Is DRM finished?

Zero. They send it to Denuvo who add the protection.

Nah, this'll just cause them to double down on making even more obtrusive DRM software.

yeah they don't add it for free

>ONE DAY
HAHAHAHAHAHAHAHA
hahahahahahgaha
hahagagagagha

I'm retarded. I read your post as "I wonder how much time".

Didn't four come out several years ago

Either way, I don't think this is done with an automated process.

yes OP posted old news

If denuvo was causing profit loss then it wouldn't be around still. The fact that companies come to use it after many years is because they see a gain out of it.

Someone revealed it once, they spend $650,000 of their development budget for denuvo to inject their drm into their codebase.

no I didn't

Attached: Screenshot_2018-12-06 just cause 4 release date - Google Search.png (628x216, 67K)

Attached: 1542331987513.jpg (1084x1027, 380K)

Given they would have expected it to sell well, something in the ballpark of $50k I would expect given the sales pitch I saw.

They absolutely charge for the service, but it's not as simple as just sending the exe and you get one back.

DNV is called as part of linking - it uses the profile-guided optimisation data to find functions it thinks are low-impact enough to obfuscate (note: performance problems happen if it gets this wrong or if you manually call checksum triggers frequently). The whole thing gets wrapped but not encrypted - but it effectively deletes the targeted functions in the executable, and sends them off to the Denuvo servers, where the server side recompiles them with a polymorphic engine which uses checksums with individualised whitebox AES encryption - and, importantly, that engine produces lots of different versions which contain particular code "gadgets" that are reliant on specific CPU quirks to execute: we're talking about things that are stepping-specific, here.

When an end user executes the application, it calls home to Denuvo servers to activate and if authorised downloads the missing pieces of code - but, importantly, those missing pieces of code are watermarked to that activation, with gadgets specific to the CPU stepping it's running on; if you give it to someone else, the results won't match and the checksum fails.

The thing about whiteboxes is that they are extremely easy to attack if you run them in a simulated machine, with reliable easily-extracted side channels. The gadgets are also extremely distinctive, by virtue of the reason they are gadgets - they do different things when run in different environments, but what they do in the correct environment is easy to measure. The targeted functions can then be run through a pass of superoptimisation, removing the whole wrapper and returning it to something close to what it was before. That process can be as automated as adding the whole thing in the first place.

Sorry; typo. $500k. Denuvo's not cheap, but smaller devs can pay per percentage instead.

The whole point of doing it this fast is to prove that it is.

>The whole point of doing it this fast is to prove that it is.
not him, but if that's the case why would they not be able to crack every game in the same amount of time?

>Why did you crack it?
>"just cause"

>2018
>believing drm wasn't finished in the last decade
Okay, boyo

They can't give up the illusion that they as CEO or CTO or whatever make great decisions such as to contract some DRM vendor that secures the company a lot of money.

So no, DRM isn't finished. It's part of some retarded human posturing.

There are factors like the number of triggered functions and the time taken by superoptimisation - but knowing the scene, they are probably dwarfed by the much more direct and simple explanation: the group still needs to give a shit about it to do a release of it.

So naturally they'll target more famous high-profile things rather than Football Manager whatever, who really gives a fuck about that outside a very niche and vocal group, none of which are really in the scene?

It makes investors, who think piracy = lost sales, very happy, which is all the company cares about.

denuvo totally works tho unlike steams joke protection you need people with skills and motivation to crack it and those people will be harder and harder to come by after you give them six figure jobs.

Thats not how it works. Investors care about profit. Not make belief promises. If they saw denuvo hurting profit margins they wouldn't be happy. The vast majority of sales are also from day one which denuvo typically does well at protecting.

Let's be real here. While actually extremely technically advanced, using techniques cryptographers are still holding conferences about, Denuvo Anti-Tamper is only a fancy watermarking/activation/checksum engine.

Much more intrusive schemes were tried many years ago: SafeDisc, SecuROM, TAGÈS, StarForce. They were so spectacularly intrusive that there were extremely determined boycotts (including the activation limit protest that made Spore one of the most pirated games of all time and caused EA to back off from it), driver bugs including security bugs and obfuscation features more akin to rootkits, bluescreens, you name it. We killed them because everyone wanted them dead.

In practice, publishers fell back to extremely light, barely-there DRM - Steam, which drives sales by making it easy to buy and discover the game. Sure it's easily bypassed but more advanced additional protection really fell out of favour for many years.

It's only with Denuvo that it's become a little more common again, and that's down to some ex-crackers creating this engine which is actually not very intrusive at all when used correctly, and a very savvy, aggressive but also fairly realistic sales team with industry connections emphasizing the importance of day 1 sales. And also, a bunch of the oldschool crackers retiring in the intervening years so there wasn't a lot of talent still active and around to tear it a new one for a while.

