This is probably a stupid thread, but I've been thinking about piracy and how it affects AGS games.
So I came up with SecureFile. It's a way to protect AGS games (commercial apparently), and I can implement it really easy. The whole point was to make a protection that wouldn't bother the users but still be unbreakable. So what is this all about?
CAN YOU BREAK IT? CAN YOU PLAY THE GAME WITHOUT KNOWING THE SERIAL? OR CAN YOU MAKE A PIRATED VERSION OF THE GAME THAT YOU CAN DISTRIBUTE?
I'm not planning on handing the code of the EXE , it's out of the question.
New version (1.3)
Attempt HERE (http://ledzepforever.googlepages.com/SecureFileTestV1_3.rar)
Now its unbreakable via Hex editor.
Comments, suggestions and anything related is welcome.
Can't touch this!!
IMO, a developer is better off allowing someone who may not have paid for the commercial game to still play it. But thats just through knowing so many game makers and film directors who prefer to have feedback than money.
I ******* hated the Beneath A Steel Sky and Larry security things. What a major 1980's/90's suck!!!1
LOL soz this so seemed like a post by Joey Diperla :|
Quote from: Mods on Sun 26/07/2009 00:49:33
IMO, a developer is better off allowing someone who may not have paid for the commercial game to still play it. But thats just through knowing so many game makers and film directors who prefer to have feedback than money.
I ******* hated the Beneath A Steel Sky and Larry security things. What a major 1980's/90's suck!!!1
LOL soz this so seemed like a post by Joey Diperla :|
I do agree with that opinion, it sort of makes sense, though for example DITR has many versions of pirated copies on the web, some even offer the leaflet in a pdf. And for a game that is worth 18 dollars approx, everytime someone pirates it Alkis is losing that amount.
And I've seen really a lot of pirated versions of DITR across the internet. For an obscure game, it's really more important that people play it, but for other AGS commercial games, isn't it important to get some amount of money? Especially if you have a team that you need to pay, I guess.
Well, many big companies like Ubisoft, Valve are using a noticable security precautions on their games, which were successfully cracked eventually, as I know. I don't think a cracker would spend his/her all time on a single shareware game, but they could crack the SecureFile system itself in order to reach the other games that use it.
I wouldn't implement a security protection on my game when I start working on commercial ones, because I believe not a majority of people would pay for my game just because they couldn't pass the security and play the game illegally. Wouldn't want to bother the players with something that can be easily passed.
Agreed there Gord10, but who said it's easy to pass? ;D
EDIT: But you have a valid point, sins of a solar empire had very low protection, but the game made money, and was highly succesful. The designers said that we'd rather have people play the game even if that means not buyng it.
Look at World of Goo. That game reached one of the highest piracy downloads the year it was released. Without that 'piracy' word of mouth, that game probably wouldn't have sold nearly as much as it did.
Piracy is honestly another way of advertising. But it's free advertising. It's word of mouth advertising. Of course you're losing out on sales by having them download it illegally, but I think overall you'll bring in more money.
Of course this is all my own opinion..
Quote from: Ryan Timothy on Sun 26/07/2009 01:10:19
Look at World of Goo. That game reached one of the highest downloads the year it was released. Without that 'piracy' word of mouth, that game probably wouldn't have sold nearly as much as it did.
Piracy is honestly another way of advertising. But it's free advertising. It's word of mouth advertising. Of course you're losing out on sales by having them download it illegally, but I think overall you'll bring in more money.
Of course this is all my own opinion..
I do have to say, that yes you all guys have a valid point, but I'd love someone who's made a commercial game out of his pocket to share his thoughts.
I'd be happy to see a piracy system built in to an AGS game, but not as an external factor.
I can't question price but really you can't question worth, an 18 dollar game may be "worth" more to you than it is me. I don't want people here to suffer from their work, but hey, at the same time, I hate it when the world gets more anal about other people. It just creates an anal fest, untrusting world. But hey, maybe it's just cos I'll always be fairly partial to piracy. I'm sure people will use your thing and that what it does is good :)
Ryan has a good point. In the commercial world, you have to take what comes especially when it comes to your game being more successful through word of mouth than through its sales. I won't let anyone tell me it's different, because it ain't.
I consider DRM a bit of a waste of time really.
It only really inconveniences the people who wanted to share your game within understandable and legal limits (grey area alert but you know what I mean).
If your game is unpopular then the DRM will do what I said before, and people will be unlikely to pirate it anyway. There won't be a torrent of a game nobody wanted to play.
If your game IS successful then the DRM will be cracked anyway, so you wasted time and effort.
Also what kind of scumbag would pirate a £5 game? :=
How much was Escape from Delirum?
:P
A hundred million pounds?
So, that's why they never made a sequel then, me and every other player swindled 'em out of it! :p
Regarding the strength of your security system, Dual, it's very easily breakable. When a file is pirated and shared with others via bittorrent or whatever file sharing service, it was originally uploaded by someone who bought the game first. So, to break this security, all the person has to do is buy the game, enter their code, and then upload it to the file sharing site. If you have to enter the serial in every time you play (that would be really annoying to your legit users) the pirate would just have to include the serial number in a txt file along with the game. And boom, your game is cracked.
