During the time of the Soviet Union, it was an urban legend that during supply shortages, Soviet factories would have no real work, but workers needed to keep up the appearance of working, so they would have one line of workers continuously assembling devices, feeding into another line that would continuously disassemble them, all in a loop where nothing gets produced.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
That assembly line workers are constantly being kept fresh on their skills and processes. If you can't get some component for 3 months, new units can almost immediately be pushed out of the factory when the component does arrive. If you bring on new workers, you train them on the disassembly process first and then move them onto the assembly line once they understand the construction.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
The “keep up the appearance of working” story feels like a misleading comparison to me, because the motivations are pretty much reversed. In the hypothetical factory, there's an external social element requiring the appearance of working, some observer to whom it looks good that this is happening: the way I read it, the assemblers and disassemblers may well be cooperating with each other to produce that appearance, so that the absurdity is visible from within (though they could also just be unaware of each other's assigned tasks). In the case of anti-copying technologies, game publishers trying to guard their revenue stream, and other groups trying to distribute or play unauthorized copies, are adversaries whose tactics create relative losses for each other that can bleed into the surrounding society: seems bad that it impacts other users / risks jobs and livelihood / is various forms of unfair (depending on one's moral feelings around which actions are ‘justified’), but their individual actions are incentive-aligned from within the conflict.
DRM authors and implementors know it doesnt work. The decision is made by people in suits based on traditional business culture that doesnt fit the digital world. The same people making denuvo are also the ones breaking it.
> they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
I've heard that story (or a similar one) about Boeing on a cost-plus contract in the War; one group of employees would dump screws together, and the night shift would sort them apart.
Denuvo is there to prevent piracy within the first 90 days of release. Something like 60 to 80% of a game’s revenue is during that period. They don’t care that it’s eventually cracked, and they absolutely do not care about performance.
Not strictly after 90 days, but Denuvo is usually removed after the peak sales period for a game. It's really at a publisher's discretion when to remove it, as the sales model for Denuvo is that you have to continue paying for it on a subscription basis to keep it active.
Having the game wishlisted is a signal of players waiting for a sale, or future patches/correction, or simply not bothering to cleanup wishlist, not a signal of someone is eager to pirate the game.
It can, but that seems to be more related to poor implementations by the game devs, and not inherent to it. There are plenty of examples of games with Denuvo that still run fine (give or take your opinion on whether the presence of DRM is inherently "impacted performance").
More modern version: No you are holding your iPhone wrong, it is not a design fault that makes a ground loop in the antenna if you hold two metal surfaces with your hands.
The games run terribly on release because they have Denuvo, and then when the sales volume no longer justifies the licensing costs of Denuvo, the devs strip it out and sell it to the players in patch notes as "optimizing performance."
Someone else mentioned GTA getting more aggressive copy protection out of nowhere. It's not out of nowhere. With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection.
Denuvo has layers upon layers of obfuscation that inflates nearly every instruction and function call, extra code execution that does nothing to throw off someone trying to follow code execution paths, and constant moving around where the game stores stuff in memory, again, to throw someone off watching via debugger.
It's pathetic because one company has been almost entirely responsible for people needing to buy faster and faster CPUs and GPUs trying to eek out more and more performance. CPUs, GPUs, memory - all of it has gotten enormously faster, we have more cores, etc. Despite all that, every new game barely runs at 60fps.
Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
> Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
If you strictly want to blame Denuvo then that assumes game developers cannot think of a way to spend their extra performance either. Which is obviously not the case.
False. There's lots of side-by-side recordings of Denuvo and non-Denuvo versions of games on YouTube clearly showing that Denuvo does impact performance.
CPU cache space for code is much smaller than GPU memory for models (and the former is more important for performance since many CPU operations like pipeline parallelism are latency bound, not compute bound).
>This. Why spend extra on x3d cpu when you can have a reasonable game size (not that it has large enough cache anyway)
Because game(SW) devs/publishers don't care about spending money to optimize for reasonable size, and the enthusiast gamers want to play the game either way and will gladly fork out the cash for the HW to play it, if anything for the bragging rights.
Remember "will it run Crysis?" vintage 2007? Yeah, enthusiasts will be enthusiasts.
I'm a fan of the free market here. Badly optimized games will hurt their sales and force the studios to change or go bust, if the market decides so.
I've had to take a moral stance and move to just playing games on Gog that I can buy and own the files for. No I can't play the latest and greatest but it's not the end of the world as I've so many classics to still play and enjoy. I can't support lockdown and DRM anymore. If I buy I want to own, otherwise I've not bought. It is true, if buying isn't owning, then piracy isn't stealing.
