JSI Tip 5679. Technical Details of SP1 changes to Microsoft Product Activation for Windows XP.

Microsoft® Product Activation for Windows® XP

Technical Market Bulletin·  August 2002

Technical Details on SP1 Changes to Microsoft Product Activation forWindows XP

Software piracy continues tobe a worldwide problem and Microsoft is committed to a long-term strategy ofprotecting intellectual property through innovative technologies.  Microsoft introduced product activation inWindows XP as one solution to reducing a form of piracy known as casualcopying.  Casual copying is estimated toaccount for as much as half of the industry’s losses to piracy and is definedas the sharing and installation of software on multiple PCs in violation of thesoftware’s end user license agreement (EULA).

The introduction oftechnical measures to thwart piracy has kicked-off a cat-and-mouse game betweensoftware publishers and those who pirate software. Specifically, softwarepirates have been busy engineering exploits and circumventions to digitalrights technologies including Microsoft’s product activation. With Service Pack1 for Windows XP, Microsoft will introduce additional technological measuresaimed at ensuring licensed customers receive full benefits and to make it moredifficult for those who pirate software to steal these same benefits. Thesechanges are:

1.Ensuring licensed customers receive full benefits

a.Eligibility for Windows XP Service Pack 1 and WindowsUpdate

b.Additional grace periods for hardwareout-of-tolerance situations

c.Volume license key (VLK) encryption

2.Raising the bar on pirates

a.Product key inclusion in Installation ID foractivation

b.Repair of activation circumventions

In order to help customersand partners better understand the technologies included or updated in SP1, thisbulletin will outline the changes relative to product activation, how they work,and why we made them.  We will alsooutline what to do if you suspect you have pirated, counterfeit, or hard-diskloaded copies of Microsoft software.

For a more general overviewon the basics of product activation and the answers to the most frequentlyasked questions, please see http://www.microsoft.com/piracy/basics/activation/.

Technologies in Product Activation added or updated with Service Pack 1 forWindows XP

EnsuringLicensed Customers Receive Full Benefits

Eligibility for Product Updates and Access to Windows Update (http://windowsupdate.microsoft.com

)

Software updates areintended for use by legally licensed users of Microsoft products.  Microsoft is striving to ensure that licensedusers continue to get updates uninterrupted by software pirates. Users ofpirated software impact licensed users by taking bandwidth from downloadservers and software updates intended for the licensed user. 

Microsoft has determinedthrough investigations that most pirated installations are made with either oftwo volume license product keys. Volume license product keys are used bycorporate or other volume license customers to install Windows XP on theirPCs.  These two particular volume licenseproduct keys however were never in use by a customer in a production deployment.  Product keys are 25-character alphanumericcodes arranged in 5 groups of 5 characters each and used during setup toinstall the product. The product key produces the product ID found in My Computer / Properties after setup hascompleted.

Service Pack 1 of Windows XPships with a list of the two product IDs that are created by the piratedproduct volume license product keys. To determine eligibility for the update,Service Pack 1 compares the Windows XP product ID on the system to this list.The comparison and the list reside locally on the users PC and no informationis sent to Microsoft as part of this process. Service Pack 1 for Windows XPwill fail to install on installations of Windows with one of the followingproduct IDs:

XXXXX-640-0000356-23XXX

XXXXX-640-2001765-23XXX

The below message will bedisplayed if installation fails for this reason:

Service Pack 1 Setup Error

Theproduct key used to install Windows is invalid. Please contact your system administrator or retailer immediately toobtain a valid product key.  You may alsocontact Microsoft Corporation’s Anti-Piracy Team by emailing [email protected] if you think youhave purchased pirated Microsoft software. Please be assured that any personal information you send to theMicrosoft Anti-Piracy team will be kept in strict confidence.

