BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Never Lose Your License Keys or Proof of Ownership Again

Posted April 23, 2010    Morey Haber

I had the unfortunate experience this weekend of working with Microsoft’s Genuine Office Validation Product. Let me give you the skinny on this one.

Microsoft released an update that validates whether your operating system or office product is genuine or a bootleg copy several years ago. The system verifies the registration with an online database and pops up a warning saying your product may not be genuine if there is a match to their database. Sounds like a great way to stop piracy – except for when it trips incorrectly and it becomes increasingly difficult to access vulnerability patches until you verify you have a legitimate version.

So how did I get into this mess? Well, a friend recently had a hard disk failure and needed to have the system re-imaged. The onsite technician reloaded the system and MS Office since it came with the computer. When he reinstalled, he did not use the license key that shipped with the computer but rather some obscure one he had in his bag of tricks.

Guess what? That key is in the “bad” database from Microsoft. Okay – a simple search through an online KB database revealed a registry key to delete and restart of office to prompt for a new key. Again, simple enough. I entered the key and no dice, the registration program would not accept the original number since we had two different versions of Office installed.

The only recourse was a complete uninstall and reinstall of office to correct the problem. Total time, a little over an hour but the annoyance meter started to peak at 10. A little lesson I learned a few years ago would have helped from day one.

If you are like me, and you do not save every box that ships with software or hardware, I found a great way to be a minimalist about proving ownership and license keys:

1. Save all the original CDs and DVDs in a binder made to hold discs. This minimizes space to a single binder for all original software.

2. Cut out all of the UPC codes on boxes and manuals and store them in a folder. This proves purchase and ownership.

3. Save all original purchase receipts with the UPC codes.

4. Any holograms or authentication seals, cut out or rip the page off the book and store in the same folder. This proves licensing.

5. Finally, any location that has serial numbers, cut out and store as well. (Note many new systems have the OS and MS Office serial numbers directly on the PC in the form of stickers.)

This allows you to toss all books, manuals, and trash that accompanies each purchase and prove ownership and licensing if needed. These may sound trivial but how many times have you hunted for software keys and licenses for a reinstall?

Simple organization will go along way and allow to keep your system up to date.

Leave a Reply

Additional articles

powerbroker-for-mac-diagram-small

PowerBroker for Mac: A Least-Privileged Apple a Day…

Posted July 27, 2015    Jason Silva

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials.

Tags:
, ,
PrivilegedAccountManagement

On Demand Webinar – Now is the time for Privileged Account Management

Posted July 24, 2015    BeyondTrust Software

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

Tags:
, ,
dave-shackleford-headshot

Privileged Account Management: The Time is Now

Posted July 22, 2015    Dave Shackleford

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.

Tags:
, ,