Slashdot Mirror
DRM Company Denuvo Forgets To Secure Its Server, Leaks Two Years Of Emails (torrentfreak.com)
Denuvo "left several private directories on its website open to the public," TorrentFreak wrote Sunday, calling it "an embarrassing blunder" for the digital rights management company. "Members of the cracking community are downloading and scrutinizing the contents," the site reports, with one of the finds being an 11-megabyte text file which apparently contains every message sent through Denuvo's web site since 2014. An anonymous reader writes:
There's a message from Google's security team, one from Capcom Japan, and "dozens of emails from angry pirates, each looking to vent their anger," according to TorrentFreak. Ars Technica reports that there's also a 2015 message from Microsoft about "an upcoming initiative," as well as messages several game studios, and even one from the producers of Mavis Beacon Teaches Typing. "Combing the log file brings up countless spam messages, along with complaints, confused 'why won't this game work' queries from apparent pirates, and even threats (an example: 'for what you did to arkham knight I will find you and I will kill you and all of your loved ones, this I promise you CEO of this SHIT drm')."
"Since Denuvo's contact page does not contain a link to a private e-mail address -- only a contact form and a phone number to the company's Austrian headquarters -- the form appears to also have been used by many game developers and publishers." And in addition, "much of Denuvo's web database content appears to be entirely unsecured, with root directories for 'fileadmin' and 'logs' sitting in the open right now."
In addition, there's also a slideshow -- which has since been uploaded to Imgur -- bragging that "With over 300 man years of development experience among us, we clearly know what we're doing."
"Since Denuvo's contact page does not contain a link to a private e-mail address -- only a contact form and a phone number to the company's Austrian headquarters -- the form appears to also have been used by many game developers and publishers." And in addition, "much of Denuvo's web database content appears to be entirely unsecured, with root directories for 'fileadmin' and 'logs' sitting in the open right now."
In addition, there's also a slideshow -- which has since been uploaded to Imgur -- bragging that "With over 300 man years of development experience among us, we clearly know what we're doing."
If they got the good stuff, they'll have a legal goldmine on felonies by management and lawsuits on the company.
and I just can't stop laughing!
Such poor security is acceptable to Democrats.
...from the slide show. Hahaha! Very apt indeed.
Ezekiel 23:20
There seems to be a presumption that the "why won't this game work" questions were from "pirates", when they could just as easily come from actual customers.
You know, the ones the DRM actually fucks over?
captcha: measures (in a sentence: DRM are ineffective measures against pirates)
At least nobody at Denuvo was running for the office of President of the United States of America! =)
I do wonder if the leaks include any kind of technical info or code related to their system. If that happened it would be far worse than a bunch of emails.
Sorry, but the customers I have are angry at DRM. They own 30 room Yachts that when they update the Firmware on their Kaleidescape it upgrades to HDCP 1.4 and BREAKS the whole system because their TV sets that are sealed and built in are NOT HDCP 1.4 compatible.
I encourage these customers to complain to congress to strike down the DMCA because I tell them , "I could fix that, but the DMCA makes it a felony for me to do so."
And it's affecting their homes, they add in the new 4K Dish TV to their 64 room home and BOOM the digital video system shuts down because of HDCP 2.2 and they did not replace all 64 TV sets in the house.
DRM hits everyone, and a lot of the rich that I do work for I encourage to complain to companies as well as congress about it.
Do not look at laser with remaining good eye.
Fred Brooks can tell you exactly how much mythology went into those!
Switching to the anti-Buddhist one now, since that biblical scholar schooled you over all the inaccuracies in the anti-Catholic one? Your life must be really sad. Certainly there's a forum somewhere that this drivel is on-topic for, so you can actually have your half-assed trolling pastebin monologues get the response you desire?
If that could bring down the company into flames, that would be a small relief for the consumer.
That said, DRM is like an Hydra, when you think you won the battle against one, a handful more appear to take its place. I sincerely hope it will be outlawed at some point.
I had a look at these slides, and they're very obviously marketing material. Anyone who has written a handful of those knows how full of exaggerated claims they can be. For example, assuming the 40% piracy figure holds true (for which I couldn't find trustworthy references), would that automatically translate to a 40% in sales? A 40% increase in profit for the company? I don't think so, to put it mildly.
OK, I will stop my rant for now; but I've been burned too many times by DRM as a legit consumer to keep thinking that for media companies (not every one, but as a general trend, esp. from sales departments), "consumer is king" instead of a milk cow that you desperately need to milk until blood comes (and keep doing it, for good measure). [/rant]
Denuvo have become a popular company to hate recently. There are long-standing complaints that their DRM "harms performance" in the games that use it. The time-to-crack on some of the more recent Denuvo-protected releases has been down to around a week or so, which is a big reduction from the "several months" they could boast a year ago. They can also come over as a bit cocky in their public messaging at times.
And yet... are they really that bad? The war against DRM in PC gaming at the conceptual level was lost years ago, the moment consumers (self included) decided that the convenience of Steam and its equivalents (and the general reduction in game prices that came with them) outweighed concerns about ownership and digital rights. There have been battles since then, to be sure, but those have generally been over the extent to which DRM inconveniences legitimate consumers.
So we had (fairly successful) protests against Spore, which limited the number of installs possible from a single key (a practice which is more or less dead now). There is continuing pushback over the inclusion of always-on DRM in games which don't require it, which looks like it still has some way to run. We've had outcries, again generally successful, against DRM schemes which compromise the security of PCs they are run on (see the recent additional of such DRM to Street Fighter V and its subsequent removal).
