Skidrow, a group of software hackers, announced today that they have successfully hacked Ubisoft’s cutting edge PC DRM scheme.  Ubisoft recently upped the ante in the piracy game when they rolled out new titles like Assassin’s Creed 2 and Splinter Cell: Conviction with harsh copy protection.  This latest round of DRM forces players of affected games to maintain a stable connection to the Internet the entire time that they are playing.  Failure to maintain a connection results in the player being booted out of the game (back to the title screen), potentially losing any progress that they had made.

As a professional software developer, I am acutely aware of the need for companies to make a profit; after all, without paying customers people like me would quickly find themselves out of a job.  Unfortunately video games developers – Ubisoft is only the latest offender – take the war on software piracy to an unacceptable level.   Invasive and punitive DRM schemes are part of the problem, not the solution.

DRM is an arms race between game developers and software hackers.  Every new protection that is rolled out is greeted with open arms by the hacking collectives; these people adore a good challenge, and receive an amazing amount of gratification by unraveling the puzzles that new DRM schemes provide.  Given the level of sophistication and dedication that hackers possess, creating harsher and harsher DRM will never result in an un-pirateable game, and will only hurts paying customers to a greater and greater degree.

Appropriate Copy Protection

Don’t get me wrong: I’m not saying that games developers should scrap copy protection altogether – in fact, I believe that all commercial software should be built with piracy deterrence in mind.  However, I assert that developers and publishers should only utilize enough DRM to prevent casual piracy, and should consider theft by pirates to be an unavoidable side effect of the business that they are in.

Appropriate copy protection should consist of measures that are enough to stop Joe Average from giving away free copies of his legally purchased games to his friends and extended family, but not so much that honest paying customers are negatively affected.  The presumption of guilt should be removed.  By way of example, retail outlets don’t pat down every customer looking for stolen goods as they exit; instead they deploy employees and cameras intelligently to keep watch on their stock.  This is enough to deter most people from stealing, however loss is expected as a cost of doing business.  Software should be no different.

Because Ubisoft has so blatantly crossed the line between acceptable and offensive DRM I am keeping my fingers crossed that Skidrow’s announcement is legitimate. With any luck the outcry from paying customers combined with a solid hack will force Ubisoft to release a patch to disable the offensive copy protection, and convince them to abandon the scheme for future games.

23 Responses to “I’m cheering for the hackers on this one”

  1. darksend says:

    As much as I love the splinter cell and ghost recon series I will never be buying another ubisoft game, and I supposed I should correct myself because that implies I will be downloading them, no I will simply go without those 2 franchises.

    And while I would not do this, policies like this make more people pirate the game.

    from a friend of mine: I will not buy any Ubisoft game until they deign to stop treating me as a criminal from go. and he linked this for comedic value http://i45.tinypic.com/2062dna.jpg

  2. Derrick says:

    Absolutely. I find it endlessly amusing/depressing (I don’t really even know which anymore) that so many software developers can be so unbelievably, earth-shatteringly stupid. Copy protection – no matter how severe – will only ever prevent piracy on a casual level. No matter how strong it is, it’ll be broken in no time at all. This has proven true since the very first copy protection schemes started, and it’s still true today, without exception.

    Thinking you’re clever enough to outsmart an effectively limitless pool of people working for free – and driven by challenge – when they have full, complete access to your software? They WILL win.

    So, the moment that your copy protection scheme impacts legitimate players, you lose money. Some will just download the title rather than buy. The more invasive the scheme, the more people will pirate.

    I know I personally *will not* pay for software with invasive DRM. And as I have no moral qualms against pirating software I won’t buy, I’ll just download the fixed version and go on my merry way. Even if companies found a way to prevent me from downloading cracked versions, I’d *STILL* never buy invasive DRM locked titles on principle. The interesting point here is that I regularly purchase games. I like to have the ability to reinstall and play again later without hassle, update freely, etc. I spend a great deal of money on games and gladly so – I want to support the developers of software I like.

