Feeds

MS' Mr WPA says no new corp keys for SP1

But plans to describe changes RSN

  • alert
  • submit to reddit

3 Big data security analytics techniques

Microsoft licensing technologies lead product manager Allen Nieman (Mr WPA) has denounced last week's WinXP product activation revamp story as FUD, a rumour that is "entirely untrue," and that has been "parroted by some folks without validating with us" (by which we fear he means us).

As it turns out, the tests on which the "rumour" was based had one fatal flaw - they did not distinguish between corporate and non-corporate versions of XP SP1, and so when a non-corporate SP1 was slipstreamed (i.e., applied in combination with an XP install) into a corporate XP, the installation was turned into a retail XP Pro one, and the corporate keys - naturally - didn't work.

Nieman made a posting to an SP1 beta group on Friday, saying:

"Here's the deal: There is no truth in this rumor. We are not changing the way volume licensing customers install or deploy Windows XP. We are not issuing volume licensing customers new product keys. Volume licensing customers are not impacted by any of the changes we are making to activation in SP1. The only folks impacted by the changes we are making in SP1 are people with illegal copies of Windows."

"We are planning to completely discuss and document what is changing in activation to address crack and pirate issues as part of the overall SP1 comm planning and included in that will be a technical marketing doc I am writing that explains exactly, detailed, what the changes are, how they work, and why we are doing them. Our goal here is to be completely transparent and forthcoming - fully open kimono if you will. As soon as that doc is complete (early to mid next month) I'll post it here."

Note that although Nieman is categorically denying the rumour, which has in any event debunked itself, he is confirming that there will be changes in WPA in SP1, and as he proposes to explain them, one is inclined to conclude that they will be of greater significance than simply the blocking of a few leaked corporate keys. For, how long does that one take to explain?

Microsoft does need to do something about WPA in order to negate keygen routines being used to generate working XP keys, so changes in the generation algorithm are probably still on the cards. If that is the case, then we'd still be likely to see a new variety of key being phased in via new OEM machines and in the various different editions of WinXP Microsoft currently has on the stocks. But as Nieman proposes to go public by the middle of August, we'll soon know. ®

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.