about aaw
"An elite strike team - with a thermo nuclear weapon. Stranded. On a hostile and near desolate planet. Left for dead. What else could possibly go wrong?"
All Aspect Warfare is a new title from 3000AD. Read more >
latest posts
- Escape From LV-115
- v1.00.37 Released!
- developer blog #17
- v1.00.35 Released!
- developer blog #16
- developer blog #15
aaw polls
Loading ...blog: developer blog #14
Jul 13, 2009
Derek Smart
THE DRM MINEFIELD
Based on some emails and PMs that I have been getting regarding our decision (technical more than anything else really) to drop the use of Byteshield in our game, I’d like to discuss a few things about this whole DRM issue in gaming.
Before you read any further, please familiarize yourself with what DRM actually means.
There are various DRM schemes available for use in games. These range from basic disc checks (SafeDisc, SecuROM, Starforce etc) to online authentication (SecuROM, Starforce, ActiveMark, Impulse*, Tages, Steam etc)
*Yes, Stardock’s Impulse is a form of DRM. Anyone who says otherwise is either lying or has no clue what DRM actually means.
For our part, we are currently evaluating new versions of Tages, Game Shield, SecuROM etc in order to decide which DRM scheme to implement for the game’s upcoming commercial release. Later this month, we’re going to be looking at SteamWorks as well. We looked at Starforce ProActive5 again recently and discarded it for the same reasons we stopped using it several years ago.
Since we already have experience with SecuROM and have been using it for some of our previous games (UCCE, GCES) with NO incident or issues, we just decided to re-release the demo using SecuROM and disabled the disc and activation checks. In other words, you won’t even know its there. We advised Byteshield well in advance of this decision. Not to mention that the fact that it would be unfair to leave the Byteshield demo out in the wild and using server resources that nobody is paying for.
As things stand, we are still running our tests with various DRM schemes but have yet to decide which scheme we will use for the game’s actual release.
The reason for having DRM in demos and such is because hackers use demos, XB360 binaries, press copies etc as comparison to the final retail version. A talented hacker can then easily break the DRM from a released game using binary comparisons, search and replace hacks etc. Sure they’re going to break the DRM regardless, but why make it easy for them?
The cleverness of how the Byteshield enabled demo was cracked took me a bit by surprise I must admit. So I personally did the same thing on a different build using different (and more aggressive) settings. I was able to reproduce it. That influenced my final decision greatly. It wasn’t an easy decision, especially given that we’d been working on it for almost a year and helping them iron out various quirks and issues here and there.
Sure any DRM scheme can be broken, but why adopt a new scheme if it doesn’t improve on the curve? There is a reason why there are so many DRM products on the market. That reason is because each caters to a different audience. It is called competition.
Any talented and determined hacker can break a DRM scheme. But thats not saying much because at the end of the day it is up to the developer/publisher to do a good job of implementing the DRM while taking performance and other issues into consideration. e.g. SecuROM, Tages, Starforce etc all give you so much control over how to protect the code, its not even funny.
And we’re not talking about mere binary wrappers here – which all of them (and others like Armadillo, Game Shield etc) do support. Most – if not all of the high end protection schemes – can and will impact performance in certain games. e.g. while you can use source code implementation in something like Peggle, you can’t particularly use it on something like AAW or Crysis. Why? well think about it. If you have a 10% performance drop in Peggle, you won’t notice it. But you will notice it in a real-time and CPU intensive games.
When you do source code level DRM implementation – the most difficult to crack – using something like SecuROM, Tages, Starforce etc, you leave most of the protection work to the DRM scheme because it replaces those bits of your source code with their own. If you don’t do enough testing, you end up with a situation whereby the game is unacceptably slow, crashes due to some critical piece of code being protected etc. e.g. you can do code replacement on something like resource initialization – called only once at the start of a game – but not in something like the game’s mainloop which has to iterate though LOTS of processing EACH FRAME. So you can run your tests and five minutes into the game, no problem. Then twenty minutes in, you get hit with an fps drop from 30 to 24. Then you have to go find what is causing the drop. Then you move the code injection elsewhere. It is a VERY LONG AND ARDUOUS process and not something you can just slap together. Sure you can use the basic DRM protection in under thirty minutes and call it a day, but thats what Day One cracks and all manner of problems gamers have upon release are all about. If you don’t want your game cracked on Day One or you don’t want to deal with performance issues, crashes etc then you have to put A LOT of work into the DRM implementation by way of various tests.
Most developers tend to leave DRM wrapping to the very end of the game’s development cycle. Yes, really. Thats why you see all those reports of so many problems when that happens. Problems that they, in some cases, could have reproduced and fixed through stringent pre-release testing and QA. And when stuff like that happens, it is the DRM scheme – not the developers doing the implementation – that tends to be in the spotlight.
The key to DRM for developers/publishers is that the longer it takes for hackers to break the game, the more chances you have of actually making some additional money on the game. There is no such thing as a casual pirate anymore. At least not since everyone discovered the Internet and Google. So DRM implementation is not about preventing uncle Tom from making a copy of your game for your cousin Harry. Tom doesn’t need to crack your game in order to make that copy for Harry when he can just go online and get it from someone who already has done the job for him. Heck, Harry can probably do it all by himself. Casual piracy is no farther than a trip to a search engine.
DRM only works so far as to stiffle the cracking of a game and giving the game some fighting chance in the retail space in the first weeks of release. Most gamers tend to justify their THEFT by saying that they wanted to try the game first before buying it – so they pirated it. Bollocks. Theft is theft. I can’t go next door and “borrow” my neighbor’s Ferrari just because I wanted to see what it drives like.
Without DRM – of some kind – you might as well just invite piracy and is no different than leaving your car door unlocked while you go running around in the mall. If a determined and experienced car thief wants your car, they’re going to steal it. No locks, GPS or anything is going to prevent that. Does that mean that that you should leave your car unlocked? Same with games. Just because DRM schemes can be cracked does not mean that you shouldn’t at the very least implement some sort of DRM scheme in it.
