Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Awful Anti-Pirate System That Will Probably Work

Posted by Soulskill on from the an-opposing-arrrrrgument dept.

spidweb writes "Much virtual ink has been spilled over Ubisoft's new, harsh DRM system for Assassin's Creed 2. You must have a constant internet connection, and, if your connection breaks, the game exits. While this has angered many (and justifiably so), most writers on the topic have made an error. They think that this system, like all DRM systems in the past, will be easily broken. This article explains why, as dreadful as the system is, it does have a chance of holding hackers off long enough for the game to make its money. As such it is, if nothing else, a fascinating experiment. From the article: 'Assassin's Creed 2 is different in a key way. Remember, all of its code for saving and loading games (a significant feature, I'm sure you would agree) is tied into logging into a distant server and sending data back and forth. This vital and complex bit of code has been written from the ground up to require having the saved games live on a machine far away, with said machine being programmed to accept, save, and return the game data. This is a far more difficult problem for a hacker to circumvent.'"

18 of 1,027 comments (clear)

  1. Sweet spot by ScrewMaster · · Score: 5, Insightful

    It's all about finding the sweet spot. DRM is invariably going to piss of a certain number of paying users but if you piss off too many you lose revenue, or worse yet, if your product gets a rep for being unreliable ... you're throwing away potential customers. DRM is a risky game to play, and if you're gonna do it you better make damn sure it works.

    --
    The higher the technology, the sharper that two-edged sword.
    1. Re:Sweet spot by Pluvius · · Score: 5, Insightful

      Considering that DRM never works yet always pisses off some consumers, wouldn't the sweet spot then be no DRM?

      Rob

    2. Re:Sweet spot by TheRaven64 · · Score: 5, Insightful

      I don't pirate either, and that's one of the reasons. But I also don't buy things that come with DRM. Even if it's something that I would otherwise have enjoyed, I spend my money on something else.

      People seem to act like pirating and buying are the only two options, but we're talking about entertainment here. There are lots of DRM-free sources of entertainment and if you are going to treat me like a thief then I'm happy to be someone else's customer instead of yours.

      --
      I am TheRaven on Soylent News
    3. Re:Sweet spot by bertoelcon · · Score: 5, Insightful

      I don't pirate because I don't want viruses or trojans.

      I don't buy PC games because I don't want trojans either.

      --
      Anything can be found funny, from a certain point of view.
    4. Re:Sweet spot by Sancho · · Score: 5, Insightful

      That you know of.

    5. Re:Sweet spot by LordLimecat · · Score: 5, Insightful

      $200+ dollar video cards

      Decent video cards can be had for far less, and drivers are going to be part of your computing experience whether or not you game. You may have your reasons for gaming on consoles, but lets not exaggerate here.

    6. Re:Sweet spot by JDeane · · Score: 5, Insightful

      Also once again the pirates will enjoy the better copy of the game as this will greatly reduce any sort of lag induced from logging onto a remote server. Another thing is that pirates will enjoy the ability to hack there own save file have the save file backed up in case of emergency... DRM is a needed evil but at some points when the pirates are getting the better product.... It gets teeth grindingly annoying.

    7. Re:Sweet spot by ultranova · · Score: 5, Insightful

      I don't pirate because I don't want viruses or trojans.

      I don't buy games from a store because I don't want Securom, Starforce or other software doing malicious alteration of my system.

      At this point the major pirate groups have a better reputation than game publishers. I'd never install anything that wasn't disinfected by Razor 1911 or other trustworthy republisher first. Hell, even store-bought CDs might be dangerous, so better stick to mp3s.

      DRM is basically about infect software with a trojan, and cracking is about removing it.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    8. Re:Sweet spot by thesandtiger · · Score: 5, Insightful

      You'd like to get paid for your work. I'd like to get the work I paid for. Maybe you can help me understand something, since you seem to be in the industry?