The one way that I can think of to combat this (And I've considered doing it for Resonance, but do not think that I actually will, because there's not really much point.) would be to have the purchaser's name (the name on the credit card used to purchase) encrypted into the serial number. So, when they enter it in, the game is essentially tagged with their name. Then, when the game shows up on a file sharing site, I can download it, find the name of the person who uploaded it and then... ??? I don't know. Something. Perhaps, if the name of the purchaser showed up on the game's title screen, like saying "Thanks for buying the game, Bill Henderson!" would be enough to make people not want to upload it to file sharing sites.
Another way that I thought of for combatting piracy (and might do it for Resonance) is uploading versions of the game to file sharing sites around the web myself that look like real copies, but actually only let you play about 1/3 or a few hours of the game, and then tell you to buy it to play the rest. It's like an extended demo to screw with the pirates!
Quote from: Dualnames on Sun 26/07/2009 00:55:14
DITR has many versions of pirated copies on the web, some even offer the leaflet in a pdf. And for a game that is worth 18 dollars approx, everytime someone pirates it Alkis is losing that amount.
That's actually very untrue, there. When someone downloads Alkis' game, it sucks, definitely, because they're enjoying (or not) someone else's hard work without properly compensating him for it. However, Alkis isn't cheated out of 18 bucks, because Alkis didn't actually lose anything tangible, like a box or a dvd or anything. A file was copied. And it wasn't necessarily a lost sale, because the person downloading the game might not have ever had any intention of buying the game. So if he didn't download it, he also wouldn't have bought it. Alkis wouldn't have any more money than he has now. Therefore, no money lost. However, like I said, it's still sucky that the pirate is enjoying something that someone else worked hard on.
Also, there's the possible creation of more sales based on people who tried the game who wouldn't have tried it otherwise and enjoyed it so much that they thought it was worth paying for, or decided to buy Alkis' next game, or suggested the game to his friends. I'd bet that's a pretty small amount of extra sales, but still possible.
So, 1 download = $18 dollar loss is a pretty iffy statement.
What gets me with the piracy issue is the simple fact that people who download en masse to the point where it's noticeable are people who just don't like paying for stuff and/or don't care much about the games. If there was no piracy, in that allegedly wonderful hypothetical world, those people would just be bludging and borrowing the games off others. I think for most games the losses from piracy would be around 1-10% of the figures that companies like to speculate on.
I speak as somebody who knows a lot of people in the warez scene who probably only play a tenth of the games they download, if that.
Just wanted to add that I think the super small indie game company's biggest defense against piracy is that they're real people. Like WadjetEye Games is mostly just one dude working on games from his apartment. Some people pirate because they're sticking it to the man (Fuck the RIAA, Fuck the MPAA, Fuck the ETCETERA!). But how can you justify ripping off the dude who's making games just to barely make ends meet and does so because he loves games and really wants to share his creations with people?
On the flip side, when you ARE the dude in his apartment just barely making ends meet, you don't have a hojillion slobbering blind fanboys who will shell out $60 for whatever new piece of crap you have to ram down their throats (EA, MICROSOFT, ETCETERA!), and with so few customers, how can you justify treating them like criminals? ("Thanks for your money, now put in this 20 digit code and then your game will communicate with our online servers every time you start it up to make sure you're not a dirty rotten thief.") Only the huge developers can get away with that shit. And by doing so, more people just feel like pirating their games to stick it to them.
So I say, in general, indies should stay DRM free and take the possible small hit to sales in exchange for the good will of their customers, who hopefully will enjoy the game and appreciate your trust enough to return and buy the next game too.
I'll have to admit that I've never purchased software before. :-\ I usually download them...
Games on the other hand, for some reason I seem to be willing to fork over the money. I usually only buy games for my console (360); mainly because my computer is shite.
And that was a good idea Vince, that if you were to have an encryption code have it contain and display the purchasers name once entered. It's definitely not going to stop it, but it does put a little fear in their minds if they decided to pirate it for everyone else.
But I'm totally against having to enter an encryption code unless it's for a high end commercial game that doesn't need word of mouth to sell.
I was going to say pretty much everything Vince had Just wrote in his new message while I was typing. So I deleted it. :P
I don't really think its worth the time or effort for Indies to implement DRM systems into their games. Probably the 'best' way to do it would be to have a valve like system where your serial number is linked to your account and you have to use the internets to play. This systems works really well as a detterance as your steam account will be banned if you try to circumvent the DRM. This works particuarly well for multiplayer games on steam, though the single player games can still be cracked and playable.
There is no such thing as an infallable DRM system. You do not have the resources of Valve, so unless you decide to go down the route of only selling on Steam, and if you are able to implement valves DRM into your game, only then will you have this kind of pretection. It's a lot of effort and limits yourself to one retailer. Is it really worth your time, effort and possibly money?
Pirates will find a way. Most of them don't even care about what they are cracking, they just get a massive kick out of cracking other people's software.
