Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Windows Government Privacy Security Software The Courts News Your Rights Online

Microsoft To Court: Make Comcast Give Us Windows-Pirating Subscriber's Info (networkworld.com) 259

An anonymous reader writes: Microsoft is using the IP address 'voluntarily' collected during its software activation process to sue a Comcast subscriber for pirating thousands of copies of Windows and Office. The Redmond giant wants the court to issue a subpoena which will force Comcast to hand over the pirating subscriber's info. If the infringing IP address belongs to another ISP which obtained it via Comcast, then Microsoft wants that ISP's info and the right to subpoena it as well. "Defendants activated and attempted to activate at least several thousand copies of Microsoft software, much of which was pirated and unlicensed," Microsoft's legal team wrote. The product keys "known to have been stolen" from Microsoft's supply chain were used to activate Windows 8, Windows 7, Office 2010, Windows Server 2012 and Windows Server 2008. The product keys, Microsoft said, were used "more times than is authorized by the applicable software license," used by "someone other than the authorized licensee," or were "activated outside the region for which they were intended." Whether or not the IP traces back to a Comcast subscriber or was assigned by Comcast to a different ISP, as the The Register pointed out, "It would be a significant gaffe on behalf of the alleged pirates if the IP address data pointed to their real identifies."
This discussion has been archived. No new comments can be posted.

Microsoft To Court: Make Comcast Give Us Windows-Pirating Subscriber's Info

Comments Filter:
  • Uggggh (Score:5, Informative)

    by Anonymous Coward on Wednesday March 09, 2016 @07:07PM (#51669233)

    So... Microsoft is protecting its intellectual property by using information that everyone knows is transmitted when Windows is activated? Why is this news?

    • Re:Uggggh (Score:5, Funny)

      by arbiter1 ( 1204146 ) on Wednesday March 09, 2016 @07:32PM (#51669357)
      It is news since normally MS doesn't sue people, but this is a case of many thousands of activation's from 1 IP so.
      • It is news since normally MS doesn't sue people, but this is a case of many thousands of activation's from 1 IP so.

        Agreed. It is quite reasonable to track down a source from which thousands of copies were made. If it's a big IT shop that is doing unlicensed installs as part of a repair process without thinking it's a big deal maybe you let them settle for lawyer's fees, a big slap on the wrist, and a promise not to do it again--but if it's someone who made thousands of bootleg copies and sold them, more serious action is warranted.

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      What I don't understand is why Microsoft let it activate thousands of times. I mean, isn't this exactly the kind of thing that the activation is supposed to prevent? If the keys were activated too often and/or used outside their issued area, shouldn't the activation have failed? If so, why bother prosecuting since it won't be usable and no harm has been done? If the activation didn't fail, and the keys really were stolen, how do they know and if they know, why didn't they just blacklist them?

  • ok (Score:2, Insightful)

    by Anonymous Coward

    I'm with M$ about this. Use Ubuntu and Libreoffice if you don't have the dough.

  • by zenlessyank ( 748553 ) on Wednesday March 09, 2016 @07:14PM (#51669255)
    Saved by the NAT!!!
    • I'm a moderator on a support forum for the Linux distro I use. (It doesn't matter which one.) All posts by new users are moderated until a moderator changes their status from New User to Registered User. On the moderation page, all poster's IP addresses are listed, and they're all the machine's personal IP, not their connection's public IP. Unless Microsoft is storing the public IP, what they have is useless. I can't help but wondering if they really expect to get anything from this they can use, or it
      • You really think the MS security techs (or their registry system) is that lame? MS would almost certainly store the public IP which originated the registration request. It's not magic - it's part of the network connection.

      • Your forum is probably operating behind some kind of reverse proxy.

  • by ZorinLynx ( 31751 ) on Wednesday March 09, 2016 @07:17PM (#51669269) Homepage

    ...well, unless they are a complete idiot.

    I wouldn't do something like this from my own IP address. That would be quite daft. I would instead find an open Wifi, or use a VPN or some other network where it can't be traced to me.

    This is just going to get the owner of the IP snared up in the court system for no good reason. Microsoft should just invalidate the keys that were stolen and move on.

    • Well activate 1000's of copies of MS software from 1 IP, they gonna notice.
    • You'd be surprised, there are some fantastically stupid criminals out there. $5 says this person was doing installs at their residence and activating Windows and Office on these machines then selling or installing the machines at customer sites, charging for the OS and Office without paying Microsoft their share. Invalidating the licenses would probably be the best way to get back at this person as it would make their customers come back to them en masse.

  • Was already reported on TF https://torrentfreak.com/micro... [torrentfreak.com] last month.

  • Microsoft suddenly cares about piracy of it's OS? That's new.

  • No (Score:5, Insightful)

    by sexconker ( 1179573 ) on Wednesday March 09, 2016 @07:45PM (#51669425)

    While MS should go after piracy on this scale, they should be denied their request, because:

    product keys "known to have been stolen" from Microsoft's supply chain were used to activate Windows 8, Windows 7, Office 2010, Windows Server 2012 and Windows Server 2008.