RESTRICTED ACCESS. HARD HAT REQUIRED. SERIOUSLY
Yes, we have used SecuROM in the past – and those games are still being sold. Yes we will use it again if we had any reason to do so. So there, I’ve said it. Go ahead, send me email about how you disapprove, you’re not going to buy my game etc and see just how much crying I end up doing. Fact is, if you’re not going to buy my game because of some DRM scheme – even though you haven’t even run the game yet to see if it even impacts you at all – then you’re probably not my target demographic anyway. And so I lose what exactly?
Lets move on…
Removing SecuROM is not the responsibility of any individual developer/publisher. Thats like putting the onus on us to remove DirectX – or any similar driver component – from Windows OS.
Do you REALLY think that when you remove something like DirectX, .NET, audio drivers, video drivers etc or most of the code drivers in Windows OS that they are really gone? Seriously? In fact, all you have to do is search online to find so many “driver cleaners” that you’d just as well wonder what all the fuss is about regarding the removal of DRM drivers. Sure some are difficult to remove. And so what? How are they different from any other driver that is difficult to remove?
Fact is NOTHING IS EVER REMOVED COMPLETELY WITHOUT ADDITIONAL TOOLS. Why? Because of the Windows OS. It is a bloated piece of crap that gets bloated each and every day just by doing something as simple as going online (oh look! There is something now called Silverlight, yeah, lets install that then).
When you remove something from a Mac or Linux OS – using the OS acceptable standards, trust me, its gone. Not so with Windows. Its like that aunt you have who just hoards and collects stuff. Then one day she dies. And you’re left with all this mostly worthless stuff. You might as well just torch the house because it would be far less painful than filtering through all her accumulated stuff to see what you can toss out. Which is pretty much what most of us do every few years when we save our precious documents, images, emails, games etc scrub our Windows OS and re-install from scratch.
Why would you want to remove a driver, any driver? Well, compatibility for one. Piracy for the other.
Back in the early days there was much learning to be done by way of how DRM schemes handled their drivers, implementation etc. Heck, they ALL install some sort of driver, hidden file, hidden registry entries etc. Just that some of the earlier iterations (e.g. Starforce) just went too far and rather than erring on the side of caution, decided to throw caution to the wind, thus compromising the integrity of not only the games they were protecting, but also garnering the ire of gamers. This is why it is hard to find a developer/publisher in North America, using Starforce these days. It is still widely popular in places like Russia and elsewhere. I considered looking at it again recently because of our Russian publishers (Akella) who would prefer to use it because it is cheaper for them than the alternatives.
The only reason why anyone would want to remove any DRM driver is if
i) they no longer have any games that use it
ii) they are having compatibility issues with it
In our tests, we found no such compatibility issues with SecuROM. If the SecuROM driver* or DLL files are already installed when the game/demo is run, then they are used. If you un-install the game/demo, it doesn’t do anything with SecuROM because we have NO way of knowing if the files are needed by another game. Thats not our responsibility.
* To the best of my knowledge and from my own testing, the version of SecuROM that we use does not use or install any drivers whatsoever.
In the past few years, we’ve released two commercial games with SecuROM and you won’t find a SINGLE post online or on our website about issues with it. Why? Well because:
i) we don’t leave things like DRM for last, then do a rushed botch job of it
ii) we don’t go all Draconian on the gamer and restrict their right to play a game they licensed (NOTE: buying a game does not mean you own it btw – you are paying for a license to use it and still preserves your First Sale doctrine rights).
We as developers, ALL know how to remove every single DRM scheme we implement. We just don’t do it because we would end up breaking other games. If we removed the SecuROM drivers when we un-install our game, we could end up breaking other games that need those drivers.
So, compatibility issues aside, the only way anyone is going to justify removing DRM drivers, is if they no longer buy or play games. In which case, you might as well re-install your OS and give up gaming.
One of the many reasons why I liked Byteshield was because it didn’t rely on drivers in any way, shape or form. So when you removed the game, you essentially remove Byteshield. Same thing with schemes like Armadillo, Software Passport etc. All of which are so easy to crack that you might as well not implement any DRM.
Implementing more than one DRM scheme presents its own set of problems. If you don’t adopt a worldwide standard, then it is a pointless venture. e.g. why implement different schemes in different territories when they can all be cracked anyway? Thats just more work because each has to be implemented and tested. Then the end goal is to see which gets cracked first. If they e.g. crack the Starforce enabled Russian version, then they’re 90% of the way to cracking the SecuROM English version. So why bother with two DRM schemes?
YES VIRGINIA, IT CAN ONLY GO DOWNHILL FROM HERE
And let me just point out one bit of rumour mongering nonsense right now. The drivers in the versions of Tages, SecuROM (no drivers detected in our version) and Starforce ProActive5 that we have, are NOT Ring0 level drivers. No matter what you read online, I can tell you clearly – and without breaching NDA – that none of these use such a driver. If they use drivers, they are top level drivers (i.e. not nesting between other drivers) that are not much different (at least not by much in terms of the OS level integration) from your video or audio card drivers.
This whole DRM rumour mongering nonsense, is just that, nonsense. Conjured up by mere mortals. The same mortals who are fallible in every sense of the word. It is not my job to defend anyone’s product, let alone walk a minefield like DRM discussions, but the fact is that in most cases, most of those making the loudest noise are doing so just from sheer pack/mob mentality because it just feels good to be one of the “guys”. Or fear. Or due to being under the influence of a controlled substance (OK fine, cough medicine then?).
FACT: There are millions of gamers happily playing their DRM enabled games with nary a problem. Sure, there may have been problems in the past but that has nothing to do with the present. People having DRM related (what are those problems anyway?) problems are no different from those having problems installing or un-installing their audio/video card drivers. And in most cases, a trip online is all that it takes to solve the problem.
The reason that the DRM argument is so loud – and noisy – is because gamers, by their very nature, are a very loud and vocal bunch.
At the end of the day, DRM scheme aside, the onus is on developers/publishers to ensure that they have performed stringent tests on any DRM scheme that they implement and to ensure that such a scheme does not
i) treat gamers like criminals
ii) prevent gamers from enjoying a game they paid for
iii) present incompatibilities as a result of any such DRM implementation
This is why we don’t leave our DRM implementation to the last minute.
