Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Windows Operating Systems Software Security IT

Windows Vista Keygen a Hoax 154

An anonymous reader writes "The author of the Windows Vista keygen that was reported yesterday has admitted that the program does not actually work. Here is the initial announcement of the original release of the keygen, and here is the followup post in which the same author acknowledges that the program is fake. Apparently, the keygen program does legitimately attack Windows Vista keys via brute force, but the chances of success are too low for this to be a practical method. Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"
This discussion has been archived. No new comments can be posted.

Windows Vista Keygen a Hoax

Comments Filter:
  • i thought so (Score:2, Insightful)

    by jrwr00 ( 1035020 )
    I figured it would turn out like that, its just a random number gen that prints a 25 digit number.
    a 4 year old using BASIC could do that
    • I think you meant this one [slashdot.org] and you should have said "I think this is a hoax"

    • When in reality (Score:4, Informative)

      by Alien54 ( 180860 ) on Saturday March 03, 2007 @11:44AM (#18217854) Journal
      The 25 digit key is in base 36 (0-9 plus A-Z), providing 8.08281277e+38 possible keys, without accounting for various error checking and validation schemes
      • by Yvanhoe ( 564877 )
        But do we know how many valid keys exist in this domain ? After all we have seen MS releasing a key protection scheme (I believe it was for Win98) where you just had to provide a key where the sum of specific digits would be a multiple of 7. There was something like 36^12 possible keys but 1/7th of them were valid. Or was that also an hoax ?

        Anyway, it really depends on how much valid combinations exist. If they tailored the algorithm to only accept a few billions of combination they are safe but if they a
        • Re: (Score:2, Insightful)

          by kbradford ( 923330 )
          0.001% of 8.08E+38 is still 8.08E+34. That is a VERY LARGE number. Why would MS create a key algorithm that allowed for so many valid keys? Not only would they never need that many, but it would only make it that much easier for brute force cracking.

          Obviously it isn't that big.
      • Re: (Score:3, Informative)

        by solitas ( 916005 )
        The 25 digit key is in base 36 (0-9 plus A-Z), providing 8.08281277e+38 possible keys, without accounting for various error checking and validation schemes

        Actually, there should be a lot less than that since some characters are always letters and some characters are always numbers.

  • by Anonymous Coward on Saturday March 03, 2007 @10:23AM (#18217346)
    Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"

    Oh sure. Next I suppose you're going to tell me that the guy who claims he ordered (and received) a 37" LCD TV for $7.99 due to a price mistake is lying, too. Or the kid who swore he put a Beta tape in a VHS deck and it played...Don't you have any faith in people anymore?
    • Re: (Score:3, Funny)

      by Anonymous Coward
      My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?

      =)
      • How many did that one disappoint, I wonder?
        I wasn't disappointed until I read that!
      • My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?

        An even "better" one was for the Intel 486SX CPU, the cheapo version of the Pentium's predecessor. To quote the Foldoc entry [foldoc.org]:-

        All 486SX chips were fabricated with FPUs. If testing showed that the CPU was OK but the FPU was defective, the FPU's power and bus connections were destroyed with a laser and the chip was sold cheaper as an SX, if the FPU worked it was sold as a DX.

        The Jargon File claimed that the SX was deliberately disabled crippleware. The German computer magazine, "c't", made this same theory the basis of an April Fools Joke. They claimed that if one drilled a hole of a specified diameter through the right point on a SX chip, this would brake the circuit that disables the FPU. Some people actually tried (and then bought themselves new processors).

      • Re: (Score:3, Funny)

        My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?

        But that one really worked. I did it myself. I swear!
      • Re: (Score:3, Informative)

        by secolactico ( 519805 )
        My favorite was always the "If you heat up a needle and put it through this particular spot on your Tomb Raider CD, Lara Croft will be naked!" How many did that one disappoint, I wonder?

        Uh? Never heard of that hoax. Is there any reference on the web? A cursory google search turns up nothing.
      • Re: (Score:3, Funny)

        by antibryce ( 124264 )
        How many did that one disappoint, I wonder?

