15 replies to this topic

[Nvyseal]

IT LOOKS LIKE Microsoft's unhackable OS activation malware has been hacked.

There is an active thread at the Keznews forums (account needed), and a summary on its main page about the crack.

It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation. Is is ugly, takes hours, is far from point and click, but it is said to work. I don't have any Vista installs because of the anti-user licensing so I have not tested it personally.

The method of attack has got to be quite troubling for MS on many grounds. The crack is a glorified guesser, and with the speed of modern PCs and the number of outstanding keys, the 25-digit serials are within range. The biggest problem for MS? If this gets widespread, and I hope it will, people will start activating legit keys that are owned by other people

It won't take long for boxes bought at retail to be activated before they are bought, and the people who plunk down money for the mal^h^h^hsoftware for real get 'you are a filthy pirate' messages. Won't that be a laugh riot at the MS phone banks in Bangalore.

So, what do you do? There is really no differentiating between a legit copy with a manually typed in wrong key and a hack attempt. Sure MS can throttle this by limiting key attempts to one a minute or so on new software, but the older variants are already burnt to disk. The cat is out of the bag.

The code is floating, the method is known, and there is nothing MS can do at this point other than suck it down and prepare for the problems this causes. To make matters worse, MS will have to decide if it is worth it to allow people to take back legit keys that have been hijacked, or tell customers to go away, we have your money already, read your license agreement and get bent, we owe you nothing.

This is ugly for MS, and if it allows you to take back your legit keys, how long do you think it will take before people catch on to the fact that you can call in and hijack already purchased keys once you generate one that someone else activated?

No, this is a mess, and the problem is the very malware activation and anti-consumer licensing that MS built into Vista. Then again, it is kind of hard to feel sorry for them the way they screw their paying customers. We'll give it three days before there is a slick GUI version with all the bells and whistles.

The Inq.

[m.oreilly]

well, looks like not many folks have had success yet...time will tell, though it would suck if you bought your vista, and found out your key had already been used

[Roadrunner]

 m.oreilly, on Mar 1 2007, 02:02 PM, said:

well, looks like not many folks have had success yet...time will tell, though it would suck if you bought your vista, and found out your key had already been used

Yeh, what's with that? Buy Vista and someone already has used the KEY?
I think M$ has a big problem here. I'd try it- but I'm don't think I would be able to wait "days" for it to find a code.

Let me know if anyone has any success with this.



Oh, and yes- it is now officially St. Patricks' month.
(A day was not long enough)
Drink up!!!

[m.oreilly]

 Roadrunner, on Mar 1 2007, 04:42 PM, said:

Yeh, what's with that? Buy Vista and someone already has used the KEY?
I think M$ has a big problem here. I'd try it- but I'm don't think I would be able to wait "days" for it to find a code.

Let me know if anyone has any success with this.
Oh, and yes- it is now officially St. Patricks' month.
(A day was not long enough)
Drink up!!!

yeah, i agree. more like "days" of your system running @ 90%...
and

[Nvyseal]

Id rather use my CPU for THIS and buy Vista. I just think of those poor people who actually spend the money for vista, only to find out that their system has been hacked even before a byte of Vista has hit their hard drive.

[m.oreilly]

 Nvyseal, on Mar 1 2007, 05:09 PM, said:

Id rather use my CPU for THIS and buy Vista. I just think of those poor people who actually spend the money for vista, only to find out that their system has been hacked even before a byte of Vista has hit their hard drive.

you are correct

[m.oreilly]

 scaramonga, on Mar 2 2007, 12:04 AM, said:

I think the creator is now running scared........LOL!

Apology

looks like it. also looks like members of that site are using some sort of timestop thing...made by some guy from Scotland...

[VROSA]

What about the unlimited rearm ? Do ya think it will work ?

I was thinking of buying the damn Vista, but now with that brute force thing i dont know if i dare !!!!!!!!!!!!! maybe i go illegal ...lol...

[WFO]

Glad you weren't asleep at the switch on this Nvy. Cough, didn't see a word on the Amd64 site. More interesting comments here...

http://www.dslreport...remark,17927963

I love my x64 and I'm sticking with it.

[Roadrunner]

OOPS-

Guess it was a joke?
Did anyone get it to work- or was it all false?
Or is this guy trying to cover his A**?

http://keznews.com/forum/viewtopic.php?t=2...asc&start=0

[Nvyseal]

 Roadrunner, on Mar 2 2007, 06:34 PM, said:

OOPS-

Guess it was a joke?
Did anyone get it to work- or was it all false?
Or is this guy trying to cover his A**?

http://keznews.com/forum/viewtopic.php?t=2...asc&start=0

Dont know, but scaramonga would probably know.

[Nvyseal]

 scaramonga, on Mar 3 2007, 01:52 AM, said:

The brute force method was hit or miss.....also it required patience and lot's of time and CPU cycles. I for one don't like this method as it messes up the key system for those who wish to go Genuine! I'd be pretty pi$$ed to find out my key had been used if I had bought a copy.

However......we don't need to worry about all that now LOL!! as the 'proper' method now works with no timerstop and full activation.

Was only a matter of time

This is an interesting read from ZDNet