Microsoft this week filed another lawsuit in federal court accusing unidentified individuals with stealing its software by illegally activating more than 1,000 copies of Windows 7, Vista and 8, and Office 2010 and 2013.
The suit, filed with a Seattle court on Wednesday, was the latest in a string of cases opened by the Redmond, Wash. company in an effort to quash piracy.
"Microsoft's cyberforensics have identified over one thousand product activations originating from IP address 18.104.22.168 ('the IP Address'), which is presently assigned to Earthlink Inc., and which, on information and belief, is being used by the Defendants in furtherance of the unlawful conduct alleged herein," Microsoft's lawyers wrote in the complaint.
Like many other software vendors, Microsoft uses a product key -- in its case, a 25-character alphanumeric string -- to lock a license to a device. Keys are a core component of Microsoft's anti-piracy technology.
The product keys used to activate the bootleg Windows and Office had been stolen from the company's supply chain, used more times than legal or were activated outside their intended geographic region, Microsoft claimed.
"On information and belief, Defendants have been and continue to be involved in installing counterfeit and infringing copies of Microsoft's software and/or related components," the company charged.
Microsoft has not identified the culprits, but simply tagged them as "John Doe" 1 through 10.
This week's lawsuit was similar to many others, including one filed in March asking permission to subpoena Comcast to name the subscriber at an IP address Microsoft said was the origin of thousands of product activation requests.
In a related filing, Microsoft noted that the June 1 lawsuit was linked to 10 other cases it had filed since November 2014, all alleging that pirates were or had illegally activated the company's software. Now at 11, the case list will be handled by a single judge.
Microsoft discovered the large number of activations through what it described as "cyberforensics," which the latest complaint defined as "investigative methods that leverage state-of-the-art technology to detect software piracy."
But it's almost certain that Microsoft wasn't forced to deploy some unusual technology to sniff out the alleged pirates in this, or any of the other, cases.
"As part of its cyberforensic methods, Microsoft analyzes activation data voluntarily provided by users when they activate Microsoft software, including the IP address from which a given product is activated," the lawsuit stated.
In other words, Microsoft tallies the number of activations traced to each IP address, much like a web server log can be mined for the IP addresses that request pages.
Most likely, Microsoft has a trigger point at which it deems the number of over-the-web activation requests as potential piracy.
Microsoft said as much in the complaint. "Cyberforensics allows Microsoft to analyze billions of activations of Microsoft software and identify activation patterns and characteristics that make it more likely than not that the IP address associated with the activations is an address through which pirated software is being activated," the company stated.
The alleged thieves who used the same IP address to activate more than a 1,000 copies of Windows and Office were no smarter than a bank robber who uses the same get-away car to hold up a dozen banks.
Microsoft asked the federal judge to enjoin the defendants from continuing their piracy, and for restitution of all ill-gotten gains.