Ubisoft's DRM Cracked — For Real This Time

therufus writes "A few days after the release of Assassin's Creed 2, naughty piracy sites were announcing they had cracked Ubisoft's Online Services Platform. Turns out, that wasn't entirely true. While it was possible to load into the game, players were unable to advance past a certain memory block. But now, it seems Ubisoft will need to draft a new response. A new crack has begun circulating that removes the DRM entirely."

Let The Excuses Begin

[WrongSizeGlass]

I'm not a fan of 'Piracy' at all, but Ubisoft DRM tactics are draconian, ridiculous, and are just begging for the attention of those who break DRM for fun or profit.

Ubisoft has brought this upon themselves and now they'll use the fact that their "unbreakable" DRM has been broken to justify their further efforts. Asshats!

Re:Let The Excuses Begin

[causality]

Ubisoft has brought this upon themselves and now they'll use the fact that their "unbreakable" DRM has been broken to justify their further efforts. Asshats!

The reasonable approach would be "Unbreakable? Yeah we've heard THAT before, no thanks, let's not waste money bothering with this. Lets use the programmers who would be designing complex DRM systems and have them join the team that's actually creating the game." Unfortunately I think that what you said will come to pass. They won't recognize that "try harder" is not the correct way to deal with a failed idea.

Re:Let The Excuses Begin

[Dachannien]

In that respect, DRM is like a witch trial directed at legitimate paying customers. If the DRM stays intact, the witch sinks and dies, and the DRM perpetuates its own myth by "proving" its own success. If the DRM is cracked, the witch floats and lives only to be burned at the stake, and the DRM perpetuates its own myth by "proving" the need for harsher measures.

Either way, the DRM isn't really doing anything but killing witches - I mean, eliminating paying customers.

Re:Let The Excuses Begin

[Bigjeff5]

Well, since paying customers weigh the same as ducks, they are all witches and deserve to be burned at the stake, obviously.

Once again Science and Justice rule the day!

Re:Let The Excuses Begin

[Bigjeff5]

Indeed, different company, but same issue here: I was going to buy Spore when it came out, because it sounded cool. When I found out about the DRM that amounts to their installing a rootkit on my system, I just downloaded the cracked version instead. I figure if they're going to treat me like a criminal from the get-go, why not earn the punishment? Turns out I had a much easier time of things than most anybody who actually paid for and installed the software. Go figure.

It's like the parents who leave the house for the afternoon, and tell the kids they have to do chores/homework and aren't allowed to watch any TV. Instead of trusting the kids at all, or even waiting till they get back to determine if they broke the rules and watched TV, the parents decide to punish the kids ahead of time because they know they'll break the rule anyway. Well, since they've already been punished for it, why wouldn't the kids watch TV when they aren't supposed to?

These fucked up DRM schemes are exactly the same - if I'm going to be punished for following the rules (heavy restrictions on use, rootkits, compatibility issues, etc), why the hell would I follow the rules? A lot of people already know most cracked versions are easier and more convenient to play compared to the retail versions, so where is the incentive to buy retail? Some people are honest enough to buy retail and then get the cracks, but you're still breaking the law so why bother buying in the first place?

Re:Let The Excuses Begin

[Pteraspidomorphi]

We all are, but evil pirates keep their money in their pockets instead of spending it, and that added weight allows them to escape detection.

depends on the meaning of "for real"

[illaqueate]

Skidrow put their own copy protection on the crack because they simply placed the values from the emulator into a dll. It's nice and convenient to have a dll return the values instead of a server however if they had actually cracked then they would have also cracked the other games for which the emulator doesn't currently exist.

So yes, Assassin's Creed 2 is playable but their copy protection is only broken in the sense that AC2 designers decided to make the server-client for this game return static responses that can be collected and eventually make the game playable for pirates.

