Windows Vista Keygen a Hoax 154
An anonymous reader writes "The author of the Windows Vista keygen that was reported yesterday has admitted that the program does not actually work. Here is the initial announcement of the original release of the keygen, and here is the followup post in which the same author acknowledges that the program is fake. Apparently, the keygen program does legitimately attack Windows Vista keys via brute force, but the chances of success are too low for this to be a practical method. Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"
i thought so (Score:2, Insightful)
a 4 year old using BASIC could do that
you posted to the wrong thread (Score:3, Insightful)
When in reality (Score:4, Informative)
Re: (Score:2)
Anyway, it really depends on how much valid combinations exist. If they tailored the algorithm to only accept a few billions of combination they are safe but if they a
Re: (Score:2, Insightful)
Obviously it isn't that big.
Re: (Score:2)
To a layman, that's about 8 brazilian combinations.
Re: (Score:1)
The total number of valid keys does not matter, what matters is how many keys you have to produce on average before you hit one that works. If a 100 millionth of all possible keys will work, then you will have to produce, on average, 100 million keys before you hit one that works.
I don't know exactly how hard it is to produce these keys and (more importantly) check whether they are valid, but I'd guess that the computing power required to produce one Vista key in this manner is probably more expensive than
Re: (Score:3, Informative)
Actually, it's 50 million on average.
Re: (Score:3, Informative)
Actually, there should be a lot less than that since some characters are always letters and some characters are always numbers.
People lie on the internet? (Score:5, Funny)
Oh sure. Next I suppose you're going to tell me that the guy who claims he ordered (and received) a 37" LCD TV for $7.99 due to a price mistake is lying, too. Or the kid who swore he put a Beta tape in a VHS deck and it played...Don't you have any faith in people anymore?
Re: (Score:3, Funny)
=)
Re: (Score:3, Funny)
Re: (Score:2)
My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?
An even "better" one was for the Intel 486SX CPU, the cheapo version of the Pentium's predecessor. To quote the Foldoc entry [foldoc.org]:-
All 486SX chips were fabricated with FPUs. If testing showed that the CPU was OK but the FPU was defective, the FPU's power and bus connections were destroyed with a laser and the chip was sold cheaper as an SX, if the FPU worked it was sold as a DX.
The Jargon File claimed that the SX was deliberately disabled crippleware. The German computer magazine, "c't", made this same theory the basis of an April Fools Joke. They claimed that if one drilled a hole of a specified diameter through the right point on a SX chip, this would brake the circuit that disables the FPU. Some people actually tried (and then bought themselves new processors).
Re: (Score:3, Funny)
But that one really worked. I did it myself. I swear!
Re: (Score:3, Informative)
Uh? Never heard of that hoax. Is there any reference on the web? A cursory google search turns up nothing.
Re: (Score:3, Funny)
I know of at least one...
Re: (Score:3, Funny)
Re: (Score:1)
Re: (Score:1)
Believe it or not I actually did order and receive an nvidia graphics card worth around $150-$200 for around $2 from the most popular online shop in Turkey. I was banging my head on the wall when i recieved it that i did not order more than one. They never realized the problem and the same account i received the item is still active.
Re: (Score:1)
OEM_BIOS_Emulation_Toolkit (Score:5, Informative)
But i don't know what will be the impact for online upgrades since i don't use Vista myself.
Re:OEM_BIOS_Emulation_Toolkit (Score:5, Informative)
Once again, product activation is only a PITA for legit customers.
Re: (Score:1, Interesting)
For some extreamely low threshold of PITA. But then this is the forum that's stymed by DVD commercials.
Huh? (Score:2, Funny)
Re: (Score:2)
I can only agree how much of a pain this was. Once I'd typed in my 25 numbers and letters, Windows never bothered me or asked me about it again. How intolerably annoying is that?!
Re: (Score:1)
I had a machine that had a pirated copy of XP and everytime I wanted the updates right away; sure enough WGA would show its face and I would have to find the latest tool to avoid it.
