Wednesday, December 13, 2017

Dangerous video game copy protection systems

Most games do not implement any sort of copy protection system. Piracy is rampant, and in most cases it takes less than a day from publication before pirated versions start circulating the internet, but these developers just live with that sad fact.

Some games do implement some type of copy protection system. Some are more effective than others. (For example, one particular game by Ubisoft, if I remember correctly it might have been Splinter Cell 2, or perhaps 3, had a copy protection mechanism that was so effective that it literally took hackers over a year to crack it, and distribute a pirated version. The common "knowledge" that copy protection systems are pretty much useless isn't always true. That game got a full year of legitimate sales before a single pirated version was available.)

When a copy protection system is "clean", in the sense that it just affects the game itself, and tries to stop it being illegally copied without affecting the operating system itself, that's fine. If you are a legitimate user, then you essentially have nothing to worry about nor need to care.

But then, sometimes, in their eagerness to protect their game as well as possible, some developers, or publishers, will go beyond the legitimate, and break the boundaries of the game itself, and start affecting the operating system beyond what an application should. These games might, for example, install some system drivers (something that a regular app has no business in doing, unless it legitimately requires such a driver to, for instance, control a hardware peripheral) in order to monitor the user's activity "from the outside" (ie. outside the game), from the system level.

In the absolutely worst case scenarios some games have surreptitiously installed outright rootkits into their users' computers. Such rootkits may grant software direct access to the computer's hardware, such as the hard disk, bypassing the safety mechanisms of the operating system. In the worst case scenario the computer may be accessed remotely, by anybody. In some instances the game leaves these rootkits installed in the system even after the game itself is uninstalled. Almost invariably they also communicate constantly with the developer's or publisher's servers. Yes, there have been actual cases of all of this. (In one particularly egregious recent example such a rootkit actually monitored the user's activities outside the game, such as what web pages the user browsed and what kind of search terms the user wrote in search engines, and proceeded to close he browser in certain cases.)

Here are some tips to avoid your PC becoming the victim of this:
  • Always use an anti-virus software that has system protection mechanisms against rootkits and other such malware (such as ransomware)! Nowadays this kind of software is even more important to stop malware than to stop viruses. And if the software warns you about a particular software, don't just ignore it! (While sometimes this might be a false alarm, at the very least make an extensive online search for that particular software, to see if it has been reported to contain malicious components.)
  • Be always suspicious if installing a game requires administrator privileges. Windows will tell you if the installer is requesting such privileges; don't ignore this warning! Normally installing games (especially if you install them eg. from Steam) does not require them. In a few cases they might require to install some normal system components, such as a particular version of DirectX or some VC++ runtime, which might require administrator privileges, but as above, if unsure, always make an online search for this particular game to see if problems with it have been reported.
  • Installing a game on a physical disc might give a false sense of safety. We tend to think that such malware only comes from the internet. However, these developers/publishers don't care if you are installing the game from the internet or from a disc. The malware will be in the disc installer as well, if they had added it there.
  • Likewise purchasing and installing a game from Steam might also give a false sense of security. While admittedly it's probably enormously less likely that a game purchased from Steam has such malware bundled, it's still not impossible. There have been cases. Always take heed of those warnings that the system and/or the antivirus software is giving you. Don't just grant a game installer administrator privileges simply because you purchased it on Steam. Search for info to make sure it's normal and safe.


  1. I had a game a while back whose copy protection, Starforce, broke everything. I think Splinter Cell had the same program.

    So what's your general opinion on always-on copy protection, like Steam and Origin?

    1. As long as things like Steam don't mess up with the operating system, nor interfere with my ability to play the games normally, I don't mind them.