• Announcements

    • khawk

      Download the Game Design and Indie Game Marketing Freebook   07/19/17

      GameDev.net and CRC Press have teamed up to bring a free ebook of content curated from top titles published by CRC Press. The freebook, Practices of Game Design & Indie Game Marketing, includes chapters from The Art of Game Design: A Book of Lenses, A Practical Guide to Indie Game Marketing, and An Architectural Approach to Level Design. The GameDev.net FreeBook is relevant to game designers, developers, and those interested in learning more about the challenges in game development. We know game development can be a tough discipline and business, so we picked several chapters from CRC Press titles that we thought would be of interest to you, the GameDev.net audience, in your journey to design, develop, and market your next game. The free ebook is available through CRC Press by clicking here. The Curated Books The Art of Game Design: A Book of Lenses, Second Edition, by Jesse Schell Presents 100+ sets of questions, or different lenses, for viewing a game’s design, encompassing diverse fields such as psychology, architecture, music, film, software engineering, theme park design, mathematics, anthropology, and more. Written by one of the world's top game designers, this book describes the deepest and most fundamental principles of game design, demonstrating how tactics used in board, card, and athletic games also work in video games. It provides practical instruction on creating world-class games that will be played again and again. View it here. A Practical Guide to Indie Game Marketing, by Joel Dreskin Marketing is an essential but too frequently overlooked or minimized component of the release plan for indie games. A Practical Guide to Indie Game Marketing provides you with the tools needed to build visibility and sell your indie games. With special focus on those developers with small budgets and limited staff and resources, this book is packed with tangible recommendations and techniques that you can put to use immediately. As a seasoned professional of the indie game arena, author Joel Dreskin gives you insight into practical, real-world experiences of marketing numerous successful games and also provides stories of the failures. View it here. An Architectural Approach to Level Design This is one of the first books to integrate architectural and spatial design theory with the field of level design. The book presents architectural techniques and theories for level designers to use in their own work. It connects architecture and level design in different ways that address the practical elements of how designers construct space and the experiential elements of how and why humans interact with this space. Throughout the text, readers learn skills for spatial layout, evoking emotion through gamespaces, and creating better levels through architectural theory. View it here. Learn more and download the ebook by clicking here. Did you know? GameDev.net and CRC Press also recently teamed up to bring GDNet+ Members up to a 20% discount on all CRC Press books. Learn more about this and other benefits here.
Sign in to follow this  
Followers 0
lonewolff

Copy protection system

40 posts in this topic

Hi Guys,

 

Just wondering if I could run some thoughts by you.

 

I am about to release a DLL for a target client base and obviously you get people who will distribute this amongst dodgy channels.

 

I have setup my site to provide download links via user accounts and each dll is serialed in some way internally. So, I'll be able to track the source of the Buccanneer (Pirate gag :) )

 

I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

 

I was thinking of doing this in an unitrusive fashion, so if the DLL is not connected to the internet then it will continue working. But if it is connected and deemed 'not valid' the DLL will fail. Obviously, I want to do this in a way that is 100% non-intrusive to the end 'legit' user.

 

Although this method isnt perfect, it should slow down the piracy rate. And yes, if someone really wants to they can crack the DLL.

 

I just dont want the 100's of hours I have put into this go down the drain (being a solo dev). I am sure you'd understand :)

 

I also don't want to charge alot for my work, thinking around the $10-$20 region. I could charge more, but that is not who I am. I want people to enjoy the DLL as much as I have enjoyed making it. And so far the feedback from the 'target' has been awesome.

 

Thanks in advance :)

1

Share this post


Link to post
Share on other sites

Businesses invest billions of dollars every year for systems that are only effective for two or three weeks. Some require license servers, some require dongles, some require physical disks, some require license keys, all are defeated quickly. The only effective solution is to run it on your own servers.

Assuming your game is popular enough that anyone would want to steal it, your little secret will be discovered and become freely available online.

Spend your valuable development time actually developing the game.

 

Hmmm true. I know what you mean. Probably better to cater for the 'true users' rather than spending time, money, and effort staving off the dodgy ones.

Edited by lonewolff
0

Share this post


Link to post
Share on other sites

I think frequent updates are the best way to make your legit users happy, and make the pirates wish they didn't have to download yet another version because a new update was released. Especially if the update includes changes to a lot of files, which would make the pirates download the entire thing. Again. Worked against me :P

But then again, some people have bandwidth caps for download, so you should make your updater efficient to only download deltas or something.

