MS opens up on Whistler copy protection

No privacy invasion, no plot, no hassle - honest...

  • alert
  • submit to reddit

Build a business case: developing custom apps

The product activation copy protection system that will ship with Whistler and Office 10 will form the basis of a "cross product" protection system for Microsoft software, and the signs are that the company will move heaven and earth to make it stick. Speaking to The Register earlier today Microsoft product manager, licensing technology group, Allan Nieman went through the checklist of gotchas, and explained why product activation is a pussycat really.

But first, although cracks and patches dealing with the protection in Whistler builds 2410 and 2416 (an "internal" Microsoft build currently maiming bandwidth in shady circles) have been produced, it would seem that the panic produced by product activation's appearance in the beta code was unnecessary - according to Nieman, neither of these builds is actually protected. "It's just a UI screen," he says, a "first glimpse" of what the system will look like. Just click next, as Microsoft's technical beta testers have now been informed. Duh.

Obviously that won't be the case with the shipping product, so the work of the script kiddies won't have been entirely in vain. But Microsoft really, really wants people not to hate product activation and - strange but at least at the moment true - is trying to draw a sharp distiction between activation and registration. And, by the way, registration will not be compulsory, according to Nieman.

As has now been widely reported, product activation takes a product key from the software packaging, combines it with a code generated from the specific hardware you're installing on, and then in exchange for the result you get an unlock key from Microsoft, either over the Web or by phone. But this is not registration. You only need to give Microsoft the code, not your name or anything else, so it's entirely anonymous unless Microsoft is doing any surreptitious sniffing, which Nieman assures us it is not.

Nor, he guarantees, will the software check into base on a "phone home" basis after you've unlocked it. Once it's unlocked it'll be a fully stand-alone product that doesn't try to regularly validate itself with Microsoft. Presumably this will mean that the "rental" versions of products Microsoft will be testing will have some form of time bomb rather than a phone home, but it seems pretty clear that Microsoft is willing to go quite a distance to separate privacy issues from anti-piracy.

One could reasonably doubt that it can keep it up, or even (given the nature of .NET) that it's technically feasible to keep it up in the longer term. When Microsoft tested the precursor to product activation in various countries with Office 2000, Nieman says the company processed six million activation requests in 24 months. That's chicken feed compared to the tens of millions of activations a year if the system just applied to Windows, and the marketing people surely can't be happy about passing up data on that number of people.

Nevertheless, registration will be separate, and won't be compulsory. Not exactly, anyway - Microsoft has required registration for access to product updates in the past, and the position here tends to be a bit variable. The activation process was described as the "Office Registration Wizard" in the O2K test, but that was what you might call infelicitious. Nor did you actually have to register as such - according to Nieman the only data required was country.

So in that case, why is Microsoft bothering? Nieman says the system is primarily directed at "casual copying," where people loan one another software, pass it around the office, install multiple copies with just the one licence and so on. The system will certainly tend to stop people doing this, but on the other hand that could give casual copiers sufficient impetus to dig out the cracks and use them, and recordable CD makes that awfully tempting. Think yourself into the position of paterfamilias, one PC for him, one each for the two kids to do their homework, so what's he going to say to three Office licences? Student licensing, yes we know, but he doesn't, and anyway it's a hassle. He might hear about student licensing, or then again he might hear about StarOffice being free.

You can circumvent the Whistler product activation system as described here last week, and there are also two files circulating which deal with the CD key and the time bomb on the Whistler beta. Put together with a bit of cosmetics these provide the means to produce a completely unprotected Whistler CD, and it's unlikely there'll be any difference when it comes to the shipping product.

That leaves it as eminently crackable, and whether it is cracked on a widespread basis or not will depend to some extent on cost, to some on hassle. Large numbers of consumers and small businesses swap software, and they're not about to stump up the readies to convert their current unlicensed software to full product. Even in businesses that do pay their licences, systems managers will frequently produce their own unprotected copies to avoid having to go through the activation process over and over again.

But, says, Microsoft, they don't have to - and this is where you can maybe see an angle for the company. Product activation won't be present for the enterprise Select and the volume Open licensing deals. These will still require a single unlock for the media, but after that you can do multiple installs, just keeping a tally of the licences you're using. Microsoft licence management software will no doubt help you out here, and the Open licence scheme goes as low as five copies, for which you get discounts. Except on old operating systems Redmond wants you to stop using.

Microsoft sees promotion of the Open licence to small businesses as going alongside product activation for consumers, as businesses will be encouraged to go for the volume deals. Of course by doing so, you report yourself to Microsoft, and are therefore more readily auditable. So consumers get roadblocks to stop them sharing with their friends, Microsoft's reach extends further down the business food chain, but there are no privacy implications. Microsoft likely won't squeeze much more money out of the consumer market, but by being better able to police "unprotected" business licences, it could do well there. Quite a paradox, no? ®

Related Story

Copy protection on Whistler easily cracked

The essential guide to IT transformation

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Time to move away from Windows 7 ... whoa, whoa, who said anything about Windows 8?
Start migrating now to avoid another XPocalypse – Gartner
You'll find Yoda at the back of every IT conference
The piss always taking is he. Bastard the.
HANA has SAP cuddling up to 'smaller partners'
Wanted: algorithm wranglers, not systems giants
prev story


Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.