Copy-Protection (was: Downloadable Games are Important)

A place to discuss things that aren't specific to any one creator or game.
Forum rules
Ren'Py specific questions should be posted in the Ren'Py Questions and Annoucements forum, not here.
Message
Author
User avatar
jack_norton
Lemma-Class Veteran
Posts: 4035
Joined: Mon Jul 21, 2008 5:41 pm
Completed: Too many! See my homepage
Projects: A lot! See www.winterwolves.com
Tumblr: winterwolvesgames
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#31 Post by jack_norton » Mon Sep 13, 2010 2:15 pm

A simple system that a friend of mine explained (but I don't know how to make it in python :D) is to use the private/public key.
You generate a list of serials using your private key. In the games you check for validity with your public key, so even if the crackers see the keyword you used, being the public (and not the private) they can't create a keygen.
They can still obviously crack the .exe - but nothing can prevent that...
follow me on Image Image Image Image
computer games

Topagae
Miko-Class Veteran
Posts: 520
Joined: Mon Mar 02, 2009 5:40 pm
Contact:

"Neque porro quisquam est qui dolorem ipsum quia dolor sit a

#32 Post by Topagae » Mon Sep 13, 2010 2:38 pm

"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."
Last edited by Topagae on Thu Aug 25, 2011 3:19 pm, edited 1 time in total.
"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."

User avatar
jack_norton
Lemma-Class Veteran
Posts: 4035
Joined: Mon Jul 21, 2008 5:41 pm
Completed: Too many! See my homepage
Projects: A lot! See www.winterwolves.com
Tumblr: winterwolvesgames
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#33 Post by jack_norton » Mon Sep 13, 2010 3:29 pm

My friend uses it because he has a list of pre-generated serials, which looks like the windows one (XXXX-XXXX-XXXX etc).
With that sytem the only way is:
- generate serials using CPU power but would take years if he uses long digits
- post real serials someone got when purchased the game

in the second case, they make an update to the exe so that serial doesn't work anymore. But anyway, as I said, is much easier for the pirates to crack it than try to make a keygen. So doesn't solve the DRM problem at all :) it was just an interesting idea to prevent "casual piracy".
follow me on Image Image Image Image
computer games

User avatar
PyTom
Ren'Py Creator
Posts: 15469
Joined: Mon Feb 02, 2004 10:58 am
Completed: Moonlight Walks
Projects: Ren'Py
IRC Nick: renpytom
Github: renpytom
itch: renpytom
Location: Kings Park, NY
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#34 Post by PyTom » Mon Sep 13, 2010 3:48 pm

Topagae wrote:And you then conclude because nobody knows your private key they can't make a keygen? That makes no sense because you're not generating any keys. In fact you haven't described how you'd generate any keys at all, the method your describing is used to encrypt and decrypt messages between people, completely oblivious to what those messages might be. Decrypting your key/message with the public key in your game in no way validates that it's a legitimate key for your game, because literally anyone can decrypt your encrypted message.
The problem here is that the word "key" is being overloaded. If you want to use RSA to control access to a game, you need to use it as a digital signature scheme. RSA is a symmetric algorithm. I can encrypt a message with my private key, and you can decrypt it with my public key. What's interesting about that is that, if you can decrypt the message at all, it's strong evidence that the person who encrypted it knew my private key, and hence was me.

This mode of operation is known as a digital signature.

If I want to use this to protect a game, I can sign a message that says "Topage can play this game." The game can then check that message, and decide if it wants to start or not. We're still vulnerable to two attacks:

- Someone can give a signature to all his friends.
- Someone can patch the signature check out of the game entirely.

We might be able to deal with the first by checking for signature revocation at runtime. The second is fundamentally impossible to defeat on a general-purpose computer, but can be made more difficult in a number of ways.
Supporting creators since 2004
(When was the last time you backed up your game?)
"Do good work." - Virgil Ivan "Gus" Grissom
"Silly and fun things are important." - Elon Musk
Software > Drama • https://www.patreon.com/renpytom

User avatar
Spiky Caterpillar
Veteran
Posts: 252
Joined: Fri Nov 14, 2008 7:59 pm
Completed: Lots.
Projects: Black Closet
Organization: Slipshod
Location: Behind you.
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#35 Post by Spiky Caterpillar » Mon Sep 13, 2010 4:20 pm

