Thai Pirates Crack Microsoft's New Windows System

[ji at research.att.com]

> They didn't have to.  It's not widely publicized, but there's a
> version of XP that has the old "type in a registration number"

It's the so-called "Corporate Edition" and it exists in "professional"
(i.e., desktop) and various "server" forms.

I wonder if the Thai guys are just redistributing it with a key they 
stole from some company (in which case it's easily traceable back to
the origin of the leak), if they cracked the testing code and are 
creating their own keys, or if they simply patched the binary to
always return true no matter what activation key is given.

I also wonder how the cracked version will interact with the Windows Update
feature.  M$ claims that Windows Update does not transmit any information
about the computer that's being updated to microsoft, but I don't trust them.
Has anyone actually analyzed the WU scripts to see what exactly they
are sending, and whether they have any covert channels to send information
back?

/ji - KC2IER

--
 /\  ASCII ribbon  |  John "JI" Ioannidis * Secure Systems Research Department
 \/    campaign    |  AT&T Labs - Research * Florham Park, NJ 07932 * USA
 /\    against     |  "Intellectuals trying to out-intellectual
/  \  HTML email.  |   other intellectuals" (Fritz the Cat)




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com