You can find the product IDof your installation by right clicking on MyComputer and choose Properties,then viewing the General tab.  You can also find the product key in theregistry at:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsNT CurrentVersionProductId

Access to Windows Update islikewise reserved for licensed users. Eligibility for access to Windows update will be determined by checkingthat the product key used to install Windows XP is valid and was manufacturedby Microsoft.  Two pieces of informationwill be sent to Windows Update when accessing the Windows Update web site; ahash of the product key used to install Windows XP and the Product ID (a hashvalue is a one-way mathematical transformation).  Windows Update will compare the product keyhash and Product ID to a list created from valid, Microsoft-manufacturedproduct keys. The check must be done on the Microsoft side because the list theinformation is validated against is very large (approximately one billionvalues).  Once the product key hash and ProductId are verified, they are both discarded. Neither the product key hash nor the product ID are stored by WindowsUpdate.  A hash value is used in lieu ofthe entire product key to ensure privacy and security. No personallyidentifiable information is required to access Windows Update.

Additional grace periods for hardware out-of-tolerance situations

Microsoft will add a three-daygrace period for users who are asked to re-activate due to changes in theirhardware configuration.  Previous to SP1,a user was required to reactivate immediately upon boot if a significanthardware changes had occurred. With SP1, users will have three days to completethis re-activation. This will allow users to get through a possibly difficultsituation of no internet or telephone connectivity during or just after ahardware upgrade.  For security reasons,there are a total of twelve (12) of these 3-day grace periods built into aninstallation of Windows XP with SP1.  Are-install of the operating system will reset this counter.

Volume License Key (VLK) Encryption

An encryption feature isadded to unattended setups of Windows XP with Service Pack 1.  This feature is applicable to customers withvolume licensing agreements with Microsoft such as Microsoft Select, MicrosoftEnterprise Agreement, and Microsoft Open License. Customers who place their VLKin an unattended setup file (unattend.txt) will be able to encrypt the VLK suchthat it will be time limited (in day increments from 5 to 60 days) and not visible as plain text.  While this feature is not a panacea forobfuscating the VLK, it will provide another layer of protection for customers.

How to use this newfeature

To protect for 30 daysSMS-based, RIS-based, or network file share-based installs using the volumelicensing version of Windows XP:

1.   From the command prompt, run:
winnt32/encrypt:"XXXXX-XXXXX-XXXXX-XXXXX-XXXXX:30"/unattend:path_to_destination_unattend_file[/Q]

2.   The resultant hash value is written to the specified unattendfile, overwriting any existing ProductKey or ProductID entries.
A message box displays whether the process succeeds or fails due to anerror.  If the /Q switch is used,information about the success or failure is written to the file%Windir%Winnt32.log

3.   The product key entry in the unattend.txt file is functional for30 days after the date of encryption.  Ascript to re-encrypt the key regularly could be created to ensure that a newencrypted key is always available for the install. The Task Scheduler couldalso be used to schedule this task to be repeated automatically.

To protect for 5 days aCD-based install using the volume licensing version of Windows XP:

1.   From the command prompt, run:
winnt32/encrypt:"XXXXX-XXXXX-XXXXX-XXXXX-XXXXX:5"/unattend:path_to_destination_unattend_file[/Q]

2.   The resultant hash value is written to the specified unattendfile, overwriting any existing ProductKey or ProductID entries.
A message box displays whether the process succeeds or fails due to anerror.  If the /Q switch is used,information about the success or failure is written to the file%Windir%Winnt32.log

3.   The product key entry in the unattend.txt file is functional for 5days after the date of encryption.  Theunattend file could then be placed on a floppy disk or burned to a custom CDimage to provide a short-lived CD for CD-based installations.

Raising the Baron Pirates

Product Key inclusion in Installation ID for Activation

In order to protectcustomers and Microsoft against product key cracks by determined softwarepirates, the product key used to install Windows will be included in theInstallation ID for all activations completed after SP1 has beeninstalled.  The product key is the25-character alphanumeric code used during installation of Windows XP.  The product key creates the product IDviewable on the General tab of My Computer / Properties.  The product IDis already part of the Installation ID created for activation. Internetactivations will send the entire product key while telephone activations willsend a hash value of the product key in order to limit the increase in size ofthe telephone Installation ID. The telephone Installation ID will grow from 50digits to 54 digits due to this change. 

