Larian Studios Forums Beyond Divinity (English) Technical Problems The Last word on Copy Protection?

Hi,

After reading numerous posts about the Starforce 3 protection, I feel I have to post.

I used to work for a software protection company and spent many years investigating the cracking scene and devising new ways to protect a companies software. Our results at the end of the day were always inevitable.

The one major element that many publishers do not wish to admit when applying copy protection to CD's is the fact that crackers do not crack games for profit - they do it for the challenge, because to them;

challenge = fun.

This means that the harder/more difficult the copy protection employed, the more they'll want to crack it simply because we are offering up a 'challenge'.

I recall a time when a 'certain' company stated in their newsletter that "our key has all the crackers dumbfounded - no one has or will manage to break our encryption". A challenge if there ever was one and only two weeks after that statement was published, it was cracked and those responsible were so overjoyed at being the first to break the 'unbreakable' that the solution was posted everywhere.

Granted, Starforce 3 protection is quite a complex beast to tame - spiral data tracks with a varying time structure to create time specific delays (or even storing data in a 16 byte P/Q-subchannel) is a clever idea but it certainly isn't unbreakable. Data Position Measurement or Recordable Media Physical Signature, for example, can bypass most protection systems.

My point? Well, Starforce 3 has been cracked before and I can guarantee you that it will not be long before it will be cracked here too. Whether we like it or not it is inevitable and those responsible will ensure that the world knows how 'talented' they are by posting the solution everywhere. Not only that, to promote their skills they'll advertise it in places where it wouldn't normally appear - they're the genius' after all, they managed to evolve a way around a protection method we've spent years and millions designing.

Of course, the argument will rise that by the next release we'll employ Starforce '4'. Yet another challenge for the crackers and in another month they'll have that one fixed too. In the meantime, however, numerous legitimate consumers will continue to suffer from difficulties in starting or running the product because the security is so well developed that even original data discs can, and often are, mistaken for an illegal copy. In addition, legitimate software such as Virtual Drive etc (which is used legitimately by many people) will have to be uninstalled while drivers for the CD protection are installed into the device manager. As many developers are well aware, the Windows OS is a fickle beast and some configurations can lead to random system crashes and unexpected reboots.

This results in numerous help desks having to deal with copy protection 'issues' which increases the companies costs and this has to be accounted for. These costs may reflect by a reduction of the development time on a project, on regular updates, or even may have to be passed onto the end consumer.

The inevitable conclusion is to consider that if a person does not wish to purchase the software, they will download it and if they can't download it, then they simply won't play it. Indeed, if someone is willing to download 1.5 Gb of software (or perhaps more) rather than buy it, employing severe copy protection (that harms the legitimate users) is not going to change their minds into buying it. The result is that the software companies don't loose out because the illegal user would not purchase the software anyway. What's more, many legitimate users who have paid $50 or more constantly contact the help desk in an attempt to solve copy protection issues rather than just use the software out of the box. And this does affect sales - no matter how good the publicity on a game is, word of mouth sells more, and if users complain that it "takes ages to get it to work" - the companies loose profits.

So should we protect software? Of course we should, we all have the right to protect out intellectual property but there are limits as to how much we wish to harm the legitimate users in an attempt to prevent those who are not. However, we should not be so forceful on the protection as to deter legitimate buyers. A simple key generated from the users configuration can sometimes suffice. Naturally, a 'keygen' will appear over time but the people who use this would not have purchased the software anyway and the crackers involved would not be so willing to promote their skills over producing such a small amount of code.

If people are not going to buy software - they wont. Perhaps it's time to face that conclusion and not reflect our piracy problems onto those who will.