Bioshock DRM crock
August 25, 2007 3:58 PM   Subscribe

Okay, I was waiting for this story to make it's way to MetaFilter.

Could some nice person please explain in a little simpler terms what exactly a root kit is and what it does?
posted by lazaruslong at 4:00 PM on August 25, 2007

Apparently even the Bioshock demo installs SecuROM, and SecuROM is not uninstalled when the demo is uninstalled. Isn't that against the law?

SecuROM turns out to be a Sony product. You'd think Sony would have learned their lesson the last time.

In the mean time, here is the official word on how to uninstall SecuROM, but it's anybody's guess whether it actually succeeds.
posted by Steven C. Den Beste at 4:02 PM on August 25, 2007

Except, as the original links that this seems to be a reference to note, it's not a root kit. It's usual DRM nastiness that happens to get misidentified as a rootkit because it uses a rootkit-common technique to "help make sure" that you don't accidentally delete your keys.
posted by ROU_Xenophobe at 4:02 PM on August 25, 2007

Wikipedia on "root kits".

Depending on how picky you want to be about detailed definitions, SecuROM may qualfy as one. But it's evil, nonetheless. You do not want it on your computer.
posted by Steven C. Den Beste at 4:03 PM on August 25, 2007 [1 favorite]

Apparently even the Bioshock demo installs SecuROM, and SecuROM is not uninstalled when the demo is uninstalled. Isn't that against the law?

You're seriously asking whether it's illegal for software to fail to uninstall itself cleanly?
posted by ROU_Xenophobe at 4:05 PM on August 25, 2007

PC != Windows

LOLWINBLOWZ!!!!
posted by quonsar at 4:05 PM on August 25, 2007 [2 favorites]

...that should have been "may not qualify as one".
posted by Steven C. Den Beste at 4:05 PM on August 25, 2007

You're seriously asking whether it's illegal for software to fail to uninstall itself cleanly?

Yeah. In the wake of the Sony CD protection fiasco and a couple of other high profile cases, I vaguely remember that Congress passed a law requiring clean uninstall procedures.
posted by Steven C. Den Beste at 4:07 PM on August 25, 2007

Okay then. Mandating clean uninstalls does seem unsavvy enough for Congress to actually try, I guess.
posted by ROU_Xenophobe at 4:09 PM on August 25, 2007

Thank god I'm playing it on my XBOX 360!
posted by papakwanz at 4:12 PM on August 25, 2007

Paging Cory Doctorow.
posted by proj at 4:13 PM on August 25, 2007 [1 favorite]

It doesn't mention anything about the demo, but does the demo also install SecuROM? There's no reason for it to, since there is no CD to be checked with SecuROM, but possibly they just left it in and disabled, so I'm curious.
posted by Bugbread at 4:15 PM on August 25, 2007

Most of the slashdot crowd, a pretty savvy bunch as far as tech goes, don't consider it a rootkit. The only reason it is even being called a rootkit is that it employs a registry trick often used by rootkits. (The trick is that even after choosing to uninstall Bioshock the registry keys it installed stay in the registry.)
posted by oddman at 4:16 PM on August 25, 2007

But it's evil, nonetheless. You do not want it on your computer.

Agendafilter!!!!111one
posted by Blazecock Pileon at 4:17 PM on August 25, 2007 [1 favorite]

Yes, the demo also installs SecuROM. And it doesn't uninstall SecuROM when the demo is uninstalled.

Apparently there's no indication during the installation procedure that SecuROM is being installed, and there's nothing on the package about it either. That may violate laws about trojans and malware.
posted by Steven C. Den Beste at 4:18 PM on August 25, 2007

I apologize deeply and profusely for using the word "rootkit" to refer to SecuROM. Everywhere I used that word, please mentally change it to "malware".
posted by Steven C. Den Beste at 4:20 PM on August 25, 2007 [1 favorite]

There was some conversation with regards to SecuRom in this BioShock thread from Monday.
posted by iconomy at 4:24 PM on August 25, 2007

or, whatever day that was...
posted by iconomy at 4:25 PM on August 25, 2007

Why don't you read a nice book instead?
posted by Burhanistan at 4:38 PM on August 25, 2007 [3 favorites]

It's not particularly user friendly, but under no definition that I'm aware of does it constitute a root kit or malware.

Still, in terms of PR, it's a lousy decision.
posted by empath at 4:42 PM on August 25, 2007

Or buy a 360.
posted by smackfu at 4:42 PM on August 25, 2007

The demo wouldn't run on my laptop, so it was incentive for me to finally buy a 360. Now I'm quite glad I chose that platform...
posted by CitrusFreak12 at 4:43 PM on August 25, 2007

Paging Cory Doctorow.

He's too busy masturbating furiously to this story to comment here.

