Windows Vista Keygen a Hoax

An anonymous reader writes "The author of the Windows Vista keygen that was reported yesterday has admitted that the program does not actually work. Here is the initial announcement of the original release of the keygen, and here is the followup post in which the same author acknowledges that the program is fake. Apparently, the keygen program does legitimately attack Windows Vista keys via brute force, but the chances of success are too low for this to be a practical method. Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"

i thought so

I figured it would turn out like that, its just a random number gen that prints a 25 digit number.
a 4 year old using BASIC could do that

When in reality

The 25 digit key is in base 36 (0-9 plus A-Z), providing 8.08281277e+38 possible keys, without accounting for various error checking and validation schemes

People lie on the internet?

Quote from the author: 'Everyone who said they got a key is probably lying or mistaken!'"

Oh sure. Next I suppose you're going to tell me that the guy who claims he ordered (and received) a 37" LCD TV for $7.99 due to a price mistake is lying, too. Or the kid who swore he put a Beta tape in a VHS deck and it played...Don't you have any faith in people anymore?

OEM_BIOS_Emulation_Toolkit

OEM_BIOS_Emulation_Toolkit_For_Microsoft_Windows_V ista_X86.v1.0-PARADOXThis has been floating around for a few minutes now, and according to the history of this group, i guess this is a bulletproof solution ..
But i don't know what will be the impact for online upgrades since i don't use Vista myself.

Re:OEM_BIOS_Emulation_Toolkit

OEM activation works by having OEM identifiers and SLIC table stored in the BIOS and Microsoft then sign a cert per OEM (also required). The softmod uses vista boot manager to spoof flashed BIOS. Patching a VM should be even easier.

Once again, product activation is only a PITA for legit customers.

Re:OEM_BIOS_Emulation_Toolkit

Hmmm, I wasn't aware of this. Then again, I haven't been paying much attention to Vista stuff anyways. A few minutes of digging around brought up this site, [mydigitallife.info] which looks to have links to modified BIOS files for quite a few motherboards. Pretty sneaky, sis...

Why

.. doesnt somebody actually create a distributed brute force on Windows activation. How many windows machinès in the world? That adds up to some pretty powerful attack.

/.'d

Oh well, didn't really want to read a retraction anyway.

well not really a hoax

you know it does exactly what he said it would, bruit force. and in therory it will work it just might take 6 years, but it does exactly what he said it would. Im running vista ultimate, a legit version. and it wouldnt be worth the waite for the brute force any how, vista sux, i have a system that can blow the socks off most systems in xp. but under vista its slow and just dont cut it for gaming.

If you're looking for a good laugh...

If you're looking for a good laugh, I would recommend reading some of the responses in that forum thread. People are still running the keygen in hope of getting a valid key, reasoning "its not that its fake.. its just taht you never actually put thought into the logic." and "you look at the invalid keys it produces and check why its invalid so you can come up with a mathimatical equsion to compute valid keys.. "

Warning: Extreme Tolerance for Poor Spelling Required

Good scare for Vista people though

Even thought it turned out to not be true, there are a lot of people who only read Slashdot and other news places during the week and won't see this retraction, so they may never know that it was fake. So they will go off with a further impression that its unsafe to run Vista and you could have your legitimate key compromised at any moment. Its like the tactics that some politicians and corporations use. What is someone going to post next week and retract on Saturday?

Might not even have to validate keys at all anymor

I see no reason why they even have an algorithm to check whether
a key is valid before submitting it to their server for signing.

If I were them I would do what prepaid mobile phone has been doing
for years: generate completely random keys and at the signing server
end just check if that key is in the database and if it's not already
used. If that's the case then all they would have to do is sign the
key and the computer configuration and return that to the client code
that would in turn check if the signature is valid.

That way there would be no way to brute force keys because they have
control over the validation server and can put a stop to that and there
is no key validation code exposed from which someone might derive a
key generator or at least get hints at how the keys are distributed
in key space.

I remember the XP keygen - and that worked fine

...So stands to reason that a Vista one would be possible too. Dont know how the XP one worked but it spent a good few hours crunching away and displayed what had worked. Probably generated a random number then ran it through an algo that would at the end say "yup, this validates" or "no it doesnt" and recorded the ones that did actually pass the test. Surely that isnt a big feat for working with whichever algo Vista uses?

Windows Vista Keygen Screensaver

Hey, it worked for SETI, and they're getting no results at all!

Can we slap the Inquirer writer upside the head?

Because, you know, the fucktard deserves it.

Re:Key gen or not..

Lol, Random Troll spam

Re:Key gen or not..

I wasnt trolling just voicing my opinion on Vista. I see no compelling reason to use it for now. Perhaps in a year down the line after patches and more Vista specific products. Until then , nope. Can't recommend it. But I can always tell you what you WANT to hear, yes Vista is great, it will solve all your problems and its worth every penny. I strongly recommend you drop everything and go out and purcahse it and migrate all your machines to it. You wont regret it. Feel better now?

Re:Key gen or not..

You, kind sir, may be expecting SP1 to actually fix the first round of bugs.

I, on the other hand, do not.

(Or I fucked up the post ... both are equally valid options)

Re:If it's actually a brute-force == Solution!

Based on calculations in the other thread discussing this, we reckoned that if MS hadn't been stupid designing the key system, you'd have to try somewhere in the region of (IIRC) 10^17 keys before getting one that works. Now we can discard the "evidence" that suggested they had been stupid, this is back to being our baseline assumption. Based on speed-of-trial stats reported there, this would take a 65K-node botnet around 14 years to crack a single key.

Re:Just like Dell

It looks like somebody got The Phone Call. Anyway, why would it be a hoax all of a sudden? It works. Not very fast (the site did specify hours to days, though weeks might be more like it), but does work, hence not a hoax.

If MS weren't morons when they designed the key system, hundreds of thousands of years might be more like it. But you can keep trying if you like.

Re:Just like Dell

I don't have a Vista key handy but lets assume it's 15 characters (or longer, win2k3 is 15 characters). Correct me if I'm wrong, but that would mean that there are 35 (26 letters + 9 numbers) ^ 15 possible combinations, or 144,884,079,282,928,466,796,875? Even if you could test a million keys a second, it would still take 4 billion years to try them all. The product key UI usually takes at least a second to validate the key.

The brute force approach is fundamentally impossible, unless you are the luckiest person in the world. The same thing applies for any long user password, which is why rainbow tables are often used to bring down the possible combinations.

Re:fags

Am I the only one who thought this comment was kinda funny? I'm not sure what a Vista Keygen has to do with Linux, or Linux being somehow wrong as a result, but it kinda made me giggle. Teehee~

Re:Slashdot is run by "Techies"??

Slashdot is populated by nerds, and one of the defining characteristics of a nerd (and also one of the reasons no one likes a nerd) is that they are never wrong.

Don't go looking for contrition here. You'd have an easier time learning evolution in a tent revival.