Slashdot Mirror
Ubisoft's New DRM Cracked In One Day
Colonel Korn writes "Ubisoft's recent announcement that upcoming games would require a constant internet connection in order to play has been discussed at length on Slashdot ('The Awful Anti-Pirate System That Will Probably Work'). Many were of the opinion that this new, more demanding DRM would have effectiveness to match its inconvenience, at least financially justifying its use. Others assumed that it would be immediately cracked, as is usually the case, leaving the inconvenience for paying customers and resulting in a superior product for pirates. As usual, the latter group was right. Though Ubisoft won't yet admit it, Skid-Row managed to crack the new DRM less than a day after it was first released."
Ubisoft can always blame "those damn pirates" and claim the DRM development as a failed project tax write off.
And the pirates can still play the game for free with no issues.
And paying customers still get to take it in the ass, now AND when Ubisoft decides to can the online service.
Win, Win, Weeeeee
Mod me down, my New Earth Global Warmingist friends!
Normally I actually pay for my games. In most cases, I do it the old school way - I buy physical discs from physical stores. Lately though, companies like Ubisoft seem like they're treating me like a criminal for giving them my money. At this point, they're really making it more convenient for me to prove them right.
Exactly, what *when* they go out of business? Because on the scale of what gets done when a company is bankrupt customers are dead last. There are no more customers: the company is gone. What matters at that point is creditors and the more your owed the higher you are on the list. If there is no non-restricted version held in escrow with a lawyer who has explicit instructions to release when the company goes insolvent then FACT: Your purchase is gone.
Shh.
Funny? Try Insightful.
Oh, and:
Discovering you just spent a ton of money to make the pirated version more attractive: Doubly Priceless.
How can I believe you when you tell me what I don't want to hear?
Doesn't matter really. Nothing released today is ever going to enter public domain (or, in any case, during any of our lifetimes). Copyright laws are almost getting worse than DRM... almost...
What is this public domain you speak of?
Anything can be found funny, from a certain point of view.
Imagine a person, in a casino, sitting at a slot machine. They're pumping coin into it and steadi;y losing everything. They know that they should walk away, but they can't. Walking away means admitting to themself and others that they lost. And so they keeping telling themself that if they keep playing long enough, they will win back enough to at least break even.
The same is true of Ubisoft, Microsoft and all the other companies who keep pumping money into the DRM slot machine. Year after year they keep coming up with new DRM schemes to replace all the previous ones that have failed (ie, all of them). They can't stop. To stop would be an admisison of failure. An admission that even if they created uncrackable DRM, the extra sales revenue wouldn't even come close to covering the cost of creating and maintainging new DRM schemes.
It would be funny, it it wasn't so stupid.
I didn't see that anywhere in TFA. The only place that mentions that is a single, anonymously left comment. Not exactly the most credible source.
That Anonymous Coward guy is pretty annoying. Can we have the government censor him or something?
The problem with the way DRM is inserted into a game is the way DRM is inserted into a game.
DRM cannot be programmed in from the word go as this would severely hamper the development team, they'd spend as much time fighting their own DRM programming as fixing bugs and writing new code. With EA/Ubi/Take2 working their dev's like slaves with ridiculous and unmovable deadlines this is considered impossible. So DRM is tacked on after a games completion, it's developed by a third party (Thales, Sony DADC and so forth), purchased and then tacked onto the exe or other binaries. If it weren't for this fact DRM would be extremely difficult to crack as it would be rooted so deep. DRM also accounts for at least 15% of a games cost at retail as it's covered by a per unit license, A$20 with the difference between Civ IV retail and Gal Civ II retail.
So it is as you said, as long as the exe hears what it wants to hear from what sounds like the DRM it will run.
News like this makes me happy, Ubisoft spend millions on this DRM, talks it up and it gets broken on the first day. I can believe that there is some justice in the universe, Karmic retribution at work.
Calling someone a "hater" only means you can not rationally rebut their argument.
Well if that happens then they blame the pirates for lost sales, which is the current way game companies deal with poor sales.
Piracy rates are can be tracked. They'll know, to within a moderately narrow margin of error, how many copies were pirated, and they'll know exactly how many were sold. Both numbers will have been estimated prior to launch by the bean counters.
