C.Joseph Drayton said:
Ghostrider wrote:
Hi Ghostrider,
I would have to disagree with you. If when you are activated, the WGA
application generated a second number based on the hardware descriptors
of that machine and then using a 'hash' created a binary file that was
1KB or less, they could then simply save that 1KB file to your hard
disk. When you need to download something from them, the Windows would
then just check that the license key and hardware values matched what is
in the key file. If they match, then let the person download. If they
don't, then go through the entire validation process.
Microsoft could store a copy of your 'key file' on their server. On an
80GB hard disk, they could store 20,000,000 of those 'key files'.
It would save a considerable amount of time for the user, and would be
far less intrusive.
Personally, I don't download all updates since quite a few have been
problematic. When I do finish downloading the updates that are safe and
that I do need, I then turn around and uninstall WGA completely.
Ciao . . . C.Joseph
"A promise is nothing more than an attempt,
to respond to an unreasonable request."
I am sure that everybody else under the sun has come up with a better way
of doing things than the Microsoft way of WPA and, perhaps, in many ways
they are also better. I have always been a firm believer that the Pentium
Serial Number, PSN, had to play a major role since it is a discrete, 96-bit
number. But there are others who felt that it might be too identifying when
combined with other factors that can be taken off a computer...and they are
also correct. I can only presume that the "hash" count is the substitute for
the 96-bit PSN.
As for putting a discrete number and key in the hard drive, remember that
the hard drive can be cloned. Microsoft did consider this possibility and
nixed it as a way of confirming ownership, licensing and validation. That is,
the hard drive with a cloned copy of XP cannot be differentiated from one
with the original installation unless there was a way of determining the
difference, such as by a hard drive serial number.
From what we know and can piece together, Microsoft had made a commitment
to real-time product activation by the time of Intel's PSN, and this was
first introduced in Office 2000, and then quickly withdrawn when PSN was
supposedly abandoned by Intel (or blocked by users). Based on the manual
re-assertion of validity of genuineness on false positives detected under
WGA, it was [accidentally?] revealed that there were only 7 digits of the
resulting ProductID (generated by an algorithm involving the Product Key
and "hash") that are actually used determining a valid activation. And only
1/9 of the sum of these 7 digits confirms a valid or invalid copy of XP.
So, welcome to the lottery. There are some statisticians who feel that the
number of validating ID's might allow for 100 machines or re-activations
per real product key within each 120-day block. At the same time, it should
catch 8/9ths of all bogus or incorrect product keys.
But agreed, what a waste of time.