Just an idea here. :)

1

Share this post


Link to post
Share on other sites

If you really want to add anti-piracy:

 

Release a purposefully 'cracked' and 'buggy' version of your dll to pirate websites (high-cpu usage, frequent crashes, ect). Several versions infact, make them seem as legit as possible. You can even add a time delay to make it seem like it works perfectly at first. Having an already released 'cracked' version of you software will also deter crackers from actually cracking it too since they think its already been done and if they do crack it.. it will be just be mixed in with your version.

 

This should really frustrate the pirate community. Though, I'm not sure if that will result in more sales for you :P

Edited by izackp
2

Share this post


Link to post
Share on other sites

You could embed a separate, unique 128-bit GUID in each individual DLL and assign it to each legitimate customer. Each time a user connects, transmit that GUID and make sure that no one else is current using it. If a second connection is made with the same GUID, disconnect them. This way, although you may have 10,000 pirated versions, only one can connect at a time. Whomever is distributing the software will soon learn when they can't connect...

Edited by mark ds
-2

Share this post


Link to post
Share on other sites

Sounds like that, too, would be cracked, by someone who figures it out, and replaces that code with either one that brute force increments the GUID until it finds one that is accepted, or generates one from your own machine that is unlikely to collide with anyone else's.

 

But the server would contain a list of valid GUIDs to compare against - one for each customer. And the chances of 'guessing' a correct one would be unfeasible, there are 5.3×1036 combinations!

Edited by mark ds
0

Share this post


Link to post
Share on other sites

You could add something to have the username of the person appear on the legit products. That will make pirates feel bad whenever they see the name of the first pirate on their pirate product >:3

1

Share this post


Link to post
Share on other sites

 

You could add something to have the username of the person appear on the legit products. That will make pirates feel bad whenever they see the name of the first pirate on their pirate product >:3

 

I was actually thinking of something along these lines. More or less a name and shame, have the details of the initial leak plastered all over the screen.

 

If you really want to add anti-piracy:

 

Release a purposefully 'cracked' and 'buggy' version of your dll to pirate websites (high-cpu usage, frequent crashes, ect). Several versions infact, make them seem as legit as possible. You can even add a time delay to make it seem like it works perfectly at first. Having an already released 'cracked' version of you software will also deter crackers from actually cracking it too since they think its already been done and if they do crack it.. it will be just be mixed in with your version.

 

This should really frustrate the pirate community. Though, I'm not sure if that will result in more sales for you tongue.png

 

I heard of an instance where on company did this and the reviewers got a hold of the 'dodgy' version and the program was reviewed on the faulty merits. This apparently killed sales as the reviewers said 'dont buy it'.

1

Share this post


Link to post
Share on other sites


I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

0

Share this post


Link to post
Share on other sites

 


I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

 

 

Not at all, there would be no modifications to the file system at all.

 

It would communicate to the server > ask if vaild > if response==false > don't operate.

 

Simple..

 

[edit]

To clear things up. It wouldn't be a criminal act if the user obtained the software illegally in the first place?

 

I'd love to see that stand up in court. "I downloaded this i'llegal software but it won't run on my machine". "Err, I want my money back?".

Edited by lonewolff
0

Share this post


Link to post
Share on other sites

 

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.
 

 

 

So... license validation is illegal and immoral? Software updates are illegal and immoral? Copyright protection is illegal and immoral?

 

The OP is talking about selling software, which no doubt would come with reasonable terms and conditions. The buyer would be aware of any 'phone home' checks in place.

1

Share this post


Link to post
Share on other sites

Even if the file was programmed to delete itself from the users hard disk if it was detected to be illegal, does 'ownership' of the illegal file then pass to the pirate just because it is resident on the hard disk?

 

Microsoft would be screwed if this were the case with all of those Windows 8 Trial copies on peoples computers that will 'blue screen of death' when the trial period is over. It is a case of trial is over, therefore access is over.

0

Share this post


Link to post
Share on other sites

it depends on the popularity of the product.

 

my most popular game got hacked. losses were so bad i had to fold the company. 

 

frequent major updates are all fine and good, but not really feasable for a large game (like skyrim or any other large fps type game).

 

in your case its a dll.  a library.  tech support and updates are your best anti piracy tools.  but  DRM never hurt.

 

this may be of help:

 

http://www.gamedev.net/blog/1729/entry-2258666-anti-crack-info/

0

Share this post


Link to post
Share on other sites

my most popular game got hacked. losses were so bad i had to fold the company. 

 

 

Man, that is terrible. Proof of what can happen to a good product.  sad.png

 

If my library takes off as well as I think it will, I am sure that it will be hacked in no time. That is my biggest worry.

 

So, I have no idea what I should do to protect my IP in this case.

0

Share this post


Link to post
Share on other sites
I think you should take measures to protect the game. Maybe not super measures, as even with those measures, you can be hacked.