    This shows on my iPhone, It’s jailbroken, and I’ve pirated almost ever app I’ve used. But there are NO pirated apps on my iPhone: I just download to try, as there’s so much chaff on the market and app store descriptions are terrible… but ever app I actually use? I dump the pirated version and buy it. Free, instant, no-nonsense updates alone is a good selfish reason, aside from supporting the creators of good software.

    I get that software needs to have measures to – as you say – prevent willy-nilly casual copying. I’m fine with that. CD Keys? Sure. No problem. Requiring me to have the CD in the drive? Well, I’ll still buy it(It’s not terribly unreasonable), but I’ll crack it immediately because as a rule of thumb I don’t even bother having cd/dvd drives in my computers anymore, I just store the discs in boxes and leave a USB drive in a drawer. Thankfully, Steam and D2D have made that pretty much a non-issue.

    Ubisoft, though… no. So long as they have that DRM, I will not purchase those games. Hell, I often game on the road, without an active internet connection. I’m sure as hell not using my iPhone’s data plan just to satisfy Ubisoft’s idiocy! Buying a single player game I can’t play without an active internet connection is just ridiculous.

    • Tesh says:

      “Buying a single player game I can’t play without an active internet connection is just ridiculous.”

      That’s what Steam does to me far too often. It won’t let me run in friggin’ *Offline Mode* if it can’t connect to the internet and update itself. I turn to Good Old Games (gog.com) for great online gaming purchases.

    • Derrick says:

      Strange. I use Steam extensively, and I *always* play in offline mode. To the point where I only rarely connect to their servers at all, just occasionally to check for updates and see if any interesting sales are happening.

      I’ve never, ever had Steam fail to launch one of my games in offline mode.

  3. PeterD says:

    Well, I would never cheer for hackers, and I tend to disagree with most of the internet’s sentiments on this one. First of all, hackers like this are criminals. Supporting criminals who justify themselves in this way is very immature.

    When I was 15, I derived a perverse pleasure from breaking copyright protection on games. It was more fun for me than playing the games themselves, because it was a “real life” challenge, as opposed to the simulated challenge of the game. And I was just a stupid kid :) My mentality was arrogant-smart-loner-geek-I’m-smarter-then-professional-software-developers-because-I-hacked-their-protection. May me feel great inside the privacy of my own immature mind. I have, of course, thankfully left that mentality a long way behind. But this IS what were dealing with in groups like skid row. They remind me of aging hippies these days, taking a form of geek-LSD to get high one more time. Isnt there something a little undignified about them?

    Now, down to the actual issue – the allegedly obnoxious copy protection. Sure people dont like it, but I know for a fact that many of the kids I’ve seen compain in public happen to be hard-core online game addicts (wow raiders etc), devoting 30+ hours a week to their online addiction. Their argument against having a patchy internet is entirely disengenous. They just dont like the idea, and jumped on an internet band wagon flamefest against ubisoft. Why? for the fun of it, why else? It’s not a real argument and never was.

    Most people actually dont care. They just play the game.

    I was initially hesitant to play ACII myself, but in the end, I read so many positive reviews that I bought it and played it. And it is a wonderful game. Truly excellent. Restrictive DRM? DIdnt even notice. Never got disconnected, played all the way through to the end. Most of the kids who’ve posted in these DRM rants recently have rock solid internets too. We all know they do.

    I guess my overall comment is that those of us who are more mature should find more reasonable ways to campaign for changes to allegedly restrictive DRM policies. Including proving why its restrictive. “BAH I DONT LIKE IT MOM!!!!” is never going to mean a damn thing to any developer that makes games as excellent as ACII.

    For many years now, I’ve never been a follower of beleagured underdogs, like hackers. They’re not sticking it to the man, and they’re not acting responsibly. They’re just acting like I did when I was 15, albeit much more publically.

    • Andrew says:

      Peter – first, thanks for writing – I always enjoy an opposing point of view! Now on to some counter-points:

      First of all, hackers like this are criminals. Supporting criminals who justify themselves in this way is very immature.

      Actually, modifying software that you have legitimately purchased is not a crime in and of itself. Redistributing software, on the other hand, is the criminal part of the endeavor.

      It’s the same sort of phenomenon as many activist groups who set up protests. Being a member of one of these groups is not a crime, however if you participate in a rally that turns violent and trashes a few store fronts than it is criminal.