Furiously.
posted by Mikey-San at 4:51 PM on August 25, 2007 [4 favorites]

A few days ago, I was crumpling under the hype for this game and mighty keen on finding a demo. Luckily, this urge struck when on the 360 demo was available. Now that I've cooled off and heard about SecuROM loaded in the demo, (baffling) I'm mighty glad the demo wasn't ready when I was ready for it.

I first saw the name of this foul software on the back of an Ubisoft game. I love Ubi's work on consoles, but have had to avoid every one of their PC games cuz of the poison they package with them. Ubi went with SecuROM because their last DRM partner, Starforce, became anathema to gamers.

The warning label for SecuROM is priceless. "This application includes copy protection software that may interfere with some optical drives"

Which translates to - "We consider every last one of our customers potential thieves. Because of the bad behavior of a few, our product may now break your disk drives. Fuck you and enjoy your game!"
posted by EatTheWeak at 4:53 PM on August 25, 2007 [1 favorite]

Jesus Christ, Mikey-San, this is exactly the kind of thing Doctorow's been talking about, and you're being derogatory because he was right? That's fucked up.

DRM poisons everything it touches. Vista deliberately does not trust you. It's not your computer anymore; it's Microsoft's, and it checks thirty times a second to see if you're a thief yet while in 'secure mode'. They fully implemented Palladium/Trusted Computing, but because they stopped using the names, people stopped fighting against it as vociferously. It's still just as poisonous.

This is the exact same thing, just writ a little smaller. It's not your DVD drive anymore. It belongs to SecurRom.
posted by Malor at 4:59 PM on August 25, 2007 [9 favorites]

(ok, they didn't FULLY implement it, in that they don't have the boot-key-signing thing, but they did everything else.)
posted by Malor at 5:00 PM on August 25, 2007

I can outdo anyone who planned to purchase the game, but decided not to because of these DRM issues. I was planning to upgrade my computer, get me a new CPU, graphics card, and go through the trouble of all that plus get XP and then Bioshock. But no. Now AMD, NVIDIA, Microsoft, or 2K will get nothing. Noooothing you luuusers.

I grew up with games that didn't need any of this DRM nonsense. I will go back to playing my 10 year old copies of Starcraft and then maybe I will go over to my friend's house to play on their numerous gaming consoles. Something like Halo. And then maybe I will go SWIMMING on this glorious California day and leave all thoughts about the direction of software companies and their freaky anti-piracy shit behind.


Until Starcraft II comes out. Yeah. Just felt there wasn't enough rage in the thread.
posted by Mister Cheese at 5:03 PM on August 25, 2007

Mister Cheese - Did you ever play Out of This World back in the day? That game had fun copy protection! I don't recall every detail now, but two tagboard wheels with all these tiny little "alien" symbols all over it - you had to line up the symbols below with a gap in the top wheel, or something like that - but I remember that it was an enjoyable portion of the play experience, something novel that prevented piracy and yet felt like part of the game.
posted by EatTheWeak at 5:11 PM on August 25, 2007

We consider every last one of our customers potential thieves.

Potential?

If game publishers were restaurant owners, they'd shoot their patrons in the knees to prevent dine-and-dash.
posted by dirigibleman at 5:26 PM on August 25, 2007 [6 favorites]

That game had fun copy protection!

How about the ones where you had to look something up in a manual? Like Battle Chess said to find a certain word on a certain page. Quite a deterrent in the days before scanners.
posted by smackfu at 5:29 PM on August 25, 2007

Note that although SecuROM or one of its partners in crappiness (SafeDisc, StarForce, et cetera) are pretty ubiquitous in major PC game releases these days, there's generally a downloadable patch in the first few weeks of the game's life that completely disables the Copy Control Crap.

The game publishers would like the DRM to still be there forever, but the game production houses just won't tolerate it, and have fought them back to this current situation.

Yes, you may still have DRM garbage silting up your computer after it's meant to have been patched away, but in the great majority of cases the patch solves the problem. It also means you don't have to dick around with a third-party NoCD patch from a wretched hive of scum and villainy in order to be able to play without the bleeding disc in the drive.
posted by dansdata at 5:35 PM on August 25, 2007

I was planning on dropping over a grand on a new PC for this. Fuck that, I'm going to ride my bike.
posted by [expletive deleted] at 5:39 PM on August 25, 2007 [1 favorite]

I figured there would be a patch or fixed exe for this by now but nothing yet. I'm not exactly hurting to play this game anyway, I can wait.
posted by puke & cry at 5:42 PM on August 25, 2007

The game is worth it.
posted by notmydesk at 5:42 PM on August 25, 2007

How about the ones where you had to look something up in a manual?

