Sp1 + Corp Rumours

[Epyx]

I've just read Orig's article about MS's new "algorithm" for Corp keys and some of the other scarey stuff they might activate in SP1 Final. I don't know if anyone else agrees, but this news seems unnecessarily alarmist. Let's take the major themes:

"Microsoft is in the works of completely rewriting the algorithm for the way Windows XP Corporate keys are generated"

Translation: MS will tweak PIDGEN.DLL yet again. They did this ad infinitum in the last few iterations of XP beta.

"The new algorithm feature has been switched off in SP1 upgrades"

Translation: PIDGEN.DLL won't get replaced in upgrade mode. So this means the old PIDGEN.DLL will still work after SP1 and therefore pre-SP1 Corp keys can still be made to work.

"Windows also checks for the DLL files version numbers and if they don?t match, errors will be created during install"

Translation: Fine, so you'll replace PIDGEN.DLL and any other requisite files after install.

"Microsoft is also planning to warn those with corporate editions of Windows XP to not let the CD-keys slip into the mainstream"

Translation: So business as usual. Given what a Corp key is worth in the warez world, you can guarantee that at least one new-style Corp key will leak from China, India or possibly Redmond itself. It always does, and we'll have it within a week of RTW (Release To World).

"Another rumor that is running rounds at Redmond is that Microsoft may actually include a type of ?Phone home? feature in the corporate versions of Windows XP only"

Translation: B.S.

"a feature that makes sure the Corporate edition of Windows XP is not installed on more computers than it?s contract is made out for"

Translation: But since we aren't the licence holders anyway, we don't give a rat's arse about that side of things.

My guess is that MS will change the PID generation algorithm as a direct response to the Blue List Keygen. If it weren't for that innovation, they would just blacklist the old FCKGW- key. If the worst comes to the worst, we'll run a late SP1 beta for a bit. But most likely, any PID changes in SP1 Final will be quickly worked around. When a new Corp key emerges, all this angst will be quickly forgotten.

Epyx

[Berlin2]

Now, thats clear enough. Thank u.

[PliotronX]

Would simply replacing PIDGEN.DLL with the original corp one make the old keys work or does SP1 validate the checksum for PIDGEN to keep this from happening?

And thanks for posting, these are interesting points. I wonder what Orig would say



Last edited by PliotronX at Jul 22 2002, 01:53 AM

[Epyx]

Well, I'm a bit rusty on this stuff since the times of XP beta, but it was farily simple to switch the PID algorithm by swapping PIDGEN.DLL and one or two other files. This was commonplace in the final days of the beta phase.

I guess the point is not to get too worried yet about a "new algorithm". It's not earth-shattering news if it's true. We handled the bump with OXP SP1 and we'll all do the same with WinXP SP1.

Epyx

[Woogieman]

Over on the wxperience site there's a thread describing a method that M$ is rumored to be releasing with SP1. That is, after a combination of a specific date AND a specific number of cold starts AND one other variable are met, any unauthorized version will be stopped cold. In other words, installing SP1 on a test system, then setting the clock ahead a year or two as the test will be meaningless as XP will perform as normal - even though it's "booby trapped". They didn't say what the 3rd variable was but probably a check to see if the Blue List generator produced the key. Evidently the Blue List generator results in a key sequence that M$ claims now to be able to detect, or at least narrow down the field considerably.

Sounds like the smartest move will be to try to get only those pieces of SP1 that have any real value to you - which isn't much. However, for those people that use all the M$ internals (I.E., Outlook Xpress, etc) will wind up just plain screwed sooner or later - translated that means they'll probably wind up paying for a legit copy and getting their very own Authorization code. Surely a very special, heart warming feeling.

The "call home" rumors are sort of meaningless (unless you rely on XP's firewall solely). The concern here is that from the inside of your machine, after market firewalls are easy to disable. I had this happen on my daughters machine when she downloaded some software that after installation would disabled Norton, ZoneAlarm, etc then hid itself. Found it and killed it, but what a hassle. And, of course, once you download SP1 it's on the inside looking out!!

Lastly, there seems to be a lot of M$'s friends recently (or people that seem to be) on a lot of Forum's trying to gather as much info as they can regarding current SP1 hacking plans. At least there's a lot of probing to try and find out who's doing what to neuter SP1. Maybe they get a special Christmas present from Gates or Monkey Boy (Balmer) for faithfully reporting what's happening, who knows. Who cares. They're just plain jerks anyway.