Right where I've landed as well. I just won't buy titles with Denuvo DRM, ever, no matter how much I want the game.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
I'm willing to buy on Steam, however not with intrusive DRM. Nor with 3rd party store requirements (like EA games on Steam).
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
You can archive the installed files from Steam though. An example is the pixel art program Aseprite. The devs said just to copy the binary out of the Steam folder and place it elsewhere if you wish.
It will if it's DRM-free. The login check is an optional call that the developer has to intentionally use. Usually if you're a small developer releasing a DRM-free game you'd make your game degrade gracefully if Steamworks doesn't work, so you can publish the same builds on Steam and on any other store.
If you really want an installer, just pack the files into a self extracting archive. But IMO the loose files are easier to work with than an installer.
Or are you misunderstanding the fact that you can just copy/back up the Steam game and play it anywhere. That's why I say many people have that misconception about Steam games
While Valve isn't the worst company when you buy on GoG you support a company dedicated to keeping things DRM free and preserving older games. Plus fight the Steam monopoly.
Likewise, I will not even consider paying for games (or music) that don't have an unencumbered download option. If the game is open source I will usually buy it without even thinking very hard about whether I'll play it.
Denuvo is owned by Irdeto, a digital rights management company in a broad sense. They not only do software and hardware DRM, but also work as a watchdog for movie and music companies to claim DMCA violations for BitTorrent, among all other stuff.
Why are they bullshit when piracy is a huge problem on the PC? There is a reason why AAA titles that are not multiplayer and subscription based lost developer mindshare.
For a long time now I've found it weird that people who like single player games on PC (and to a lesser extent older consoles which had piracy enabling mods) didn't acknowledge the long game consequences of their actions, or at least were willfully ignorant to them because everyone loves getting something for free. It seems to be a variation on Goodhart's law - you get what you reward - if the reward for a company (big or small) in spending lots of time and money isn't as good as other options, those other options will get more investment in the future and the ones you do like will get less.
The other option I can see for the large companies is that any project involving tens or hundreds of millions of dollars is likely to be insured, and a condition of that insurance is they take all reasonable options available to get the most success out of it that they can. If they don't they need to reduce the risk which probably means less resources allocated which again may not be interesting to the companies capable of making grand experiences versus other options.
> For a long time now I've found it weird that people who like single player games on PC (and to a lesser extent older consoles which had piracy enabling mods) didn't acknowledge the long game consequences of their actions
Isn't historically piracy positive for sales [1]?
That said, I'm pretty sure the real issue is that single / local coop games are just not appealing and so they get weaker sales. Like wtf was with Pikmen 2 not letting player 2 control louie? And then when local games start to sell poorly they get divestment but I'm pretty sure it was just lousey games and not piracy.
> Isn't historically piracy positive for sales [1]?
That would mean that game developers pay license fees for anti-piracy solutions because they are completely economically illiterate. Is this really the most likely scenario or is it perhaps the one you’d like to believe the most?
> Is this really the most likely scenario or is it perhaps the one you’d like to believe the most?
You mean the companies that have an unnecessary 5 min file load wait in GTA5 are also the same companies that insert the same files into a binary multiple times to speed up load times by having sequential reads for all art assets?
I like how condescending the tone is in this post about how data can’t be right if it doesn’t really line up with somebody’s sort of general feelings about how smart game developers are, especially given that it’s usually publishers that make the call about things like Denuvo, not the developers.
>Isn't historically piracy positive for sales [1]?
if it was for the companies who use Denuvo and it added negative value then Denuvo wouldn't exist as a business and game publishers would happily post their games to pirate sites themselves.
The level of copium involved in piracy debates is always a sight to behold. I'm no saint, I've pirated stuff too but I did so because I was cheap, not because I'm doing the company a favor. That's a level of rationalization you expect from a drug addict
> if it was for the companies who use Denuvo and it added negative value then Denuvo wouldn't exist as a business and game publishers would happily post their games to pirate sites themselves.
Efficient market fallacy strikes again.
No, is is absolutely possible that use of Denuvo results in a net loss and it is still used. Executives don't always behave rational and it is not like you can AB Test that thing or even easily measure its impact.
How are the game companies supposed to determine that it adds negative value? Speak to the alternative universe where the same game wasn't bundled with it?
>How are the game companies supposed to determine that it adds negative value?
