Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft tweaks antipiracy tech for Windows 7

08 May 2009   #51
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

Quote   Quote: Originally Posted by Jacee View Post
You have near 10 months free trial use with this OS (meaning RC 7100, not any of the other leaks that you've downloaded and use) ... If you are able to send "feedback" on this build, then do so!

Contribute your valid observations and problems with this RC Beta to the final OS build.
Cost will be what it will be. We can't control that end of the spectrum. We can always ask, tho'
I'm glad to see this information was brought up when people state that some leak checks out due to hash numbers. What many don't realize is that the MD5 check sum numbers are still vulnerable where MS is taking that into consideration for 7.

"Vulnerability

Because MD5 makes only one pass over the data, if two prefixes with the same hash can be constructed, a common suffix can be added to both to make the collision more reasonable.
Because the current collision-finding techniques allow the preceding hash state to be specified arbitrarily, a collision can be found for any desired prefix; that is, for any given string of characters X, two colliding files can be determined which both begin with X.
All that is required to generate two colliding files is a template file, with a 128-byte block of data aligned on a 64-byte boundary, that can be changed freely by the collision-finding algorithm.
Recently, a number of projects have created MD5 "rainbow tables" which are easily accessible online, and can be used to reverse many MD5 hashes into strings that collide with the original input, usually for the purposes of password cracking. However, if passwords are combined with a salt before the MD5 digest is generated, rainbow tables become much less useful.
The use of MD5 in some websites' URLs means that Google can also sometimes function as a limited tool for reverse lookup of MD5 hashes.[11] This technique is rendered ineffective by the use of a salt.
On December 30, 2008, a group of researchers announced at the 25th Chaos Communication Congress how they had used MD5 collisions to create an intermediate certificate authority certificate which appeared to be legitimate when checked via its MD5 hash.[5]. The researchers used a cluster of Sony Playstation 3s at the EPFL in Lausanne, Switzerland.[12] to change a normal SSL certificate issued by RapidSSL into a working CA certificate for that issuer, which could then be used to create other certificates that would appear to be legitimate and issued by RapidSSL. VeriSign, the issuers of RapidSSL certificates, said they stopped issuing new certificates using MD5 as their checksum algorithm for RapidSSL once the vulnerability was announced.[13]" MD5 - Wikipedia, the free encyclopedia


My System SpecsSystem Spec
.
08 May 2009   #52
PhreePhly

Windows 7 x64 (RTM via MSDN)
 
 

Quote   Quote: Originally Posted by 12eason View Post
They've spent decades profiting from the theft of other OS's features and are now putting those profits into paying their (under-paid over-worked) programmers to work on more second hand ideas.

'They' don't deserve a cent.
Wow. How uninformed. You might want to check your facts.
My System SpecsSystem Spec
08 May 2009   #53
PhreePhly

Windows 7 x64 (RTM via MSDN)
 
 

Quote   Quote: Originally Posted by Night Hawk View Post
I'm glad to see this information was brought up when people state that some leak checks out due to hash numbers. What many don't realize is that the MD5 check sum numbers are still vulnerable where MS is taking that into consideration for 7.

"Vulnerability

Because MD5 makes only one pass over the data, if two prefixes with the same hash can be constructed, a common suffix can be added to both to make the collision more reasonable.
Because the current collision-finding techniques allow the preceding hash state to be specified arbitrarily, a collision can be found for any desired prefix; that is, for any given string of characters X, two colliding files can be determined which both begin with X.
All that is required to generate two colliding files is a template file, with a 128-byte block of data aligned on a 64-byte boundary, that can be changed freely by the collision-finding algorithm.
Recently, a number of projects have created MD5 "rainbow tables" which are easily accessible online, and can be used to reverse many MD5 hashes into strings that collide with the original input, usually for the purposes of password cracking. However, if passwords are combined with a salt before the MD5 digest is generated, rainbow tables become much less useful.
The use of MD5 in some websites' URLs means that Google can also sometimes function as a limited tool for reverse lookup of MD5 hashes.[11] This technique is rendered ineffective by the use of a salt.
On December 30, 2008, a group of researchers announced at the 25th Chaos Communication Congress how they had used MD5 collisions to create an intermediate certificate authority certificate which appeared to be legitimate when checked via its MD5 hash.[5]. The researchers used a cluster of Sony Playstation 3s at the EPFL in Lausanne, Switzerland.[12] to change a normal SSL certificate issued by RapidSSL into a working CA certificate for that issuer, which could then be used to create other certificates that would appear to be legitimate and issued by RapidSSL. VeriSign, the issuers of RapidSSL certificates, said they stopped issuing new certificates using MD5 as their checksum algorithm for RapidSSL once the vulnerability was announced.[13]" MD5 - Wikipedia, the free encyclopedia
First of all, understand that a CA cert is only a few kilobytes. Forcing a collision with 3 GB of data is a whole other matter. On top of that, not only did we have MD5 hashes to compare, but we also had the far superior SHA-1. Again creating a collision with 3 GB of data using SHA-1 is impossible using today's technology. It would take all of the silicone in the Solar system to build enough processors to be able to achieve that. Add to that that we have 2 hashing algorithms and creating a file of that size that creates a collision in BOTH algorithms is impossible.

PhreePhly
My System SpecsSystem Spec
.

