Program Successfully Defeats Microsoft XP Product Activation

By Van Smith

Date: February 16, 2002

NOTE:  We obtained XPKeyGen from the site MSBetaNG.  Although the program remained available through them for days after our article, predictably, the site has recently been taken down -- Microsoft has long arms and many eyes.  MSBetaNG provided an alternative outlet for material posted in certain "alt.binaries.warez..." newsgroups.

A small program called "XP KeY ReCoVeRER AND DiSCOVErER 5.12" appears to be capable of successfully neutering Microsoft's notorious WPA.  Included in Windows XP, Office XP and other new Microsoft products, WPA is a scheme to block the use of certain Microsoft products on more than one computer per program copy.  The Redmond software giant claims that WPA, or "Windows Product Acitvation," is a mechanism to prevent "casual copying," even though Microsoft has admitted that commercial piracy is a much more serious threat to its revenues.

By generating as many unique and valid CD keys as desired, the key generation program enables users to provide different CD keys for different installations, thus circumventing the intent of WPA.

Does it work?  We visited a site that claims to have the program available for download.  After uncompressing the 20kB zipped file, we followed the included instructions and generated keys for Microsoft Office XP Professional (the program also generates keys for Visio XP as well as different variants of Windows XP).  After a few minutes, the program produced seven different keys.  We then used one of these keys on a test installation of Office XP that we purchased at Sam's Club. 

Skeptically, we tried the first key and were surprised to find that it was valid.  Still, we suspected that this could be the result of a few real keys embedded in the program that would not pass the muster of activation.  However, to our amazement, we were able to flawlessly activate Office XP via the Internet.  Consequently, there seems to be no barrier to completing activation over the phone either.

It appears that Microsoft's WPA is based upon a key generation algorithm rather than a fixed database of "real" CD keys.  Presumably "XPKeyGen," as the program is also being called, works by reproducing this logic.  Somehow the author has obtained -- or perhaps cracked -- Microsoft's WPA key generation algorithm.

Clearly, if this program typically works with the success that we have seen, it poses a blow to Microsoft's nefarious WPA strategy, a plan that attempts to tie every WPA-enabled program to a single machine by uploading a user's installation information to a central Microsoft database.  This database is cross-checked whenever a program is activated, which occurs on program installation or whenever the system's hardware configuration has changed significantly. 

Whenever activation fails, usually because of hardware configuration changes or because software is moved to a different computer, the user has to telephone Microsoft and explain why they should be given another activation code.  Since we at VHJ test hardware for a living, we have had to call Microsoft on several occasions to beg for activation codes just so that we can continue to use the software we purchased.

Mechanisms similar to WPA -- but even more invasive -- are in the works for preventing the "casual copying" of digital entertainment media such as DVD movies and CD music.

VHJ does not condone the use of illegally obtained software, nor do we make any claims that XPKeyGen is safe to use, nor does VHJ endorse this program.  VHJ has no connection to MSBetaNG, the distributor of this program, nor does VHJ have any knowledge of the program's author.


Pssst!  We've updated our Shopping Page.