InfoWorld
Lead with Knowledge
HOME/ SITEMAP
SUBJECT INDEXES
ABOUT US
WHITE PAPERS

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

SEARCH:  
Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
Activation, anyone?

I WROTE LAST week that Microsoft's new Windows XP operating system, scheduled for wide distribution on Oct. 25, has so few real benefits and so many irritations -- especially Passport, an insecure and relentless scheme to vacuum up users' e-mail addresses -- that I instead recommend buying new PC systems with Windows 2000 installed.

But you're likely to face XP sooner or later, whether you like it or not. That's because PC manufacturers almost universally plan to install the new operating system unless buyers specifically request Windows 2000 or Windows Me.

As a result, you'd better know a thing or two about XP's most irritating feature of all: Windows Product Activation, or WPA.

WPA is a peculiar method of generating a numeric key that users must report to Microsoft via an Internet connection or a telephone call to continue to use XP after the first 30 days. The user receives a new code number that "activates" XP.

Fortunately, purchasers of volume licenses from Microsoft won't have to activate XP systems. And PC makers can preactivate the PCs they sell to buyers. Ideally, a PC maker will choose to "tie" an XP installation to its BIOS. This permits end-users to make any number of hardware changes (except a different BIOS) with no complaints from XP.

But problems arise if a user installs XP and then changes several hardware components of his or her system. In that case, XP use is restrained until Microsoft is contacted again for a fresh number.

I've found that this method of generating the original code is so lame that it will have no effect, as Microsoft claims, on stopping true software pirates. I'll explain why in next week's column.

This week, however, I want to address a different concern people have about WPA -- that it's a profiling system designed to reveal all your software and hardware details to Microsoft. This fear is unfounded. Although Microsoft itself hasn't been completely forthcoming about how WPA works, third parties have examined the communication between Windows XP and Microsoft on a bit-by-bit level. This shows that nothing more is transmitted than a few bytes that XP generates using a rough formula. No useful list of hardware or software can be deduced from the resulting string, which isn't unique to a single machine.

The best paper I've seen on the actual process of generating and interpreting the codes used by WPA is from a software-licensing company called Fully Licensed. See www.licenturion.com/xp/fully-licensed-wpa.txt. To analyze your own byte stream, a free tool called XPDec is provided in a Zip file at www.licenturion.com/xp/xpdec-exe.zip.

A broader study of WPA is at www.windows-help.net/windowsxp/activation.html.

Will all this impede serious pirates, though? Not a bit. Tune in next week to see why.




RELATED SUBJECTS

Operating Systems
Business News

MORE >
SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top
 ADVERTISEMENT
 

SPONSORED LINKS

Gateway: Your Reliable IT Provider of Business Technology Solutions
Learn to secure your PCs from new and unknown hacker attacks.
Get FREE Hurwitz Report: Control Your App Dev Costs with TogetherSoft!
Click here to receive a FREE Success Kit from Oracle.
SPEED, PERSONALIZATION AND INTEGRATION: THE KEY TO E-COMMERCE SUCCESS.

SUBSCRIBE
E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training
ABOUT INFOWORLD  |  SITE MAP  |  EMPLOYMENT  |  PRIVACY  |   CONTACT US

Copyright 2001 InfoWorld Media Group, Inc.