No piece of tech is perfect; so at the end of the day, it is all about what you are willing to accept and compromise. e.g. a company like EA can afford to do whatever they like and still come out on top. Think about this. Both the The Sims 3 and Spore are amongst the most pirated games in the entire history of gaming. And both used a DRM scheme – and even more relaxed in The Sims 3. Small devs cannot afford to lose a single sale of a product, let alone anything remotely close to a million units. So in short, we have to be more careful in what we do.
And even though we have experience with SecuROM, for the past three weeks we have been working closely with Sony’s engineers in ensuring that the standards that we have for our game and gamers are not compromised. At the end of the day, the scheme we go with for the game’s final release will depend on only two factors: money (what the scheme costs us per unit) and performance/reliability (the negligible performance impact on our game).
OF MICE AND MEN
In conclusion, instead of being a member of the pack, why not just go over to Reclaim Your Game and PYAITK? The more educated you become, the better off we as gamers and game developers are.
Until next time.
developer blog #15 » « developer blog #13
Sblade says:
Hi Derek. I just disagree with what you wrote here:
The video and sound card drivers HAVE Ring0. There is no Drivers in Ring3 in Windows. All the drivers inside system32\drivers\ HAS Ring0.
I have extensive documentation of Tages and Starforce using Ring0. Another thing is that the implementation you use HAS´NOT Ring0 processes, but that´s another story.
As for Securom, specially the network authentication. you know the reasons of why I´ll never approve it. Hope you choose another DRM vendor.
Blade
Posted on July 13, 2009 @ 10:39 am
Derek Smart says:
I stand by my statements. Wherever you got your information from about SecuROM or Tages using Ring0, they are wrong. The latest version of StarForce that I have, has no such Ring0 driver either.
Have they used such drivers in the past? Don’t know. Don’t care. Why? They don’t affect MY games – which is all my gamers and I really care about.
Besides, Ring0 usage is outdated technology that isn’t even worth arguing about. In fact, most developers (unless you are a kernel level developer who knows what he’s doing) don’t even know what Ring level drivers are.
Apart from that, the notion is irrelevant within the scope of things because it clearly does not matter how a driver is implemented and/or stored. The point is that it should not impact other programs nor cause incompatibility issues with other drivers and software installed on the OS; be it audio, video or DRM drivers – no exceptions.
Posted on July 13, 2009 @ 11:10 am
Rob says:
As a user (I’m a dev, not a game dev), I have 3 main requirements that must be met by the DRM used by anything I buy.
1) Does not require admin access to install or run
2) Does not require net access for single player or install
3) Does not limit based on running programs or installed hardware. I use Process Explorer as my standard task manager, it is almost always running, and I’ve had things not run because of it. There’s also too many games with “may not run on all DVD drives”. I’m not going to bother researching which ones, I’m just not going to buy it, I don’t care enough.
#1 prevents any shenanigans. MAC would work as well, but that’s not on Windows yet, I can’t grant specific permissions to the installer saying “writing Program Files and All Users is OK, but no services or drivers”. You’re right, a well written driver should not impact the system at all. What are those chances? There’s been several root level holes because of flaws. it also limits the OS. Why shouldn’t I be able to run on WINE? What about Windows 10? I have games that don’t work on XP because they use VXDs in their protection. Crack them and they work fine, fancy that.
With #2, I’ve seen plenty of companies come and go. I am not going to lose access to something because the company went away. I’ll take an indirect activation that I can archive however (e.g. code in an e-mail that’s not time limited)
Posted on July 14, 2009 @ 11:30 am
H.Rahn says:
I agree with you Derek (one some points) and also with Rob.
Most Securom/Tages protected games will not cause any hassle for the majority of users. But every single game using online authentication did run into some trouble as of late, be it Bioshock, Mass Effect or Anno 1404.
(the first two using Securom – which is made by Sony DADC, the company famous for the Audio-CD-copyprotection disaster, and Anno using Tages with online activation).
Mostly though, this was not the fault of the protection itself, but of the companies not anticipating the problems using such a kind of protection can cause. Activation tokens being blocked by firewalls (the user never saw that the activation was complete and used up all his tokens on one machine), installers for the Tages drivers not running because of limited user rights, and – worst of all – uninformed tech support which in the case of Bioshock referred everyone to the Securom support which promptly referred everyone back to Take2, and in case of Anno 1404/Ubisoft didn’t activate the phone support lines (which were not free, btw). So some people weren’t able to play the game they bought for up to five days.
Another problem with the activation method they chose was that you were able to activate the game on three different hardware configurations, and neither of them needed the cd in the drive to play afterwards. That way, sales of “activations” on Ebay skyrocketed.
This was also a problem because at that time, staffers were instructed to give out additional activations without much hassle, so basically some people bought the game and installed it at all their friends places.
A simple disc-based check would’ve been the better solution in this case.
In the minds of most people, online activations are only there to detriment from the re-sale value of the game. Since nobody buying it actually knows how many activations are left and through which hoops he has to jump to gain any additional ones, some refrain from buying these games – used or new – altogether.
A disc based Tages check can be very secure, too , and will cause less problems for most of the user base out there – if implemented correctly like you stated, Derek.
But please, bear the following points in mind:
1. a good copy protection should not need administrator rights at any point, neither duing installation, nor during actual usage of the protected game.
2. If a game just contains offline components, or if the online components are just a slight bonus and not integral to the game itself, it should not need any online activation. There are still a lot of players whose gaming PCs are not connected to the internet in any way.
3. If a game needs an online activation, it should work with the most popular virus checkers / firewalls ENABLED. Lowering the computer security, even for a short time, to get a game to work is inacceptable.
A good copy protection should give the user who paid for the product the same experience as the guy who pirated it. There will always be piracy, to what extend it actually hurts your sales (i.e. how many of the piratec copies = lost customers) is a debate that will never find a thorough conclusion, though I recommend 2DBoys thoughs on that matter.
