21. Muppet - excellent detective work. Thanks for taking the time to figure this all out.

Posted at 4:57AM on Dec 19th 2005 by Marc Orchant

22. My pleasure. To what address should I send the invoice? ;-)

Posted at 4:57AM on Dec 19th 2005 by Muppet

23. I agree with
9. Posted Aug 4, 2005, 10:30 AM ET by David

David is right!! If I'd buy their OS I've to validate my OS before I can download the updates that fix their errors? in their OS? so It means that before I can fix the security problems that WinXP has. I've to prove that I'm not a Thief.

Lol " microsoft sXXXs" Pack of retards.

after this WHAT? We'll have to pay them before we can visit their Web site? OMG!!!

Posted at 4:57AM on Dec 19th 2005 by Thunder

24. Muppet - I believe the address is:

Customer Quality Assurance
Microsoft Corporation
One Microsoft Way
Redmond, WA

;^)

Posted at 4:57AM on Dec 19th 2005 by Marc Orchant

25. Microsoft's war against software piracy will have the same results as Bush's war against terrorism. It's simply a battle that can't be won.

Posted at 4:57AM on Dec 19th 2005 by Bill Delan

26. Way back in the Precambrian era of PC software products (early to mid 1980’s), PC software companies started employing a copy protection scheme that used a “laser hole” burned into specific sectors of a floppy disk that was later coupled with a fingerprinting technique that effectively made every copy of a software release unique.

Obviously, you could not copy a disk with a hole in it, nor was it a trivial undertaking to try and replicate disk geometry so as to match up the fingerprinting embedded on the disk in order to permit an application to activate when being installed. This technique was so effective in its day that it eventually became foolproof. In fact, in the early stages of the creation of the approach, one particular software company expended significant resources to create a utility that could break early variations of the technique and sold it under the guise of a utility program. Ultimately, later variations of the process proved too expensive to break even with significant commercial rewards at the other end of the effort.

The beauty of this technique was that a buyer of legitimate media could install and uninstall a software product at will without any form of contact with the software vendor.

The fact that software companies do not opt for this sort of approach today is an indication of the game that is being played in the marketplace today. If a significant software vendor (or a consortium of vendors) did undertake a robust software protection scheme with an investment of say 100 man years, one can reasonably postulate that at least 10 man years would be required to break it. Also imagine what would happen if this technology was then made available to all other software companies.

What garden variety cracker would undertake to break such an effort? Even government level initiatives (and there have been a surprising number of these), would be thwarted by such approaches, particularly if their efforts were easily exposed.

In other words, major software vendors do not apply a robust protection scheme partially by choice and partially due to the imperatives of our present marketplace. It is part of the marketing/legal/societal game. The innocent are being encouraged to stay honest and the thieves are presented with modest barriers. The locks on our doors do not keep the determined thieves out, but are intended to encourage the honesty of our neighbors.

Our little software company uses the equivalent of a laser hole/fingerprinting approach when we release media to our customers. And we even give everyone two licenses for the price of one, recognizing that many users have both a tethered (desktop) and roaming (laptop) computing system that they use in combination. We estimate that it would take one week worth of effort to break our very simple system which does not employ fingerprinting nor relies on disk geometry localization.

So far, there have been no cracks (at least of our CD variation), nor complaints from our customers beyond questions about the curious dimple present on the media that we release.

If a tiny software vendor can do this, just imagine what a major vendor could come up with, let alone a consortium of vendors. Effectively foolproof copy protection is possible. Only huge, financially challenging efforts could thwart such systems. This hasn’t happened yet for a reason. Even our governments are wary of corporate entities that could exercise such drastic control.

Still, the present piracy game keeps many at play. That is what games are for.

Posted at 4:57AM on Dec 19th 2005 by Mario Pintaric

27. Bill Delan - It was very entertaining and enlightening to read your thoughts, and I would go as far as to add that perhaps the reason why such large entities do not employ the measures you mention is simply the following:

If person A is determined not to purchase the licence for the software they are to use, then there is very little reward to any company to completely disallow him access to their software. However, if certain software access is given and person A perhaps in passing recommends the software to person B, then person B may not have the same desire to use un-licensed software and therefore purchase a licence. The main obstacle is not to allow a paradigm shift to occur. Once a paradigm shift happens, for example person A switched to open source; that potential future business, as well as any influence person A may have will be lost as far as the software company is concerned. Therefore, now you have person A doing their best to persuade person B to use alternative software, and influence of peers or professionals within any industry always has a cascading effect.

Marc - On the 5th Aug you mentioned that Security updates have nothing to do with WGA and directed that as a reply to my comments. I believe you have not read my comments correctly. I did mention that security patches were still available via alternative methods, i.e. automatic/manual updates.

This thread is very interesting and I hope it is not stopped any time soon.

Posted at 4:57AM on Dec 19th 2005 by Farhad

28. Bill Delan - It was very entertaining and enlightening to read your thoughts, and I would go as far as to add that perhaps the reason why such large entities do not employ the measures you mention is simply the following:

If person A is determined not to purchase the licence for the software they are to use, then there is very little reward to any company to completely disallow him access to their software. However, if certain software access is given and person A perhaps in passing recommends the software to person B, then person B may not have the same desire to use un-licensed software and therefore purchase a licence. The main obstacle is not to allow a paradigm shift to occur. Once a paradigm shift happens, for example person A switched to open source; that potential future business, as well as any influence person A may have will be lost as far as the software company is concerned. Therefore, now you have person A doing their best to persuade person B to use alternative software, and influence of peers or professionals within any industry always has a cascading effect.

