Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Problems With Game Copy Protection

Posted by ryuzaki0 on from the where-to-begin dept.

Next Generation has a piece looking at the sometimes overly enthusiastic copy protection schemes used in PC games. From the article: "In the late '80s and early '90s, the games industry could do little more than ask nicely that you not pirate their wares. These days, however, copy-protection software is ubiquitous, and any PC game bought at retail is going to have it embedded on the game disc(s) in one form or another. I'm okay with that in theory, but some of these anti-piracy software programs are so potent that they cause issues for legitimate game buyers. One of the leading brands, StarForce, is notorious for not only making it difficult for a small percentage of legitimate users to load up StarForce-protected games, but also for leaving potentially problem-causing StarForce software behind on your PC, even after you've deleted the game it was protecting."

4 of 439 comments (clear)

  1. Uber-List of Protections by TubeSteak · · Score: 5, Informative

    Here's a pretty damn complete list of protections

    http://www.cdmediaworld.com/hardware/cdrom/cd_prot ections.shtml

    It includes how to detect the protection, how to back 'em up and usually a bit about how each one works

    I remember that many years ago, I based my cd-burner purchasing decision on it's ability to rip/burn copy protected discs.

    --
    [Fuck Beta]
    o0t!
  2. Re:The problem.... by wolrahnaes · · Score: 5, Informative

    From what I understand, Starforce actually converts the executable, or parts of it, to a bytecode format which is encrypted and only usable with Starforce installed and functional. The developer can choose how much or how little to protect, generally leaving the high performance areas unprotected and a few well chosen pieces heavily protected. This effectively means that one needs to reverse engineer the Starforce bytecode or acquire the source for the executable.

    This is also why a popular method for defeating SF in the past was to use the demo binaries with the full version data, which has now led to demos being infected with this crap.

    --
    I used to get high on life, but I developed a tolerance. Now I need something stronger.
  3. DRM Victim by GutSh0t · · Score: 5, Informative

    I recently purchased Battlefield 2 from EA. After a Lengthy install, the game refused to run stating I had CDRom emulators on my system (I didn't). I verified in my device manager that there was a single CDRom and it was the physical one in the machine. I opened a support ticket with EA and got many canned answers that had nothing to do with my problems. When I finally got the attention of a tech there that had some insight, I was basically told I'm screwed. They didn't know why and weren't willing to refund my money. Compusa was also inwilling to provide a refund as the box had been opened. So I'm stuck with a $50 game I cannot run legitmately. I did however finally get it to run using pirate mechanisms.

    Once again, this shows their copy protection only hurts those that buy the game.

    --
    I started with nothing and have most of it left.
  4. Re:The problem.... by Anonymous Coward · · Score: 5, Informative

    This one's quite a bit more devious though than a silly little shareware game. There's many layers to it. When you first run the game executable, it checks to see if you have the starforce drivers installed. If not, it installs them and you have to reboot before the game will work.

    Once the drivers are loaded, the game will start up and make numerous calls though them which includes a load of debug-hostile code (standard anti-debug checks plus things like using the single-step and breakpoint interrupts as part of their own code). They manually load portions of the ntdll code into memory and call those functions via their own routines rather than making standard system calls. Pretty much the entire cd-check process is not written in x86 assembly. It's a CPU emulator with a virtual CPU of their own design. Reads the pseudo-code and their interpreter translates it instruction by instruction. So you have to figure out their opcodes and any associated decryption that takes place inside their virtual machine. Once you pass all this, the game itself might have entire functions removed and replaced with their virtual machine code as well. These would have to be figured out and replaced with x86 instructions so that the code is not dependent on their VM to run.

    In some cases, they also encrypt a number of the game resource files (audio, textures, etc) into one large file instead, then redirect game calls for these files into it like an ISO image. This is the starforce file system (in newer versions, the first four bytes of these files is "SFFS"). You'll have to decrypt and extract all of these files as well.

    Plus there's all sorts of other nasty tricks to make performing the above steps even more difficult..

    Despite all of this, games with this protection HAVE been cracked completely... It just takes a lot of time and dedication by people with the right knowledge and inclination to do so.

    If it were as simple as you think, this protection would have been tossed aside long ago, like so many others.