Look at their own/industry data of comparable games that have been published with or without protection. I worked in the game industry, for AAA studios it's a no brainer. Denuvo for a big title that sells millions of copies runs about high six or low seven figures in costs, so about 1-3% of the budget, whereas preventing piracy in the first 12 weeks meant something like a 10-20% increase (tens of millions) in sales.
The use of Denuvo has nothing to do with whether piracy hurts sales, only whether executives think piracy hurts sales. As we just saw, actual research on this topic has been suppressed because the results were wrongthink.
>if it was for the companies who use Denuvo and it added negative value then Denuvo wouldn't exist as a business and game publishers
If everyone colludes, then the game publishers wouldn't need to suffer for including Denuvo. And the nature of the collusion doesn't require some literal conspiracy, it just requires that the personalities at the top of the pyramids (of which there are but a few) are assholes who have an ideological bent. We are all aware of the type: they would spend themselves into the poorhouse making certain no one can "steal" from them, and what they consider theirs isn't entirely congruent with what the law says.
>The level of copium involved in piracy debates is always a sight to behold. I'm no saint, I've pirated stuff too b
I've never pirated anything. I don't hijack ships at sea. I have infringed copyright, but when copyright laws are bought and paid for my lobbyist slush funds, I don't feel any reason to give a shit about those laws. They were only ever utilitarian anyway, not some moral principle, and right now they're not even utilitarian.
It’s hard to see from a US/Euro salary perspective, where not spending $60 is a moral decision, but you can start seeing how someone in a 300/mo salary country doesn’t think “I’ll save a bit and buy it” and instead thinks “I’ll never be able to afford this and this studio made millions anyway” and just pirate it. I’m not that articulate with my words but I hope you get what I’m trying to say.
I think you're saying that piracy is often a no money issue, and you're not wrong.
Somehow I managed to build up a library of Steam games, $1-5 at a time. At that price I am willing to take my risks with possible inconveniences due to DRM and instead consider the convenience of being able to log into Steam anywhere and access my game library.
And though I am loath to admit it, I think "free to play" has shown that it can compete with piracy, though often by including dark patterns and slot machine mechanics to drive monetization.
It's also worth considering how much time you actually play the game. Mario Kart 8 delivered (for me at least) hundreds of hours of fun (often local multiplayer) gaming. If there's a game in that category, it can be worth saving up for (but the console itself can also be expensive.)
> For a long time now I've found it weird that people who like single player games on PC (and to a lesser extent older consoles which had piracy enabling mods) didn't acknowledge the long game consequences of their actions, or at least were willfully ignorant to them because everyone loves getting something for free
Why are you equating people who like single player games to pirates? Are you suggesting devs who made single player games were caving under some kind of market pressure that was ultimately unhealthy for them?
The difference in global, high-speed internet access between Quake and Fortnite is huge. I think that explains why live service games are a recent thing more than piracy. That, and Valve set the blueprint for gambling and loot boxes with TF2.
Regardless, I think the jury is out on Live Service games being "safer" to make. There's certainly a lot of people chasing what Fortnite has, but there's a lot of graves and layoffs. It seems like the single player studios are shutting down less because they were unprofitable, and more because building a sustainable business on selling good products doesn't sound good to investors trying to make an exit.
This looks weird in the context, because the grandparent comment's argument was purely interest-based? You probably mean there's a propensity for tragedy of the commons.
Regardless I'd argue gaming may be the one media category left (after the recent decade's value decline) where piracy remains to seem like more hassle than buying a copy^W license. I would also guess it is more concentrated on a few popular titles compared to music or films. Nowadays I hear more of people collecting games on Steam, to never play them, than of legitimate pirates.
Really? This single issue, and nothing else, convinced you that most people have zero moral convictions? Doesn't take much for you to draw a wrong, blanket conclusion now does it?
Then again I see in your comment below [1] (for the reference "Brown hands typed these words." in response to someone discussing a situation in India) what kind of "moral" convictions you have.
A lot of recessive genes will sadly do that to you buddy. You can't argue your way out of a wet paper bag but at least you can stay in there and argue about its color.
Greenheart Games famously released a "cracked" version of their own game (Game Dev Tycoon) onto torrent sites on launch day. In this version, the player's in-game studio eventually goes bankrupt because "pirates" steal their games.
The Data: Within 24 hours, 93.6% of players were playing the pirated version.
The Consequence: The developer's blog post highlighted the irony of pirates posting on forums complaining that the "in-game piracy" was unfair and "ruining" their fun. The experiment proved that even at a low price point ($8), a massive majority of the PC audience will choose "free" regardless of the developer's size or struggle.