        I know of at least one... :(

    • Re: (Score:3, Funny)

      I don't know about that, but I do know that if I post this message 10 times I will get a free thingamajiggy in the mail. It works, my friend said so.
    • Next I suppose you're going to tell me that the guy who claims he ordered (and received) a 37" LCD TV for $7.99 due to a price mistake is lying, too.

      Believe it or not I actually did order and receive an nvidia graphics card worth around $150-$200 for around $2 from the most popular online shop in Turkey. I was banging my head on the wall when i recieved it that i did not order more than one. They never realized the problem and the same account i received the item is still active.

    • by HeroreV ( 869368 )
      I detect sarcasm. I suppose you're one of those people who don't believe I was able to play a PlayStation 3 game from my computer's CD drive. Have some faith in people!
  • by ekasperc ( 1070946 ) on Saturday March 03, 2007 @10:31AM (#18217390)
    OEM_BIOS_Emulation_Toolkit_For_Microsoft_Windows_V ista_X86.v1.0-PARADOXThis has been floating around for a few minutes now, and according to the history of this group, i guess this is a bulletproof solution ..
    But i don't know what will be the impact for online upgrades since i don't use Vista myself.
    • by Anonymous Coward on Saturday March 03, 2007 @10:47AM (#18217490)
      OEM activation works by having OEM identifiers and SLIC table stored in the BIOS and Microsoft then sign a cert per OEM (also required). The softmod uses vista boot manager to spoof flashed BIOS. Patching a VM should be even easier.

      Once again, product activation is only a PITA for legit customers.
      • Re: (Score:1, Interesting)

        by Anonymous Coward
        "Once again, product activation is only a PITA for legit customers."

        For some extreamely low threshold of PITA. But then this is the forum that's stymed by DVD commercials.
      • product activation is only a PITA for legit customers.

        I can only agree how much of a pain this was. Once I'd typed in my 25 numbers and letters, Windows never bothered me or asked me about it again. How intolerably annoying is that?!
        • by sponga ( 739683 )
          That is most hilarious thing that gets me around here about DRM/WGA; is that us power users are usually the ones affected by it since we usually have a pirated copy.
          I had a machine that had a pirated copy of XP and everytime I wanted the updates right away; sure enough WGA would show its face and I would have to find the latest tool to avoid it.

          Yet I have a legitimate copy on another machine and in those 4 years since I have had it running I have yet to run into a problem with WGA and can access all the WGA
        • I can only agree how much of a pain this was. Once I'd typed in my 25 numbers and letters, Windows never bothered me or asked me about it again. How intolerably annoying is that?!

          Well count yourself lucky. I had a quite a hassle last time MS questioned my right to run my legitimately purchased copy of XP. I had to type that stupid code at least 4 or 5 times in response to robotic prompts. After getting disconnected the first couple of times, I finally got transferred to some guy in Uttermost Thule who snee

          • Re: (Score:1, Troll)

            by Macthorpe ( 960048 )
            Check my (now deservedly marked troll) comment to the AC above - I open my box an awful lot. Sorry to burst your bubble.
      • While only a single case, I'm a legit customer and product activation was hardly a PITA. Installing a clean "upgrade" was tedious (although the savings of $140 was well worth it to me), but the activation itself was instantaneous and unremarkable. That said, I believe Vista is a waste of money overall, except that I find it to be the most feature-complete platform for an HD HTPC at present.
    • by gEvil (beta) ( 945888 ) on Saturday March 03, 2007 @10:49AM (#18217508)
      Hmmm, I wasn't aware of this. Then again, I haven't been paying much attention to Vista stuff anyways. A few minutes of digging around brought up this site, [mydigitallife.info] which looks to have links to modified BIOS files for quite a few motherboards. Pretty sneaky, sis...
    • Wont TPM and EFI make this harder?
      • You just disable the TPM chip - the majority of PCs out there don't have one (this laptop was new in November and doesn't have one for example, so it's not just old ones either) so they can't exactly make it mandatory.
        • Dell D820's have them as do most business sold laptops I imagine. They also come with smart card readers as standard.
    • Re: (Score:3, Informative)

      by Anonymous Coward
      Links... PARADOX's OEM emulation tool is out on the various torrent sites. Here is the link from Demonoid [demonoid.com].

