Ars Technica took on the challenge (http://arstechnica.com/news.ars/post/20070826-clearing-the-air-bioshock-does-not-contain-a-rootkit.html)to uncover Bioshock's rootkit, confirming that there isn't one:
The fiasco stemmed ultimately from a misunderstanding of what Microsoft's RootkitRevealer (http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx) is. In short, it is a diagnostic tool that offers avenues for further investigation. Microsoft puts it this way: RootkitRevealer "lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit" (emphasis added). It does not scan a system and then say "Hey, you've got a rootkit!" Rather, it looks for a number of signs that indicate that a service or application is attempting to hide itself and manipulate the system, or one of several other potential signs of a problem.
Let's throw in a review for good measure, with Elite Bastards awarding (http://www.elitebastards.com/cms/index.php?option=com_content&task=view&id=448&Itemid=27) 9/10:
So, BioShock is here, and the hype is turning into actual experience with the game itself. Can it possibly live up to the pre-release hysteria? The answer is, of course, no - No game will ever turn out as good as you envision it in your mind's eye.
But does that make it a disappointment? Absolutely not. BioShock may still be a humble first-person shooter, but boy does it do it well. It has a story that captivates, an atmosphere that is largely second to none, and the whole gameplay experience oozes polish from the graphics and audio down to the control scheme whether you're using keyboard and mouse or an Xbox 360 controller.
More information. (http://www.rpgwatch.com/show/newsbit?newsbit=6152)

Interesting, but routed might be an over statement.

I followed the link and read most all of this information before.
Did you notice they didn't mention the name of the software they used to determine it was Not a rootkit?
Unless they meant they just used m$ rootkit revealer, which they just stated does Not find rootkits only symptoms.
Additionally m$ rootkit revealer wasn't the only rootkit revealer that marked Securom, I posted the name in the forum thread of another, iirc.

There are a few very expensive (well they were during the starforce days) programs that catalog every Booting program, dll or system file then you meticulously have to check hundreds of booted files to the current running programs and try to find if there are some that are not accounted for.
I.e. programs that started but you can not currently find them running or why they were started, it's can be really bad news.

At least people are paying attention, even if this was just a false positive, makes me feel a little more secure, after the starforce debacle. :)

I'm confused, does Bioshock install a rootkit\spyware or not?

Going to install it tonight or tommorrow.

@Acleacius -- please stop flogging this horse. The flesh is coming off the bones.

@JDR -- by now, we have a fair bit of data in, and it's my (professional) opinion that Bioshock is over 99% certain to be free of rootkits, spyware, or malware. And 99% is about as good as it gets.

IOW, this has been a huge tempest in a teacup; Internet hysteria at its finest.

JDR13
I don't know, only what the basic procedures used to determine if they exist and I haven't seen any test.
Now Prime Junta, seems to be at 99%, maybe he has listed links to tests performed, in the thread he started.
I have been so busy in the last 2 weeks and these complicated threads often take me 30 minutes to read through and a minimum of 30 to reply to, so I haven't had time to read his thread, hell I have been twenty four to forty eight hours behind reading and responding to the threads I started. :p
Some of the threads I have tried to keep up with are now 100s of pages long, trying to sift through the different rhetoric’s.
Hell, Prime Junta's 99% might be 100% correct, but I sure haven't seen anything remotely coming close to 99%, but I could just be overly cautious, after starforce. :)

Prime Junta
Using tasty raw horse flesh as a main course, yet leaving out any complex carbohydrates, and finishing courses of small simple sugars intermixed with fermented liquids doesn’t convey any accurate info. :)

They do not say which software or the procedures, so please provide something to those of us whom are in the Fifty-Fifty or Sixty Forty range, if your 99%, sure.
I guess we disagree.
I know, I don’t take it personally, if I thought they were 99% not there, I would say so, just like you, but I don’t. ;)

We are in the first or second week and your already 99% with no accurate test (I have seen) and the most general root kit finding software, saying securom IS using techniques of root kits and at almost the 99% rate, your claiming is proof they are Not using root kits.
I can see why people are confused. :)

I mean really have you seen any of the accurate complex test done, since 99% of the basic root kit software, found there are symptoms?

Edit
Now one thing on Prime Junta's side of the dinner table is a general fact that sony knows their butt is on the line and people are watching, hence all these threads, but we all know you can't leave corporations in charge of self monitoring/self policing, since they are based on profit, greed and exploitation in the worst cases, since they have share holders whom are like rabid cannibals deprived of rotting, raw horse flesh. ;)

I mean really have you seen any of the accurate complex test done, since 99% of the basic root kit software, found there are symptoms?

Acleacius, you are so utterly clueless about this subject that you really, REALLY should shut up and listen instead of shooting your mouth off and spreading panic. I'm getting seriously annoyed at you here.

More facts:

(1) Detecting a rootkit is very difficult.

(2) There is no magic test or toolkit in existence that will provide proof-positive that there are no rootkits on your computer. Nor is there a test or toolkit that will provide proof-positive that there *is* a rootkit, except ones that are already known and that they are specifically designed to detect.

(3) Therefore:
* Identifying a rootkit requires extremely specialized skills, as well as tools, time and dedication.
* Rootkit-detection tools sniff around for suspicious activity. This will dump a lot of data into the "detective's" lap, who will then need to sift through it, eliminating the false positives one by one. If there is a rootkit in there, eventually someone will find out what it is, and what it's trying to protect.
* If I was a systems specialist, and I had personally done this detective work, and I was personally convinced due to this work that there is no rootkit in SecuROM, I would *still* not be able to present you with anything stronger than my personal estimate -- I could walk you through the evidence and explain what I did to eliminate each of the false positives, but (a) you would probably not be able to understand my explanations and (b) there would still be the possibility that I missed something.

What does this mean for someone who is not in the business of sniffing out rootkits? Simply this:

Listen. To. The. Experts.

Individual experts are fallible. Collectively, they do a pretty damn good job.

If Sysinternals, SANS, and rootkit.com have not found a rootkit by now, after all this hoopla, it's virtually certain that there isn't one there. Moreover, both SecuROM and 2K have gone on record saying that there are no rootkits used. They know that lots of very dedicated people are looking very closely, which means that if there is one, it'll be found, and they will be facing some very serious legal problems. It's unlikely that they would want to take this risk.

So no, Acleacius, I cannot provide you with a test dump that will conclusively prove to you that there is no rootkit in the system, any more than I can provide you with a dump of intelligence data that conclusively proves that there are no WMD in Iraq. However, given the amount of effort expended in trying to find them, and the scope of each of the problems involved, I would put it at 99%+ that there is no rootkit involved in Bioshock, and at 95%+ that there are no WMD in Iraq.

"Absence of evidence is not evidence of absence," they say, but it's not always true: if there's no body, no bloodstains, and no missing person, it's not reasonable to run around screaming bloody murder.

I think looking at the evidence it's pretty safe to say that securom is not a rootkit - malware, possibly, depending on your view of such programs, but not a rootkit. It's certainly no starforce.

Still, that was never my problem with Bioshock's DRM - it's the limited installs / online activation that's truly hideous. Made far worse by the fact that customers were not warned about this restriction anywhere up front (and indeed not even in the EULA... which means technically 2k are in breach of their own licence). If this is the future of PC gaming then it's a bleak future indeed. Imagine having dozens of games with this "feature", some with an activation server that no longer works, others requiring you to jump through various hoops to re-install. Now imagine upgrading your computer and trying to get all your favourite games running. Urgh.

From Systeminternals there's a program caled "Rootkit Revealer" or so ... but MS has bought up System Internals some tiome ago - maybe exactly fpor this single program (like Symantec bought up Delrina for their WinFax Pro and stomped everything else that didn't fit in theior global domination scheme, including my beloved Opus & Bill screensavers. I'm still looking for the other ones).
Except that MS didn't stomp down all of System Internals' programs, since they are oh so useful for everyone. ( I use several of them myself. )

I think looking at the evidence it's pretty safe to say that securom is not a rootkit - malware, possibly, depending on your view of such programs, but not a rootkit. It's certainly no starforce.

Well, some people stretch the definition of malware to include any copy protection software, but I'd prefer to keep it a bit narrower.

Still, that was never my problem with Bioshock's DRM - it's the limited installs / online activation that's truly hideous. Made far worse by the fact that customers were not warned about this restriction anywhere up front (and indeed not even in the EULA... which means technically 2k are in breach of their own licence). If this is the future of PC gaming then it's a bleak future indeed. Imagine having dozens of games with this "feature", some with an activation server that no longer works, others requiring you to jump through various hoops to re-install. Now imagine upgrading your computer and trying to get all your favourite games running. Urgh.

I don't think that'll be the future of PC gaming -- 2K changed their policy quite quickly after the outcry, and stated that they'll remove the on-line activation eventually.

Of course, I don't know what *is* the future of PC gaming. It's been declared dead so many times that it's not even funny, yet it somehow keeps coming back from the grave...

Still, that was never my problem with Bioshock's DRM - it's the limited installs / online activation that's truly hideous.

I agree. That is without a doubt the biggest negative I have with the game. I know that they want to protect their IP and reduce loss by theft like any good business tries to do. But none of the 'real life' practices such as embedded monitors and cameras are as anti-consumer as these practices. I know that the person who plays a 10-year old game (other than on a 'virtual console) represents a negligible and ignorable (yet very vocal) market segment ... but I don't care. I want Bioshock, like so many others, to be games my kids can play when they're old enough.

I don't think that'll be the future of PC gaming -- 2K changed their policy quite quickly after the outcry, and stated that they'll remove the on-line activation eventually.


I look forward to the day they do remove it, as it'll be the day I buy it :)

I agree. That is without a doubt the biggest negative I have with the game. I know that they want to protect their IP and reduce loss by theft like any good business tries to do. But none of the 'real life' practices such as embedded monitors and cameras are as anti-consumer as these practices. I know that the person who plays a 10-year old game (other than on a 'virtual console) represents a negligible and ignorable (yet very vocal) market segment ... but I don't care. I want Bioshock, like so many others, to be games my kids can play when they're old enough.

So true. I still like to fire up the Infinity Engine games or one of the Fallouts every so often... with Interplay dead (or should that be undead?) they wouldn't be working anymore with online activation.

I look forward to the day they do remove it, as it'll be the day I buy it :)

Out of curiosity, why are you so dead-set against online activation?

So true. I still like to fire up the Infinity Engine games or one of the Fallouts every so often... with Interplay dead (or should that be undead?) they wouldn't be working anymore with online activation.

In which case there would certainly be cracks available, even if they had not removed the activation requirement themselves.

Out of curiosity, why are you so dead-set against online activation?
I cannot speak for Holly, but my problem is with longevity. But, as I have said, I bought it, have played it, and even if I can never play it again I consider the money well spent.

"Acleacius, you are so utterly clueless about this subject that you really, REALLY should shut up and listen instead of shooting your mouth off and spreading panic. I'm getting seriously annoyed at you here."

So when did rpgwatch get rid of their policy of no personal attacks? I guess this is attack of the angry-bitter-retarded computer "professional."

I guess asking for someone to back up their "professional" OPINIONS is so, like, yesterday or something. If someone is worried about something, he has every right to bring it up in a thread exactly dedicated to that topic. And your belief that you saying something makes a topic closed without further discussion is childish.

... let's just make sure we keep it respectful here ...

"Acleacius, you are so utterly clueless about this subject that you really, REALLY should shut up and listen instead of shooting your mouth off and spreading panic. I'm getting seriously annoyed at you here."

So when did rpgwatch get rid of their policy of no personal attacks? I guess this is attack of the angry-bitter-retarded computer "professional."

I guess asking for someone to back up their "professional" OPINIONS is so, like, yesterday or something. If someone is worried about something, he has every right to bring it up in a thread exactly dedicated to that topic. And your belief that you saying something makes a topic closed without further discussion is childish.

You're right, I was out of line. Acleacius has been beating this particular dead horse for a quite a while, though, so I simply lost patience.

That said, I would respect your opinion more if it didn't come from an anonymous account.

"Acleacius, you are so utterly clueless about this subject that you really, REALLY should shut up and listen instead of shooting your mouth off and spreading panic. I'm getting seriously annoyed at you here."

So when did rpgwatch get rid of their policy of no personal attacks? I guess this is attack of the angry-bitter-retarded computer "professional."

I guess asking for someone to back up their "professional" OPINIONS is so, like, yesterday or something. If someone is worried about something, he has every right to bring it up in a thread exactly dedicated to that topic. And your belief that you saying something makes a topic closed without further discussion is childish.
It may seem like PJ is attacking Acleascius but the latter has let his paranoia get the better of him in 3 or 4 different threads now and this is just the latest attempt by PJ to calm Acleascius down to no avail. (I'm sorry Acleascius: Caution is one thing but your rant against the Bioshock CP strikes me as downright paranoid)

*edit*
Nuts! The PJ himself beat me to it :blush:

Out of curiosity, why are you so dead-set against online activation?

Like I mentioned above, if it ever becomes the norm, we will live in a world where updating your computer will become a nightmare when all your old games require re-activating from now non-existent servers or ones that have now deemed you to have installed it too many times.

When I buy a game, I want to be 100% sure that I will be able to play that game whenever and wherever I choose in the years to come. Ideally that should be out of the box, but if a crack exists for what looks to be the final patched version, then that may suffice. It's hardly an ideal solution though.

DRM is a disease that will spread if it's allowed, gradually crippling you more and more if you'll let it. Bioshock is a prime example of an incremental increase in DRM applied to a new product.... and once they think we're happy with that, they'll push it out to all games. Then when it fails to dent piracy they'll move onto the next, all in the mistaken belief that it is somehow going to be the thing that will finally win the battle. Before you know it gaming isn't fun anymore because of all the restrictions you have to put up with. So it's a question of making a stand because if it's left to spread then it means gaming is something I will not want to do anymore. If no-one complained about Bioshock's DRM we'd see it everywhere all too soon.

Phew, that turned into a bit of a rant! Emotive subject DRM...

On a tangent, I'm fine with online activation as an *option* instead of having the DVD in the drive. That would provide us with choice, and a handy one for those who would prefer to not have to swap DVDs but are happy to be online when they play. But that empowers the user, so it's of no use to the publisher, hence why we never see it. We never get OR options, only AND (i.e. DVD AND online activation).

Look at the other future possible. Pirating becomes so easy and rampant that the only games made have the budget of a spiderweb game and the graphics of 2005 (shudder/cringe/the horror).

You always have a choice: buy the game or not. The publishers and developers have a choice: make the game easier to pirate or not. Pirates have a choice: help the hobby I enjoy or hurt it. Life is filled with choices, and until someone finds a way to stop piracy permanantly I welcome anti-pirate measures.

Online activiation is a good option. And once the sales dwindle the activitaion aspect will be removed. If not, oh well. I agreed to the EULA.

If i was going to complain about any aspect of Bioshock, it wouldn't be the activation. It would be the fact that Bioshock is System Shock 2 minus anything good about System Shock 2 besides the graphics and clicking.

I may be wrong but the way I understood it, 2K Games already admitted that they screwed up in the sense that the restriction was not meant to be a total of 2 installations altogether but rather 2 ACTIVE installations. The count was supposed to reset when you uninstalled the game but somehow that didn't happen.

If this is server side then they just have to fix the server software and you'll never hear of this problem again. If it is part server side and part client side then a simple patch will fix this problem as well.

I mean, yes it is regrettable that the screw up happened - as is evident in all the threads here and the watch and all over the internet - but when push comes to shove it really isn't that big a deal and it certainly won't be a problem in the long run.

If you take a look at what you can run via emulation software today on your PC - ranging from MAME arcade games to Playstation games or C64 games to old DOS games in DosBox - then I can't see why it would be a cause for concern that you activate the game online today. Looking at various Bittorrent sites I can see that Bioshock is readily available even with an online activation scheme and if 2K would announce that they're about to go out of business without anyone to take over for them, I think it will only be a matter of days before a patch to bypass the online activation part would surface on the net ... especially considering that Bioshock is a singleplayer only game.

In short: You're shooting yourself in the foot if you're missing out on Bioshock due to unfounded concern about the online activation portion because it really is no big deal.

When I buy a game, I want to be 100% sure that I will be able to play that game whenever and wherever I choose in the years to come. Ideally that should be out of the box, but if a crack exists for what looks to be the final patched version, then that may suffice. It's hardly an ideal solution though.

Your goal is unattainable for ANY software which means you might as well give up on computers now. A lot of even completely unprotected stuff is just not going to run 5, 10, let alone 20, years from now on Windows SuperDuperWhatever. Even the update to Windows XP (SP1 or SP2, I forget) broke a lot of software (not just games) and made it unusable. I've never gotten some old game software I have (SS1 and MoM for instance) to run on anything other than some old systems that are years dead now. I'd love to play them again but it's just not happening on any system I've tried.

Whenever i run a spyware, malware etc. scan on my computer, these reveal several trojans etc. Unfortunately, this revelation comes as no surpirse to me, since one is flagged as Fate (the game), others are (sometimes) oddly :rolleyes: my internet service.

Your goal is unattainable for ANY software which means you might as well give up on computers now. A lot of even completely unprotected stuff is just not going to run 5, 10, let alone 20, years from now on Windows SuperDuperWhatever. Even the update to Windows XP (SP1 or SP2, I forget) broke a lot of software (not just games) and made it unusable. I've never gotten some old game software I have (SS1 and MoM for instance) to run on anything other than some old systems that are years dead now. I'd love to play them again but it's just not happening on any system I've tried.


In case you're ever interested in playing System Shock again.

http://www.strangebedfellows.de/index.php?topic=211.0

Like I mentioned above, if it ever becomes the norm, we will live in a world where updating your computer will become a nightmare when all your old games require re-activating from now non-existent servers or ones that have now deemed you to have installed it too many times.

On-line activation isn't the only thing that's going to break today's games tomorrow. Activation servers don't go down that often; we're talking about a timespan of 5+ years here. That's about two hardware/OS generations. It's likely that something there will break the games before activation requirements do.

I agree that it is an inconvenience; I just don't think it's a showstopper. Personally, I would prefer on-line activation to a disk-based check, because the latter requires installation of low-level drivers that I'd rather not have on my system. My preferred form of DRM is Steam-style activation, though, where the activation is not tied to your hardware but to your user account.

When I buy a game, I want to be 100% sure that I will be able to play that game whenever and wherever I choose in the years to come. Ideally that should be out of the box, but if a crack exists for what looks to be the final patched version, then that may suffice. It's hardly an ideal solution though.

In that case, I would recommend you stick to board games. 'Cuz anything electronic isn't going to get you anywhere near 100%.

DRM is a disease that will spread if it's allowed, gradually crippling you more and more if you'll let it. Bioshock is a prime example of an incremental increase in DRM applied to a new product.... and once they think we're happy with that, they'll push it out to all games. Then when it fails to dent piracy they'll move onto the next, all in the mistaken belief that it is somehow going to be the thing that will finally win the battle. Before you know it gaming isn't fun anymore because of all the restrictions you have to put up with. So it's a question of making a stand because if it's left to spread then it means gaming is something I will not want to do anymore. If no-one complained about Bioshock's DRM we'd see it everywhere all too soon.

I don't like DRM either. I just don't see how we can get rid of it any time soon. The business model for making games requires that people pay for games; remove DRM, and many people will stop paying for them. The more people stop paying for them, the more acceptable it becomes not to pay for them, and quite soon only a minority will be paying for them. (N.b.: the phenomenon of "cheating" has been widely researched by economists; if you want to look stuff up, you can come up with some very hard numbers on exactly what percentage of the market will cheat if the penalty for cheating is zero or near zero, as it would if DRM was removed.)

Of course, there are other business models than the one currently in use, but I doubt any of them would have given us Bioshock.

That said, I agree that many current DRM schemes are overly intrusive: less would be enough to stop most casual piracy, which is the best any DRM scheme can hope for.

Phew, that turned into a bit of a rant! Emotive subject DRM...

Indeed.

On a tangent, I'm fine with online activation as an *option* instead of having the DVD in the drive. That would provide us with choice, and a handy one for those who would prefer to not have to swap DVDs but are happy to be online when they play. But that empowers the user, so it's of no use to the publisher, hence why we never see it. We never get OR options, only AND (i.e. DVD AND online activation).

Yah, publishers are evil. The bastards. :p

Your goal is unattainable for ANY software which means you might as well give up on computers now. A lot of even completely unprotected stuff is just not going to run 5, 10, let alone 20, years from now on Windows SuperDuperWhatever. Even the update to Windows XP (SP1 or SP2, I forget) broke a lot of software (not just games) and made it unusable. I've never gotten some old game software I have (SS1 and MoM for instance) to run on anything other than some old systems that are years dead now. I'd love to play them again but it's just not happening on any system I've tried.
This is where being a laptop gamer comes in handy - I have an old HP Omnibook that runs DOS & Win95, a little 2lb Toshiba that runs Win 98 and everything else will work on my newer systems ... but I have an older Dell Inspiron just in case. Plus the Macs ...