I... think I've figured out a way to bypass the security. It's worked on two PCs so far, but that could have been luck, and I can't try it out on another.
Do me a favor, will ya? (http://www.sendspace.com/file/b6t884)
(Different version (http://www.sendspace.com/file/lt6c73), try it if the other b0rks up. Try "just hitting return" with that one, too.)
Quote from: Mods on Sun 26/07/2009 00:49:33
LOL soz this so seemed like a post by Joey Diperla :|
Heh? Am I a running gag or something now?
You always have been dude ;)
8)
Quote from: Akatosh on Sun 26/07/2009 13:13:53
I... think I've figured out a way to bypass the security.
I think not, both versions give the error message:
[report]
A Fatal error has been generated by the script using the AbortGame function. please contact the game author for support.
in "SecureFile.asc", line 74
Error: File 'protection" is active ; ) There seems to be some security problem. The version of the game you have, appears to be pirated.
[/end of report]
As far as I know, SecureFile isn't that easy to bypass/crack...
[Not relevant, I missed part of vince's post]
Hm... darn. Well, give me some time.
/EDIT: Alright, I've tested another version on two PCs that aren't the one I performed the crack on, and both accepted the enter key instead of a "real" serial number. Hang on, I'm uploading it right now.
Anyway, the method I used was to open SecureFile.exe with a Hex Editor, search for "secfile.vgm" to replace it with "newfile.vgm" and create said document, containing only an underscore (_). Maybe you can reproduce that if the cracked file doesn't work.
/EDIT2: http://www.sendspace.com/file/hj9zih
Quote from: Crazy on Sun 26/07/2009 13:54:27
I doubt the name idea would work Vince, unless you've got a foolproof method of stopping people supplying a false name.
The name comes from the credit card used to purchase... If you bothered to read vinces post.
I'm assuming the copy protection is just some function that runs before the game starts. Can't you just disable any calls/jumps to the copy protection code? I gave it a try but I'm new to debuggers and couldn't find it.
If it was hard to crack then there wouldn't be all sorts of elaborate measures like ARMA 2, Earthbound and Spyro 3, which would subtly make the game harder or impossible once the player has wasted enough time on it (I think, by hiding checksums of game data and comparing throughout the game). Even then, there's a high risk of false positives causing outrage amongst legitimate users. I'd imagine anyone intent on cracking an AGS game wouldn't struggle too much.
I think the vast majority of people who pirate a game never intend to buy it anyway. So it shouldn't be seen as an $18 loss, rather as $18 not gained, that would not have been gained anyway. That's not a justification for piracy. I just think of those people who are not going to pay, I'd rather they still played the game and helped spread the word, than not play it at all.
At least as an amateur. If I were to go professional, and the games were my only source of income, then I might look at it differently.
Quote from: Layabout on Sun 26/07/2009 14:17:14
Quote from: Crazy on Sun 26/07/2009 13:54:27
I doubt the name idea would work Vince, unless you've got a foolproof method of stopping people supplying a false name.
The name comes from the credit card used to purchase... If you bothered to read vinces post.
And of course nobody ever used stolen credit cards to buy stuff on the internet ::)
Quote from: GarageGothic on Sun 26/07/2009 16:13:59
Quote from: Layabout on Sun 26/07/2009 14:17:14
Quote from: Crazy on Sun 26/07/2009 13:54:27
I doubt the name idea would work Vince, unless you've got a foolproof method of stopping people supplying a false name.
The name comes from the credit card used to purchase... If you bothered to read vinces post.
And of course nobody ever used stolen credit cards to buy stuff on the internet ::)
The whole point of Vince's theory is to deter legal purchasers of the game. Those who would bother (almost none) to buy his game using a stolen CC would not have to worry about their name on the welcome screen, correct.
Quote from: Akatosh on Sun 26/07/2009 13:56:47
Alright, I've tested another version on two PCs that aren't the one I performed the crack on, and both accepted the enter key instead of a "real" serial number. Hang on, I'm uploading it right now.
Anyway, the method I used was to open SecureFile.exe with a Hex Editor, search for "secfile.vgm" to replace it with "newfile.vgm" and create said document, containing only an underscore (_). Maybe you can reproduce that if the cracked file doesn't work.
That is really helpful, akatosh. Laughed when I saw (just hit enter) I'll try and narrow it down if possible.
To answer to everybody's post:
Vince:Agreed there. Thanks for the helpful insight.
QuoteSo, to break this security, all the person has to do is buy the game, enter their code, and then upload it to the file sharing site. If you have to enter the serial in every time you play (that would be really annoying to your legit users) the pirate would just have to include the serial number in a txt file along with the game. And boom, your game is cracked.
That's not possible. Game locks if you do that. The purpose of this whole thing was to prevent exactly that. And it does.
Quote from: Ryan Timothy on Sun 26/07/2009 04:51:40
I'll have to admit that I've never purchased software before. :-\ I usually download them...
Games on the other hand, for some reason I seem to be willing to fork over the money. I usually only buy games for my console (360); mainly because my computer is shite.