      I paid for a copy of Spore - $59 or whatever it was when it launched. I got it home, tried to install it, and it just totally and completely failed to install due to the DRM used. When I called tech support and spent half an hour on hold to get through, they helped me find a couple of things that I could change that let me install it - but it wouldn't run. Somehow, whatever DVD drive I have, they say, was making it not work. When I tried to return it to the store I bought it from, I was told that because it was open I couldn't return it for anything but another copy. After arguing with the manager for about half an hour (and pulling up the myriad complaints that were posted all over the net by that point on my iPhone as proof), he finally, grudgingly, agreed to give me store credit to buy another game. I said fuck it and called my credit card company and contested the charge, and will never buy another product from that store, or from the publisher of the game, or anything that has to do with Will Wright again. The total cost to me was $0 dollars (once the charge was reversed) and quite a bit of my time (which is worth quite a bit, in my opinion) and frustration. The total cost to the publisher was 1 customer who will *never* buy another of their products, the cost of tech support time for my call, some very bad word of mouth (because of my experience and mentioning it to people I know, at least a dozen people didn't buy the game; from what I've seen on the net there were even more people like me than I might have thought). The retailer has lost me as a customer (and possibly several other people I mentioned the issue to). And Will Wright has lost a fan.

      Perversely, I did want to try an experiment - I got a torrent of Spore downloaded (in about an hour, in the background, while I did other things) and it installed and worked flawlessly as I played a single game up to the galactic level, at which point I deleted it from my system. But it proved the point - as a paying customer I was treated like a criminal, but when I went the criminal route, I had an extremely smooth experience.

      As an aside, I used to spend $100-150 on games a month before this experience; a $50 game was an impulse buy. Now, however, it isn't - where before I'd pick up a game after work, I now look at the box, say "Hm, is it worth the likely hassle?" and the answer tends to be "No." Spore was the last game I paid full price for. I've actually started doing more console gaming and I'm only buying used games since, ironically, the return policy on those is FAR better than on new ones - you guys aren't getting paid for those copies. I don't think I've bought a "new" game since Spore, but maybe I spent $10 on a jewelcase copy of something.

      The thing I'd like to understand is how this kind of situation is a good thing and how you (or people in your industry) think this situation is remotely a good one? Literally the only people who are even inconvenienced by DRM are the initial cracker and paying customers. Everyone else gets either a cracked copy (no hassle) or they pay for a game that works - I honestly cannot begin to imagine someone who is willing to spend an hour torrenting something, but sees it needs a crack (usually included in the torrent) and says "Curses! I guess I have to buy it!" going to buy a copy. How does this ridiculous situation help you get paid? To me it seems like it would make it much less likely that you would be able to get paid - gamers move on to other hobbies or refuse to buy anything but used copies or refuse to buy until the price drops, while pirates still get what they want for free. Maybe I'm missing something.

      --
      Since I can't tell them apart, I treat all ACs as the same person.
    9. Re:Sweet spot by TikiTDO · · Score: 5, Insightful

      Sure, yours is a valid desire, but the execution of this desire is where it breaks down. Consider the following: How much time and money was spent to generate this system? How much time will be spent breaking it? How much money would it REALLY get you? What will the server maintenance cost? How big will the PR shit-storm be when Joe Average cannot play this game because his internet connection went bust for a few hours, and he decided to complain to his friend, Nelson Reporter?

      In my opinion, you can see that perhaps a few of the younger kids will have to convince their parents to get the game. The parents that agree will indeed be extra income, but I doubt they would be a particularly big market segment. Many more mature PC gamers would either have bought it anyway, regardless of the protection system, or would have pirated the game just to try it, but would never buy it, netting you next to zero extra profit. Other mature PC gamers will avoid it out of disdain for the DRM system, resulting in a net loss that may even surpass the gain from the young teen crowd. Finally, the hardcore pirates will just find another game to play. There is not exactly a shortage these days. Maybe they'll just get a modded 360, and play it there. Finally, the mid-level pirates will just wait until the game is in the bargain bin, barely covering the cost of production, and getting you little if any profit. This is not even taking into account the free advertisement you are sacrificing in terms of players that would play a pirated game, then hype it up for their less tech savvy friends.

      In my model is even remotely correct, you are likely to get maybe several tens of thousands extra customers. For a game that has already seen millions in sales this sounds to be like an utter waste of resources. Resources that could have been better spent on more QA/Optimization/Content. Best of all, when the system gets cracked eventually, you will just be left with an egg on your face with little to show for it.

      Finally, for the actual protection scheme in the article, the workaround seems trivial. You must send your save game data to a remote server somewhere to be stored, the access it from there once you wish to load. First, you will need to defeat the encryption schema in the existing system, which should not be too hard, since you simply need to get the raw data pre-encryption. There will likely be a few packet types to perform further checking, which you will need to reverse engineer; an unfortunate, but harsh truth, and likely the most time consuming step of the process. Next, create a local server that will intercept requests to the remote server, including saving, and then allow it to read back the saves. If you want to get extra fancy, you could build that right into the program, and replace the calls to network functions with calls to these new functions.