If the game fails to reach its sales quota, but is pirated more extensively than anticipated, what that tells them is that even more extreme anti-piracy measures are needed. The difference between sales figures and sales projections will be treated as "lost sales", with the blame placed on the rising piracy figures.
If the game tanks, and the piracy rates are no higher than expected, that sends a different message. It tells them that the piracy rates aren't to blame for the "lost sales" - customer boycotts are.
The only way to kill DRM in the long run is to convince the people making the decisions that it's costing them more money than it's worth. Don't buy or pirate Ubisoft's crap. Don't give them money or mindshare. Write them off as a loss, and buy games from publishers who don't treat their paying customers this way. Either they'll learn to do better, or the publishers who don't saddle their games with this crap will out-compete the ones who do in the long haul.
Erotic is when you use a feather. Exotic is when you use the whole chicken.
(I realize that replying to yourself is sort of narcissistic; but I didn't think of this until just now...)
It strikes me that the challenges of server-based DRM techniques are actually strongly analogous, in many respects, with the challenges of hardware dongle based DRM techniques.
With both dongle and server setups you have a client(untrusted, presumably a nest of filthy pirate scum) where most or all of your binary is running. You also have a dongle or server which is computationally constrained but strongly trusted(at least compared to the client, no trust is perfect). You finally have a channel between them, either the internet or the USB bus.
In both cases, you face the problem of the dongle/server being an artificial requirement. You can build your binary to demand it and freak out if it isn't there; but the binary lives on the untrusted client, and so that can be stripped.
In both cases you have the option of getting around this artificiality problem by omitting vital parts of the program from the client and building them into the dongle or the server. In both cases, though, you are limited by the fact that computational power on the dongle or server is far more expensive, from your perspective, than computational power on the client(server computing power is cheap, per unit; but taking on the obligation to provide it on demand 24/7 for the next five years to everybody who bought a $60 box at retail, plus paying for bandwidth, isn't cheap. As for dongles, computational power, per unit, is way more expensive from a custom embedded chip fabbed and packaged to be tamper resistant and run from bus power than it is from the latest intel core whatever.).
In both cases, there are two basic ways that hackers can get around you. Either they re-implement whatever you have moved off the client, and modify the client binary to talk to their implementation, or they illicitly obtain a copy of your implementation(dongle clone or server own/leak).
There are some differences, though: The major advantage of the server approach is Global Knowledge. If every client talks to the server, and every client has a unique serial number, it is trivial to detect and reject cloned serial numbers(less trivial to know whether you are rejecting the cloner or the customer who legitimately purchased the retail box that the cloner targeted; but DRM isn't about customer satisfaction, so who cares?) With dongles, cloning is harder; but if some shady operation on the pacific rim decides to stamp out a million copies of one of your dongles, your client binaries will all happily accept them.
The major disadvantage of the server approach is bandwidth and ongoing cost. USB2 is a 480Mb/s bus. Even in the real world, it is pretty damn fast compared to virtually any residential internet connection. The latency picture is even better. The "ping" to a USB device is virtually nothing, while client/server ping across the internet will always be nontrivial. Further, there are plenty of places(travelling, military, etc.) where an internet connection is either uneconomic or unavailable and, even when it is, tends to have lousy speed or latency or both. Hardware is much more portable, and the speed of the local bus will always be the same. Plus, with local hardware, you face no further bandwidth bills or server upkeep expenses.
You, sir, are a moron.
How many regular, normal users are going to google/torrent the hack?
None, they'll just get it with the game itself.
Then scan it for trojans? (Believe me most copies will have one.)
Look for the comments attached to the release, it'll tell you everything you need to know.
And then install it from the cryptic readme text file? I'm talking non-geeks.
People are not retards. By their second game, they'll know what "copy cracked exe over the original one" means.
I'm talking non-geeks. People who send their PCs to the geek squad. People who've got no idea how a byte is different from a bit. You know, the other 99.7% of the user base.
Irrelevant, they'll have geek friends. Sure, I have friends I'd rather trust with a house plant than a computer, but who the fuck are you to tell them they can't play with games they've already downloaded? (Mind you, in this country, it's legit for personal use.)
They use DRM because DRM works on the majority of consumers.
No, it works on the majority of their customers. Everyone else just gets it already cracked.
If DRM causes the company to lose 10% of their base but pickup a new 11%, they don't care.
DRM won't ever get you new sales. The game will, if it's good and/or marketed enough.