Anti-piracy for commercial ags games?

[Dave Gilbert]

Hi all,

Manifestogames has offered to distribute one of my games on their website, but when they tried to put their usual security measures on it it did not work.  They tried to explain to me why, but I'm afraid it all went over my head.  I thought I would forward the message to this forum and see if anybody had any brainstorms.

According to the guy from Manifesto, it isn't worth it to implement this method in AGS, but it's certainly something to consider if there are more commercial AGS games in the future.

Here is the response:

-----Original Message-----
From: Greg Costikyan [mailto:greg@****.com]
Sent: Saturday, August 26, 2006 4:24 PM
To: Dave Gilbert
Subject: RE: Manifesto Games product integration instructions: The Shivah

Dave:

Here's the basic problem:

1. As far as HASP SL is concerned your exe file has a "non-standard
data structure." Apparently, it believes -any- exe where the build
includes data tacked on after the actual executable code is
"non-standard" (which it is, but this is common for things like
Shockwave and, I assume, AGS, which like to produce one neat file for
people to distribute).

2. Other DRM solutions (such as Trymedia's) have a 'switch' you can
flip to allow these kinds of .exe's tobe protected anyway. HASP SL does not.

3. As far as I can tell from Aladdin's site, they aren't supporting
SL any more, anyway.

4. So we're probably going to have to move to a different solution
down the line, but it works okay for now.

But 5., it probably isn't worth the AGS' folks spending a lot of time
trying to solve the problem themselves.

But if you want some documentation, see
http://library.aladdin.com/

At 09:33 AM 8/26/2006, you wrote:
>Hi Greg,
>
>
>I am curious as to what DRM actually is.  Is there some literature I can
>look at? I'd like to forward to the techies of AGS and see if >they know
>why it won't work.
>
>-Dave
>

[SSH]

Have you tried making the game with resource files on, so that all the data is in a seperate file?

[Pumaman]

Even with the resource files enabled, some data is still stored in the EXE.

Personally I'd say this is a fault with their copy protection system if it can't work with EXE files with appended data.

[Alynn]

Yes and the designers of the copy protection system would say appended data on an exe is a poor design choice...

It's all about point of view

[Vince Twelve]

Congrats, Dave!  Getting on Manifesto (or Man Festo as their logo implies... I'm not bitter... my logo submission was among the final six) is really cool.

DRM basically makes it slightly more difficult to pirate your game (it can and will be overcome by the determined), but does so at the expense of ease of use and often annoys your paying customers.  I know it's a necessary evil as seen through the eyes of publishers, but I don't see why it needs to be put in place for a small five dollar (assuming Manifesto would be keeping that price) game.

You should suggest to Greg that he just leave off the DRM.  I'm sure he wouldn't mind, since he preaches that the publisher works for the developer not the other way around.

I really wouldn't expect your game to lose any sales to piracy.  It's not really the type of game that is actively pirated.

This thread reminds me, I still need to get my copy of Shivah Delux!

[Radiant]

DRM basically makes it slightly more difficult to pirate your game (it can and will be overcome by the determined), but does so at the expense of ease of use and often annoys your paying customers. 

Indeed. Imho, indie gamers should stay well away from digital restrictions management. If your game is good, people will pay for it and you don't need such a hassle.

[Dr Lecter]

Anyway, extra security will just make people more determined to break it.

[SSH]

Even if you could make the AGS runtime engine copy-protected, all the pirate would need to do is use the normal version of the engine...

What might be most effective is to watermark each copy you give to people with a unique ID and then at least when you find it on eMule you know which git put it there.

[Dave Gilbert]

What might be most effective is to watermark each copy you give to people with a unique ID and then at least when you find it on eMule you know which git put it there.

That was a plan I originally had, SSH.  But in thinking of it, it didn't seem practical.  Instead of a customer being able to just download it directly from a site, they would have to wait for the developer to compile a new copy of the game with a new ID.  Even if you only did CD sales, that would get extremely tedious very fast depending on how popular it is (for both customers and developers).  Unless there was some cool way of doing it automatically, but I can't think of how.

