Feeds

WinXP testers get unique IDs from MS, plus a workaround

Redmond logic: 2428 code will only work with ID, unless you disable it

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Microsoft has ratcheted up the security in the latest build of the Windows XP, which went up on Microsoft's FTP servers last night, and on the 'unofficial' FTP servers shortly afterwards. But it's a virtual ratchet, largely - according to the build 2428 release notes that escaped along with (of course) the code, each technical beta tester is being assigned a unique installation product key in order to unlock the build.

But then the notes go on to tell us that the build has a registry key that can be used to disable the product activation in this build. So although you've got a unique key that can be tracked back to you (possibly...), you don't actually need to use it anyway. Previous leaked builds have been accompanied by various patches and workarounds that deal with the product activation technology, but with 2428 Microsoft is saving these, er, misguided enthusiasts the effort by putting the workaround in the release notes.

Weird or what? The kindest way to look at it is that Microsoft is still pretty nervous about ticking-off its testers, and is still concentrating on getting them used to the idea of protection, in preparation for the actuality.

The company says that the registry key will not be present in future builds and in Beta 2, but actually it's doubtful that the shutters can be slammed down effectively when (if) Redmond finally decides to fully enable the system. Current Microsoft product key systems usually have back doors in them so that the people Microsoft trusts (or at least, has to pretend it trusts) can get their jobs down. So OEM support departments, for example, get access to 'universal' keys, and these escape.

Microsoft could try cracking down on escapes, but the release notes suggest it's not quite ready to do so. Testers are told not to share their product key on pain of losing their technical beta privileges, except with "designated representatives in corporate testing situations." Similar exceptions will no doubt exist when the finished product ships, so there goes Fort Knox, folks.

You'll recall we observed yesterday that despite claims elsewhere to the contrary, the restriction of Beta 2 to a small number of testers was unlikely to be anything to do with controlling code leaks. Microsoft tells testers that 2428 will not be made generally available on CD, but ISO images almost immediately became available today from non-Microsoft sites.

The shelf life of the code itself may however be limited. According to the estimable Mary Jo Foley testers are being told to expect Beta 2 on February 19th (nine days closer than the last ETA spotted), and that it's possible that 2428 might itself be designated as Beta 2. Which would make the product notes for 2428 even weirder than you thought they were, but there you go... ®

Related story:
Early death for 98 as MS pushes WinXP - public beta confirmed

Beginner's guide to SSL certificates

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
HTML5 vs native: Harry Coder and the mudblood mobile app princes
Developers just want their ideas to generate money
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.