When it rains, it pours--and sometimes it even brings lightening. Over the last couple of weeks the area where I live has experienced its share of foul weather, including numerous lightening strikes. As you know, lightening is not friendly to electronics and even with the best efforts of surge suppressers and good electric grounding, equipment can still become damaged due to electromagnetic (EM) radiation from lightening. EM can transfer into any conductor, and in many cases damage is inflicted before a conductor can move any excessive current to ground or detonate a fuse to break the path of the current before it damages any connected equipment.

I learned about surge protection and its limitations when I studied electronics years ago, but I never experienced a deficit from it until recently, during several spurts of foul weather. During a recent storm lightening struck very close to the building where my network gear is located, and a few days later during another storm a bolt of lightening actually struck the building directly, where that lightening bolt literally entered the building through an open window.

During those two lightening strikes I lost a router--which literally exploded although in a minor fashion--as well a standard network hub, a wireless network hub, a printer, and a couple of surge suppressers. All totaled the strikes cost about $1000 in destroyed equipment, but what it cost in time was even more significant even though I managed to replace the failed equipment relative soon. In summary I had to change network hubs since my wireless hub was fried, and subsequently had to change the NICs in my computers to support a wired network while waiting to obtain a replacement wireless hub. But since my router was also destroyed I had no high speed Internet connection, so I had to switch to modem backup while waiting to obtain a replacement router. Long story short, my network topology, as well as workstation configurations changed at least three times during the course of the past month alone, not to mention previous months. And the changes weren't necessarily because I wanted to make changes, but because of extenuating circumstances beyond my control.

The reason I bring this up because of Microsoft's upcoming Windows XP operating system, which as you know carries a mandatory registration process. Any activation key for Windows XP will be based on specific hardware configurations that include most, if not all, key components of a system. Last week a German company, Fully Licensed GmBh, released a set of documents (see URL below) where the company claims to have reverse engineered the exact product registration process used by Windows XP, and the results are quite startling to say the least.

In the documents it is revealed that there are 10 system components used to determine a product activation key: System volume serial number, NIC MAC address, CD-ROM hardware ID string, video card ID string, CPU serial number, SCSI adapter ID string, IDE controller ID string, RAM size, processor model string, and whether the system is dockable or not, as in the case of many notebook computers. If more than 3 of any of those items change on a given system then product reactivation is required. Additionally, if the system is dockable, then only seven of the items are compared to determine how a system has changed. The SCSI, IDE, and video card strings are ignored in this case, but even so if more than three of the remaining seven change then reactivation is required.

Before I read the documents from Fully Licensed I was truly concerned about just how much of a headache Windows XP activation might be for people who have a steadily morphing network for whatever reasons, and for people who suffer significant hardware failures due to whatever causes. My concern, as well as everyone else's I suspect, is largely the result of Microsoft's silence on the matter. And why they've remained silent remains a mystery to me.

Nonetheless, after reading the documents published by Fully Licensed I now realize my worries were unjustified for the most part. During my recent equipment failures I did in fact have to change key system components, such as network cards as well as DVD drives (from CD-ROM drives) in order to read particular media. But my changes did not exceed the reactivation requirements as published by Fully Licensed, so had I been running XP (and I am not) then it wouldn't have placed me in a position to reregister, and thus I wouldn't have suffered any more downtime than it took me to replace the required equipment and components.

On a related note, the documents published by Fully Licensed reminds me of a brief conversation I had several months ago with someone who works in Microsoft's security group. We were discussing XP license activation and he commented that it was his opinion that in all probability, a crack for activation would precede the public release of the new OS. Well, I haven't heard of any cracks for XP registration just yet, but after reading the documents published by Fully Licensed I sense that perhaps they've offered up just a little bit too much detailed information about how the registration process works. I can't even count the number of times some brilliant hacker has taken a minor set of information and turned it into a fully functional demonstration. I expect it won't be long now until pirated XP license activation becomes commonplace among the computer underground, which seems rather ironic, given the fact that activation is meant to prevent piracy. But we all know what happens when someone says, "don't" –- more often than not it basically guarantees that someone surely will.

Before I sign off this week I want to let you know that Microsoft changed the location of the new version of cipher.exe, which I had discussed last week. It seems that the location was changed on the very day we published the newsletter, last Wednesday. The current location for new version of cipher.exe is located at the URL below. Until next time, have a great week.

Cipher.exe Program
Fully Licensed documents