[scotch]

Setting it up automatically would be doable, but it's just impractical as a security measure, what you going to do when you find someone's ID on a pirate release? Sue them? All your profit and more down the drain, on trying to get damages from someone, for doing something pretty tiny, that is unfortunately very damaging to your business model...

Obviously it's impossible to stop people from cracking your game and sharing it. On the other hand copy protection will generally increase the time it takes for someone to put it up, and if your game isn't high profile, it may never get cracked. I don't think we need it as part of AGS, mainly because it's a feature that so few would use.

[Dave Gilbert]

It wouldn't stop people from doing it, nothing can prevent that.  But, it would take the anonyminity (sp?) away from it.  A customer would probably think twice about putting something on a download site if they knew that they could be found.  Of course, if the customer was an evil bastard, he probably wouldn't care.  It's more of a deterrant than a preventative measure.

[scotch]

You're right, for a small scale game it'd work as a deterant. If you explain along with the download that there's a unique ID. For a big game it'd just be another thing to crack out of the file, but it could be worth trying for people flying under the cracker radar.

[Dan]

How about using a seperate file to store the "User ID". This way you could have the webserver generate a "key.txt" file or whatever for each sale, and the user puts that in the game folder before it will run (or maybe it just runs as the demo without a key). You could and infact should encode or encrypt the data in key.txt to prevent the user simply changing the contents.

Not a rock-solid solution but a deterrent as you say. I could probably help with scripting it if you needed.

EDIT: I'm looking through the docs, and does AGS have an XOR or similar function?
EDIT: Found it.

[Dave Gilbert]

I was thinking about code embedded within the game itself.  That way if the game showed up on emule, the developer could just download it, boot it up, and type in a code to see the ID.  Then the developer could consult their records to see what customer matched with that ID, and you'd have your culprit.

If you created a seperate file to store the User ID, couldn't the pirate just leave out the file when uploading it to a torrent site?

[Dan]

If you check for the file in the game script, using something like:

Code: ags

File *key = File.Open("key.txt", eFileRead);
if (key == null)
  ChangeRoom(INVALID_KEY);
else {
  // test the key
}

Then you could create a room with a message about the key being missing, or maybe set a global instead to indicate that the key was not found. Testing the contents of the key file if found would then set the same global or goto the same room if the key was invalid.

[Vince Twelve]

The problem with that, Dan, is that all someone needs to do to "pirate" a game with that copy protection, is to distribute the game with the key file already included.  That copy protection only takes one sale to break.  In effect, it provides no improvement, security wise, over simply distributing the game with no copy protection.

The only advantage that could have is if the player is allowed a free trial period (a few chapters, levels, or minutes) and then the game requires the purchase of the key to continue playing.  But again, someone could simply share the file on any filesharing network with the key included and the copy protection is "cracked."

[Dave Gilbert]

Yeah, as we said it's more of a deterrent than actual protection.  Since each sale will generate a different keyfile, then all the developer has to do is look at that keyfile and they'll know who has been being naughty.  Assuming that the developer keeps good records, of course. 

But, this doesn't solve the problem of people actually pirating the game.  If someone uploads the game, and doesn't care if you know who he/she is, then there's nothing you can do aside from glare at them from over the internet.

[SSH]

The only effective way to stop piracy would be to have the game "phone home" its unique ID before you could play, but lots of people would hate that and see it as spyware.

[scotch]

Such a thing would probably easily be cracked out, it's just another key check sequence after all. Mount & Blade, a fun indie action rpg does this, the exe is verified and encrypted until runtime to avoid crackers, you need to be online to play it, and it's updated frequently, and still you can get pirate versions.

[Dan]

I have made a little proof-of-concept module and test "game" if anyone is interested in taking a look and maybe taking the concept further:

http://www.freetohost.co.uk/dan/SimpleKeyFile.rar (2K) [module]
http://www.freetohost.co.uk/dan/skfTest.rar (37K) [test "game" and module]

As mentioned, this is not a copy-protection scheme, so much as a way of providing a demo and full version in the same exe, with a keyfile used to unlock the full version. I've used a home-grown encryption so I wouldnt recommend using the module as-is in a production game.

In a real-world situation, the keyfile generation would probably be handled by a web-server and not the game itself Anyways, feel free to do whatever you want with this.

Cheers,
Dan.