A while ago the telephone-based product activation process of Windows XP was independently analyzed by tecCHANNELSince then the information that is revealed by the installation ID, which users are required to supply to Microsoft during telephone-based product activation, has been known in detail. Since then it has also been known that this information is no threat to the users' privacy.
Unfortunately this analysis has left the question unanswered what information Internet-based product activation reveals to Microsoft and how Internet-based product activation therefore impacts the users' privacy. This question is particularly interesting, as Internet-based product activation involves transmitting an amount of data to the Microsoft activation servers that exceeds the amount of data contained in the installation ID by orders of magnitude. This article closes this gap by documenting the protocol employed by Internet-based product activation. We will be looking at the case of Internet-based product activation without the optional registration.
News source: TechChannel