WindowsXP Protection Hacked...

[Emo]

This shows how well the Protection on WinXP is where you "Have" to buy it, you can't just install it from a friend...

Click here to read the article about it...

-Emo

[adamcox]

Link doesn't work, can you give us the jist of it?

[kovan]

damn it
they always beat you to it
i REALLY was destined to break this protection

i got beaten to it

[adamcox]

Better Luck Next Time

[JungleMan]

They aren't doing this to stop any hackers or l33t warez d00dz (yes i hate that terminology and h4x0rs bite), they are doing it to stop Joe Average, who owns a Compaq with Windows ME, still loaded with the OEM stuff. Microsoft will NEVER come up with a good protection scheme, neither will anyone else. They can stop the 95% of people who don't know **** about computers.

It's like the childproof cap on a bottle of pills, the smart person (adult) can open it, but the kid (95% of users) can't open a simple cap like that so why bother putting padlocks on the bottle?

[chrisjk]

Originally posted by jpbtennisman
they are doing it to stop Joe Average, who owns a Compaq with Windows ME, still loaded with the OEM stuff

good point

[progeix]

Nothing.. I repeat.. NOTHING..
Let me Repeat

NOTHING

Is Ever Safe..
EVERYTHING can be cracked.. some take time.. SOME take Reg Entries.. some take files..

EVERYTHING can be cracked.. /burned/warez/exchanged

THEREFORE nothing is 100% safe..
People incorperate serial numbers - which can be passed through SoftICE to get a working KEY..

People add in CRC Protection.. but yet again, ALL THEY HAVE TO DO IS REMOVE THE PART OF THE PROGRAM THAT CHECKS THE CRC..

People Release 2 versions, a beta which only includes CERTAIN functions, and then another which is the FULL Thing..
well the FULL version will be passed around as a warez..


ETC.ETC.ETC
And there you go..
Anything can be worked around.. even the SDMI file format was said to be UNBREAKABLE.. some freakin guy broke it in 3 months.. OF course he got SUED.. but he DID due it..

If microsoft thinks they can even BYPASS this.. they are wrong.. for EVEN Microsoft's Windows Installation .. which is YES.. an EXE file.. could be cracked..


Just wanting to show you people.. that the only way to make sure that your work is never cracked.. - don't release it

PS. I am just proving a point.. do not flame me, and lastly, I am not a hacker, cracker, etc. I can't even use/have SOFTICE.. I just know how things work..

This is ONLY for insight.. not for tutorials, or anything else, this is my point of view, and you should not take it SERIOUSLY..

[chrisjk]

not saying you're wrong or anything progeix, but check these out...

Rijndael algorithm
Rijndael algorithm, also known as an Advanced Encryption Standard (AES), is used for encryption and decryption of files and text.
Rijndael is an iterated block cipher with a variable block length and a variable key length. The
block length and the key length can be independently specified to 128, 192 or 256 bits.

The Advanced Encryption Standard (AES) will be a new Federal Information Processing Standard (FIPS) Publication that will specify a cryptographic algorithm for use by U.S. Government organizations to protect sensitive (unclassified) information. NIST also anticipates that the AES will be widely used on a voluntary basis by organizations, institutions, and individuals outside of the U.S. Government - and outside of the United States - in some cases. NIST has selected Rijndael as the proposed AES algorithm.
More informations abour Rijdael algorithm and AES you can find at:

http://csrc.nist.gov/encryption/aes/

http://www.nist.gov/public_affairs/releases/g00-176.htm



Why did NIST select Rijndael to propose for the AES?

When considered together, Rijndael's combination of security, performance, efficiency, ease of implementation and flexibility make it an appropriate selection for the AES. Specifically, Rijndael appears to be consistently a very good performer in both hardware and software across a wide range of computing environments regardless of its use in feedback or non-feedback modes. Its key setup time is excellent, and its key agility is good. Rijndael's very low memory requirements make it very well suited for restricted-space environments, in which it also demonstrates excellent performance. Rijndael's operations are among the easiest to defend against power and timing attacks.

Additionally, it appears that some defense can be provided against such attacks without significantly impacting Rijndael's performance. Rijndael is designed with some flexibility in terms of block and key sizes, and the algorithm can accommodate alterations in the number of rounds, although these features would require further study and are not being considered at this time. Finally, Rijndael's internal round structure appears to have good potential to benefit from instruction-level parallelism.

AES key sizes

The AES will specify three key sizes: 128, 192 and 256 bits. In decimal terms, this means that there are approximately:

3.4 x (10^38) possible 128-bit keys;

6.2 x (10^57) possible 192-bit keys; and

1.1 x (10 ^77) possible 256-bit keys.