Sure it can be zero. It can even be negative. As larger player numbers, including piracy, are a natural form of marketing. That means it's not hard to see this additional marketing could lead to larger sales figures compared to if piracy was not possible.
One reason anti piracy companies make a living is because companies that buy it see concrete increases in revenue as a result. It may not be every pirate who converts to a customer but DRM solutions are priced to be below the expected additional revenue. And it's not always cheap.
Do you have any data to support that? I'd actually be really interested to see. There are a lot of weird ass games with Denuvo (like Handball 17, Bus Simulator 18) I think at least sometimes paying a big DRM subscriptions is part of a money laundering scheme.
Don't have public data, but industry contacts confirmed to me in private on multiple occasions that DRM increased sales. One really old example was a copy protected expansion pack selling much better than the unprotected base game that is required.
Only anecdata which I'm not allowed to publicize. All I'll say is that places that use this stuff are often operating at low margins and if they didn't see benefits they wouldn't pay for it.
> The experiment proved that even at a low price point ($8), a massive majority of the PC audience will choose "free" regardless of the developer's size or struggle.
Several points:
* A pirate can pirate infinity +1 games for free, that will skew any statistic compared to legitimiate buyers that have to manage a finite budget. It also means that you aren't looking at 93% lost sales.
* It wasn't a new indy game, but a port of an existing mobile game, so I wouldn't be surprised if legitimate buyers weren't in a rush to get their hands on it on day one. The steam statistics from the first month mention a peak concurrent player count of over 7000 so it certainly didn't stay at 200 copies.
I basically just Hoover up every new game on the pirate sites once a week. I spend thousands a year on video games. I own a 5090. I’m kind of obsessed.
Unhinged take I checked that was 2013 and the game cost almost as much as you you would pay in a month's rent in India in small towns.
Most pirates aren't people who could pay for this stuff. This is utterly meaningless.
So much in fact I don't even want to link counter examples to it.
No/very few paying user pirates even single player games these days if they can afford it as a luxury please understand that.
I would likemy regular updates bug fixes patches and new feaures ASAP. And on sale at 8$ for a game is less than 0.01% of my income so sure.
But if it costs 800 USD I will get it for free because I am literally too poor for it.
Anyone who thinks otherwise is beyond deluded.
Instead of denuvo you can use simple steam drm, non trivial to pirate for small games cracks will take days or weeks to appear and updates won't be available instantly.
It's safe simple and easy. And doesn't hurt any one.
Denuvo is just invasive bullcrap that deluded people think helps anyone.
Steam DRM is trivial to the point where you may as well not use it and just release on GOG. Until the one actual cracker in combination with the hypervisor guys showed up a few months ago Denuvo had been unassailable for years.
Thats playing with statistics and you know it. Why such game?
If they would release only the paid game, there wouldn't be 93% + 7% of the gamers playing, far from it.
Cost is almost irrelevant to pirates, either its free or its not, like it or not. There is mix of folks who do it for the lulz, some do it to have higher performance gaming without denuvo taking resources and computing power, and some are outright poor. Even 8-usd-is-too-much poor.
I've lived like that. Don't judge too easily. Don't do stupid mistakes and count those as otherwise-paying-gamers. Thats PR for denuvo and similar, not a fair discussion.
SecuROM back in the day caused plenty of legitimately purchased copies to not work. You'd have a physical disc with the game on it from the store, and SecuROM decided it won't work on your computer for unknown, undebugable reasons. .
Piracy may be a problem, but that's a problem to customer who were willing to give a company money. We stopped buying anything with SecuROM on it after 1-2 of those situations.
It's fairly well demonstrated that piracy is a service problem. For example, many people will pay hundreds of dollars for a game on Steam rather than play it for free on Epic (Rocket League). So clearly the free price point is not the problem
To some extent. But in the first month where the game is $100 and the pirate version is free, there are plenty of people willing to pirate even if it’s inconvenient.
IMO drm is understandable at the games release, but it should be removed after the initial period.
Ah, yes, a problem so huge it killed the industry… wait.
This is the same thing with music / cinema piracy : it’s a mix of "pirates will always pirate" (whatever the reason, be it financial issues or not), and anti-piracy solutions always hitting legitimate customers first.
People want convenience first and foremost. Piracy being a « massive issue is a lie defended by lobbies.
Case in point, I have a legit copy of a EA game I cannot play legitimately anymore, because SafeDisc relies on a vulnerable Windows driver (basically a free rootkit) that was blacklisted by MS.
