Many new IT news sites and blogs reacted to this article on KezNews which claims that it is possible to get a valid Vista product key using a brute-force-attack. Although it is quite obvious, that it is almost mathematically impossible to get a valid key this way much sooner than the next big bang, many seem to be excited about cracking Microsoft's WGA (I call it Windows Genuine Activation mess).
- If an EC2 Reserved Instance is not applied or used - Thu, Jan 20 2022
- Midnight Commander remote connect via Shell link (copy files over SSH) and SFTP link using FISH and public key authentication - Mon, Jan 17 2022
- Root login via SSH and SFTP on EC2 instances running Linux - Wed, Jan 12 2022
I have no doubt about it that sooner or later some smart hackers will find better ways. I've seen so many copy protections in the last 25 years. If there is a big interest in a software product, then it is always only a matter of time until someone cracks the copy prevention. Usually, copy protection doesn't make sense to a software company for economic reasons since they only end up annoying their paying customers while not really effectively stopping others from cracking or going around it.
Usually, it is much easier to crack the protection than you think. The Register mentions an interesting method which is much smarter than using brute-force. Just take a digital camera, go to the next computer store and take a picture of the activation code on the back of the Vista box. Is it really that easy? I guess it is. I hope you won't be one of the poor guys who buys such a box afterwards.
Now, what does this mean for your MAK or your KMS Key? In my organization, there are many students who had access to our product keys because they sometimes have to install Windows. We probably can't work like this anymore in the future. These student workers come and go and we can't be 100 percent sure that no one will steal our keys, sells it or publishes it on the Web.
We've had trouble already with our KMS key. I would like to install a KMS to get more experience with it, but we are not able anymore to activate our KMS. Microsoft still has to fix the problem.
Subscribe to 4sysops newsletter!
This shows that you should be careful handling your activation key. How will you secure your keys? Who will be able to access the keys? Do we need new company guidelines for Microsoft product key handling, now? Will you have a disaster recovery plan if all your desktops become useless because they got deactivated?