cd-rom protection

BlitzMax Forums/BlitzMax Programming/cd-rom protection

Captain Wicker (crazy hillbilly)(Posted 2012) [#1]
Is it possible to make it where the buyer of a game would have to insert the game dvd to play the game? Anyone?


GfK(Posted 2012) [#2]
Yes, but don't. Everybody hates that crap.


Yasha(Posted 2012) [#3]
Of all the copy protection methods that don't work (Steam is pretty much your only option), why are you going with one that's actually mechanically obsolete? On these forums alone, there are constantly people talking about how nobody buys computers with optical drives any more, and when was the last time anyone bought a game on physical media? DVDs exist for people who haven't backed up their old software to images yet.

Yes, it's possible, but it's way beyond "waste of time" and well into "actively harming your product" territory, by making half the world unable to play the game and the rest annoyed by having to jump through silly hoops. And, going back to the top, it has no value whatsoever as a copy protection mechanism, because it's so trivially easy to bypass (rip DVD, mount to virtual drive, done).

Last edited 2012


BladeRunner(Posted 2012) [#4]
Although i agree that a "this dvd must stay inside the drive" is absolutely bullshit, i have to say that i like to have my games in a non-online-form. i like all those packages, annd goodies, maps, printed manuals and the like. I may be a dinosaur, but this is a lot of the fun for me.


ProfJake(Posted 2012) [#5]
It's also very easy to forget that there are still a lot of regions where downloading multiple gigabytes of data
for every game is not an option. A CD/DVD/BD ensures that you can install and play whenever you want.

However, I agree with GfK and Yasha: Don't do that.
I have never even heard of an Indie game that actually comes on a copy-protected disc.


xlsior(Posted 2012) [#6]
Is it possible to make it where the buyer of a game would have to insert the game dvd to play the game? Anyone?


It's definitely possible, but easily defeated by those who really want to, and a MAJOR hassle for all the people out there that:

1) Have a netbook without optical drive
2) Have an ultrabook without optical drive
3) Travel a lot with their laptop and don't want to lug along a stack of CD's

Requiring the CD is a major inconvenience for legit users, and won't make any difference at all to pirates... So why even bother with it?


Captain Wicker (crazy hillbilly)(Posted 2012) [#7]
but don't. Everybody hates that crap.

What if I made the app like this and allow the user to play without the cd if they can verify their purchase? What are some dvd rom manufacturers? I think this sounds like a sure plan! If the user can verify they have paid for the game they will be sent a file to allow them to use the game without the disc.


Yasha(Posted 2012) [#8]
Do you ever read people's responses properly?

Disc-based copy protection does not work, and there is no way to make it work. All you will achieve is to annoy people who are too lazy or non-savvy to bypass it themselves.

i.e. There is literally no reason to investigate disc-locking unless you are actively trying to annoy users.


Captain Wicker (crazy hillbilly)(Posted 2012) [#9]
Do you ever read people's responses properly?

I thought it was a good idea! :(
you are actively trying to annoy users.

nevermind I wont do it. :P


Grafos(Posted 2012) [#10]
What if I made the app like this and allow the user to play without the cd if they can verify their purchase? What are some dvd rom manufacturers? I think this sounds like a sure plan! If the user can verify they have paid for the game they will be sent a file to allow them to use the game without the disc.

Isn't this concept similar to serial key activation? And like serial key activation, what's stopping the user from sharing this file?

I used SecuROM on the first game I developed (incidentally it's a project I completed in Blitzmax). It worked really well for the target audience where only "casual" piracy would occur. I decided against it on my second game nevertheless as it didn't work with Macs, if I remember correctly, and the cost was quite high for the small market I am targeting.

I am not as negative as most people here, I think there are cases in which it might makes sense, but I don't think I am going to use it again. I am now developing an indie game in Unity for broader markets, which I hope to sell through online services, so no more physical discs hassle at all. For broader markets, I would agree with the majority here, it doesn't work and is like punishing your customers.


Captain Wicker (crazy hillbilly)(Posted 2012) [#11]
Isn't this concept similar to serial key activation? And like serial key activation

My only problem about that is that with Click Team's Install Creator, I have no idea how to use the serial activation stuff and if i sold an app with that what if the app wouldn't activate with the key? Or what if the serial key had already been used and needed changing? I would be compiling setup programs all day so every buyer would have a different serial key. What can I do?


ima747(Posted 2012) [#12]
Core problem: How to prevent people from pirating a game.
Solution: You can't