Topagae wrote:Because right off the bat, there's a lot of concerns. First off, you gotta be vigilant to turn off copies of games, that's possibly a lot of overhead. Second off, as a pirate. I'd just bloody steal other people's copies. Then you'd be turning off random customer's games. I'm sure they'd LOVE that. I'm aware you find it important to preserve copies after people are gone, but you haven't really backed that up as an important issue for customers. If they don't want it, it's something that they're paying for and they don't want it. Nobody wants to pay extra to secure something they don't think is worth it, and this will turn people off.
Customers like archival copies. You can see them whining whenever an activation server fails on launch day, whenever an internal screwup breaks their game, whenever a mmog shuts its doors, whenever they try to install from an actual purchased retail disk and discover that they lost the box with the serial number on it when they were moving. Most of the gamers I know keep their install media around for quite some time (and most of them try to keep track of the serials, too). Support for archival copies doesn't cost the customer any extra money in the current software ecosystem - digital data is, by default, relatively permanent, and MAKING IT IMPERMANENT costs the developer money and time - a small amount up front to set up whatever DRM they're using, and an ONGOING amount to maintain any resources the DRM needs (activation servers, tech support staff, etcetera.)
You seem to be opening up a lot of avenues of attack because you want a lot of conveniences that are not secure. Companies have simply been forced to not have these conveniences to avoid the giant headaches they bring, and as far as I know from talking to you and listening to you in IRC, you admitted piracy is annoying and seems to have no good solution.
Convenience #1: The ability for users to PLAY THE GAME on their own hardware makes it effectively IMPOSSIBLE to prevent warezing. Not 'difficult' or 'annoying', IMPOSSIBLE. All a copy protection system can do is try to either make warezing more annoying than buying the game or make buying the game offer some feature that warezing doesn't have (say, tie the updater to a working serial number/login - so sure, they can share serial numbers if they want to, but the warezd00ds are stuck without patches.)
Sadly, without a solution, I don't see how anyone can have all the conveniences you so desire. But if your proposed method has merit, I'd love to see the results, but I'm not holding my breath. No offense to you intended at all. It's just that if you follow all the security folks, everyone seems to know how to fix everything, but 6 months later we're just in deep as crap as we were before. Very disheartening.
Those were marketing folks, not security folks. Anyone who tells you they have a solution to the warez problem that works on modern hardware is offering something a lot LESS plausible than a vacation home on Charon. (Although a vacation home on Charon would make it easier to build the sort of computer that COULD handle actual copy protection.)
Nom nom nom nom nom LEAVES.

User avatar
Jake
Support Hero
Posts: 3826
Joined: Sat Jun 17, 2006 7:28 pm
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#36 Post by Jake » Mon Sep 13, 2010 4:41 pm

PyTom wrote: - Someone can give a signature to all his friends.
(People have attempted to solve this vulnerability in a less manual way in the past by getting some fundamental information about the user's computer (say, the MAC address of their primary network interface, or their CPU ID) and making that part of the signed message. So the software reads the message, checks the signature, and then checks that the machine it's being run on has the right MAC or the right CPU ID, and if that fails, it refuses to run. The user then needs to be able to request new activations - entailing new signed permission documents - for when their PC blows up or they replace their NIC, so the vendor needs to stay around. And of course, it fails PyTom's cultural-preservation test.

And practically speaking, it doesn't help at all against determined pirates because you'll never avoid the second vulnerability.)
Server error: user 'Jake' not found

Topagae
Miko-Class Veteran
Posts: 520
Joined: Mon Mar 02, 2009 5:40 pm
Contact:

"Neque porro quisquam est qui dolorem ipsum quia dolor sit a

#37 Post by Topagae » Mon Sep 13, 2010 5:26 pm

"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."
Last edited by Topagae on Thu Aug 25, 2011 3:19 pm, edited 1 time in total.
"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."

User avatar
Jake
Support Hero
Posts: 3826
Joined: Sat Jun 17, 2006 7:28 pm
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#38 Post by Jake » Mon Sep 13, 2010 7:48 pm

Topagae wrote: Your first listed vulnerability. "Someone can give a signature to all his friends." The first thing they tell you about this kinda security is that when a public key is public. You gotta assume everyone has it, so it's not much of a solution.
You're missing the point again. A public key is never specifically intended to be secret; the entire point of it is to allow people who don't have the private key to read encrypted items that were encoded with the private key. It's part of the mechanics of a potential solution, but it is not in and of itself a solution.

