Vulnerability Development mailing list archives
[Fwd: WinXP, MediaPlayer etc..]
From: Blue Boar <BlueBoar () thievco com>
Date: Fri, 29 Jun 2001 08:55:16 -0700
"Kayne Ian (Softlab)" wrote:
Hey m8, There was a thread on Vuln dev a bit back about the copy protection in XP. I've just had a chat with a former colleague of mine, who gave me the info in the msg below. It's up to you whether you want to post this on to the list, thought I'd just let you decide. L8r -Ian Blue Boar wrote:Anyway, I let it through because there have been news stories that it has been cracked, and MS denies it. I was hoping for an answer. Second, I was hoping for a discussion of how the copy protection in XP products works. Yes, it's a bit off-topic for vuln-dev, and I usually toss such queries. However, this is going to affect a lot more people, and I think it's also going to touch on privacy issues.---------[ SNIP ]----------- Hey, Ok, today I have come across some extremely interesting information, which will hopefully add a bit more to the discussions going on about this. I was told this by a former colleague who now works for Microsoft doing product testing - he's one of the people that makes sure everything works, and helps OEM's deliver pre-built systems etc. Windows XP, Product Registration: This has been discussed in many places. The official story is as follows. XP does require you to perform online activation of your product. After installing the O/S, you have 30 days to register your system. If you do not register, the O/S locks itself down. This means you have VERY limited functionality, only enough to copy data off the machine and register the O/S. Registration may be done in 2 different ways: In the first instance, you tell the O/S you wish to register, and it will generate a key for you. More on this in a second. 1. No net connection. In every country, MS have set up a clearinghouse for product registration. You will ring MS up, read out the key to them, and they will in turn give you an activation key, which you type in 2. Net connection. They have a "3 click mechanism" to register your product. The key is generated as above, and sent to Microsoft. They then send you back the activation key, which registers your product. What is the initial key (I'll call this the ID Key, as it id's your system to MS) comprised of? Apparently, it contains no personal data whatsoever. Thats no name, company, address etc etc. It does however contain serial numbers taken from hardware installed in your system. That means processor serial number if available, BIOS revision, MAC address on NIC's etc etc etc. This is combined with your COA (Certificate of Authority) number, and encrypted somehow. This encrypted data is sent to MS, whereupon (I assume) they perform some kind of hash on it, and send the resulting key (I'll call this the Activation key, note these are names I've made up to try and make this easier to follow) back to you. The ID key is then used by Microsoft to track your usage of the system. The Activation key is used by the O/S itself to track your usage of the system. How does this work? Firstly, XP makes an "intelligent" decision about your system. This means when you register your copy of XP, and if you never change your hardware, you will never have to reregister. Similarly, XP will track minor changes, or cumilative changes. This means you can change 1 or 2 components in your system (sound card, or a bios upgrade for eg), and XP will not require you to re-register. As I said, it does this cumilatively. So, if in January you install XP & register, Feb you change your sound card, 1st March you change your NIC, 15th March you change your monitor, XP will track these cumilative changes, accept that they are "upgrades" to the original system it was installed on, and allow you to continue to use the O/S without reregistering. However, if you install XP, then swap out a large proportion (this point is vague for a reason) of your hardware, you WILL be required to re-register. That means Ghost will cause headaches for a lot of people. I raised the point about number of registrations. MS must have a cut-off point to how many times they will allow you to re-register. The answer is yes. And it's a little bit of a worrying one. If you change your hardware too often, and go to re-register XP online, it is possible that it will REJECT YOUR KEY. This could leave you with an O/S in a NON-FUNCTIONAL STATE, even if you have a perfectly legal copy of XP and you are using it perfectly legally. In the event that this happens, you will have to call the MS Clearing house, and explain the situation to them. They will then make an educated decision as to whether you are legally or illegally using the product, and act appropriately. So, if you ring them up, explain you are a s/w engineer and you need to keep reinstalling your o/s say, 15 times a month, they will reactivate you - no problem. But, if you ring them up, they see you tried to re-activate your product 100 times in the last week, they will know something dodgy is going on, and kill your license leaving you without an O/S. To me, this is a bit worrying - this means the entire MS licensing procedure now relies on human decision making. In the future, you'll have to convince some call center guy that you should be allowed to continue to use the product you paid for and own, just because you changed hardware. 2 examples at either end of the spectrum, but remember, they are EXAMPLES -- we don't know what meter MS will use. Apparently this functionality has been deployed for nearly 2 years, but not used widely as yet. I raised a point about the amount of traffic that real-time licensing is going to generate - surely this will require huge pipes & terabytes of storage. Apparently not - as this is a 1 time registration (ie: each copy of XP sold will only ever have 1 record at Microsoft associated with it), the amount of traffic & storage will be relatively low. As I said, it seems as though MS have been slowly rolling this infrastructure out over the last few years. All this change in licensing is to combat piracy (really? hehe). It was admitted that MS have no doubt this protection will be cracked immediately, but it will show some reduction in piracy. Apparently it has already knocked about 20% off piracy figures in pan-pacific region. MS are aiming to stop the "can I borrow this copy of the OS from you/my m8/work etc etc". Media Player 7 & 8, SDMI There has been a lot of banter about Mediaplayer containing functionality to limit bitrates in various formats, in fact I personally believed this. I asked the question, and I was told the answer was a categorical NO. There is NO hidden functionality or code in WMP7 or 8 to limit the features of Media Player. Oh, also, the XBox will be shipped with 20 titles. well, I hope that answered a few questions and prompted a few more. Maybe it was of interest, maybe not... Ian Kayne Technical Specialist - IT Solutions ******************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and Softlab does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the IT helpdesk by telephone on +44 (0)121 788 5480. ********************************************************************
Current thread:
- [Fwd: WinXP, MediaPlayer etc..] Blue Boar (Jun 29)