PC Game Piracy Examined Page 9 Copy Protection & DRM (Pt.2)StarForceThe first protection system to truly fall afoul of user anger is StarForce. Developed around ten years ago by a Russian company called Protection Technology, it was in common use in a, and still is in the Russian version of several recent games such as STALKER: Clear Sky. Complaints about potential StarForce-related issues had been brewing for years, much the same as virtually any other protection system.
However something happened in 2005 to change the way in which StarForce would be viewed forever: StarForce became extremely difficult to crack due to the methods that Version 3.0 of StarForce started employing. As we've already discussed, these methods meant that the StarForce-protected UbiSoft title Splinter Cell: Chaos Theory released in March 2005 remained uncracked for over a year. As if by coincidence, towards the end of 2005 with StarForce 3 still uncracked a determined public hate campaign suddenly sprang up, lobbying UbiSoft in particular to permanently remove StarForce.Interestingly enough, there's very little in the way of actual evidence that StarForce does anything harmful.
The tries to clumsily summarize the case against StarForce, the most damning indictment apparently being that it installs a 'hidden device driver'. This is supposed to prove the sinister nature of StarForce, however it neglects to mention that commonly-installed third party tools like also install such device drivers ( Speedfan.sys) without the user's explicit consent or knowledge. In fact the Speedfan device driver is known to have. However as some people will quickly point out, StarForce's drivers have, but as StarForce themselves a large range of other software also installs drivers at Ring 0.
StarForce has made the reason for requiring Ring 0 access quite clear, it's a necessity in providing protection against emulation software used to run pirated games:The matter is that all of known emulators install ring 0 drivers. Obviously, the only way to prevent emulation is to work on the same level and that is the reason our copy protection installs drivers.Other evidence against StarForce includes a few unverified stories which state that StarForce slowed down their systems, caused crashes, or even damaged their optical drives; the Boycott StarForce site shows a picture of a shattered CD for example to emphasize this last point, despite there never being evidence that it does this. To cap off this wave of negative publicity, in 2006 a was launched against UbiSoft, based on the allegations above. What is not so publicized is the outcome of the lawsuit; two years on it appears the case was dropped.
UbiSoft insiders reveal that when the plaintiff in the StarForce case brought the example of his system being infected and ruined by StarForce, UbiSoft's first submission was a 12,000 end-user survey which it had carried out showing none of the sampled users had any such issues.There's no question that StarForce, much like other protection methods, does introduce extra variables into the equation which can cause problems on some systems. Just as graphics drivers or other system drivers can cause crashes, I have no doubt some system issues were due to StarForce. In particular there were two perfectly valid and verified claims against the StarForce drivers at the time: that they weren't uninstalled when certain StarForce protected games were uninstalled from the system; and that they didn't offer 64-bit support or Vista support. Of course back in 2005-06, 64-bit usage was incredibly low, and Vista wasn't around, however this issue was never resolved for games using StarForce older than version 3.05.
As for uninstallation of StarForce, this was rectified in most newer games, and StarForce eventually issued a on their site to further address this problem.In most other cases though, the stories of StarForce-related issues when examined closely are wildly speculative. The problem is that as soon as people experienced any BSODs, crashes or hardware failures - something which happens on any system for a multitude of reasons - upon visiting a support forum for example they were instantly told by uninformed forumgoers that all their problems were due to StarForce. This is particularly true of the Ubisoft forums at the time, when anti-StarForce sentiment had reached fever pitch. Most PC users have very little technical knowledge and readily accepted such explanations, indeed they often moved on to other forums and quickly spread the same advice to others, namely that any software or hardware problems are being caused by StarForce. The spreading of false advice is unfortunately extremely common in the PC world, overnight a single piece of false advice can spread like wildfire to hundreds of websites and forums. I've seen this sort of thing many, many times while researching different game issues for my guides over the years.Shamefully, I have to confess that at the time, I too believed all the StarForce stories a little too easily.