If your entire objective is, as was suggested earlier in the thread, giving the unlock-your-software 'key' document some identifying information which allows you to track who is uploading your software to torrent sites, then one potential solution is to sign that unlock-your-software document with the public/private key pair, and only run the software if the document is successfully validated with the public key. The point isn't that people can't read the document - they have to be able to - but that people can't alter the document because they don't have your private key so they can't re-sign it. And the document will only work when it's intact, meaning that if someone wants to upload it onto a torrent site, they give away (in the example case) all their personal information with it.

In the approach PyTom's talking about, presumably the signed certificate simply has some unique identifier in it, so the software can check the identifier against a 'valid list' or a 'not valid list' and check whether or not to run based on that. Again, you can't change the certificate without breaking the signature and making it de facto untrusted and invalid. You can't, as you suggested earlier, "just bloody steal other people's copies" because you don't have access to their certificate unless they voluntarily give it to you. What are you going to do, break into their houses? You might as well just take their TV, sell it and use the money to buy a copy of the software with a working key!


The only particular vulnerability is the same second vulnerability that PyTom mentioned - that public/private validation of signed documents works in the situation where you know the software at the two ends of the conversation is clean and don't trust the software in the middle, as in a TLS/SSL tunnel. If you can't trust the software at one end either, it's just as useless as any other approach, but not because of any inherent problems with the public/private key model.
Server error: user 'Jake' not found

User avatar
PyTom
Ren'Py Creator
Posts: 15469
Joined: Mon Feb 02, 2004 10:58 am
Completed: Moonlight Walks
Projects: Ren'Py
IRC Nick: renpytom
Github: renpytom
itch: renpytom
Location: Kings Park, NY
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#39 Post by PyTom » Tue Sep 14, 2010 3:06 am

Jake explained well how a signature-based scheme works. To get the rest of the way, we have to look at the social context.

I think the goal is to raise the cost of infringement to the point where the casual infringer decides that buying the game legitimately is a better use of his time than trying to find an illegal copy. (And hence, the creator can get enough sales that he or she can continue to make games.) To do this, we have to stop the casual infringer from being able to get the game from two kinds of distributors.

The hardcore infringer is dead to us - this is the guy who would never buy the game under any circumstances, so he doesn't matter.

The casual distributor is the guy who uploads the game to rapidshare an hour after it comes out, and posts that link on a message board. If we can revoke the ability to run those uploaded copies, then they become worthless - actually, they are a net benefit to the game-maker, as the more unusable infringing copies there are, the harder it is to find a usable infringing copy.

The hardcore distributor is the guy who would attempt to reverse engineer the game, to disable copy-protection. Theoretically, this guy always wins - if the game can run on one general purpose computer, he can always find a way to make it run on another general purpose computer - that's the cool think about general purpose computation. But there are things we can do to make his life more difficult, and there are things we can do to make it less satisfying for him. Most importantly, we can try to make it hard for a casual infringer to hook up with a hardcore distributor, by having revoked casual distributions pollute the search results.

My gut feeling is that there is a certain level of inconvenience that we can inflict on a casual infringer that can push him into becoming a paying customer. (We can't inflict any of this inconvenience on paying customers, as they should have the best experience.) Even if copy protection is possible to get around, the more inconvenient infringing is, the more likely someone will pay to not have to deal with it.
Supporting creators since 2004
(When was the last time you backed up your game?)
"Do good work." - Virgil Ivan "Gus" Grissom
"Silly and fun things are important." - Elon Musk
Software > Drama • https://www.patreon.com/renpytom

Topagae
Miko-Class Veteran
Posts: 520
Joined: Mon Mar 02, 2009 5:40 pm
Contact:

"Neque porro quisquam est qui dolorem ipsum quia dolor sit a

#40 Post by Topagae » Tue Sep 14, 2010 3:16 am

"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."
Last edited by Topagae on Thu Aug 25, 2011 3:19 pm, edited 1 time in total.
"Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit..."

