Reading Aynjell's journal
Digital Rights Managament Doesn't Work
Computers have changed the way the people think. We no longer need to go to the library to research because the amount of information that can be found on the internet is substantially larger and often times more informative than any book. Furthermore, it's easier to search through with the advent of search engines, like google. Companies no longer need a centralized office; all they have to do is create a well designed web site and they can hustle their goods from there. No longer does one need to use “snail mail” or standard postal service, we have email and instant messaging! Furthermore, goods are also dealt with in a different way. If a body knows where to look, it can “acquire” movies, games, music, images, software, and even full DVDs for the price of a monthly internet service.
Publishers are aware of the mass piracy occurring each day, and in response many have included different types of protections in the medium that is used to distribute the data (usually Compact Disc) to deter the pirate as long as possible and to afford the publisher a sales window. While some of these protections last for up to 5 weeks, hackers and crackers make short work of them deactivating CD-checks as well as the other securities. The problem is, the itch of piracy hasn’t been scratched. After this "sales window" these DRM (Digital Rights Managament) schemes only serves to inconvenience users who have legally purchased the copyrighted material. The simple truth is those that want to get the games for free, are willing to wait until a crack or hacked version of the game is available online. It is my belief that those that will buy it, will buy it.
So how do these DRM's actually stop the pirate? How are the protections that exist today, effective? I don’t believe they are, and I am going to explain why. Furthermore, I am going to show you how it can be effectively implemented and even service the user.
Piracy
Pirates, they’re called; Skilled at finding anything they want for free, copyrighted or not. The worst part about it: the majority of them know very little about computers! Pirating copyrighted material is so easy anyone who has the right software installed on their computer can do it. All too many mediums exist for the pirate to sail within (pardon the phrase), all they must do is pick one: Bit-torrent, Gnutella, eDonkey, DC++, etc. etc. This list can go on for days. It’s so easy to steal copyrighted data that kids can do it from their parents computers. With the advent of high speed internet services like DSL (Digital Subscribers Line) and cable (broadband) as well as the aforementioned data transfer methods, piracy has become easier than ever. It is more or less, an epidemic.
The majority of these pirating methods are peer based – meaning that they require more people. Bit-Torrent for example, starts with one person called a seeder. When another person begins to download the file they are seeding, they become a leecher. After the leecher finishes downloading the file, they start seeding it for the other leechers. So on and so forth. It is one of the few that can effectively put flash crowds to use, let alone handle them. This system can handle transfers as large as 10 to 20 Gigabytes.
Then, there is GNUtella. It is another approach and many have found it to be the best method for pirating many small files at once (usually no larger than 300 Megabytes). But, it’s ideal for files no larger than 100 Megabytes (MB). There is usually a “shared folder” defined, which will be the folder you put files you want to upload to others in. Most if not all iclude a search utility that you define parameters to filter through files that are on the usenet. It would then go to the 10 closest computers who would then submit to the 10 closest computers and so on and so forth returning results as they are found. Then all the user must do is determine the most relevant matches and begin downloading, not too different from search engines like google.
Both of the above data transfer methods, often referred to as “Peer to Peer” or P2P for short, are fast, powerful, and a threat to the publishing world in general. The usability and reliability of both makes finding the files that the publisher does not want on the internet easier. Both are fueled by other users and require a large user base to be effective. So, if it works, odds are the authorities will have a hard time taking it down, this the reason it's so effective.
Now that one understands that finding the files is a simple task, one only needs to know how to use them. Most games that are floating around on the internet are either rips or images. While both are good for different things not all games are available in both formats. If you want small, and easily transferred (as well as easier to setup) file, you might want a rip. But, if you want the game in it’s entirety, you would go for images. Here are some in depth descriptions of each:
Images, usually are a pair of files used to define the contents of a CD. These “images” are perfect for transferring the entirety of a game from one person to another and can be used with CD burners to make 1:1 or verbatim copies of the original CD, or can be used with software device emulators (programs that make the Operating System and software believe that there is another drive, usually CD there). You can then mount an image file onto one of these emulated or virtual drives and voila! You don’t have to worry about CD checks because your computer thinks you have the CD!
