• Announcements

    • khawk

      Download the Game Design and Indie Game Marketing Freebook   07/19/17

      GameDev.net and CRC Press have teamed up to bring a free ebook of content curated from top titles published by CRC Press. The freebook, Practices of Game Design & Indie Game Marketing, includes chapters from The Art of Game Design: A Book of Lenses, A Practical Guide to Indie Game Marketing, and An Architectural Approach to Level Design. The GameDev.net FreeBook is relevant to game designers, developers, and those interested in learning more about the challenges in game development. We know game development can be a tough discipline and business, so we picked several chapters from CRC Press titles that we thought would be of interest to you, the GameDev.net audience, in your journey to design, develop, and market your next game. The free ebook is available through CRC Press by clicking here. The Curated Books The Art of Game Design: A Book of Lenses, Second Edition, by Jesse Schell Presents 100+ sets of questions, or different lenses, for viewing a game’s design, encompassing diverse fields such as psychology, architecture, music, film, software engineering, theme park design, mathematics, anthropology, and more. Written by one of the world's top game designers, this book describes the deepest and most fundamental principles of game design, demonstrating how tactics used in board, card, and athletic games also work in video games. It provides practical instruction on creating world-class games that will be played again and again. View it here. A Practical Guide to Indie Game Marketing, by Joel Dreskin Marketing is an essential but too frequently overlooked or minimized component of the release plan for indie games. A Practical Guide to Indie Game Marketing provides you with the tools needed to build visibility and sell your indie games. With special focus on those developers with small budgets and limited staff and resources, this book is packed with tangible recommendations and techniques that you can put to use immediately. As a seasoned professional of the indie game arena, author Joel Dreskin gives you insight into practical, real-world experiences of marketing numerous successful games and also provides stories of the failures. View it here. An Architectural Approach to Level Design This is one of the first books to integrate architectural and spatial design theory with the field of level design. The book presents architectural techniques and theories for level designers to use in their own work. It connects architecture and level design in different ways that address the practical elements of how designers construct space and the experiential elements of how and why humans interact with this space. Throughout the text, readers learn skills for spatial layout, evoking emotion through gamespaces, and creating better levels through architectural theory. View it here. Learn more and download the ebook by clicking here. Did you know? GameDev.net and CRC Press also recently teamed up to bring GDNet+ Members up to a 20% discount on all CRC Press books. Learn more about this and other benefits here.
Sign in to follow this  
Followers 0
codingo

Who has implemented a licensing API/SDK

25 posts in this topic

I'm starting this topic to get general information, anecdotes, tips, warnings, suggestions, recommendations, ideas from all those out there who have ever implemented a licensing scheme into their application be it a licensing API/SDK or your own proprietary solution.

 

I've written a small program and have looked at services from Halpeiron, Safe-Net, RLM and others and have recently began implementing one solution into my app. It is a process of learning a new, and from the looks of the documentation, robust SDK that deals with areas of programming I have never explored before.  I do 3d math stuff.  This SDK deals with network calls, encryption, permissions, XML and really tricky code styles that rely on many many defines, function pointers, and many many funky functions that do obscure things that I can't find in a myriad of books that deal with 3d graphics programming.

 

What was your experience like?

0

Share this post


Link to post
Share on other sites

Yes even the most sophicticated services like Halpeiron stipulate that if someone wants to crack your code bad enough, they will do it. So is it even worthwhile protecting your product?

 

what sophisticated solutions did you explore?

Edited by sweetRum
1

Share this post


Link to post
Share on other sites

Steams CEG solution seems to be the better direction for this stuff, as it doesn't impair the game on a functional level. It just makes it so you can't use certain features or texts are changed to other things. Which can make a game look like this: https://www.youtube.com/watch?v=ntVEaGESBsc this is a pirate copy hence the Yarrrr replacement of real text smile.png, we never disabled the game other then the text. Batman Arkham made the game playable up until you had to use your cape to glide somewhere which the game didnt allow if it was a pirated copy.

 

These are also crackable but more subtle and make your game act like a demo for the real product, so that when users start to complain on your forums you can tell them, to buy the full version to get ride of the issues.

Edited by NightCreature83
2

Share this post


Link to post
Share on other sites

My opinion on DRM is it will always be cracked and only annoy people who legally bought your program. At the same time people would probably be encouraged in copying when there is no protection.

So I would go for something very light and cheap that just prevents casual copy and paste and hopefully gives you a few days(or more likely hours depending on your luck) before its cracked. Then later you can remove it in a patch without loosing much effort, if you feel like it gives you a reputation boost to call your program DRM-free.