      Pantheon released a full Windows Vista Ulimate CD with their own activation tool using the same principle. Here is the NZB set [yabse.com] (click NZB to download the file) to facilitate downloading from Usenet. Posts are two hours old so they may need a bit longer if you're not using Giganews, Newshosting, etc.
  • Why (Score:5, Interesting)

    by JackMeyhoff ( 1070484 ) on Saturday March 03, 2007 @10:35AM (#18217416)
    .. doesnt somebody actually create a distributed brute force on Windows activation. How many windows machinès in the world? That adds up to some pretty powerful attack.
    • Re: (Score:2, Insightful)

      by vivaoporto ( 1064484 )
      Because 1) It is not intelligent, brute force was never needed to bypass Windows Activation before 2) It is not subtle enough, and an operation this size would put a big bullseye on whoever did it 3) It is not profitable, people that run those botnets do it for profit, not to "stick it to the man", or to piss off Microsoft.
      • Yes but if they can get the algorithm then GAME OVER without hacks :)
        • The algorithm is obvious: public key encryption. The product key is going to be something like {Product, Edition, Serial#, Hash} encrypted with Microsoft's private key. Knowing the algorithm only helps you if you also know the private key.

          This is why you don't see keygens resulting from leaks of Windows source code. The key validation code is extremely simple. You simple decrypt with the public key and check the hash. Activation takes care of checking the validity of the serial #.
      • Re: (Score:2, Interesting)

        Yes but you will be doing that every time, once you got the algorithm you just have to seed it (most likely a hash of your computer configuration) to generate valid keys. They cannot go and redo the algorithm without impacting a LARGE amount of their customers, they can black list numbers but so what, with the algorithm you just genereate a new valid one. GAME OVER. Isnt that what we want to render it TOTALLY useless FOR GOOD? This is the way, not some bypass thats just temporary. THINK BIGGER!
        • by Splab ( 574204 )
          Uhm, a valid key is what, 25 characters? And we got 26 characters in the alphabet and and 10 numbers giving us a 36 possibilities for each character in the key, that is 36^25 "valid" combinations, unless you know their algorithm for picking valid keys you have to search the whole keyspace and that is a mighty big number, the processing power to do so simply doesn't exists.
        • They cannot go and redo the algorithm

          The industry is at least decades ahead of you--probably closer to centuries. Credit card companies learned this lesson from number theorists who were probably first employed by insurance brokers.

          How many different algorithms are there to generate a prime number? Sure, all of them eventually fail, but they each fail in their own special way. Every prime number generator has an optimum range.

          These algorithms generate prime numbers which are used as valid keys for Dell. These algorithms generate prime num

      • by misleb ( 129952 )

        Because 1) It is not intelligent, brute force was never needed to bypass Windows Activation before 2) It is not subtle enough, and an operation this size would put a big bullseye on whoever did it 3) It is not profitable, people that run those botnets do it for profit, not to "stick it to the man", or to piss off Microsoft.

        I think originally people started botnets mostly for fun and to display hacking "prowess" and to DDoS people that piss them off (companies such as Microsoft, perhaps). It was only fair

      • Yes, but most profitable applications of botnets involve using the internet connection (e.g. sending spam). This is by far limited by the bandwidth available, not by the processing speed of the computers. There's plenty of processing speed left over to do this sort of hack on the side.
    • by wfberg ( 24378 )
      .. doesnt somebody actually create a distributed brute force on Windows activation. How many windows machinès in the world? That adds up to some pretty powerful attack.