And that was a good idea Vince, that if you were to have an encryption code have it contain and display the purchasers name once entered. It's definitely not going to stop it, but it does put a little fear in their minds if they decided to pirate it for everyone else.
But I'm totally against having to enter an encryption code unless it's for a high end commercial game that doesn't need word of mouth to sell.
I was going to say pretty much everything Vince had Just wrote in his new message while I was typing. So I deleted it. :P
Ryan, the whole purpose of this is to create a non-bother system and still make that system unbreakable, I'm going to give it a shot anyways..just for the hell of it.
I pretty much have pirated copies of certain games. I do still own all games, and I've bought DITR, for I thought it would be unjust to steal from one man's hard work.
Quote from: CodeJunkie on Sun 26/07/2009 15:31:40
I'm assuming the copy protection is just some function that runs before the game starts. Can't you just disable any calls/jumps to the copy protection code? I gave it a try but I'm new to debuggers and couldn't find it.
If it was hard to crack then there wouldn't be all sorts of elaborate measures like ARMA 2, Earthbound and Spyro 3, which would subtly make the game harder or impossible once the player has wasted enough time on it (I think, by hiding checksums of game data and comparing throughout the game). Even then, there's a high risk of false positives causing outrage amongst legitimate users. I'd imagine anyone intent on cracking an AGS game wouldn't struggle too much.
The point is yes that it wouldn't be much of a struggle. The point is to make it one (if at all possible).
Quote from: Layabout on Sun 26/07/2009 17:13:25
The whole point of Vince's theory is to deter legal purchasers of the game. Those who would bother (almost none) to buy his game using a stolen CC would not have to worry about their name on the welcome screen, correct.
That can also be done via SecureFile, I just thought it would really cause inconvience to the user.
AdditionWell, point taken there. Hell, Spore had this system (3 times on a computer), and it was the most pirated game, and people prefered to have it cracked than bought. But this attempt from my side is to make a protection system that is more than meets the eye. When and if I ever go commercial funding a project with my money, I'll probably have the game totally uncracked. Hackers just these days can enter pretty much anywhere, if they want to crack a game, they will. You just can't help it.
Akatosh:
I think your right.
The easiest way:
1. Replace all the characters in the file "secfile.vgm" with for example the ALT-255 code (the most empty alt-character ;)) (but any char will do) and save and overwrite the file.
2. Run "SecureFile.exe" and play :P
Good old hex times ;D
You can even create a patch to automatically edit that file when running the patch and done...
But:
Strange thing is that when I download an original copy again, extract it into a different directory even on a different harddisk and run securefile.exe while not using a hexeditor to edit any file, it doesn't ask anymore for a serial number?
Any idea?
Quote from: Vince Twelve
Just wanted to add that I think the super small indie game company's biggest defense against piracy is that they're real people. Like WadjetEye Games is mostly just one dude working on games from his apartment. Some people pirate because they're sticking it to the man (Fuck the RIAA, Fuck the MPAA, Fuck the ETCETERA!). But how can you justify ripping off the dude who's making games just to barely make ends meet and does so because he loves games and really wants to share his creations with people?
Even Wadjet Eye isn't immune (though a quick browse of a random torrent site seems to show the numbers are relatively low):
Blackwell Legacy = 2559
Blackwell Unbound = 1201
Emerald City Confidential = 12922
Still, if we were to take those combined Blackwell downloads at market value, it's a possible $94000 (improbable and imaginary money it may be).
I never bought the whole "Fight the Power!" angle to file-sharing. People like to get stuff for free; who doesn't?. It's just easier to take it from faceless corporations. Not that I don't think Vince has a point about indie games, but if
any game is critically or commercially popular it's going to be shared a considerable amount.
Quote from: Dualnames on Sun 26/07/2009 17:33:26
That's not possible. Game locks if you do that. The purpose of this whole thing was to prevent exactly that. And it does.
Can you explain how your SecureFile works? For example, what stops one person's serial number from working on another person's computer?
You know this "copy protection" is all well and good until somebody goes and asks 4chan. Anonymous don't afraid of anything. :D
Why would anyone want to break your system or try to play without the serial when all one has to do is distribute the game with the serial number in a text file? All you've done here is what so many game developers have done so far, add a serial number to your game. And since you can use the same serial number on as many computers as you want there's no piracy protection here...
Correct me if I'm wrong, but from what I've gleaned, it works like this:
- secfile.vgm contains serial number cyphers, probably with quite strong encryption. This one is checked against; I suppose the .exe uses the same algorithm and key when you enter something in the text box, and checks whether the cyphers are the same. This would prevent serials of other people from working, and with reasonably strong encryption, it would hardly be feasible to try and "force" the key (although it could probably be extracted from the .exe).
- secfile.dat probably stores... additional information.
- Additionally, I guess a "hidden" file is created somewhere when you 'unlock' the game. Maybe there's something about those save files automatically created, I don't know.
Now, when you enter the serial number correctly, a flag is set in secfile.dat and said hidden file is created. Therefore, you can't just copy the contents of the folder over; if you do, SecFile detects that the flag is set but the "validification" is missing, and doesn't allow the game to start. The trick is that once the game has been unlocked, your copy is "marked" and you can't distribute it (that was what tripped up my first crack).