User avatar
Crocosquirrel
Miko-Class Veteran
Posts: 707
Joined: Tue Sep 07, 2010 3:28 am
Completed: Mobile Food Madness, Super Otome Quest
Projects: Academy Daze
Organization: Polymorphic Games
Location: Perpendicularly parked in a parallel universe
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#41 Post by Crocosquirrel » Tue Sep 14, 2010 3:33 am

The idea of one-use keycodes isn't new, and honestly, most people are used to them by now. The downside of a true one-use cypher key is that it's only useful on a single computer, and thereafter the investment is useless. If I send out copies of NanoEmpire at $19.99, and a paying customer installs it, plays it, and later that night his hard drive goes *boom*, even if he can reinstall it on the next machine, his copy will brick, because my database says the key's been used. Better to send him a serial keyfile that involves his registration information that he can transfer to the new machine with the installer. If he should by some chance lose it, he drops us an email with an order number or some other information we can track to that copy, and send him a new file.

It'd be a pain in the butt for the casual infringer, frustrate the casual distributor(or at least make him a little more traceable), and require work on the part of the hardcores whilst still taking advantage of a one-off cypher.

More work on our parts dealing with the less-than-alert users, but the work has to be done by someone. A good software engineer might be able to come up with a way to automate the process, or at least poke holes in my theory.

As far as determining who's uploading, download, check the keyfile, send in a CND, and then wait. The casuals will be the ones who's keyfiles pop up repeatedly over time. Someone's stuff turns up once or twice, he may have a thief nearby.

Of course, unless the algorithm for making the keyfiles gets broken, it should be fairly safe from trojan or keylogger virii... The file is downloaded, rather than the final key being entered by hand. It has it's weaknesses, I expect, but it's the best thing I can imagine at the moment.
I'm going to get off my soap-box now, and let you get back to your day.

Academy Daze- Back in production! Complete with ecchi-ness ;)

User avatar
Crocosquirrel
Miko-Class Veteran
Posts: 707
Joined: Tue Sep 07, 2010 3:28 am
Completed: Mobile Food Madness, Super Otome Quest
Projects: Academy Daze
Organization: Polymorphic Games
Location: Perpendicularly parked in a parallel universe
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#42 Post by Crocosquirrel » Tue Sep 14, 2010 3:36 am

Topagae wrote:@Pytom
I dunno Pytom. Like putting it all online and letting them access it from anywhere (Me/Steam/GoG/All other online distributables)?

Seems like the solution is staring you in the face, hell, most of them even DL straight to your hard drive. Yet, less piracy, due to countermeasures and rewarding casual users. Works fine ;3
Sorry about the double post, but this is a lot of what PyTom was trying to avoid. A lot of places may or may not be there in five or ten years, and if you restrict like that, you stand a chance of losing most or all of it.

Besides, I can't even find a place to submit to Steam. I keep hearing it's not easy to get in as an indie, even if you have the next Killer App.
I'm going to get off my soap-box now, and let you get back to your day.

Academy Daze- Back in production! Complete with ecchi-ness ;)

User avatar
Jake
Support Hero
Posts: 3826
Joined: Sat Jun 17, 2006 7:28 pm
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#43 Post by Jake » Tue Sep 14, 2010 4:29 am

DarkSpartan wrote: A good software engineer might be able to come up with a way to automate the process, or at least poke holes in my theory.

As far as determining who's uploading, download, check the keyfile, send in a CND, and then wait. The casuals will be the ones who's keyfiles pop up repeatedly over time. Someone's stuff turns up once or twice, he may have a thief nearby.
I'm pretty sure I poked holes in that theory in the first post I made in response to you. You can't be sure that you'll get a valid name and address, and when your software gets pirated you can't be sure that it was the person whose keyfile is being used that did it. Revoking access to an innocent and legitimate user's copy when they've lost their flash drive isn't an issue because they lost their flash drive anyway... but sending them legal threats could be construed as harassment, which is something you don't want.
DarkSpartan wrote: Of course, unless the algorithm for making the keyfiles gets broken
...and this is mitigated to a very high degree by the private/public signature method, which has been discussed in the previous few posts.
DarkSpartan wrote: Sorry about the double post, but this is a lot of what PyTom was trying to avoid. A lot of places may or may not be there in five or ten years, and if you restrict like that, you stand a chance of losing most or all of it.
Bear in mind that Topagae has an axe of his own to grind - he runs a site on which hopes to sell online-play of VNs. This thread only got split off from the original one ('Downloadable Games are Important') because he jumped in and started ranting about how (despite evidence to the contrary) downloadable games were impossible to make money from because TEH PIRATES!!!111.