The thing I want as a paying customer though is not to be treated as a criminal, not suffer from a worse product due to copy protection mechanisms (anyone remember the disc stuttering issue in Morrowind?), and being able to re-sell the product I paid for whenever and however I see fit.
A hint on that last part: Here in Germany, the laws are a bit different: EULAs are non-binding, if they cannot be fully read prior to opening the sealed package containing the software p.ex, and there is the legal term of the “surprising clause”. Half-Life 2 had to be taken from shelves and re-badged with a big, fat sticker saying that it required an internet connection for activation, because that was at that time an unusual thing for a pc game. Similar, if a game only consists of an offline portion but requires you to be online while playing, it could draw some legal flak (the case of C&C4 will be interesting).
Concerning the game itself, if you buy it, under local laws you own the packaging, the CD/DVD, the content on said CD/DVD (though other laws may govern what you may actually do with said content) and the right to use it however you see fit. There is no law p.ex. saying that you may not install a modchip in your console. Though the manufacturer may prevent you from using his online service with a modded console, he has “home rights” there, similar to the owner of a nightclub who – just for fun – can decide that only people with white shoes may enter.
Their turf – their law (and common rights, i.e. they may not hurt you etc…).
Your turf (your computer) – common law, and your rights. (you may edit the graphics etc. as you see fit for your own usage, but you may not distribute any files containing anything but content created solely by yourself p.ex.)
Ok, this has gotten longer than I wanted, but I hope I could dig up some interesting points here.
Posted on July 15, 2009 @ 8:58 am
Derek Smart says:
In the case of how a DRM is installed (e.g. with admin rights) it is up to the OS priviledges not the individual application. The primary reason for this of course is security, due to the low level at which such app/driverss are installed and thus require an elevated permissions level: admin rights.
The issue of online activation is problematic at best – and that was my #1 reason for using Byteshield in the first place. There are no limits and the quarantine (the period during which you can run the game multiple times without needing an Internet connection for authentication) settings were very flexible and completely un-noticed by the user. This meant that once you activated the game, you don’t require an Internet connection until you’ve run the game a consecutive (e.g. three) number of times within a short period. And once the game checks the authentication code again, that quarantine clock resets and you’re good to go. All this means that you can play your game for an extended period of time (e.g. on the plane, at the library etc) without needing an Internet connection.
The Byteshield online activation and how it actually does it, is by far the best solution for any DRM scheme on the market. Nothing else even comes close to their implementation in terms of ease of use and gamer friendliness. And your firewall won’t prevent the game from activating either – and if it does, you just give it permission and thats it. You don’t have to lower your machine’s security, disable A/V (which you should NOT have running while playing ANY game anyway!) during activation etc.
But as I stated, due to other technical issues (which I can’t talk about), we had to put Byteshield on the backburner – at least for now. Like all the other DRM schemes when they first went to battle, it – being a new solution – has a series of teething problems to overcome. It being cracked is not really such a big deal since all DRM schemes can be cracked at some point or another. The big deal is that with the relative ease of the crack, it IMO totally loses whatever edge it has over other [seasoned and battle tested] DRM schemes that are widely used.
There will never be a good gamer acceptable DRM scheme ever. So the best that we – as gamers – can hope for is that whatever is implemented in a game, doesn’t ruin and/or compromise our game experience nor treat us as criminals.
Posted on July 15, 2009 @ 9:25 am
evlncrn8 says:
Please Sblade, lets not have me correcting you again for mis-information…
windows has 2 rings.. those being 0 (kernel mode) and 3 (user mode)
drivers are marked as ‘native’ in the pe header and run in ring 0,
i don’t care what you say.. drivers are ring 0.. end of subject..
Starforce DOES use drivers, same for Tages, try running protection id on a tages or starforce game, as well as scanning your windows\system32 folder… you’ll see them…
starforce uses its drivers for anti debug, as well as for cd/dvd checks, tages uses theirs for more or less the same purposes.. securom doesn’t have a driver currently, and hasn’t had one for quite a considerable amount of time..protectdisc (another lesser used protection, mostly used in germany) also uses drivers.. heck, even safedisc has secdrv.sys
you had ‘extensive documentation’ previously, which i corrected you publically about, please show your documentation (and lets not hide behind an nda… one which you probably don’t have to begin with) and then i’ll show you my documentation, along with technical proofs and facts (which can be proven and backed up with evidence which is reproducable)… just like err, the one i made on some other drm you gave top awards to (despite the fact it having many issues, which came to light after my findings..).. also ring 0 driver.. not ring 0 processes…
i thought maybe you’d learned from the last time, and from the private messages we had, but with this public post, i see that me trying to educate you has been in vain, so perhaps i’ll just release my documentation, and findings about that particular drm and then have you explain how it got 5 stars?
all in all derek has a right to protect his intellectual property, be it with tages, starforce, or securom (though probably not starforce), i would honestly NOT recommend him to use what he has used in the past, infact, if derek wants to contact me, he can probably see my email here.. whilst i may not buy the game (not exactly my cup of tea derek, no offence..) i can totally see the point of derek switching and him using drm (which is, lets face it a necessity in these days), in all probability it will be cracked, regardless of what drm he uses, but it should last to give him a decent crack free window.. one which i assure you he would not have gotten with what he used previously.
Posted on July 15, 2009 @ 11:20 am
Derek Smart says:
Given the debate, maybe now would be a good time to mention that Sblade is one of the admins over at Reclaim your Game
Anyway, EVLNCRN8 pretty much confirms what we [developers who use DRM] already know: this noise about Ring0 this and Ring0 that, is just noise and bears no relevance to anything.
Fact is, drivers are drivers. Be it DRM, audio, video, camera or whatever. The issue is that DRM or not, one driver should not impact the performance or operation of another driver. Being able to remove a driver is one thing, being able to remove a problematic driver is clearly another.
And as with all drivers, some are more difficult to remove than others. Which is why there are specialist tools (which nobody should have to resort to) out there that remove not only drivers, but errant DLLs, registry entries. locked files etc. People making noise about the removal of DRM drivers are just making noise and it has no basis in the “DRM or no-DRM” argument.