There is an example: http://rampantgames.com/blog/?p=6446

1

Share this post


Link to post
Share on other sites

My take on this is that you need some really basic stuff to prevent the not-very-small population of extremely nontechnical people from just copy-pasting. Other than that, the more popular you are, the faster they will crack you.

1

Share this post


Link to post
Share on other sites
When The Witcher 2 was released, there was a DRMed disc-based version sold in stores and a completely DRM-free release on GoG.com (as well as some other distribution channels), all at the same time. The game showed up on file sharing sites within hours of being released, however the version showing up there was practically exclusively the cracked, DRM version.
I couldn't find the original interview where that was mentioned but the story is referenced here.

On a more personal note, when I consider buying a game nowadays the first thing I find out is "Does it have DRM?". Unless I can answer quickly that the answer is a simple "No, it does not", I will abandon all intentions of buying the game, no matter how much anything in there interests me.
I have dealt with Steam, I have dealt with other handrolled DRM and I'm just no longer willing to put up with it. On the other hand, I'm spending well over the average when anything in a (DRM-free) Humble Bundle interests me, I have accumulated a rather huge library from GoG and I have left quite a bit of money with several indie developers who go DRM-free (and mark that properly).

A similar attitude is mirrored in friends with the exception that they are generally more accepting of Steam.
1

Share this post


Link to post
Share on other sites


These are also crackable but more subtle...

 

That seems like an interesting solution.

 

How do you reason with someone who wants instant gratification by asking them to make the choice between 'free' or 'at-cost'?  It makes it very difficult to make any endeavor profitable.

0

Share this post


Link to post
Share on other sites

I'd just leave it to my distribution platform (Steam, Apple App Store, Windows Store, etc.) to handle the DRM and focus on making a good game. I would not lose time with it myself, it's just not worth the effort and I don't care to play that cat-and-mouse game with hackers. People who will crack your game are usually not going to buy it anyway. I'm guilty of having pirated games in the past but those were either games I was never going to buy, or games that I wanted to try before buying. I have never pirated a game from developers I trust to not make cheap cash grab games. I have never pirated a Blizzard game, for example.

 

More importantly, sometimes DRM itself might be the reason why people don't want to buy your game. Don't make it safer and easier to pirate the game than to buy it legit. Mass Effect 3 has been massively pirated, and I bet that one of the reason was that people didn't want to install EA's Origin's DRM/spyware/cloud on their computer. I decided to just not play the game (rumors about the ending cooled my excitement anyway) but those I know that have played it on the PC have all pirated it. Although unless you're called Ubisoft or EA you probably don't have the means to invest into draconian DRMs like Origin or Uplay so you can probably ignore this issue.

 

You might want to go the always-online way, but if you do so you need to ADD VALUE to the always online factor so that it's not just an annoyance for the players. A lot of people have complained against Diablo III's always-online feature (and who am I to tell them that they're wrong) but personally I grew a large friend list by playing World of Warcraft, so being able to chat with my friends while playing any Blizzard game makes always-online awesome for me. I wouldn't play the game offline even if I could.

 

On a side note, I have once successfully used a protection scheme to force the customer to pay the full price of a software when I was working for a company that made industrial machines. I hid the lock/unlock flag into the machine's RAM on a chip. Of course he could have "easily" hacked it, but when you're buying hardware that is one-of-a-kind and costs 5M$, you don't want to risk breaking it (plus voiding your warranty) by hacking the chips for the 5k$ software add-on... Of course, games are all software, so you can't do anything like that. 

1

Share this post


Link to post
Share on other sites

when I finish implementing my licensing methods, would all of you try to crack it for me to see how secure my scheme is?

0

Share this post


Link to post
Share on other sites
 

Of course not. That would be illegal.

 

That would depend on what jurisdiction you're in, (Allthough i can't think of any jurisdiction in which it is illegal when you have the copyrightholder and system owners permission)
1

Share this post


Link to post
Share on other sites

Of course not. That would be illegal.

not necessarily if we do it under the spirit of development testing and I give you permission to test my security.

0

Share this post


Link to post
Share on other sites

 

Of course not. That would be illegal.

 

That would depend on what jurisdiction you're in, (Allthough i can't think of any jurisdiction in which it is illegal when you have the copyrightholder and system owners permission)

 

indeed:)

0

Share this post


Link to post
Share on other sites

More importantly, sometimes DRM itself might be the reason why people don't want to buy your game.