The problem is that it's unclear how effective DRM is. I have no doubt that there is a nonnegligible number of people that cave in and buy the game because it doesn't get cracked quickly, but there's no way to figure out if the protection offered by the DRM brings in more money than how much was spent on implementing it.

Companies really believe that shit about piracy reduces profits. They've fell for their own meme so hard that they believe that if Denuvo keeps people for pirating a week after release, then it was worth it. You might think they will see it getting cracked in a day and say it's not worth it, but you're probably wrong. The meme will mutate. Now it's if Denuvo can keep pirates for playing on the first day then it sells enough copies to justify DRM.

Meanwhile they pay no attention to the quality of their product. As a pirate I have just about every video game available for free. I haven't pirated anything this year. That means there's nothing I want to play even if they reduced the price to zero.

Attached: gamerfeminism.jpg (614x1024, 64K)

>oldschool crackers retiring
This is the worst part. There are only two scene groups remaining that can crack this and I don't see that changing any time soon. Are there even new groups popping up anymore?
We had a few STEAMPUNKS releases earlier in the year but I believe they merged with CODEX after their joint releases.

You know what, you're right user. Companies are actively trying to lose profit by paying for expensive denuvo just to say they have drm when they could do cheaper alternatives at fractions of the price.

(different user here) I think the truth is somewhere in the middle. For a series like tes or fallout which is singleplayer only and sells a crap ton, paying $500k for a weeks worth of protection probably does help. For just cause 4 though? I don't think they make enough sales to warrant dropping several hundred k on drm protection.

Denuvo's sales team very sensibly points out that it will indeed be cracked intime, but emphasizes the importance of day 1 sales, and the section of the target audience who a) could afford to buy your game but b) are cheap, c) want it right now nonetheless, and d) can't crack it themselves.

It's stupid to cite every pirate download as a lost copy, but the sales team has a solid point there - it's naive to think that subset doesn't indeed describe enough gamers which probably would be potential lost sales. The impatience is the key which would drive them to be more likely to buy, and the way sales go with Steam in recent years the first days really are the most important (the next most important being the first time it goes on a Steam sale, because lots of people who are waiting, wait for those). Have a look at /v/ sometime, and how impatient people are for Denuvo cracks!

Denuvo sometimes actually encourage you to remove it from post-release builds as it obviously doesn't add as much value then. Many publishers do (some don't).

So it's not irrational. The suits at the publishers are indeed thinking exactly how much this costs, figuring out how much it might make them back, and deciding it's worth the cost. Backlash against it can sometimes be loud, but relatively insignificant compared to how money talks. It's not like this is seriously bad copy protection like we had in the 90s or 00s.

(Sorry, but the scene don't care about end users who aren't in the scene. It's really just a fun race to do something difficult first.)

There was a study by some company based in the Netherlands who was hired by the EU to prove that piracy hurt sales, and their conclusion was that you cannot prove that piracy hurts sales. What you can prove, however, is that people buy into placebo, that people are efficient at making bullshit jobs and very efficient at justifying their pay to higher-ups. That and the jews is what keeps DRM here. Torrent traffic keeps decreasing every year as a percentage, but the piracy butthurt keeps increasing.

I can't wait for the day that companies stop releasing to PC. Literally the biggest entitled obnoxious fanbase that actively tries to kill itself by making companies invest in expense drm and then still pirates.

The PC users don't deserve games.

>I can't wait for the day that companies stop releasing to PC
won't happen because even with piracy game devs turn profits.

Denuvo thought of that: they have a percentage point contract for smaller publishers or for titles that they don't think will sell as well. Obviously that's a gamble that can really work out for them if a game sells unexpectedly well.

What can I say, I'm an old wine aunt now, I haven't got the time or energy to throw away on it except maybe as a fun intellectual toy to keep my brain active.

Most young people learning reversing now are rightly focusing on security analysis and malware, where the money is. The industrial espionage angle was a thing for a bit but is a pretty vanished niche now, there's no way into it.

With an industry like that, why would a neophyte cracker focus their skills on cracking copy protection which carries considerable legal risk (especially considering the litigious bastards who bought Denuvo - ask the satellite scene what they're like) for, in many cases, absolutely no reward? What do you think we ever got out of it in the first place? Exposure?

Hell, Denuvo was created by retired crackers (apparently some really hypocritical ones, or ones who cared more about the intellectual fun than actually being ideologically opposed to copy protection, as I am). I don't blame them for wanting the money.

