### #13sweetRum  Members

Posted 24 September 2013 - 02:16 PM

when I finish implementing my licensing methods, would all of you try to crack it for me to see how secure my scheme is?

### #14ApochPiQ  Moderators

Posted 25 September 2013 - 01:10 PM

Of course not. That would be illegal.
Wielder of the Sacred Wands

### #15SimonForsman  Members

Posted 25 September 2013 - 01:35 PM

&nbsp;

Of course not. That would be illegal.

&nbsp;

That would depend on what jurisdiction you're in, (Allthough i can't think of any jurisdiction in which it is illegal when you have the copyrightholder and system owners permission)
I don't suffer from insanity, I'm enjoying every minute of it.
The voices in my head may not be real, but they have some good ideas!

### #16sweetRum  Members

Posted 25 September 2013 - 06:41 PM

Of course not. That would be illegal.

not necessarily if we do it under the spirit of development testing and I give you permission to test my security.

### #17sweetRum  Members

Posted 25 September 2013 - 06:44 PM

&nbsp;

Of course not. That would be illegal.

&nbsp;

That would depend on what jurisdiction you're in, (Allthough i can't think of any jurisdiction in which it is illegal when you have the copyrightholder and system owners permission)

indeed:)

### #18Ectara  Members

Posted 25 September 2013 - 10:44 PM

More importantly, sometimes DRM itself might be the reason why people don't want to buy your game.

This, and 100 times this. I own legitimate copies of excellent games, but I still run the cracked versions because of one important DRM technique of the time period: requiring the disc to be in the drive. My main computer is a laptop, and I am always on the go. I rarely sit in one place, and while I'm often seated in my living room, my PC games are upstairs, since they are rarely used. I simply do not want to carry the disc on me, when I have the harddrive space to hold the entire game. It isn't necessary, and it is cumbersome enough for me to buy the game and run the cracks that would allow me to not need the disc. First, carrying the discs sucks. Second, spinning up a CD drive is loud, and can be slower than just as easily reading from the harddrive. Third, having my optical drive spinning while I play drains my battery life and heats up my machine unnecessarily. Fourth, running the game from a removable drive is very useful if you move from machine to machine in a public area, like a school, so cracking it to do so is desirable.

These are all ways that local DRM frustrates me. I was very leery of always-online DRM when I started playing Phantasy Star Online 2, for one very big reason: I played Phantasy Star Online in the offline single player mode intermittently for many years! Dealing with the fact that if I wasn't connected to the Internet, I could not level my character was a tough hurdle, when I had been playing the game's predecessor for 10 years. However, I eventually accepted it as a necessary step (PSO was filled with hackers and cheaters).

So, let it be known that there is yet another type of customer: if you sell your game with DRM, and I buy it, I will still try to break it to remove the burden that was imposed upon me, despite me doing the right thing. I was very glad that the versions of Quake I, II, and III: Arena that I have for Linux install and ask that you copy the data from the legitimate Windows discs to the install directory, instead of requiring that the disc be in the drive like installing the Windows versions. I own the Ultimate Quake collection, so that is not the problem.

Edited by Ectara, 25 September 2013 - 10:47 PM.

Posted 26 September 2013 - 02:34 AM

Most DRM solutions are trivial to bypass and generate "valid" keys once folks get even a basic sampling of keys.

Any decent DRM system will use public key cryptography to make sure that the only practical way to generate valid keys is to have the private key.

Of course that doesn't stop someone hacking the code to remove the check or replace the public key, but at least it lets you easily and reliably identify pirates.

### #20BitMaster  Members

Posted 26 September 2013 - 04:35 AM

Most DRM solutions are trivial to bypass and generate "valid" keys once folks get even a basic sampling of keys.

Any decent DRM system will use public key cryptography to make sure that the only practical way to generate valid keys is to have the private key.

Of course that doesn't stop someone hacking the code to remove the check or replace the public key, but at least it lets you easily and reliably identify pirates.

I don't see how that is applicable. If you do not require online validation the program itself needs to validate the key and any decent hacker can extract whatever counts as the private key from the executable.
If you require online validation you don't need public/private keys, it's much simpler and safer in the long run to create completely random keys and store them in a database, together with whatever usage information accumulates.

Old topic!

Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.