I never experienced, nor directly saw on any PC under my control, or in my role as a guide-writer or forum troubleshooter, any evidence that StarForce causes serious problems. However trusting that so many people couldn't all be wrong, I used to write warnings in my guides that StarForce was harmful and should be avoided. It was only recently upon taking the time to sit down and research this topic properly, that I've considered the evidence of the causality between StarForce's ability to actually prevent piracy and the sudden ramping up of the hate campaign against StarForce. Again, this is not to say StarForce doesn't cause any problems, simply that most of the wild accusations being thrown around about it were almost certainly untrue.To make matters worse, StarForce didn't handle the hate campaign very well. For obvious reasons they can't exactly lay open the secrets of their protection methods as it would completely destroy their business which is based on maintaining secrecy against the pirates. They tried explaining things to users, they even tried running a asking people to prove that StarForce damages optical drives, but unsurprisingly no-one inside or outside Russia took them up on the offer, nor posted concrete evidence on the Internet, probably because no actual evidence existed beyond the anecdotal kind. Out of desperation they turned to some ill-advised actions, such as, and to a pirated version of a non-StarForce protected game to prove it was being pirated.By 2006 it was too late.
With no real evidence whatsoever, but under the weight of public opinion, UbiSoft decided to smooth things over with their customers by dropping StarForce from their games. In Western countries now StarForce's name is synonymous with 'mud' - only Russian versions of games carry StarForce protection. This is a testament to the power of conjecture and hearsay on the Internet. Ultimately however all this hysteria was utterly pointless, because UbiSoft simply moved from StarForce to using SecuROM protection, and for a while user complaints died down. Until SecuROM started presenting more robust barriers to being cracked, at which point the misinformation campaign has been fired up once again, and a lawsuit against SecuROM's use in Spore has been launched on much the same flimsy basis as that against StarForce - as we examine below.SecuROMThe SecuROM protection system has been in use in various forms for many years, stretching back to games like Diablo II, Alien vs. Predator 2 and Unreal Tournament 2004 all the way up to recent titles such as BioShock, Crysis Warhead and Command & Conquer: Red Alert 3.
Just like StarForce, as the latest Version 7 of SecuROM has started becoming much more effective in preventing day-zero piracy, primarily through new online activation measures, it too has fallen under a mountain of uninformed criticism and deliberate scaremongering. That's not to say it doesn't have legitimate problems. Let's start by looking at the verified problems with SecuROM:. It may not detect your original game disc in the drive. This can occur on virtually any configuration and reinserting the disc or rebooting usually resolves the problem.
It won't work if it detects active emulation or virtual drive software such as Daemon Tools or Alcohol 120, because these are typically used to bypass copy protection. Disabling such software usually fixes the issue, but in some cases uninstallation is required. It conflicts with some background software aside from emulators, the best-known being a conflict with SysInternal's Process Explorer software.
This is easily fixed by simply ensuring Process Explorer isn't running in the background when the game is launched. It is known to conflict with certain brands of optical drives.
The reasons for this are not mentioned on the SecuROM site, but it's a hardware-level incompatibility. There are workarounds such as noted in, and this issue is discussed further in the Conclusion section.Although annoying, and certainly not something users should be happy about, these issues are not particularly sinister and in general are easily rectified. In my many years of experience in both using SecuROM-protected games, and reading feedback on SecuROM, the above list covers the vast majority of the legitimate problems which some people have with SecuROM. Recently however, SecuROM incorporated an online Product Activation method which is used in offline-only single-player games like BioShock, Mass Effect, Crysis Warhead and GTA IV. As discussed earlier, this is a key tool in combating 'day-zero' piracy. The precise protection method varies by game, but essentially it connects to a special server to verify ownership of the game after installation and during updates.
In some cases, it also determines how many concurrent installations of the game are allowed. This addition to SecuROM has caused the greatest controversy of all, because it's seen as pure DRM rather than just copy protection.To address concerns over the installation limit, as detailed and, more recent SecuROM implementations in games like Far Cry 2 and GTA IV now automatically revoke an activation when a game is uninstalled while online, but should you have any problems, you can use a manual revoke tool instead. Thus the limitation of installing a game on 3 or 5 machines at any one time is not entirely unreasonable when given appropriate revoke tools to manage those installations and ensure they're not wasted.
This step isn't enough for some people though. They argue that they own a game and should therefore have the right to do whatever the hell they want with it.
This is an unrealistic demand in the current environment of rampant piracy and is also technically incorrect. The End User License Agreement (EULA) which all gamers agree to before installing their game specifically states that the user is only licensed to use a copy of the game under certain terms and conditions, and does not ever own that game.
