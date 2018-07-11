Latest Denuvo Version Cracked Again By One Solo Hacker On A Personal Mission
Denuvo is... look, just go read this trove of backlinks, because I've written far too many of these intros to be able to come up with one that is even remotely original. Rather than plagiarize myself, let me just assume that most of you know that Denuvo is a DRM that was once thought to be invincible but has since been broken in every iteration developed, with cracking times often now down to days and hours rather than weeks or months. Key in this post is that much if not most of the work cracking Denuvo has been done by a single person going by the handle Voksi. Voksi is notable not only for their nearly singlehandedly torpedoing the once-daunting Denuvo DRM, but also for their devotion to the gaming industry and developers that do things the right way, even going so far as to help them succeed.
Well, Voksi is back in the news again, having once again defeated the latest build of Denuvo DRM.
This week, Voksi announced the passing of yet another milestone, one that’s bound to disappoint the people at Denuvo. After sinking endless hours into what he openly admits is a personal grudge against the company’s technology, Voksi revealed that its latest v4.9++ protection had fallen. Speaking with TorrentFreak, Voksi says that after tackling previous versions, a little while back he began dissecting the newer 4.7/4.8 builds (not official Denuvo versions but a numbering system used by the cracking scene).
“Man, it seemed impossible back then. The obfuscation was insane, I had no idea what to do. So, over the next two months, with little breaks from time to time, I was analyzing exactly how [Denuvo] does those hardware checks,” he notes. “Then I tried my tricks for 4.7 on 4.8, but something wasn’t quite right. It was way more obfusticated and had some strange patterns and I couldn’t figure out why it was like that. Soon enough though in June things started to change.”
Now, while we generally dislike DRM here at Techdirt, we're not in the business of cheering on a crack-artist defeating any particular DRM. What is right in our wheelhouse, however, is discussing the overall impact of DRM and its effectiveness. We've spent hundreds of words already pointing out that this is an arms race every DRM maker loses, with Denuvo in particular falling at a rapid pace. With that in mind, we've wondered aloud why game companies even bother with any of this DRM nonsense, when they instead could be connecting with their customers and giving them real reasons to buy with innovative business models and engagement.
But this point must be most evident when it's noted that Voksi, a single individual, has nearly brought Denuvo to its knees as some insane sort of solo project.
What comes next for 21-year-old Voksi remains to be seen but given his determination, other games are probably being worked on right how. He says that several other titles use 4.9 or 4.9++ protection so it’s possible he’ll have more surprises in the days and weeks to come.
“In the end, it might take some more testing and test cracks, but I’m very happy to announce that I won’t stop until we are Denuvo Cancer Free from all games,” he concludes.
Whatever you might think of Voksi as an individual or DRM and game-cracking in general, what should be immediately apparent is that relying on DRM that is vulnerable to one 21 year old with enough motivation to kill it over and over again is a fairly shitty business practice in which to be engaged. And, yet, game companies still work with Denuvo and other DRM makers for reasons I cannot possibly fathom.
When one person negates that work, it's probably time to come up with a new plan.
They would rather believe DRM is still effective than confront the truth of the matter, which is that they have invested in a money pit.
Re:
Wasn't this activity already illegal?
Obviously the whole DCMA saga with digital protection measures culminates the dvd-jon case where some kid broke the protections of the cdrom drives and made all the content protected via their unbreakable encryption which used the same key for every cdrom on the planet.
This activity causes tons of damage if the information is published and available to pirates. I hope this voksi guy has enough brains to avoid the damage.
Re: Wasn't this activity already illegal?
Re: Re: Wasn't this activity already illegal?
The right solution is to find the approach that is _useful_. It can be co-operation in some circumstances, controlling in other situations, or fixing impossible problems, or maybe going against the flow.
But then again, useful cannot be done with a computer.
Re: Re: Re: Wasn't this activity already illegal?