Am I far off track?
(It's really not a bad system btw, especially not for an amateur solution, but it needs a lot more checking and redundancy if it's supposed to be more than a minor inconvenience.)
Curious about it Dual, let us know the trick.
Akatosh, your completely right.
Once a stored serial number from "secfile.vgm" is entered, "agssave.temp" will be generated as unlocker in a savegame directory, mine seems to be "my documents/my saved games/Hitchhiker's Guide to the Galaxy Remake/agssave.temp.
The content is not clear for me, just the fact that this file is there, could be enough as unlocker. But there is some small info inside this file, maybe the "serial" entered when asked when starting the game. Any idea?
Then the info of this generated file, like location/dateime stamp/etc (the flag), is stored in "secfile.dat".
Side effect of this is that when you delete the "agssave.tmp" file, the game will crash as "sorry, pirated version"...
logically you will have to overwrite the "secfile.dat" file in the game directory with the original and the game will run again
So to distribute it "agssave.temp" is needed, but I think then the problem will be that a patch cannot search for something file to detect the location. This location can for example be OS dependent. That would not be the problem, that can be detected. but if there are more options, it can hardly be patched. Than one need to place this file manual.
So bypassing the serial isn't the problem (sorry Dual).
Distributing it, once it is bypassed will be a bit harder (but not impossible).
And yes, your exactly on track ;)
In general, I like to keep my games DRM free. I've found that they really annoy legit users and don't deter piracy at all. Case in point, there were a lot of annoyed people when Emerald City Confidential was released earlier this year. It uses PlayFirst's DRM, which is pretty draconian from what I understand. I don't think it's a coincidence that Emerald City Confidential is the most pirated of all the games I've made! :) Of course, it's more of a mass-market title than my Blackwell stuff, but still.
Anyway, this sounds useful but I'm afraid it wouldn't be feasible for someone like me. I'd have to remove all security wrappers when I put the game on distribution channels (like iWin, Big Fish, etc) so any security I glean from it would be lost. However, for those who just plan on selling their games from their own website and nowhere else, this would certainly come in handy.
Maybe I'm missing something, but I still don't understand why I can't just distribute my legally bought Serial Number (or bought with a stolen credit card I guess, if I were willing to risk such a serious crime on such a cheap piece of software...) alongside the original .rar file.
The only way I would know how to stop that from working would be to have the verification program check with an internet server to make sure that the same serial wasn't used more than once. But then you're getting into "too annoying and insulting to your customer" territory.
If I knew that credit card information is used for my personal copy of the game to show the name I probably would not buy the game. Credit card information is something I don't want to give away anyway (thats why I hardly buy anything on sites I don't fully trust) so I wouldn't want someone to mess around with this information, even my name.
In this case, I'd rather pirate the game then buy it myself ::)
Vince, that's correct, spreading the serial will do.
And distributing a game with an online "blacklist-connection" check or something to check if a serial isn't used more than once is too annoying, that's more an option for big applications.
But that might/can even be defeated by the fact that when people really want something which is protected that way, certain people or groeps will make key generators, even on demand...
I guess for games, as an author you need to get the attention of a big group of people that really likes it and wants to pay for it, e.g. on a forum, interact with people about the game, releasing demo('s) (or maybe even a first game as freeware). (Like Dave and or Ivy from Wadjet Eye Games do)
Once these people like it, they will pay for it. A sort of community effect.
This group is, in my opinion, the mainstream to get your money.
The rest that obtains a pirated version, those torrent-crawlers, will always be there.
Even worse will be spending money on a protection for a game.
A waste of money and only a trigger for some to create a crack/keygen...
My 2 cents...
I think the whole number of pirated games is seen out of proportion. Most people who play pirated versions, wouldn't buy the game in the first place so you really shouldn't see them as 'lost'. You should see it as promotional. Sure, when every pirated version would have been really sold, you'd earn more, but that's not realistic.
If someone really wants to play, he/she'll buy it. At least that goes for me. I have a lot of pirated versions of games that I've looked at and didn't find it worth buying. I didn't finish them either. But I did get interested in what else the company had to offer so actually see it as a commercial (or demo).
Same with audio. I download loads of tracks and if I really like a number, I'll buy the album. But I don't think it's worth buying if I listened to the track once and wasn't even interested in the one song. And of course there's the financial part because I think some albums and games are way overpriced (NDS and WII are the worst). I must say that PC games are pretty much on track right now for under £20. And it doesn't matter if the author is a company or an indy... that's irrelevant to me.
So all in all, what's to gain/lose here?
Interesting thread. I tend to agree that DRM that treats the consumer as a criminal is a bad thing. Having said that, Steam seems to work pretty painlessly and adds a layer of functionality that makes it all worthwhile. Even the PlayFirst DRM didn't really bother me that much.
From a developer's point of view it's a pain having to worry about this sort of stuff. The general consensus amongst Indie developers seems to be that simple copyright is the best way to protect code and assets, and to regard piracy not as lost sales but as a means of greater exposure. Fortunately the xbox 360's (digital distribution, not disk based) DRM prevents XBLIG piracy, though for other platforms it is a bit of a headache.
