The Inquirer - Vista activation cracked by brute force (http://uk.theinquirer.net/?article=37941)

Sledgehammered

By Charlie Demerjian: 01.03.2007, 17:15

IT LOOKS LIKE Microsoft's unhackable OS activation malware has been hacked.

There is an active thread at the Keznews forums (account needed), and a summary on its main page about the crack.

It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally.

The method of attack has got to be quite troubling for MS on many grounds. The crack is a glorified guesser, and with the speed of modern PCs and the number of outstanding keys, the 25-digit serials are within range. The biggest problem for MS? If this gets widespread, and I hope it will, people will start activating legit keys that are owned by other people

It won't take long for boxes bought at retail to be activated before they are bought, and the people who plunk down money for the mal^h^h^hsoftware for real get 'you are a filthy pirate' messages. Won't that be a laugh riot at the MS phone banks in Bangalore.

So, what do you do? There is really no differentiating between a legit copy with a manually typed in wrong key and a hack attempt. Sure MS can throttle this by limiting key attempts to one a minute or so on new software, but the older variants are already burnt to disk. The cat is out of the bag.

The code is floating, the method is known, and there is nothing MS can do at this point other than suck it down and prepare for the problems this causes. To make matters worse, MS will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing.

This is ugly for MS, and if it allows you to take back your legit keys, how long do you think it will take before people catch on to the fact that you can call in and hijack already purchased keys once you generate one that someone else activated?

No, this is a mess, and the problem is the very malware activation and anti-consumer licensing that MS built into Vista. Then again, it is kind of hard to feel sorry for them the way they screw their paying customers. We'll give it three days before there is a slick GUI version with all the bells and whistles.

Neat.

Brute force is kinda a cop out though. Any code can be cracked by brute force, it's just a matter of time. The fact that the average computer can do it in a couple hours is kinda sad though. I would have expected a tougher tumbler from the boys over in Redmond.

I keep putting off clearing out/fixing my spare SATA drive because I know that will bring me one step closer to installing Vista on it. I need to familiarize myself with it as I will probably be helping people who bought it with their troubles when I move back to MD and am working through "College: Take Two."

My first thought was good for them, at least they can activate their software finally, but seems this might require some attention from MS. I wonder how would they solve it.

Other articles also say this is easily fixed.

I'm against activation but I'm against hacking it just as much. I couldn't stomach it any more so I moved to Linux.

hmmm. . . maybe it will show how vulnerable M$ can be against attacks, I mean to the average user if a CD key can be hacked, what else can? I can see alot of people looking for alternatives IF they ever have to take back there keys, although many people I know realised that you could simple call the number they gave you (this was on XP) and say you fried your motherboard or something like that, and that you have recently put a new motherboard in the same box, they would then give you a new CD key, simply do this a few times and you end up with plenty of them. . . no need for a cop-out brute force keygen, althought if it can be done in a few hours by brute force, how long do you think it would take for someone to come out with a much more reliable method for cracking vi$ta keys? can't be all that hard if it can be cracked in this method so simply. . . just proves M$ SUCKS at security, even when it comes to insuring they make their unfair buck

Seems it was fake. LINK (http://keznews.com/forum/viewtopic.php?t=2782)

they should have put three keys to each product if they wanted it to be a real pain in the ****. One to install it, one to start it up for the first time and another for updates etc.

Sure they should also include a fingerprint reader in the box...

yep, it's a hoax

Even the brute-force crack were real, copy protection that takes days to crack isn't fake. Most consumers assume their computer's security could be breached if anyone actually took the time; nor would they consider mere product activation to be particularly tough. To the average user product activation is equivalent to a serial number. They see movies and TV shows all the time where hackers unrealistically crack into protected systems in under two minutes, so when they hear it takes days to break into they're more likely to think "Gee, if it takes days just to crack the serial number those guys at Microsoft have pretty good security."

This tool could be useful though if one were to modify the code to place all the good keys in one file and the not-good keys in another, then you simply comper and contrast untill you think you've found how the keys are put together mathematically, try your new formula untill you've got it to work, really it's not complicated at all, just alot of time and alot of critical thinking. I have no doubt that somehwere out there someone is already doing something like this, and it is only a matter of time untill it is done, CD keys are definately not a bullet proof method for making sure no one can activate your OS, it is only a mathematical forula i.e. a simple key could just have the numbers at there numeric value the letters at values 1-26 and have a set sum of some really high number, sure this would be the most simplistic and easy to crack cd key ever, but it's much the same concept, considering that somehow their is no way that a cd key has EVERY possible key stored on it, the harder thing to get past would be the online registration, but I would assume you'd just run the same key-gen formula over and over untill you found a key that wasn't already in use :-)