      Now here’s the thing – I don’t support pirating software and I don’t support violent activist groups (or really any activist group, to be fair). I DO, however, acknowledge that sometimes their less than savory methods can sometimes lead to positive change. This is one of those rare occurrences.

      I was initially hesitant to play ACII myself, but in the end, I read so many positive reviews that I bought it and played it. And it is a wonderful game. Truly excellent. Restrictive DRM? DIdnt even notice.

      A personal anecdote is not proof positive that DRM of this nature is not harmless. In fact, two minutes with Google will find you a plethora of people who have had far less enjoyable experiences with Ubisoft’s new protection scheme.

      It would be wonderful if we could claim that all consumers have access to 24-7 rock solid Internet connections, but that’s simply not the case. I had massive problems with my Internet a year ago, and for a few weeks couldn’t maintain a stable connection for more than ten minutes – this made it impossible for me to work from home since I required a VPN connection; likewise if I was playing AC2 I would have been constantly booted to the login screen. Thankfully I fixed my connection problems by switching providers, however the experience made me acutely aware of how faulty an assumption it is to state that all players have perfect Internet connections.

      I guess my overall comment is that those of us who are more mature should find more reasonable ways to campaign for changes to allegedly restrictive DRM policies.

      Consumers do this all the time already: we vote with our wallets, and do thinks like down-rate games on Amazon when they have punitive DRM. (Think Spore). Unfortunately this is rarely enough to convince developers to abandon offensive DRM – it takes someone proving that the system is faulty to ultimately force developers to rethink their protection.

      If software developers want to encourage more sales of their games they would be well advised to stop nailing honest customers with harsh DRM and instead lower the base costs of their games. It has been proven time and time again that lower prices increase game sales far in excess of the amount “lost” by the price cut. Just take a look at Steam if you want rock solid evidence of this – buyers flock to the cheap games in droves there.

      • darksend says:

        Just take a look at Steam if you want rock solid evidence of this – buyers flock to the cheap games in droves there.

        While not untrue as Derrick said part of the appeal of steam (and D2D) is that 1) you do not have to leave your house or even your keyboard if you keep your wallet near your computer and 2) you do not have to worry about losing the CD and not being able to play anymore.

        • Derrick says:

          Absolutely. I tend to cycle through games – I rarely play through any given game more than once in a few years, but I’m continuously loading up old games to play them again after they’ve sat away for a few years. I still have some of my *really* old games, such as Ultima 1 through 6 (and I’ve still got the now heavily tattered cloth map 6 came with!), but unfortunately I’ve lost a lot of games over the years, and have to download them to play them.

          Steam helps me avoid that. I never need to worry about the physical media, and while I can’t always garauntee I’ll have an active internet connection it’s pretty easy to drag my PC to a friends house if absolutely necessary to install a game if I’m going to be without for any length of time.

          @PeterD:

          In regards to internet connectivity, I really can’t agree with you there. Certainly, a lot of people do – a majority of the people you’ll find commenting on online forums, of course. But don’t think those people are the majority of the players. Vast numbers of players never look at online gaming news/forums/what have you, let alone comment on anything. It’s not at all unusual for people to have sketchy internet connections – particularly in very rural areas. You can have an “always on” connection, but it’ll drop briefly at random intervals and that’s pretty much normal.

          Also, not everyone games at home where they have an internet connection. Mobile gaming is a wonderful thing! Or, hell, my current situation: I’m moving, and there’s going to be a delay in getting my internet service set up at my new residence, AND I’ll be moving later than was originally intended. My internet service at my current residence will be shut off on the 24th, but my new on won’t be starting until the 3rd. If I’d bought Ubisoft’s games, I’d be unable to play during that week+… when I’d want to the most, as I lack internet (and, incidentally, cable too)

        • Andrew says:

          In PC gaming, direct downloads are where the majority of games are purchased now – a look at your local video game retail outlet will prove that.