See also the other comment mentioning SecuROM that basically killed SPORE on launch.
I don't think piracy has much to do with it. AAA (of even AA) single player games sell really well. Just not well enough to be the equivalent of a money-printing machine like Fortnite. Spiderman 2 sold something like 17 million copies between PC and PS5. Still nothing compared to the $30+ billion in revenue that Fortnite has generated so far. So everyone is chasing that Fortnite $$$.
It's impossible to know which Steam games are DRM-free since Steam games without DRM are not marked in the store. They have to all be assumed to have DRM.
Well, all Steam games have Steam DRM? The Steam store will tell you if there is additional DRM on top of Steam, at least it has in the past.
To the parents question, it is better to use GOG if you care about DRM.
Sometimes the Steam version is qualitatively better because the publisher/dev has supported the Steam version with more updates. Often the updates do turn up on GOG, but it's possible there is a delay.
Wonder what will be the consequences of this. I dislike Denuvo for the performance and stability penalties it gives games, but I do wonder if the "security" it gave publishers wasn't a big part of the reason why we've been getting more and more big name games on PC.
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
Denuvo’s market is ‘first 90 days’ revenue protection, not lifelong revenue protection. Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes. If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account, they’d have a way to stop using it altogether.
>Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account
This is not true at all as evidenced by the fact that most games do not get Denuvo removed once they are cracked. And the companies that DO remove denuvo only do so after several years because of licensing costs as denuvo transitioned to a SaaS model.
I feel like the "first 90 days" is just because games no longer include a demo, so they force players to commit to a purchase before a wide consensus forms. A lot of people pirate simply to try the game out. Most people who can afford the game would then purchase the game if it were good.
I have not read a study on this but I suspect the percentage of people who would buy a genuine copy of a game they already have pirated would be something like 3-5%
Untrue, where are all the after-90-days-hacked AAA games? Nowhere, denuvo lives on as long as publisher is willing to pay continuous licence, which is usually years.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
I honestly doubt it will make much of a difference.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
Run anti-cheat server-side. Give us private servers again. There's no reason we should have to put up with client-side rootkits written by non-kernel-devs to play a game.
Cheating is a social issue, not a technical one. Communities are the solution.
Private servers are a nice way to do this and do still exist in places. My favorite online game uses them along with server side anti-cheat and while cheating occasionally happens, it has never been an ongoing issue. I've maybe seen a cheater once or twice in all my many hours playing the game over 10 years (elite dangerous, in case you were curious).
Community servers don't want server-side anti-cheat either. Hell they invented client-side anti-cheats back in the day. Even current day community servers like Face-IT have additional anti-cheats, not less. Same with modded GTAV FiveM (even before the main game added anti-cheats)
One has experience writing secure, stable code for drivers, memory management, etc that is subject to broad review by other experienced devs. The other is looking at those things adversarially and pushes out whatever they think is good enough. Crowdstrike served as a useful reminder for who should be allowed in kernel space, and video game anti-cheat has far less justification to be there.
It's not possible, technically, to run effective anti-cheat server-side. Clients need precise enemy location data for things like sound effects. The server can't tell if the client is using the data for unfair purposes or not.
This. There are a lot of online games I loved playing but the cheating got so bad it made it impossible to play. MW1, MW2, Battlefield, CS, etc... you could see the wallhacks and aimbots taking over every lobby. I eventually stopped playing. I tried using Consoles for online gaming after that but never really got into using joysticks.... still prefer mouse and keyboard. Now I play limited games where the cheating isn't quite that rampant.
Im not a big gamer, but playing GTA Online, and getting taken out as soon as you spawn. Or items just spawning in front of you, like ramps. REALLY ruins the experience
Do the cracks still need you to disable Hyper-V (which leads to disabling WSL and whatever else)?
In addition, I’m not sure why they’re enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
Interesting to finally see some action from the mouse again. Was kinda sad to see that Denuvo embodies all the worst of DRM but was so thoroughly metastasized that it was nearly inoperable and they had effectively "won".
Info from veeery long ago because I have been out of this stuff for over a decade:
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.
The main difference that Denuvo does nothing to improve the experience of the end user.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
There is a user argument for anti cheat as a user = less cheater.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
Kernel level anti-cheat also doesn't introduce a giant performance penalty like Denuvo-style DRM. People just want to play their games without it still stuttering on top of the line hardware.
