In his latest on line newsletter, Fred Langa highlights concerns about Microsoft XP's "Windows Product Activation" (WPA) asking if it is a privacy risk? He writes: ?Microsoft's forthcoming "XP" operating system and the Office XP suites/apps (such as Word 2002, Excel 2002, etc) all use an anti-piracy system called "Windows Product Activation," or WPA: Once you've installed XP software, the WPA system keeps track of how many times you've launched the software and/or how much time has passed. Before the end of a Microsoft-determined amount of time or number of launches, you must--- *must*--- register the software or it reverts to a reduced functionality mode. ? ?The allowed number of launches and time varies by product. For example, after 50 launches without registration, Office XP will let you view your documents, but not change them or create new ones. With the Windows XP OS, you get 30 days before you must register. ? ?OK, you might say, so what? Why not just evade the mandatory registration by making up fake information and registering from a throwaway email account? ? ?You can't. Here's why: ? ?When you register XP software, the registration process creates and sends to Microsoft a unique 50-digit numeric fingerprint or code that is a combination of the serial number of your copy of XP, plus additional information about 10 major hardware elements in your system: ? ? 1. CPU serial number ? 2. CPU model number/type ? 3. Amount of RAM in the system ? 4. Graphics adapter hardware ID string ? 5. Hard drive hardware ID string ? 6. SCSI host hardware ID string (if present) ? 7. IDE controller hardware ID string ? 8. "MAC" address of your network adapter ? 9. CD-ROM drive "hardware identification string" ? 10. And whether the system is a dockable unit (e.g. a laptop) or not ? ?But that's not all. Even when it's been fully registered, the WPA component wakes up from time to time to verify that it's still on the original system where it was first installed; and it "phones home" to check with the central Microsoft database to make sure it's still indeed a registered copy. If anything's amiss, your software reverts to reduced- functionality mode. ? ?So, with WPA, Microsoft is quite literally *forcing* registration: Microsoft wants your full-fare money for the software *and* they want to know who you are and what PC you're using--- and you better give it to them pronto, buster, or they'll cripple your software! ? ?Sheesh! ? ?There's lots more to the WPA story, and I've made this large and important topic the focus of the current InformationWeek column, live now at http://www.informationweek.com/851/langa.htm . (If you arrive early, the link won't work: just try again a little later.) Or, you can use the general "front door" to InformationWeek.Com's "Listening Post:" http://www.informationweek.com/LP/ ? ?In that new column, we'll discuss all the above, plus: exactly what is-- ?- and is not--- being "phoned home" by WPA; how much latitude you'll have in changing your system before the WPA decides to cripple your software; things you may not know about product licensing; how the malicious hacker community is responding; and lots more. ? ?How do you feel about being *forced* to register your software? How do you feel about WPA monitoring your hardware setup? What about its phone- home activity? Or its ability to cripple your software setup? Do you think WPA will prevent piracy, or will it simply drive people to less- expensive and user-friendlier competitors? Will you use XP? ? ?Your voice is your vote--- please join the discussion! ? ?http://www.informationweek.com/851/langa.htm ? Click to email this item to a friend ? http://www.langa.com/sendit.htm? This is the most comprehensive and trenchant comment on XP?s WPA so far. We have asked Microsoft for comments on why it is necessary to re-activate Office XP every now and then, but so far have received no response. Let?s have your comments also.