Feeds

XP deloaded? MS tightens screws on loose product keys

But effects will be limited

  • alert
  • submit to reddit

Remote control for virtualized desktops

Microsoft is tightening the screws further on pirate copies of Windows by disabling Internet activation of XP product keys for software distributed by all of the large OEMs. The move however doesn't take the company anywhere close to universal compliance, and seems more intended to reduce casual copying and leakage from the PC channel.

The latest move, which was first revealed by Aviran Mordo earlier this week, places restrictions on a mechanism used by OEMs to bypass Product Activation. They have previously been allowed to do this for their customers, but this meant that stolen or leaked Certificates of Authenticity (COAs) could be used to activate unlicensed copies of Windows. So for example a small operation might sell quite a large number of machines with 'preinstalled Windows', but only pay for quite a small number of licences from Microsoft, or none at all, making up the difference with hot COAs.

In the past Microsoft has been able to keep some kind of lid on this by (among other mechanisms) investigating discrepancies between apparent sales and the ones it can account for, but the modified route provides more of a physical barrier to the practice. Activation using one of the affected product keys will now mean having to go through a series of questions with a Microsoft call centre representative, who will issue an override key provided the answers confirm that the activation is legitimate.

The procedure affects the top 20 OEMs from 28th February, and will be extended to all other OEMs who've been using this activation method over the rest of the year. People who need to activate a lot of products in their line of work (e.g. service engineers) are likely to be less than ecstatic.

But as we noted, this is more a case of tightening control on channel leakage than it is on stopping Windows piracy in general. Possibly the most popular pirate versions of Windows are of Corporate edition, where it is (and will remain, until Microsoft thinks of something) perfectly feasible to install a copy of the software and activate it with a leaked key, or one produced by a key generation routine, without going anywhere near the Internet. If the software was installed with one of the leaked keys Microsoft knows of and has blocked, then such an installation won't be able to access software updates, but as far as we're aware Microsoft still has no mechanism for detecting and countering generated keys.

The corporate customer sacred cow is unlikely to smile on any Microsoft anti-piracy initiative that would get in the way of multi-machine, multi-site upgrade rollouts, which does rather limit Microsoft's options here. But there remains an upside, from Microsoft's point of view. Actual corporate customers aren't likely to engage in widespread theft of Windows on the basis that it just takes Microsoft to wonder where they're getting the stuff from in order for them to be detected, and over the years Microsoft has been progressively increasing its ability to detect piracy in smaller businesses.

This means it can achieve a reasonable, and probably increasing, level of compliance among the customers already paying, most likely to pay and most likely to be easily discouraged from running unauthorised software. The people it misses, although they're the ones Microsoft tends to shout loudest about, aren't the ones Microsoft stands much chance of making more money out of anyway. Not, at least, before Bill owns the whole world. ®

Related Stories:

Windows authentication: reasonable and gentle
China's IT: an inside outsider's view
Should XP pirates get SP2?

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Post-Microsoft, post-PC programming: The portable REVOLUTION
Code jockeys: count up and grab your fabulous tablets
Twitter App Graph exposes smartphone spyware feature
You don't want everyone to compile app lists from your fondleware? BAD LUCK
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.