Rips, are another story. They are actually an archived folder (usually the game folder) stripped of non important files and hacked so that these files aren’t needed. Usually hackers remove game music (remember, the average pirate has several gigabytes of mp3’s and can listen to his or her own music) and or subtitles. These rips are then archived using applications like WinRAR or UHARC, which compresses the data to a fraction of it's original size using an advanced algorithm. These “rips” usually come with automated installers that make the setup experience painfully simple. The result is a pre-cracked fully playable game with an installer and no hassle.
Of course, there are other resources to the game pirate. For example, when one uses image data as describe above, what they get is the actual game. No cracks are applied. So, one would usually need something called a no-CD crack, or a file that is purged of any protections. Once attained, these files then replace the corresponding file (usually of the same name, for example a cracked halo.exe would go in your Halo: Combat Evolved folder to replace the existing halo.exe) making the game playable without CD. As to whether or not CD cracks themselves are legal is unknown, but several large host sites carry thousands of these cracks and receive no legal threats whatsoever.
Also, there is the keygen. A keygen is a utility designed to produce a working serial code for a program. The resulting serial can then be used to authenticate the program. Most games that a pirate copies will need one of these. They are small, easy to find, and work almost all the time. Together with a CD crack, they can produce a fully playable game.
There is usually one exception to the playability to these games: Most of them can’t be played on online servers. So, games like Unreal Tournament 2004 can only be played at home, perhaps with friends on a LAN (local area network) but never on the server lists. Some games can be played online using online cracks (usually cracked for no-CD as well) but most of these have to play on servers operating with the same crack. Of course, this is the only area that is truly off limits to the pirate. Most online servers check to see whether or not a key was actually sold thus verifying whether or not the user might be a legal owner.
So as you can see, cracking a game for complete usability is quite easy, barring online play. Despite copyrights, pirates play illegal copies of games on a regular basis. Furthermore, legal owners even use many of these cracks, like the no-CD crack for instance, because it enriches their play experience. It makes it so the user no longer has to swap CD’s when they switch games, and it has been proven that these cracks slow games down. One game in particular, Half Life 2, when cracked plays up to 15 % faster. On some computers, that can determine whether or not the game is even playable. But why would a publisher continue to include protections in their games that never work, when all they do is reduce the quality of their product and detriment the users experience? Let’s explore that:
Digital Rights Managament As it stands and Why It Doesn't Work
Many different protection schemes exist today. Most of them involve the data CD that the software comes on, and none of them are convenient. However there have been many since the advent of DRM. Some have come and gone, most because they weren’t sophisticated enough. I want to explain a few of these copyright protections, as well as why they are flawed.
A long time ago, there were manual look ups, which require you to check the manual that came with the game to respond to a challenge made by the software when put into runtime (or when a program is used). It asks the user to return some information based on the content of the manual. For example: "What is the third word in the fourth paragraph on the 12 page of the user manual?" This died a long time ago. As to whether or not it was too inconvenient or whether it was outdone by CD based protection is unknown. I would daresay it was way too inconvenient, but by today's standards, it's rather barbaric.
Then there was the dongle. It never saw too much use in the desktop world (most used in the server realm). They were a piece of hardware that you had to attack to your computer in order to make the software work. Most of these weren't obtrusive and provided a plugin ready for use with another piece of equipment of the same kind. So, it didn't get in the way, but it was a very primitive approach. This form of protection was so out of the way that it was reserved for high end, high price software (price being in the range of 2000$ or so).