Personally, it seems to me that he either doesn't have much of a clue about the technological aspects of the problem, or he's willing to pretend he doesn't in the name of spreading propaganda ("public keys are - *gasp* - public!").
Server error: user 'Jake' not found

User avatar
Crocosquirrel
Miko-Class Veteran
Posts: 707
Joined: Tue Sep 07, 2010 3:28 am
Completed: Mobile Food Madness, Super Otome Quest
Projects: Academy Daze
Organization: Polymorphic Games
Location: Perpendicularly parked in a parallel universe
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#44 Post by Crocosquirrel » Tue Sep 14, 2010 5:20 am

Jake wrote: Bear in mind that Topagae has an axe of his own to grind - he runs a site on which hopes to sell online-play of VNs. This thread only got split off from the original one ('Downloadable Games are Important') because he jumped in and started ranting about how (despite evidence to the contrary) downloadable games were impossible to make money from because TEH PIRATES!!!111.

Personally, it seems to me that he either doesn't have much of a clue about the technological aspects of the problem, or he's willing to pretend he doesn't in the name of spreading propaganda ("public keys are - *gasp* - public!").
I'm willing to surrender the field on my methodology. I suspect it could somehow be made viable, if one wanted to do so. I didn't say it was necessarily right, but an option.

So far as Topagae being admin of such a site, I had no idea. He seemed a little too anxious to make things as doom and gloom as possible. I think I'll stick to Tom's example and stick to full downloadables.

When I was talking about CNDs, btw, I was thinking of the distribution sites, so they'll take down the afflicted material, not the individual user. No threatening the paying customers unless you can *prove* they're the ones doing the uploading. The dishonest will generally remain so, and if they won't give up their personal information, IP address captures and access timestamps can lead you to the correct location with the cooperation of the target's ISP.

I think I covered loss of data, at least some. At least I'm not after a USB dongle for every piece of software on one's machine. There is such a thing as overboard, after all. Online-only releases don't sit well with me, honestly. Advertising can be built into those sites(or worse, the games, with or without the consent of the original authors) for an income model.
I'm going to get off my soap-box now, and let you get back to your day.

Academy Daze- Back in production! Complete with ecchi-ness ;)

User avatar
jack_norton
Lemma-Class Veteran
Posts: 4035
Joined: Mon Jul 21, 2008 5:41 pm
Completed: Too many! See my homepage
Projects: A lot! See www.winterwolves.com
Tumblr: winterwolvesgames
Contact:

Re: Copy-Protection (was: Downloadable Games are Important)

#45 Post by jack_norton » Tue Sep 14, 2010 10:14 am

PyTom wrote:J
My gut feeling is that there is a certain level of inconvenience that we can inflict on a casual infringer that can push him into becoming a paying customer. (We can't inflict any of this inconvenience on paying customers, as they should have the best experience.) Even if copy protection is possible to get around, the more inconvenient infringing is, the more likely someone will pay to not have to deal with it.
It's not just your gut. From all the research I've made that's true.
Example: once Softwarepassport (Armadillo) came out, was really hard to copy. You had to crack, and cracking it, while of course POSSIBLE, was quite a pain (talking about 4-5 years ago). I put it on Magic Stones and about at same time I started using tracking cookies. I got MANY orders with referrals as google searches of "Magic Stones full version / crack" blabla. On mac, I hadn' that protection system: once someone made a keygen, I found that the same serial was posted everywhere around the net. A fun story was a cracker asking in my forums about a bug, and when he told me his serial name "The Blade" I laughed because clearly he got a pirated copy but he didn't even had a clue! (was his minor brother who pirated it).
BTW is not just my opinion but several many other pro indie dev thinks the same, like Hanako, Positech, Puppygames and many others (it's a long list).

Casual piracy exists, and can be easily prevented using some methods like those described in this thread, that aren't a hard DRM so doesn't annoy the regular customers.
follow me on Image Image Image Image
computer games

Post Reply

Who is online

Users browsing this forum: No registered users