Quote from: cat on Mon 27/07/2009 09:43:08
If I knew that credit card information is used for my personal copy of the game to show the name I probably would not buy the game. Credit card information is something I don't want to give away anyway (thats why I hardly buy anything on sites I don't fully trust) so I wouldn't want someone to mess around with this information, even my name.
In this case, I'd rather pirate the game then buy it myself ::)
I absolutely agree. Just wanted to clarify that I'm not planning on doing this. Just throwing the idea out there.
Quote from: Layabout on Sun 26/07/2009 07:53:14
Pirates will find a way. Most of them don't even care about what they are cracking, they just get a massive kick out of cracking other people's software.
This is true. Cracking a copyprotection is like a game. They enjoy it as much as we enjoy cracking a good puzzle in adventure games.
Quote from: cat on Mon 27/07/2009 09:43:08
If I knew that credit card information is used for my personal copy of the game to show the name I probably would not buy the game. Credit card information is something I don't want to give away anyway (thats why I hardly buy anything on sites I don't fully trust) so I wouldn't want someone to mess around with this information, even my name.
In this case, I'd rather pirate the game then buy it myself ::)
Well, if someone starts putting credit car information on the games, I think the credit card companies might have something to say about that. And when even just a name: kids would have their parents names on the games or maybe some guys name who bought it for a present? And then it would need to be visible otherwise nobody will know their name would be inside the game. Then some 10-year old shares the game and spreads around the world. You'll get the name of the kid (or his parents) and get $80,000 per estimated illegal download. And I'll bet your company will get some good publicity on the papers. :)
And I also agree. I don't like inconvenient copyprotections. Steam works pretty well, that's why most of the games I've bought are via that. If I have to choose between some StarForce drm and pirating a copy, I'm pretty sure I'll go for the latter.
I like how steam isn't intrusive and logs your cd-keys to your account, so no matter how many now computers you buy or if you lose the disc, you'll never lose a game.
Most other companies would just say 'Your loss, if you want to play the game, buy a new copy!'
Not only does it protect them, it also protects the consumers purchases. It's a two-way street. How it should be.
Given how much trouble commercial companies are having getting security to work without being overly obnoxious (and that most of them are failing at it big time) I don't think this is a job for an amateur game design community.
Besides, how many commercial AGS adventures are there anyway? Five, maybe eight? Out of many many (http://www.google.nl/url?q=http://www.youtube.com/watch%3Fv%3DTBtpyeLxVkI&ei=qZRuSqyBHcjI-Qae5eTcBw&sa=X&oi=spellmeleon_result&resnum=1&ct=result&usg=AFQjCNGpuXVYukstq4GpJcCfP8jAtB_Yyw) games made?
Quote from: Radiant on Tue 28/07/2009 07:03:37
Given how much trouble commercial companies are having getting security to work without being overly obnoxious (and that most of them are failing at it big time) I don't think this is a job for an amateur game design community.
This.
QuoteBesides, how many commercial AGS adventures are there anyway? Five, maybe eight? Out of many many (http://www.google.nl/url?q=http://www.youtube.com/watch%3Fv%3DTBtpyeLxVkI&ei=qZRuSqyBHcjI-Qae5eTcBw&sa=X&oi=spellmeleon_result&resnum=1&ct=result&usg=AFQjCNGpuXVYukstq4GpJcCfP8jAtB_Yyw) games made?
Well, let's see:
The Shivah
The Blackwell Legacy
Blackwell Unbound
The Blackwell Convergence
Super Jazz Man
Diamonds in the Rough
Time Gentlemen, Please!
Les Miserables
Downfall
Hauntings of Mystery Manor
Intrigue at Oakhaven Plantation
Al Emmo and the Lost Dutchman's Mine
Adventures of Fatman
The Zone
Deluxe editions of ~5 of Yahtzee's games (now made available free)
Banana Man(?)
So about 20 AGS games have been released commercially at various times.
New version
http://ledzepforever.googlepages.com/SecureFileTestV1_1.rar
Now its unbreakable via Hex editor.
Sorry Dual, the unbreakable V1.1 can be bypassed too, using a hexeditor.
Quote from: [ Arj0n ] on Tue 28/07/2009 23:03:59
Sorry Dual, the unbreakable V1.1 can be bypassed too, using a hexeditor.
Have you managed to? You can see it via HexEditor of course, but you can't see what I don't want you too. If you bypassed it upload it somewhere.. ;)
The program works this way, the dat file stores whether the game is in lock or in unlock state. The vgm holds the serials. The dir holds directory of files, such as filenames, decryption passwords.
The dat of the dir file, cannot be seen with a HexEditor either used on the file or the exe, at least not the 3 I tried to.
Using the game.previous_game variable it prevents from executing the program without SecureFile, securefile passes an int value with this command: RunAGSGame(filename,0,variable);
Also if certain files are deleted game locks up.