?Care to elaborate on that tp?
Re: Re: Re: Re: Wasn't this activity already illegal?
> ?Care to elaborate on that tp?
Sure. The problem is that computers are eating too much people's time that the cost of everyone using computers is significantly larger than whatever the benefits are. And any new incremenal feature to computer software, cannot ever overcome the huge cost involved in the creation of computer hardware and the time spent in using them.
So usefulness cannot ever be assigned to computers, simply because collectively computers spend too much time from humans.
Re: Re: Re: Re: Re: Wasn't this activity already illegal?
Gotta love the logic of idiots who scream at other people for using computers and the Internet... on the Internet, on a computer. Genius!
Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
"fame" is now something useful? I thought programmers are just supposed to do technology side and leave marketing to someone else. If that isn't true, let me know so that it can be fixed.
> he has such trouble getting others to use,
the globe has 2 billion other web pages who have exactly the same problem. What's your trick of getting them all implement the "fame" requirerment?
Re: Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
But someone like you, who believes that the moment the RIAA sends a guy a letter is when that guy is legally obligated to surrender his entire life savings before the subpoena even makes it to court, would never understand subtlety or restraint.
Re: Re: Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
meant as a reply to tp
Re: Re: Re: Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
Re: Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
The sad thing is, you failed at that part too,
"What's your trick of getting them all implement the "fame" requirerment?"
Do something useful, rather than hacking together a poorly designed piece of crap then rambling on about nonsense on web forums for the rest of your time?
Re: Re: Re: Re: Re: Wasn't this activity already illegal?
Re: Re: Re: Re: Re: Re: Wasn't this activity already illegal?
Re: Re: Re: Re: Re: Wasn't this activity already illegal?
sending a letter (or physically going) to the other side of the world just isn't effective on a regular basis. Doing either would also take up a lot more time.
Given how much communication happens online, not having that advantage would be wasting too much time. So arguably your premise makes no sense.
Re: Re: Re: Wasn't this activity already illegal?
Just because your efforts to do something useful on a computers have failed does not mean that computer is useless.
Re: Re: Re: Re: Wasn't this activity already illegal?
Re: Re: Re: Re: Re: Wasn't this activity already illegal?
Re: Wasn't this activity already illegal?
Re: Wasn't this activity already illegal?
Obviously people outside the US are not bound to US laws (e.g. the DMCA).
tons of damage if the information is published
I'm pretty sure it's published and researched (officially) off shore and out of the jurisdiction of the DMCA anti-circumvention clause. May not stop ICE from raiding a house, though.
Denuvo is particularly disliked as it tends to cause slowdown, at least cracked versions are reputed to feature higher frame-rates than uncracked versions, which is the primary reason Denuvo is so disliked by the end-user community.
Or so I hear. Games are things I typically actually buy, from companies and development teams I want to support.
Re: Wasn't this activity already illegal?
No, he did, but civil disobedience is still a thing. I know that normal human behaviour confounds and confuses you, but people will do illegal things if they think that the statement made by or effect of doing so is worth the risk and punishment of participating in that action.
"dvd-jon case where some kid broke the protections of the cdrom drives"
I've never seen anyone get things so wrong in a single phrase!
First off, CD-ROMs and DVDs are two totally different things. Secondly, nothing on the drives was affected, just the information on the disc being bypassed via software. Thirdly, the CSS "protection" on the discs was preventing people from using the property they had legally obtained, meaning they had to resort to other means.
Pirates were CREATED by the DRM, not prevented.
Fighting his way through purposefully obfuscated code, will give him extremely good skills debugging unintentionally obfuscated code, that lives in too many old large code bases.
GOG is my only source of games, and CDPR have shown that the best way forward is respecting your customers.
While I won't use his product. I cheer the dismantling of DRM, in hopes that more companies can see the light on respecting customers and selling DRM free games at GOG, which is the only way I will buy them.
