Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ubisoft's DRM Cracked — For Real This Time

Posted by Soulskill on from the see-you-next-scheme dept.

therufus writes "A few days after the release of Assassin's Creed 2, naughty piracy sites were announcing they had cracked Ubisoft's Online Services Platform. Turns out, that wasn't entirely true. While it was possible to load into the game, players were unable to advance past a certain memory block. But now, it seems Ubisoft will need to draft a new response. A new crack has begun circulating that removes the DRM entirely."

6 of 443 comments (clear)

  1. depends on the meaning of "for real" by illaqueate · · Score: 5, Informative

    Skidrow put their own copy protection on the crack because they simply placed the values from the emulator into a dll. It's nice and convenient to have a dll return the values instead of a server however if they had actually cracked then they would have also cracked the other games for which the emulator doesn't currently exist.

    So yes, Assassin's Creed 2 is playable but their copy protection is only broken in the sense that AC2 designers decided to make the server-client for this game return static responses that can be collected and eventually make the game playable for pirates.

    1. Re:depends on the meaning of "for real" by illaqueate · · Score: 5, Informative

      The protection for AC2 is tacked on. Settlers 7 received somewhat better protection and there is no working server emulator for it yet. In the future it will be more dynamic and most likely include server side game logic. The significance of it not being truly cracked even with a basic protection as in AC2 is this: every time Ubisoft releases a new game then the pirates must play through the entire game collecting the values which can take a few weeks to get 100% unless the process can somehow be automated. This is over and above any changes to the protocol used to communicate between the client and server between games which the cracker must code for to capture those values.

  2. Not so fast by Anonymous Coward · · Score: 5, Informative

    All Skidrow did was re-package the existing community-developed workaround.

    The community created a values.db which contains the name/value pairs to defeat Ubi's server checks, and a server emulator, Skidrow's DLL embeds this file and replaces the server-checking with a local access.

    Skidrow then takes full credit for the work (in a total douche move) and they also packed their DLL so no-one would detect their deception.

  3. Skidrow didn't do the hard work by Anonymous Coward · · Score: 5, Informative

    For the record:

    The actual hard work was done by a community of people who bought the game. They ran a proxy that logged all the "values" sent from the Ubisoft servers to the game. Each time the game progresses to another mission (or similar), it requires a different set of "values" to determine what game data to load (or a very similar method). The people who logged these values then submitted them to a community database, which collected them and sorted out any fake ones uploaded by Ubisoft employees or griefers.

    This community also made a server emulator, which served the "values" to the game upon request. The server emulator, written in python, was a pretty simple HTTP server; the game connected to it by editing the system's "hosts" file and hardcoding DNS responses for ".ubisoft.com" to localhost (where the server emulator runs).

    Thus, the game is only crackable once enough people have bought the game and logged all possible values for all possible missions states. It's not a total loss for Ubisoft in a sense -- it prevents "Pre" releases, wherein a release group distributes the game before the actual release date. It also ensures that a certain number of people must buy the game and contribute "values" to the community database; all in all this ends up lengthening the time from game release to full-working pirate release.

    SkidRow's new crack is simply an IPC (inter-process communication) method of delivering the "values" to the game, bypassing the network connection to the game. Therefore SkidRow's version doesn't use a server emulator running on localhost, but rather patches the executables of the game and has the "values" hardcoded into the cracked DLLs.

    The real issue here is that SkidRow took the "values" database from the community who initially logged them, and pretty much claimed it as their own work. The original cracking community inserted some fake "values" as trackers in order to determine when anyone stole their work and released it.

  4. Re:There WILL be unbreakable DRM, heres how: by asCii88 · · Score: 5, Informative

    You might want to post the link

  5. Re:Almost 2 months by LingNoi · · Score: 4, Informative

    and from reading the article it looks like the created a testing nightmare..

    The protection was designed to produce effects almost indistinguishable from bugs, so testing was also affected. If any false positives occurred in the protection, they could be reported incorrectly. For this reason a very thorough debugging plan was produced just for the protection. Every location that could trigger protection was listed, along with how long it would take to trigger, what the exact effect would be, and where you had to look to see the effect. Testers had to visit the locations, wait the required amount of time, and then look to see if the protection had been triggered. Having any of the protection give a false positive was obviously our biggest worry. Therefore all the protection was set up on a compile-time switch so that it could be turned off at any time if we weren't absolutely sure that the protection was reliable (and believe me, there were a few moments when it didn't seem to be).