      Except that you need an activation code for every machine. So adding machines doesn't only add to the processing power by 1, but also increases the workload by 1. This is of course assuming people who don't need to get a copy of windows activated won't feel the urge to join, which seems fairly likely.

      Brute force is always the last resort
  • /.'d (Score:3, Funny)

    by oDDmON oUT ( 231200 ) on Saturday March 03, 2007 @10:59AM (#18217560)
    Oh well, didn't really want to read a retraction anyway.
  • you know it does exactly what he said it would, bruit force. and in therory it will work it just might take 6 years, but it does exactly what he said it would. Im running vista ultimate, a legit version. and it wouldnt be worth the waite for the brute force any how, vista sux, i have a system that can blow the socks off most systems in xp. but under vista its slow and just dont cut it for gaming.
  • If you're looking for a good laugh, I would recommend reading some of the responses in that forum thread. People are still running the keygen in hope of getting a valid key, reasoning "its not that its fake.. its just taht you never actually put thought into the logic." and "you look at the invalid keys it produces and check why its invalid so you can come up with a mathimatical equsion to compute valid keys.. "

    Warning: Extreme Tolerance for Poor Spelling Required
    • Its funny because its true. A random number generator will randomly work, so maybe it makes sense to try it for a couple of weeks. Someone might get lucky and notice a pattern where there is none.
      • by neminem ( 561346 )
        Hey, a random number generator was my keygen for Starcraft... I actually owned a legal copy, but lost the cd key. Thus, for the past almost 10 years, whenever I need to reinstall Starcraft, I type in some random numbers. It always works after a couple tries.
        • That's a different (and better) topic all together... Starcraft kicked ass - especially the initial multi-player version that was out back in 98/99.
  • by suso ( 153703 ) * on Saturday March 03, 2007 @11:37AM (#18217800) Journal
    Even thought it turned out to not be true, there are a lot of people who only read Slashdot and other news places during the week and won't see this retraction, so they may never know that it was fake. So they will go off with a further impression that its unsafe to run Vista and you could have your legitimate key compromised at any moment. Its like the tactics that some politicians and corporations use. What is someone going to post next week and retract on Saturday?
  • by gd23ka ( 324741 ) on Saturday March 03, 2007 @11:51AM (#18217900) Homepage
    I see no reason why they even have an algorithm to check whether
    a key is valid before submitting it to their server for signing.

    If I were them I would do what prepaid mobile phone has been doing
    for years: generate completely random keys and at the signing server
    end just check if that key is in the database and if it's not already
    used. If that's the case then all they would have to do is sign the
    key and the computer configuration and return that to the client code
    that would in turn check if the signature is valid.

    That way there would be no way to brute force keys because they have
    control over the validation server and can put a stop to that and there
    is no key validation code exposed from which someone might derive a
    key generator or at least get hints at how the keys are distributed
    in key space.
    • I would guess it is to help the user in case of mistyping. If the serial pattern is such that it is hard to find a "working" serial by a typing mistake it is a good way to ensure that the serials that the users are submitting are typed in correctly.

      Not having this step means that it is even harder for users to figure out if "failed" reply from server meant that the serial is already in use (or stolen) or that they just made a typing mistake.
      • by gd23ka ( 324741 )
        I think it would indeed be a good idea to have a simple checksum in there
        to reduce typos and frustrartion, in effect have a random key and a
        byte's worth of checksum.

        As far as certainty for the user is concerned as to what happened, the server
        could issue certain error messages like "This registration key is not valid!" or
        "I am having problems right now validating your key but that's not your
        fault, try again later" and of course: "DIE, PIRATE SCUM!"
    • I think that is exactly how online activation CD keys work. The key has some sort of checksum built into it so that some offline checking is possible. This is to detect typos. But it is not a strong check. The full check is performed online against the list of valid and unused keys, which as you say are generated from random data.