Then factor in that to understand and break these techniques requires relatively deep knowledge of caches, specific CPU errata, virtualization, a relatively specialized and niche field of cryptography with incredibly dry papers - and time.

I'm not saying it wouldn't be interesting, but I don't see any of you stepping forward.

>pubs double down on cancer
>more and more people get turned off by it
>start avoiding any products with said cancer
>AAA dies even further
>DRM ends up causing the second video game crash
WTF I love Denuvo now.

Name one company that has gone out of business due to video game piracy.

Acclaim

en.wikipedia.org/wiki/Acclaim_Entertainment#Controversies
Interestingly enough the page makes no claims about piracy

pretty much all publishers that bet on the dreamcast got fucked

it's ironic isn't it. it's so much easier to protect something than to crack it, yet these companies are so fucking incompetent they can't do it.

>because consoles can't pirate either
I've hacked and pirated on every console I've owned. While I don't own a Switch, that's been blown open for a long time now.

Neck yourself.

It's awesome to see another denuvo game get cracked but I know that this is bad in the long run.
Game devs will start moving to online only games like destiny 2 or diablo 3 and those can't (as of right now and probably the near future) be cracked.

thanks for the explanation

It really ought to go without saying, but part of the whole reason for existence of consoles is that they are closed, static platforms as DRM-encumbered walled gardens. I hope you support console homebrew and piracy more than you hate PC gamers, or you're on the wrong board hun.

People actually did push back before that happened. Read up on what happened with, say, StarForce.

Hey now, there's no need to get all Jow Forums about this. (Denuvo aren't Israeli.)

Selling copy protection is a business, that's all. You can't prove that piracy hurts sales, or how much it does, because you obviously can't A-B test the same thing.

The truth is probably somewhere around in the area of: it probably hurts sales to some extent, but evidently not enough to kill the industry - by the simple anthropic principle that the industry is still here, and indeed thriving overall.

But it can really hurt some small indie developers with smaller numbers, where the sales of few people who could probably afford to buy it but don't really want to might make the difference between staying afloat and not. (Of course, they probably can't afford the percentage points Denuvo would take, but that's the sales department's job, to try to cut them a deal that sounds worth it.)

That was mismanagement, not piracy. Mismanagement is way more dangerous and has killed way more studios than piracy ever could desu.

Now that's one. There probably is a reasonable claim to the Dreamcast as a platform and Sega's hardware business being significantly harmed by piracy.

Where I live consoles are sold pre-cracked so you can just burn your own disks and play. Haven't checked the latest generations, they no longer have any worthy exclusives.

it's extremely difficult to make a new protection system that truly improves on previous attempts. you have to be as smart as the crackers and even smarter to build denfenses against cracking techniques. and crackers only need to crack a system once for them to be able to easily crack similar systems.

fucking saved

Hacking and pirating on a console requires significantly more work and research than asking someone to PM a torrent link to you on reddit. Sure people still do it on consoles but it's nowhere near the same scale as on PC.

That's okay. I'm leaving big parts out and simplifying bits, and some pieces have changed over versions of course. For example some versions carried parts of that polymorphic mutation engine (virus-style!) with them, and could rewrite the targeted functions when triggered to do so.

This was potentially a bad idea because it causes disk writes (bad on SSDs) and is non-trivial (lots of CPU usage, pausing the game thread). Maybe fine if you do it once, but god help you all if you call that anywhere near the main loop.

That, and the profiling being poor, is the reason for really bad performance in some early Denuvo versions.

Also as you'd expect, layering it with VMProtect results in a clusterfuck sandwich, the combined results of which are, after you stop laughing, technically easier to break than Denuvo on its own (but you do have to stop laughing and cringing first).

For a time the 3DS had FreeShop, which was as stupidly easy at it gets.
Vita has pkgi? pkgj? Something.

It doesn't matter how effective it is at actually stopping piracy - as long as it's effective at calming shareholders it's considered a "win" by game companies.

Lol no

There's no way to measure that you fucking retard

>destiny 2 or diablo 3 and those can't (as of right now and probably the near future) be cracked
Only because no one wants to crack them at the moment. Daily reminder for "online games" to work, data needs to be streamed to your computer so that the cpu can execute code, and there's nothing stopping anyone from intercepting it and compiling it into an offline version with online checks removed.

On Vita for example, you just go to a site, click a link and that's it. You then have multiple, rather easy (though a bit slow) ways of installing games. "It just werkz".

sure, but xbox one and ps4 aren't that simple. Nintendo systems afaik have always been easy to hack comparatively.

>cracking consoles and their games isnt a thing
Oh boy, here we go.
The thing is that there are known negative affects of using copy protections like Denuvo, like poorer game performance, which is literally just harmful to the consumer. A certain percentage of people using the cracks will be those who paid for the game who just don't want to deal with the DRM bullshit.

It's kinda hard to say what would happen if they released a AAA title with no DRM at this point but I'd say you're more likely to get the expected number of sales than everyone pirates it.

polymorphic mutation engine, yikes, I have heard of the concept, never delved into it too deeply

makes me curious on how Denuvo does their profiling, my guess is a bunch of servers auto-compiling different instances of the game each with different functions missing and then running the game to figure out which drmd version of the game has the least impact on performance, that is, if they automated it

More important question is are AAA game developers finished? This year has been a disaster for them, indie games and fucking remasters scoring higher than 90% of them.

Server emulation is a significantly more difficult undertaking than mere cracking. It's a big-ass blackbox and you have to accept you will never be perfect.

Honestly, given enough time and interest and exclusives not available on PC that would drive it, I would expect it'd be more attractive to emulate them than pirate on real hardware, given how comparatively close to a PC that console generation is by design (although some of the differences are going to be a pain).

>this'll just cause

Attached: punny mexican.jpg (600x600, 34K)

the japs are just too good

WTF never knew diablo 3 was online, I swore you had to download a client

You do but it won't run without an internet connection. It's nothing but DRM.

they read and write cyphers for a living, just one look at moonrunes will tell that this isn't a language for normal humans

>the japs are just too good
what do you mean? are they using some super secret method to protect their software?

what sets them apart?

Attached: 1542798232945s.jpg (250x181, 7K)

oh, your characters are also saved on the servers
just wait a few years, windows won't work without an internet connection.

Anybody who tries cracking it is hunted down by the Yakuza.

wtf are you guys talking about. every online game has a client that needs to be downloaded. there is no code streamed to your computer. the whole point of online games is that you can play with other people and the server requires authentication which can't be cracked, or at least not permanently.

Trust me, if Dark Avenger could figure mutation engines out, you can too. It's not that complicated a process conceptually: swap some instructions for others that do the same thing.

Metamorphic might be the right term, however, as there is an intermediate form so it's basically closer to a decompilation->recompilation process. But I don't think recent builds do that anymore - too much hiccup, not enough return.

As far as the profiling, I mean that kind of optimisation is already part of the build process of just about every game engine out there (Profile Guided Optimisation, for example).

I don't have a sample of that side of it - it is also watermarked and calls home, because obviously they copy protect their copy protection to make sure nobody steals it! - but I don't think it needs to really bother doing too much itself, the pipeline has done the work there, it'll just be selecting for factors like size, complexity and of course call frequency being nonzero but not huge. Mots of the smarts are on the server side where Denuvo themselves can keep control of them.

but what is DRM software anyway?

code that is protected by law or something?

Attached: 1544123132875s.jpg (250x245, 7K)

They dont port their games to pc. Ez

tell that to runescape

I've always thought it meant "streaming the actual game to your pc in obfuscated chunks for another program to read and interpret for the host system" not what they do for mp games.

This is exactly what it means

All games are technically protected by law. DRM can be thought of as an addon to a game that makes it harder to crack (extreme oversimplification)

your browser downloads the webpage which contains the flash or JavaScript client. it's much more minimal but it's still a client.

denuvo seems to do that based on what this gentleman is saying , but it's not common practice for online games. in fact it could be a huge security hole if someone pretend to be the server and streamed malware to users

>runescape
>notorious for being the biggest java program & game ever made
>he says flash & javascript

This shit happens almost every time Denuvo comes out with a new version.

See: en.wikipedia.org/wiki/Denuvo

The only reason it exists is because of corporate politics. It's perceived, from a business sense, as irresponsible not to use DRM. It's a very, very boomer attitude but there you have it. It's probably not going away any time soon.

HALF A MILLION $$$

how good does the game run without denuvo vs with it

wierd flex but ok

we can't test that because denuvo isn't removed from cracked versions, just bypassed.
IIRC scene rules used to explicitly state that DRM had to be removed for a crack release to be accepted but that rule changed with the introduction of denuvo.

>wierd

Didn't even know about the game before seeing this thread
Looking at the steam reviews, it seems like it wasn't even worth cracking

>weir...
>wire..
>strange

It isn't. Basically of of those games were just arcade physics sandboxes with some explosion and a farcry-like theme.

jc2 was pretty fun with mods

I remember having fun with the JC2 Multiplayer mod
Complete chaos and everybody was shitposting about alienware in the chat

DRM, which really means Copy Protection, always gets broken. Always. So, not surprising news, therr.

>Complete chaos and everybody was shitposting about alienware in the chat
Imagine posting a "back to /v/, a cancerous place where you belong" image IN GAME.