Thomas M. Disch's Amnesia (wow, that dates me) had a punched-card wheel. You'd turn the wheels in a particular alignment and enter whatever word was shown.
posted by Blazecock Pileon at 5:53 PM on August 25, 2007

Why isn't this a double? It's already being discussed in the open thread.
posted by caddis at 5:58 PM on August 25, 2007

Thank god I'm playing it on my XBOX 360!

I hope it's modded and the game's a backup, seriously. fuck them.
posted by matteo at 6:09 PM on August 25, 2007

Apparently there's no indication during the installation procedure that SecuROM is being installed, and there's nothing on the package about it either. That may violate laws about trojans and malware.

I'm going to all but guarantee you that clicking the EULA allows the publisher to install just about whatever they want. Thats why the use them - to cover their ass. But secondary to that, there is nothing about SecuROM that merits it being called either a trojan or a piece of malware. The worst thing it does is install a service on non-administrator accounts that allows it to access some administrator-only privileges. You can stop that service from launching if you really want to, but I imagine most people run on administrator accounts, so there is really no vulnerability if you're not running an unprivileged account in the first place.

It doesn't log anything, doesn't phone home, and doesn't cause system slowdowns ala Star Force. It's really a benign system - it reads a key and decrypts an image. Besides, the internets will eventually decrypt the image and release a crack...
posted by SweetJesus at 6:27 PM on August 25, 2007 [1 favorite]

Maybe I'll stick to old games. Out of This World , did you say, EatTheWeak?

Are there any hard numbers on the costs and benefits of DRM? I mean, for like a single piece of software that's been released with it. I imagine companies would stay away from that stuff if they found it to lost them profits. Is the paranoia warranted. I'm not really too sharp on this sort of stuff, but I know just enough to not like the idea of DRM.
posted by Mister Cheese at 6:32 PM on August 25, 2007

System Shock 2 is downloadable at the Home of the Underdogs. Add the high-res texture and upgraded model packs, and you're good to go.
posted by anthill at 6:36 PM on August 25, 2007 [2 favorites]

But secondary to that, there is nothing about SecuROM that merits it being called either a trojan or a piece of malware.

Nonsense. It writes keys to the registry that I cannot delete. Therefore, once it touches the box, it's there forever.
posted by eriko at 7:03 PM on August 25, 2007

anthill - rad!! I've wanted to try System Shock 2 for a long time. It says system requirements are windows 95/98 - will this run on an XP machine?

Mister Cheese - I haven't any numbers, but I've read that Bethesda lost less money on the whole piracy issue with Oblivion simply because they didn't bother spending any money on copy protection that would have been cracked prior to release in the first place.

Speaking of anecdotes, there's also the case of Stardock Games, a firm that enjoys tremendous customer loyalty due to their exemplary loyalty to their customers. The last patch for Galactic Civilizations II was damn near a total overhaul of the graphics engine, just because a better way to write occurred to the dev team while working on a different game.

This is how you beat the piracy problem - simply provide the legitimate customer with a better experience. 2K, Ubisoft and anyone else employing invasive DRM does the opposite.
posted by EatTheWeak at 7:07 PM on August 25, 2007

Could some nice person please explain in a little simpler terms what exactly a root kit is and what it does?

By way of (very iffy) analogy, it would be as if seeing a movie in a theater entailed the movie studio secretly drugging everyone in attendance, then hypnotising them and implanting some kind of Manchurian Canadate-esque deep subliminal suggestion such that they would feel intense pain if they tried to copy DVDs of movies that studio has released. But nobody in attendance would remember anything, except for strange pains that begin bothering them for no reason in the following weeks after seeing the movie.

Included with these games are software drivers that install on the system but do so at such a low level as to hide their existance from ordinary means of detection. Their sole function is to protect the interests of the publisher, they have absolutely no redeeming benefits for the user -- and in fact in the case of the user who buys the game legitimately but doesn't want to risk a scratched DVD and wants to use a nocd/nodvd patch, they significantly contribute to a very frustrating experience.
posted by Rhomboid at 8:39 PM on August 25, 2007

To harp on one of my favorite subjects: I think the old game Wasteland had the best "copy protection" scheme ever. The game came with a booklet that had about 200 numbered passages. Occasionally the game would tell you to refer to passage such-and-such. In order to prevent people from just reading the passages (arranged in random order), the majority of them had nothing to do with the game. They included several read herrings (for password related sections) and, most interesting, an entire storyline using similar themes and the same characters, so anyone reading for spoilers (of which I was guilty) ended up being totally surprised.
posted by absalom at 9:14 PM on August 25, 2007

System Shock 2 is downloadable at the Home of the Underdogs...
posted by anthill

Wow, I haven't seen a page load line-by-line since my 14.4k days.
posted by M Edward at 9:26 PM on August 25, 2007

so you want the hot new thing
you takes a risk
it might be broken 'cause it is not tested
it might be broken 'cause the seller is evil
if i wanted to infect a bunch of fanboys with a rootkit i could think of no better way than the new hot video game (of course if you want to get older folk you do it like TurboTax did)
posted by caddis at 9:41 PM on August 25, 2007

does the demo also install SecuROM? There's no reason for it to

Yes. Many demos include their copy-protection elements. The supposed reason is that having an unprotected demo executable to study/patch-in can make it easier to crack the full version's executable.

