Software giant Symantec last month announced that it will add product activation technology to all of its consumer products, starting with Norton Antivirus 2004. The idea is to prevent large-scale piracy operations from thieves who counterfeit Symantec programs and offer them to customers on the Web. The company estimates at least 3.6 million bogus copies of its programs are sold annually.
The measure may help alleviate the counterfeit problem, but the product activation itself is not exactly waterproof. The Register had no problem of finding a key generator on the Web and installing a full version of Norton Antivirus 2004 on several PCs without Symantec knowing it.
When you buy the product on a CD, you have to plug in a software key printed on the CD sleeve. From there, a wizard checks the hardware configuration, including the hard drive serial number and configuration.
Based on this information, the software creates an alphanumeric code and transmits this code to Symantec through the internet. Otherwise, the wizard prompts you to call an automated phone service to complete activation.
Here is where the activation fails miserably. The key generator will not only provide you with a serial number, but also with a final unlock code. No need to call an automated phone service either.
The key generator won't work with the trial versions, only with the full program which we located on a murky Russian website.
As is the case with Microsoft's product activation, the technology is based upon a key generation algorithm rather than a fixed database of real CD keys. All the key generator seems to be doing is reproducing this logic.
Other more obtrusive product activation techniques may prove unpopular. Earlier this year Intuit dropped its product activation policy after complaints from customers, who had to provide some basic information about their PC before they could use its TurboTax product. ®