Asks federal court for authorization to subpoena Comcast for subscriber info Microsoft has asked a federal judge permission to serve Comcast with a subpoena to identify alleged software pirates who have activated thousands of copies of Windows 7 and Office 2013 using stolen or abused codes, according to court filings.“For an unknown period of time — but for at least the past three years — the Infringing IP Address has been used to activate thousands of Microsoft product keys,” Microsoft said in a March 4 motion to a Seattle federal court.Those keys had been stolen from the company’s supply chain, used more times than legal, were actually keys assigned to someone else or were activated outside the geographic region they were intended for.Microsoft, like many other software vendors, uses product keys — in Microsoft’s case, a 25-character alphanumeric string — to individually lock a license to a device. Keys are a core component of Microsoft’s anti-piracy technology. The Redmond, Wash. company wants the authority to serve Comcast with a subpoena that would force the ISP (Internet service provider) to identify the subscriber at the IP address Microsoft claimed was the origin of the product activation requests. If Comcast has assigned the IP address to a downstream ISP — not uncommon — Microsoft wants that ISP’s name and the right to subpoena that firm as well.“Despite reasonable efforts, including various investigative techniques, Microsoft has been unable to positively identify the Doe Defendants,” Microsoft’s motion stated. “At present, the best information Microsoft has for identifying the Doe Defendants is the Infringing IP Address and the dates and times the Doe Defendants used the Infringing IP Address to activate product keys.” Microsoft has changed how it activated its software numerous times in the past, but the basic principles have remained the same: A product must be activated to continue to work with full functionality.With Windows 10, Microsoft again altered activation by debuting — in some, but not all cases — something called “digital entitlement,” which stores the activation status of a device on Microsoft’s servers. Once an activation status is set to a device, it should remain activated, even after a reinstallation of the software (with some caveats, such as significant changes to the hardware). Digital entitlement can be thought of a move to do away with, or at least reduce reliance on, the 25-character keys, and so as a new way to combat the piracy alleged in the court case.Older software, including Windows 7 and Office 2013, however, continue to rely on product keys for activation. Related content news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Government Government news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security news Immersive Labs adds custom 'workforce exercising' for each organizational role With the new workforce exercising capability, CISOs will be able to see each role’s cybersecurity readiness, risk areas, and exercise progress. By Shweta Sharma Sep 27, 2023 3 mins Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe