New Securom, the new Starforce?

I have been seeing lots of problems and have been able to verify some on my machine after reading some posts.

Specificly looks like some type of Root Kit or Mal, there are 3 examples of this once you uninstall the demo.
You will see 1 folder in Documents and Settings\Administrator\Application Data\SecuRom and 2 Regestry Folders, under Current User and Users basicly under Sofware\Securom, just do a search, none of these can be removed.

Other issues include apparently the full game regesters your game to your specific hardware installs, so that you lose your regestration if your changing out new video and sound cards, even mention there is a limited number to times you can uninstall and reinstall the game.

Sounds pretty serious but this is just the beginning so not sure how bad it currently is or will get, just wanted to give a heads up to anyone whom is intrested in the security of their machine.

Sounds worrying. Do you have links to sources where this is being discussed?

OK. One can have different opinions on all this activation stuff but how exactly does this affect the security of the machine? What makes you think that there might be a security risk involved?

Well if you have the demo or the full game installed you can see the folders and regestry entries that can't be removed for yourself.
I think much of the Securom stuff is actually on their page and in the 2k forums, I will go back an look for the links, sory been up all night and was headed to bed when I started reading all this crap.

Well if it's installing a root kit to monitor your system hardware and allowing or Not allowing games/software to play or not, that sounds liek a possible threat to me.

Originally Posted by Acleacius
Well if you have the demo or the full game installed you can see the folders and regestry entries that can't be removed for yourself.

OK. So you can't remove a folder and some registry entries. And this compromises the security of my system how?

Your joking right?
Do you know what malware and rootkits are?
http://en.wikipedia.org/wiki/Rootkit
http://en.wikipedia.org/wiki/Malware

I am really too tired to explain how they work atm?

Here is a bit about how Sony is (going to use this new) securom, you remember sony, right, rootkits?

With SecuROM™ ‘s Product Activation concept, Sony DADC offers software publishers the possibility to secure their content either distributed via the physical or electronic sales channel with one solution. Only legitimate customers who have purchased the product are able to unlock the program which is bound to the hardware after activation. This ensures that once activated, it cannot be transferred to another PC and therefore not being mass pirated. SecuROM™ ‘s Product Activation can be easily combined with Sony DADC’s n-CD solution. Let your end-customers register first and collect important market information prior allowing them to use your software products.

Edit
Here is a link 2k
http://forums.2kgames.com/forums/showthread.php?t=5527

I don't have all the answers, I am just finding this info out.
I had bad luck with starforce, so I am conserned about preventing that type of problem again.

If you notice I asked the question, as I am only one person, I am just trying to give warning so people more experiened than I can keep a watch out as well.

Clearly having files left on your computer after you have uninstalled a program that is monitoring your harware and software, allowing them to work or not work suggest that a rootkit is involved with my limited experience.

We are not told of this and you can not remove (at least I am aware of atm) them from your machine if you chosse, how could that NOT be a cause for concern?

Originally Posted by Acleacius
Your joking right?

Not really. Look, I'm all for inciting riots if warranted. I'll be at the helm of the pitchfork brigade if there is a reason to go to town but I don't wanna be a rebel without a cause .

Do you know what malware and rootkits are?
http://en.wikipedia.org/wiki/Rootkit
http://en.wikipedia.org/wiki/Malware

Yep. And? How is SecuROM a rootkit or malware? A rootkit is defined by your Wikipedia link as software that conceals itself. SecuROM doesn't. The process starts up when you start a SecuROM protected game and it will be shown in the task manager. It says so in the SecuROM readme in the "hidden" folder. So how is it a rootkit or even malware?
I fail to see how this compromises the security of my system in any way.

I am really too tired to explain how they work atm?

OK. Feel free to have a good night's sleep and when you're done please explain in detail how the security of anyone's system is being compromised by SecuROM and also how it has to be classified as a rootkit or malware. Thanks .

Here is a bit about how Sony is (going to use this new) securom, you remember sony, right, rootkits?

I remember that very well but I completely fail to see the link to SecuROM. Apples and oranges.

Don't get me wrong. I don't really like this kind of activation system overly much either (the chaining the software/game to the hardware part of it that is) but I'm against mass hysteria as long as no adverse effects on a system's security have been proven. It seems to me like people are once again using the security argument as a strawman argument for their real fears (the real fears being limited pirateability ).

Originally Posted by Acleacius
Clearly having files left on your computer after you have uninstalled a program that is monitoring your harware and software, allowing them to work or not work suggest that a rootkit is involved with my limited experience.

This is definitely a concern. I understand the need to secure the IP, but the draconian methods used constantly hard us legal users while they get cracked by pirates.

Moriendor
"Wikipedia link as software that conceals itself"
Look Mo, that is what Secrom is doing, it IS concealing it self, if you notice in the Applicatiion Data dir I gave you you will see for yourself.
You know what a concealed file is right how to spot one? lol.
Open your Explorer, toolbar look for tool. options and check/tick Show Hidden Files

Now I have given you verifiable examples if you have or had an install, given you defintions and an explination of what Secrom says it does, now you explain to ME how that's not possibly a root kit or malware?

Lol, I am not asking you to storm any village, you must do so at your own peril and I will just come in behind your invasion and handle the women folk. l

Originally Posted by Acleacius
Moriendor
"Wikipedia link as software that conceals itself"
Look Mo, that is what Secrom is doing, it IS concealing it self, if you notice in the Applicatiion Data dir I gave you you will see for yourself.
You know what a concealed file is right how to spot one? lol.
Open your Explorer, toolbar look for tool. options and check/tick Show Hidden Files

I know. Obviously that's where I found the SecuROM readme file that I was talking about but a "real" rootkit works differently. A real rootkit can not be disclosed by such simple tricks as turning on a "view hidden files" option but it will totally conceal itself from the user.

Now I have given you verifiable examples if you have or had an install, given you defintions and an explination of what Secrom says it does, now you explain to ME how that's not possibly a root kit or malware?

As I said, it's not a rootkit because it does not toally conceal itself from the user. The process that is started by SecuROM should be visible in the task manager if you ALT+TAB out of the SecuROM protected application and open the task manager.
Secondly, for SecuROM to be malware it would have to have a malicious or damaging effect on the system. That is not the case (until proven otherwise).

Lol, I am not asking you to storm any village, you must do so at your own peri and I will just come in behind your invasion and handle the women folk. l

OK but leave some for me .

Originally Posted by Acleacius
Moriendor
"Wikipedia link as software that conceals itself"
Look Mo, that is what Secrom is doing, it IS concealing it self, if you notice in the Applicatiion Data dir I gave you you will see for yourself.
You know what a concealed file is right how to spot one? lol.
Open your Explorer, toolbar look for tool. options and check/tick Show Hidden Files

That's completely wrong. The nasty thing about a rootkit is that it conceals itself *from the operating system kernel* -- this means that there is no way to detect it by anything that runs *under* the operating system, which means pretty much everything. What Securom is doing here is simply flagging some files as "invisible," which is just about as harmless as things get.

I looked up a few things, and I haven't run across anything yet that would indicate that Securom does anything inherently evil (from an operating system security POV). I would very much like to know if this is the case.

(I don't like hardware-bound product activation either; I upgrade my computer quite often, and I don't think it's fair if I need to buy new licenses every time that happens. Lots of gamers do, too, so I kiiiinda doubt SecuROM's hardware linking is quite as hard as that.)

Well, maybe because I am tired but I didn't intend that it was a root kit because of some hidden files and I do know root kits reside in the kernel but the only way I know to detect them is a program that will list all your files durning boot and then comparing them to what you see running or something along those lines, but the program is not cheap.

What I mean to say is that there is enough evidence in the behavior and symtoms to be concerned and the things a root kit can do are things that the new secrom is doing, afaik.

And no it's not listed in the Task manager because it's hidden and you can't see it running or delete the files, remember I said mallware, also.
But since you don't see it running that makes it more like a rootkit, than malware, but seeing the files and not being able to delete them is more like malware.

Whatever ---it sounds like it sucks. Not being able to install/reinstall more than two copies of a game you paid for, plus it invading your hardware sounds like a poor deal to me.

My problem with stuff like this is if they bound it to harshly with the system. But they are usually monitoring some stuff. I do not think that they use video or any peripheral unit for checking if this is the same computer. Its much more safe doing it by the the motherboard. Which i guess its how it done.

And also, this isn't malware or anything. Its an annoying feature we will have to live with until publisher realize that people pirating aint the same as a lost buy.

But there is always two sides, with different scientfic surveys proving points. And its hard to know whats right. The dealer selling the antipiracy stuff claiming lost sales, or the net with poor sods saying their computer got wrecked. Glad i am not in the business.

And i also guess its rather hazzle free to unlock and change hardware if needs arizes. Selling a DRM that will get the sales down, by legitme claims of money beeing poured down the drain, will hurt business in the long term.

And internet usually hypes everything to insane level and the truth, regarding copy protections - i wonder if its out there.

I am most worried about this limited installation thing. If it becomes more widespread then in future most of my game collection would automatically become unplayable. I collect games. Somone else collects movies or music.

Imagine if your whole movie collection or whole music collection would become totally unplayable as soon as you update/change your dvd/cd-rom player (old one breaks down or othervice). Thats is just ridiculous but that is exactly what they trying to do with PC games.

One thing good that might come out of this, if there would be a great DRM protection for games is that seeing the Xbox360 is cracked and easy to get images for, our beloved PCs get some breathing space and get developer developing for the PCs instead which will mean that interfaces and stuff will be more pc friendly..

I think i will try and stay and look at this new bright side of the DRM thingie…

Galactic Civilizations 2 has no copy protection at all but still it sells superb. Same goes for almost all Matrix Games products.

There are other ways to protect games and make them sell great than just the ruleset laid out in "Mein Kampf" (against consumers).

Originally Posted by Acleacius
What I mean to say is that there is enough evidence in the behavior and symtoms to be concerned and the things a root kit can do are things that the new secrom is doing, afaik.

No. No. And no again . BTW, even if it is obviously biased as it's from the SecuROM website itself but they are very open about what SecuROM does. Check this…

User Access Service
SecuROM™ will install a Windows™ service module called "User Access Service" (UAService) on your system. This is a standard interface commonly used by several other applications as well. It is no spyware or rootkit at all. This module has been developed to enable users without Windows™ administrator rights the ability to access all SecuROM™ features. Please be assured that this service is installed only for security and convenience purposes. Since it is a standard Windows™ service, you can stop and delete this service, like any other Windows™ service. If deleted, the access for non-administrator users to SecuROM™ protected applications will be affected.

I have admin rights to my Windows and I have deleted this service a long time ago already. All SecuROM games work flawless on my system. The only thing that SecuROM does is create that "hidden" folder and some registry entries. Again, I completely fail to see how this makes SecuROM a rootkit, malware or a security risk in any way, shape or form.


On the subject of the activation and binding it to hardware my guess is that they will change this as time goes by by completely resetting the activation servers in certain intervals or at least by upping the number of activations. The system should be pretty flexible. Remember that the main goal of this stuff is to avoid the so called "day zero" piracy, i.e. the availability of a game on torrents/filesharing on the day of release. Publishers aren't stupid. They know exactly that Bioshock will be hacked eventually. The goal is to delay it as much as possible. Looks like they have succeeded on the day zero thing. I don't see a torrent anywhere yet (at least not for the PC version ).

Originally Posted by Moriendor
On the subject of the activation and binding it to hardware my guess is that they will change this as time goes by by completely resetting the activation servers in certain intervals or at least by upping the number of activations. The system should be pretty flexible. Remember that the main goal of this stuff is to avoid the so called "day zero" piracy, i.e. the availability of a game on torrents/filesharing on the day of release. Publishers aren't stupid. They know exactly that Bioshock will be hacked eventually. The goal is to delay it as much as possible. Looks like they have succeeded on the day zero thing. I don't see a torrent anywhere yet (at least not for the PC version ).

Thats true as long as the server that gives out activations stays on forever. And they still have the power to disable your entire game collection useless with one flip of a switch.