Let me be the first to start off by saying I hate DRM. I abhor it. Maybe I'm being masochistic right now... Let's find out.

Let's say you don't require a product key or anything like that. Also, let's say that the program is only going to be downloaded from the Internet (because it's unlikely I'll ever make anything that gets published physically). What if we did it similar to how World of Goo did it, in that the user buys the program, gets emailed a fancy little link that has their unique purchase ID as part of the link, and then simply by accessing that link they can download the program and install it... no fancy tricks... yet.

But let's say that each game has a small, 8 byte (or however big, and possibly not contiguous) part of the game's executable or data files or something or other, that gets encoded by the server at download time with a hash of the buyer's unique purchase ID. That way, when the game connects to the interwebs to download updates and patches, it can simply check the hash value it's been encoded with and pass that along (probably hashed again) to the server, so the server can identify who it was that legally purchased that game. Nothing happens for awhile though. Maybe the first few months of the games life. But when the server sees that the same purchase ID is being used by 200 (or whatever arbitrary number) users, we can be fairly confident that they're pirated copies.

So after a month or two or three or whatever, we can get a good idea of which copies have been pirated or not. Then, in a later update, all the pirated copies get a special patch. Don't worry, it doesn't invalidate their copy or anything. I hate pissing people off because I hate being pissed off. What the special patch does is it comes up with a cute little window that says "Hey! It looks like you're using a pirated copy of the game... If you've really enjoyed it, why not buy a copy of your own so you can help fuel our army of 3 coding monkeys to continue making freaking sweet games?" And then it puts a little button in the bottom right corner of the screen that says "Buy Me!" But beyond that it doesn't really do much. More like a small encouragement to the pirates to fork over some cash if they've really liked the game (if they didn't like it that much they're not going to buy it anyway, so it doesn't make much sense to me to force them or anyone else to buy it).

Anyways, what are your thoughts on a DRM scheme like this?

Let me be the first to start off by saying I hate DRM. I abhor it. Maybe I'm being masochistic right now... Let's find out.

Let's say you don't require a product key or anything like that. Also, let's say that the program is only going to be downloaded from the Internet (because it's unlikely I'll ever make anything that gets published physically). What if we did it similar to how World of Goo did it, in that the user buys the program, gets emailed a fancy little link that has their unique purchase ID as part of the link, and then simply by accessing that link they can download the program and install it... no fancy tricks... yet.

But let's say that each game has a small, 8 byte (or however big, and possibly not contiguous) part of the game's executable or data files or something or other, that gets encoded by the server at download time with a hash of the buyer's unique purchase ID. That way, when the game connects to the interwebs to download updates and patches, it can simply check the hash value it's been encoded with and pass that along (probably hashed again) to the server, so the server can identify who it was that legally purchased that game. Nothing happens for awhile though. Maybe the first few months of the games life. But when the server sees that the same purchase ID is being used by 200 (or whatever arbitrary number) users, we can be fairly confident that they're pirated copies.

So after a month or two or three or whatever, we can get a good idea of which copies have been pirated or not. Then, in a later update, all the pirated copies get a special patch. Don't worry, it doesn't invalidate their copy or anything. I hate pissing people off because I hate being pissed off. What the special patch does is it comes up with a cute little window that says "Hey! It looks like you're using a pirated copy of the game... If you've really enjoyed it, why not buy a copy of your own so you can help fuel our army of 3 coding monkeys to continue making freaking sweet games?" And then it puts a little button in the bottom right corner of the screen that says "Buy Me!" But beyond that it doesn't really do much. More like a small encouragement to the pirates to fork over some cash if they've really liked the game (if they didn't like it that much they're not going to buy it anyway, so it doesn't make much sense to me to force them or anyone else to buy it).

Anyways, what are your thoughts on a DRM scheme like this?

Similar things have been done before, http://www.maximumpc.com/article/gaming/garrys_mod_battles_piracy_hilarity_ensues

There have been some stories about legitimate users being burned by this, and a few people (the majority of whom were never customers anyway) vowed never to buy garrys mod. Most people just thought it was funny though, especially since it involved posting one's steam ID on the steam forums and effectively admitting you have pirated the game.

Similar things have been done before, http://www.maximumpc...hilarity_ensues

Ah yes, I knew something similar had been done before in a few games, but I couldn't recall any of their names to reference them in my OP. Thanks!

Yeah, I don't think it would really increase sales, realistically. But I think there are a few fun things that could be done with this.

I think it's a good idea. But you must make sure that legitimate customers aren't affects by this. Put in failsafes and give users the benefit of the doubt (ie. apply very generous tolerance margins to your detection). Some people do really stupid things without realizing it, these may trigger anti-piracy detection even though they purchased a legal copy.

Once you are sure that you are dealing with a pirated copy beyond reasonable doubt (eg. because it is running on a known pirated product key), then have fun. You outlined a rather nice and friendly approach. I personally would go farther than just a 'friendly' nag screen. If someone stole your car, you wouldn't let him get away with it on a friendly reminder to not do it again either. Just make sure to not do anything illegal or to touch any system resources outside of your own game.

I would change the game mechanics in not so subtle ways. Blatantly put the player into impossible situations. Retroactively modify their savegames. Make the game downright unfair. When they inevitably die/lose from the artificially induced unfairness, show them a screen telling them that the game will treat them just the way they treated the developer by pirating it.

I think it's a good idea. But you must make sure that legitimate customers aren't affects by this. Put in failsafes and give users the benefit of the doubt (ie. apply very generous tolerance margins to your detection). Some people do really stupid things without realizing it, these may trigger anti-piracy detection even though they purchased a legal copy.

