Network now...BLOG
The Grail of Unlimited Gaming
Philipp Marx is CEO of Marx Security Software
For almost three decades the software industry has forced legitimate, legal software users "to jump through activation hoops and endure limited usage licenses". On the other hand we are looking at a multi-billion dollar industry that is trying to protect its intellectual property as well as extensive development and maintenance investments. And it’s a continuing battle. For every new method that appears in order to stop the seemingly endless march of the software pirate, a new method of working around such restrictions is being devised and posted on the many “crack” sites on the Internet. It’s a war that has many casualties. But surely there must be a golden path through the middle of it all?
We at Marx believe that there is a key to unlimited gaming. We have been in the software security business for many years now, and work with many of the leading Fortune 500 companies in protecting various digital IP. Now we’re helping the leading games companies in this field. The holy grail of software protection is an unobtrusive security device that protects intellectual property, and gives the legal user benefits and advantages to make its use attractive. It also has to be simple, failsafe and, perhaps most importantly, it has to in no way detract from the experience of the entertainment that it is trying to protect. If a security device fails any of those tests then it will be consigned to the dark annals of history.
So what is the solution? Well, that depends on who your audience is. In most DRM issues the end-user is the focal point. Prevent the end-user from stealing your IP and all is right with the world. But there are other considerations: what about middleware? Engines and AI tools are expensive to develop, and the temptation to work around the license fee structure via illegitimate means could potentially cost many millions of dollars in lost revenue. These non-consumer facing IP’s are the engine rooms of the games industry and are a valuable commodity. And what about Alpha and Beta code? If your latest smash game is suddenly released into the wild then revenue is going to be hit, and hard. So I don’t believe that it’s just the consumer that needs to be provided with a legitimate security solution. It is the entire IP chain.
Take as an example our thumb-sized CRYPTO-BOX USB token. It’s designed to look like a fashion accessory and be as easy to use and, perhaps more importantly, be as unobtrusive as possible. The metal case is water and irradiation proof. As we’ve already seen with past systems, what seem like minor inconveniences at the time (playing the game on a slightly oversized TV, getting the manual wet etc.) can render a legitimate purchase useless. If a security system is to work then it has to be almost transparent from the user point of view. Simplicity through design will always win out. If you can plug a CRYPTO-BOX USB token into the relevant port of your PC or console and leave it to do the job it was designed for then you move a long way towards taking away the fear of protection and the associated systems.
The CRYPTO-BOX USB token implements the AES / Rijndael algorithm through its own hardware. By doing this, it does not expose any of the algorithmic process through the host computer resources. You now have a system that meets two of the most important criteria for DRM – absolute security coupled with simplicity of use. The Rijndael algorithm used also offers extreme safety and great performance, as well as high efficiency. By comparison, mere obfuscation and activation cannot measure up with hardware based encryption.
All industries can benefit from real security solutions, but perhaps none more so than the interactive entertainment industry. The product that it sells is merely a grand collection of 0’s and 1’s, put together in so beautiful a way as to take players to the outer reaches of space, or the cockpit of a formula 1 car, in a photo-realistic manner unimagined a few years ago. The distribution of intellectual property such as this, along with services sold over the Internet, electronic distribution and pay-per-use systems, all offer new International distribution channels. Conversely, they also offer new temptations and illegitimate channels for software piracy. By making use hardware solutions these illegitimate channels can be locked out and the industry can move forward, safe in the knowledge that it is doing all it can to protect its IP and, therefore, its livelihood.
Contact Us / About Us / Advertise With Us / BeltwayBlips / TechBlips / MassiveBlips / GamerBlips / FAQ
Subscribe To Edge Magazine / Corrections / Terms & Conditions / Privacy Policy
Copyright 2006 - 2009 Future Publishing Limited, Beauford Court 30 Monmouth Street Bath, UK BA1 2BW
England and Wales company registration number 2008885
Subscribe To Edge Magazine / Corrections / Terms & Conditions / Privacy Policy
Copyright 2006 - 2009 Future Publishing Limited, Beauford Court 30 Monmouth Street Bath, UK BA1 2BW
England and Wales company registration number 2008885
so, it's perfect because you "can't" break it? No one has ever lost a dongle before, that's a fact.
How weird. I must have clicked on this advertisement by accident.
heh. here here.
A chip based copy protection?
I can just imagine it: a common hardwired logic, the same for all the chips, and little ROM containing a decryption key, unique for each videogame title.
Reverse-engineering the hardwired logic sounds difficult but possible. I'm sure there are people out there with enough free time and passion to do it. And once they hack one, they've hacked every game out there and probably the ones to come in a year's time. Why? Because to change the design of chip and mass produce it takes time and is affordable only if you order millions of units, which means that Marx's (or Engels's, hehe..... nevermind) DongleRom, unlike Securom, won't be able to update their copy protection every month.
Sorry, but no.