Marc - On the 5th Aug you mentioned that Security updates have nothing to do with WGA and directed that as a reply to my comments. I believe you have not read my comments correctly. I did mention that security patches were still available via alternative methods, i.e. automatic/manual updates.

This thread is very interesting and I hope it is not stopped any time soon.

Posted at 4:57AM on Dec 19th 2005 by Farhad

29. g30rg3x
What is this patch supposed to do? I dl it and ran it on a test machine it did nothing. ??

Posted at 4:57AM on Dec 19th 2005 by Tim

30. this patch is another bypass technique of WGA..

http://www.astalavista.com/index.php?section=directory&cmd=detail&id=4812

just you have to copy the compiled (the executable)
to /windows/system32

and execute for patching legitcontrolcheck

regards

Posted at 4:57AM on Dec 19th 2005 by g30rg3x

31. g30rg3x
Thanks! That works great! Works on Microsoft Antispyware site as well as the Java Script does not.
Tim

Posted at 4:57AM on Dec 19th 2005 by Tim

32. Hi all,

For your information, there is another easy way to bypass WGA. Just disactivate the activex add-on from IE. It works very well and you don't have to enter the javascript command.

Posted at 4:57AM on Dec 19th 2005 by DomDom

33. yeah... I have an illegal copy but you know what... I would prolly go buy XP if maybe M$ would lower the damn price. I mean shit... its been $199 since it fucking came out 5 years ago. And on another note... piracy will never stop... I'm not saying I agree with it or condone it but it will never stop. And yes the Trixie script still works fine.

Posted at 4:57AM on Dec 19th 2005 by KIRk out!!

34. The thing that erks me about microsoft's methods of protection is that I will be dammed if I will let anyone tell me what i can do with something I bought!!! When I go to the gas station and get gas, they dont tell me "Hey if you drive on certain roads your car will stop running". Well if I want to re-sell my windows, change my hardware, or install it in a hundred computers instead of one well I payed for it, and what I do with it is my business. And just so you know the imgage of my current cd has had the EUlA removed completely every time I install it i agree to nothing and am bound by nothing! (had a friend make mods to legit copy) I shook nobodys hand and signed nothing when i bought my copy so i am bound by nothing :)

Posted at 4:57AM on Dec 19th 2005 by Laronator

35. THIS IS THE EXACT REASON PAID $4000 FOR A NEW MACINTOSH G5!!!!!! STEVE JOBS IS THE BETTER SALESMAN!!
NUFF SAID RIP MICROJUNK......SEEYA

Posted at 4:57AM on Dec 19th 2005 by Jim P

36. There are obviously strong opinions on both sides of this question. I have a "third side" observation I'd be interested in hearing your opinions on. What about the general practice of commercial (not talking shareware) developers to require you to purchase software first and when you break the seal it's yours...tough luck if it doesn't perform as advertised or even if it *does* perform as advertised but it doesn't do what you purchased for you're stuck with it. The sw developers don't seem concerned about the injustice in that practice which is why I purchase shareware where possible.

Posted at 4:57AM on Dec 19th 2005 by jimw

37. jimw: I'm about 99% in agreement with you. Where we diverge is the growing trend of commercial developers providing a decent length evaluation of the software. Recently, the big dogs in the software spaces I tend to inhabit (Adobe, Macromedia, Microsoft) have all made 30- or 60-day demos available that are fully functional, uncrippled copies of that you would be buying. I applaud this.

But my preference, when I have a choice, is almost always to go the shareware route. In my experience, the developers take greater pride in their work, have a deeper sense of ownership in the product, and - frankly - seem to care more about the customer on an individual level.

Posted at 4:57AM on Dec 19th 2005 by Marc Orchant

38. Microsoft gets more unreal every day. I originaly installed XP Pro from a copy that was a bulk install disc. I did this because I needed it up and running right away to fix a problem. The following day I purchased a COA for the computer and put the sticker on the computer I had installed XP on. I personaly belive that if you use the product you should be willing to pay the price asked, if you are not willing to pay you should use Linux or another free OS. Anyway all that aside I have paid MS to use the XP OS so I should be intilted to all the updates so I called MS for help on getting them. To my amazment they wanted my credit card number and were going to charge me to tell me how to fix this issue even though I had already paid for XP. Microsoft just isn't worth the trouble. I simply did the work around to get my updates on my MS computer. I have changed out all of my MS computers for Linux as I didn't want to pay for the upgrades from 98 and find that Linux does everything I am looking to do. I am just keeping 1 MS computer in case I need it. My recomendation is use Linux (Mandrake is my choice) as it will fill most office needs and you can get Open Office for free. We have our intire office running Linux and it works for us.

Posted at 4:57AM on Dec 19th 2005 by M Mt

39. I think that MS operating systems are far too expensive when you take the quality they provide in account. I live in Croatia where, I believe, software piracy is far more spread then in the US for instance. 5% of all the people I know use pirate software, only those working in firms etc. use genuine versions. I remember all the toil I went through with each and every version of Windows, all the crashes and endless bugs and infinite "security" updates and fixes. A very good question my arise-why am I using this OS then? Because everybody is using it,and none of the other OS-es are so widespread as Windows, at least in my country, so I practically don't have a choice. Yeah, I'm using it, but it ain't worth the money I spent on the CDR I burnt it on!

Posted at 4:57AM on Dec 19th 2005 by Blue Raven

40. I HAVE A LEGAL COPY AND IT WONT LET ME UPDATE, SAYS NOT A VALID COPY ONE TIME, THEN BLAMS ACTIVE X NEXT. I HAVE SET EVERYTHING AS THEY TOLD ME TO, THIS IS A MESS. WE NEED A CLASS ACTION SUITE

Posted at 4:57AM on Dec 19th 2005 by toni