And let me add this thought:
I was trying to give my contribution in order to bring some "good things" regarding this new HDO but as things turned out, AlphaRne did a pretty fast and effective job.
The sloppiness of this security/licensing implementation makes me worry: once again, how can we be sure that the rest of the code doesn't have problems of such caliber? In my mind, what I saw here doesn't bring me any comfort in the coding.
Let's consider that it was management deciding that it was necessary to put the thing out the door in a rush... But, nonetheless, the code /features were all in there so it could have been rushed out properly - in the end they could insert the same key for everyone but it would have been done correctly.
Using some bytes of a key from an, already used/tested, ECC implementation in a AES-ECB algo shows that the guy had no clue of what he was doing. And that there is no control over this.
What I saw in the MSO and RSA was well done. Of course, it was bypassed by a patch. It's even bypassed by a keygen but that's for another day... The brand that thinks it's protected can throw the first rock.