Windows Product Activation compromised

The Windows Product Activation (WPA) that is implemented in the current RC1 of Windows XP shows some serious bugs which will open the way for hackers to avoid the whole system.

Apparently the programmers of the Windows Product Activation did not work carefully enough. In the course of our experiments with several hardware components, product keys and especially the central file wpa.dbl some interesting weak points showed up. Together with peculiarities in generating the id of the hardware this will open the way for hackers to avoid the Activation completely.

To find out how in detail the Activation works and how Windows XP calls up the hardware to force the Activation please read this. A review of Windows XP, RC1 ist found with this article (German only, please bear with us).