This looks at Microsoft Product Activation (MPA)
How does MPA identify the computer's hardware?
MPA detects the hardware configuration for the computer where the product is being installed, and then MPA creates a hardware hash value for that configuration. A hash is a value that is mathematically derived from another value. In this case, the hash is derived from the hardware configuration values. MPA does not scan the customer's hard disk, detect any personal information, or determine the make, model, or manufacturer of the computer or of its components. MPA uses hash values because of respect for users' privacy. A hash value cannot be backward-calculated to determine the original value. Additionally, Microsoft only uses a part of the original hash values. These hash values are combined to form the hardware hash.
Can I change or upgrade my hardware components?
MPA can tolerate some change in hardware components by allowing a degree of difference between the current hash value and the hash value that was originally activated. Users can change hardware components without having to reactivate the product. If users make substantial changes to their hardware components, even over long periods of time, they may have to reactivate the product. In that case, users may have to contact a Microsoft customer service representative by telephone to reactivate.
How does MPA determine tolerance? How many components of the computer can I change before I have to reactivate?
Common changes to hardware, such as upgrading a video card, adding a second hard disk, adding RAM, or upgrading a CD-ROM or DVD-ROM drive, do not require reactivation.
Specifically, MPA determines tolerance by using a point system. Ten hardware characteristics are used to create the hardware hash. Each characteristic is equal to one point, except the network card, which is equal to three points. Tolerance is determined by what has not changed, instead of what has changed. If the current hardware hash is compared to the original hardware hash, there have to be seven or more matching points for the two hardware hashes to be considered in tolerance. For example, if the network card, which is equal to three points, remains the same, only four additional points have to match. If the network card has been changed, a total of seven points have to match. If the device is a portable computer (specifically a dockable device), additional tolerance is allotted and only four matching points are required. Therefore, if the device is dockable and the network card has not changed, only one additional point has to be the same, for a total of four points. If the device is dockable and the network card has changed, a total of four points have to match.
Are the changes cumulative? If I change one component today, and then change one component tomorrow, is that considered two component changes?
The changes are cumulative; however, if a user is asked to reactivate, the hardware profile is reset to the new configuration.
What are the 10 hardware characteristics that are used to determine the hardware hash?
The following 10 hardware characteristics are used to determine the hardware hash: Display adapter
Network adapter media access control address
RAM amount range (for example, 0-64MB or 64-128MB)
Processor serial number
Hard disk device
Hard disk volume serial number
Does MPA deter hard disk cloning by comparing the hardware hashes?
One form of piracy that MPA helps guard against is hard disk cloning. Some forms of hard disk cloning are allowed. However, by comparing the original hardware hash to the current hardware hash, MPA deters hard disk cloning by requiring reactivation if the hardware hashes are substantially different.
If I reformat my hard disk, is reactivation required?
If you reformat the hard disk and you reinstall the product, reactivation is required. The same grace periods for activation apply in this situation. You can reactivate a product on the same computer as many times as you require. The activation can be completed over the Internet or by using the telephone.
Does MPA put cookies on my computer when I activate?
No. MPA does not put any cookies on your computer as part of activation.
Does MPA really help reduce piracy?
MPA is not the end of global piracy. However, MPA is significantly more sophisticated than past methods and is not easy for would-be pirates to circumvent. At the same time, it is an easy process for customers who have valid software. It helps deter casual copying of software, which is by far the single most prevalent type of software piracy. It also helps deter some hard disk cloning and counterfeiting. It is not designed to target sophisticated and organized criminal counterfeiters.
Product activation has been cracked before and it will be cracked again. What's the use?
Product activation is significantly harder to crack than most people think. The measure of success is not completely stopping software piracy. Completely stopping piracy is not an attainable goal. Success is better measured as increased awareness of the terms of the license agreement and increased license compliance.