Protecting your game against the hackers

How should I best spend my valuable time, money and man-power so as to keep those dastardly crackers at bay, and the money rolling in? There are so many commercial protection schemes out there; some cheap and some certainly not, but they all seem to be compromised… Is it really worth all that money? Or should I maybe set one of my most talented programmers on the task for a couple of weeks? At least that way, my security will be truly unique. All I know is that the more pirated copies of my game are made, the more of my revenue goes down the drain!

Stop! If this sounds familiar then I beg you to hear me out, even though you probably won’t like it. I’ve spent plenty of time reverse-engineering games in the company of the black-hats and I’ve seen the situation from both sides of the fence. Here’s your chance to learn from the mistakes of thousands before you and save some money in the process. At least, that goes for everybody to whom this next paragraph doesn’t apply.

If you’re writing a multiplayer client-server game and your interest is in keeping the hackers from ruining everyone else’s fun, then the solution is simple (although it needs to be understood from the beginning of development): Any code that can be taken advantage of must go on the server side. No matter how much time and intelligence you have, the hacker collective has more, and so sensitive code in the client application is a disaster waiting to happen. For example, if the client program is responsible for his own collision detection, then you are responsible when your paying customers complain about their enemies walking through walls. Once you’ve made sure that your design ensures the client can’t cheat, no matter what data it sends the server’s way, your job is done.

But for the rest of you, who are concerned about illicit copying, things are even simpler. Let’s suppose I am a software pirate, for a moment. Then here are some facts:

  • If I can run your program, then I can disassemble it. If I can disassemble it, then I can reverse-engineer it.
  • If your game isn’t worth hacking, I won’t try, and your efforts will go to waste.
  • If your game is worth hacking, then I will try to hack it, and given sufficient time and motivation I will succeed. At this point, your protection scheme is worth nothing. It only takes one successful hack, and the cat is out of the bag.
  • There are many hackers working on any popular commercial protection scheme at any moment, and once we’ve cracked one sample, the method extends with relative ease.
  • The more effective a protection is, the more popular it will become and the more attention it will get from us bad guys. Together with the last point, this places a limit on the value of any commercial protector.
  • It is very, very easy to slip up when writing such a system. All but the best-thought-out, most thoroughly-tested schemes (generally written by those with years of experience) boil down to a single conditional jump somewhere along the line. Once I find this Achilles’ heel, I win.

And here are some commonly upheld non-facts:

  • If somebody is prepared to steal your game, then they are prepared to buy it in the absence of a crack.
  • Protection schemes reliably keep a game safe from crackers long enough to ride out the majority of its public consumption.
  • Protection schemes reliably keep a game safe from crackers for at least a few days.

So both buying and home-brewing a protection are bad ideas? Not at all, they’re just not as good as they sound. A shop-bought PE-protector is an excellent investment if you deem its level of protection worth the value on the price-tag. But you’ll be investing in a false economy by fooling yourself into believing that this level of protection is anything more than ‘a week’s head-start from release’ or simply ‘keeping honest people honest’. And home-brewed protections are a very good idea, just keep them simple. If it’s going to be cracked anyway, then keep it as simple as possible. Why not restrict yourself to the five man-minutes it takes to check for the presence of your game’s CD?

  1. Enumerate the disc-drives on the system.
  2. Find the one that contains your game’s CD, by checking for a specifically-named file
  3. Check the file’s attributes, to make sure that it is read-only.

If something goes wrong at any point in this sequence, then you simply demand the user puts the CD in the drive, and loop. Now, even a half-witted hacker will circumvent this in minutes, but it’s enough to keep the layman in check, and that’s all you want.

Update: I hate CD-swapping as much as the next man, and so if you can bear it I’d recommend you avoid this too. The ideal solution is a server-based disposable serial database system, but most developers don’t have a server lying around to dedicate to this cause. If you do decide to use a CD-check, then at least be reasonable and disable it after a few days of successful use.

So now that you’ve saved yourself the hundreds or thousands of dollars you were about to give to Silicon Realms or Macrovision, you can afford to spend more on getting your game perfect, and that is what the consumer is happy to pay for. All that’s left is to price your game appropriately, and this means doing a little market research. Once we remove from the equation the user who pirates everything (the type you can do nothing about and should disregard), the situation is extremely simple:

If the user wants and can afford your game, then he’ll consider buying it.
If he has pirated it then he didn’t consider it worth paying for.

Posted: Monday, December 3rd, 2007, 9:00 am
Filed under: Game Programming.

« How I cracked the iTunes 7 DRM, Pt IV
Bypassing IsDebuggerPresent »

11 Responses to “Protecting your game against the hackers”

  1. Brian Says:
    December 5th, 2007 at 4:46 am

    Requiring a CD does not even slow down the layman, they can easily download a nocd crack made by someone else, or burn their own CD. There is no reliable way to protect a game without checking a serial number or CD key against a database(with enough encryption that the server’s reply cannot be spoofed). Requiring a CD in the drive will only serve to annoy people that purchased the game legally.

  2. Eric the Read Says:
    December 5th, 2007 at 7:18 am

    Depending on the game, some relatively inoffensive copy protection can, in fact, help. A friend of mine used to sell his stuff as shareware, and got about a 30% increase in conversions when he added a simple copy protection scheme (just input a simple license key, nothing fancy at all about it) after the trial period was over. That increase was enough to allow him to quit his day job and work at it full time.

    Not that you should believe a random guy on the internets, but I hope you can see it’s at least plausible.