Re:depends on the meaning of "for real"

[illaqueate]

The protection for AC2 is tacked on. Settlers 7 received somewhat better protection and there is no working server emulator for it yet. In the future it will be more dynamic and most likely include server side game logic. The significance of it not being truly cracked even with a basic protection as in AC2 is this: every time Ubisoft releases a new game then the pirates must play through the entire game collecting the values which can take a few weeks to get 100% unless the process can somehow be automated. This is over and above any changes to the protocol used to communicate between the client and server between games which the cracker must code for to capture those values.

I wish people would act more ethically

The only ethical response to ubisoft is not to buy their product, not to use their product, not to infringe upon their product and then tell them you are doing it and tell your friends.

I'm irritated at the pro-piracy attitude, it hurts open source as well. Without respect for at least copyright-driven IP you can't have real opensource that allows the creator to specify how it is propagated (GPL). All you would have would be the BSD, and we saw what Apple did with that eh?

Re:I wish people would act more ethically

[celibate+for+life]

Except Ubisoft doesn't know whether you illegally download their game or not, so pirating it and not playing it at all have the same effect, that is: Ubisoft will assume piracy.

Re:I wish people would act more ethically

[log0n]

I hear Duke Nukem Forever is pretty close tho.

Re:I wish people would act more ethically

[laparel]

So... You don't like Ubisoft's DRM but since you really really like AC2, you wait for a crack then still buy the game?

Look it's your money and everything so you're free to use it however you want, but to me buying their game whilst hating their DRM is very short sighted and counter-intuitive. If the current DRM-Crack arms war continues to escalate, I fear we'll just end up with a subscription model or something so draconian that pirates might just not be able to crack. You might be able to play Assassin's Creed 2 for now; but come Assassin's Creed 3, we'll all be fucked.

I'd rather we just all stop buying Ubisoft's product now, even if that means we won't be playing their latest games, and hope that they shape up. Send a clear message to them that they're going to lose their customers and sales unless they remove their fucking DRM.

Not so fast

All Skidrow did was re-package the existing community-developed workaround.

The community created a values.db which contains the name/value pairs to defeat Ubi's server checks, and a server emulator, Skidrow's DLL embeds this file and replaces the server-checking with a local access.

Skidrow then takes full credit for the work (in a total douche move) and they also packed their DLL so no-one would detect their deception.

There WILL be unbreakable DRM, heres how:

Here is how unbreakable DRM will eventually work:
When internet connections are high enough bandwidths and low enough latencies, you will only have video transferred to you, all game assets will be entirely stored and run on their hardware, never will anything be stored on YOUR end that you will can manipulate.

That is, you will play "unbreakable" games remotely.

Re:There WILL be unbreakable DRM, heres how:

[WrongSizeGlass]

It's already in the works at On Live. IMHO I think the latency related to gaming in this fashion will ruin it for everyone (unless you're playing board games or the like).

Re:There WILL be unbreakable DRM, heres how:

[asCii88]

You might want to post the link

Re:There WILL be unbreakable DRM, heres how:

At which point prices will have to drop significantly because you're no longer selling a game; you're selling a subscription to a game.

Hahahahahahahahahaha

Re:There WILL be unbreakable DRM, heres how:

[sowth]

You think they will drop their prices? Obviously, you don't know anything about the greed of the media companies.

Re:There WILL be unbreakable DRM, heres how:

[TavisJohn]

And that sort of "Streaming" of a game will totally eliminate the re-playability of the game.

I have games that are 5, 10, 15, 20+ years old that I STILL go back and play. Some of the companies that made the games I have do not even exist anymore! No game company is going to pay to keep servers running so customers can continue to play the game that long after it was released.

I will NEVER EVER buy a game that is not totally contained on the media I am purchasing. I like to go back and re-play games for DECADES to come.

Re:There WILL be unbreakable DRM, heres how:

and this is why a high school level economics education is not sufficient to properly understand market forces.

Re:There WILL be unbreakable DRM, heres how:

[Bigjeff5]

Indeed, "I'll believe it when I see it" is not a bad position to take with OnLive.

Seriously though, it's going to take a very long time before an online system can replace a local system - think about it, current bus technologies between hardware and TV/Monitor run in the multi-gigabit range.