          What I’m getting at is that if developers want to increase sales revenue on their titles they should lower prices. It’s pretty basic retail theory: if you lower the price then far more people will buy the games; the “loss” incurred by the lower per-unit price will be more made up by volume of sales. (This is enhanced by “limited time” offers.)

  4. Ampzilla says:

    I have to admit I was at first sketchy to agree with the “cheering for the hackers” statement. Peter make some fantastic points and I can understand while it’s not illegal it is still immature in some respect.

    The real sticking point as funny as this may seem though is the joking picture posted by Darksend. This is 100% true and almost mimics the issue albeit in a different form that innocent customers are faced when using software with ‘harsh DRM’.

    I’m curious though – in terms of “innocent until proven guilty”; what are some ways software companies can nail ‘you’ after you pirate and play? In other words, rather than a exit to the log-in screen when the internet connection goes out how about when the connection is online everything is fine (with periodic connections that first test for the connection and two transmit unique information that identifies the legitimacy of the software), when the next periodic connection does a test and nothing is received, the game doesn’t exit to the log-in, but it’s logged. Than perhaps a 3 strikes and your out policy or something else I’m not thinking about comes into play?

    This way the customer that’s not doing anything wrong isn’t hassled.

    Although now that I’ve typed that out I wonder how the current DRM works and what steps the hackers had to take to hack it. Maybe my idea is fruitless because of some underlying flaw, because I’m not ‘thinking’ like a hacker; however, my point is – what are some less invasive alternatives that are still hard to crack?

    • Derrick says:

      How could they possibly “nail” you after you pirate and play? I’d assume you’d get a hacked version of the game that no longer “phones home” (or just block it with firewall software) and voila.

      “This way the customer that’s not doing anything wrong isn’t hassled.”

      Dangerous words. Schemes set up this way, in all sorts of fields, often go horribly wrong. “You shouldn’t object to random police body searches if you’re not doing anything wrong” etc. The problem, of course, comes in with false positives. The game misreads something weird about your system, reports itself as pirated (which is silly, as any proper pirated release would never report at all) and you get “outed”(whatever that means). Sure, you *may* be able to get things straightened out, but you’ll have been more than hassled.

    • Andrew says:

      There have been some great examples of anti-hacking mechanisms that don’t burn valid consumers. Here are a couple:

      - Detect hacked versions & ban pirates from multiplayer. XBox did this to millions of people recently, but by “phoning home” a PC game could do the same. The only way around it is to play totally offline – you wouldn’t want to force paying customers to validate with a server when they fired the game up.

      - “Break” game mechanics when pirates detected. Batman Arkham Asylum did this. Certain abilities were disabled in hacked versions, and pirates ended up being unable to progress after a certain point.

      I’m sure there are more. The basic premise involves the game being able to detect when it’s hacked (which IS possible) and respond accordingly.

      Now – even then hackers can eventually get around these limitations, but they require a lot more work. The simple fact is that DRM will NEVER be bullet proof – hackers WILL crack your game – it’s an arms race that developers cannot win.

      With this in mind, don’t screw paying customers…. just try to prevent casual piracy, and concentrate on making a great product. Price reasonably if you want to boost sales.

  5. Ampzilla says:

    Oops – also, are you eating your words about Game 5 Andrew? Pens better take it in six, or else!!

    • Andrew says:

      Oh man. I hate having hope. HATE. The worst part was that I had to go to bed after the first OT period….. 5:30am comes too bloody early for me to watch a game all night.

      We’ll see how tonight goes….

  6. Derrick says:

    Last comment, I promise!

    “what are some less invasive alternatives that are still hard to crack?”

    The issue here is “hard to crack.” That’s the PROBLEM. Hackers are encouraged by challenge. No matter how difficult you make it, your game absolutely WILL be hacked. And it’ll happen fast. All the increased difficulty means in reality is higher costs for DRM development which translate directly to increased production costs. No piracy is avoided as compared to easy to crack copy protection.

    In short: With today’s internet, as long as one hacker can crack your game (and one always can!) it doesn’t matter how hard it was because he’ll distribute the crack to everyone else. So, you may as well use cheap, easy to crack DRM that just prevents (as Andrew noted) casual copying between friends and take the fun and challenge away from the hackers and win back some consumer good will. Piracy is utterly unaffected by DRM schemes.