      This would doubtlessly be more work than a traditional crack, but since it is still a software solution, I would not expect much longer than an extra month or two.

  2. Sure it's hard to crack by Jorl17 · · Score: 5, Insightful

    Even thought it's hard to crack, it's not uncrackable. A set of talented hackers/programmers can try and reverse engineer the system and build their own server (or a server might leak out). Then, changing the binaries or using some other technique, they can replace the server address with the address for their server. Given enough time, they might do it -- but the game will probably have become deprecated when they do it.

    With that said, this is the most horrendous example of what the gaming society is becoming. I'd rather throw myself off a cliff than pay these fucktards.

    --
    Have you heard about SoylentNews?
  3. And in a few years.... by sanborn's+man · · Score: 5, Insightful

    you'll have a non working game because Ubisoft will bother to have that old crap running longer or even Ubisoft could not exists anymore. No thanks.

  4. The Crackers Will Win by Manatra · · Score: 5, Insightful

    It won't work, because all the crackers will have to do is emulate that distant server on your own box and route any traffic Assassin's Creed II sends through 127.0.0.1 (this is a simplification). That said, it may work for Assassin's Creed II, but for any subsequent releases (Splinter Cell Conviction, Prince of Persia: Forgotten Sands, etc.) the crackers will already know how the system works and break it easily.

  5. Re:The very worst by RsG · · Score: 5, Insightful

    I'll go a step further. I'm not buying this game. I'm not pirating this game. This game is not getting my money, my time, or my tactic approval.

    This is something that just bugs me about the attitude some people have about DRM and piracy. People will take the approach of "this DRM sucks, ergo I'm going to pirate it, instead of paying for it". This isn't a boycott, nor is it voting with your wallet. This is taking the approach that two wrongs make a right, and that pirating the game somehow "punishes" the makers of it for the sin of screwing over legitimate users.

    Want to send a message? Do what I'm going to do. Don't touch the copybroken crap with a ten foot cable.

    Because make no mistake, piracy rates for a game are measurable. If the game is popular, and pirated extensively, then the message sent to the publishers is that the DRM system, however extreme, still isn't "enough". That an even more extreme measure is needed to turn those hypothetical pirated copies into sales figures. And the developer still gets acknowledged as having made a game good enough for you, the pirate, to want it. If they think they can make a paying customer out of a pirate by making the game unpirateable, then they'll got to great lengths to do exactly that.

    The only way to break DRM in the long term is to vote with your wallet, and simply ignore the very existence of companies that cross the line the way Ubisoft has. They need to be told, and have that information backed by hard data, that DRM is hurting their sales by making the legit users leave (you know, the people who actually pay for the game?)

    --
    Erotic is when you use a feather. Exotic is when you use the whole chicken.
  6. Re:Yep by Joce640k · · Score: 5, Insightful

    This is another perfect example of how DRM *only* hurts legal, paying customers.

    Want to be legal and play it on a laptop away from home? You're out of luck if you have a legal copy of the game.

    Mr. Pirate...? He won't be affected at all.

    --
    No sig today...
  7. Fine! In that case... by KingSkippus · · Score: 5, Insightful

    Actually, we'd just like to get paid for our work, so we can pay our bills and make more and better games. We have no desire to enslave humanity.

    Fine! Then stop treating me like a criminal, and maybe I'll buy your games, and thus you will get paid for your work.

    The things that you are doing are keeping me–an honest customer–from playing my games. Your DRM is keeping me from playing when my Internet connection is down. It's keeping me from playing without having to have physical media on-hand. (This makes your software effectively protected by a "dongle.") Your DRM has at times caused anything from mildly annoying bugs to grossly compromising holes in my system's security. Meanwhile, even if you develop a 100% effective DRM solution, the pirates will still not buy your game! I fail to see how even that helps you get paid for your work.

    I'm sorry, but there are more options than the false dichotomy of "give your game to everyone for free" or "enslave humanity," and if you really want to get paid for your work, then you're going to have to back away from your dug-in position. There are plenty of games out there without oppressive DRM that are doing perfectly well in the market. I'll simply choose those instead—and you'll continue to get nothing.

  8. Re:PC gamers think they should get games for free by Wandering+Idiot · · Score: 5, Insightful

    To all those who think Ubisoft should just let the pirates win...