Now, the latest of protections is the CD check. All it does is make sure that one has a CD before allowing use of the software. Of course, this means that the computer must have access to the CD. It's usually defeated by having an image of the CD mounted, but this is inconvenenient because the user must keep files up to 700 Megabytes in size on thier hard drives. If you ask me, it's no better than a dongle, and it is every bit as inconvenient/barbaric. As a user, I can understand a company wanting to make sure that I have a legal license for the software, but there is no reason to have me prove every time I run the game, thus the advent of the no-CD crack.
The big problem with most of these schemes is that if a user loses that particular item (dongle/cd/manual/etc.) they, for all intents and purposes, lose their rights to the software. How is that good business practice? I can understand the threat of privacy, but shouldn't economic decency come first? There should not be any case where a user loses his or her rights to an accident. Furthermore, companies shouldn't be apathetic about it. I can understand if the entirety of the product is lost [serial/license documentation/installation medium/etc] but if any one of these peices is lost, it shouldn't be lost permanantly. Sadly, a serial is hard to recover if lost. Though, I have found a method that makes it possible.
Another means of protecting copyrighted data has recently arisen, but doesn't protect games, but rather music CD's. Key2Audio, a recent implementation of audio data protection has gone so far that the CD's "protected" by it, can't be used on a computer. It uses a driver that is automatically loaded from a CD when it is insterted. It has also been shown that Macintosh iMacs can even stop working and require repairs to get them back to an operational state (This copyright protection is defeated by holding the control key when the CD is loaded, at least in windows). Why should anything meant to keep pirates at bay detriment honest users to this severe an extent? It shouldn't; no way, no how. Sadly, piracy has driven the publishers to this.
As you can see, DRM is one problem/user-disadvantage after another and doesn't even accomplish what it was intended to. Why are we still going this route? Obviously a new methodology needs to be met. But what?
Possible Alternatives
First and foremost, the copyright is a dated medium for sharing original work. In fact, the only true advantage it has these days is stopping other coporate entities from using their software in other products. Many have realized this and in their frustration created what is sometimes called the copyleft. It is broadly referred to as Open Source. Whole operating systems (Linux, BSD, Hurd) have been built on this as well as software that can be used within said OS 's(operating systems). They, are highly productive, and grow at a faster rate than most corporate software. They are more secure, and comply to standards better than anything on earth.
How does Open Source Software (OSS) work? OSS is simple and can be described broadly as "akin to the golden rule." If you are to acquire anything released as open source, you may share it amongst your peers, modify it, and even obtain profit by doing so if one sees fit. How do you ever make any kind of profit off of data that is freely distributable? Many companies make hundreds of thousands of dollars a year selling open source software to large scale corporate entities as well as services like phone-assistance (Red Hat Linux) and or software distribution utilities (Linspire Linux). Both of them are financially fit and show no signs of any kind of deformation.
Open source is best seen in any light other than capital green. It is meant to induce development, user input, and security. However, these benefits make fine selling points. Most open source software is virii (virus) free. The very best example is the open source operating system Linux. Virii is unheard of whereas corporate software like Microsoft's Windows is a prime target for any virii that can be had on the internet. But, Open Source isn't a cure-all, no not at all. It has some disadvantages such as the lack of corporate strength and or security. It's much harder to sell a product that anyone can sell. And Open Source is anything but copyright protection. It is the complete and total opposite, but strangely enough, it is a powerful software license and is used time and again for private projects.
Of course, there is also the fact that software publishers can only do what they can. It is impossible to implement user side security unless a company were to cast aside legal obligations. Server side security (as described above, a user with a pirated game usually doesn't have a legal license, and theremore can't use an online game server) on the other hand is more times than not effective, and doesn't inconvenience the user in any way. In fact, I still haven't seen a server side security system fail me. If that is any indication to the effectiveness of server side security, then I don't know what is. It blocks what it can, and only that. As described above, online servers check to determine whether or not a user is a valid license owner before allowing them to browse the server list. So, server side security is the cheapest, most effective means of implementing security without inconveniencing the user. Becuase the simple fact is, you won't be able to stop a man from letting his freind install a game with his CD because no-CD cracks are so simple to make it baffles the mind.