    • darksend says:

      Great points. I had failed to actually consider how much money/time/etc Ubisoft put into making such a complex DRM, and yet for all that money they spent, they drove people away from even buying it in the first place because we hate being treated like criminals, and it still got hacked.

      So in the end they lost 2-fold by spending more money on something like this.

      I do wonder if that would really happen though if everyone just made dirt-cheap DRMs, would hackers really get discouraged by lack of a challenge or would more people being to try and hack it because it is so easy. Either way less restrictive DRMs would definitely go a long way to restoring customer support, I hate being treated like a criminal when I was one of the people (rare in today’s marker) who actually bought it.

  7. A bit late here, but here’s a bit of perspective.

    Ultimately, cheering for the hackers is a destructive philosophy. While you might hate the DRM (I prefer the old skool term copy protection), the better outcome is that people don’t buy the game and don’t pirate it. If a big franchise like Assassin’s Creed doesn’t sell well despite marketing, that’s a big wakeup call that the copy protection went too far. The best solution is to have people contact Ubisoft to make their displeasure explicit. Having people crack the copy protection really only makes the business people work to harder. Really, the reason why we have “must be online all the time” copy protection is because the “check serial number upon installation” copy protection didn’t work, which came about because the “must have a CD in the drive” copy protection didn’t work, etc. It’s an escalating battle and game developers aren’t going to relent just because the system gets cracked. No big company is going to say, “Oh, people cracked the copy protection, might as well release our games without annoying protection!” Really, all this does is allow people to now pirate the game and not pay for it. While I may not be a fan of big, corporate developers, it’s not right for people to steal the game.

    Don’t get me wrong, I don’t want this type of invasive copy protection to become the norm. On the other hand, I can face reality and understand that you can’t just keep developing games without enough revenue coming in. I know I’d be better off if more people would support legitimate development rather than engaging in piracy, theft, copyright infringement, or whatever term makes you the happiest.

    A few other points to note. The typical explanation for copy protection is that it’s not intended to stop copies completely, it’s intended to halt casual piracy. Most copy protection is going to be cracked eventually (the software is in the hands of the enemy and all that), but if they can stop you from simply creating a few copies for your friends, that will most likely increase sales.

    The other thing here is that most of a games sales, particularly for PC games, happens in the first few months of release. If this crack didn’t happen on launch day, then it almost certainly did increase sales from people who can afford the game and don’t want to wait. That’s probably a non-trivial number of copies. So, really, all this crack proved was that no copy protection is eternal, but this almost certainly did help despite all the people cackling manically that the copy protection was eventually cracked.

    • darksend says:

      The other thing here is that most of a games sales, particularly for PC games, happens in the first few months of release. If this crack didn’t happen on launch day, then it almost certainly did increase sales from people who can afford the game and don’t want to wait. That’s probably a non-trivial number of copies. So, really, all this crack proved was that no copy protection is eternal, but this almost certainly did help despite all the people cackling manically that the copy protection was eventually cracked.

      All I can say to this is, I would have bought splinter cell, and later ghost recon when it is released, but I did not/am not because I am boycotting ubisoft. So was it still worth it even if it was not cracked on day 1?

      • PeterD says:

        Well a lot of people online have claimed to have boycotted on principle, and that’s their choice. Did these principled boycotts really make a dent, and did Ubisoft listen to them? I doubt it. Disagreeing on principle without argument doesnt carry much weight to them.

        Agreeing with Brian on this: what they need is formal, well argumented feedback about the DRM. As a corporation, they are trying to protect their investment. Any of us with strong opinions that they’re doing it wrong: what would we do instead? And what’s our background? Are we senior managers at large software companies who’ve done it better, and do we have the track record to prove we know better than them?

        As a veteran of the infamous warcraft offical forums, I’ve seen individuals raise themselves to the level of professional game designers all the time, and you see most of their arguments fail. Logical arguments, not self-righteous anger, contribute the most. Or… check out the people who hate Apple on priniciple. Closed system… Apply reject or allow on a whim… no Flash support…. However Apple is one of those companies that professional investment managers look to lead America way out of recession, so successful have they been in the last year.