Yet I have a legitimate copy on another machine and in those 4 years since I have had it running I have yet to run into a problem with WGA and can access all the WGA
Re: (Score:2)
Well count yourself lucky. I had a quite a hassle last time MS questioned my right to run my legitimately purchased copy of XP. I had to type that stupid code at least 4 or 5 times in response to robotic prompts. After getting disconnected the first couple of times, I finally got transferred to some guy in Uttermost Thule who snee
Re: (Score:1, Troll)
Re: (Score:1)
Windows XP (and indeed any remotely recent versions of MS software) will just not allow you to reactivate a product if there is either a different motherboard detected. I have been told by Microsoft staff that especially with Windows Small Business Server (*shudder*), not even a CPU upgrade is allowed by the license. When a serve
Re: (Score:1, Troll)
Believe me or not, and although my anecdotal evidence does not trump yours, it does invalidate any attempt to paint your experience as the general rule.
Re: (Score:2)
Re: (Score:2)
Re:OEM_BIOS_Emulation_Toolkit (Score:5, Informative)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:3, Informative)
Pantheon released a full Windows Vista Ulimate CD with their own activation tool using the same principle. Here is the NZB set [yabse.com] (click NZB to download the file) to facilitate downloading from Usenet. Posts are two hours old so they may need a bit longer if you're not using Giganews, Newshosting, etc.
Re: (Score:3, Insightful)
Also, since Vista comes with 90% of all computers sold in the US, the fact that they don't have it already means they are building their own boxes instead of buying Dells. Guys that build their own don
Re: (Score:2)
Gee -I'd rather then have ABSOULTLY no possibility of running windows without paying for, that way they'd have a financial intrest in finding ways to sever their ties with M$ and might be willing to spend part of what they would have on Vista to facilitate their transi
Not Quite.... (Score:2, Insightful)
I probably have $1k in windows software.
Of course, I don't understand the rabid microsoft-hating to begin with. Their product works fine for me. I can't tell you the last time I had a system crash (opposed to an application crash), or the last time I was infected with spyware or a virus. Also, my comp
Re: (Score:2)
No, really, they do it because it is cheaper and easier than going to the store to buy it. I bet if you could legitimat
Re: (Score:2)
Re: (Score:2)
-matthew
Why (Score:5, Interesting)
Re: (Score:2, Insightful)
Re: (Score:1)
Re: (Score:2)
This is why you don't see keygens resulting from leaks of Windows source code. The key validation code is extremely simple. You simple decrypt with the public key and check the hash. Activation takes care of checking the validity of the serial #.
Re: (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
They cannot go and redo the algorithm
The industry is at least decades ahead of you--probably closer to centuries. Credit card companies learned this lesson from number theorists who were probably first employed by insurance brokers.
How many different algorithms are there to generate a prime number? Sure, all of them eventually fail, but they each fail in their own special way. Every prime number generator has an optimum range.
These algorithms generate prime numbers which are used as valid keys for Dell. These algorithms generate prime num
Re: (Score:2)
I think originally people started botnets mostly for fun and to display hacking "prowess" and to DDoS people that piss them off (companies such as Microsoft, perhaps). It was only fair
Re: (Score:2)
Re: (Score:2)
Except that you need an activation code for every machine. So adding machines doesn't only add to the processing power by 1, but also increases the workload by 1. This is of course assuming people who don't need to get a copy of windows activated won't feel the urge to join, which seems fairly likely.
Brute force is always the last resort
Re: (Score:2)
(simple ex: Divide as a binary tree, when 1.1.1.1 and 1.1.1.2 are done you can mark 1.1.1 as checked. If sub-trees are given out in a smart fashion, the dictionary wouldn't have to become very large.)
Done smart is NOT DONE AT ALL (Score:3, Informative)
When you have done that work out how long it would take if you used every computer in the world.
Express it in terms of billions of years, and compare it to the lifetime of the sun.
Then get the cluestick and hit yourself repeatedly on the head.
/.'d (Score:3, Funny)
well not really a hoax (Score:1)
Re: (Score:1)
If you're looking for a good laugh... (Score:2)
Warning: Extreme Tolerance for Poor Spelling Required
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Good scare for Vista people though (Score:3, Insightful)
Re: (Score:2)
Might not even have to validate keys at all anymor (Score:5, Informative)
a key is valid before submitting it to their server for signing.
