Slashdot Mirror
TransGaming Tagging Downloads to Combat Piracy
SeanTobin writes "It seems that TransGaming is implementing a new watermarking system to combat piracy. For now it seems that every tgz of Cedega 4.0.1 is individually tagged, and this has been frustrating Gentoo users who (like many others) like to be sure their archives are unmodified. Is this the future of software downloads? Is this tiny loss of personal privacy worth the increase in TransGaming's security?" Update: 08/16 17:42 GMT by S : There's an official response on the TransGaming forums indicating: "We can confirm that Cedega 4.0.1 included some basic watermarking... The objective behind the watermarking was to deal with some peer-to-peer piracy issues that we've been seeing over the past several months... We have suspended the watermarking feature for now and Gentoo users no longer need to be concerned with work-arounds."
This is a real pain because it actually breaks the gentoo ebuilds!
unzip two copies, find any differences, produce a third copy with random garbage in place of whatever the watermark is.
Come on people, is it really THIS important to protect stuff?
...
Why not focus on a service-based business model, like the MMORPG setup?
One-off profits are nowhere near as lucrative as service contracts, after all.
Pshaw, software fingerprinting protection is just silly
Comment removed based on user account deletion
How would one verify that an archive is correct, or packaged from a reliable source, if the md5sum differs?
In my opinion, the cons outweight the pros for doing so.
Sunset over the lake, cool mist over the bridge; A leave upon the ripples, the snow reflects its glow.
Don't buy it.
Microsoft did this with Windows XP beta to see what beta testers were "leaking" the information. Somebody figured it out though and testers were in an uproar shortly thereafter. Frankly, if you buy (or rent) electronic hardware from a store, the serial number is recorded on the receipt to avoid a switcheroo... this is simply an extension of that in my opinion. Not a good thing for people who misuse their licenses... but nothing major for people who follow the rules.
Another point I'd like to make. Lets say that transgaming's servers get rooted and their archives infected with some arbitrarily nasty virus. How can I trust that the file I'm getting is not infected? I'll even go one step further... How can I be sure that this has not already happened?
You can't be sure.
For now, take the
that's what i'd try to do. rpm's be damned. heh
They DO have an open cvs-server. Kindof make you think that they are not so scared about people downloading their app?
My $5x10^-2
Look at nearly every product with 'activation' or a 'cd-key' and it's been cracked. All these 'protections' do is make it easier for pirates to pirate and harder for legit users to get to work.
Your hair look like poop, Bob! - Wanker.
I was recently getting back into gaming and considering becoming a Transgaming subscriber again. Maybe I would have chosen not to anyway, but I'm certainly not after this. Not because it's really worse than anything any other proprietary software company would do, but because it reminds me of why I prefer free (libre) software over proprietary software.
I remember when Transgaming was going to open source everything they wrote, if only they got enough subscribers. Well that pipe dream fell through. I'll stick to free software. There's no going back on such a promise with free software.
Honestly, thats probably the most non-intrusive copy protection there could be. The problem is why did they include it without telling anyone? These people paid for it, so don't they deserve an explanation? And even more odd is that, since their "protection" scheme is now known, whats to stop, say, a pirate from altering the archive and putting it on P2P?
But from reading the article, I don't get the impression that this is an anti-piracy effort either. Consider that the RPMs and DEBs are unaffected. Could be anti-piracy, but it could also be just a download counting system or maybe per-user customization.
Certainly, it seems clear that they're not actively tracking you and that they're not going to be able to tell if you happen to install it on your desktop and laptop. The only way you're going to get in trouble (if that is indeed their goal) is if your unaltered tgz starts appearing en masse on the p2p networks.
If Linux is going to go bigtime on the desktop, you are just going to have to put up with this kind of stuff. Hell, I would bet that distributors put even more protection on commercial Linux apps/games since (pardon my generalization) Linux users are used to software being free (as in beer). Prepare for it to get worse in the coming years.
If you don't download it, you don't have any "loss" of privacy.
People throw around the idea of the loss of privacy as though they are being compelled to download whatever it is.
..but I feel their pain.
I've discussed this option before, and it's difficult to do without developing an entirely new online distribution format, however it is (in the end) an infinite uphill battle when it comes to copyprotecting non-multiplayer games. Signing a download will simply thward willy-nilly copiers. Any warez producer worth their salt will breeze by this one by either producing their own archives by simply ferreting out the watermark.
I'm not familiar with cedega, but I'm sure it's no different from any other title. If it ain't an MMO, you can't attain near-zero piracy - period.
Maybe someday, when bandwidth is free, we can write games that you simply "connect" to. It'll connect to your kb/mouse/controllers, and you'll get a video feed back, or some commands for your 3D renderer. No updates, no piracy, no privacy.
Why can't all fpga/microcontroller manufacturers just release free optimizing compilers???
Obviously they're concerned about the amount of piracy.
For the money that they charge, you'd think that people who actually choose to use their product could bring themselves to pay for it.
I know there are a lot of people who take the 'boycott WineX' approach because they think WineX harms gaming on Linux in the long run. This post obviously has nothing to do with them, as they choose not to run it.
