Jump to content

How Does Windows Know My Key Is Valid?

Manage My Cables
By Manage My Cables
in Windows
 Share
Posted

Right so I brought a Windows 10 key off kinguin.com a couple hours ago. I activated it on my new media pc about 5 minutes after purchase. At this point in time the pc had never been connected to the internet but accepted the key? How does my pc know the key is activated? 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

The formatting perhaps.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, Manage My Cables said:

Right so I brought a Windows 10 key off kinguin.com a couple hours ago. I activated it on my new media pc about 5 minutes after purchase. At this point in time the pc had never been connected to the internet but accepted the key? How does my pc know the key is activated? 

 

If the PC has accepted the key then it is most likely valid but if it fails to activate over the internet, then it probably isn't genuine.

I suck a typing, preparw for typos.

Desktop

CPU: Ryzen 7 3700x MOBO: MSI X570-A Pro RAM: 32 GB Corsair DDR4

GPUS: Gigabyte GTX 1660ti OC 6G  CASE: Corsair Carbide 100R STORAGE: Samsung Evo 960 500GB, Crucial P1 M.2 NVME 1TB   PSU: Corsair CX550M CPU COOLER: Corsair H100x

 

LAPTOP

Apple Macbook Pro 13 M1 Pro

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

There's a complicated math process done to the key during the offline validation. It's nowhere near this simple but just as an example it can convert the ASCII characters to binary, add them all up, multiply the result by four and see if the four middle digits are 0010. It then accepts it at face value if it adds up.

If hackers get a hang of that math algorithm, they can reverse-engineer it to generate valid keys. If windows didn't do an online lookup later on, or if there was a way to disable the online lookup, you'd get away with it. That's how keygens work. But to counter that, windows does do an online lookup as soon as you connect the machine to the internet. They see if your exact key is on a list of valid keys (whitelist) or if it's on a list of known leaked keys (blacklist) and go from there. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
5 minutes ago, Naeaes said:

There's a complicated math process done to the key during the offline validation. It's nowhere near this simple but just as an example it can convert the ASCII characters to binary, add them all up, multiply the result by four and see if the four middle digits are 0010. It then accepts it at face value if it adds up.

If hackers get a hang of that math algorithm, they can reverse-engineer it to generate valid keys. If windows didn't do an online lookup later on, or if there was a way to disable the online lookup, you'd get away with it. That's how keygens work. But to counter that, windows does do an online lookup as soon as you connect the machine to the internet. They see if your exact key is on a list of valid keys (whitelist) or if it's on a list of known leaked keys (blacklist) and go from there. 

Thank You very much for explaining that :)

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×