mean a judge will agree. You can still drag them to small claims court (it's quite cheap to file) and argue your case. If a judge agrees with you, they give you your money back.

Re:MS would owe at least the key

[Zontar_Thing_From_Ve (949321)]

I don't see how this is possible, or credible speculation even for a company a evil as MS is perceived on slashdot. I'm no MS fanboy, but I've had reasonable "service" from MS on issues of keys to activate my machines under some unusual circumstances.

This may get sticky for MS, but for goodness sake we've got to find better bashing material on MS (and I believe there be plenty) if we want to maintain any street cred. There's no WAY MS won't be giving license keys to legitimate purchasers of XP (especially considering the vast majority are pre-activated shelf-delivered versions).

I think you're probably right. However, all companies in similar situations don't act this way. A few years ago I bought a Russian-English translation program for my PC. I got the best one on the market. I didn't use it a lot, but it was useful to me for quick translations from Russian to English for email. At the time I didn't know Russian as well as I do now and while I could do translations by hand, it took a very long time. It was certainly worth the money to have a computer program do it for me in a few seconds and then I could double check the weird parts and re-translate those myself. It turned what might be a 2 hour translation job at the time into a 10 minute job at worse. A year or so later I had a catastrophic Windows failure and had to do a destructive reinstall. Although I had a valid license key for the translation program, it wouldn't work after the reinstall. The vendor told me their keys are valid for one use only and although I explained that I had bought the product (and they knew I had) and had to do a reinstall of Windows, I got basically "Too bad. So sad. Here's a 10% discount off our lowest price." in response, which still meant I had to buy the product at pretty close to it's normal value. I sucked it up and did that and installed my new key. However, I was very angry because I realized that to the software vendor if I needed a new key I was probably a thief and if I wanted another key, I was going to have to pay for it. After another year or so, guess what? Yep, I had to do another destructive reinstall of Windows. I decided not to rebuy the software. The babelfish translator, which is free, is not as good, but my Russian had improved a lot and I had less real use for a computer translation program. For as little as I needed to use one, babelfish was good enough. However, the vendor of the translation program has lost me forever as a customer because they weren't willing to give me the benefit of the doubt about my problem and my choice was either to buy a new key or live without the program. Their attitude was "If you need a new key, you're a thief". Since then a guy on a forum told me the magic needed to make old keys work on a reinstall, but I've never bothered with it.

Re:MS would owe at least the key

[ednopantz (467288)]

The slashbots are excited because this, *this* will be the thing that makes people go to desktop Linux.

Nobody will upgrade to XP--er.... Nobody will upgrade to Vista because of activation.

Yes! 199-, er...
2003, er....

2007 WILL BE THE YEAR FOR DESKTOP LINUX!!!

Re:MS would owe at least the key

[Anonymous Conrad (600139)]

This is not a brute force hacker, but just a database of some key with a fancy interface on top that pretends to be calculation just just updates a progress bar. The database will release some key after some hours of "calculation". Users notice that the (enterprise?) key is accepted and tell it works. MS will notice some volume keys are used too often wan will block them at the next wga update (and the next service pack)

No, that's not how new the volume license system works. There's two classes of volume license key for Vista:

• Multiple Activation Key - will only work a limited number of times
• Key Management Services - requires a local license server that maintains the count of keys used and communicates with Microsoft

neither of which will work with your scheme.

Re:MS would owe at least the key

[Brian Gordon (987471)]

Since it's a vbscript the code is wide open. Look for yourself, this is a legitimate brute forcer.

Sounds like a distributed computing project to me

[nizo (81281)]

I can see it now: thousands of computers worldwide activating keys, just to make life miserable for Microsoft and users. It could be called the "annoy Microsoft Windows Users at home" project.

Re:Sounds like a distributed computing project to

[tomhudson (43916)]

"I can see it now: thousands of computers worldwide activating keys, just to make life miserable for Microsoft and users. It could be called the "annoy Microsoft Windows Users at home" project."

Yes, but does it run under linux :-)

Actually this crack won't help most people..

[goombah99 (560566)]

One poster on the crack forum wrote "5 hours and i got 3 legit keys." at 20K/hour that's only 100,000 tries or 33,000 per key. So apparently despite having a 25 digit key space, Microsoft's algorithmic validity check allows 1 in every 33,000 keys. What where they thinking?

As I pointed out in the post above the chance of a randomly generated working activation- key colliding with a legitimate keys is probably worse odds than 1 in a trillion. So this will probably never ever happen by chance.

However, chance might not play a role here. Given this colossal stupidity one also assumes they did something dumb like make the decoded keys have some sort of sequential pattern too, so given enough keys one might be able to figure out how to actually generate keys directly. In that case MS will have a problem with the key-collisions with legitimate keys because people could deliberately generate those.

Why would deliberately generating legitimate keys be a good idea for a cracker? Well, if you do generate a random activation key, it will activate the product but Microsoft will also be able to determine that it's one that it did not issue. So the moment vista phones home or you try to do a system update, or install any piece of software from MS that can check the key (e.g. office), microsoft is gonna shut your genuine ass down. On the other hand if you were to generate a key that coincided with a legitimate key, then MS won't know you filtched it. So there's an incentive to see if MS also made the patterns predictable.