It would be adventageous to include a service online for the user base. This service can replace data and or materials at no cost if lost or other wise found unusable. This would require that the user submit their serial for storage purposes as well as verifying that the user is in fact, a legal customer (the submitted serial can then be retreived if it is lost via a user submission). This is good in so many ways and can be offered as a voluntary service (to mandate it could seem a bit inconveneint for non-internet customers). This is a method of server side security but it actually helps the user. Using this with games has a definite advantage because a company as I've stated time and again, can't implement user side security ( it gives hackers access to the security data ) but server side security on the other hand, is near impossible to crack and offers a much larger sales window without inconveniencing the user.
Plus, there is the matter of the serial. If one were to include a serial of immense size (60 characters or so) and only have the check argorithm online, a company could effectively remain uncracked for years! No more 5 week windows, how about a 5 year window? The large size prevents a user from determining the algorithm by using multiple examples, and the server side check prevents the hacker from obtaining the original algorithm. This solves many issues, and doesn't attempt any beyond the current technological scope.Perhaps, if internet were more commonplace, we could implement something like this for the single player experience, but until then, we can only do what we can.
Conclusion
Digital Rights Managament is a touchy subject, and has several veiwpoints to consider. You have the publisher who is only trying to keep the greedy pirate from stealing their work, and you also have you ordinary weekend gamer who has a tendency to lose his CD/manual or other required item. How can we find a happy medium that satisfies all people on all ends?
If one were to consider this as I have, they'd only find that one true method existed (providing they only attempt to solve what they can):
Server-side security that involved a key-check (for increased security, have the keychecking algorithm server side, making it near impossible for hackers to crack)and have the serial (key) be several characters long. Then offer a system for users to reclaim lost materials as well as claim distinct ownership of a license. Plus if you have the user create an account with a password that they can use to log into the online servers as well as complete transactiosn with the online host. This would protect users and companies, plus, it doesn't actually require users to have an internet connection because it's entirely voluntary. That would be the ultimate in protection. Stopping only what it can, and providing a keen user experience as well as a certain level of insurance. The attitude of this protection scheme is the ideal part. While my proposed scheme may be flawed, it's the attitude that counts:
Stop what misdeeds you can, and provide a keen user experience; inconvenience is out of the question. Which is exactly what needs to happen for the computer gaming industry to grow and become a happier experience for the user, after all games are supposed to be fun. Why should setting them up be a torurous experience? I leave you here. With the info you have on how effective the pirating community is, and how inneffective user side security is, why should it even continue on? The world has evolved around it. Isn't it time for the next step? As you can tell, I've made my decision.
I should be ashamed of myself.
This post was edited by Aynjell on Feb 09, 2005.
I agree with what you say about copied games etc, but how do you expect people to fork out £40 a game? I mean if they don't want people copying games should'nt they be cheaper to buy?
There are some shop's that sell pre-owned games, yeah what a wonderful idea, take your games there but keep the copy on your PC with the original key code and a no-CD crack. Then nine times out of ten the shop wont take the game back!
I usually download full games to see if there anygood before i go and blow £40 on it, because half the time the demo that are provided are rubbish and are full of bugs. So i'll stop downloading games when publishers lower there prices!
You do realize average development cycle nowadays spans several (surveys have shown roughly 3 years), and costs have exceeded 50,000,000. 50 dollars to play some of the latest games is a steal my freind. I'd play twice that for Doom 3. :D
I should be ashamed of myself.
Home
News
Forums
Journals
Help
Login
Register
Page user
Please read and understand our Use Agreement. NetAlive is a registered trademark of NetAlive, Inc. in the United States, used by permission.
RSS 0.91 Newsfeed of new topics is available, updated once every hour.