Microsoft will compare thisproduct key or product key hash sent during activation to a list of valid,Microsoft-manufactured product keys. If the key used to install Windows XP andsubsequently attempt to activate is not valid and manufactured by Microsoft,the activation attempt will fail.

Repair of Activation Circumventions

Service Pack 1 for WindowsXP will contain fixes to cracks used by software pirates to circumventactivation.  Installations of Windows XPpatched by one of these pirate cracks will require activation after SP1 hasbeen installed.  Windows XP installationsthat remain un-activated past the 30-day grace period can still be accessed forinteractive use by booting to non-networked safe-mode.

Conclusions

Microsoft believes that bycontinuing to raise the bar with technology meant to deter software piracy,customers can continue to receive the benefits of owning licensed software andthe market for intellectual property can continue to thrive.  Product activation deters the casual copierwhile:

·Continuing to meetthe needs of corporate customers and their unique deployment needs fordeployment of volume licenses

·MaintainingWindows XP’s ease of use

·Striking abalance in protecting intellectual property clearly in favor of the user

·Protecting theuser’s privacy by utilizing information that is not personally identifiable. Atno time is personally identifiableinformation secretly gathered or submitted to Microsoft as part of activation. 

With these changes in SP1,Microsoft is showcasing its desire to provide best-of-class products andservices to licensed users while denying those who pirate the software a freeride.

Appendix A: 

Technologies used inProduct Activation

Details on the technologicalmeasures of product activation in Windows XP can be found at http://www.microsoft.com/piracy/basics/activation/windowsproductactivationtechnicalmarketbulletin.doc.

Answers to frequently askedquestions and other general information about product activation can be foundat

http://www.microsoft.com/piracy/basics/activation

Appendix B: 

What to do if yoususpect you have pirated, hard disk loaded, our counterfeit Microsoft products

Software piracy is a crimethat affects national and international economies and leads to lost wages andlost jobs throughout the world and in your own community. When you encounter orsuspect software piracy, please take action. Details and help in reporting software piracy can be found at http://www.microsoft.com/piracy/reporting/default.asp

Appendix C: SP 1 Changes and Volume License Customers

SP1 for Windows XP makes nochanges to the fact that Windows XP upgrade licenses acquired through one ofMicrosoft’s volume licensing agreements, such as Microsoft Open License,Enterprise Agreement, or Select License, will not require activation.  Installations of Windows XP made using volumelicensing media and volume license product keys (VLKs) will have no activation,hardware checking, or limitations on installation or imaging.  Additionally, the VLK algorithm is notchanging.  The keys already issued tocustomers will continue to work with Windows XP SP1 integrated product.

The VLK encryptionfunctionality will allow volume license customers to better protect their VLKfrom unscrupulous use.  Volume licensecustomers who created their Windows XP installations with the VLK issued tothem by Microsoft will be eligible for product updates and access to WindowsUpdate.  The other changes introduced inSP 1 have no impact volume license customers.

© 2002Microsoft Corporation. All rights reserved. This Market Bulletin is forinformational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,IN THIS DOCUMENT. The information contained in this Market Bulletin representsthe current view of Microsoft Corporation on the issues discussed as of thedate of publication. Because Microsoft must respond to changing marketconditions, it should not be interpreted to be a commitment on the part of Microsoft,and Microsoft cannot guarantee the accuracy of any information presented afterthe date of publication. Microsoft and Windows are either trademarks orregistered trademarks of Microsoft Corporation in the United States and/or other countries.Other product or company names mentioned herein may be the trademarks of theirrespective owners. Microsoft Corporation •

One Microsoft Way

• Redmond, WA 98052-6399 • USA 1000

#########

For more information,press only:

Rapid Response Team, WaggenerEdstrom, (503) 443-7000, [email protected]

For online productinformation:

Microsoft Windows XP Web site: http://www.microsoft.com/xp

Microsoft Piracy Web site: http://www.microsoft.com/piracy/

Microsoft Product Activation Website:

http://www.microsoft.com/piracy/basics/activation

For independentinformation on software piracy:

Business Software Alliance website: http://www.bsa.org

Software & Information IndustryAssociation web site: http://www.siia.net/piracy