Posted on July 15, 2009 @ 11:37 am
evlncrn8 says:
yep, i know who sblade is..
and im actually glad to see someone who also knows the truths about drm.. for me, i personally don’t see a need for drivers.. a good cracker knows ring 0, and ring 0 in a driver, does stop the ‘casual’ cracker, it doesn’t stop a good one.. as can be seen clearly from a lot of cracked stuff out there, for me, i personally don’t like drivers running on my system, when there is no clear ‘need’ for them (video, audio etc.. clearly have a purpose), and a lot of people are ‘against’ drivers for copy protection (evident from some claims against some publishers in the usa about a certain protection.. please forgive me being vague, but mentioning exact details will detract from the points made here).. any popular software is cracked eventually, be it windows, a game, a utility etc.. the more popular it is, the faster the crack appears, this is seen time and time again, be it dongle protected, online activation, disk check, some other scheme etc.. and yep, removal can often be a pain, infact on one of my machines (i develop stuff too, so many machines is a necessity) i have a driver from a particular protection, that when i stop the driver (to remove it), i get an instant bsod… annoying to say the least, one day, as/when i’ll find time i’ll remove it, but if i was an end user, it would probably mean having to reinstall windows.. which is a boring, mundane task, and then i have to install all my other stuff again…
good luck with the release derek, regardless of what drm you go for… and again, nice to see someone who knows a bit about the system..
Posted on July 15, 2009 @ 11:49 am
Sblade says:
Excuse me, Evilcrn8. What did I wrote in my previous comment that is incorrect? I say the same you say in other words. You say that all drivers are Ring0, and I say there´s no Windows driver in Ring3. Its actually the same meaning, because there´s no Ring1 and 2 in Windows either.
Posted on July 15, 2009 @ 3:00 pm
H.Rahn says:
Hi Derek,
sounds like Byteshield could become a reasonable alternative, but I still stand by my point, that a game that is meant to be played purely offline (or doesn’t have any more internet features than downloading additional content or uploading scores/replays, i.e. no online play) should not need an internet connection/activation to play (look at the upcoming C&C4 on how to do it totally wrong).
You could still need an authentication as soon as you’d connect to the net to download stuff or update the software, that would be reasonable.
On the AV thing, I have to strongly disagree with you though: You should forbid your scanner to start a scheduled scan when a game is running, correct. But you should never ever shut it down while gaming! Gamers tend to alt-tab out of the game to look for hints on websites, and more often than not the advertising banners on some of these sites are infected with malware. This was one of the ways password stealing trojans for online games like Everquest or WoW spread out. If you shut down your AV software, you are inviting trouble today.
For sheer giggles, I recommend you do the following: Install a fresh XP, no service packs, no AV, no firewall, onto a naked computer, then connect it directly via DSL-modem (no router) to the internet. I bet that within 5 minutes of it just being connected (not actually actively using any piece of software) the first malware will have found its way onto the machine. (took 3minutes21seconds the last time I tried this, always a nice shock in computer classes)
If you look around how many people never ever apply security updates and/or never even use any protection software whatsoever, recommending to lower your guard would be the last thing I’d ever do. Especially since most AV programs nowadays are very efficient (the current Norton being a prime example, consuming less than 20mb of memory when idling and eating up next to no resources at all – completely unlike the Norton behemoth of old).
The biggest problem are false positives, mostly caused by heuristical checks and typical .exe packers, like upx.
I still think that giving the buyer tangible goodies will be the best thing to raise interest in the retail version of a game. I long fo the high-quality instruction books of old which actually taught you how to play the game (a prime example was the manual for Formula One Grand Prix 2, great photos, very high (overall glossy print) quality, and a very interesting read even just taken as a standalone item, you could learn more about formula 1 from it than from any tv coverage).
Also, gimmicks, addons, that’s a plus (the “feelies” from the Infocom adventures, the cloth maps from the Ultima series, even little things like the model of your ship on top of the box from Cyberrace), and these gimmicks could again also serve you in copy protection terms. We all know the old “dials” and “first word on page x, paragraph y” copy protection methods – defeated by a photocopier.
How about something more elaborate? Dice with special combinations on them, holograms containing information important to the game etc…
Take some of the game stuff out into the real world again.
As you stated, downloading an unlicensed copy is not a very big problem anymore. If you only distribute your game by digital download, you might have a hard time explaining to a customer why he should pay for the download when another site offers him the same “experience” for free.
Same goes for the boxed content in shops, these slim dvd cases with no handbook in them at all (just a fancy cover and the pressed disc) are not much better than anyone Joe Average could produce with any current printer, a sheet of glossy paper and a printable DVD-R.
Real boxes, with real, tangible content. Weighty manuals, maybe including stories from the world you wish to take the user to (like in all the Elite – Games, they all came with short novels describing life in the universe), that’s a plus. Nice maps in sizes Joe Average cannot print at home. Maybe offering to send badges for achievements in the game (i.e. upload your certified and unmodified savegame, and if you’re among the first 10.000, you get a patch describing your achievement – Activision did something similar in the VCS2600 era)…
you see where I’m going.
A real gamer wants to be able to show off his collection of games. Not to log in and say “look at my steam list”.
Posted on July 16, 2009 @ 2:13 am
Derek Smart says:
Unfortunately, keeping down the costs of goods and time to market is what has caused boxed copies of old to go the way of the Dodo. I should know, since I have over 10K+ games in my library (yes, including every single Infocom game).
If retail weren’t such a big deal, digital distribution would have taken off by now. But the fact is that as games hit the mass market, the push has been toward simple games that you don’t even need to open a manual to play – ever. I remember the days of Janes, Falcon etc. Even today, really good flight sims don’t come with detailed manuals anymore. And when they do, it is a flimsy one, with the full version being in a PDF file.
Once console games really hit the mainstream in terms of digital distribution, we’re going to see a major decline in store sales in much the same way the music and movie industry sales have declined steadily over the years. Trust me, if EA could release their entire catalog online, they would. GameStop makes a significant portion of its revenue selling used console (not PC) games. That too will come to an end as games move to pure digital distribution and games move to an SAS (Software as A Service) model and it becomes nigh impossible to come about tangible goods, let alone be able to sell them. Thats what MMOs were starting to do, hence the reason that everyone and their Red headed stepchild wanted to hop on the bandwagon. Most failed miserably and are long gone. Others are failing steadily.