You could of course try to live off line. but that level of piracy is not a threat to MS.

All that said my guess is that this is not possible. If I were creating these keys what I woul dhave done would be to use public key encryption. I'd take the integers 1 to 1 billion, and encrypt them with my private. The the Vista copy caries the public decode key. To validate the vista installer decrypts the user supplied key. If it's a number between 1 and billion, you've been validated. MS can now issue up to 1 billion copies of the software with distinct keys.

relax

[ohzero (525786)]

I guarantee you MSFT will release a patch to reorder license keys or figure out some other solution. If you were the largest software company in the world, and you had a product that was being touted as "more expensive than switching an entire IT department to OSX:, wouldn't you?

tough questions

[gEvil (beta) (945888)]

To make matters worse, Microsoft will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing.'

Hmmm, I wonder which way Microsoft will go on this one...

Ironically...

[jejones (115979)]

Just as I read this article, pandora.com started playing the title cut from David Wilcox's Vista album:

"...and the wide open vista..."

Having RTFA...

[d3ac0n (715594)]

AND having gone to the site and read through the ENTIRE thread on their forums;

What we have here is a random number/letter guesser. It's basically a VB Script that guesses random numbers and letters in a string that is the same length as a Vista Key, then inserts it into the registry, overwriting the existing Vista key. You use Magic Jellybean to check when the key has changed, and then manually check it against MS's activation service. Really this is little more than a person manually sitting down and making key guesses. This is why it's called a "Brute Force" attack. There is no intelligence (ie: an algorithm) behind the key guesses at all.

That said, because it IS so simple, it's almost impossible for MS to defend against, since they can't just "ban" any keys made by it like they would a traditional algorithmic keygen. Also, there is an improved version of it posted as source on the boards there, so if you want to take a peek at the code you can.

Here is a link to the forum post in question: http://keznews.com/forum/viewtopic.php?t=2634 [keznews.com]

Re:Easy Fix

[tomstdenis (446163)]

Lots of botnets run on windows ... I wonder if they could be commanded to scan for license keys.

Tom

Re:Easy Fix

[NSIM (953498)]

Lots of botnets run on windows ... I wonder if they could be commanded to scan for license keys.

That's actually a pretty scary thought, it's not hard to determine the install key used from an application running on the OS (there are several utilities out there today.) A botnet could e designed to get the install key and send it back to someone who could maintain a database of valid keys. This probably true for just about any application or OS that uses an install key, to be honest I'm surprised somebody hasn't already done this to XP or Office.

Re:Easy Fix

[dintech (998802)]

Nice, you invented the concept of thievery@home. I imagine a print out of lots of vista keys with "wow!" written at the side of one...

Re:Easy Fix

[Brian Gordon (987471)]

I think the program actually tries the keys on its own algorithm, and when it finds a valid one it tells you to submit it to microsoft.

Re:Easy Fix

[Odiumjunkie (926074)]

> All Microsoft has to do is block the IP address that is requesting thousands of activations on > separate, invalid keys per second. RTFA. That's nothing like how this works. The actual activation part is totally manual, only the key generation is automated. You can generate keys without any kind of network connectivity.

Re:Er...

[Goaway (82658)]

Why not actually try to read the article to see how the program works?

Re:Not too big of a deal

[tomhudson (43916)]

"as someone who has worked on systems such as these (oh the inhumanity!) we have looked at this particular attack vector. Yes, it is possible. But, when you consider the size of the activation code domain (quadrillions or more of combinations), with the number of legitimate keys (hundreds of millions), and the fact that each request takes some amount of time (a few seconds), it's not too big of a risk. A risk? yes. But there are lots of risks. This is just another one to be put on the list, watched, and mitigated against (as others have said, with blocked IPs and so forth)."

Obviously someone else who didn't read either the article OR all the other user comments - no net connection required to generate the keys - the attempts to change the key are done locally; after a successful local key change, submit the new key for activation.

Blocked IPs won't do jack shit for such a scheme.

Also, you're not trying to find a specific key that works, just one of many, so even with a huge wrong-key space, you'll get a favourable collision with a valid key sooner, rather than later. Its like the same-birthday problem.

Except we know already what happens

[Moraelin (679338)]

The problem of generated keys and conflict with legit keys isn't new, so we already know what happens. The same existed for XP -- plus the added collison of dishonest OEM's selling one legit serial number to 100 different people who bought their computers with XP preinstalled -- and we already know what Microsoft chose: to not annoy the paying customers. What it did try to do was go after the OEM's who did that, but _not_ after the victims. The victim never had to do more than call an (automated) telephone number and get another key. It's always been that simple.

Yes, there have been some fucktards too historically, but MS was sane about it so far. I'm not saying they're saintly or anything, feel free to still be anti-MS if it makes you feel any better. Just that their sane. Even if you want to see them as some kind of super-willain, well, as super-villains go, MS was the _sane_ kind so far. The kind who's read the evil overlord's list, not the random lunatic kind. It knows when _not_ to do something that would damage itself very quickly.

Look, there are plenty of real reasons to whine about MS, no need to invent bullshit FUD scenarios. That kind of going into bullshit fantasy land, just to have something bad to say about MS, just damages the credibility of the real complaints.