If I were them I would do what prepaid mobile phone has been doing
for years: generate completely random keys and at the signing server
end just check if that key is in the database and if it's not already
used. If that's the case then all they would have to do is sign the
key and the computer configuration and return that to the client code
that would in turn check if the signature is valid.
That way there would be no way to brute force keys because they have
control over the validation server and can put a stop to that and there
is no key validation code exposed from which someone might derive a
key generator or at least get hints at how the keys are distributed
in key space.
Re:Might not even have to validate keys at all any (Score:1)
Not having this step means that it is even harder for users to figure out if "failed" reply from server meant that the serial is already in use (or stolen) or that they just made a typing mistake.
Re: (Score:1)
to reduce typos and frustrartion, in effect have a random key and a
byte's worth of checksum.
As far as certainty for the user is concerned as to what happened, the server
could issue certain error messages like "This registration key is not valid!" or
"I am having problems right now validating your key but that's not your
fault, try again later" and of course: "DIE, PIRATE SCUM!"
Re:Might not even have to validate keys at all any (Score:2)
Suppose the key is 125 bits in size. (5 words of 5 characters, with each character representing 5 bits). Say 10 bits are devoted to a checksum, so that there is only a 1 in 1024 ch
Re: (Score:2)
Re:Might not even have to validate keys at all any (Score:2)
What would stop you from sniffing the traffic of the on-line checking of a legitimate key, and then faking that traffic to "authorize" illegitimate keys?
Re: (Score:1)
1. Alice generates temporary session key
2. Alice encrypts temporary session key using Bob's public rsa key
3. Alice sends encrypted temporary session key to Bob
4. Alice and Bob now use the temporary session key for all further
communications.
5. Evil Marvin (the listening dude in the middle) does not profit.
random session numbers and timestamps do their part to prevent replay.
Re: (Score:1)
1 Decide to break Alice and Bob's public keys
2
3 Profit!
It's a tried, tested and proven formula.
Re: (Score:1)
dog and beat the crap out of her until she starts talking. Then he could tie Alice
up and throw her sorry bleeding sobbing body onto the back of his pickup, drive over to
Bob and douse his little daughter with lighter fluid while choking her with his belt.
The only drawback to this brute force method of course is that both parties find out
that their secret has been compromised.
Re: (Score:2)
Re:Might not even have to validate keys at all any (Score:1)
I remember the XP keygen - and that worked fine (Score:1)
Re: (Score:1)
There was a brute force element to the generation since it took about an hour to make a key on my cruddy old laptop I had at university at the time. Not all keys generated even worked so you'd have to make a bunch. I actually had a legal key under some student licence the university had, but didn't want to phone microsoft to activate it.
At some point an instant XP keygen took over as the algorithm was well and truly hacked.
Not th
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Part of the license agreement we had to sign was to agree to use the license only so long as we were students of the university. If you wanted a better license, you had to pay for XP (but at a very reduced charge).
To this day, many people on campus can recite the key from memory due to how much it
Windows Vista Keygen Screensaver (Score:2)
Can we slap the Inquirer writer upside the head? (Score:2)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
I'd spend $100 on the upgrade, but not $260 for Ultimate. I could buy a lesser version, but to get both scheduled backups and media center, you have to get Ultimate. For that, I'll wait until SP2 comes out and fixes the first round of bugs.
Re: (Score:1)
Re:Key gen or not.. (Score:4, Funny)
I, on the other hand, do not.
(Or I fucked up the post
Re:If it's actually a brute-force == Solution! (Score:4, Interesting)
Re: (Score:2)
Re: (Score:2)
No, E[time until a valid result found] = 14 years. Max[time until a valid result found] would probably come out
Re: (Score:2)
Re: (Score:2)
If MS weren't morons when they designed the key system, hundreds of thousands of years might be more like it. But you can keep trying if you like.
Re: (Score:2)
The brute force approach is fundamentally impossible, unless you are the luckiest pe
A Winner Is You! (Score:2, Funny)
Probably not even one of the Turbo Hyper Fighting versions either.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Don't go looking for contrition here. You'd have an easier time learning evolution in a tent revival.