In saying that however, look at the upcoming All Points Bulletin game. Thats online persistent with 100 players per server. Not a traditional MMO by any standard but for all intent and purposes is designed like one. Heck, quite a few standard games (like ours for instance) support up to 64 players per server. Thats not very far from 100 and eventually I see this sort of model being the norm for PC games in general. That would pretty much end the DRM debate right there since your game is tied to an account.
Other models include the rapidly growing F2P (Free 2 Play) model in which the game client is released for free and you get to pay for premium content via micro-transactions.
The gaming landscape is changing in leaps and bounds; eventually this whole DRM noise – at least for games – will be a thing of the past and something we talk about to our grand kids in much the same way we talk to them today about massive game manuals, cloth maps in game boxes, code wheels etc.
Posted on July 16, 2009 @ 9:12 am
Ivan Bernatek says:
I would like to add a comment based purely on a customer´s perspective. I have been PC gamer for 15 years but problems caused by the DRM, experienced in last two, years were unbearable. I had multiple problems with starforce DRM refusing to recognize LEGALY bought disc, thus making it useless (no emulation software was present in my PC at the time). Lately I had problems with Securom malware secretely packed with Dark Messiah of Might and Magic and Brothers in arms, hell higway. Both games installed correctly and the Securom drivers were installed, my DVD Rom was unable to recognize those discs. Other discs were fine, just these two were invisible for it. Well I even tried crack to check, if DRM truly was a problem and yeah, it was. With cracked exe files, both games were running ok. An again, no emulation software was present, no copy programes etc.
Because those games were not working so I tried to get refund. That led to a horrific two months experience. After that, I am really carefull what I invest my games into and I choose mostly games with little or no DRM .
The same applies to online activated games (own five of them, all of them had some problems with activation).
And I don´t see a reason why should I have problems when running my game. It´s same case as with the car example. When the car is broken you demand repairs. Because developers don´t give a.. you know what when dealing with games broken because of DRM, I took liberty of not buiyng them. You developers need my money, I don´t need your games. Remember that or please, don ´t wonder, why people are not buying your restrictive DRM infected games.
Posted on July 19, 2009 @ 3:51 pm
Indigo Static says:
[...] this rant about piracy and DRM was a very peculiar experience. The guy says some things I can agree with, [...]
Posted on July 19, 2009 @ 4:55 pm
yutt says:
Ah, so you just delete posts that disagree with you. Got it.
Posted on July 19, 2009 @ 5:25 pm
Derek Smart says:
Ivan, your comment is part of the reason that I wrote this blog to begin with.
Fact is that there are lots of games on the market that use SecuROM and lots of users not have any problems with it. While some others do have problems with it.
Same thing with the Windows OS and any software you can name. Does that make them all bad just because a control group has problems? No.
Unless you are a pirate, if you don’t like DRM in games, vote with your money and stop buying games that have them.
But don’t buy DRM enabled games, then complain about how the DRM scheme broke this that or the other. You might as well complain to Microsoft for their inherently problematic OS.
A LOT of games use one DRM scheme or another. We as developers aren’t crazy to the extent that we just want to make more work for ourselves or piss off our customers. DRM – as I’ve always said – is the necessary evil. Just like death and taxes.
Also, don’t go out and “crack” your game – thus breaching the DMCA just because you made a choice to buy a game with a DRM scheme that caused problems.
Once again, comparing the DRM implementation in one game to that of another game is patently foolish because by its very nature, all software programs are created 100% differently. So just because one DRM scheme caused problems with one game, doesn’t hold true for another game.
I speak from experience. We have two games that use SecuROM DRM. One was released in 2007 (with both DVD-ROM and online SecuROM authentication) and other in 2008. You won’t find a single post online, on our support forum or support KB in which anyone complained about it. Why? Read my blog and you’ll see why.
Its called stringent testing. As a small 100% independent software company we can’t afford the hits of a bad customer experience from DRM, nor endless post-release support nightmares. So we test and test and then test some more. If there is that one remote problem – as there always is – we rush to fix it. We are well known in the industry for the support of our games. Twenty years and fourteen games later, none of that has changed.
That same stringent testing is part of the basis for this blog when I made the decision to end support for Byteshield – something we’ve been working with and testing for the better part of a year. Rather than have to deal with the ongoing issues that some people were having with it, we decided to drop it. Apart from the fact that it too – like everything else – was cracked in a relatively short amount of time, wasn’t a big deal. Except that once that happened, it lost the edge and in that case a Day One crack of our game was assured seeing as they cracked our Byteshield enabled game demo. So we just went back to the Status Quo for the short term. Just like is says in the blog.
Anyway, this is not about Byteshield. The point is that we do stringent testing and this whole Byteshield issue was only even mentioned in this blog because I wanted to let everyone know that we were now using SecuROM in the demo so that there are no surprises – given how most gamers feel about SecuROM and the misconceptions therein. And as I said in a previous post and in the past, it [Byteshield] is the best gamer friendly DRM there is atm – and I stand by that statement.
As games get sophisticated, I expect DRM software to also mature and become even more sophisticated. But until then, being gamers – as with death and taxes, we just have to live with it and make the best of a less than stellar situation.
Posted on July 19, 2009 @ 5:59 pm
Derek Smart says:
@ Yutt
My God man, why yes of course we delete – and/or flag as spam – comments that are outside the scope of the blog discussion.
This is not your living room so your opinions don’t count for much around here. If you want to vent, do it somewhere else. If you construct a civil post, you will see it appear. Just like the ones you see before you. Even the ones critical of the blog.
This may come as a complete and utter shock to you, but there is a reason why these blogs have a comment system and why we have the ability to enable moderation. It is for people like you who have this opinion that the Net is a lawless badland and everyone is open season for crap and wanton abuse. You must have just fallen off a bus to think that sort of behavior flies anywhere near a Derek Smart forum, blog or website. Have you NOT been paying attention?