LOL paranoid delusions
Re: Re: And a THIRD ODD, seven years old 8 Feb 2011 though only susp
If all of the comments here are just bots and propaganda, why you talking to yourself?
The lossy form of being in charge
As Timothy points out, it sure seems like the money game makers spend on DRM would be better spent on marketing, with some of those funds being supposed losses due to 'pirating'. Even though they might target some marketing funds at that, they wouldn't actually be able to post any losses due to the fact that those 'pirates' might not have actually bought the game, nor could they be satisfactorily quantified (at least for tax purposes as a business expense). Better spending of the money might be creating a sample, or a beta, or a whatever its called portion of the game which IS free, and get people excited.
They used to do that. What happened? Did they spend too much time reading the copyright maximalists manifestos and start on their own bend of 'we want control'? It doesn't seem to be working. Will they continue beating themselves over the head until it works? Or will they figure out that being nice rather than nasty has some value?
Don't hold your breath. Rabid dogs are rabid until put down. Getting non rabid dogs in the race depends upon keeping them separate from other rabid dogs.
TL:DNR (In the food service business when a discount is applied to sales there are eight different accounting transactions to properly represent the 'cost'. Four of those are in the Profit and Loss Statement, and the other four are in the Balance Sheet. Lets look at the P&L side. First the gross sales needs to be reduced and a discounted sale posted. Then a credit needs to be taken in the Cost of Goods Produced area. Then there needs to be a charge against the Marketing program assigned that particular promotion, to account for the actual business cost of the promotion. (Its been a while, I think I have that right) In digital, there are some steps that have 0 assigned to them. This is what happens when one discounts non physical goods. There are no actual losses, but proving particular lost sales is...well really hard).
Re: The lossy form of being in charge
It's no wonder that the parties involved don't see the problem, they're too busy re-arranging deck chairs to make their section look organized.
Were you born this stupid, or did your parents neglect you into ignorance?
It's not just games though
I subscribe to several mailing lists that send me tailored e-mails giving me titles that I may be interested in, mostly obtained via Amazon.
I've got a Linux system and use Calibre as my library/reader.
I tend to download free offer books from authors I've not heard of before as a sort of 'try-before-you-buy' approach.
Lately a lot of these 'free' offer books come infected with DRM that makes them unreadable on a Linux system.
I'm baffled as to why an obscure author I've never heard of would make a free offer book unreadable.
It also means I'm much less likely to buy e-books if I'm not sure I'll be able to read them. I realise that we are talking of books at a 99p price point but I don't want to waste my money on something I can't read.
Re: It's not just games though
I am also baffled by why any author, obscure or not, would want to add DRM to a free book offer. The publisher on the other hand...
Re: Re: It's not just games though
Re: Re: Re: It's not just games though
Opening Calibre, pointing to the book file, invoking a plug-in, then reading Techdirt for a few minutes while the plug-in does the work doesn't seem all that hard. Oh, of course there might be a few minutes downloading the plug-in, but the ones I have downloaded for Calibre were trivial. I just haven't needed the DRM ones.
Converting a book from one format to another takes a few seconds. I don't know how long the DRM removal would take, but it probably isn't much.
'Oh look, countless authors who DO want my money...'
For me at least it's less a matter of time as principle. If they're going to infect their books with DRM then I will happily pass them up for authors that don't treat me like a criminal, as there are always plenty of those around.
That the hurdle is low does not stop it from being there, and so long as there are viable alternatives why go through the hassle at all?
As for the crap shoot angle both sites I buy from(Amazon and Smashwords) have 'sample' options, and while that's not always a guarantee, it can at least give you a general idea as to quality and style, without the need to pay anything more than time.
Re: 'Oh look, countless authors who DO want my money...'
I used to like Scott Turow as an author. That is until I heard about his attitudes with regard to copyright. Now I wouldn't read anything he has written, even if he paid me.