    If they were known to be stolen, then MS has a duty to limit losses. They can blacklist the keys and prevent further activation. If they were "known to have been stolen" then MS should have limited their losses as soon as they found out.

    The product keys, Microsoft said, were used "more times than is authorized by the applicable software license,"

    Again, MS has the ability to enforce this. Activation is their job, and if they allow a key to be activated thousands of times that's their fault. I commend them for being lenient - I've certainly relied on being able to activate a single key several times when building / upgrading PCs. But allowing thousands of fraudulent activations is a joke. More than a few a year should trigger alarm bells at Redmond.

    used by "someone other than the authorized licensee," or were "activated outside the region for which they were intended."

    MS can't prove either of these. Even if they know the authorized licensee, they don't know who is using the keys thousands of times. They can't know who it isn't without knowing who it is. If they knew who it is, they wouldn't need to subpoena for info. The same thing goes for the region.

    It's also not the court's job to enforce the minutia of the license terms such as region, number of activations, transference, etc., especially when MS is so lackadaisical as to allow the keys to be stolen and for unauthorized activations to go on for so long.

    • by MobyDisk ( 75490 )

      Suppose you work for the IT department of a Fortune 500 company, or a computer repair shop, or a university. You may activate thousands of Windows licenses per year. They could even be the same license key: Windows Embedded, for example, uses the same license key for each device. So Microsoft's automated system might not know if the activations are fraudulent. But if the IP address points to some individual's home, then there is a good chance they are fraudulent. Microsoft can't be sure without that in

      • Comment removed based on user account deletion
        • by guruevi ( 827432 )

          Not all of them but at least they would know which entity holds a particular key and they could (and do) limit it to a particular IP range.

          If they know this key has been stolen, they could just prevent it from activating anything, problem solved, no more activations for you, no expensive lawsuit clogging up the courts.

      • Windows Embedded, for example, uses the same license key for each device. So Microsoft's automated system might not know if the activations are fraudulent

        That's only true if Microsoft is so grossly incompetent that they don't know what the activation codes are for, even though they generated them. No court will be impressed by gross incompetence.

        Now, after looking at the records, Microsoft has evidence of a crime.

        I'm not sure they do. If they're so incompetent that they can't check for thousands of duplicate activations in realtime, which is what the service is supposed to do, then I don't trust them to actually be getting any of the information correct.

    • Re:No (Score:4, Informative)

      by DRJlaw ( 946416 ) on Wednesday March 09, 2016 @09:06PM (#51669743)

      If they were known to be stolen, then MS has a duty to limit losses. They can blacklist the keys and prevent further activation. If they were "known to have been stolen" then MS should have limited their losses as soon as they found out.

      It's copyright infringement whether the copy was activated or not - the copyright act prohibits unauthorized reproduction [cornell.edu], not unauthorized activation. The copyright is also registered. That means that they are entitled to statutory damages [cornell.edu] whether they could have acted to further limit their losses or not.

      But allowing thousands of fraudulent activations is a joke. More than a few a year should trigger alarm bells at Redmond.

      They have three years [cornell.edu] to file a claim.

      MS can't prove either of these. Even if they know the authorized licensee, they don't know who is using the keys thousands of times. They can't know who it isn't without knowing who it is. If they knew who it is, they wouldn't need to subpoena for info. The same thing goes for the region.

      They don't have to prove either of those at this time -- they simply have to show that what they are requesting is relevant [cornell.edu] to those facts. The identify of the subscriber is certainly relevant to determing whether that person is an authorized licensee and is licensed to use those keys within that region.

      It's also not the court's job to enforce the minutia of the license terms such as region, number of activations, transference, etc., especially when MS is so lackadaisical as to allow the keys to be stolen and for unauthorized activations to go on for so long.

      It's precisely the court's job to enforce the minutia of the license terms [wikia.com], because the license terms are a condition of the license (e.g., "we grant you the right to install and run that one copy on one computer (the licensed computer), for use by one person at a time, but only if you comply with all the terms of this agreement." Without the license it's copyright infringement. The rules don't change simply because it's Microsoft enforcing a windows license and not an open source advocate enforcing the GPL.

      Have fun with your theories of how this should work, but no Federal district court (or appellate court) is going to buy them because their job is to interpret and enforce the statute, not ad hoc theories of mitigation, laches, and evidence that you learned from poorly scripted TV dramas.

    • "It's also not the court's job to enforce the minutia of the license terms"

      Having the court enforce terms is the *entire point* of contract law.

    • You sound so adamant about this, but the law simply does not work that way. Just because their security isn't foolproof does not mean that it becomes legal to engage in mass piracy. You are wrong to say that it is not the court's job to enforce the license terms. It is exactly their job. Who else is going to do it?

      And I for one am grateful that they are more lenient on activations as it means that it is less likely to have a false positive prevent an installation. It does mean that they will let the casu

    • by sribe ( 304414 )

      If they were known to be stolen, then MS has a duty to limit losses. They can blacklist the keys and prevent further activation. If they were "known to have been stolen" then MS should have limited their losses as soon as they found out.

      There is nothing in the article to indicate that they knew the keys were stolen before the keys were abused. It could well be that this knowledge came after, as a result of noticing the pattern of fraudulent activations, and investigating.