Posted on July 19, 2009 @ 6:04 pm
Alex says:
My main gripe with SecuROM, whether the implementation forces a disk check or not, is that it throws a hissy fit if you have Process Explorer running. I’m not some nefarious pirate, mounting virtual drives and unplugging the physical ones. Why should it care about a Microsoft-made Task Manager replacement?
Posted on July 20, 2009 @ 12:00 am
John Smith says:
At what point do you realize treating customers like thieves is a bad idea and at least include some nice disclaimers saying “hey guys I can’t help but think DRM will make me more money, and I’m sorry it has turned out so badly for most of you so far.”
At least then I wouldn’t want to search up what games you work on to blacklist them from my shopping list!
Anyways, most pirates I know are teens, and they pirate 360 games which are drm free… pc gamers I know are an older crowd, the crowd I know buy everything on steam, and i have no issues with it at all.
Posted on July 20, 2009 @ 1:03 am
John Smith says:
meant to say i have no issues with the steam drm implementation…
Posted on July 20, 2009 @ 1:04 am
John Smith says:
how long did it take for pirates to crack the two games you dropped securom into? Before i got into steam distribution, I’d *always* crack my store bought games to get rid of the cd checks which are dark-ages tech nowadays (my notebook doesnt even have a dvd drive).
Posted on July 20, 2009 @ 1:08 am
Ivan Bernatek says:
Thanks for your article and reply. And very good ones . They it made me to think about this problem from another perspective.
The problem with my experience is, that I had no chance of knowing that I will have problems with securom or starforce prior to buying those games. You mentioned it in your post too. Yes, I could search internet but in the tame I was pretty unaware what DRM is (although I had smaller problems before). After this I begun my own personal research and after experience with online activation I decided not to buy DRM crippled games (sorry for those strong words, it can´t be described in other words). But i don´t see why a customer should even do so, in short why is he bothered and forced to do so if he wants buy a product. Maybe there are only few of us but even few is too many.
I am not pirate, I will never be, so mym oney will vote to me.
Problem is that osmetimes old DRM cuase problems with new drivers, mechanics etc. What solution is there? Especially when developers/distributors are history? I own some games form Origin and thx for dosbox I can play them even now. And I do. Same goes Fleet Command. And I have some old games that are problematic because of DRM. When using crack to play these games (I already bouhgt and own) am I a pirate? When there is no more tech suppport (running system shock 2 is a good example) does it makes me a pirate? This is too a reason, why i don´t like (and hate internet activation) DRM. It often prohibits me from playing my game in future.
Posted on July 20, 2009 @ 4:49 am
DRJ says:
Shamus at Twenty Sided best summed up a legitimate rational against DRM (and to sum up, I’m in the “against on-line activation and invasive installations” crowd):
http://www.shamusyoung.com/twentysidedtale/?p=1680
*snip*
Posted on July 20, 2009 @ 6:39 am
DRJ says:
And in a similar note to my last post, that is why I object to your phrase:
“So, compatibility issues aside, the only way anyone is going to justify removing DRM drivers, is if they no longer buy or play games. In which case, you might as well re-install your OS and give up gaming.”
That statement could ring true, if everyone used the same DRM and it was always going to be around. But you yourself discuss switching DRM providers. Companies go in and out of business all the time, different companies use different types of DRM, or even different versions of the same DRM. So can you tell me with a straight face that if I bought a game with Starforce 3.0 on it 5 years ago, I really ought to have it still installed on my system today?
I’m not trying to start a flame war, but I think there are a lot of well thought out, reasonable objections to DRM by individuals who intend to purchase every game legitimately. I do get frustrated when people who object to certain DRM practices are immediately labelled as pirates and thieves. I don’t object to all DRM, but certain forms of it (and the lack of disclosure on the restrictions imposed by DRM) I see personally as unacceptable.
Posted on July 20, 2009 @ 8:19 am
Derek Smart says:
@ John
Since there aren’t any cracks for either game online, I have no idea.
@ Ivan
Absolutely. Which is why most online sites and some retail publishers, now also indicate which DRM – if any – the game uses.
Basically, the time it takes to go looking for a crack online, could be spent researching what DRM the game has – and subsequently avoiding it if you want to.
Indeed. The problem is that the DMCA is pretty shady about whether or not you are legally allowed to crack the DRM of a game you own. You can actually make backup copies for personal use though – and they are clear about that.
At the end of the day, cracking a game you own is due to whether or not you can get away with it. Its like the difference between wearing a seatbelt and not. You get caught, you pay.
@ DRJ
Very eloquent and well thought out post in that link; with lots of very good and valid points.
Yeah, I’m a life-long gamer and a game developer. As such, this fence that I’m perched on isn’t that much more comfortable that shoving my head in a blender and pushing the on button.
Anyway, in my case, we have ALWAYS stripped the DRM from our games and released them for free when their shelf life expires. Why? Because I know EXACTLY what you and Ivan are saying about not being able to later play your games. Look at this one downloads chart on FilePlanet and you’ll see that no less than three of our games are on it.
Posted on July 20, 2009 @ 10:39 am
DRJ says:
Just for emphasis, the first post I made was almost entirely copied verbatim from the link I posted. The words were not mine, I just happen to agree whole-heartedly with them.
Posted on July 20, 2009 @ 10:55 am
Derek Smart says:
Yah, after reading the link I gathered that. So i’ve just trimmed it out since the link contains the entire content already.
Posted on July 20, 2009 @ 11:11 am
John Smith says:
Just wanted to add, that I had no knowledge of your games and company prior to finding this blog conversation, but since you’ve been so willing to discuss the issues you can consider me sold on your future games.
Posted on July 20, 2009 @ 1:55 pm
Jack Schmitt says:
DRM is invasive and abusive. Have any of you ever put a DVD in only to be forced to watch the “Previews”? That is DRM in action for you. Was the DRM intended to provide that type of functionality? Yes, was that advertised? No.
DRM is simply a mechanism to control your machine at some level with or without your consent if a condition is or is not met. The conditions for DRM are simple in the cases of some older copy protections. A check that sees if you have a valid factory produced Disk. The new ones require that you submit either a key to a central server or even simple identifying information.