For those of us who choose to run it, I really can't see what the problem with paying for it is. I've paid on 3 separate occassions. On each occasion I'd paid because another game I wanted to play was now supported, and I've been satisfied each time.
So how about the leeches among us start supporting the rare breed of company that shows any interest in Linux on the desktop?
If a person knows enough to be using Linux AND this application, chances are they can easily get around the watermark, so what's the point in it?
;)
I don't understand when companies go off on this tangent and act as if what they're doing will combat piracy. Piracy will always exist. No matter what you do, you can't get rid of it.
Yeah, it's wrong, but people will do it. Just be thankful EVERYONE isn't doing it. Bottom line: it will not bring back your "lost" sales, and people will have a workaround in a matter of hours.
There's also a reason why Microsoft more or less turns a blind eye to it - the more people who pirate a particular piece of software just means it's on that many more computers. MS would rather you have a pirated copy of Windows XP than to flat out run Linux simply because it gives them more of a place in the market.
No one likes to think on the flipside of things, so go on and mod this as troll
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
And I was going to the trouble of getting out my magic marker and drawing on the download!
The dangers of knowledge trigger emotional distress in human beings.
I honestly do not understand why they would want to do this. To protect against software piracy? Who would do such a thing? Surely the general population has enough respect for software developers that they would refrain from pirating software without copy protection schemes.
</sarcasm>
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
... any action that makes things more difficult / inconvenient / annoying / etc. for legitimate users of a piece of software (or anything else - like an audio CD) is an action that should not be taken.
When I am using software that I am a legitimate owner of, the last thing I want to do is jump through a million hoops just to prove I'm legit. For example, I'll be the first to admit that when I BUY a PC game, the first thing I do is go looking for a "no CD crack" to download. Why? Because I own the game and don't WANT to be forced to swap CDs all the time, just to constantly prove that I paid for the damn thing. I shouldn't have to. Honestly, it's insulting.
AFAIK, every form of copy/piracy protection that has ever existed has been cracked, and typically in a relatively short amount of time. The ones doing the pirating don't care - they have come to expect it, and finding out how to crack the software will be widely preferred to forking over the cash anyway. The crackers/warez distributors don't care either - indeed, quite the opposite, as many crackers will love the chance to be the first to crack a new protection scheme. The only ones who care are the legitimate users, because they're the ones who usually suffer.
Think of it this way: they spend weeks implementing and thinking out an activation scheme only to have it completely and utterly CRACKED within hours of the product being leaked/released.
The fact is, it doesn't affect piracy one bit, but now users gotta deal with additional BS. For example, piece together a new PC and put your copy of XP on it. Now, after activation fails, try to convince Microsoft that you destroyed or got rid of the old computer!
It's not the fact that activation makes it easier, it's that the second a company boasts of having software that's uncrackable, it makes headlines and is often one of the first things to be cracked. In addition, the crack is often spread around so much to the point where it's hard NOT to find it.
All because they decided to announce to the world that their new copy-protection/activation scheme is the shit.
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
People who steal should be punished.
Agreed. Unfortunately you seem to have bought the line that copyright violation is somehow equivalent to theft.
It isn't. It never has been. But if enough people like you refuse to exercise their brains concerning the matter and keep insisting that the two are one and the same, then some day they will be - at least legally. And then we're all fucked, since from that point on we won't even have the right to back up the product that we PAID FOR.
We'll be just what the software companies want us to be: licensees. We'll never own anything we purchase from them, and if they can get away with that sort of fucked-up bullshit, what's to stop other companies from doing the same thing with their products? I suppose you'd be happy RENTING everything in your house for the rest of your life, unable to do anything with it that isn't specified in the EULA that comes with those items?
If so, whoredom is just a short step away for you and everyone else like you.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Um. I'm not sure if your comment is off-topic, or if you simply don't understand what TG is doing.
They're "watermarking" stuff to to be able to essentially track legit users. IE, they will give support to people with legit watermarked tarballs. IE, service. Warezed copies will not receive services, thus not costing the company any direct money. You didn't honestly think the company was stupid enough to think they could 'prevent' piracy, did you? No, there will always be morally corrupt people such as yourself out there that have no compunction about not paying for what they get.
Hopefully this makes sense to you.
Oh, and one more thing - TG's software is making niche software. They are not making popular software. Your own argument is self-defeating.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
The fact is, it doesn't affect piracy one bit, but now users gotta deal with additional BS. For example, piece together a new PC and put your copy of XP on it. Now, after activation fails, try to convince Microsoft that you destroyed or got rid of the old computer!
I have actually done this, and there is no problem at all. Ive changed my PC 5 times since I bought the XP license that requires activation, and only on the latest switch did the online activation fail. I rang a 0845 number (UK) and got hold of a very nice girl in a call center. All she asked me was if this installation was a unique install IE I hadnt installed it on other PCs. When I said yes, she reset my activations and gave me the option of activating through her or redoing the online activation, which I chose and was carried out without a problem.
Yes, anti piracy schemes get cracked, but cars also get broken into, you wouldnt see Ford selling cars without a doorlock. They are there to slow down the casual pirates, not the hardcore people.
