Vista Brute Force Crack Steals From Consumers, NOT Microsoft

[Joe Gronlund]

It seems that people are really desperate NOT to pay for Windows.
It seems that someone who was "just testing his VBScripting skills" has posted a routine that attempts to activate a pirated copy of Windows Vista by brute force. That means that the script increments through methodically generated keys, and attempts to pass it on to Microsoft's activation servers for validation. If it fails, the generator moves on to the next one, until it finds a valid key. The author says this process can take anywhere from 2 hours to two days.
UPDATE: Adrian explains how it works here.

Here's the problem with this, folks. Previous Windows cracks have used leaked corporate activations keys to unlock Windows, which only really hurts Microsoft. This method actively steals a valid Product Key from Microsoft customers, because most keys can only be activated once. Think about that for a second. What if your mom just got home from laying down $150 for Windows Vista Home Premium, only to get it home and install it, and find out that their key has already been activated. Now, Microsoft doesn't get hurt, because the key has been paid for. But now your mom is branded a pirate, and has to go through a giant hassle to get a new legitimate key.

Please, don't be an a$$hole use this method of activating Vista. It's one thing if your target is Microsoft, it's quite another if your target is an unsuspecting consumer who shelled out their hard-earned money to upgrade their home computing experience. And Microsoft, I hope you can shut this one down, for your customers' sakes.

Source

[Joe Gronlund]

Temporary workaround..

Don/t use your product key during your vista install, just enter it in system applet activation when you decide to activate..

or

Simply use product key during install and activate immediately..
It is how-ever recommended you activate immediately.

[Dean C]

Also this is a fake. The guy who "wrote" it admitted it:
http://keznews.com/forum/viewtopic.php?t=2782

[Quillz]

Also, although it could happen for sure, the actual chances of your one and only product key already being activated are pretty slim, since there are thousands (at least) of product keys.

[filburt1]

Also, although it could happen for sure, the actual chances of your one and only product key already being activated are pretty slim, since there are thousands (at least) of product keys.

Thousands? More like 36^25. If it took you an unrealistic one millisecond to test each key, you'd be hammering away for 25630431172779174931606405392.457 years until you enumerated every single key.

Or, if you could do one trillion a second, it would still take you 25,630,431,172,779,174,931 (25 quintillion) years.

Enjoy your time.

[RedTyger]

Sounded fishy even before someone said it was fake, MS would spot someone repeatedly trying to verify different keys at their server in no time.

[Andy Huang]

Don't forget there's more than 1 key, there are also millions of working valid keys out there to accomandate all copies Microsoft is anticipating to sell. It's a "hit or miss without aim" kind of thing where its all about your luck. Improbable does not equate to impossible, though, it does cause problems to others should you be lucky enough to find one using that method...

And those people who say its a trojan, they're just pulling sh** out of their a**, or they found a fake file claiming to be the real thing...

[Andy Huang]

Sounded fishy even before someone said it was fake, MS would spot someone repeatedly trying to verify different keys at their server in no time.

Problem is, it does NOT contact MS server until the malicious user chooses to contact MS server manually if and when they do find a right key. The process (in a nut shell) is like this:

Script makes random 25 character string
Script passes that 25 character to windows (locally)
Windows either accepts or rejects based on a mathmatical + encryption algorithm to see whether or not it is a valid key
Script makes the next random 25 character string and repeat process

Malicious user, on the other hand, uses a program to monitor changes to their system; if Windows rejects a randomly generated key, nothing happens; if windows accepts a randomly generated key, however, it updates its own records saying "Yeah, I'm using blah blah blah key". When the malicious user notices the change, he/she then goes through the normal activation procedures to contact MS to see if the key can be activated (only NOW it's going online to talk to MS).

As mentioned, if a consumer tries to activate a key that is already activated, then the activation server will reject it. So if you go buy a copy of Vista today, and someone (anywhere in the world) fluked your key out of sheer luck, then you'll have to go through the problem of contacting MS, prooving your purchase, and then get a new key from them... a hassle most consumers would not expect... and should not expect in all honesty...

[WurkAnimal]

Also this is a fake. The guy who "wrote" it admitted it:
http://keznews.com/forum/viewtopic.php?t=2782

Nice find!

[JakeS]

I've known about this since Wed Feb 28, 2007 2:00 pm

[Dean C]

I've known about this since Wed Feb 28, 2007 2:00 pm

Do you want a medal?

[JakeS]

Do you want a medal?

Yeah a big gold one, do you have it?

[WurkAnimal]

Do you want a medal?

lmao

[Dean C]

Yeah a big gold one, do you have it?

Sorry I've run out of those. Can give you a special limited edition jar of sarcasm flavor marmite though if you're interested?

[Marco van Herwaarden]

This thread seem to be going nowhere.

Also as per our vBulletin forum rules:

Discussion of illegal activities such as software and music piracy and other intellectual property violations are not allowed.

Thread closed.