Feeds

XP deloaded? MS tightens screws on loose product keys

But effects will be limited

  • alert
  • submit to reddit

A new approach to endpoint data protection

Microsoft is tightening the screws further on pirate copies of Windows by disabling Internet activation of XP product keys for software distributed by all of the large OEMs. The move however doesn't take the company anywhere close to universal compliance, and seems more intended to reduce casual copying and leakage from the PC channel.

The latest move, which was first revealed by Aviran Mordo earlier this week, places restrictions on a mechanism used by OEMs to bypass Product Activation. They have previously been allowed to do this for their customers, but this meant that stolen or leaked Certificates of Authenticity (COAs) could be used to activate unlicensed copies of Windows. So for example a small operation might sell quite a large number of machines with 'preinstalled Windows', but only pay for quite a small number of licences from Microsoft, or none at all, making up the difference with hot COAs.

In the past Microsoft has been able to keep some kind of lid on this by (among other mechanisms) investigating discrepancies between apparent sales and the ones it can account for, but the modified route provides more of a physical barrier to the practice. Activation using one of the affected product keys will now mean having to go through a series of questions with a Microsoft call centre representative, who will issue an override key provided the answers confirm that the activation is legitimate.

The procedure affects the top 20 OEMs from 28th February, and will be extended to all other OEMs who've been using this activation method over the rest of the year. People who need to activate a lot of products in their line of work (e.g. service engineers) are likely to be less than ecstatic.

But as we noted, this is more a case of tightening control on channel leakage than it is on stopping Windows piracy in general. Possibly the most popular pirate versions of Windows are of Corporate edition, where it is (and will remain, until Microsoft thinks of something) perfectly feasible to install a copy of the software and activate it with a leaked key, or one produced by a key generation routine, without going anywhere near the Internet. If the software was installed with one of the leaked keys Microsoft knows of and has blocked, then such an installation won't be able to access software updates, but as far as we're aware Microsoft still has no mechanism for detecting and countering generated keys.

The corporate customer sacred cow is unlikely to smile on any Microsoft anti-piracy initiative that would get in the way of multi-machine, multi-site upgrade rollouts, which does rather limit Microsoft's options here. But there remains an upside, from Microsoft's point of view. Actual corporate customers aren't likely to engage in widespread theft of Windows on the basis that it just takes Microsoft to wonder where they're getting the stuff from in order for them to be detected, and over the years Microsoft has been progressively increasing its ability to detect piracy in smaller businesses.

This means it can achieve a reasonable, and probably increasing, level of compliance among the customers already paying, most likely to pay and most likely to be easily discouraged from running unauthorised software. The people it misses, although they're the ones Microsoft tends to shout loudest about, aren't the ones Microsoft stands much chance of making more money out of anyway. Not, at least, before Bill owns the whole world. ®

Related Stories:

Windows authentication: reasonable and gentle
China's IT: an inside outsider's view
Should XP pirates get SP2?

7 Elements of Radically Simple OS Migration

More from The Register

next story
PEAK LANDFILL: Why tablet gloom is good news for Windows users
Sinofsky's hybrid strategy looks dafter than ever
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Fiendishly complex password app extension ships for iOS 8
Just slip it in, won't hurt a bit, 1Password makers urge devs
Mozilla keeps its Beard, hopes anti-gay marriage troubles are now over
Plenty on new CEO's todo list – starting with Firefox's slipping grasp
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cloudy CoreOS Linux distro declares itself production-ready
Lightweight, container-happy Linux gets first Stable release
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?