        We’ll have to look at Ubisofts sales figures, hopefully available later this year, to be an objective picture.

        Final note: Ubisoft seem like a great bunch of people to me. They made several great games that I’ve really enjoyed. They even sent me a free unlock code for a few extra missions in ACII, to make up for the inconvenience I may have suffered on day1, when their servers were brought down by a (self-righteous) DOS attack.

        • Andrew says:

          I’ve already stated what I’d do differently: employ only enough copy protection to stop casual piracy, and decrease game pricing (and/or have aggressive sales).

          My background is software development, and I helped implement copy protection on an API my company wrote at my last job.

          I will, however, take your comments about feedback to heart an notify Ubisoft that until they back away from this DRM I’m not buying any of their games.

    • Andrew says:

      Brian:

      While you might hate the DRM (I prefer the old skool term copy protection), the better outcome is that people don’t buy the game and don’t pirate it.

      For this to be effective, PC developers/publishers would have to be willing to seriously consider the notions that lower than expected sales can be attributed to something other than software piracy. Sadly this has never been the case – most PC developers use the fallacious assumption that every pirated copy of a game directly resulted in one lost sale.

      It’s an escalating battle and game developers aren’t going to relent just because the system gets cracked.

      I agree that it’s an escalating battle, but it is one that the developers cannot win no matter how much money they pour into copy protection, and no matter how draconian the restrictions are that they place on honest customers. It’s a lost cause in the PC world. Copy protection will fail.

      While I may not be a fan of big, corporate developers, it’s not right for people to steal the game.

      Please realize that I am not condoning piracy of software – as a software developer I’d have to be insane to do so. What I am doing is taking the very pragmatic stance that software will be pirated no matter what, and thus honest consumers should not have to be forced to suffer in the name of achieving victory in an unwinnable battle. And minor wins along the way are phyrric as they destroy consumer good will.

      I know I’d be better off if more people would support legitimate development rather than engaging in piracy, theft, copyright infringement, or whatever term makes you the happiest.

      This argument, however tempting, is usually grounded in faulty assumptions. That said, I’d be interested to see some hard numbers supporting your assertion. My mind is always open to differing opinions, and solid proof that I’m wrong would go a long way in that regard.

      Most pirates would NEVER purchase the vast majority of games that they steal because they are more collectors than consumers. (I had a roommate like this – pirated everything, played almost none of it). There is another segment of pirates who treat illegitimate copies of games like demos – and some of them actually buy the game if they like the stolen version. Perhaps there is even a segment of pirates who would buy every game they pirated if developers magically came up with an uncrackable scheme – but they would be a tiny, tiny majority.

      If this crack didn’t happen on launch day, then it almost certainly did increase sales from people who can afford the game and don’t want to wait. That’s probably a non-trivial number of copies.

      You’re correct in this one unique instance. Since the mandatory Internet DRM was a new system, it took far longer than usual for hackers to unravel. SecuROM was the same way – it took a bit of time to break. However now that the system has been hacked once it will (probably) be business as usual again. In most instances hacked versions of games are available BEFORE the game is even officially released – just another way that honest paying customers get the shaft.

      Games developers need to accept the inevitable and stop hurting their loyal customers and fans. Appropriate DRM should be used – as I said…. just enough to stop casual piracy.

  8. Andrew says:

    I just stumbled across this stroll through copy protection methods of days gone by:

    http://blog.hardcoregaming101.net/2010/04/distrust-your-customer-then-and-now.html

    Fun stuff.

  9. [...] Goodwill is a currency, albeit a fuzzy one, and managing it can be the backbone of a company’s health.  Daniel James of Three Rings (Puzzle Pirates) has argued that love is the heart of modern game sales in this article that I’ve cited more than once for good reason.  (Tangentially, Mr. James was also writing about DRM, and for one great example of how DRM affects goodwill, need we look further than Ubisoft?) [...]

Leave a Reply

(required)

(required)

© 2004-2010 - Systemic Babble is created and maintained by Andrew Anderson. Suffusion WordPress theme by Sayontan Sinha