Not that it seems to stop anyone - SecuROM games are routinely cracked, and I see torrents for BioShock (PC and XBox) already. Pirates get to play the game, legit customers get all-new levels of obnoxious activation crap above and beyond what PC gamers are used to putting up with. Well done 2K Games.
posted by BobInce at 9:47 PM on August 25, 2007

I grew up with games that didn't need any of this DRM nonsense.

When was this? Even as a kid in the 80s in the school computer club (christ i am a nerd) getting games with cracked copy protection was an everyday occurance.

Nowdays, we're seeing all sorts of copy protection. Battlestations midway gave me all sorts of problems until I uninstalled some disk image software I had. Tons of games use a hard copy protection app called starforce which has been known to cause all sorts of problems. Hell, look at the drm nightmare Steam is. Why the suddent outrage?

I'm not sure why everyone is suddenly up in arms about bioshock. No one likes copy protection, but what these people are doing is not different from the competition. Compared to Steam, its probably better. I dont need an internet connection to play it, but I do with Steam games.

I wonder if EA or some other publisher is just pulling the strings of all the Cory Doctorows of the world just to hurt this title. Considering how strong this title is, I wouldnt be surprised if there's a corporate disinformation campaign here. Ideally, the busy-body chicken littles will take down SecureRom and then EA and the rest with happily be serving you up the starforce/steam shit sandwich. So much for the power of the webroots, eh?

I do sympathize with these companies quite a bit and think the Cory Doctorows are wrong because I dont know anyone who would pass up a free video game download. No one has ever said "Oh no that goes against my morals, Ill go pay the 50 dollars instead." Especially the young males in the videogame demographic. Companies need to secure their products. I just wish they wouldnt secure it in such a half-ass fashion. Instead they could:

1. Supply a hardware dongle. Some USB device that does something that you cant virtualize in software.

2. One time internet activation like MS and Adobe does.

Instead they install these copy protections and force me to put the CD in the tray. The copy protection does all sorts of nasty things and will give tons of fasle positives, especially if you have any imaging software installed. (someone could mount an image as a CD and bypass the protection).I think its time to invest in the one time internet activation and be done with all these stupid CD-based and "deep in the guts of you PC" hacks. If they cant get that to do work then move towards the dongle approach.
posted by damn dirty ape at 10:18 PM on August 25, 2007 [1 favorite]

Compared to Steam, its probably better. I dont need an internet connection to play it, but I do with Steam games.

With Steam, you can install a game on as many computers as you want, as long as you don't play on more than one simultaneously, and you don't need an internet connection after it's installed. With Bioshock (even on Steam), you can't install more than 5 times. Period. Even that depends on them giving us the revoke application they promise (really, They Promise). So, no. Steam is way better than this Securom shit. And Steam is shit.

I recently bought "No One Lives Forever", "Fallout", and "Planescape: Torment" to play (second hand, of course -- this is really what the game companies are trying to kill, not piracy). None of those games would be available today in our Steam/Securom climate. These days you rent a PC game, you don't buy it. Is $50 worth a rental to you?
posted by dirigibleman at 10:39 PM on August 25, 2007 [1 favorite]

Note also that Bioshock requires online activation as well, even if you bought it via Steam/IGN (I purchased my copy via Steam and it included the SecuROM payload).

Ken Levine, the lead developer on Bioshock, has stated that eventually there will be a patch removing the copy protection from Bioshock. With all the DRM discussion threatening to cloud discussion of the game on its own merits (and DRM aside, it really is a very good game), hopefully Irrational (sorry, 2K Boston/2K Australia) forces 2K Games to move up the date for that patch some.
posted by chrominance at 10:51 PM on August 25, 2007

I'm glad that I'm in South Korea and was able to buy this for 5$ for my modded 360 a week before release date.
posted by SeanMac at 11:08 PM on August 25, 2007 [2 favorites]

I had my own little mini-drama installing BioShock unrelated to the activation stuff.

The installation took about an hour; at the end of it, I got an error asking me to insert the "real" BioShock DVD into the drive. :P

I followed the suggested link to the SecurRom, which said I should change the setting on my DVD drive IDE device. I did this for all 12 of my IDE devices (couldn't tell which ones were associated with the DVD drive), returned to the BioShock installer, and hit "OK", thinking it would recheck the DVD.