Anticheats will still have obfuscated code for obvious reasons (they don’t want to be reversed). Not sure they don’t induce some performance drop too - though maybe smaller compared to bad Denuvo implementation.
Pretty strong to say there's no argument. I don't agree with it, but I imagine people would say reducing piracy leads to more money for the studio, which means more resources that can be put toward the game. Lots of people believe that, and we don't have a lot of data on opportunity costs for games including Denuvo.
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
Yeah, the headline is sensational and the body of the article doesn't do enough to distinguish between the bypass and a real crack. They only resemble one another only in the most shortsighted of ways.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
Wow. Great. Congratulations. Achievement earned. You've persisted so long.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from π-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
Fyi, most of them have not been cracked, but bypassed using a hypervisor that operates in ring-1, so it is certainly a security risk..
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game."
At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
Running Windows is a massive risk cus its made by Microsoft and it has ring 0 access to your system. I personally trust a cracker in good standing far more that I would any corp.
Untrue, cracking software necessitates _removing_ the protection from the executable completely. Whereas with a bypass, Denuvo is still running on your computer, albeit ineffectually.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
Ehhh, afaik thats not the case in the community. These hypervisor bypasses are considered a different category. Like look at any scene page, they will 100% say Hypervisor or HV for these.
Once again I'm at odds with TH reporting. Of course you can spoof a server. That happens all the time, especially with videogames. You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
> You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
It’s trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Don’t think the Denuvo devs would be stupid enough to provide a “return true” request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but that’s much harder.
Cryptography goes BRRRRR, with a proper implementation of cryptography you'd need to do things like patch out the keys in memory in order to "spoof" messages.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
Ah, so Denuvo is always removed after ~90 days after release, as there is no point for them to keep it there?
The stopper is of course denuvo, which they keep renewing the license of, for no good reason.
One could blame the user for not "just" holding it right. Or alternatively reconsider if the handle should have a grippy coating instead.
Someone else mentioned GTA getting more aggressive copy protection out of nowhere. It's not out of nowhere. With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection.
Denuvo has layers upon layers of obfuscation that inflates nearly every instruction and function call, extra code execution that does nothing to throw off someone trying to follow code execution paths, and constant moving around where the game stores stuff in memory, again, to throw someone off watching via debugger.
It's pathetic because one company has been almost entirely responsible for people needing to buy faster and faster CPUs and GPUs trying to eek out more and more performance. CPUs, GPUs, memory - all of it has gotten enormously faster, we have more cores, etc. Despite all that, every new game barely runs at 60fps.
Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
If you strictly want to blame Denuvo then that assumes game developers cannot think of a way to spend their extra performance either. Which is obviously not the case.
Because game(SW) devs/publishers don't care about spending money to optimize for reasonable size, and the enthusiast gamers want to play the game either way and will gladly fork out the cash for the HW to play it, if anything for the bragging rights.
Remember "will it run Crysis?" vintage 2007? Yeah, enthusiasts will be enthusiasts.
I'm a fan of the free market here. Badly optimized games will hurt their sales and force the studios to change or go bust, if the market decides so.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
Or are you misunderstanding the fact that you can just copy/back up the Steam game and play it anywhere. That's why I say many people have that misconception about Steam games
If you want a fancy launcher, there's always Heroic.
The other option I can see for the large companies is that any project involving tens or hundreds of millions of dollars is likely to be insured, and a condition of that insurance is they take all reasonable options available to get the most success out of it that they can. If they don't they need to reduce the risk which probably means less resources allocated which again may not be interesting to the companies capable of making grand experiences versus other options.
Isn't historically piracy positive for sales [1]?
That said, I'm pretty sure the real issue is that single / local coop games are just not appealing and so they get weaker sales. Like wtf was with Pikmen 2 not letting player 2 control louie? And then when local games start to sell poorly they get divestment but I'm pretty sure it was just lousey games and not piracy.
[1]: https://www.engadget.com/2017-09-22-eu-suppressed-study-pira...
That would mean that game developers pay license fees for anti-piracy solutions because they are completely economically illiterate. Is this really the most likely scenario or is it perhaps the one you’d like to believe the most?
You mean the companies that have an unnecessary 5 min file load wait in GTA5 are also the same companies that insert the same files into a binary multiple times to speed up load times by having sequential reads for all art assets?
The world is irrational.
if it was for the companies who use Denuvo and it added negative value then Denuvo wouldn't exist as a business and game publishers would happily post their games to pirate sites themselves.