Longer solution explanation: Hackers are a level above your most skilled legit users. Pirates are also generally above skill of your best legit users. This means that anything any of your legit users can do, the pirates can do too, probably better. There are no security methods that can stop dedicated pirates/hackers. You *might* be able to dissuade causal pirates *sometimes* with incredibly invasive measures, but this will annoy your legitimate users more than it will stop piracy. The end result is that unless you can afford a HUGE investment in anti-piracy development/licensing AND you don't mind pissing off legit users you can't really dent piracy, and you will cost yourself legit users and raise your support costs as well so even then it's not worth it. Here's some examples.
Ubisoft employs very restrictive DRM on their games. The result is people boycot their PC sales, and the pirated versions that have the DRM stripped are usually available a week before the legit version... result, huge cost, pissed off users and VERY active pirates.
Personal experience: One of my iPhone projects has licensed components that cost us money for every user that installs the app. As a result we HAVE to be proactive about anti-priacy since every pirate costs us real world money, not just a "lost sale" (which is not a real thing IMO). Apple has crazy tight DRM and a cohesive store, and it's trivially easy to make a legit purchase and a hassle to pirate something, but we still send about 3 DMCA take down notices to piracy sites every single day. That's a lot of time spent finding distribution sites and contacting them every day. And there's jack squat we can do about torrents and other distributed things. It's a loosing battle, and it costs a lot of time and energy. Don't try to play that game unless you HAVE to, and are willing to commit AND you know you'll never win. We do it because we have to mitigate losses or the project would turn un-profitable.


xlsior(Posted 2012) [#13]
Just consider this: If even multi-billion dollar companies like Microsoft and Adobe can't prevent people from pirating their software, there is pretty much nothing you or I could do about it.


SystemError51(Posted 2012) [#14]
I don't think there's any point in trying to physically protect your data in this way. Ultimately you cannot prevent it.

Only thing you can do is to do some sort of online verification - but also know this: Adobe has tried this with their Creative Suite products, and a simple edit in the hosts file makes CS think the product is genuine.

Bottom line is, whatever you do, piracy cannot be prevented.


Grafos(Posted 2012) [#15]
Yes, but it really depends on his target audience. If he's selling to a smallish non tech savvy market, chances are you he prevent casual piracy. Problem is, if the target market is too small, it might not make sense from a financial point of view to invest in protection.


TomToad(Posted 2012) [#16]
An idea, use an easy to crack copy protection. Periodically send out updates which check to see if the program has been modified and disable the program if it has been found to be cracked. If your program runs online, you can enforce upgrades by only allowing latest version to log on.


PowerPC603(Posted 2012) [#17]
This won't help either.
If the end-user knows he's using a pirated version, he won't install the updates and his program will continue to work (if it's single player or an offline game).

He'll only be missing out on the latest stuff you've included in your program.


I was thinking about such stuff as well before and found something that might work.


When a person buys your program, you need to supply it with an activation key. Nothing special yet here.

The buyer needs to register this key with their email address and perhaps a few extra things to make every account really unique.

When the key is used the first time, your program could send the activation key and the extra personal data (email, ...).
This server must process the data, send back a special code in return and save it in the person's account.
The program MUST receive the special code or it won't run.
This will prevent the hosts-file being edited to fake a server.
Also, the game needs to know if the received special code is correct and must generate it as well using the same algorithm and compare the received code with the generated one.

Next time the program runs, it needs to send the activation key and the special code returned previously by the server.
The server accesses the database that's linked to the key and verifies if the special code is still the same.
If it's the same, it must generate a new special code (it may never be the same) and send it back to the user. The server and the program must also store this new special code.




Now, if a pirate distributes an activation key, and perhaps the special code as well, it won't do any user of that pirated version any good.

Since the special code changes with every use of the program with that activation key, nobody else can use a pirated activation key.
Since there is no way to tell how many times a certain activation key has been used, there is no way to predict the special code needed to get the pirated version working with that activation key.
The server just won't respond with a new special code and the pirated version stops working.

This approach will always need an internet connection though, or the program won't work.
But nowadays, there will not be many people without an internet connection anyway.

Last edited 2012


Yasha(Posted 2012) [#18]
...thus leading me to propose "Yasha's tenth corollary to Greenspun":

Any sufficiently complicated copy protection system contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of Steam.



Captain Wicker (crazy hillbilly)(Posted 2012) [#19]
piracy cannot be prevented.

that sucks! shut down tpb!


GfK(Posted 2012) [#20]
British ISPs have already blocked access to TPB, as detailed in this article which, looking at the photo and awful spelling mistakes, was written by Harry Hill's dyslexic brother.

Anyway, you get the idea with that.


Captain Wicker (crazy hillbilly)(Posted 2012) [#21]
British ISPs have already blocked access to TPB

there are many more to block and wish it was like that in the US. :P


xlsior(Posted 2012) [#22]
British ISPs have already blocked access to TPB


...which had zero effect: piratebay traffic *increased* after the block, in part thanks to the 'free advertising' the site got by thanks to the press releases about it being blocked:

http://www.develop-online.net/news/41170/Pirate-Bay-circumvents-UK-block-with-increased-traffic


SystemError51(Posted 2012) [#23]
that sucks! shut down tpb!


there are many more to block and wish it was like that in the US.





Captain Wicker (crazy hillbilly)(Posted 2012) [#24]
>> in response to the image posted above by SystemError51
haha very funny!