Why Are Copy Protection Firms So Insecure?

from the just-wondering dept

It’s amazing how insecure most copy protection firms seem to be. And, by insecure, I’m not talking about how they open up security holes, but how they react to criticism. Remember SunnComm, makers of the MediaMax copy protection scheme that began the process of suing Alex Halderman for pointing out that its copy protection could be defeated by pressing the shift key as you loaded the disc? Well, now we can add StarForce to the list. We first wrote about problems with their copy protection a few years ago, noting reports that it “installs itself without letting you know (not even in the EULA), hides itself on your PC, slows down the PC, causes all sorts of other problems and errors, and is nearly impossible to remove — even after the protected application has been removed.” Basically, it’s no different than malware. Yesterday BoingBoing posted a similar story spurred on by a plan to boycott StarForce-enabled games… and the company responded by telling Cory Doctorow they were suing him (not clear for what), while also reporting him to the FBI for violating “approximately 11 international laws.” It’s unlikely (a) that they’re really doing anything or (b) that, even if they did, any lawsuit or FBI interest would get anywhere. However, it does say something about these firms and their inability to take even the slightest criticism. Why not actually respond to the critics instead of trying to threaten them into submission? The threatening, of course, tends to backfire as the Streisand Effect kicks in and more people learn about the problems the company faces (and its inability to deal with them constructively). And, by constructively, we don’t mean silly contests with conditions that are almost impossible to meet — which is exactly what StarForce has done.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Why Are Copy Protection Firms So Insecure?”

Subscribe: RSS Leave a comment
giafly says:

Copy Protection is Impossible

on current mass-market PCs and people keep laughing at authors whenever they fail. So it’s hardly surprising that some publishers react badly to the repeated jibes and criticisms.

Everyone should read Cory’s own Microsoft Research talk: “DRM systems are usually broken in minutes, sometimes days. Rarely, months. It’s not because the people who think them up are stupid. It’s not because the people who break them are smart. It’s not because there’s a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn’t a secret anymore.”

Safe&Secure says:


I’ve found a firm offering some very different copy protection for streaming content. LiveSquare (www.livesquare.com) doesn’t use the same old file-based encryption strategy that has proven itself ineffective time and time again.

They’re quietly going to make content owners very happy and would be pirates very sad.

Safe&Secure says:

Re: Re: Not DRM

You’ve obviously spent too much time with file based DRM type products. This is actually different and does actually work. LiveSquare doesn’t use any encryption or cypher crap like MS DRM, and they don’t rely on the consumer pc to do the processing or terminate the streams. Its unique, it works, I wish I had a stake in it.

Posterlogo says:

too true

The resources spent combating security researchers should be better put into creating safe, reliable software.

As for the DRM thing, it seems to me that licensing might be the way to go. If I buy a song, a game, or a movie, it might be nice if the right to use that product were somehow tied to my identity, rather than to a specific device or software. I think if people were then allowed to use that product how they wanted (guaranteed), on any device they wanted (perhaps in the future, connectivity will be so prevalent that everything can be streamed anywhere), they may be okay with not physically owning anything. This might ultimately be defeated as well (e.g. if the stream could be saved), but would no longer be interactive and have a diminished value. This requires further debate and some trials.

Anonymous Coward says:

No Subject Given

Thanks, TechDirt!

A few weeks ago my cd-rom stopped burning, for no apparent reason. Haven’t played with it much, because I haven’t really needed it. But reading up on this story, following links, led me to a list of games that have this copy protection on it… and lo and behold, I had just installed one (legitimately store-bought). In this case, Heroes of Might and Magic V. Good game, actually. Apparently, I need to figure out how to cleanse my system of this filth. But at least now, I have a clue.

Kilfire says:

Re: No Subject Given

Heroes of Might and Magic V is currently in its open beta phase. If somebody’s sold you a copy, call the police.
OTOH, if you meant Heroes IV . . . IIRC, the basic game used a different copy prevention mechanism, but the expansion packs used StarForce. If you’ve just bought an “all-in-one” edition it would come from that.
You can get a StarForce removal tool from the “Boycott StarForce” website:

A Funny Guy / The Poison Pen says:

No Subject Given

Seems to me we have laws in place that make it a felony to install software on someones computer without thier knowledge or concent. When I install a game that is what i am installing, I give no consent to install any form of copy protection that would interfere with the useability of my computer.
My suggestion to the guy who has had is computer hacked would be to read the packaging of the software and if it does not mention installing the copy protection anywhere in the fine print,

1 I would call the FBI and report a sucessful hack attack on my computer….. and goddamn the fucker that foced me to deal with Da Man,

2 I’d get me a good lawyer and sue the hell out of that company. You will definatly need a laywer that is not afraid to tell the other guy’s laywer to shut the fuck up and get to the point of explaining exactly why his defendant illegally intalled malware on a computer without the owners permission.
And no, simply buying a peice of software does not give a company impliciant permission to install a bunch of extra crap on your computer without your permission.

Doofis says:

Re: No Subject Given

Right on brother!!! If I didn?t give you permission to install stuff on my PC, then yes I would consider it Viri/Malware etc. WTF! I should call the FBI on their asses. Oh wait they are in China and Russia!


I found it on my PC promptly removed the MALWARE. To hell with the game it came on which is listed on glop dot org /starforce. I will be sending them a nasta gram shortly also asking them to stop dealing with outsourced companies in China and Russia and allowing them to install crap on peoples PCs without their knowledge. What else is this program doing and is it talking back to Mother Russia and Communist China?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...