|
Microsoft: WinXP Update Could
'Bomb' Some Computers
Tue Aug 27, 1:27 PM ET
James Maguire, www.NewsFactor.com
In an attempt to reduce piracy of its software, Microsoft
has announced protective changes to its Windows Product
Activation (WPA) service, beginning with WinXP Service
Pack 1. As veteran Microsoft watchers have expected,
SP1 will not install if either of what the company calls
"two well-known pirated product keys" has
ever been used to activate the system. Such systems
will also be denied access to Microsoft's Windows Update
feature. According
to Microsoft, "the product IDs generated from these
product keys are (where X may be any numeric value):
XXXXX-640-0000356-23XXX
XXXXX-640-2001765-23XXX
"The product ID can be found by right clicking
on My Computer and choosing Properties and viewing the
General tab."
Larger
Changes
This recently announced change appears to be an attempt
by the Redmond, Washington-based software company to
plug all currently known holes in WPA security.
Now, there are three components required for
SP1 installation: the previously required product ID,
the hardware hash unique to each computer and the product
key. With
these three pieces of data, Microsoft will be able to
check a product key to verify that is actually owned
by a paying customer. This suggests that Microsoft has
a list of valid software keys, and that unlicensed key
generation will be shut down, or at least lessened.
Access
Denied
At the very least, the company has created a new mechanism
for battling leaked keys that will likely make it more
difficult for software pirates. Because
Windows Update will also be checking keys after October
2nd, Microsoft can deny access to updates even if SP1
has been successfully installed on a system whose key
is subsequently found to be abused. "Service
Pack 1 for Windows XP ( news
- web
sites) will contain fixes to cracks used by software
pirates to circumvent activation," the company
said. "Installations of Windows XP patched by a
crack will require activation after SP1 has been installed."
Different
Approaches
Microsoft is taking differing approaches to two different
verification problems. The company says it will merely
freeze the system state at pre-SP1 for attempted installs
using leaked keys. But -- crackers beware! -- users
installing SP1 into patched versions of XP will be bombed.
Industry
observers note that this approach suggests that Microsoft
knows its market -- that the company understands that
the first group of users is more likely to be its valued
corporate users, hence, paying customers. But
when it comes to crackers, the company's stance is different.
"Microsoft is being more proactive than anyone
else," Michael Rasumussen, director of research
at Giga Information Group, told NewsFactor, regarding
the company's moves toward greater security. "That's
why you see more of the aggressive tactics on the Microsoft
front." For
its corporate users, an encryption feature has been
added, according to Microsoft, "to allow the encryption
of the [volume licensing keys] for unattended setups
of Windows XP with Service Pack 1." Customers
who place their licensing keys in an unattended setup
file will be able to encrypt their licensing keys so
that they will be "time limited" and hidden
from plain text.
Protected
Interests
Microsoft claims the encryption feature for installation
does not mean that corporate users will need new keys
for existing installations. But the phrase "time
limited" implies that Microsoft plans to use disposable
keys in the future for greater security. The software
giant, ever vigilant of its market interests, makes
the reasons for this new approach clear. This new policy
is "raising the bar on pirates" who "have
been busy engineering circumventions to digital rights
technologies, including Microsoft's own product activation."
For More Information Contact:
Computer Works Home & Office
1228 W. Scyene Rd. Suite # 204, Dallas, TX. 75149
Tel: (972) 722-5223
FAX: (972) 771-7852
Internet: Support
|