The level of copium involved in piracy debates is always a sight to behold. I'm no saint, I've pirated stuff too but I did so because I was cheap, not because I'm doing the company a favor. That's a level of rationalization you expect from a drug addict
Efficient market fallacy strikes again.
No, is is absolutely possible that use of Denuvo results in a net loss and it is still used. Executives don't always behave rational and it is not like you can AB Test that thing or even easily measure its impact.
Look at their own/industry data of comparable games that have been published with or without protection. I worked in the game industry, for AAA studios it's a no brainer. Denuvo for a big title that sells millions of copies runs about high six or low seven figures in costs, so about 1-3% of the budget, whereas preventing piracy in the first 12 weeks meant something like a 10-20% increase (tens of millions) in sales.
If everyone colludes, then the game publishers wouldn't need to suffer for including Denuvo. And the nature of the collusion doesn't require some literal conspiracy, it just requires that the personalities at the top of the pyramids (of which there are but a few) are assholes who have an ideological bent. We are all aware of the type: they would spend themselves into the poorhouse making certain no one can "steal" from them, and what they consider theirs isn't entirely congruent with what the law says.
>The level of copium involved in piracy debates is always a sight to behold. I'm no saint, I've pirated stuff too b
I've never pirated anything. I don't hijack ships at sea. I have infringed copyright, but when copyright laws are bought and paid for my lobbyist slush funds, I don't feel any reason to give a shit about those laws. They were only ever utilitarian anyway, not some moral principle, and right now they're not even utilitarian.
Somehow I managed to build up a library of Steam games, $1-5 at a time. At that price I am willing to take my risks with possible inconveniences due to DRM and instead consider the convenience of being able to log into Steam anywhere and access my game library.
And though I am loath to admit it, I think "free to play" has shown that it can compete with piracy, though often by including dark patterns and slot machine mechanics to drive monetization.
It's also worth considering how much time you actually play the game. Mario Kart 8 delivered (for me at least) hundreds of hours of fun (often local multiplayer) gaming. If there's a game in that category, it can be worth saving up for (but the console itself can also be expensive.)
Why are you equating people who like single player games to pirates? Are you suggesting devs who made single player games were caving under some kind of market pressure that was ultimately unhealthy for them?
The difference in global, high-speed internet access between Quake and Fortnite is huge. I think that explains why live service games are a recent thing more than piracy. That, and Valve set the blueprint for gambling and loot boxes with TF2.
Regardless, I think the jury is out on Live Service games being "safer" to make. There's certainly a lot of people chasing what Fortnite has, but there's a lot of graves and layoffs. It seems like the single player studios are shutting down less because they were unprofitable, and more because building a sustainable business on selling good products doesn't sound good to investors trying to make an exit.
Regardless I'd argue gaming may be the one media category left (after the recent decade's value decline) where piracy remains to seem like more hassle than buying a copy^W license. I would also guess it is more concentrated on a few popular titles compared to music or films. Nowadays I hear more of people collecting games on Steam, to never play them, than of legitimate pirates.
> Brown hands typed these words.
[1] https://news.ycombinator.com/item?id=48001160
Then again I see in your comment below [1] (for the reference "Brown hands typed these words." in response to someone discussing a situation in India) what kind of "moral" convictions you have.
A lot of recessive genes will sadly do that to you buddy. You can't argue your way out of a wet paper bag but at least you can stay in there and argue about its color.
[1] https://news.ycombinator.com/item?id=48001160
Greenheart Games famously released a "cracked" version of their own game (Game Dev Tycoon) onto torrent sites on launch day. In this version, the player's in-game studio eventually goes bankrupt because "pirates" steal their games.
The Data: Within 24 hours, 93.6% of players were playing the pirated version.
The Consequence: The developer's blog post highlighted the irony of pirates posting on forums complaining that the "in-game piracy" was unfair and "ruining" their fun. The experiment proved that even at a low price point ($8), a massive majority of the PC audience will choose "free" regardless of the developer's size or struggle.
https://web.archive.org/web/20161118042043/http://arstechnic...
https://web.archive.org/web/20131214165241/http://aussie-gam...
P.S.: It bears repeating that the game cost only 8 dollars.
Someone playing/watching/listening to something for free doesn't mean they would still do it if they had to pay for it.
(https://arstechnica.com/gaming/2017/09/eu-study-finds-piracy...)
It doesn't provide data suggesting that piracy doesn't hurt sales. It literally doesn't provide any data at all.
Several points:
* A pirate can pirate infinity +1 games for free, that will skew any statistic compared to legitimiate buyers that have to manage a finite budget. It also means that you aren't looking at 93% lost sales.