This has always been the case, so in theory customer rights are unaltered. In practice, while it does seem overly restrictive, unfortunately the entire system of Product Activation becomes useless as a protection method if people are given unlimited installs with no check.However if you ask a person who is anti-SecuROM what the real problem with it is, the above issues fade into insignificance when they tell you that 'SecuROM is spyware and a rootkit!' Aside from the fact that the people who so often quote this line usually have no idea of what genuine spyware or rootkits actually are or how they work, what they're alluding to are two separate things: Ring 0 access and hidden Registry entries. This is also the basis for the recent against Electronic Arts in their use of SecuROM.I've already touched on the issue of Ring 0 access in the StarForce discussion further above. For one thing, it hasn't even been proven that SecuROM has Ring 0 access, however even if it turns out that it does, a wide range of third party programs will install device drivers as a normal part of their behavior, some of which have Ring 0 access.
In fact some of them even have known security vulnerabilities, as we saw with SpeedFan. A search of the trusted security advisory site doesn't show any past or present listed security vulnerabilities in SecuROM, while other third party drivers, even older versions of protection methods such as SafeDisc have had such vulnerabilities in the past, though they are usually patched quickly. However rather than getting into a confusing technical debate about this issue here, let me instead point you to on the official Daemon Tools forums, conducted between one of the parties involved in the Spore class action lawsuit (username sblade), one of the developers of Daemon Tools (username LocutusofBorg), and a knowledgeable person with verified experience in the field (username evlncrn8). I direct your attention in particular to in which he (evilncrn8) counters the vague, deliberately misleading and unverifiable claims against SecuROM.
As he states, after conducting extensive research and debugging of SecuROM on his own, he can't find any evidence that SecuROM does anything malicious, nor that it does any of the things that the other anti-SecuROM so-called experts claim it does:It appears you guys didn't really do your research properly and are spreading misinformation, no other ulterior or secret motive. I know the protections, pretty much all of them, I've debugged them, I've cracked them in the past. And nothing you've posted so far matches up.The developer of Daemon Tools backs him up:With all respect, please stick to FACTS that you can write down and show everyone before make such claims - at least here at our forum. It's total different if you dislike Securom or loveit OR to write informations that are not based on facts. What concerns evlncrn8, rest assured that this guy knows what he wrote, even if you dislike it.This is the heart of the issue: people with no real knowledge of SecuROM are deliberately and systematically creating and then perpetuating absolutely unverifiable, often patently false claims against such protection systems, more to debase and undermine the protection system's credibility in the eyes of the public than anything else.
Even a quick check of Wikipedia's shows that the entire article is flagged with the heading: 'The neutrality of this article is disputed' and 'This article may contain original research or unverified claims.' Facts are taking a back seat to hysteria and a clear agenda to demonize SecuROM. In terms of the hidden Registry entries which SecuROM creates and may not uninstall, there hasn't been any evidence that there's anything devious involved.
Sony explain this themselves in this:As part of the SecuROM DRM system, certain license information is stored within this '!CAUTION! NEVER DELETE OR CHANGE ANY KEY' registry key, contained in HKEYCURRENTUSERSoftwareSecuROM and/or HKEYLOCALMACHINESoftwareSecuROM. The reason for naming this key in this way is to prevent users from inadvertently deleting keys/values stored beneath that key, which would prevent SecuROM from working properly. Newer SecuROM versions store the license information in a registry key named “License information”, similarly contained in HKEYCURRENTUSERSoftwareSecuROM and/or HKEYLOCALMACHINESoftwareSecuROM.In any case these Registry entries don't consume any resources or spy on your system. They're hidden because aside from preventing accidental deletion, they're used by SecuROM to track their protected game licenses. Since some anti-malware programs such as RootkitRevealer mistakenly flag them as suspicious, they've come to be seen as a sign that SecuROM is a rootkit or spyware.
As it stands, there's never been any genuine evidence presented anywhere to show that SecuROM is a rootkit or spyware, or does any harm to performance or system stability; only conjecture and not surprisingly, a lot of misinformation deliberately created by crackers and perpetuated by piracy-related websites. SecuROM does have confirmed issues, I've posted them further above.
However there is no evidence that SecuROM is conducting any harmful or mischievous activity on your system.Here's the best part though: although there's never been any real indication that StarForce or SecuROM are rootkits or malware of any kind, the same can't be said for the most popular tools used to bypass copy protection: Alcohol and Daemon Tools. When Mark Russinovich, noted techie and author of various SysInternals tools such as Process Explorer and AutoRuns, at these popular emulation utilities, he concluded that:There’s no proof that Alcohol and Daemon Tools use rootkits to evade DRM, but the evidence is compelling. If they do their usage is clearly unethical and even potentially runs afoul of the US Digital Millennium Copyright Act (DMCA).