Nope. Instead it told me the installation had failed, and removed the entire thing from my drive.

I've since successfully installed it and enjoyed the game, but a tiny part of my died during that installation process.
posted by Robson at 11:37 PM on August 25, 2007

Jesus Christ, Mikey-San, this is exactly the kind of thing Doctorow's been talking about, and you're being derogatory because he was right? That's fucked up.

Yes, I absolutely shit all over Cory Doctorow. He's not saying anything that anyone else isn't, and he does it constantly, all the fucking time, speaking with the lecturer's tone of a complete prick. He is exactly the reason I stopped reading BoingBoing. I UNDERSTAND WHY DRM IS BAD ALREADY CORY, talk about something awesome once in a while. (Second Life, Disneyland, and his latest book signing do not count.)

You seriously missed the point of the joke. I'm not saying DRM is good, I'm just taking a cheap fucking shot at Cory.

Sorry I ruined your world, man.
posted by Mikey-San at 12:00 AM on August 26, 2007 [4 favorites]

Supply a hardware dongle. Some USB device that does something that you can't virtualize in software.

Not possible for that to be secure.

The validation sequence code works like this:
1. find the USB dongle
1a -- fail if there isn't one
2. Compose a query for it
3. send the query to it
4. receive the response
5. evaluate the response
6. fail if the response is wrong

All a hacker has to do is find your code for (1a) and modify it to "succeed if there isn't one". Or to "succeed always without even checking".
posted by Steven C. Den Beste at 12:44 AM on August 26, 2007

damn dirty ape, I should've phrased that more specifically:

I grew up with games that didn't use DRM nonsense of the kind that seems to be cropping up lately. CD-Keys and whatnot were such that they didn't come with 3rd party monitoring software that works inconsistently. Earlier copy protection didn't necessarily rely on the internet to obtain validation.

I agree that companies have the right to secure their products, but who's got an answer for DRM that isn't perceived as invasive, doesn't cause inconvenience for the consumer, and does a reasonable job at warding off piracy? If warding off piracy is even possible.

*shrugs*

Also, I find that the word dongle is quite amusing, especially in conjunction with Doctorow. Like... Cory Dongleterow. DONGLEROW. Dongler. YES. Anti-DRM C Dongler to the rescue. DRM must be ninjas, because Dongler is a PIRATE. Rarr.
posted by Mister Cheese at 1:35 AM on August 26, 2007

Not possible for that to be secure.

The iLok folks seem to do okay.
posted by Blazecock Pileon at 1:36 AM on August 26, 2007

BP, I wouldn't be surprised by that. But that doesn't contradict what I said.
posted by Steven C. Den Beste at 2:25 AM on August 26, 2007

If it wasn't relatively secure, iLok wouldn't sell.
posted by Blazecock Pileon at 3:24 AM on August 26, 2007

From wikipedia:
'Some software protected by InterLok requiring an iLok has been cracked by several different cracking groups. This should be clarified in that the copy protection "wrapper" was removed, however the iLok itself was not "cracked."'
posted by BrotherCaine at 3:32 AM on August 26, 2007

Could some nice person please explain in a little simpler terms what exactly a root kit is and what it does?

Rootkits, traditionally, are small software kits that hackers/crackers use to 'get root', ie, take control at admin level, on your system, and then conceal that fact from the user by making all traces of the fact invisible to the user. They use crafty low-level hacks to hide the files, hide the processes, etc. Unless you suspect that one's there to begin with, the chances of a casual user noticing it are pretty low. I remember the first time I found one -- on an old version of RedHat server seven or eight years ago, I suppose. I was horrified to discover that I'd been sharing my computer with someone for the last six months to my certain knowledge. They'd been reading all of my files, watching the sites I'd been viewing, checking out the other machines I'd been admining from there, etc.

After a few failed attempts to get shut, nothing short of a full reinstall could reassure me that all traces of the intruder had gone.

Then, a couple of years later, I had a call from someone about a Windows 2000 server that was playing up. It took me a while, but eventually I discovered that somebody had used a security hole in Microsoft's web server to install a rootkit, seized admin on that machine, and again, had been on there for over six months. IIRC, they were running software called 'eggdrop', which has something to do with IRC. I guess it might have been part of those botnet things. Anyway, same story. Full reinstall, serious disruption to the business concerned, etc. etc. etc.

Ever since that whole business with Sony's DRM a couple of years ago, there's been a tendency to refer to certain copyright protection measures that hide aspects of what they do as rootkits. Personally, I think it's a bit of a stretch. I'd much rather have *any* of these things, in fact, I'd rather have the whole damn lot of them all at once on my machine than have a single traditional rootkit on there, but people do get kinda hyperbolic about this issue.
posted by PeterMcDermott at 4:17 AM on August 26, 2007

All a hacker has to do is find your code for (1a) and modify it to "succeed if there isn't one". Or to "succeed always without even checking".