This, and 100 times this. I own legitimate copies of excellent games, but I still run the cracked versions because of one important DRM technique of the time period: requiring the disc to be in the drive. My main computer is a laptop, and I am always on the go. I rarely sit in one place, and while I'm often seated in my living room, my PC games are upstairs, since they are rarely used. I simply do not want to carry the disc on me, when I have the harddrive space to hold the entire game. It isn't necessary, and it is cumbersome enough for me to buy the game and run the cracks that would allow me to not need the disc. First, carrying the discs sucks. Second, spinning up a CD drive is loud, and can be slower than just as easily reading from the harddrive. Third, having my optical drive spinning while I play drains my battery life and heats up my machine unnecessarily. Fourth, running the game from a removable drive is very useful if you move from machine to machine in a public area, like a school, so cracking it to do so is desirable.

 

These are all ways that local DRM frustrates me. I was very leery of always-online DRM when I started playing Phantasy Star Online 2, for one very big reason: I played Phantasy Star Online in the offline single player mode intermittently for many years! Dealing with the fact that if I wasn't connected to the Internet, I could not level my character was a tough hurdle, when I had been playing the game's predecessor for 10 years. However, I eventually accepted it as a necessary step (PSO was filled with hackers and cheaters).

 

So, let it be known that there is yet another type of customer: if you sell your game with DRM, and I buy it, I will still try to break it to remove the burden that was imposed upon me, despite me doing the right thing. I was very glad that the versions of Quake I, II, and III: Arena that I have for Linux install and ask that you copy the data from the legitimate Windows discs to the install directory, instead of requiring that the disc be in the drive like installing the Windows versions. I own the Ultimate Quake collection, so that is not the problem.

Edited by Ectara
2

Share this post


Link to post
Share on other sites


Most DRM solutions are trivial to bypass and generate "valid" keys once folks get even a basic sampling of keys.

 

Any decent DRM system will use public key cryptography to make sure that the only practical way to generate valid keys is to have the private key.

 

Of course that doesn't stop someone hacking the code to remove the check or replace the public key, but at least it lets you easily and reliably identify pirates.

1

Share this post


Link to post
Share on other sites

Most DRM solutions are trivial to bypass and generate "valid" keys once folks get even a basic sampling of keys.

 
Any decent DRM system will use public key cryptography to make sure that the only practical way to generate valid keys is to have the private key.
 
Of course that doesn't stop someone hacking the code to remove the check or replace the public key, but at least it lets you easily and reliably identify pirates.


I don't see how that is applicable. If you do not require online validation the program itself needs to validate the key and any decent hacker can extract whatever counts as the private key from the executable.
If you require online validation you don't need public/private keys, it's much simpler and safer in the long run to create completely random keys and store them in a database, together with whatever usage information accumulates.
1

Share this post


Link to post
Share on other sites


If you do not require online validation the program itself needs to validate the key and any decent hacker can extract whatever counts as the private key from the executable.

 

The private key can't be extracted from the executable, because it's not stored there.

 

The developer signs a message with the private key which they keep secure and don't distribute. The application which contains the public key can then verify that the message is signed by the developer.

 

See http://en.wikipedia.org/wiki/Public-key_cryptography

Edited by Adam_42
0

Share this post


Link to post
Share on other sites

My experience was that it was an utter waste of time and trivially cracked by an amateur reverse engineer (me) in a matter of a few minutes for the simpler solutions, and a couple of days of hardcore reversing for the more sophisticated options out there. (I won't name them, for legal reasons.)

Can you tell me what tools you used to crack your app?  I've implemented a very basic scheme so far and would like to see what is visible to the potential hacker.

0

Share this post


Link to post
Share on other sites

Tools aren't really important - understanding the machine code and how to modify it are what really matters. Even the debugger shipped with Visual Studio is plenty to reverse most apps, combined with a hex editor and careful fingers. If you're really industrious you might learn and love WinDbg. OllyDbg is also pretty good and has some handy tools.

 

There are of course other high-caliber options out there, but they're generally expensive and don't offer much if you don't already know what you're doing.

0

Share this post


Link to post
Share on other sites

My $0.02: don't put much time into it. As others have said, all it will do is end up annoying your legitimate customers.

 

If you really feel you must do something like this, favour unobtrusiveness and simplicity over security. No matter what you do (short of hosting all the content remotely) it will be cracked, so look at your DRM as something to inconvenience amateurs rather than something that will stop determined hackers.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0