Now that's uncompressed, Cable TV has shown that you can crank those numbers down quite a bit, but you're still talking about a lot of people completely saturating 200-300mbit connections to match the quality of video you get on your local hardware. The connection would have to be very very reliable as well - just a few hiccups in latency or speed can cause extreme annoyance for the gamer. So in reality you're looking at probably a 500mbit connection with a guarantee of no less than 300mbit or so.

It would take one hell of an infrastructure improvement to handle that.

It's also a moving target, because video advances continue (though slower than some would like), and by the time we get 500mbit connections in enough homes to make this viable (you'll always be cutting off a big chunk of the market with this setup), the target could very well need to be 1gbit to match local hardware.

Re:There WILL be unbreakable DRM, heres how:

[Attila+Dimedici]

Ever wonder why we have to haggle on prices? Because motherfuckers are greedy.

There is something to what you say, of course the necessary corollary is that they are also stupid. I run into this quite a bit. A company that charges a "fair" markup on its costs will do better in the long run than a company that haggles to get every dime. It is why haggling went away for a long time in America (and elsewhere, but I am less familiar with the economics of this sort elsewhere). Quaker merchants in the colonial era sold their merchandise for what they believed to be a fair markup over their cost. Everybody knew that when you went to a Quaker merchant, you paid the same amount as the next guy no matter how good of a haggler you were. They also knew that the Quaker's markup was not excessive. Additionally, the Quaker merchants response to people who wanted to haggle was, "That's my price, if you don't want to pay it, go to somebody else." This meant that the merchants who haggled only got the customers who were good hagglers (eventually, as people who weren't good hagglers realized they were paying more than from the Quaker merchants) and therefore could not make as much money as the Quakers (or other non-Quakers who followed the same model).

Re:There WILL be unbreakable DRM, heres how:

[qubezz]

And that would be relevant if they had equivalent sales. As things stand, it actually argues against your point: ebook sales in the US last year come to about $13 million dollars out of a (roughly) $23 billion dollar a year industry, according to the AAP. If the quality of the product and the price of the alternatives are the only driving factors, then I conclude that people are unwilling to pay equal amounts for a product that has no associated baseline costs and a product whose cost is dominated by those factors.

The low numbers are partially because the baseline cost is free - go to the library (or Project Gutenberg for pre-1923 works, the last year to probably ever be public domain). The truth is, the product you buy is not a product, it's a one-platform non-transferable DRM encrusted unresaleable bunch of words that will be disabled when the dot.com at the other end of the wire decides it's profitable to abandon or goes out of business, sold for the same price as a tangible product. Ebooks are massively crippled so they are worth even less than a sherlockholmes.txt ASCII file, and yet have still been priced uncompetitively, almost so they won't make a dent in the centuries-old paper codex business.

The only sheeple customers who can't say no to DRM seem to be those who respond to marketing that tells them they need to buy the latest gadgets to be cool and fashionable. Why do you think iPhone buyers were so upset when the price of the phone dropped from $600 to $400? Because more people could afford to join the fashionista club.

Re:There WILL be unbreakable DRM, heres how:

[Goaway]

Man can make a one-time pad, man can not break a one-time pad. Your generalization is false.

Skidrow didn't do the hard work

For the record:

The actual hard work was done by a community of people who bought the game. They ran a proxy that logged all the "values" sent from the Ubisoft servers to the game. Each time the game progresses to another mission (or similar), it requires a different set of "values" to determine what game data to load (or a very similar method). The people who logged these values then submitted them to a community database, which collected them and sorted out any fake ones uploaded by Ubisoft employees or griefers.

This community also made a server emulator, which served the "values" to the game upon request. The server emulator, written in python, was a pretty simple HTTP server; the game connected to it by editing the system's "hosts" file and hardcoding DNS responses for ".ubisoft.com" to localhost (where the server emulator runs).

Thus, the game is only crackable once enough people have bought the game and logged all possible values for all possible missions states. It's not a total loss for Ubisoft in a sense -- it prevents "Pre" releases, wherein a release group distributes the game before the actual release date. It also ensures that a certain number of people must buy the game and contribute "values" to the community database; all in all this ends up lengthening the time from game release to full-working pirate release.