  • Wasn't this because of a handful of addresses being responsible for the majority of the activations? As in pirating on a business scale and not the average guy who installed pirated windows a few times.

  • They found the IP address of someone who is using the activation keys that are known to have been stolen. Why didn't they turn this information over to the police and let them go after the person? That is supposed to be their job, not Microsofts. At the very least the person would be someone of interest in the theft of the activation keys and I'm sure the police would like to look at the possible large scale piracy of software going on.

  • "activated outside the region for which they were intended."

    Most of the complaint sounds reasonably reasonable but this one really irks me.

    • by GuB-42 ( 2483988 )

      When a company is located in some area and most activations come from all over the place, you know there is something fishy.
      Google can block your account if it is accessed from unusual places, credit card companies do this too. If your request is legitimate it is just a matter of making a phone call or answering a few questions to unlock the situation. So why can't Microsoft do it too?

  • by FirstOne ( 193462 ) on Wednesday March 09, 2016 @09:42PM (#51669867) Homepage

    When they find out that Comcast static IP address(Houston, Tx) is a VPN node setup by some hacker, and the owner had no idea.

    Or, it could be worse, and find out it's a Comcast public wifi IP addr that's been activating all those licenses.

    .

  • I'll laugh if they trace the IP back to their own Azure cloud system.
  • by swell ( 195815 ) <jabberwock@poetic.com> on Wednesday March 09, 2016 @10:48PM (#51670059)

    Companies on the way up embrace the PR related to minor theft- it shows how popular the product is. Game of Thrones, the TV series, was not at all concerned with the massive pirating of their series; it was good publicity (PR) and they made more money than they could count.

    Companies on the way down have a different perspective. It is theft, after all, and it can hurt. The PR that works for them is a very public warning that theft will not be tolerated. Spread the word and some users will go straight, others will reconsider or at least take better precautions when pirating.

    Microsoft has been very lenient for a very long time. Their day may be winding down and it is wise to protect any remaining property of value while they look for a breakthrough miracle product.

    • Re: (Score:3, Informative)

      by thegarbz ( 1787294 )

      Not at all. Microsoft has always chased down commercial level piracy. I find it incredible that people are upset about this. This is business as usual for them.

    • by AmiMoJo ( 196126 )

      I think they realize that a lot of people who want to watch GoT either can't get it in their location or can't afford it. For someone in the UK who wanted to see it on first broadcast they would have to pay £250 (basic Sky package £20/month, minimum 12 months, setup fees), which is about $350 or "insane".

      They have an on-demand service, they know Netflix exists and would happily do distribution for them... They just did the maths and decided that it was better to accept massive piracy

    • Comment removed based on user account deletion
  • Bet few knew this... (Score:5, Informative)

    by Trax3001BBS ( 2368736 ) on Wednesday March 09, 2016 @11:06PM (#51670095) Homepage Journal

    Something many aren't aware of is if you change or upgrade your system you are subtracting numbers from a total allowed before your OS is no longer activated or legal and must be reactivated or re-purchased.

    I use to know them for NT but it's been awhile. A CPU change I know counts as 2 points, a trick was to claim you had a NIC card as it added 2 points to the total.

    “Significant” hardware changes can also trigger the Windows activation process again. For example, if you swap out multiple components on your PC at the same time, you may have to go through the activation process. Microsoft hasn’t explained exactly which hardware changes will trigger this.
    http://www.howtogeek.com/18284... [howtogeek.com]

    • We all knew this but no one cared. Despite the fact that everyone thought the world was going to end when MS introduced the policy it ended up as a minor inconvenience at worst with MS support happy to activate licences on major hardware changes.

    • I call bullshit. Windows NT doesn't have product activation. That was added in Windows XP, released in 2001.
      • I call bullshit. Windows NT doesn't have product activation. That was added in Windows XP, released in 2001.

        Actually in a way there were two, NT or 5.1 was a demo that would only last 120 days.
        There was hack for it that kept it from expiring, and one changing it to a workstation as well.

        From the file:

        This is the crack that allows the NT 4.0 Server / IIS 120 day demo CDs available
        from www.microsoft.com/iis/ to be installed as Workstation rather than Server.
        It also defeats the 120 day time-bomb.

        This is the crack to disable the 120 day time-bomb in the NT 4.0 Server / IIS
        120 day demo CD set being given away for free

      • I call bullshit. Windows NT doesn't have product activation. That was added in Windows XP, released in 2001.

        As knowing the points for NT your right I couldn't of, it's been awhile must of been W2k, I even spent time looking for those points as a NT note.

    • FWIW- I worked with a small business server (I didn't choose the OS, I inherited.) around 2008. It got deactivated due to hardware change (HD failure, we upgraded RAM while at it before reinstalling new drive and restoring backup). SBS wouldn't activate. I called MS per phone number listed clearly on screen, they asked a few basic pieces of info to ascertain the original license and I assume find the reason for decline in their records. I told them the situation and basic, not precise, details of HW chan

  • This was probably just one guy, with one set of product keys, that had to keep reloading the software to try to fix a problem.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...