    Here's the thing- the pirates have already won/are winning. The DRM will be broken for any single player games. Even multiplayer games will have private servers hacked up. DRM doesn't work except against the most casual forms of piracy. I have no problem with games requiring a disc check or a serial key to discourage people from just handing the DVD to their friends to install. Anything beyond that is pointless and counterproductive (unless it's part of a larger online service, like Steam or a MMO, but even those have been hacked).

    you have no idea how frustrating it is to spend many millions of dollars and several years of our life making a game, and then see statistics from our update servers that 15 to 20 people are playing pirated copies for every legitimately purchased copy.

    So? I'm sure it is frustrating, get over it. Publishers shouldn't be looking at the number of pirated copies- it's irrelevant. The only thing that matters is the number of copies sold. You're not fighting a holy war, you're a business. Attempting to keep people from playing pirated games from some sense of moral outrage rather than acknowledging the technological and business realities a) doesn't work, and b) just ends up pissing off your actual customers.

    PC gamers have $2000+ computers and drop $200-500 on a video card every year. But most of them are too damn cheap to buy their games. They grew up pirating them through high school and university, and don't see any reason they should stop now. Most of them have managed to convince themselves that (somehow) they aren't doing anything wrong.

    And you're not going to change that, especially not with DRM that gives pirates a better experience than paying customers.

    By the way, after the reactions to Spore and Bioshock (and a other heavily DRM-ed titles) we tried shipping the recent Prince of Persia without any DRM. Guess what? It was pirated heavily.. more so than any of the previous Prince of Persia games.

    How did it *sell* compared to them is the question, not how much it was pirated. Guess what? Someone pirating the game and someone not buying it gets you the exact same amount of money. And no DRM at all, not even a serial/disc check seems silly, as it does nothing to discourage casual piracy.

    So rather than give up on the PC market entirely (which is the other possible solution)

    If the company can't make a profit on the number of games actually sold, then yes, you should get out of the PC market entirely. Again, the number of pirated copies is irrelevant. Perhaps I'm missing something, but this doesn't seem that hard. The people pirating games aren't your customers, by definition. More restrictive DRM won't change that, especially as it never works.

    I can sympathize with you (I actually buy all the games I play), but if your post is indicative of the type of thinking within publishers, it's a shame as it seems entirely counterproductive and willfully ignorant of reality. Also, I presume you can estimate the number of pirated copies connecting to your servers but not which are which, otherwise I don't see why you'd be allowing them to patch...

  9. Re:PC gamers think they should get games for free by shutdown+-p+now · · Score: 5, Insightful

    Disclaimer: I work at Microsoft. I write shrink-wrapped proprietary software for a living, so software piracy directly affects my income.

    I am also a gamer. I have over 190 titles in my Steam account (granted, quite a lot of that are old games; a lot still isn't), and that's not counting the boxes. For some games, I have it both as a box and on Steam (e.g. Oblivion, Doom 3, Majesty 2), so I've actually paid twice for those.

    Now, all that said...

    To all those who think Ubisoft should just let the pirates win... you have no idea how frustrating it is to spend many millions of dollars and several years of our life making a game, and then see statistics from our update servers that 15 to 20 people are playing pirated copies for every legitimately purchased copy. PC gamers have $2000+ computers and drop $200-500 on a video card every year.

    You have no idea how frustrating it is to not be able to start a game when your Internet connection is down (and you really just want some entertainment to pass time). Or, as I've heard you did in this new game, to have it exit as soon as your Internet connection goes down in the middle of a gaming session (I sincerely wish you guys are sued for this, and lose in a big way; it's far more sinister than anything I've ever heard about in this industry). Or how about limited number of activations, where you lose one if you, for any reason, cannot boot into your OS and need to reinstall?

    All those things are reason why I will not buy any Ubisoft game ever again (and you're not alone on the list). Frankly, as a customer, I don't care about your row with the pirates. I don't even care about DRM as such! What I do care is when you drag me into the mess, and have the audacity to take my money, and then refuse the service (entertainment) that you have promised in return for some vague reasons of "fighting pirates". I'm not one; why should all of this be of my concern?

    If you can come up with a DRM scheme that does not excessively bother me (a single-time Internet activation is fine, for example; server checks on connect for multiplayer are fine, too), I'm fine with that. I can even understand slip ups (activation servers going down unexpectedly etc), and am willing to tolerate that in minor amounts - though I would expect workarounds (phone activation, whatever) to be provided in such cases. But when you deliberately go out of your way to annoy me as a gamer, guess what? My money goes elsewhere, to companies like Valve, which understand these sorts of things.