SkidRow's new crack is simply an IPC (inter-process communication) method of delivering the "values" to the game, bypassing the network connection to the game. Therefore SkidRow's version doesn't use a server emulator running on localhost, but rather patches the executables of the game and has the "values" hardcoded into the cracked DLLs.

The real issue here is that SkidRow took the "values" database from the community who initially logged them, and pretty much claimed it as their own work. The original cracking community inserted some fake "values" as trackers in order to determine when anyone stole their work and released it.

Re:Skidrow didn't do the hard work

[jeremyp]

The real issue here is that SkidRow took the "values" database from the community who initially logged them, and pretty much claimed it as their own work. The original cracking community inserted some fake "values" as trackers in order to determine when anyone stole their work and released it.

One group of pirates being ripped off by another group of pirates is not an issue, it's funny.

Re:Skidrow didn't do the hard work

[TheLink]

There is a difference between plagiarism and copying.

One involves deception or not telling the full truth.

The next step (an insider's view)

I work at Ubisoft as a programmer, which is why I'm posting as an AC. What the next step will be in the DRM, the ramp-up, is gameplay code that is run from the server. So in order to crack that one the pirates will have to fully emulate the server side code. Not the whole of the gameplay code mind you, just a small, but necessary and essential, portion. This should be in effect for the coming summer releases.
For the record I think Ubisoft are being asshat idiots in continuing to ramp up this obscenity of a slap in the face to paying consumers. And I'm not alone, you should see the in-house mailing list flamewars about this (which also means that other employees are freaking greedy douchebags, it's not just the suits.)

Re:The next step (an insider's view)

Oh, I'll be leaving soon, but for other reasons. Mostly because they work you into the ground sweat shop style, they are hellbent on NOT making innovative fun games (it's always about how it looks, not how it plays), and because the place is full of greedy capitalist douchebags.

Re:The next step (an insider's view)

And I'm not alone, you should see the in-house mailing list flamewars about this (which also means that other employees are freaking greedy douchebags, it's not just the suits.)

Please leak them.

Re:Almost 2 months

[LingNoi]

and from reading the article it looks like the created a testing nightmare..

The protection was designed to produce effects almost indistinguishable from bugs, so testing was also affected. If any false positives occurred in the protection, they could be reported incorrectly. For this reason a very thorough debugging plan was produced just for the protection. Every location that could trigger protection was listed, along with how long it would take to trigger, what the exact effect would be, and where you had to look to see the effect. Testers had to visit the locations, wait the required amount of time, and then look to see if the protection had been triggered. Having any of the protection give a false positive was obviously our biggest worry. Therefore all the protection was set up on a compile-time switch so that it could be turned off at any time if we weren't absolutely sure that the protection was reliable (and believe me, there were a few moments when it didn't seem to be).

I could *not* care less.

[L4t3r4lu5]

I wouldn't play Assassin's Creed 2, Command and Conquer 4, or any other game which required a constant internet connection for single player use, regardless of the state of cracks or how low the publisher dropped the price.

Fuck Ubisoft. Fuck EA. They've both lost a paying customer by pulling this bullshit, and I buy a lot of games.

Fuck 'em both.

don't use the crack, don't play the games

[blueworm]

Do not use the crack and do not play the games with DRM if we want to really see an end to DRM. Even playing the game without buying it can be good publicity that generates sales for those who would complain they are not selling enough. Resisting the temptation to consume products instead of creating our own is the real problem. Instead of consuming things because we feel we need to, if we do not agree with the product we should instead work to create our own. We cannot let self-doubts and temporary failures prevent us from being creative if we are to bring about a new creative renaissance without DRM.

You're missing the point

[wall0159]

This isn't about price. This is about the freedom of the internet, which is slowly being eroded, and with it our personal freedom. It's easy to take the path of least resistance and simply seek technological circumventions to censorship and other online restrictions. But, while we keep playing with such toys, those that would control knowledge are busy building both the legislative and technological systems that will make this battle that much harder to fight in another decade or so.