Or do what H20 did when cracking Cubase 3 and emulate the dongle in software.
posted by PeterMcDermott at 4:19 AM on August 26, 2007

Steven C. Den Beste writes "Yes, the demo also installs SecuROM. And it doesn't uninstall SecuROM when the demo is uninstalled."

I double-checked: my demo didn't install SecuROM. It was a torrented demo, because the official servers were taking too long. However, nothing in the demo description indicated that it was cracked, and I doubt many people would bother to crack a demo when they could just crack the real game and torrent it instead.

My guess, since almost all the demo complaints I have seen is "I had to download with Steam copy protection, and then I get SecuROM on top of that!" is that perhaps the Steam distributed demo has SecuROM, but one of/some of/all of the non-Steam ones (Fileplanet, Gamespot, and whatnot) do not have it.

'Course, what was weird is that AVG (antivirus software) did detect what it thought was a trojan on install, but after I uninstalled it, I can't find any keys in my registry for SecuROM or UAService, which are the components of SecuROM. I'm logged in as Admin, so I doubt that it's hiding them from me. Neither did I see any folders in Windows\System32.

I dunno. Perhaps someone did crack the demo, leaving the SecuROM files in the .exe file (hence detection by AVG), but disabling the part where it actually installs SecuROM into the computer.
posted by Bugbread at 4:51 AM on August 26, 2007

Add me to the list of people who had decided to buy an entirely new high-grade computer because of this game, who is now re-evaluating.
posted by -harlequin- at 4:59 AM on August 26, 2007

damn dirty ape writes "1. Supply a hardware dongle. Some USB device that does something that you cant virtualize in software."

The second half of that is the problem: All the software I've ever heard of that requires dongles has been cracked. Sure, if they could do the second part, that would be a great solution. But as long as we're talking hypotheticals, we may as well skip the dongle and say:

"I just wish they wouldn't secure it in such a half-ass fashion. Instead they could:
1. Come up with a non-invasive but uncrackable software solution."
posted by Bugbread at 5:00 AM on August 26, 2007

From engadget. Regarding DRM on the demo, "it turns out that they pretty much always do this -- if they don't, pirates can use the unprotected exe to figure out what the difference between the demo and retail exe is, and that makes it easier to hack out."

That sounds like fairly legitimate reasoning to me.
posted by oddman at 5:53 AM on August 26, 2007 [1 favorite]

Nonsense. It writes keys to the registry that I cannot delete. Therefore, once it touches the box, it's there forever.

That's not true. It writes one key to the registry that uses a flag that makes it hard for the user to get rid of. You can still delete it if you really want to, but it does require a bit of effort. At the worst it's a poorly implemented system for preventing users from accidentally deleting their keys.

Still doesn't come close to fitting the definition of a trojan or malware.
posted by SweetJesus at 6:53 AM on August 26, 2007

Also, I'm not sure when everyone grew up, but in the late 80s and early 90s almost every game I played used some form of obnoxious copy protection. You either got a paper wheel (like Monkey Island) that you had to align up correctly to get a code at the beginning of the game, or you had to read the manual looking for code numbers every time (Xcom comes to mind). Copy protection is nothing new...
posted by SweetJesus at 7:00 AM on August 26, 2007

I'm not saying DRM is good, I'm just taking a cheap fucking shot at Cory.
As you should. While Cory might be right, he does come across as someone who found the anti DRM/copyright religion only after making his IP fortune.
posted by Thorzdad at 7:24 AM on August 26, 2007

SweetJesus, no of course it's not new, but the idea of DRM crippling your machine most certainly IS. No matter how weird or annoying the lookup process was in those manuals of the 80s and 90s, they didn't screw up your computer... or install anything you didn't explicitly ask for.

SecurRom screws around with your system drivers at a low level to prevent you from doing things they think you shouldn't do, whether or not you happen to like it, and without asking your permission. That's pretty much the definition of malware.
posted by Malor at 9:49 AM on August 26, 2007

SweetJesus, there is a difference between having a serial key (which is what you're sort of talking about) and having an active system that scans your system and how/when/where you install the game.

One is a passive system to prevent the most blatant attempts at hackery, the other is a deeply pervasive program that can (and does) cause problems to even the most legal of users. The kicker being that neither prevent piracy (except the most simple attempts), but only one is a pain in the neck for legal users.

This is how I see it anyway. Besides, that wheel in Monkey Island was freaking sweet.
posted by slimepuppy at 9:53 AM on August 26, 2007

Also, I'm not sure when everyone grew up, but in the late 80s and early 90s almost every game I played used some form of obnoxious copy protection.

Lenslok FTW! I loved Elite for the C-64 but getting everything lined up so you could read the code through the prism was a major PITA.
posted by MikeMc at 9:55 AM on August 26, 2007

I love Ubi's work on consoles, but have had to avoid every one of their PC games cuz of the poison they package with them.

How can someone love "Ubisoft's" work on consoles? As far as I can tell, they're a completely average and faceless software publisher. They have no personality, they just make what they think will sell. They're not like Nintendo, Rockstar, Sega, Blizzard, etc. They're not even as identifiable as Electronic Arts.

When I think "Ubisoft," I think of nothing more than a company. They published Beyond Good & Evil, but that was Ancel's baby, and for an example of what they'll do to a game if a strong director isn't on hand to keep them straight all one need do is look at Rayman 3, celebrity voice acting and all.
posted by JHarris at 1:08 PM on August 26, 2007

JHarris: it's pretty easy to 'love' Ubisoft, actually.
Rainbow 6 (still the best multiplayer shooter on the 360), Ghost Recon, Splinter Cell, Prince of Persia and the upcoming Assassin's Creed and Brothers in Arms.

For an FPS whore like myself, Ubisoft delivers quality titles consistently. They're also doing some interesting stuff on the DS right now.

If you talk to anyone in the industry or with an interest in gaming, Ubi is mentioned in the same breath as all the publishers/developers you list. Sure, they make shit games (that sell well), but it's not like Nintendo, Rockstar, Sega and Blizzard haven't made their fair share of cash-in rubbish.
posted by slimepuppy at 1:32 PM on August 26, 2007

JHarris writes "How can someone love 'Ubisoft's' work on consoles?"

If you love certain games, and a disproportionate amount of them turn out to be Ubisoft games, that's how. Sure, maybe that love is misdirected, and should be aimed at the actual game production studios, but for most people the publisher is far more prominent and noticed, so the mechanics of loving a publisher aren't really that hard to understand.
posted by Bugbread at 1:32 PM on August 26, 2007 [1 favorite]

SecurRom screws around with your system drivers at a low level to prevent you from doing things they think you shouldn't do, whether or not you happen to like it, and without asking your permission. That's pretty much the definition of malware..

That's not true, in so far as I know. It doesn't touch your drivers in any way. If I'm wrong, please correct me, but I've never heard that about SecurRom. Starforce, yes, but not SecurRom.

It simply adds a key to your registry that allows you to decrypt the encrypted cdrom image. That's it. If you run on a non-admin account, you get a (poorly implemented) service that allows you to decrypt the image even though you don't have admin privileges. Now, you could argue that a rootkit could use the UAService to access something it's not supposed to, but thats just academic at this point. It doesn't meet the definition of "rootkit" even if you don't like it...

It's not crippling your system, that's just FUD. Go read the technical specifications if you're so inclined. Companies are investing millions of dollars in these games only to have them pirated almost immediately upon launch, which is the time they expect to sell the most units. They'll continue to use this sort of copyright protection system until such a time that a better one comes along, or it becomes economically unfeasible to do so. If you don't like it, don't buy it. No one is forcing "malware" on your computer, rather you are agreeing to abide by the publisher's protection system if you click though the EULA.

Also, it's a pretty big plus for SecurRom that the game has been out for almost a week and there is no crack yet available for BioShock. In fact, there isn't even a scene-released image of Bioshock on bitTorrent yet (One came out, but it was quickly nuked for reported install problems). That says a lot about the quality of it's encryption.
posted by SweetJesus at 3:03 PM on August 26, 2007 [1 favorite]

SweetJesus, there is a difference between having a serial key (which is what you're sort of talking about) and having an active system that scans your system and how/when/where you install the game.

Like it or not, activation is the way of the future. Even if it's still possible to pirate the software, activation is enough of a headache to discourage casual pirates. Just look at the headaches people had attempting to pirate Photoshop CS 3, the first version of Photoshop that required activation.
posted by SweetJesus at 3:08 PM on August 26, 2007

SecureRom is not a root kit, you idiots.
posted by empath at 3:34 PM on August 26, 2007 [2 favorites]

Once more for the stubborn. SecureRom is not a root kit.
posted by oddman at 4:02 PM on August 26, 2007 [1 favorite]

Why don't you read a nice book instead?

I read one or two or sometimes 3 nice books per week, and have since I was a child. I study history and a wide variety of other subjects with audio recordings of university lectures every damn day. I design websites for friends, I participate way too much in discussions on Metafilter and elsewhere, I try to do 20km a day on my bike on the weekends. I exercise regularly, I have a fulltime job, I try to spend time with my wife. I'm a busy, well-educated, intellectually curious adult, and I like blowing shit up in virtual worlds once in a while.

I'll play a goddamn video game if I goddamn well feel like it, you snob you.

While Cory might be right, he does come across as someone who found the anti DRM/copyright religion only after making his IP fortune.

Er, what? He has an IP fortune? Other than, you know, ads on a weblog and a bunch of books and other writing that he allows to be freely downloaded? I had no idea... please elaborate!
posted by stavrosthewonderchicken at 5:21 PM on August 26, 2007

You people defending SecuRom ... you're taking their word for what the program does. That strikes me as very foolish.

Any program that installs a hidden device driver meant to impair the functionality of your computer in any way, without explicit permission, is malware.

Further, this program cannot be completely removed by normal means.
posted by Malor at 1:57 AM on August 27, 2007

You people defending SecuRom ... you're taking their word for what the program does. That strikes me as very foolish.

I'm reading the technical documentation and taking the word of level-headed experts, so I know what the application does. You're just paranoid.

Any program that installs a hidden device driver meant to impair the functionality of your computer in any way, without explicit permission, is malware.

There is a huge difference between a device driver and a service. It installs no drivers. The only functionality it impairs is your ability to execute non-validated code, which you agreed to explicitly when you clicked the EULA.

Further, this program cannot be completely removed by normal means.

Since there is no executable to be removed, this is again not true. A key is left, but you can't execute a key. You've been wrong on every point.
posted by SweetJesus at 4:42 AM on August 27, 2007

Hmmm. I was wondering why there was a huge stack of unsold Bioshocks at Best Buy this weekend.
posted by kittens for breakfast at 5:24 AM on August 27, 2007

It is running with system-level permissions, and is not likely to have been ever properly checked by anyone. Service or device driver is a competely fucking stupid differentiation; in real terms it means very little. It can't do rootkit-level stuff, but I've never once claimed it was a rootkit, just malware. And malware runs just fine as a service.

It remains in your system at all times. It prevents you from using your machine in ways that SecurRom doesn't approve of. It offers you no potential benefit; the only thing it can do is prevent your machine from doing what you want it to do.

Since there is no executable to be removed, this is again not true.

What the hell do you think a service is, other than executable code? I would suggest engaging your brain before posting.

A key is left, but you can't execute a key.

No, you can't. That is, however, irrelevant. It's still left and cannot be removed by any normal means. This is wrong.

It's malware.
posted by Malor at 5:25 AM on August 27, 2007

It remains in your system at all times. It prevents you from using your machine in ways that SecurRom doesn't approve of. It offers you no potential benefit; the only thing it can do is prevent your machine from doing what you want it to do.

You've repeatedly shown you don't know what you're talking about. You've provided no evidence whatsoever besides your repeated insistences that this is true. I've installed the demo on my machine, have no extra services running (like UAService) and no stability problems.

What the hell do you think a service is, other than executable code? I would suggest engaging your brain before posting.

If you run a non-admin account, the UAService is removed when you uninstall Bioshock, but the key is not. You cannot execute a key, so how is the "program" left on the machine when you uninstall? I'd suggest learning about what the hell you're trying talk about.

It's malware.

Only if malware is just something you don't like, excluding it's actual, universally agreed-upon meaning.
posted by SweetJesus at 5:37 AM on August 27, 2007

Even the SecurRom people say it installs a service, SJ.

There's a person in this conversation without a fucking clue, but it isn't me.
posted by Malor at 6:02 AM on August 27, 2007

Dude...

Read what I've said. It ONLY installs a service if you run a non-admin account.
posted by SweetJesus at 6:09 AM on August 27, 2007

I can't get system shock 2 to run under Vista. But there is good news on the irrational games web site!

Will System Shock 2 ever be ported to other platforms?

Yes, work is underway to port System Shock 2 to the Dreamcast.
posted by BrotherCaine at 5:53 AM on August 29, 2007

Following up on this: Twitch Guru does some investigation.

From the article (italics mine):

"As previously stated, uninstalling BioShock doesn't restore the activation code and allow you to install the game on another machine. We tried to look into the SecuROM software to find out why this was happening, but the software prevents the use of several software tools, including the network monitor. It's unknown at this point whether the uninstall process is marred by a poorly designed client or if there is an backend problem with SecuROM."

Basically, this whole thing is a clusterfuck, and anyone claiming code isn't running is selling you something.
posted by Malor at 5:07 AM on August 30, 2007

I paid fifty bucks for this game, but it doesn't install because SecuROM is defective and believes there is no media in my drive. Well, to be accurate it installs, but then at the end of the installation the SecuROM patcher runs, thinks there's no media installed, then removes the files it just spent 10 minutes copying from the DVD that is still inserted.

Looks like I'm going to have to rustle up an install crack for the game I just bought.
posted by majick at 7:27 PM on September 4, 2007