  3. Bypassing IsDebuggerPresent » Ring3 Circus » Diary of a programmer, journal of a hacker. Says:
    December 5th, 2007 at 9:01 am

    […] About The Admiral « Protecting your game against the hackers […]

  4. kb Says:
    December 5th, 2007 at 9:11 am

    Sorry for being a bit off topic but here are some of my thoughts on shareware in general:

    My stance on copy-protection is that it will be broken (for example, the examples in the article aren’t really very good ways to protect anything, especially when you think it’s never the actual user who cracks the protection - he just downloads the crack) and you shouldn’t factor it in your income estimates at all. And I really don’t care for programs that have limitations, usually they even make proper trial of the program impossible.

    I’d say people will pay for your product only if it’s really worth the price. The cold, hard fact is that most products aren’t. More often than not, I just skip a shareware program and try to find a similar, free program even if the shareware program did exactly what it claims. The price just is much better on a free program, even if it had some little flaws. Make your product irreplaceable, that’s what I would say.

    Most people aren’t that savvy to actually look for cracks. An advantage is that people are slowly learning about viruses and whatnot so they could even be less eager to trust a not-so-official fix even if they found one. If you offer a working program for something like $5 (and it’s then instantly downloadable etc.), it’s probably worth paying the money so you don’t have to worry about malware. Don’t overprice your product, play on the fact people are lazy.

    Don’t forget that shareware started with only a suggestion to pay for the program. It played with the fact some people are honest and willing to accept the fact you have to pay for something you like. Obviously a honor system can’t protect the honest when it comes to high scores and so on but could be a good way to secure your income.

  5. Normal Gamer Says:
    December 6th, 2007 at 2:21 am

    Putting all calculations that can be exploited onto a server is not a practical suggestion for most modern games. There are too many calculations and not enough bandwidth to have a game like Crysis, BattleField 2142 or COD4 off load everything except essentially input processing and rendering to a server. Even if it is all on a server that doesn’t stop a see through wall hack. Why on earth don’t you think every MP game doesn’t just do everything server side already? What non-trivial modern game has not been hacked?

    I don’t have a problem with people challenging themselves to crack some form of protection; that’s fine. What I do have a problem with is people distributing a ready made hack .exe to every a-hole out there to try in order to make money off some banner ads. If only the people who have the knowledge to make these cracks themselves used them, you wouldn’t hear a peep out of me about it.

    BUT…

    Why distribute these hack .exe’s? No-CD cracks are one thing but, what’s the in point in creating/distributing aim-bots and invincibility hacks for a multiplayer game?

    Are the banner profits from these sites really worth ruining it? When you used to hack games you didn’t have a problem w/ blowing the fun for everyone just because you could for a couple of bucks?

  6. Pirater Says:
    December 6th, 2007 at 5:14 am

    I pirate everything.

    The reason people who crack stuff share it is not because of money. The people who distribute the cracks want money. The crackers do stuff for beliefs, ideals they hold. They believe in freeware. Open-sharing. Freedom of information.

    What you believe is irrelevant, they act on their beliefs the same way you do. Different beliefs, different actions.

  7. Helge Says:
    December 6th, 2007 at 11:20 am

    Please, please stop advocating the “put the CD in the tray” method of copy prevention.

    I have played games since the eighties, and am so utterly sick of replacing the CD/DVD everytime I want to fire up a quick game. When I buy a game I usually never bother take it out of the box; I just download a cracked copy instead.

    A CD/DVD is a horribly cumbersome dongle. Ship a small USB dongle with the game instead! In has at least the same amount of security as a CD/DVD, and I can just shove every little one of them into my USB hub and never worry about them again.

  8. Greg Says:
    December 6th, 2007 at 12:17 pm

    I didn’t expect this to be so popular. The discussion’s great though - lots of good points.

    Brian: By ‘layman’, I meant the casual copyer who has never heard of a crack. The remainder, who are able to search for a crack are already lost-causes.

    Eric: This was exactly my point, although I admittedly chose a very poor example. Copy-protection is effective, but a complex one offers very little over a simple one.

    Normal Gamer: Indeed, it isn’t necessarily feasible to put such a load on the server, and perhaps it was misleading to suggest that this is the ’simple’ solution to a difficult problem. But a fact of the matter is that giving the client responsibility and then painting over the cracks with an anti-hack system gives a false sense of security and will invariably end in tears. Nevertheless, I agree with everything you said.

    Pirater: This is true for many of the crackers, but after sharing company with many of the big cracking groups, I was surprised how many people engage in this kind of illicit activity just for the sake of reputation, excitement and tradition. Many crackers don’t care for freedom-of-information at all, but care even less for social responsibility. Money is a big issue in software piracy, but this seems to apply less for games so we’ll leave that discussion for another time.

    Helge: You’re quite right about CD-checks being a pain, and I’m not sure why I encouraged it in the first place. But I don’t see dongles being much of an improvement, as my USB real-estate is just as valuable as that of my CD drives.

  9. Maximus Says:
    December 10th, 2007 at 8:28 pm

    Well… a not-teenager cracker will buy any software worth its price. Even if they have the pirated version in their HD (IDA? C++ Compiler?).
    Regardless, nice work Admiral!
    I hope to see more about your inter-process details, and what you did learn about.

    Regards,
    Maximus

    Btw are you sure you wish to enter the DX madness? Save yourself, switch to OpenGL until you can ;-)

  10. Stalker Says:
    December 18th, 2007 at 6:35 am

    The last two sentences are completely off base. I try everything before I buy it. If the game is worth the money I would have paid in the first place, I’ll pay the original price for a real copy of it.

    It’s people saying stuff like that that keep the companies in a constant mindstate of overprotectiveness.

  11. Greg Says:
    December 18th, 2007 at 12:22 pm

    Stalker. Your view is entirely consistent with my proclamation. Notice that the closing statement is qualified by the preceding paragraph: you fall into this category of individuals who pirate everything, yet even still you buy software when you deem it good value.

Leave a Reply