08 May 2009   #54
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

Quote   Quote: Originally Posted by PhreePhly View Post
First of all, understand that a CA cert is only a few kilobytes. Forcing a collision with 3 GB of data is a whole other matter. On top of that, not only did we have MD5 hashes to compare, but we also had the far superior SHA-1. Again creating a collision with 3 GB of data using SHA-1 is impossible using today's technology. It would take all of the silicone in the Solar system to build enough processors to be able to achieve that. Add to that that we have 2 hashing algorithms and creating a file of that size that creates a collision in BOTH algorithms is impossible.

PhreePhly
The thing there is that the people able to do this are far from amateurs! The recent leaks shown as fakes only displayed "amateur hour" for those since you saw Chinese and Russian builds mixed up with English components. As for SHA1 that's not completely invulnerable either!

25C3: Hackers completely break SSL using 200 PS3s - Hack a Day
My System SpecsSystem Spec
08 May 2009   #55
PhreePhly

Windows 7 x64 (RTM via MSDN)
 
 

Quote   Quote: Originally Posted by Night Hawk View Post
The thing there is that the people able to do this are far from amateurs! The recent leaks shown as fakes only displayed "amateur hour" for those since you saw Chinese and Russian builds mixed up with English components. As for SHA1 that's not completely invulnerable either!

25C3: Hackers completely break SSL using 200 PS3s - Hack a Day
These attacks are on certs of very small size compared to the iso. The increased size makes a collision that much harder. The flaw in SHA-1 has yet to be verified and even with the flaw as shown, we would need 2^63 operations versus the ideal 2^80. We're still talking about a huge effort, requiring a government entity at current technology. It would also require far more time than the week or two we saw with the iso release.

However, we need to move the the SHA-2 algorithm.

PhreePhly
My System SpecsSystem Spec
08 May 2009   #56
Snufffed

 

Quote   Quote: Originally Posted by redsoxm16 View Post
fyi 7106 is an older build than the RC
Yes, it is by some reason. but how many people are having major problems with v.7106.... None of the people I know that are using it....
How many people are having problems with 7100, seems the average is 95% have major problems. Personally I think MS threw 7100 together from a mix of others, and figured WTH. the average JOE has no idea what we did.
chek the setup time-date and compare to the iso time-date.
Woops MS did it again.
My System SpecsSystem Spec
08 May 2009   #57
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Strange, Snuffy ... I've had no problems with either 7000 or 7100. I count myself among the 75% or more who that haven't any problems.

What is this build 7106?
My System SpecsSystem Spec
09 May 2009   #58
Uber Philf

W7 RTM Ultimate x64
 
 

I agree with Fliplip, but chances are MS problably wont be so lenient, i mean, look what happened to the MS suite, used to be free, now its GOONE

Enzo.
My System SpecsSystem Spec
09 May 2009   #59
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64
 
 

Well apparently MS wants people to treat the RC as the final product while the RCs are easily activated? And what about just when will 7 actually be out?

"Time for Microsoft to fess up on Windows 7 date" Time for Microsoft to fess up on Windows 7 date | Beyond Binary - CNET News is actually something for an entirely different thread while wondering just what will be seen as far as limitations on 7 once out.

With even the fakes seeing activation you have to wonder how stiff that will be if you just happen to see any change of hardwares on custom builds as well as premade systems?

The thing MS is looking at is not how many times you have to reinstall Windows like a hard drive upgrade or video card replaced but the distribution angle generally referred to as "casual copying". That's one area where the focus would be with a newer method of detecting bogus duplicates and insuring those can't be activated.
My System SpecsSystem Spec
09 May 2009   #60
Snufffed

 

Quote   Quote: Originally Posted by Jacee View Post
Strange, Snuffy ... I've had no problems with either 7000 or 7100. I count myself among the 75% or more who that haven't any problems.

What is this build 7106?
Windows 7 7106 Ultimate :
ISO name: 7106.0.090408-1623_x86fre_client_en-us_Retail_GRC1CULFRER_EN_DVD
With expire date of 3-01-2010


Attached Thumbnails
Microsoft tweaks antipiracy tech for Windows 7-7106-winver.png  
Attached Images
Microsoft tweaks antipiracy tech for Windows 7-7106.setup.png 
My System SpecsSystem Spec
Reply

 Microsoft tweaks antipiracy tech for Windows 7




Thread Tools




Similar help and support threads
Thread Forum
How could this be... To a Microsoft Tech
I've built myself quite a system, Theoretically its nothing short of kick ass, however, it runs low on resources all the time. I built a gaming system, (top of the line for most puter parts) it boots to desktop in under 30 seconds. I have 9 things running in my task bar. I play 2 games Eve Online...
Performance & Maintenance
Issues with some games using a microsoft 360 controller,tweaks needed?
I downloaded this for w7 64bit. Xbox 360 Controller for Windows | Microsoft Hardware I have a game called "Smash cars".I could not get the controls the way I wanted them.All the schemes but 1 are crazy.This game,controls are layed out & you can't edit each button.The 1 scheme that works is ok,but...
Gaming
Microsoft Tweaks Deployment Tools for Windows 7
Microsoft tweaks deployment tools for Windows 7 | All about Microsoft | ZDNet.com
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:13.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App