Once you are sure that you are dealing with a pirated copy beyond reasonable doubt (eg. because it is running on a known pirated product key), then have fun. You outlined a rather nice and friendly approach. I personally would go farther than just a 'friendly' nag screen. If someone stole your car, you wouldn't let him get away with it on a friendly reminder to not do it again either. Just make sure to not do anything illegal or to touch any system resources outside of your own game.

I would change the game mechanics in not so subtle ways. Blatantly put the player into impossible situations. Retroactively modify their savegames. Make the game downright unfair. When they inevitably die/lose from the artificially induced unfairness, show them a screen telling them that the game will treat them just the way they treated the developer by pirating it.

Hehe that sounds fun. I was thinking of (depending on the game) an additional level where you can't finish it if you've pirated it, and it rains fecal matter on you or something like that. But messing with the game mechanics sounds like a lot of fun... reversing gravity occasionally... and screwing with their saved games... now THAT sounds fun haha.

Warning! Pirated game copy detected! Precision tactical nuclear strike incoming - goodbye!

But you must make sure that legitimate customers aren't affects by this. [...] Just make sure to not do anything illegal or to touch any system resources outside of your own game.

What defines illegal? Well, the law of course, but what does the law say about this? Is it illegal for a game to invalidate itself? Is it illegal for the game to install a system-wide startup "reminder" for the thief that greets him whenever he starts up his computer? Also, can't a game developer have the game do all sorts of nasty things when piracy is detected and argue that it's only the pirated version that does those things while the official version doesn't do them? He certainly should not be held liable for the damages caused by using anything other than the original game.


A thought I had earlier was to have the game, upon piracy detection, randomly pick a considerable number of user files, encrypt them, tell the user about it, then sell a separate utility that decrypts them! The decryption utility has to have the trollface icon

[quote name='Yann L' timestamp='1314465320' post='4854484']
But you must make sure that legitimate customers aren't affects by this. [...] Just make sure to not do anything illegal or to touch any system resources outside of your own game.

What defines illegal? Well, the law of course, but what does the law say about this? Is it illegal for a game to invalidate itself? Is it illegal for the game to install a system-wide startup "reminder" for the thief that greets him whenever he starts up his computer? Also, can't a game developer have the game do all sorts of nasty things when piracy is detected and argue that it's only the pirated version that does those things while the official version doesn't do them? He certainly should not be held liable for the damages caused by using anything other than the original game.
[/quote]
I think I'd have to disclose that kind of behavior in the EULA though, seeing as that capability would come from me, the developer and updater, and I'm afraid that would scare the honest users more than deter the dishonest users.

A thought I had earlier was to have the game, upon piracy detection, randomly pick a considerable number of user files, encrypt them, tell the user about it, then sell a separate utility that decrypts them! The decryption utility has to have the trollface icon

If I wanted to be a dick, that definitely sounds like a brilliant idea! I could create a bank of keys, and allow the program to pick at random from a set of public keys, but reserve access to the private keys and sell access to the needed private key, depending on the public key used. That's just evil though, and I think that'd backfire really, really badly. But I'd love to see someone do it so I can have a good laugh.

Since you are already talking about being online, why not just have a username and password at startup? If you have a server that validates user name and password and then flips a switch to "person online" then why do all the hash stuff. My idea to do a drm is something like this:

Usually a person break key codes by typing them in and breaking into the executible code to crack keys. They know where to do this cuz usually it says "wrong product key" and pops a dialog up. Instead of doing that you could just let the code go, but the server returns a random number somewhere which would be used something like an extra division that should be 1.
random_number = 8240
server returns 8240 after verifying user/password. If user/password is wrong it will return something thats not 8240
draw3DObject(random_number/server_return) // would draw verts*1 vertices

if the server returns 1680, then it would be .5, so half of all 3d models would draw, and so on. So the user theoretically does not know how to break your code, cuz they dont know where to look in your exe, because no verification dialogs pop up and they cant just rip out that code check, because there is no IF code check. And you could continually do this throughout the game and request that number back from the server, so its partial validation but instead it just f's up the whole game to unplayable.

Since you are already talking about being online, why not just have a username and password at startup? If you have a server that validates user name and password and then flips a switch to "person online" then why do all the hash stuff. My idea to do a drm is something like this:

Usually a person break key codes by typing them in and breaking into the executible code to crack keys. They know where to do this cuz usually it says "wrong product key" and pops a dialog up. Instead of doing that you could just let the code go, but the server returns a random number somewhere which would be used something like an extra division that should be 1.
random_number = 8240
server returns 8240 after verifying user/password. If user/password is wrong it will return something thats not 8240
draw3DObject(random_number/server_return) // would draw verts*1 vertices

if the server returns 1680, then it would be .5, so half of all 3d models would draw, and so on. So the user theoretically does not know how to break your code, cuz they dont know where to look in your exe, because no verification dialogs pop up and they cant just rip out that code check, because there is no IF code check. And you could continually do this throughout the game and request that number back from the server, so its partial validation but instead it just f's up the whole game to unplayable.

Sounds interesting, and if I ever make a game that requires users to be online, I'll have to look into something like that... though they'll still find out where look to crack the program, I'm sure. It may just take a bit of extra work, but nothing that they couldn't crack.

Anyway, any of the games I make (in the near future at least) won't require the user to be online to play. It's more like an auto-update type thing that update with patches and what not. I like to play my computer games while I'm on the move and have no access to the internet, so requiring someone to be online to play is something I definitely don't want to do. Neither do I want to make them type anything into the installer. I just hate key codes.