First of all, several people have mentioned this already but it bears repeating, this is not "hassle free" in the slightest. Keeping track of disks is enough of a pain in the posterior. USB dongles are small and easily misplaced. Also, I happen to use my USB ports, thank you. My mouse, keyboard, art tablet, printer, scanner, and joystick stick their proverbial tongues out at your dongle. Yeah, I have two free in the front - but I use those for temporary-but-legitimate uses already, like connecting my camera, mp3 player, and USB memory sticks. If I'm having to constantly remove dongles to do it, that's not hassle free.
But beyond that, the realities of the idea are problematic at best. On a five thousand dollar piece of software, a dongle is at best a fraction of a percent of the overall price of the package. On a 30-60 dollar piece of software, however, I would expect prices to rise to include this new "feature". And what about replacements for the inevitable fraction of these certainly mass-produced-by-the-lowest-bidder-in-godknowshwere-China doohickeys that simply don't work? Or for people who lose theirs, or it breaks or malfunctions in some way? Yes, yes, all these are already issues - a certain fraction of CDs are defective out of the box, CDs get lost and scratched, etc. But you're essentially doubling the potential things that can go wrong from the get go with this idea.
And none of this addresses the core problem that people have been pointing out for years - none of this works. You can find any software package you care to name, costing thousands of dollars, on the black seas of the pirate-infested internet. Inevitably someone finds a work around, be it cracking the protection, circumventing it, spoofing authentication codes, whatever. And as pointed out, this doesn't take months or years.
But all that said, Mr. Marx has one good point - it's not just the end users. We're the only one who get treated like thieves, but how do you think so many games hit the pirate scene days or sometimes weeks before release? Whether the leak comes from someone in the company that develops the game, the publisher, the disk stamper, or any of several other points where the often less-than-secure code changes hands, there are problems. Better security here could be useful, yes, but it's really irrelevant to the discussion of end-user security... Despite Mr. Marx assertion that his company provides an all-in-one solution, I don't think anyone seriously thinks that the answer for corporate security and keeping Joe McTorrentgoogler in line are the same thing.
There's a problem that I can see here. You're only focused on what you can do to protect "the intellectual property", but not how you can make it seamless for the users.
There are two markets where the reaction to f.ex a dongle would be radically different. There's the professional market, where software such as 3d studio etc has used dongles to varying degrees of success, but where it probably would be tolerated since it'd be one of 5 pieces of software used on the office PC. And then there's the private market, where convenience is more and more important, as our daily lives get more and more hectic.
I can't say much for the professional market, as I don't use software such as PS/3ds/autocad etc, but I can say that the private market is probably NOT going to accept stuff such as dongles. Someone else has already pointed out one problem with USB dongles, and that is that it won't last forever. I also think having to use a dongle for watching a movie or playing a game would be massively annoying, to the point where I just wouldn't bother. Imagine having 100 games with a dongle each. Having to keep the CD/DVD in the drive is already enough of an annoyance.
If there's code on the dongle, that can be copied and hacked into the main .exe somehow, or emulated. If there's a driver-based DRM system, that can be hacked out of the main .exe. Normal people might not be able to do so, but there are plenty of people who can, and will, do so. And publish the hacks afterwards. This is true no matter what you do, and this has been shown time and time again to be true. Everyone in the software industry knows this, yet they insist on trying to think up more and more radical methods to stop this from happening.
My main point is, however, that you can't just think "how can I stop people from copying my software", you must also think "how can I stop sufficient amounts of people from copying my software, while still not pissing off enough people with annoying DRM systems so they'll just find other things to do with their time and money".
The reason I'm saying this is, the gaming industry has lately made inroads into DRM systems which are so intrusive that it's just too much, so much so I had to write an open letter to the gaming industry (or more specifically, games publishers, since they're the ones putting DRM on the games). I believe this doesn't go just for the gaming industry, however, but the whole entertainment industry as a whole.
And after googling about a bit, I see that I'm far from the only one thinking that things are becoming too ridiculous, and they are /not buying/, simply because they are sick of the DRM.
Even if the dongle is safe, the EXE on the PC is not. Technically all those special CDs and DVDs that can't be copied are a sort of dongle, that did not work so good either. Shifting authentication from the IDE or SATA connector to USB will yield the same results. The EXE will be eaten alive rendering dongles, special CDs, etc obsolete.
Apart from not existing safety there is the issue of costs. Will each game require its own dongle? how will customers react to owning five of them? Can they be produced in the numbers the industry would require? Without its secrets leaking!!!?
The more obtrusive DRM becomes, the more people seek alternate methods. Despite what you believe, dongles are incredibly intrusive, which is why they are only implemented in a small number of fields. Piracy isn't what's destroying the software industry, it's spending too many resources trying to stop pirates and not enough on improving methods of development and distribution. When DRM is implemented, it prevents hassles for the end-user and only a minor obstacle to the pirate. DRM has made it easier to pirate than to legitimately use a system.
This is not a new idea. At least on the Mac side professional apps used to come with dongles to authenticate. It caused a world of hurt when we switched from ADB to USB. What happens to this system when USB is obsolete?
So the solution to the protection of intellectual property is a dongle? Seems pretty backwards to me. I would think that the eventual takeover of digital distribution would provide for more elegant solutions.