Regardless, M$ has obviously put a lot of effort into trying to reduce the number of illegitimate Corp XP Pro's that have made a big dent in their profits - and reputation.

[Tomboy]

Guys,

I am confident that once the new PID algorithm is finalized in SP1, that a modified version of the infamous key generator can be made. It will create new corporate keys that are just as reliable that those generated today. I haven't heard anything in this news that makes me think that SP1 is going to be a show stopper. Worrying before SP1 goes final is a supreme waste of time. I recommend sitting back with a cold tall glass of your favorite soda (Dr Pepper!) and let Redmond do the worrying. I give their new scheme only 2 months at most before they are history. The main reason for cracking WPA is to make M$ realize what a monumental amount of money they squandered on an ineffective and worthless CP scheme. With any luck, they whole WPA team will get canned. Well thats my 2 cents worth.

Tomboy

[BetaNet0001]

Some snippets from The Register's response to Orig's article:
http://www.theregister.co.uk/content/4/26301.html

MS planning to tackle leaked WinXP keys with SP1?
By John Lettice

"The procedure BetaONE envisages (and it's about the only one we can see would have an effect) is that all corporate customers will be issued with new keys that are recognised by the new code in SP1. So if that's correct, all current corporate keys are dead, the luckless corporate techies will likely get somewhat irritated about having to reactivate, but hey, activation with a corporate key is supposed to be trivially easy, right?

The new key generation system may be more difficult to get round than the last one; indeed, if it isn't, there isn't a lot of point in Microsoft implementing it. That, however, is not the problem. Microsoft's difficulties arise not from people actually cracking the key system but from corporate keys leaking, so no matter how good the system, if a key is leakable, it gets circumvented.

...Inexorably, one is drawn to phoning home as the real shoe two. The EULAs are being amended so that Microsoft reserves the right to check the validity of machines' licences, which means the company will be able to check online for leaked keys, and take what it deems appropriate action. Checking via Windows Update would allow the identification of corporate keys that had leaked out of the corporate market, and this could be followed up with the owner of the key...."

This is really a non-issue. Simply say NO to SP1. I have been using XP on my main machine for a year now and have never Blue screened or been hacked and it runs everything I throw at it. The main rule in mechanics and engineering is:If it aint broke, dont fix it. I use my computer in a production environment and would never do anything to disturb the status of my machine.

Zo

*PHONING HOME*

it cant happen if one takes a few simple procedures to prevent outbound traffic



Last edited by zonko at Jul 22 2002, 09:35 AM

[Woogieman]

I'm with you, zonko!! The only items that I can see that might be worth anything (to me, anyway), is the USB 2.0 software and the "over 1700 bug fixes" they advise. The problem with the "1700 bug fixes" is that more than likely some of the bug fixes have to do with halting your XP until you enter that brand new key that your Corporation (based on your current Product ID) received in the mail a couple weeks ago. You did receive that Key, didn't you? After all, you're part of that licensed Corpoartion - your Product ID says so, remember.

As for USB 2.0 - I'll be using an aftermarket card for the 2.0 devices so will go with the software provided by the card manufacturer. Don't need the M$ version.

Again, only those people that rely on M$ software (I.E., Outlook Express, etc) seem to be at risk. Sooner or later, they'll be dumped to the M$ update site and then it's "gotcha" time. Remember, there's nothing to prevent a M$ friendly internet site to redirect you to M$'s handy-dandy fixer-upper site to "help" you update before you know it.

Jeez, this cloak and dagger stuff is exciting, in't it?

[azizcha]

Hi guys, I don't know a lot of thing in computing and just wanted you to "light" me on this corporate SP1 problem.

But just prior to that, Zonko and Woogieman, I agree that SP1 is perhaps not a necessity for all of us but it seems that you won't be able to update via WindowsUpdate after SP1 has been released, is it true (even if you don't install SP1)? So Microsoft would like to force people to install SP1 so that they can check if they are eligible to use windows update?

Now concerning the corporate: I've read that the problem occur if you slipstream XP to SP1 but not if you upgrade! Could you please explain me what's slipstreaming? Why is it different to "upgrade". Because, if I have XP and I install SP1 after (this means upgarding), I won't have any problem no? So what's the purpose of slipstreaming?

In summary, If I have a fine install of XP and I applied the SP1 over it, my system will be upgraded to SP1 without all those key probs etc, true or false? OK the old FCKGW...key won't work anymore but any other corporate key should work?