* It wasn't a new indy game, but a port of an existing mobile game, so I wouldn't be surprised if legitimate buyers weren't in a rush to get their hands on it on day one. The steam statistics from the first month mention a peak concurrent player count of over 7000 so it certainly didn't stay at 200 copies.
Most pirates aren't people who could pay for this stuff. This is utterly meaningless.
So much in fact I don't even want to link counter examples to it.
No/very few paying user pirates even single player games these days if they can afford it as a luxury please understand that.
I would likemy regular updates bug fixes patches and new feaures ASAP. And on sale at 8$ for a game is less than 0.01% of my income so sure.
But if it costs 800 USD I will get it for free because I am literally too poor for it.
Anyone who thinks otherwise is beyond deluded.
Instead of denuvo you can use simple steam drm, non trivial to pirate for small games cracks will take days or weeks to appear and updates won't be available instantly.
It's safe simple and easy. And doesn't hurt any one.
Denuvo is just invasive bullcrap that deluded people think helps anyone.
Steam DRM is trivial to the point where you may as well not use it and just release on GOG. Until the one actual cracker in combination with the hypervisor guys showed up a few months ago Denuvo had been unassailable for years.
It's not as trivial to crack for a relatively non invasive and easy to enable feature.
Denuvo is hardly uncrackable there's a big reason Rockstar went to their own anti piracy tools.
Seeing unhinged takes about Denuvo shilling on HN is nutz. Honestly well what I would expect from folks here.
If they would release only the paid game, there wouldn't be 93% + 7% of the gamers playing, far from it.
Cost is almost irrelevant to pirates, either its free or its not, like it or not. There is mix of folks who do it for the lulz, some do it to have higher performance gaming without denuvo taking resources and computing power, and some are outright poor. Even 8-usd-is-too-much poor.
I've lived like that. Don't judge too easily. Don't do stupid mistakes and count those as otherwise-paying-gamers. Thats PR for denuvo and similar, not a fair discussion.
Piracy may be a problem, but that's a problem to customer who were willing to give a company money. We stopped buying anything with SecuROM on it after 1-2 of those situations.
IMO drm is understandable at the games release, but it should be removed after the initial period.
This is the same thing with music / cinema piracy : it’s a mix of "pirates will always pirate" (whatever the reason, be it financial issues or not), and anti-piracy solutions always hitting legitimate customers first.
People want convenience first and foremost. Piracy being a « massive issue is a lie defended by lobbies.
Case in point, I have a legit copy of a EA game I cannot play legitimately anymore, because SafeDisc relies on a vulnerable Windows driver (basically a free rootkit) that was blacklisted by MS. See also the other comment mentioning SecuROM that basically killed SPORE on launch.
Mad Max Middle-earth: Shadow of War Deus Ex: Mankind Divided Yakuza: Like a Dragon
Recent example: https://store.steampowered.com/app/3357650/PRAGMATA/
To the parents question, it is better to use GOG if you care about DRM.
Sometimes the Steam version is qualitatively better because the publisher/dev has supported the Steam version with more updates. Often the updates do turn up on GOG, but it's possible there is a delay.
https://partner.steamgames.com/doc/features/drm
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
I will hope that does not happen.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account
I don't understand how that is related at all.
As this isn't the case, I have been waiting for several years to buy many games. Denuvo still hasn't been removed, so I continue to wait.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
We're not in the early 00s anymore.
There are none. Or rather they fall in the margin of error.
Private servers are a nice way to do this and do still exist in places. My favorite online game uses them along with server side anti-cheat and while cheating occasionally happens, it has never been an ongoing issue. I've maybe seen a cheater once or twice in all my many hours playing the game over 10 years (elite dangerous, in case you were curious).
What exactly separates a kernel dev from a non-kernel dev?
Or trying to do heists and having a cheater in every session.
I'd like to play the game again but it's just not fun.
In addition, I’m not sure why they’re enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
The funny thing is I remember reading about using hypervisor crap to bypass Denuvo in ~2020 (actually the post is from 2019, https://www.unknowncheats.me/forum/2410412-post14.html)
Good riddance.
I'd suggest "encumbered" or even "infected".
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from π-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
And I'm not speaking about cost of implementing a technology to actively make the product worse.
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game." At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
I've been getting mostly indies so I feel safe, but maybe I should check...
It’s trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Don’t think the Denuvo devs would be stupid enough to provide a “return true” request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but that’s much harder.