Asks federal court for authorization to subpoena Comcast for subscriber info Microsoft has asked a federal judge permission to serve Comcast with a subpoena to identify alleged software pirates who have activated thousands of copies of Windows 7 and Office 2013 using stolen or abused codes, according to court filings.“For an unknown period of time — but for at least the past three years — the Infringing IP Address has been used to activate thousands of Microsoft product keys,” Microsoft said in a March 4 motion to a Seattle federal court.Those keys had been stolen from the company’s supply chain, used more times than legal, were actually keys assigned to someone else or were activated outside the geographic region they were intended for.Microsoft, like many other software vendors, uses product keys — in Microsoft’s case, a 25-character alphanumeric string — to individually lock a license to a device. Keys are a core component of Microsoft’s anti-piracy technology. The Redmond, Wash. company wants the authority to serve Comcast with a subpoena that would force the ISP (Internet service provider) to identify the subscriber at the IP address Microsoft claimed was the origin of the product activation requests. If Comcast has assigned the IP address to a downstream ISP — not uncommon — Microsoft wants that ISP’s name and the right to subpoena that firm as well.“Despite reasonable efforts, including various investigative techniques, Microsoft has been unable to positively identify the Doe Defendants,” Microsoft’s motion stated. “At present, the best information Microsoft has for identifying the Doe Defendants is the Infringing IP Address and the dates and times the Doe Defendants used the Infringing IP Address to activate product keys.” Microsoft has changed how it activated its software numerous times in the past, but the basic principles have remained the same: A product must be activated to continue to work with full functionality.With Windows 10, Microsoft again altered activation by debuting — in some, but not all cases — something called “digital entitlement,” which stores the activation status of a device on Microsoft’s servers. Once an activation status is set to a device, it should remain activated, even after a reinstallation of the software (with some caveats, such as significant changes to the hardware). Digital entitlement can be thought of a move to do away with, or at least reduce reliance on, the 25-character keys, and so as a new way to combat the piracy alleged in the court case.Older software, including Windows 7 and Office 2013, however, continue to rely on product keys for activation. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe