Is it time to discuss distribution and anti-piracy yet?

[Kwazydog]

Originally posted by Immacolata:

Single player games are where copy protection doesn't work well. BF2 and JO are both multiplayer heavy games. So if any kind of meaningful (read: working) copy protection for CMx2 should be implemented, it requires a server backend with a log of unique cd-keys, mandatory online validation etc.

The closest thing Ive seen to a copy protection that works on pc (exluding online games) is Starforce. And even that isn't proof.

Yup, I was just responding to the comment that no copy protection works in any way shape or form when actually it does.

StarForce is another method that tends to make copying a game more trouble than its worth, though it can cause problems for legit customers too, at least in its earlier forms.

Dan

[RSColonel_131st]

Starforce is the most intrusive piece of copy potection ever written. I haven't bought a game yet with it, and I never will.

Please BFC, do not use it.

[Blah Blah Blah]

Piracy is a serious issue. However anti-piracy software such as Starforce is a guarenteed no sale for me.

I have experience with this intrusive product through SHIII, a game I no longer play. My issues were minor compared to other users.

Sadly, I feel that I will have to live with old titles and just move onto another hobby.

[Olle Petersson]

Wow, this stirred up some heat (and confusion)...

I'll try to respond to some of it, most of which has been covered in the thread I linked before.

Originally posted by aka_tom_w:

... there are other software titles that require dongles and EVEN that does not prevent me from finding a downloadable cracked version of the software to download ...

Depends on how it's used.

What's done with dongle protection is that parts of the executable is encrypted, so it can't run as is.

The dongle contains decryption hardware that, given a valid license, decrypts the executable.

To crack it somebody has to decrypt the file and re-code it. That is possible to do but requires a lot of time and effort. Not worth it for "cheap" software.

Earlier it was also common to have the same parts of the executable encrypted throughout all versions (updates), which made cracking all that easier once one version was cracked. That's why you can find cracked software around, but you might not find the latest versions...

Nowadays different portions of the files are encrypted with each update, which means that a cracker has to pretty much start from scratch with each new release.

How many would prefer to play a cracked 1.00 when all legal players use version 1.03, that's not multiplayer compatible to 1.00?

Originally posted by Lord Peter:

Yeah, but that's a *huge* downside. It doubles the cost of the game, and you don't really receive any benefit from that.

.. you need - at least initially - some reason to put up with the inconvenience of the dongle.

I, for one, must say I won't mind having another USB-memory.

Optional hardware coded HDD encryption might also attract some users.

Both of these come with the dongle!

As for "inconvenience" I find it a lot more inconvenient having to locate the proper "CD" and having to listen to the noisy CD/DVD-drive than to have a dongle quietly sitting in an USB port.

Originally posted by Lord Peter:

... what happens in the everyone-has-a-dongle universe if you lose your dongle. Or it goes through the wash or is stolen... do you then lose access to all of your games?

Not a big problem.

Your licenses are not only stored in the dongle, but also by the software editor and the dongle editor. If, for any reason, your dongle is "gone" you just have to buy a new one and install the licenses onto that one. The old dongle will then automatically be made "invalid" and useless for anybody trying to use it.

- What do you do when your copy-protected "CD", required for starting specific software, is destroyed/stolen?

That should conclude my thoughts on dongles: A nice, useful piece of hardware that can do lots of stuff, including license management...

Now to anti-piracy measurements in general.

What they should do:

- Prevent illegal use of the software.

What they should not do:

- Prevent backup copying.

- Prevent legal use of the software.

- Prevent installation on more than one computer (at all).

- Mess with the OS and/or hardware and/or other software.

- Require an Internet connection (other than possibly for registration/activation once, when the software is purchased, and preferably not even then).

Originally posted by Pinetree:

Why not do what Matrix does and have a registration code that you have to use for patches as well.

How does it work?

- Anybody that knows any valid code should have no problems! Either any registered code goes public or somebody will come up with a code generator...

Originally posted by J Ruddy:

... force users to register before playing tcp/ip or PBEM.

How would that help?

Well, it would if the game is distributed as shareware and registration is the same as buying the game. No money changeing hands before registration...

Originally posted by Beastttt:

... stay away from Starforce ...

SF has locked me out of my combo drive's burning functions and has completly locked me out of my cd/dvd drive...

SF is known to do lots of nasty things to the computer!

CD keys are not "unique" either. Find a valid key and use it for registration. When the legal owner of that key later on tries to register there will be problems!

/Olle

[Zulu]

I don't care what copy protection BFC uses as I am buying the game anyway. (When do pre-orders start?)

It is BFC's right to protect their product in whatever manner they see fit. More sales = more$ = more releases.

I trust their judgment as developers because:

1) They have/been are in the business for a long time.

2) They are still in the business and give us products that give me good value for the money I spend.

3) They know their market better than I do and it is highly likely they will not shoot themselves in the ass.

So Safedisk, Starforce, or whatever is used is ok with me. All I want is CM2 that performs well on my mid-range rig.

[Dirtweasle]

Originally posted by Adam_L:

Are there more people who won't buy the game because they have a pickle with StarForce, or more people who won't buy the game because they can just download it for free?

FWIW, SH3 overshot sales predictions and expectations and with enough margin to produce SH4 (I hear) for next year.

I did not have, or at any rate did not notice, any problems with SHIII copy protection. Bought it and took it home and installed it like any other title and it worked fine.

[markl]

This is a very interesting topic that has also been recently discussed over at Shockwaveproductions.com prior to the release of their Battle of Britain II which also seems to attract an older audience because of it's tactical level as well as a flight simulator.

The first version was released by GMX and had I think Laserlok copy protection on it. While this may not be the cause of all the problems they are having, shockwave have admitted it is considerably contributing to the “crash to desktop” problems.

This has caused them to loose quiet a few sales. Directly attributed to the copy protection.

I also do not think that every game copied also translates to a lost sale. From some of the children of families I know just try to get copies of games sort of like collecting cards. Their parents tell me they do not play them all. They could not possibly have enough time. It is common knowledge that in some video hire shops the rental of DVD’s has gone up considerably since DVD burners. People seem to by hiring just to copy them. So these do not translate into lost sales either but boost the hire industry. I am not saying it is right, just the way it is.

My children wanted me to buy Sub Hunter III. But as a parent there is no way I would buy any software with a protection scheme like that. In fact I have told the kids they will get a play station this Christmas because as far as I am concerned PC games are causing too many problems to be of any long term value. This is also reflected in the sales of shops like Electronic Boutique, where PC games only take up a small fraction of the store now.

I gave the kids a copy of the new Half Life last Christmas, but returned it when I found out about the need to activate it.

Any way just my thoughts. But before every one flames me please read the very good article that was posted at the Shockwave forum. I no longer have the author’s details, so sorry I can not give credit to that original author. But it is a fresh thought on the subject.

********************************

Original Quote from another person below

The Copy Protection Dilemma

Thursday, September 23, 2004

The protection of intangible intellectual property rights -- such as software, recorded music, videos, etc. -- has been a sticky issue for decades, starting with the invention of the audio tape and gaining momentum as a serious concern for IP creators once DAT, CD-R, DVD-R, and even VHS rolled around. Unfortunately there is a fundamental tension between the right of the consumer to enjoy purchased material, unimpeded, and the right of the IP holder to ensure that their material is not illegally distributed or shared. This article surveys some of the issues involved with this controversial topic.

Cultural Acceptance of Piracy

I think most consumers accept that IP holders deserve to be compensated for their work. At the same time, it seems that the bulk of people who can get something "for free" will do so if there is minimal moral stigma associated with that action. Theft of physical property carries that stigma -- if a friend bragged about how he just stole a car and now had free transportation, most good citizens react negatively. But theft of digital property does not carry that same opprobrium -- if a friend brags about how he downloaded the latest [insert Favorite Musician] CD illegally, most people don't care, and some would even ask for a copy. I have found that even reasonably financially secure acquaintances of mine that can afford CDs, DVDs, or software will often attempt to pirate first just on general principle -- if it's free, why should I just "throw away" money?

And herein lies the biggest problem: American society does not believe that piracy is a bad thing. Now, if you ask someone if piracy is bad, they'll say "Yes." But they'll say it's "bad", in quotes, indicating that it's not really bad. Yeah, I guess piracy is "bad", but whatever. Until there is a societal shift in point of view, all the technology and legal wrangling used to enforce IP holder rights is an unsteady bulwark against the public's apahy towards IP protection.

There are numerous strategies to address this problem, with varying levels of practical effectiveness and philosophical dogma. At one end we have the "no one should own anything" school of thought, which I won't even bother addressing -- that's a purely philosophical argument best left to people more concerned about theory than practice. At the opposite end is the "we created this, feel lucky you can use it" school, where the IP is overvalued to the detriment of the end user experience.

Impact of Piracy

Inevitably discussions about piracy come down to both sides arguing about its economic impact. On the one side you get industry groups throwing out ridiculous figures (something like $26 billion last I heard), usually computed by taking every believed pirated copy of software known to exist and multiplying it by its retail value -- a rather optimistic point of view that assumes if piracy were wiped out overnight that this would immediately translate to immediate megasales for developers everywhere. On the other side you have the pirates saying that it doesn't make a difference, they wouldn't buy the software anyway, so it's almost zero lost dollars.

The truth, of course, lies somewhere in between, but I'm not going to try pin a number on it because I don't think it matters. The issue isn't really about the raw numbers, it's about the principle of the matter. People shouldn't steal **** from other people. Maybe some people need to see big numbers to quantify this "cost", but I don't -- I'm arguing that we all know software pirates, many of us have pirated software, and none of us feel particularly bad about it. I would guess that anyone reading this article has pirated at least $50 in software during their life, if not significantly more. I care more about that subjective level of ubiquity than I do about some arbitrary number assigned to the problem. Because in the end I don't care how it affects the industry, I care about how it affects me, the software developer and consumer.

Institutionalized Piracy

One of the biggest issues in piracy today has to do with the massive duplication plants in Asia, where counterfeit copies of Office XP, Photoshop, and X-Box games are routinely manufactured then sold by street vendors for mere dollars. This article does not address that issue, since that is clearly more to do with greed and the criminal element than, say, laziness or opportunism by the consumer. Counterfeit everything exists today, software just gets to go along with the ride.

Copy Protection Mechanisms

Copy protection, as the name implies, ideally prevents the willy nilly propagation of software to parties that have not paid for that software. A software product that has no form of copy protection is trivial to copy and distribute to anyone who wants it. Software of this nature relies on the honesty and/or ignorance of users to ensure that the software is purchased legally.

There are two basic mechanisms to prevent the illegal spread of software: copy prevention and use verification. Prevention actively denies the user the ability to grab the raw data from its installation media, making propagation difficult (but far from impossible). For example, copy protected CD-ROMs use special technology that interferes with the user's ability to make copies of the CD. Use verification, on the other hand, ensures that the software is being used only by the registered user and/or computer, either by gaining permission from an authentication server or requiring specical hardware (a "dongle" or sometimes just the original CD in the drive).

Both copy prevention and use verification impose significant burdens on the activities of the user. Copy prevention schemes suffer from numerous problems:

• performance and stability defects

• inability to backup media

• requirement for physical media

The performance and stability problems of major copy protection technologies are well documented. Windows XP required a hot fix for the SafeDisc copy protection mechanism. In fact, SafeDisc incurred such significant performance and compatibility issues that at least one company, Bethesda Softworks, issued a patch that specifically disabled SafeDisc -- the performance overhead was supposedly dropping use frame rates by 25% or more. The StarForce copy protection technology installs a special device driver as part of its protection system, and there are numerous claims that this driver interferes with some hardware devices (CD and USB drives). Not only that, but the StarForce driver is notoriously difficult to remove, especially if a game manufacturer forgets to pull it as part of the uninstall process (StarForce has a software removal tool on their Web site, unfortunately most users don't even know that StarForce is even installed).

The inability to backup your media is a significant problem, especially for those of us with small children. While I don't expect my kids to get their hands on a copy of Doom 3, it's kind of hard to keep them from occasionally grabbing a Wiggles DVD or a Reader Rabbit CD-ROM. These CDs get trashed all the time, because children try to change, remove, or insert discs on their own. If I could just back this stuff up, I wouldn't have to stress about it, but unfortunately every time Freddie the Fish gets trashed, I have to buy a new copy even though I own it already.

This is a case where publishers want to play both sides -- I'm not allowed to backup the physical media, yet at the same time they don't feel obligated to replace it. So if I'm licensing the content, then that license should exist regardless of whether I have the physical media, right? I wish.

Finally, the requirement for physical media ("Please insert Disc 1") is a pain in the ass. No one likes to shuffle CDs around constantly -- they're exposed to damage, they get lost, and if you're traveling with a laptop they add weight and bulk. Hard drives are big enough that you can do a full install of probably a half dozen games, yet we're still stuck manipulating and toting these archaic CDs even when they're not really needed. It's ridiculous. To get around this a lot of legitimate consumers use "virtual drive" software available from legal programs such as Daemon-Tools, Alcohol 120%, CloneCD, and even Nero (the standard CD burning software that ships with the majority of CD-RW drives out there). However, to add insult to injury, the makers of various copy protection technologies now prevent the installation or execution of some games if any of those legal programs which have legitimate uses are even installed on the user's system. It's insane.

Use verification attempts to guarantee that the person using the software is the person who bought/registered that software. Instead of trying to stop the proliferation of the software itself, this technique focuses on the legitimacy of individual users. Examples of this include:

• special hardware requirements

• mandatory registration/authorization

• server connections

Hardware requirements include anything from dongles to code wheels to booklets to key discs. Dongles are special devices attached to a parallel or USB port, and when the software runs it periodically checks for the existence of that device. Code wheels and booklets/manuals were common anti-piracy measures during the 1980s for PC software -- the program would start up and ask you questions revealed only in the book or by the code wheel. Code wheels could not be photocopied, and books were often large enough that Xeroxing the whole thing wasn't worth the effort. Key discs are simply CDs or floppy disks that must be inserted in the computer for the software to run -- obviously the key disks are copy protected as well, so you get two layers of protection (the software is difficult to copy and you must have the original media in order to run your software).

The problem with hardware protection is that it can be lost, broken, stolen, or rendered incompatible. Dongles sticking out of a USB slot are notoriously easy to misplace, take, or break. Parallel port based dongles had compatibility problems due to different parallel port implementations. Code wheels broke, manuals were lost, key discs got erased or went bad. Key discs don't make much sense if your laptop doesn't have a CD-ROM or floppy drive installed. If you lose or break a hardware device, the odds of having it replaced are very slim -- you often have to purchase an entirely new copy of your software.

Mandatory registration and authorization requires you to "unlock" your software before it may be used. Unlocking comes in numerous forms. The simplest is the CD key, such as seen with many earlier Microsoft products. Without that special key, the software won't install. Of course, nothing prevents a pirate from just distributing the key with the software, but it prevents multiple users from registering the same copy. One step beyond that is a "registration key" that is tied to the user's computer or the the user's personal information. This cannot be shared as easily, since user information and computer configurations are rarely the same.

As you might guess, mandatory authorization has its problems as well. For starters, it's not all that effective -- it can be relatively easy to crack, and user information based authorization systems can be spoofed. A simple Google for cracks on software protected with authorization codes turns up pages and pages of results. The other problem is that there is significant inconvenience and risk to the end user. There is no guarantee that the developer of that software will be around in a few years or even a few months. What happens when you reinstall your software and the company responsible for unlocking your software has gone out of business? You're **** outta luck there.

Another problem with mandatory authorization is access. You bought the software, you want to use it, so what gives when you run home, install it, and now have to wait until the developer decides to get back to you with your "Response" before you're ready to use it? If I'm busting ass on a project at 3AM and need to reinstall some software and find out that I can't use it until 9AM in Hamburg, I'm going to be mighty pissed, and possibly screwed. Some manufacturers offer a trial period, at the end of which you must have the registration key. This helps with the immediate use problem, but still doesn't help with the long term accessibility of that software.

The safest, most secure form of copy protection is to place necessary, access controlled content somewhere else. Application service providers have been doing this for years, where companies effectively "rent" the software as a service. Multiplayer games such as Quake 3 and Everquest do this as well -- to get on-line and play you must authenticate with a central server, and if you're denied that authentication you're simply not allowed to play. This is the most secure form of copy protection around since it's extremely difficult to bypass, but as with registration codes, you have to worry about accessibility (what if you don't have a network connection? What if the company goes under?)

Of course, the exceptionally paranoid companies use multiple mechanisms: copy prevention, mandatory registration, server authentication, and hardware authentication -- but in the end, they still get cracked.

Copy Protection and Backlash

Unfortunately, due to the invasive and bumbling nature of a lot of copy protection systems, legitimate and honest end users are the ones that get screwed. Hardware level device drivers are secretly installed and requirements for installation are rarely printed on the box. Between these two irritants and the resulting performance drops, system crashes, malfunctioning hardware, or even plain old inability to read from a CD-ROM drive, the user gets righteously pissed. When they try to return the product, they're denied -- once opened, it's theirs. Too bad, kthxbye. Without the ability to return broken software, copy protection systems that interfere with a customer's ability to play or even install a game simply piss off users, making them less likely to buy a product in the future and, to be honest, far more likely to pirate that software.

It is not that difficult for non-pirates to justify piracy when they've made every attempt to legitimately purchase and install software only to be thwarted by the manufacturer's insistence on treating every user like a career criminal. At some point, after enough blue screens and failures to execute and requirements to uninstall unrelated packages, a user just says "**** it", downloads the cracked version, and skips the bull****. The publisher has no one to blame but themselves for that sequence of events.

Product or a Service?

Copy protection schemes really boil down to how developers position themselves. Are they selling a product or a service? They can try to sell a product, and thus protect that product from illegal distribution. But if they do this, they had better be willing to accept returns from users when the protection mechanisms interfere with the software's ability to function. Not only that, but they need to implement media replacement policies -- if they're going to prevent the user from making legal backups of their software, then they need to be willing to exchange bad media for good media at little cost. Until company's adopt policies like these, I'm not going to feel too terribly sad for them when they bitch about piracy and NoCD cracks.

Alternatively, manufacturers can position themselves as services, not resellers. As mentioned before, on-line gaming companies and application service providers already adopt this approach. There is an understanding that the service may, one day, disappear, and thus users need to factor this into their purchasing/leasing decisions, but once you're a member of the service you should always be able to use that service irrespective of the presence of physical media. You should also be able to transfer the rights of that service to another party if you're no longer using it -- just like you can give a CD to a friend.

What aggravates me, personally, is when a company wants the best of both worlds -- you are responsible for the physical media, but you're not allowed to protect/backup that media, and you have to get authorization to use it. Far too many companies engage in this practice, ironically enough usually rationalizing that losses due to piracy force them to. One VST plug-in manufacturer I know requires you to purchase their CDs for $299, then you must authorize your software with them, then if you want to give that software to someone else, you have to pay a $99 "license transfer fee".

Paving Stones for the Road to Hell

In the end the problem is one of intent. When thinking of the nameless, faceless user, a software developer has no way of knowing why that user needs to copy their software or use it from another machine. Is it because they want to give a copy to a friend? Or is it because they have a toddler that accidentally chewed on their Freddi Fish CD-ROM? Did they install this software on another machine because a coworker will use it, or is that machine their laptop and they're still the only user?

The software developer simply has no idea whether the user's intentions are honest or nefarious -- assume the former, and the software gets copied; yet assume the latter, and honest users are inconvenienced.

Why Pirate?

Piracy isn't driven strictly by greed or parsimony. For some, it is simply pragmatism. -- software is too expensive; it is difficult to ascertain its value before purchasing it; and it is sometimes bug ridden, slow, incompatible, or just plain ****ty. I've been burned more often than not when buying games and application software -- my bookshelf is a graveyard of software I bought and never used: Paintshop Pro, Visual J++, McAfee Virus Scan, QuickBooks Pro, Kai's Power Tools, Starfleet Command: Orion Pirates, Madden 2004 for the PC, Cubase SX, the list goes on.

I've resorted to using shareware programs almost exclusively, since demos of their functionality are available. Major application developers are realizing that a good demo can stave off piracy, since users can check out a product legally.

As a rule, there are five basic rationalizations for piracy.

1. I Don't Really Use This Software

2. I'm Just Checking It Out/Software Sucks

3. I Can't Afford It

4. It Doesn't Hurt Anyone, It's Not Like Stealing a Car

5. Why Not?

I Don't Really Use This Software/I Wouldn't Have Bought It Anyway

Ahh, the war cry of the casual pirate who sleeps well at night. This is the rationalization for the myriad copies of Adobe Photoshop, 3DStudio Max, and Office 2000 floating around the computing universe. These packages are extremely expensive and the professionals that use them can afford them. However, a huge number of the pirates out there are casual pirates that like having overpowered software just to dick with. They don't really need Photoshop, but if given the choice between having Photoshop or GIMP, they'll take Photoshop every time.

The availability of low-cost alternative software that has the features usable by hobbyists undermines this rationalization. A lot of publishers do, in fact, provide such low cost versions, and while I'm confident that this does reduce piracy somewhat, I doubt that it makes a huge dent since, by and large, this reason is more of a rationalization. If someone wants something that's good enough "to play with", many free or inexpensive versions of most software packages are available -- but it's human nature to get the best you can for the least amount of money. It's a sad statement that we can justify getting something very good by theft more easily than we can justify getting something adequate at some cost.

I'm Just Checking It Out/Software Sucks

These are two sides of the same justification. I don't think many people will dispute that today's PC software is buggy, difficult to use, bloated, slow, and often incompatible. The consumer doesn't know if a specific piece of software works on their machine, as advertised -- and even if it does, the issue of quality exists. Major software companies rarely include demo versions of their flagship software, so all users have to go on are reviews on the net and whatever the manufacturer decides to tell you.

If that software you purchased doesn't work or crashes all the time, you have little recourse for satisfaction. For this reason, trying-before-you-buy is almost a requirement. Nothing pisses off a consumer worse than blowing a wad of cash on a new game or application only to find that it doesn't work, and then learning that the software can't be returned. And publishers wonder why there's piracy?

So there is a reasonable justification for piracy-as-test-drive. The problem is when you try-but-don't-buy. This is happens a lot with games -- someone "borrows" a game, finishes it, and then decides not to purchase it because, well, they've already finished it.

Without proper demo versions, consumers can't determine if a particular application A.) is good and B.) actually runs well on their system. If publishers won't provide these demos, then the consumers will -- in the form of pirated copies. The problem then is that once it's been pirated, well, why even bother getting the legal version?

Fixing this situation is, again, relatively easy -- provide full featured demo versions of your software. Those that legitimately want to investigate a particular application may now do so without resorting to getting a cracked version from a friend and, by extension, falling into the trap of just keeping that pirated copy instead of buying a legit copy.

I Can't Afford It

I don't have too much sympathy for the group that says they can't afford it. Even in countries where a typical user literally cannot afford software -- Photoshop costs something like the equivalent of three months wages in some east European countries -- there are always other options. Use free or lower cost versions. Don't use the software you can't afford. For some reason society is willing to nod understandingly when someone says "Of course I didn't pay for Microsoft Visual Studio, I can't afford $1000!" But, oddly enough, society gets a lot more irritated when someone, say, steals $1000 in computer equipment, since the latter has a "victim" and the former, well, hey, who is really a victim if it wasn't really a lost sale in the first place, right? Right?

Lowering prices would help, to some degree, but there are market positioning concerns there ($20 games often sell poorly due to a perception that they have to be $20 to make up for lower quality). There isn't much you can say to a Bulgarian make $200/month to convince him that they should save up a year and buy 3DStudio Max 6. It's just not going to happen. To turn it around, for you Americans -- would you buy the latest CD from your favorite band if it cost you $100? Thought not.

But still, in the end it's hard to sympathize too much towards someone that doesn't have the means. If you can't afford something, then come up with a legal work around (such using open source equivalents).

It Doesn't Hurt Anyone, It's Not Like Stealing a Car

This is the classic excuse. It's a victimless crime! There is this justification that unless something is made out of raw materials and is a tangible item that theft isn't taking place. Digital data has the wonderful property of cost free duplication, so no new resources are consumed in their creation. Hell, the publisher and developer don't even have to be involved in the duplication.

To some degree, this is sort of true. If someone "borrows" a game from a friend, then it's not like I'm losing something. They didn't break into a warehouse and steal something that I then have to replace. However the long term cost is the same to the developer -- lost income. This lost income is the difference between surviving or not. Every time a popular game that you would have bought is pirated, that's fewer dollars back to the developer, and the less chance that they'll make cool games. Anyone reading this that warezed Thief or System Shock -- don't bitch too loudly about the lack of good games anymore.

It's kind of like voting -- yes, your one vote may not make a difference, but if everyone thinks like that, the country goes to ****. Every time you buy a game that you like, it's a vote of confidence to the publisher about that developer. Publishers use these sales figures to determine if the developer is competent; whether copy protection is necessary; and whether the PC platform is still viable. When sales plummet and/or piracy statistics skyrocket, publishers have a tendency to write off the entire PC market.

So piracy does hurt someone -- it hurts the developer, who loses money. It hurts the gamer, who is now wondering why no one makes good PC games anymore. It hurts the industry, and to some degree it hurts society by propagating this belief that copyright theft is okay.

How Much Protection Do We Need?

I have generally viewed anti-piracy measures as a relationship between copy protection effort, software price, and the effect on developer time, pirate time, and total number of lost sales. Completely absent copy protection simply opens up the flood gates, primarily because you're relying on the goodwill of your end users for profit. Many a "donation ware" author has found this to be the case -- there is a belief that if you're not requiring payment, that you don't need the payment, so users won't bother.

Light copy protection probably stops the vast amount of casual piracy. It prevents someone from just zipping up some files and e-mailing them to a friend. It prevents burning a CD for a friend. Usually a very trivial amount of effort is required to implement (and crack) this form of protection, but depending on the technological savvy of the user base, this may not be a real concern.

Heavy copy protection hits a wall of diminishing returns. It's still going to get cracked, but now you've infuriated many of your legitimate users and incurred the associated support costs of dealing with them. Stopping trivial copying and distribution makes sense, but I find it difficult to imagine that anything past that is going to be worthwhile. Is getting one more sale worth pissing off one good customer? Five customers? A hundred customers?

Steps to Fixing Things

So to some extent the developers, publishers, and retailers are partly to blame for driving honest users to piracy. Note that I'm ignoring "serious" pirates -- everyone from the mass duplication pirates in the Republic of China to the guys running pirate Web sites. I consider these in the minority, even though their total numbers are fairly significant.

The question we must ask ourselves, as developers, is "what can we do to discourage 'casual' piracy?"

First, we need to let users try our software before they commit money if they're not allowed to return faulty or incompatible software. I've been in the shareware business for years now and have never had a single return from a direct sale -- why? Because every user can try our software first and then spend money only if they feel that it's the right product for them. The only reason not to release demo versions is fear that your software will be exposed as substandard and thus you won't get "captured" sales -- people who base their buying decisions on optimism and thus will pre-order or buy blindly.

I've used several demo versions to see if something would be right for me. Most recently I purchased MindJet's MindManager, which is a fantastic program. Without a demo I would have been forced to either pirate it (doubtful I would have bothered) or solely trust reviews -- but I'm not sure if I want to commit hundreds of dollars based strictly on the opinions of others. On the other side I tried out ActiveState's Komodo IDE for Python, both version 2.5 and 3.0, and each time, while I liked it, I didn't end up purchasing it because of incompatibilities with other software on my system, making it unusable. If I had spent the money, I would have been very angry if I couldn't get a refund.

The second thing we can do is make entry level versions of our software (with inexpensive upgrades). Some companies already do this, such as Adobe with their Photoshop Elements or Microsoft with Visual C++ Standard Edition. Inexpensive, feature limited versions of software appeal directly to the "I'm just checking it out" and "I don't really use this stuff" crowd -- if you can get a copy of Photoshop Elements for $80 and you're a hobbyist, then it's doubtful that you have a legitimate excuse to pirate Photoshop CS. Any features in the "big" versions are probably those features only professionals or hardcore users would miss.

Third, if you don't have a demo, provide a reasonable return policy. The fact is that there are just too many random incompatibilities out there, not to mention sucky software. Use an authorization system if you have to and forcibly disable their installation the next time they run, but at least allow them the right to return software they don't use.

Fourth, decide if you're going to require registration or physical verification -- don't do both. That really aggravates users, who are now at risk of losing their software either by losing some physical item (dongle, CDs) or because of an inopportune authorization failure (due to the company going out of business, need to reinstall at 3AM, dodgy network connection, etc.).

Fifth, if you're going to use a pain in the ass copy protection mechanism, clearly mark it on the box so that users can choose whether they want to deal with the hassles before they purchase your product. There is no legitimate reason to hide this information from the user, particularly if you don't provide a reasonable return policy.

Finally, if you're going to require use verification, then provide a fail safe so that if your company ever kicks the bucket, the software is still available. This isn't a major issue right now except in some industries (graphics, music, design, and audio), but in the next few years there's going to be a collective outcry as more and more people are left stranded with expensive but orphaned software. Either escrow unlocked builds with some kind of centralized authority, or automatically have your software unlock after some calendar date -- presumably patches or upgrades will reset the internal clock, but if your software hasn't been changed in a couple years there's a good chance that your company is out of business. Whatever scheme you choose, the important thing is that the user needs to feel comfortable that their investment won't just evaporate along with the company. I have games made by companies that no longer exist, and I feel pretty good that I can still play them even though those companies are no longer around.

By following the above basic rules I think that casual piracy can be reduced by a reasonable fraction. The major excuses are addressed by all those, but in the end the real root enabling of piracy -- society's unwillingness to identify piracy as an unwholesome act on a par with physical theft -- needs to be addressed. Until then developers will rely on the honesty of individual users, and this is a tough sell in today's market, especially when you routinely meet otherwise normal people that think anyone that pays for software or music is a moron.

One final note: given the degree to which SafeDisc and StarForce invade a system, I think that it's absolutely vital that game reviewers indicate which protection system is used by a game. If the publishers won't inform the users, then the advocates for the consumer (in this case, game reviewers), should. In fact, I would go so far as to say that any game with overly invasive copy protection simply be docked points outright and denied any awards. It's that simple -- the path we're currently going down with copy protection is just wrong. Piracy needs to be curtailed, but punishing legitimate users is not an acceptable means to that end.

[Caesar]

I am a programmer who has used developed software using dongles over the last 6 years or so. In my opinion, dongles are expensive and unreliable and utterly unsuitable for low cost software such as games. Claims that they are difficult to defeat are unfounded. It can be done and, while it is not a trivial excercise, it is not all that difficult either. The software I developed was ideally suitable to the use of dongles but we moved away from them due to their problems with reliability and cost. Our software was on a server with the dongle undisturbed and even in this circumstance we suffered frequent failures. It is a pity really as they are actually a very convenient security method for higher priced software.

There is simply no way to secure software completely. You can make it more difficult (and should IMO, as it puts off the casual thief) but realistically, while there are people about who do not acknowledge that piracy is simply a popular euphemism for theft, it is not going to be stopped.

[Immacolata]

I see a few starforce haters here, but I believe they are the usual vocal minority of starforce haters that are 1:1000 or maybe even 1:10000 comapred to the people that use games with starforce and have no issues at all. Yes, it is intrusive compared to the regular ones, but what were you doing with Alcohol 120% and Daemon-tools anyways? And using Windows XP in the first place is accepting quite a lot of Microsoft intrusion wholesale

You can disable Starforce drivers in a few minutes, there is a program that does it. Sure, it could be a lot prettier but I for one cannot take serious the few persons that are angry about it. You are too pouty lipped, that you can only see the issue from your side, claiming intrusion, suppression of rights etc. due to STarforce, instead of seeing it for the common good of gaming: namely that producers makes games that MOST people buy and FEW uses illegal copies of. Not because Starforce is impossible to break, but it is a bit harder than usual, and developers can even hassle pirates into "upgrading" for a pay-for version by making some post-release patches with new starforce drivers in.

The PC is an open platform, and unfortunately that makes it open to piracy. So if you want to play games on the pc, live with the copy protections, and stop taking yourself so serious. Just unplug your pc from the internet and your so-called intrusion is mostly in your mind.

As someone said, yes, there are issues with older versions, and to some extent newer versions. This usually happens with people that have unusual hardware configurations, and it IS a real problem for them, but their numbers are slim and growing slimmer Ive heard.

The alternative is no games because everyone says "Nah, Ill let the others buy the game THIS time. I mean, I need a new kludge for my car anyways so Ill just "borrow it". Im all with the devs, spiritually, of course." That makes no food for the devs.

So, unless CMx2 comes with a copy protection that requires of me to put my fingers into the mains socket or dial a phone number to "activate" it, Ill buy it. Provided that it is good of course!

[markl]

With regard to the above question above using programs like alcohol or daemon tools.

Not wanting to start anything, but in my industry engineering, programs to mount CD's are very common. Especially for symbol libraries for drafting programs. Yes I do some work from home and need to mount these disks to speed up my work, so there are legitimate reasons for using disk mounting programs.

I also know some desktop publishers who mount CD's for work, and they work from home. Daemon tools seems to work better than the mounting tool in say Nero so it is often used.

Anyway it is not worth arguing about, as we all have our ideas about it and unforunately it is a fact of life and here to stay. I just hope it does not help to kill the industry it is supposed to help save.

Sorry if I offend anyone with my ideas, so I but out of this one now.

Cheers MarkL

[Tim Hughes]

Interesting comment from Martin in an interview/panel discussion over at SimHQ (http://www.simhq.com/_all/all_009b.html)

"

Martin (Battlefront): So far, every anti-piracy scheme has been cracked sooner or later. Like you say it's a problem that will never go away. So the main purpose of such programs is to buy time for the publisher to keep his "first to market" advantage. Important for shelf distribution (otherwise retail will be reluctant to buy games from you to put on their shelf), but far less important for our distribution method. Which is why we have never used such programs.

Let's also not forget that it is questionable how many people who play the pirated version of your game would turn into paying customers if you try to force them to. This isn't to mean that we condone piracy, but we try to counter it by making darn good games and hoping for support because people will want more of the good stuff, rather than wasting thousands of dollars on the attempt to force them against their will.

"

Emphasis added.

[Jhereg]

In response to Immacolata, I use Daemon tools and Alchohol 120% because of the convenience of using images vice having to search thru 5 CD cases that hold a total of 602 CD/DVD and the tower of 25 jewel cases on my computer desk. I have never pirated any software, all are the original CDs. The titles with Starforce are the only ones I have to deal with the discs and as such they are played significantly less. Hell I can not play my old copy of Aces of the Deep due to having lost the manual during one of my moves, while serving this country in the Navy. Talk about PITA copy protection, 3rd word on page 122 AHHGHHAGGAaahhhh! I have bought multiple copies of BFC's products to give to friends and family. Yes copy protection is a burden mostly to legitimate users, especially Starforce and Steam. With Steam I could not play Half Life 2 for the first three days after purchase due to not being able to activate the software, because Valve did not have enough server capacity to handle the launch. There are still people who have gotten around Steam and Starforce. So in the end the titles I play most are the ones I can run from images when the mood hits me to play something dfferent/older. I did not buy Silent Hunter III because of Star Force even though I own all previous versions and enjoyed them a lot especially SHII. It boils down to basically how many hoops I am willing to jump thru just to play my game.

[GJK]

Originally posted by markl:

This is a very interesting topic that has also been recently discussed over at Shockwaveproductions.com prior to the release of their Battle of Britain II which also seems to attract an older audience because of it's tactical level as well as a flight simulator.

Interestingly enough, I've already seen the pre-release version for this posted in the newsgroups already a couple of weeks ago. I can *try* and find the group/poster if the Shockwaveproductions team isn't already aware of it.

[Matthias]

i am sorry but Star Force 4 is the tool of the nazis or the spirt of the devil!

firstly Once the four different device drivers are installed, the software monitors your CD-drive to confirm you're using the original CD, while the system encrypts executable files, but also non-executable files included in the application. The software also collects system information and creates an error report should anything go wrong.

Plenty does.

the software gobbles up computing cycles, slows CD drive read-times, creates CD-R read errors even after removal, and is responsible for a number of device conflicts - particularly with external USB drives.

so it installs silently, watchs what you do, and can damage your system...is it a virus...no...is it a trojan...no...Its Star Force4!!!! the protection that stops me buying brian lara cricket!

[markshot]

I have been in many Starforce debates and don't want to waste time on another.

However, I would simply like to state that I have purchased 4 BTS games in the past and will most likely buy more in the future. However, I will not buy any product of any genre of any stellar quality of any publisher if it includes Starforce. I would rather play CMBO until 2020, then to deploy Starforce on to one of my systems as both a matter of practice and of principles.

[Immacolata]

Originally posted by Jhereg:

[QB] In response to Immacolata, I use Daemon tools and Alchohol 120% because of the convenience of using images vice having to search thru 5 CD cases that hold a total of 602 CD/DVD and the tower of 25 jewel cases on my computer desk.

I use Daemon-Tools for the same reason, however I never found that it conflicted with StarForce (I own SH3). It wouldn't run at the same time, but it would work if DTools is disabled.

Yes, it is jumping hoops. And especially for simulation games it is a pain to have mandatory disc-in-drive copy protection. A good sim game is one you come back to many times over months, so having to find the disc every time you feel like playing is annoying.

But I am playing the devil's advocate here. Make a game and remove copy protection, and most publishers wont take it. Release it yourself without c/p and see sales being miniscule. about 8 years ago BlueByte released a quite nice turn based tactical game called Incubation. Was released without c/p and sold a fair amount. Then they made an expansion pack which had physical C/P on the cd-rom to prevent copying. Sales were double IIRC. A bit peculiar considering you needed the original game to use the expansion right?

That was before the advent of virtual drives and huge harddrives that can hold dozens of iso images. Today the only iso-defeating c/ps are online keycheking, which really only works for online based games, and StarForce.

So if CMx2 should have any *meaningful* c/p it will be Steam or StarForce. Since Battlefront is using their special method to sell their games I would say the Steam method is the one that has least possibility for disrupting your system. And you can run your game off the harddisk without having to insert a disc, because the online validation will be the c/p. I'd prefer that, if Battlefront opts for a c/p.

[Jhereg]

Yeah the only problem with Steam is the need to be online to use the software. When we are underway and tooling around for six months plus, there is no internet available for personal PC's. Thus any sort sort of online verification is a no purchase for me. Like yourself I often go back to play older strategy games when nostalgia hits me. I have two full CD-R's of maps for Close Combat III, even by todays standards my fully modded up install for that is large That is why both my machines have 500 Gig of storage each. I have not run into problems with Starforce as of yet either. The only game I really ever play with it is Silent Storm Sentinels which I had to order from the UK to get due to lack of distribution over here. Its the only one worth leaving in the drive. It just irks me that the modern CPS screw the legit customers but really do nothing to deter warez types. Starforce can be defeated in all its versions by the pirates. Ahhhh erm what is the world coming to. I am certain I will buy CMx2 regardless of the route BFC takes as they have given me a product I love as much as the old Harpoon Classic! Long live BFC!

Maybe I need to learn to use spaces LOL so my posts are easier to read!

[Rista Blodörn]

Playing games is all about having fun, and it is not fun to spend more than a couple of minutes on finding the CD in order to play... And my rather silent PC is not very silent at all with a cd or dvd in the drive.

And if I dont find the disc, then what? Perhaps I just cant find it for the rest of the day, then I probably just get tired of playing and end up uninstalling it, perhaps for good. Finding something else to do, like playing with my girlfriend (no cd required, ever)

Usually I get a fixed exe, no-cd or whatever for all my games, if I can find one and the game requires the CD in the drive. And I buy all my games! But I would hesitate to buy a game if it had an impossible copyprotection because it removes all the fun when you just cant find the CD right away... And it is tedious to put in and take out, it makes a lot of noise and it is just to much annoyance

I dont mind copyprotections as such, but with things like "uncrackable" starforce or simpler things like no available no-cd patch to be found anywhere, I dont buy the game... Period!

SHIII was my first, and probably last exception to that rule because I havent played SHIII for 2 months only because I could not find the dvd for over a week! Feels like I have lost my "need" to play it now... (But hey! Guess what, instead I reinstalled CMBO to have at least something to do! )

I have all of the Illiushin-2 titles too... but I could never even start Pacific Fighter until I got hold of a no-cd patch!!! At least that crack saved me from returning the game, and for ever losing faith in UBI

Besides, if I cant backup my original game disc, then its is a violation aginst the law, It is my legal right to be able to do a backup...

Just my 2 öre.. please dont flame me as a piracy defender, thank you..

[Wallybob]

Treat the Pirates like the looters.

[hoolaman]

Nice article markl. I actually bothered reading the whole thing, and basically agree with its conclusions.

I think the key to discouraging a lot of very casual piracy is a really excellent demo.

The really well though out demo/shareware trial has hooked me into actually paying for many pieces of software, from UFO:Enemy Unknown from the cover of PC Format magazine, to several excellent shareware programs most recently.

The art is to give the user enough to get them into the game, but leave them wanting more when the demo is done. Combine this with a reasonable purchase price and you have a sale.

I confess I am pretty quick to crack a crappy shareware program, but for really good software with full featured trials, that is still being supported, I have paid for full versions of a number of programs.

Remember Id software made its name with shareware in the form of Wolf3D/Doom/Quake. None of these programs prevented people in the categories-

I Don't Really Use This Software

I'm Just Checking It Out/Software Sucks

I Can't Afford It

-from playing for a length of time, but left them weighing up the decision to invest in an expansion to their game experience.

Of course retail software is a slightly different situation, I am squarely in the "I can't afford it" category, but I will happily wait a year to buy programs when they reach the 50% off bin rather than mess around with a broken pirate copy.

[Kellysheroes]

Why don't they create some sort of CD cartridge device that the CD is installed in and if someone tries to pry the case open there is a solvent that is broken and released all over the cd and thus ruins it? Something that wouldn't be harmful to any human being, but, would just totally ruin the cd face if released upon it?? Seems to me that is the "solution" (heh pun intended) to solve(ent) the problem of piracy. If there's always some sort of say upc code that the rom has to read before the game will play and it has to read it off the cd and not from the files on the hard-drive, wouldn't this work?

[Immacolata]

There is art and there are freeloaders. You will not convince freeloaders to buy anything they can get for free. Remove c/p and have an excellent demo and they will opt for the "free" version. It is a fact of life. There Ain't No Such Thing as a Free Lunch it is claimed, however that doesn't prevent scores of pc users to try and get one.

@Jhereg

Yeah I see your point, on-the-go-gaming is where online validation is bad. Not much fun being stuck in some backwater or deepwater part of the world with nothing to do because your lil' pc games won't run without access to the intarweb.

Well. This is a gordian knot isn't it?

[Blah Blah Blah]

Originally posted by Adam_L:

The copy protection on Silent Hunter 3 and on Flaming Cliffs is the only one I've heard of yet that is working.

What do you mean is working? If you are refering to 'having stopped it from being pirated' you are mistaken regarding SHIII. My cousin has had a pirated copy of this game for a very long time.

[Blah Blah Blah]

There is a lot that can be done to discourage piracy. markl touches most of them in an excellent way. He did fail to mention continued support. At least I think he did, the paragraphing makes for a hard read.

Ubisoft has stolen my money.

Let me give SHII as an example. A very incomplete and half-assed product when released and it stayed that way as Ubisoft did one patch so that they could sell the companion product Destroyer Command. So here we have a bug ridden incomplete and poor quality product that Ubisoft washes its hands of SHII leaving the paying customer with a dud.

So here I am having payed $75 for a game that is not 1/2 of the claimed product. How do I feel, I feel that Ubisoft has stolen my money. How do most people react to being ripped off? They will reciprocate. Two wrongs don’t make a right in this instance, but how wrong is it?

Intrusive Anti-Piracy measures such as Starforce and the likes will hurt the industry far more than piracy. Anti-Piracy measures such as Starforce will only have an effect on the small ‘share with a friend’ portion of the pirate market. It will not stop professional pirates.

How has my first experience with Starforce affected me, the legitimate customer? I have moved on from any product which uses it. Sadly, I have resigned myself to the fact that I will most likely not be gaming in the years ahead.

[phil stanbridge]

I dont think you should bother with copy protection at all - its a waste of time in my opinion. Just sell the game for an extra $10 or something like that. I'd happily buy it.