      Suppose the key is 125 bits in size. (5 words of 5 characters, with each character representing 5 bits). Say 10 bits are devoted to a checksum, so that there is only a 1 in 1024 ch
      • The typo checking is likely smarter than just a random 1/x chance of hitting it. Take an ISBN number for example. It's not possible to change one digit or reverse the order of two digits next to each other and get a valid ISBN number. There's a lot of cool stuff like this in code theory that makes designing these kinds of keys as easy as opening a textbook..
    • If I were them I would do what prepaid mobile phone has been doing
      for years: generate completely random keys and at the signing server
      end just check if that key is in the database and if it's not already
      used

      What would stop you from sniffing the traffic of the on-line checking of a legitimate key, and then faking that traffic to "authorize" illegitimate keys?
      • by gd23ka ( 324741 )
        Three words: Public key cryptography

        1. Alice generates temporary session key
        2. Alice encrypts temporary session key using Bob's public rsa key
        3. Alice sends encrypted temporary session key to Bob
        4. Alice and Bob now use the temporary session key for all further
              communications.
        5. Evil Marvin (the listening dude in the middle) does not profit.

        random session numbers and timestamps do their part to prevent replay.
        • by MrNaz ( 730548 )
          Dude, you're so silly. Marvin *can* profit. Here's how:

          1 Decide to break Alice and Bob's public keys
          2 ...
          3 Profit!

          It's a tried, tested and proven formula.
          • by gd23ka ( 324741 )
            Right but instead he could take a length of rubber hose, drive out to Alice, shoot her
            dog and beat the crap out of her until she starts talking. Then he could tie Alice
            up and throw her sorry bleeding sobbing body onto the back of his pickup, drive over to
            Bob and douse his little daughter with lighter fluid while choking her with his belt.

            The only drawback to this brute force method of course is that both parties find out
            that their secret has been compromised.
    • This seems like a fair idea in principle, but as soon as the anti-MS groups found out the server IPs they would Ddos the shit out of it. Suddenly noone can validate their copy of Windows for a day, MS's tech support lines are jammed, etc etc etc. If all the logic is server side you have a pretty big failure-point! More than that, I think MS's anti-piracy measures are a calculated exercise in PR - they realise that they will never actually stop piracy, but they can't be seen to be giving in, so they carry on
  • ...So stands to reason that a Vista one would be possible too. Dont know how the XP one worked but it spent a good few hours crunching away and displayed what had worked. Probably generated a random number then ran it through an algo that would at the end say "yup, this validates" or "no it doesnt" and recorded the ones that did actually pass the test. Surely that isnt a big feat for working with whichever algo Vista uses?
    • The first working XP key generator was called 'The blue list' as far i'm aware.
      There was a brute force element to the generation since it took about an hour to make a key on my cruddy old laptop I had at university at the time. Not all keys generated even worked so you'd have to make a bunch. I actually had a legal key under some student licence the university had, but didn't want to phone microsoft to activate it.
      At some point an instant XP keygen took over as the algorithm was well and truly hacked.
      Not th
      • by FLEB ( 312391 )
        Are you sure you even had to activate the university key? I got one from my college and it was a volume license key-- no activation required.
        • by Sethb ( 9355 )
          Then your university didn't follow the rules. VLK media is only supposed to be used by the institution, and the VLKs aren't supposed to be given to end-user types. For media given to students, faculty, and staff for their personal computers, the institution is supposed to buy (and can resell) media that requires activation, and comes with a unique key. It's pretty cheap, under $5/disc if I recall. I know that at one time, the IT staff of the institution could install the VLK version on your machine for
          • At my university (Wright St.), every campus PC has the exact same Windows XP key. All students up to a certain point were also allowed to check out a copy of XP for free. This "deal" expired (afaik) awhile back.

            Part of the license agreement we had to sign was to agree to use the license only so long as we were students of the university. If you wanted a better license, you had to pay for XP (but at a very reduced charge).

            To this day, many people on campus can recite the key from memory due to how much it
  • Hey, it worked for SETI, and they're getting no results at all!
  • Because, you know, the fucktard deserves it.

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...