Quote from: Vince Twelve on Sun 26/07/2009 22:23:23
Can you explain how your SecureFile works? For example, what stops one person's serial number from working on another person's computer?
That's the only real flaw. Which is the only thing i can't beat without annoying the user. If that's changed, it will bug the player if he wants to install the game in another computer. The only way to IDENTIFY a serial number to oneself is to have him connect to the net, and that causes annoyance.
I'm just doing this whole thing for fun purposes and to see whether it CAN be done, creating a non-annoying yet cracksafe system.
Quote from: Dualnames on Wed 29/07/2009 01:49:28
Have you managed to? You can see it via HexEditor of course, but you can't see what I don't want you too. If you bypassed it upload it somewhere.. ;)
Uploaded (http://www.megaupload.com/?d=JMQJZNTV)
Can I ask how? I can't see that data with my HexEditors (3), that's why..
EDIT: Not really. Hehe. I got an error message! SecureFile can't be pawned!!
(http://i133.photobucket.com/albums/q53/JustLedZep/Sunset.jpg)
Still wondering what you did though if you care to tell me I'd appreciate it.
Quote from: Dualnames on Wed 29/07/2009 02:20:04
Not really. Hehe. I got an error message! SecureFile can't be pawned!!
Sending a copy 2 you is not enough to get it working.
I've checked it again and this is the
only and exact way how to bypass your SecureFile_v1_1:
01.: delete all files in the saved game directory (in any case: agssace.temp, agssave.101, agssave.temp)
02.: edit secfile.vgm and replace everything with anything, I replace it with hexcode A0 which is textstring altcode-255.
03.: run SecureFile.exe and hit enter when serial is asked
04.: watch the 3 happy dolphins ;)
sorry, pawned again... :P
Strange thing is when I backup agssace.temp, agssave.101 & agssave.temp in a rar file, then run the "cracked" game it crashes with the pirated message.
When I extract the rar and place agssace.temp, agssave.101 & agssave.temp back the game still crashes with the pirated message.
To get it working again, I need to delete the files mentioned above plus secfile.dat, & secfile.vgm.
Then I need to edit the vgm file again and only then it works again.
That's why my uploaded stuff you tried didn't work at your pc...
I can't find those savegame files anywhere!
Their not in the game folder nor in the Vista "saved games" folder.
Quote from: [ Arj0n ] on Wed 29/07/2009 02:50:57
Quote from: Dualnames on Wed 29/07/2009 02:20:04
Not really. Hehe. I got an error message! SecureFile can't be pawned!!
Sending a copy 2 you is not enough to get it working.
I've checked it again and this is the only and exact way how to bypass your SecureFile_v1_1:
01.: delete all files in the saved game directory (in any case: agssace.temp, agssave.101, agssave.temp)
02.: edit secfile.vgm and replace everything with anything, I replace it with hexcode A0 which is textstring altcode-255.
03.: run SecureFile.exe and hit enter when serial is asked
04.: watch the 3 happy dolphins ;)
sorry, pawned again... :P
Ok, so you've cracked it right? Or you got pawned?
I'll add another security check.
That will make the game unpawnable.(trust me)
Great job, there Arjon btw.
Quote from: Peder Johnsen on Wed 29/07/2009 14:24:52
I can't find those savegame files anywhere!
Their not in the game folder nor in the Vista "saved games" folder.
They are in MyDocuments\MySavedGames\Hitchhiker's Guide To The Galaxy Remake
Peder,
They are only created *after* you have entered a right serial or bypassed the serial input.
Cracked. (http://ueberlicht.googlepages.com/CopyofHHGTG.zip)
Made the engine believe 'AbortGame' is 'IsButtonDown'.
Neat smiley :D
http://ledzepforever.googlepages.com/SecureFileTestV1_2.rar
Eh smiley care to tell me how? the version I JUST updated is probably obsolete for I didn't see your post..
A debugger, basic knowledge of assembly and one bottle of beer.
Quote from: Dualnames on Tue 28/07/2009 22:30:43
Now its unbreakable via Hex editor.
Quote from: Dualnames on Wed 29/07/2009 14:33:54
I'll add another security check.
That will make the game unpawnable.(trust me)
I
think you're just joking (or trying to goad people to crack it), but statements like that sound a bit silly. Uncrackable DRM is fundamentally impossible, at least unless it's running on special tamper-proof hardware or needs to connect to servers under your control to run. You might as well be promising a perpetual motion engine. ("This time it will work!")
The best you can hope for is to make it enough of a hassle to get around that people won't bother. The problem is that crackers are very determined, and really pretty expert at what they do. You might eventually be able to foil whoever hangs out in these forums, but that doesn't mean your scheme would survive ten minutes in the wild. No offense.
...and by the time you have successfully foiled anyone who hangs out in these forums you got such a horrible monstrosity that no-one will want to play your game because of that. Take StarForce for example. Just google it and you'll find a lot of praise words for it. :)
Misj' gave me a fantastic idea in this thread: http://www.adventuregamestudio.co.uk/yabb/index.php?topic=38388.msg506406#new
(http://www.2dadventure.com/ags/Misj_BB_090805_Anagryph3D.png)
An awesome copy protection would be to make your game in 3d! And ship it with 3d glasses. If you used colors other than the standard red/blue, then it would be a huge hassle to pirate your game, because even people who happened to have 3d glasses laying around wouldn't be able to play. They'd have to go down to a craft store and hope to find some clear plastics of the same colors as your anaglyph. Unless they just played it as is, which would probably give the pirates a nice headache.