As far as I know:
Most games have some sort of copy protection in them, making simple WINEing of the executable not work (tries doing magical windows assembly voodoo or some such).
What TransGaming have done is to take WINE (legally under a permissive licence) and continue to develop it for games, in addtion to licencing these copy protection schemes from the people who make them. They are under a contract to not reveal these copy protection schemes, and hence don't. Everything else is avaliable for download from their CVS repository.
^^The world as I understand it.
In the words of Robin Williams: "Whoa there, Sparky!"
That's something of a blanket statement, isn't it? It could be argued that if you have access to "warez", you're certainly not going to be inclined to move to a FREE operating system on the basis of saving money on software, are you? Kind of a reverse logic thing you've got going on there...
And if we're looking at copyright violation/property theft, doesn't most of the piracy of movies and music happen amongst the the teenagers to 25 year old age groups? These are hardly going to be free software users.
It was not by far the only reason but one reason I made the move to Linux was because I was sick and tired of paying for generally low quality commercial software and actually felt better about NOT having to pirate a commercial application I didn't want to pay for in the first place.
Gentoo Linux - another day, another USE flag.
You don't have to use Cedega - if you're that keen on gaming, you probably have a Windows license kicking about somewhere anyway so just install that for gaming purposes as a dual boot.
Doom 3 is about the first game I've noticed that doesn't run on Windows 98 (at least according to the box) but apart from that, 98 is fine for the occasional gaming session - just do I like I do and do all your important stuff in Linux.
Gentoo Linux - another day, another USE flag.
X11 / MIT yes.
Cedega itself is Aladin license. But it is no-so free:
Within hours after posting the ITP (Intent to Package) on the Debian
bug database and on the debian-devel mailing list, a mail from Trans-
Gaming's CEO/CTE Gavriel State was received, which indicates
1. "We noticed that you intend to package our AFPLed WineX package
for release in debian (presumably non-free). We would really prefer
that this not happen, for a number of reasons."
2. " We would prefer not to have to change our license to explicitly
prevent the distribution of binary packages, but if we have to we
will do so."
Reading through the post, it is surprising that, after at least 10 downloads, he (she?) never suspected that the MD5 utility being used has either become corrupt, or has been cracked, causing it to not produce correct hash output.
After the third or fouth failure, you should start considering more unlikely causes - corrupt MD5 utility, OS bugs, memory errors, etc. Any one of those could have cause the problems being described.
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
No.
And make that "perceived security".
And remember kids: Never trust a computer you can actually lift.
I love transgaming, and was encouraging everyone I heard was using CVS to buy a subscription... but not anymore. I won't buy stuff from a company that would do something like this... well, the fact they did it isn't so bad, the fact they hid it is.
Jay | http://oldos.org
but cars also get broken into, you wouldnt see Ford selling cars without a doorlock
The difference is a car owner WANTS the lock to be there. I am glad to take an extra 2 seconds to get my keys out of my pocket if it helps prevent the stuff in my car from being jacked.
I don't benefit in any way from software activation or CD keys. It is nothing but a hassle when you buy the software. It's easier in many cases to install the cracked version.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
Those who want to use Cedega, but not pay the licensing fee, can just use the CVS tree download from the transgaming website, that comes free and no subscription required. All that is missing is the point2play system and their installer. What is to stop people packaging up the CVS version and distributing that instead?
IMHO the fact that they provide a CVS version negates the requirement to go and pirate it anyway.
Nick...
Electronic Music Made Using Linux http://soundcloud.com/polyp
Apparently it is watermarking...I downloaded two copies:
.tgzs of the same data would be different?
$tar xvzf cedega1.tgz
$ls
cedega1.tgz cedega2.tgz usr
$mv usr usr1
$tar xvzf cedgea2.tgz
$mv usr usr2
$ls
cedega1.tgz cedega2.tgz usr1 usr2
$diff -r usr1 usr2
$
'Nuff said. Its just a watermark, not in the actual files. If you do a:
$diff -rs usr1 usr2
it'll report that every file is identical, just to verify.
Then, make an unwatermarked version:
$mv usr1 usr
$tar czf cedega_clean.tgz usr
Sadly, if you compress the *exact* same folder twice with tar czf it will not md5sum the same (try it!). I can't say I know why. So basically, this helps with piracy but not with the verification problem. =( Don't know how to fix the ebuild problem. Anyone that knows more about why the md5sums for two
You can download and build the CVS version yourself: cvs instructions.
As they seem to devolve, I just want to hold up my hands and give a nice golf clap to the folks that seem to do everything in their power to shove a stick up the ass of linux gaming. Thanks Guys!
Now that they don't give anything back for eon's, and tag their crap with the gayness of primate DRM, they can sit back and know that they've made life just a little bit better for.... nobody.
Hi all,
0 9# 4009
I've posted an official response here:
http://transgaming.org/forum/viewtopic.php?p=40
Take care,
-Gav
--
Gavriel State, Co-CEO & CTO
TransGaming Technologies Inc.
gav@transgaming.com