Ubisoft Code Cracked...

Well, no they are a limitless resource who do it for "fun" and "because they can". A game developer or publisher have quite limited resources. So no matter how much you time and money you spend, it will be hacked. It's the world vs. a select group of individuals. Even the Spartans were defeated.

Also, I don't understand how having a constant internet connection helps anything. If certain code is required from the server side, then what's to prevent running a spoof server locally on the client side, and capturing that code from an actual version of the game, and having that code sent from the local fake server.

 

How are you supposed to spoof the AI? Program your own? Is it really the piracy if you rewrote the game?

 

Its not unicorn dust, magic or anything else... just a pure numbers game.

It doesn't matter how good your castle walls are or if you have 100,000 solders inside them if your opponent has unlimited manpower and unlimited time your walls WILL fail sooner or later. This has been proven time and time again in EVERY stage of security and defense.

Your problem Lithus (and indeed every DRM proponent) is PRIDE. You somehow believe that you are smarter than everyone else...
You aren't.
Sooner or later someone will come along who is better in at least ONE aspect and thus can beat your "unbeatable" defenses. (in your case magical theoretical defenses that no one, not even experts far more experienced and knowledgeable than you, can make work)

All of your examples (and even WoW) have been beaten... the system only works when SERVICE is what is sold. Nearly every MMO on the planet uses something similar to what you propose and it is STILL defeated. Rogue MMO servers are the norm now and even though this processing is done server side, it is taken via trickery, treachery or via reverse engineering.

Sooner or later you will learn young padawan.
Choosing your battles is the biggest challenge in life.
DRM is unwinnable and not worth winning.

 

I do choose my battles, and DRM is not my battle. It is however, fun to talk about.

You on the other hand, need to understand the computers are logical objects. There are things that can be done and there are things that can't be done. As in can't be done period. Not can't be done because it's hard, or can't be done because there's not enough manpower, but can't be done because it's just not possible.

For instance - making a program to predict the lottery numbers for next week. Can't be done. Why? Because the information needed - the lottery numbers - does not exist.

A million people can storm the castle walls, but if the castle doesn't exist, you're not breaking into it.

But you are right in the aspect that security is a game of escalation. Now I take caution in saying uncrackable DRM, because technically, you're right, everything that can be made can be destroyed. But DRM serves a distinct purpose in that it's to prevent the maximum amount of people from obtaining your software illegally.

Now, how can you crack my theoretical DRM? Well, you can hack the server and literally steal the AI script running serverside. But that's escalation to a point where the culprits leaves themselves vulnerable to arrest, since it's not just mere piracy now, you're talking big boy crimes. Remember, on of the big reasons piracy is rampant is because of anonymity - there's a reason why banking servers aren't broken into every day. Not because it's impossible, but because you're going to get caught.

 

I'm sure whatever the server sends is either a static file or predictable variables. It wouldn't be so hard to capture everything sent to your PC to make the game work, and use that information to make a client side server that sends the same info.

Other than using a security token supplied to each user and plug that in every time they play the game, how would the client side know what it is receiving from an authentic server or not?

 

In respects to the chess game, the data sent is a chess move. So let's say you're white, and the computer's black.

After your move, your computer sends a packet to the server detailing where all the chess pieces are on the board. The server runs the AI script and sends back a resultant move - Black Knight to E4. That's all the data that gets sent back.

By itself, that data is useless. You can intercept it all you want, but it doesn't have any value to you. What you need to set up your own server is the AI script, which is never sent across the network. There's no security tokens, no encryption, nothing. Heck you send the move though the postal service if you wanted to.

 

Victory = the people paying you hate you + hold a grudge against you.

Perhaps it's just a loss of pride when the games get hacked that makes them do it...

 

Various online News reports seem to suggest otherwise with regards to bank servers not being hacked daily. Regarding the risks of being caught, it sounds like not many actually have been caught.

Now regarding escalation to a point where the culprits leaves themselves vulnerable to arrest, what about the (alleged) Denial Of Service Attacks on the Ubisoft Servers which caused the games to fail?

I would class that as escalation to that point. It is way beyond some one merely downloading an illegal copy (assuming the reports were true).

 

I heard the .txt only says enable.sp=1 , So much for trillions wasted on DRM.

 

I think "daily" would be stretching it. Piracy and DRM are issues because they're so common and rampant. If piracy was only as common as a banking server being hacked, it wouldn't be much of an issue.

DDOS attacks are escalation, but doesn't really help anyone. No data is stolen during DDOS attacks, and only serve to inconvenience the target.

 

I guess the game companies never learn, or should I say, refuse to change their stance. I absolutely refuse to buy any game with DRM. Period. It's the same old story, it never changes. See, that's why all the games I have are from 2003 and before. I just wont buy/play any games with DRM on it.
The only reason I ended up buying battlefield 2142, was because there was a saved profile download that didn't require me to activate so I could play single player. Since I never play multiplayer games, it was no issue for me.

 

So you're talking about running some game code server side instead of just a verification check? Well that's in line with OnLive, and IMHO a fail waiting to happen. But I digress.

 

If there is no randomness in physics then it can be done.

 

i agree, sounds like if you are hosting that much content serverside then it just sounds like onlive

and tbh the speed of net connection you need for that is insane enough

hosting something like a chess game where 2/3 ms think time isnt really noticed is something totally different to something like single player Cod where you need "live" interaction

Even things like WoW the fights are pre-ordaned (hence sites like tankspot giving all the fight details) so they dont need to keep the "AI" back as it is all preset

 

While it is in line with OnLive, it is not the same. OnLive requires the streaming (mainly) of video data. The idea here is to keep some non-static vital information piece.

 

Im actually surprised it took this long.

 

Functionally, it's pretty much the same, except you don't get the benefit/downsides of streaming the video and sound - so you still have to have a beefy system to handle it, PLUS the beefy internet connection.