From: WindowManager@bdcimail.com
Sent: Monday, October 22, 2001 12:35 PM
To: wwimberly@iadt.edu
Subject: BRIAN LIVINGSTON: “Window Manager” from InfoWorld.com, Monday,
October 22, 2001
========================================================
BRIAN LIVINGSTON: “Window Manager” InfoWorld.com
========================================================
Monday, October 22, 2001
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
SHIVER ME TIMBERS
Posted October 19, 2001 01:01 PM Pacific Time
ONE OF THE few truly new features in Microsoft’s
forthcoming Windows XP operating system is called
Windows Product Activation, or WPA. As I’ve written
for the past two weeks, WPA is an irritating control
scheme that can, under certain circumstances, require
that you contact Microsoft via the Internet or
telephone to obtain a new numeric key that “activates”
(unhinders) XP’s operation.
Microsoft has promoted this new behavior as a means to
reduce mass software piracy, a goal we all share. But
I’ve found that WPA won’t slow down software pirates
at all. Instead, it has a different purpose, which
I’ll explain momentarily.
As described by independent sources — and recently
confirmed in a Microsoft white paper (see
http://www.microsoft.com/technet/prodtechnol/winxppro/evaluate/xpactiv.asp)
— WPA examines the value of 10 hardware components
when XP is first activated on a PC. These components
are: (1) CPU type; (2) CPU serial number; (3) boot
drive; (4) boot drive serial number; (5) network
adapter; (6) RAM amount range, such as 0-64MB,
65-128MB, etc.; (7) display adapter; (8) IDE adapter;
(9) SCSI adapter; and (10) CD or DVD drive. XP
identifies some of these devices by reading their
actual serial numbers and identifies others by their
embedded text strings, such as "scsi-ibm."
WPA is dependent on Wpa.dbl, a file stored in XP’s
System32 folder. This file is so easy for software
counterfeiters to reproduce that it poses no barrier
to them at all, as first revealed by tecChannel, an
IDG publication in Germany.
In an installation of XP made from a retail CD,
changing four out of 10 components triggers a need for
“reactivation.” But if a PC is configured as
"dockable," then its display, IDE, and SCSI adapters
are ignored and don’t count if they change.
Software pirates, therefore, need only configure a PC
as "dockable" (a simple matter), switch off the serial
number of the CPU, and alter the serial number of the
boot drive. Pirates can then create thousands of
working PCs using a single Wpa.dbl file. The
counterfeiters can build PCs that vary as many as
three of the following components: CPU, RAM amount,
network adapter, boot drive, and CD/DVD drive. As far
as WPA is concerned, no reactivation is needed (see
http://www.tecchannel.de/betriebssysteme/746/0.html).
tecChannel’s testing was originally based on XP’s
Release Candidate 1. Senior Editor Mike Hartmann
confirmed to me, however, that the shipping version of
XP still acts the same way.
WPA is not weak due to poor programming. It was
deliberately made weak to permit the kinds of hardware
changes people make in the real world.
WPA, in truth, wasn’t designed to impede true pirates
but to stop novice users from installing a second copy
on a laptop or a child’s PC. The fallout will be huge,
as we’ll see next week.
Brian Livingston’s latest book is Windows Me Secrets.
Send tips to tips@brianlivingston.com. Go to
http://www.iwsubscribe.com/newsletters to get Window
Manager and E-Business Secrets free each week via e-mail.
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
MORE WINDOW MANAGER
For a complete archive of his InfoWorld columns visit
http://www2.infoworld.com/cgi/component/columnarchive.wbs?column=window
INFOWORLD OPINIONS
Weekly commentary from the most trusted voices in
IT at: http://www.infoworld.com/community/t_opinions.html
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
To join, or start, a discussion on this or any IT-related
topic, please visit our InfoWorld forums at
http://forums.infoworld.com. Here you can interact and
exchange ideas with InfoWorld staff and other readers.
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
QUOTE OF THE DAY:
“Will national ID cards give people that same false
sense of security and allow us to lower our guard,
operating under the illusion that the government has
everything well in hand?”
–“Ethics Matters” columnist Carlton Vogt, questioning
the wisdom of national identity cards.
http://www.infoworld.com/articles/op/xml/01/10/22/011022opethics.xml?1022mnlv
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
SUBSCRIBE
To subscribe to any of InfoWorld’s e-mail newsletters,
tell your friends and colleagues to go to:
http://www.iwsubscribe.com/newsletters/
To subscribe to InfoWorld.com, or InfoWorld Print,
or both, go to http://www.iwsubscribe.com
UNSUBSCRIBE
If you want to unsubscribe from InfoWorld’s Newsletters,
go to http://iwsubscribe.com/newsletters/unsubscribe/
CHANGE E-MAIL
If you want to change the e-mail address where
you are receiving InfoWorld newsletters, go to
http://iwsubscribe.com/newsletters/adchange/
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
Innovative. Insightful. Invaluable.
Every week InfoWorld print delivers visionary analysis
of Internet and enterprise strategies, updates on current
business conditions, and test-proven IT solutions that
build revenues, deepen customer relationships and
increase productivity. Apply for your FREE subscription
today at http://www.iwpriority.com/MN1001A
– – – – – – – – – – – – – – – – – – – – – – – – – – – –
Copyright 2001 InfoWorld Media Group Inc.
This message was sent to: wwimberly@iadt.edu
|