Martin McKeay

Vista crack a hoax, what a surprise

By Martin McKeay
March 04, 2007 11:56 PM EST
I'll admit I was a little excited when I heard the news that someone had created a brute force hack to tackle Vista's licensing.  I have legitimate licenses for all of my copies of Windows, but I chafe sometimes under the draconian licensing schemes and assumption that I'm a pirate by default.  I feel a slight sense of satisfaction when I hear the licensing was cracked, especially by something as simple as trying different combinations of letters and numbers until you find one that works.  It would have been quite a condemnation of Microsoft's licensing schema if true.  Alas, this time it was the hackers who couldn't do it.

When you really sit down and do the the math, the Windows licensing key is pretty daunting:  thirty-six alphanumeric possibilities in twenty-five spots or 25^36 = 211,758,236,810,000,000,000,000,000,000,000,000,000,000,000,000,000 possible combinations.  If you have a billion real keys out there, the number of possible keys you have to go through to get a real key is still approximately 2e+41.  For those of you who've forgotten your high school math, that's an eight with twenty-nine zeroes after it.  Even by the standards of today's computing power, it would take a long time to try all of these possibilities.  A few millisecond delay between attempts would mean it would take longer than your lifetime to figure out a valid key.   This is very similar to the math used in symmetric key encryption today; if you use a big enough number, guessing that number becomes practically impossible.

Given the time involved in pulling off a brute force attack, no one should be surprised the whole thing was a hoax.  According toEndgadget, it was never anything more than a practical joke, and anyone who actually found a key just happened to get lucky.  It is possible to get a key this way, just very unlikely.  But what's more likely to happen when you download a program like this is that you get infected and owned.  After all, with rare exception, who's working on this sort of hack?  People who think it's the funniest thing in the world to stick it to Microsoft and the end user at the same time.  Keep that in mind next time you try a pirated piece of software.