News Vista activation cracked by brute force

If you need to input any kind of key, it can be bruteforced. Simple as that. I would have expected something like this a lot earlier TBH...

 

I feel sorry for the rep who gets my call if I find my key has already been activated

 

well within the possibility of trying them all until one works?

26 letters+ 10 numbers = 35 possible characters*.

25 positions*.

35^25 = 3.9966959347247031355112791061401e+38

number of seconds in a millenium = 3.1556926e+10

So even if we could try one million per second, there's still no hope of trying all combinations in any of our lifetimes.

And again, even if Microsoft does have 10 billion codes reserved, that's still less than 0.000000000000000000000001% of the total permutations.





*Obviously there will be fewer permutations, depending on the number of restrictions on the codes.

 

best vista install story to date:

http://www.overclockers.com/articles1416/

i'll quote an excerpt:

"The Customer Service Manager told me that I could either borrow an XP Home disk from a friend (isn't that software piracy ??) or look online for one of the many Vista Activation cracks to bypass Vista Activation completely, and specifically mentioned "TimerLock" (um... hey, HE told me to do it !!). Well, I followed his instructions."

 

lol wow is all i can say!

 

me likes. my dad already bought vista so i might be trying this out.

this story is simply hilarious!!!!!

 

and yet so fake? surly they would have just issued him with a new key

 

and once again microsoft is everybody's best friend

 

I'm hearing you, but not many others appear to be. Why has everyone has suddenly become an anti-Microsoft fanboi? This sort of cracking has been around for years, on most pieces of software. Microsoft can simply re-issue keys over-the-phone if legitimate users are affected.

 

The issue is this - normally, these things are generated by keygen. It's a valid code before you even start, fitting specific algorithms.

With Vista, the need for a key to install it in the first place is no longer there. But the algorithm hasn't been worked out for a keygen, because MS REALLY did its homework on this one. Spent millions, in fact. The idea was, if you can't generate a keygen because the algorith can't be cracked, there would be no widespread cracking.

Because of that philosophy, crackers haven't been able to determine "safe" keyzones that won't infringe on other licensees. Rather than not cracking, they're just throwing numbers at the wall and seeing what sticks. It could be a corporation with 50 licenses. It could be the dude down the block. And if it's the dude down the block, he may find a bunch of people used up all his activations. If MS gives him a new key, there's a chance that one could get the exact same problem.

It's different than the XP issue simply because it's too hard to reverse engineer a decent keygen. That was supposed to stop the pirates. Instead, it's likely to simply inconvenience the users to an even greater degree. No matter what kind of complex, 10 tumbler lock you make in hopes it can't be picked, the door can still be broken down with a sledgehammer - and that has a far greater chance of hurting those standing behind said door.

Anyway, that was my purpose for writing it and why I felt it was newsworthy.

 

It is newsworthy and your explanation makes a lot of sense - thanks! So in a way, Microsoft's Vista is more secure in terms of requiring brute force this time around, compared to previous version (XP, Me etc.).

 

I feel sorry for those that can't validate but ms end user
agreement is so out of touch and overbearing ms deserves every bit of crap they get over this. also who would want to buy vista in the state its in now and at a
rediculous price

 

Oh.. it was supposed to be secured

 

personally id like to try out vista for a bit

I mean, if i don't like it, i haven't lost anything, and if i do like it, then i can still go out and buy it
But ms don't give trials or anything, in fact if you go and download the iso or whatever you can get a better trial then what MS gives you (at least i don't know any way of trialing it)

Although, 30 days really isn't a good trial period, MS should give you like 3 months or something, and that way their more likely to get you hooked anyway

of course now you can generate a completely valid code anyway - BTW were there ever keygens for XP - and if so why aren't the codes you normally get seen as valid :s

Also, if you get a load of keys that didn't work (like trillions) and then some that did work (10's) after a while someone who is good at coding can work out a way to generate keys

 

you can get a 4 month trial by using the rearm command all 3 times

 

Well, it is interesting to see what will happen in the near future. In any case it is comon sense that, if you build something too complex...something that is burtal and primitive will break through it easily. So there is really nothing new in this. There is no real solution to this problem atm...and there probably never will

 

it turns out it was a hoax - so apprently the above maths was correct

technically you could brute force it, but the likelyhood of getting a valid key is very low

 

There is a proper working crack out today from paradox so ms still have an issue on their hands.

The new one uses the oem style activation method from the likes of dell/asus so its going to be hard to stop the use of it.

 

gives lots of BSOD's though..

 

Did no one go through the numbers before they put this up on bit tech?

x npr y = x*(x-1)*(x-2)*...1/(x-y)...

or more simply

x npr y = x!/(x-y)!

so thats 35!/10! - come on bit tech staff...

edit: thats with the assumption given by the above poster on possible number or characters for entry into the 25 space string