Once those companies expire, and they will, you will no longer be able to play your “PAID-FOR” game without resorting to hacking it. I still play games from decades ago where many software companies are long gone, along with any ability to receive support for such games.
It won’t be funny when you can’t play a game that has become timeless for you if DRM or some funky glitch in the protection mechanisms prevents your game from working.
And remember… every time you drop a dime on a company’s product that includes DRM, you just paid them to treat you like a criminal before you have even enjoyed the product! DRM will only cost the producers and comsumers money that would be better spend elsewhere!
I do not disagree with at least some reasonable level of copy-protection. But it should never rise to the occasion of requiring “Activation” or any form of a check in, much less offering code that can potentially debilitate a machine at any level.
Slowly, DRM will be used to assert as much control as possible over your machine while giving the illusion that you still control it.
Besides… one universal truth has pervaded humankind since recorded history. Destroying something is far easier than building it. Cracks will be near instantly available for any game that has any reasonable amount of popularity.
DRM is quickly becoming the same as guns laws. Only the law abiding citizens will be prevented from owning one, while all the criminals still run around with their “goodies”.
Posted on July 20, 2009 @ 2:08 pm
Derek Smart says:
@ Jack
A lot of people – including myself – will disgree with you there. Just because you want to protect your IP with DRM, doesn’t mean that you are treating paying customers like criminals. It is when said scheme becomes invasive to the point of causing the customer hassle, that one would quite possibly make that argument. But even so, the argument still won’t hold any credence given the fact that all software can and will have problems here and there – not just DRM.
By your missive, you’re saying that Microsoft adding DRM to the OS (by way of online activation) is treating the _entire_ world like criminals. That, of course, is not the case. If you feel that way, then as I’ve said – as have others – don’t buy any product that uses DRM. I hear Linux is nice this time of year.
Posted on July 20, 2009 @ 2:15 pm
Lance says:
Interesting article. As a gamer I can still understand fully how and why DRM is used for protection of intellectual property. The only unfortunate thing developers for the PC market are more and more in competition with the console users, and so are us PC gamers. On an Xbox, Wii, PS3, etc two, three and even four players can play a game at the same time. Game cost $40-$60. I buy a PC game for $50, and in order for two players to play, the cost is now $100. I fully understand the complexity of PC games, vs. console, but I cannot justify paying a $100 for two people in my house to play. With so many home networks being the common norm, one would think PC game developers would at least allow a client/host installation where the licenced computer can host a game and allow one at least one more player on the network to connect.
I can safely bet piracy would drop tremendously if a game buyer had an option of at least having one friend to play a game against them without making their friend shell out $50. Especially if the AI in the game gets too boring, or sucks in the first place.
I liken it all to buying a chess game and discovering there are only the white pieces in it. Your neighbor then has to go buy the black set in order to play too.
DRM may be intended for piracy prevention, but I think the real selling point to use DRM is more copies being sold to the home LAN users.
Posted on July 20, 2009 @ 5:15 pm
TickledBlue says:
Just a few of points to add to the debate (or restate). First, software piracy is copyright infringement not THEFT. Software piracy has more in common with photocopying a book than it does with stealing a Ferrari, regardless of what any developer or publisher would have you believe. Software piracy does not deprive the original owner of the item from using it as theft does.
Second, I don’t care what DRM you use, you could bury the game in 20 layers of different flavours of DRM goodness and I wouldn’t care a whit, if, and this is a big if, you let me know before I buy the game. This is the same problem I have with EULA’s, you don’t get to see it till you’ve opened the box and have started the installation process, the product is now much harder to return to the retailer.
Now I know some sites like Gamersgate list the DRM used, but if it says Tages, as a user what the hell does that mean to me? If I go into a store and buy a boxed copy of a game that is DRM protected, how do I know? Am I expected to do the research online? Am I expected to know ahead of time that there is a 1% change that the DRM wont like my system and possibly bork other pieces of software? Derek you mentioned voting with my dollar. I do that, but if I’m not informed how am I expected to vote correctly? I say clearly label the box or the on site description not only with the copy protections name but what that mean or at least where I can go to find out more information.
Lastly, don’t use DRM as a method of price fixing (like region codes for DVD’s) or to restrict usage in a specific region (my favourite was when Sacred 2 locked Australian gamers who purchased the boxed game to the European servers while all my mates who bought the steam version were locked to the US servers so we couldn’t play the game with the whole group – this was not explained anywhere I could easily see on the box or on the Steam listing).
I whole heartedly approve of developers protecting their product and their income, particularly if all the middle men (publishers) can be taken out of the equation. Just as long as I get the game at around the same time, for a comparable price as the rest of the world and I can play the game with my friends regardless of where they are and where they bought it. Now I realise that there are country specific legislation that often prevent or delay releases of games (such as Australia’s backward refusal to classify mature games for ages 18+ so they effectively become illegal), I’m not happy about it but I take that up with my government. But if you limit distribution on a site such as steam or gamersgate in order to overcharge to what the market will bear (a common practice with a lot of places that do some rather creative conversions of US dollars to the Euro in order to charge European customers more) or take advantage of region specific conditions (eg: region locked game DVD’s for PAL format TV’s – common box prices for console games in Australia are close if not over $100 which would equate to an $80 price in the US ) then it you that are playing the role of thief.
I think you’re right, most legit users don’t care about DRM. What they care about is being able to get a good game that will entertain them without crashing or harming their system at a price that doesn’t make them feel like they’ve been ripped off. Its when you take away their ability to know that ahead of time that they feel hard done by. This whole DRM debate wouldn’t be the issue it is today if it wasn’t so horribly mishandled by the developers and publishers, which basically boils down to greed and stupidity… but then these two things have been the driving force behind the majority of human history… why should I expect them to change now?
Posted on July 21, 2009 @ 9:37 am
Derek Smart says:
There is a book on protecting games that I just came across and which those of you who are interested in the subject should probably check out. The author also refrences this blog.
Posted on July 21, 2009 @ 7:20 pm