I don't know about how to actually set up security but I have downloaded a lot of software.

In terms of hacking, think about the hacker as a thief who wants to break into you house and steal your stuff. Or you can think of them as roaches that want to invade your house and eat your snacks.

A thief has to have an entry and exit point. You can't seal off all entry and exit points because you yourself have to get in and out. So, say you have a key. Well, we know keys can be regenerated.

Now, say you have a face scanning technology, that only allows people with the correct face ID to enter. Spiffy.

I think a better way is to assume people will enter, and just confuse the heck out of em by controlling the paths they are able to take. When roaches see raid, they have to go around it. Haha. But you can go right through it.

I think of keys in the way I used to when writing secret code. Keep the key on paper which translates the mumbo jumbo into their actual meanings. Paper can only be hacked if the hacker actually breaks into your house.

Thinking in terms of "thieves" will help you to come up with better solution on how to prevent theft.

One more thing, grey hat hackers are usually called unethical or ethical depending in the situation.

You can hack your own house to prevent hackers can't you? Can't you give a virus a virus? (Independence Day). Haha.
-6

Share this post


Link to post
Share on other sites

My suggestion would be to implement some basic copy protection that simply informs the user that they need to purchase more licenses if they are running too many copies. It doesn't need to prevent them running the software. It will probably need to call home to a server to do this, so it could also report data back to you so you can work out how much piracy there is. The idea behind this is to reduce casual or unintentional piracy. It won't stop a determined pirate.

 

However you need to make sure that it's not going to annoy legitimate users. This depends somewhat on who will be buying your dll and how it will be used.

 

Just embedding an ID in each DLL downloaded is probably a bad plan. For example lets say a company decides to buy a copy of the DLL for each of it's 100 employees. Do you think they want the hassle of re-downloading it for each one of them, and then distributing them internally? However when the company gets some new employees it should inform them that they need to buy more licenses.

Edited by Adam_42
1

Share this post


Link to post
Share on other sites

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

So... license validation is illegal and immoral? Software updates are illegal and immoral? Copyright protection is illegal and immoral?

I would argue that illiteracy is a problem.
 
There's nothing immoral about license validation, there's nothing wrong with an application phoning home to validate authenticity and allow a program to continue, as long as the user has been made aware that personal information is being transmitted over the unprotected public communications systems. Neither of those actions violate the user's privacy or threaten the integrity of their data. A trojan virus that surreptitiously modifies the contents of a person's hard drive is immoral, regardless of the intentions of the person who propagates that virus.
 
Software updates are run with the user's permissions, they do not match the conditions I stated above. Copyright protection is entirely irrelevant to this discussion, unless there is a surveillance program that scans your drive for illicit source code and removes it extrajudicially. I imagine such shakedowns would be quite profitable if it were legal, since the definition of 'illicit' would be pretty fluid without the usual legal safeguards. Better pay up, we wouldn't want any 'accidents' to happen.
 
It doesn't matter if a user has obtained a copy of your software through uncontrolled markets, it is immoral for a third party to attempt to change or modify the contents of a user's hard drive (or other storage media) remotely and without the user's consent.  It is the same for any other good:  if you suspect someone has stolen your television, you do not have the right to break in to their home and remove whatever you want.  A person's data is sacrosanct and you do not have any rights to it no matter how much potential revenue you might not earn by not having those rights.
 

The OP is talking about selling software, which no doubt would come with reasonable terms and conditions. The buyer would be aware of any 'phone home' checks in place.

The OP is talking about getting software installed on a user's computer such that they can remotely exploit it. There was nothing in his post about posting a warning and obtaining consent that such a trojan virus has been installed and will modify or destroy the contents of their hard drive. If that was the case, he should have said it explicitly. What he did say explicitly is "the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's" which to me sounds like delete files, since 'kill' is a synonym for 'delete'. Of course, it would only be a problem for the people who had installed the software and not paid the protection money, not 'the buyer'.
1

Share this post


Link to post
Share on other sites

 

 


I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

 

 

Not at all, there would be no modifications to the file system at all.

 

It would communicate to the server > ask if vaild > if response==false > don't operate.

 

Simple..

 

[edit]

To clear things up. It wouldn't be a criminal act if the user obtained the software illegally in the first place?

 

I'd love to see that stand up in court. "I downloaded this i'llegal software but it won't run on my machine". "Err, I want my money back?".

 

Your game only works online? Not buying it. As stated in other threads, I'd put forth the effort to crack the game just because I want to play where I want to play with the game that I bought, not adhere to inconvenient rules that are aimed at people other than me. It is a trivial step for someone less scrupulous to then give a copy to a friend in order to spare them the frustration, then it spreads like wildfire.

-1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0