Feeds

XP deloaded? MS tightens screws on loose product keys

But effects will be limited

  • alert
  • submit to reddit

The smart choice: opportunity from uncertainty

Microsoft is tightening the screws further on pirate copies of Windows by disabling Internet activation of XP product keys for software distributed by all of the large OEMs. The move however doesn't take the company anywhere close to universal compliance, and seems more intended to reduce casual copying and leakage from the PC channel.

The latest move, which was first revealed by Aviran Mordo earlier this week, places restrictions on a mechanism used by OEMs to bypass Product Activation. They have previously been allowed to do this for their customers, but this meant that stolen or leaked Certificates of Authenticity (COAs) could be used to activate unlicensed copies of Windows. So for example a small operation might sell quite a large number of machines with 'preinstalled Windows', but only pay for quite a small number of licences from Microsoft, or none at all, making up the difference with hot COAs.

In the past Microsoft has been able to keep some kind of lid on this by (among other mechanisms) investigating discrepancies between apparent sales and the ones it can account for, but the modified route provides more of a physical barrier to the practice. Activation using one of the affected product keys will now mean having to go through a series of questions with a Microsoft call centre representative, who will issue an override key provided the answers confirm that the activation is legitimate.

The procedure affects the top 20 OEMs from 28th February, and will be extended to all other OEMs who've been using this activation method over the rest of the year. People who need to activate a lot of products in their line of work (e.g. service engineers) are likely to be less than ecstatic.

But as we noted, this is more a case of tightening control on channel leakage than it is on stopping Windows piracy in general. Possibly the most popular pirate versions of Windows are of Corporate edition, where it is (and will remain, until Microsoft thinks of something) perfectly feasible to install a copy of the software and activate it with a leaked key, or one produced by a key generation routine, without going anywhere near the Internet. If the software was installed with one of the leaked keys Microsoft knows of and has blocked, then such an installation won't be able to access software updates, but as far as we're aware Microsoft still has no mechanism for detecting and countering generated keys.

The corporate customer sacred cow is unlikely to smile on any Microsoft anti-piracy initiative that would get in the way of multi-machine, multi-site upgrade rollouts, which does rather limit Microsoft's options here. But there remains an upside, from Microsoft's point of view. Actual corporate customers aren't likely to engage in widespread theft of Windows on the basis that it just takes Microsoft to wonder where they're getting the stuff from in order for them to be detected, and over the years Microsoft has been progressively increasing its ability to detect piracy in smaller businesses.

This means it can achieve a reasonable, and probably increasing, level of compliance among the customers already paying, most likely to pay and most likely to be easily discouraged from running unauthorised software. The people it misses, although they're the ones Microsoft tends to shout loudest about, aren't the ones Microsoft stands much chance of making more money out of anyway. Not, at least, before Bill owns the whole world. ®

Related Stories:

Windows authentication: reasonable and gentle
China's IT: an inside outsider's view
Should XP pirates get SP2?

Designing a Defense for Mobile Applications

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Captain Kirk sets phaser to SLAUGHTER after trying new Facebook app
William Shatner less-than-impressed by Zuck's celebrity-only app
Do YOU work at Microsoft? Um. Are you SURE about that?
Nokia and marketing types first to get the bullet, says report
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.