But Denuvo doesn't really do any of these things. From the end-users point of view, provided they have a legitimate copy of the game, it is pretty much invisible. The rumours of it having a performance impact persist, but when credible sources like Eurogamer's Digital Foundry have investigated, they've never been able to substantiate them. In many cases, Denuvo appear to have become the scapegoat for poorly optimised PC ports.
PC gaming is actually in quite a good place right now. Most major releases find their way to PC; considerably more than did so 5 or even 10 years ago. Previously console-only developers have realised that they can expand their market for relatively little effort by producing a PC port. This has gone hand-in-hand with a general improvement in the quality of DRM, which appears (though I'll admit the link is not validated) to have deterred at least casual pirates (accepting that the hardcore will likely never be deterred). If DRM is here to stay, I would much prefer Denuvo to some of the alternatives.
Who knew Russian hackers could force someone to leave their entire server unsecured!
They should have wiped it with a cloth!
Indie developers have a lot of advantages. First, you have WAY fewer (if any) useless management sponges and your money goes to the person actually doing the work. But mostly, because it's hassle-free. No need to be always-online, hoping and praying that the connection to the all-important DRM server stays stable (if you can reach it at all at launch), no worries that the game will break as soon as you dare to install something the game's maker considers a nono on YOUR computer, it just works.
Yes, graphics are usually way below what you'll get from AAA titles. But let's face it, games sold on graphics alone age very, very poorly. Cutting edge graphics are like new car smell. It wears off very, very quickly. The next generation of graphics hardware and shading software is always just a few months away and compared to this, your "ohhh, shiny!" game will soon simply suck. And then you can shell out another 60 bucks (and then some for the pretty much mandatory DLC to complete it).
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Hey buddy... You are in dire need of a good swift kick right in the squishy bits...
. . . . when we did a simple port-scan, and found every single Solaris box on the net had FTP running. So we did an anonymous FTP login. And in the root of the public directory. . . . was a Kickstart file. With the root password.
We had the entire network pwned in under 45 minutes. Simply because someone didn't bother to clean up. Probably because they'd already redlined the "maintenance" budget. . . .
The amount of hypocrisy on this issue considering how many set top boxes are out there that violate the GPL to provide DRM compliant streams is breathtaking.
I'd love to see a virus that enforces the license terms on a windows box so that pirated versions of the OS, or any other software, won't run.
My ism, it's full of beliefs.
In that powerpoint they were bragging about being the DRM that protects Game of Thrones. Game of Thrones is constantly in the news for being the most pirated show in history. Not exactly geniuses there at denuvo 'eh?
Holy crap. After reading the slide show on Imgur, I think we should call a doctor to help Mr. Thomas Goebl, Director of Marketing and author of the presentation. He patted himself and the company so much on the back, he must have broken his arm! I have never seen a more self-indulgent, self-congratulatory presentation in my life.
And the dish ran away with the spoon.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
You waste so much time and effort spouting illogical, self-referential nonsense because you're afraid to think for yourself. You're even more afraid of others thinking for themselves.
Why are you so afraid? You don't have to be.
Il n'y a pas de Planet B.
If the goat-herders who wrote your magical book could see you now - they'd laugh their fucking asses off. People still swallow this shit 2000+ years later? HAHAHA
For as long as I can remember, Steam listed on a game's store page what, if any, 3rd-party DRM was included in the game.
Arkham Knight's page does not mention 3rd-party DRM, just a 3rd-party EULA. Scanning the EULA, neither "DRM" nor "Denuvo" are mentioned.
Can we no longer trust Valve to tell us when a game contains 3rd-party DRM?
I've always wondered and perhaps someone here can tell me: How harsh is DRM towards the performance and minimum specs required by a program? Does it do absolutely nothing, or is it one of the reasons that games looking barely better than the PS2 era can run abysmally on hardware from last year?
Unfortunately that's the price you pay to be an early adopter. Perhaps these customers should do more research when picking components, especially waiting when different standards are competing and being ratified (4k input, HDR, audio, etc), and also stop firmware updates (and disconnect these devices from the network so they don't get compromised) when their gear reaches a state of "just works." I suggest waiting until these devices are more consumer ready before adopting them. This is why I don't bother jumping on new tech, it always goes through a few iterations, regardless if it has DRM or not.
Twinstiq, game news
Well I don't know about anyone else, but that in-depth post reminds me why I hold all religion in utter contempt.
Isn't posting a link AND the full contents of the page a bit redundant? Also, why not create an account if you're going to use your real name on your web site.
Posting anon to preserve my mod of your comment.
I have never been a hardcore gamer, unless you count riding my bike to the arcade back in the early 80s. For some reason I never got into big box games. I think it's why I took to Humble Bundle. I have purchased over 100 games through them, mostly in bundles. I run linux and they are good (not great) about supporting my OS of choice. My kids find some that they really like too, so they can play them on their tablet or windows pc. DRM free is great - no worries about sharing one account (Steam) or jumping through a bunch of hoops, or *gasp* breaking the law just to play a game casually. There are fun extras, and you don't have to really invest a lot into them if you don't want to. I don't really follow gaming, but everything I do see seems to be so focused on realistic graphics. I suppose that's cool... but I play games to have fun. That doesn't always mean realistic graphics.
If you have been living under a rock, go check them out at Humble Bundle and sign up to get alerts of new bundles. Check out the Humble Store. You can get some good games, support charity and indie game developers.
Do you know they're pirates because they say they are, or because they're angry at DRM? Because the latter isn't piracy.
And Denuvo's stuff gets cracked in a week now. I don't think the "pirates" are that mad, TBH.
From 60% of the people playing to 100%. But, yeah, maybe 1/10th that in real life.