Why Are Copy Protection Firms So Insecure?
from the just-wondering dept
It’s amazing how insecure most copy protection firms seem to be. And, by insecure, I’m not talking about how they open up security holes, but how they react to criticism. Remember SunnComm, makers of the MediaMax copy protection scheme that began the process of suing Alex Halderman for pointing out that its copy protection could be defeated by pressing the shift key as you loaded the disc? Well, now we can add StarForce to the list. We first wrote about problems with their copy protection a few years ago, noting reports that it “installs itself without letting you know (not even in the EULA), hides itself on your PC, slows down the PC, causes all sorts of other problems and errors, and is nearly impossible to remove — even after the protected application has been removed.” Basically, it’s no different than malware. Yesterday BoingBoing posted a similar story spurred on by a plan to boycott StarForce-enabled games… and the company responded by telling Cory Doctorow they were suing him (not clear for what), while also reporting him to the FBI for violating “approximately 11 international laws.” It’s unlikely (a) that they’re really doing anything or (b) that, even if they did, any lawsuit or FBI interest would get anywhere. However, it does say something about these firms and their inability to take even the slightest criticism. Why not actually respond to the critics instead of trying to threaten them into submission? The threatening, of course, tends to backfire as the Streisand Effect kicks in and more people learn about the problems the company faces (and its inability to deal with them constructively). And, by constructively, we don’t mean silly contests with conditions that are almost impossible to meet — which is exactly what StarForce has done.
Comments on “Why Are Copy Protection Firms So Insecure?”
Copy Protection is Impossible
… on current mass-market PCs and people keep laughing at authors whenever they fail. So it’s hardly surprising that some publishers react badly to the repeated jibes and criticisms.
Everyone should read Cory’s own Microsoft Research talk: “DRM systems are usually broken in minutes, sometimes days. Rarely, months. It’s not because the people who think them up are stupid. It’s not because the people who break them are smart. It’s not because there’s a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn’t a secret anymore.”
Re: Copy Protection is Impossible
I agreee. Something that seems very true to me is that software can always be beaten by software. Itunes would seem to help prove that most people will pay for something if its easy to get and it seems to be resonable priced.
I’ve found a firm offering some very different copy protection for streaming content. LiveSquare (www.livesquare.com) doesn’t use the same old file-based encryption strategy that has proven itself ineffective time and time again.
They’re quietly going to make content owners very happy and would be pirates very sad.
Re: Not DRM
Sad for a day or two. Any other assumtion is laughable (as is the notion of reliable copy protection for digital content).
Re: Re: Not DRM
You’ve obviously spent too much time with file based DRM type products. This is actually different and does actually work. LiveSquare doesn’t use any encryption or cypher crap like MS DRM, and they don’t rely on the consumer pc to do the processing or terminate the streams. Its unique, it works, I wish I had a stake in it.
Re: Re: Re: Not DRM
I’m glad you said that you don’t have a stake in them. You clearly don’t, having stated that.
The resources spent combating security researchers should be better put into creating safe, reliable software.
As for the DRM thing, it seems to me that licensing might be the way to go. If I buy a song, a game, or a movie, it might be nice if the right to use that product were somehow tied to my identity, rather than to a specific device or software. I think if people were then allowed to use that product how they wanted (guaranteed), on any device they wanted (perhaps in the future, connectivity will be so prevalent that everything can be streamed anywhere), they may be okay with not physically owning anything. This might ultimately be defeated as well (e.g. if the stream could be saved), but would no longer be interactive and have a diminished value. This requires further debate and some trials.
Re: too true
Except that what happens when the copyright expires and the work falls into the public domain? The DRM company may not even be around any more to release an “unlocked” version.
No Subject Given
A few weeks ago my cd-rom stopped burning, for no apparent reason. Haven’t played with it much, because I haven’t really needed it. But reading up on this story, following links, led me to a list of games that have this copy protection on it… and lo and behold, I had just installed one (legitimately store-bought). In this case, Heroes of Might and Magic V. Good game, actually. Apparently, I need to figure out how to cleanse my system of this filth. But at least now, I have a clue.
Re: No Subject Given
Heroes of Might and Magic V is currently in its open beta phase. If somebody’s sold you a copy, call the police.
OTOH, if you meant Heroes IV . . . IIRC, the basic game used a different copy prevention mechanism, but the expansion packs used StarForce. If you’ve just bought an “all-in-one” edition it would come from that.
You can get a StarForce removal tool from the “Boycott StarForce” website:
Re: Re: No Subject Given
I was confused. I thought I installed HOM&M V, but it was IV instead. I’m still suspicious, however, because now I don’t trust the publisher.
Re: Re: Re: No Subject Given
As well you should be. In fact, you should be wary of any Ubisoft title, since they use Starforce copy protection in many of their games.
No Subject Given
Seems to me we have laws in place that make it a felony to install software on someones computer without thier knowledge or concent. When I install a game that is what i am installing, I give no consent to install any form of copy protection that would interfere with the useability of my computer.
My suggestion to the guy who has had is computer hacked would be to read the packaging of the software and if it does not mention installing the copy protection anywhere in the fine print,
1 I would call the FBI and report a sucessful hack attack on my computer….. and goddamn the fucker that foced me to deal with Da Man,
2 I’d get me a good lawyer and sue the hell out of that company. You will definatly need a laywer that is not afraid to tell the other guy’s laywer to shut the fuck up and get to the point of explaining exactly why his defendant illegally intalled malware on a computer without the owners permission.
And no, simply buying a peice of software does not give a company impliciant permission to install a bunch of extra crap on your computer without your permission.
Re: No Subject Given
Right on brother!!! If I didn?t give you permission to install stuff on my PC, then yes I would consider it Viri/Malware etc. WTF! I should call the FBI on their asses. Oh wait they are in China and Russia!
SEE PREVIOUS POSTS ABOUT COMPANIES OUTSOURCING ON THIS SITE!!!!!
I found it on my PC promptly removed the MALWARE. To hell with the game it came on which is listed on glop dot org /starforce. I will be sending them a nasta gram shortly also asking them to stop dealing with outsourced companies in China and Russia and allowing them to install crap on peoples PCs without their knowledge. What else is this program doing and is it talking back to Mother Russia and Communist China?