The hassle, of course, is that you can't have a download-only option, since you'll have to be shipping glasses to people. Plus, people who lose their glasses would be screwed...
Still, I would love to play an adventure game in 3d.
Vince, can I buy a special 3d edition of Resonance?
I would love to sell a special 3d edition of Resonance, but when I think about all the reworking I would have to do to make it so...
But now you've got me thinking of a 3d edition of Anna...
Lucky me, if I wanted to pirate one of those color 3d games, I'd only have to find one matching colored lens since I only have one good eye. ;D
btw. how does this red-green 3d work for people who are red-green color blind? Or color blind in any other way. :)
then only crossed polaroid lenses may do the job
I imagine you meant 'polarized' not 'polaroid'. :P
Ha, yes, crossed polarized lenses indeed.
They look exactly like these but then totally different-> 8)
:P
Quote from: Vince Twelve on Thu 06/08/2009 23:07:07
But now you've got me thinking of a 3d edition of Anna...
YES please! ;D.
Quote from: Snarky on Mon 03/08/2009 15:54:15
Quote from: Dualnames on Tue 28/07/2009 22:30:43
Now its unbreakable via Hex editor.
Quote from: Dualnames on Wed 29/07/2009 14:33:54
I'll add another security check.
That will make the game unpawnable.(trust me)
I think you're just joking (or trying to goad people to crack it), but statements like that sound a bit silly. Uncrackable DRM is fundamentally impossible, at least unless it's running on special tamper-proof hardware or needs to connect to servers under your control to run. You might as well be promising a perpetual motion engine. ("This time it will work!")
The best you can hope for is to make it enough of a hassle to get around that people won't bother. The problem is that crackers are very determined, and really pretty expert at what they do. You might eventually be able to foil whoever hangs out in these forums, but that doesn't mean your scheme would survive ten minutes in the wild. No offense.
There goes the man that takes the bad thing out of everything.. ;D
No, I'm not trying to make an uncrackable protection system, for none of the already existing protection systems has worked 100%, I'm trying to see when I can give up. I don;t think that crackers can be stopped. In fact it's like having a room filled with infinite monkeys hoping that they will not write a novel.
I'm just doing this for the hell of it people. Statements like its unbreakable are apparently supposed to sound like a manical laughter.
In fact I made a version that can;t be breaked via Smiley's way now, but I think I started working on a game so my interest in this is quite lost.. :D
In fact even if it became unbreakable, who the hell would use it? I wouldn't for one. :D
Quote
I'm just doing this whole thing for fun purposes and to see whether it CAN be done, creating a non-annoying yet cracksafe system.
Well, speaking from personal experience, you'll hit a boundary where on one end the software is relatively easy to crack and beyond it the software will be too unwieldy and punishing to legitimate consumers. Take TAGES, for instance. Cursory cracking of TAGES can result in 'glitches' being introduced in the software. There was one game where a group thought they'd cracked it but TAGES was still active and glitched several key areas of the game, changing prices to unmanageable levels or breaking areas completely. TAGES is a very insidious protection method, and as a result, sometimes affects legitimate owners as well. The same is true with SECUROM, though the protection seems to be less intrusive now (unless you're completely against installing the SECUROM software, which is your right). I've gotten a couple SECUROM games lately that don't care that I have alcohol 120% installed for virtual drives, for instance, but it wasn't always that way.
I'm just saying that at some point you'll make the trade off between something a crack group can solve easily or something that will bother legitimate consumers. It's the top conundrum facing the software security industry right now. I think what you're doing is good and if nothing else gives you some good coding practice.
I think we should all just go back to code wheels with silly faces on them ^_^.
Quote from: ProgZmax on Sun 09/08/2009 13:58:39
I think we should all just go back to code wheels with silly faces on them ^_^.
Hear hear! :D
Okay boys new version is up.
http://ledzepforever.googlepages.com/SecureFileTestV1_3.rar
Hello!
So, what's the meaning of life? ;)
Quote from: Dualnames on Thu 20/08/2009 09:03:18
Okay boys new version is up.
http://ledzepforever.googlepages.com/SecureFileTestV1_3.rar
Just adding QuitGame is a bit cheap.
http://ueberlicht.googlepages.com/CopyofHHGTG3.zip
(and no, fading-in instead of quitting is totally on purpose, and not a glitch caused by a quick and dirty crack :=)
Yeah, just one security precaution like that isn't going to work. You need to make a function crash the game that can't be 'replaced' if the game is to still work properly. Like, calling the Display function in a way that causes an error, or inserting a loop that never finishes... or, going the more sneaky way, making the game unwinnable by removing a critical item.
And marking the cracked save file so it won't work with a genuine release and they have to start again from scratch.