In any case, there’s no reason for these products, or any product as I’ve stated previously, to employ rootkit techniques.So if the same standard of evidence and logic that StarForce and SecuROM have received is applied to Alcohol and Daemon Tools, we see that these tools are indeed rootkits, and hence supposedly lay a system open to malware attacks. Furthermore, if users are genuinely concerned about introducing malware into their system which can compromise security and stability, then you'd think they'd avoid downloading pirated material. It's well known that one of the most common ways in which people pick up malware is through file sharing, because torrents in particular are saturated with fake files deliberately designed to infect a system with trojans, viruses, spyware and yes, even genuine rootkits. Not surprisingly however, no campaign to boycott torrents, or Alcohol, or Daemon Tools will ever gain any momentum, despite the potentially greater threat they represent to the security of users than SecuROM or StarForce ever will.As it stands, I want to repeat the fact that both StarForce and SecuROM, not to mention SafeDisc, Tages and a range of other protection methods all have various legitimate, verified problems and glitches. Purely from a consumer's point of view, they are without a doubt an unnecessary imposition and an annoyance. I certainly don't like any of them myself.
However I hope I've explained why they are a necessary evil in the current climate of rampant piracy, and demonstrated that not only do they actually work, especially in preventing day-zero piracy, but more importantly, what you may read or hear about these systems is more often than not complete and utter nonsense.SteamSteam is a combination of a digital software distribution platform and a DRM technology developed by Valve Corporation. It was developed in 2002, but picked up pace in 2003 and its usage became commonplace from late 2004 onwards with the release of Half Life 2 which incorporated Steam for updates. But before we get ahead of ourselves, let's go back to the early days of Steam and consider how it was received by consumers.
Back in 2003, negative attitudes towards Steam such as the ones in and were rife, with comments such as:I used to be all optimistic about it, but now Steam seems the stupidest thing to disgrace my harddrive next to spyware and viruses. If it didn't have the Valve logo in the corner, I would swear it was made by Microsoft.
Screw you Steam! I'm off to play Wolf: ET.Jumping ahead to 2004 and people were still sharing 'horror stories' with regards to Steam, such as in, with some people even considering boycotting HL2 because of it: 'The fact that you can't play HL2 without it might very well be the reason why I might not buy HL2.' In fact an online petition was started entitled and reached almost 30,000 signatures, with comments such as 'This delivery system is evil.
Valve is evil for using it.' And 'Steam is the worst program ive ever used.' By 2005, Steam was still being hated by some, as witnessed in:Personally I HATE steam. I love HL2 I can't get enough of Counter Strike: Source but all in all steam causes nothign but frustration. I hate how it starts up on startup.
I hate how it failes to connect to server ar adds all the extra hastle into connection. It is to much extra baggage and very much of a pain.Even to this day, as recent comments in this show, there are still people who resent Steam. However for the most part, the vast majority of people have now apparently come to, making it a massive commercial success for Valve.How did Steam go from being a hated intrusion to a loved platform? Steam is undeniably a form of DRM - it manages your rights to accessing the digital content which you've purchased.
You must verify ownership of all Steam-purchased games online before you can play them, in other words every Steam game comes with product activation. You must download all applicable game update via Steam, as well as Steam client updates, on a regular basis. Furthermore the Steam client runs in the background when accessing Steam games and related features, adding to either Windows startup time or game launch times depending on how it's configured. There are a range of verified problems which Steam can induce on a system, whether it be in accessing Steam games, slow or non-completing downloads, even crashes. Finally, Valve's allows it to collect a range of information from Steam users without their knowledge and without offering any opt-out options.So essentially, Steam has all the elements which would make it a prime candidate for users to complain endlessly about unnecessary resource usage, potential performance problems, being spied upon without their knowledge, unwanted restrictions on access to their games, rootkits, and so forth. Yet why did Steam go on to be so incredibly successful despite the initial years of user anger, while StarForce and now SecuROM have had a massive hate campaign waged against them? I contend that it's due in large part to the substantial fan base for Valve's CounterStrike and Half Life games who have unquestioningly supported Valve in virtually every move it makes.
I'm not suggesting that Steam is a bad piece of software, and of course Valve has also implemented various improvements to Steam over the years. However at its core Steam is still DRM and still imposes various restrictions very similar to something like SecuROM. And while SecuROM has its drawbacks, so too does Steam.