Can 'cracked' product keys harm the user in any way?
If a user download commercial software through the official, corresponding website, but use a product key which you did not legitimately purchase (e.g. websites that offer a list of product keys for free), does that harm anything other than the company who made the piece of software?
I was wondering if the person who generated those product keys can see which user(s) have used that key and are able to harm them in any way.
Exactly *how* does one go about getting these product keys? Its sone thing for you to get the string `AAAA-1234-BBBB-5678` and enter that into the license page. It is *quite* another to download some software that prints out the product key.
@LorenPechtel Indeed I have. And I was hoping that Ben would clarify if he means "finding the string `AA...` online, or downloading some a key generator. The two options have *very* different risks on a given machine. I bring this up because there is a fair bit in the comments on the answers that the OP may not be aware of. It would be helpful if Ben would clarify the means of obtaining the keys.
Only the manufacturer of the software can know what key you have used and only if the software "calls home" for (re-)activation. Using a non-original key (for example, one provided by a key generator) will not give anyone back-door access to your computer/program.
How can you be so sure about that? Even in times before calling home, there were programs (I think I remember at least one case of a popular computer game) where the functionality of a cracked version (including known leaked keys for some future path version) would change the program's behavior (such as the game missing some necessary details to get past level 2). Weren't there windows versions that refused to install (security) updates when they thought the installation wasn't legitimate?
Whoah! Careful there! While using a key from a keygen isn't likely to give anyone back-door access to your computer, *downloading* and *executing* a keygen is quite a popular vector for attack.
@ChristopherCreutzig: In the cases you describe, the key isn't causing the problem. The problem is caused by a _known defect_ activated by a specific set of circumstances, by _the original developer_.
@WillihamTotland If I use the key, I have the problem. I think that falls under the phrasing of the question, “does that harm anything other than the company who made the piece of software?” At some level, yes, the bits in the key are not the instructions the processor executes, those have been programmed separately. I'm not sure how useful that distinction is in practice, though.
This still does not mean it's okay to use the keygens (obviously) since the keygens could be programmed to access your personal files WHILE giving you keys. Doesn't sound like a good trade-off to risk.