What Does WPA Report?
The software company Fully Licensed completely reverse-engineered the WPA process. Remembering the ignominy that befell dear Dimitry Sklyarov at Defcon last year, because of DMCA restrictions we cannot reprint the excellent analysis by Fully Licensed.
However, based on its findings, Fred Langa reported in Information Week that when you register XP software, the OS sends Microsoft a unique 50-digit hash of your machine.
In addition to the software license number, this fingerprint is derived from the following aspects of your system:
CPU serial number
CPU model number/type
Amount of RAM in the system
Graphics adapter hardware ID string
Hard-drive hardware ID string
SCSI host hardware ID string (if present)
Integrated development environment controller hardware ID string
MAC address of your network adapter
CD-ROM drive hardware identification string
Whether the system is a dockable unit (for example, a notebook)
Worse, even after the product has been fully registered, WPA "phones home" to Microsoft from time to time. Thus, if you have changed your system components, or if there are problems with the Microsoft central database, your system locks into a reduced-functionality mode. It is unclear what other investigation or action Microsoft takes against you after that.