Re: Re: 'Oh look, countless authors who DO want my money...'
I have some sympathy with authors in that situation, where they face what they believe(and could very well be from their perspective) a situation of 'if you want to publish through us we will add DRM, take it or leave it', but self-publishing authors that add DRM? Yeah, they go straight into the 'not interested enough to even read a sample' pile.
Re: Re: 'Oh look, countless authors who DO want my money...'
Who foisted the publisher on the author? I'm not going to let them escape blame by pushing it to someone they chose to associate with. Maybe 10 years ago... but by now DRM is no surprise, and authors should be forbidding it in their publishing contracts.
(That's the minimum. Personally, I won't buy from any publisher that sues or threatens over noncommercial distribution.)
Re: Re: Re: It's not just games though
With Calibre there's no time spent on the book. You need a few minutes when you install the plug-in to configure it with the info from/for your reader. After that the plug-in operates in the background, silently removing the DRM as you import the e-book into Calibre. I haven't seen it add any appreciable time to the import either, so it's basically negligible overhead.
Re: Re: Re: Re: It's not just games though
With self publishing on the Internet, it is not a case of searching out books you like, but rather deciding which ones to ignore, and DRM puts a book in the ignore category from me.
Re: Re: It's not just games though
It's being worked on but it's not there yet
I hope, for your own sake, that you get the professional help you do not deserve but need anyway.
Re: Re: It's not just games though -- Welcome back "CeeVee"!
Right?
Denuvo slogans through the years
2014: Denuvo, we can't be cracked!
2015: Denuvo, we can't easily be cracked!
2016: Denuvo, you can still at least get a good sales window at product launch.
2017: Well, at least we don't make it less convenient for your paying customers.
2018: Ok, so we make it less convenient for your paying customers.
2019: If you are calling for a late payment, please contact our bankruptcy lawyers at 1-800-223-4332
Re: Balancing headlines bad news for pirates off Torrent Freak:
Re: Balancing headlines bad news for pirates off Torrent Freak:
Re: Balancing headlines bad news for pirates off Torrent Freak:
Re: Re: Balancing headlines bad news for pirates off Torrent Freak:
LOL self-loathing by way of hatereading
Good Games
DRM hurts paying customers.
DRM doesn't stop pirates.
DRM isn't essential to making money, as seen by GoG.
Re: Good Games
Re: Re:
On top of that, they seem to have a good handle on how to run their business. Constant new content, both now indie games and older titles. Regular sales, including free games to encourage further spending. GOG Connect, which lets people have select games through them DRM free at no extra charge if they already own the game on Steam. So many great things, and an excellent rebuttal to most of the "it can't be done" or "there's no value to that" arguments that come from the clueless.
Hubris before the fall
When your company can be beaten, and is, on a regular basis by a single person I'd say it's time to toss in the towel and admit that it's time to move on to something else.
Even if they somehow stop him it's a given that there will be near-countless others ready to step up and have a crack and beating the 'unbeatable' DRM just to show that it can be done and that they did it.
Puyo Puyo Tetris. I thought ‘it’s small game, it’d be easier to analyze’, but oh no no,” he said.
“The game executable is 128MB big, of which just 5-6MB is the real game code. The rest of it is Denuvo. It’s the most bloated Denuvo I’ve ever seen.”
So over 95% of the game executable is DRM. That just about sums up DRM - "whatever it takes"
Re:
*Actual* pirates never encounter that check the moment the first crack is made public, and often have all the other issues removed entirely. Now, it seems, they have a much more streamlined and easy to distribute copy at the same time.
That is why DRM is pointless - it *always* makes the legal product worse than the pirated one.
Nowadays I couldn't care less. If it has DRM then I don't want it.
We have a very strong disagreement with the term "innovative business model".
Incomplete games, "chapters", DLC, and randomized loot boxes are *not* innovative.
I certainly hope this isn't the "solution" to DRM.