What is the chance that someone could crack an AES key?

Assuming that one could build a machine that could recover 255 keys per second, then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

and

Twofish is the fastest encrypting algorithm from the field chosen by National Institute of Standards and Techology (NIST) http://www.nist.gov of 5 final candidates for the new (Advanced Encryption Standard) AES.

It works on both 32-bit and 8-bit CPUs (smart cards, embedded chips, and the like) and in hardware. Plus it's flexible; it can be used in network applications where keys are changed frequently and in applications where there is little or no RAM and ROM available.
The Twofish block cipher is Counterpane Labs's candidate for the new Advanced Encryption Standard (AES) .

Twofish is unpatented and the source code is uncopyrighted and license-free; it is free for all uses.



Twofish cipher is unbreakable:

There was never an attack that got anywhere near breaking the full 16-round version of the cipher. Best attack breaks 5-round Twofish (without the post-whitening) with a differential attack, requiring 240 chosen plaintext pairs and 299 time.

[progeix]

re-read my post

"EVERYTHING can be cracked.. some take time.. "


As in, if you encrypt something, then someone can invent code to DECRYPT it..

Sure, it took take SECONDS.. it could take millions of years.. the point to my post is .. it CAN be cracked.




Lastly, Yes, i know MICROSOFT did this for the Average Joe
who doesn't know where to get Warez or has a 56k modem.. etc.
but still..

I don't think microsoft took in to consideration that NOT EVERYONE owns a computer.. and those who do.. are NOT all idiots

Sorry again.. just stating

[Beacon]

Perhaps they should cover it in a condom or something!
For extra protection!

[JungleMan]

Originally posted by progeix
re-read my post

"EVERYTHING can be cracked.. some take time.. "


As in, if you encrypt something, then someone can invent code to DECRYPT it..

Sure, it took take SECONDS.. it could take millions of years.. the point to my post is .. it CAN be cracked.




Lastly, Yes, i know MICROSOFT did this for the Average Joe
who doesn't know where to get Warez or has a 56k modem.. etc.
but still..

I don't think microsoft took in to consideration that NOT EVERYONE owns a computer.. and those who do.. are NOT all idiots

Sorry again.. just stating

As a matter of fact, I read somewhere that Microsoft was expecting the code to be cracked. They said "Sooner or later it will be cracked", instantly revealing their true goal. if they were really nervous about "Warez d00dz" they wouldn't have made the security so loose, and wouldn't have said what they said.

And about the Twofish thing, I agree with Progeix...even if it's supposedly "uncrackable", where there is an encrypter there is a DECRYPTER. Sooner or later, someone will get their hands on that, and it won't take millions of years.

[chrisjk]

Originally posted by progeix
Sure, it took take SECONDS.. it could take millions of years.. the point to my post is .. it CAN be cracked.

Actually it said 149 trillion years. Seen as the world is going to end in 5 billion years when the sun explodes, that would mean it could NEVER be cracked.

[progeix]

If you are right, that it will "NEVER" be cracked//

but that doesn't mean that someone could actually stumble upon the code accidentally and get it sooner

either way.. they'd have to shoot the people WHO CODED IT .. if they even wanted it to be SECURE..

ok
maybe instead i should say

NOTHING IS 100% SECURE

[chrisjk]

Originally posted by jpbtennisman
where there is an encrypter there is a DECRYPTER. Sooner or later, someone will get their hands on that, and it won't take millions of years.

I disagree. There are several instances where there are no decrypters. Take UNIX passwords for example...there is no decrypter. Not even UNIX decryptes them; it encrypts what you type in, then compares it with what is stored.

How about Perl's Crypt function...there's no known decrypt to that either. How about VB6 exe's? There's no decompiler to that, only VB5. And VB6 has been around for a while now.

[JungleMan]

Originally posted by chrisjk
then compares it with what is stored.

So, where is the encrypted password stored? It must be somewhere...

[chrisjk]

Originally posted by jpbtennisman
So, where is the encrypted password stored? It must be somewhere...

No idea. System files I guess. You might be able to read it, but at the moment there is no known way to understand it.

[JungleMan]

Originally posted by chrisjk
No idea. System files I guess. You might be able to read it, but at the moment there is no known way to understand it.

Yes, but it is still there and the data is raw.

I am not going to argue about how hacking works; simply put, there is a crack for every major program out there. As for the unpouplar ones, well they could be cracked but nobody's tried cracking those yet.

I'm not a hacker or a cracker, and I'm not condoning cracking, but there's always someone out there who can do it.

[chrisjk]

well maybe your right, who knows.