October 20, 2001

Window Manager, Brian Livingston

Shiver me timbers

ONE OF THE few truly new features in Microsoft's forthcoming Windows XP operating system is called Windows Product Activation, or WPA. As I've written for the past two weeks, WPA is an irritating control scheme that can, under certain circumstances, require that you contact Microsoft via the Internet or telephone to obtain a new numeric key that "activates" (unhinders) XP's operation.

Microsoft has promoted this new behavior as a means to reduce mass software piracy, a goal we all share. But I've found that WPA won't slow down software pirates at all. Instead, it has a different purpose, which I'll explain momentarily.

As described by independent sources -- and recently confirmed in a Microsoft white paper (see www.microsoft.com/technet/prodtechnol/winxppro/evaluate/xpactiv.asp) -- WPA examines the value of 10 hardware components when XP is first activated on a PC. These components are: (1) CPU type; (2) CPU serial number; (3) boot drive; (4) boot drive serial number; (5) network adapter; (6) RAM amount range, such as 0-64MB, 65-128MB, etc.; (7) display adapter; (8) IDE adapter; (9) SCSI adapter; and (10) CD or DVD drive. XP identifies some of these devices by reading their actual serial numbers and identifies others by their embedded text strings, such as "scsi-ibm."

WPA is dependent on Wpa.dbl, a file stored in XP's System32 folder. This file is so easy for software counterfeiters to reproduce that it poses no barrier to them at all, as first revealed by tecChannel, an IDG publication in Germany.

In an installation of XP made from a retail CD, changing four out of 10 components triggers a need for "reactivation." But if a PC is configured as "dockable," then its display, IDE, and SCSI adapters are ignored and don't count if they change.

Software pirates, therefore, need only configure a PC as "dockable" (a simple matter), switch off the serial number of the CPU, and alter the serial number of the boot drive. Pirates can then create thousands of working PCs using a single Wpa.dbl file. The counterfeiters can build PCs that vary as many as three of the following components: CPU, RAM amount, network adapter, boot drive, and CD/DVD drive. As far as WPA is concerned, no reactivation is needed (see www.tecchannel.de/betriebssysteme/746/0.html).

tecChannel's testing was originally based on XP's Release Candidate 1. Senior Editor Mike Hartmann confirmed to me, however, that the shipping version of XP still acts the same way.

WPA is not weak due to poor programming. It was deliberately made weak to permit the kinds of hardware changes people make in the real world.

WPA, in truth, wasn't designed to impede true pirates but to stop novice users from installing a second copy on a laptop or a child's PC. The fallout will be huge, as we'll see next week.