Hello Penny Arcade readers
Not surprisingly, my tiny blog’s traffic has skyrocketed in the last eight hours. While I was sleeping a lot of comments came in for moderation (I use manual moderation because of ridiculous amounts of spam, not for censorship purposes). I’ll get around to approving it soon; I don’t plan to disallow negative posts.
I realize some of my comments are somewhat inflammatory. Let me say I’m not a fan of DRM. Obviously as a PC gamer it would be nice not to ever have to deal with it, hence the shoutout to Stardock at the end of my PA post. But I do think the backlash has to a degree overshadowed everything else, and I do sort of worry about the perpetuation of an increasingly combative scene (on both sides, not just—or even mainly—the players here) that makes PC seem even more unfriendly than its reputation already makes it seem.
The irony of this for me is that this issue isn’t even generally a big talking point of mine. But Tycho liked my blog post about it, and now it looks like it’s what I’ll be known for on the internet, at least for a while. That’s life! Anyway, hopefully we can keep the DRM-related comments to my piracy post (one of my more reactionary posts, I’ll admit), and maybe a few of you will also see fit to check out some of the other stuff on this blog. Welcome to it!
Tags: blog, blogosphere 2.0, internet, penny arcade, traffic
September 26th, 2008 at 8:07 am
I’m not going to flame you for the contents of the post (it’s actually fairly balanced, though I think you are too patient with the publishers) - but there are annoying typos in the PA post. It would be nice if you could fix them.
(1) paragraph 9: last sentence repeated
(2) paragraph 11: “probably didn’t to be “trained,” as he puts it,” needs “need”
September 26th, 2008 at 9:16 am
First let me state that I am a software developer by trade working on proprietary software that deals with sensitive and private information.
I think the two arguments that really make SecuROM DRM untenable are security and ownership.
For the ownership argument I think Penny-Arcade’s article previous to your sums up my view. I also think the analogy of DRM on a book is very appropriate.
As for my second contention, security, this issue has a more direct and practical effect on me. See as I stated at the top I develop software that works with privileged information. Think social security numbers, health records, financial records, the types of things that the U.S. Government has placed astronomical fines for loosing and that it has placed very stringent guidelines on how to protect it.
I am very simply required to maintain a secure environment to work in. I think many people overlook the fact that SecuROM bypasses pretty much every security system that runs on your machine. Now you can still use security systems outside of your computer but that still limits your options.
On top of the actual security concerns, there are the legal liability concerns. If I had SecuROM installed on a computer that I worked on and something non-related happened, I could still be fined many times my yearly income. The simple fact that it does bypass security software means I am liable.
The results? I have to have an extra computer just for running games that use SecuROM. Oh and that doesn’t answer the question of what do you do when you did not know it had SecuROM and you have to remove it? Your answer in this case is to hack your own computer or reformat. I am willing to be that if I asked my company attorney on this issue, his answer would be that to be legally safe, I would have to re-format and re-install the OS before I could work on this computer again.
None of this sounds reasonable to me. It sounds even less reasonable when you realize that it is actually easier for me to pirate the game than pay for it and then deal with SeruROM.
September 26th, 2008 at 9:32 am
In your post on Penny Arcade you state that the DRM in spore allowed unlimited installs on five machines. That is not correct, and if that had been the case the backlash would not have been so extreme. The DRM allows only five installs EVER. So if you’re like me and tend to regularly uninstall games to save space, then reinstall them later on the same computer you are quite limited. Likewise if you tend to rebuild your operating system regularly (as many people do).
September 26th, 2008 at 9:40 am
It was a great post, Chris. It was so strange to see such a familiar name when I read the Penny-Arcade news today, but congratulations on the opportunity and I think you used the space well (as tired as I am about the cyclical DRM conversations that populate the internet).
And thanks for the Stardock shout-out.
September 26th, 2008 at 11:05 am
This was a really great post that inspired me to post my opinion on my blog. Thanks so much for pointing out the obvious contradictions in this whole debate, and taking the time to discuss reasonably your opinion of it. I hope that Penny Arcade includes you in more of their posts in the future.
Like you said, Valve and Stardock are two shinning examples of how games can be delivered in the modern connected age.
September 26th, 2008 at 11:30 am
I read your Penny Arcade article and have to say I disagree with parts of it.
Gamers get unlimited install on 5 computers and deactivation tool is coming, what more do I need?
Well, for starters, if I lack an internet connection on my gaming rig, I have no legal means of buying and playing games, like Mass Effect PC, that have zero online component. That’s about 7% of the US pc population, and about 20% of the UK pc population. That’s a bit of a problem.
Secondly, I don’t like getting 3rd party software installed invisibly. Especially when that software accesses Ring 0 and creates a potential security hazard. Remember, this forces you to be online and hackers are not known for being picky about whether their targets want to be online or whether the security-vulnerable software was installed with my knowledge or consent. The FTC ruled that these principles apply to spyware and malware distributors. The exact definition of spyware and malware may be debateable, but there is no question that EA is breaking those principles.
Thirdly. If I buy the game legally I own the copy that I bought. Federal courts have ruled that nothing in an EULA can circumvent the doctrine of first sale. Logically, nothing authorized solely by an EULA can therefore circumvent my rights under the doctrine of first sale either. This DRM prevents me transferring my legally purchased copy of the game to a third party. In other words, it stops secondhand sales. I can understand why publishers might like to do that, but it is IMO illegal and immoral.
Fourth: Deactivation tool promises are well and good, but we have had no confirmation that this will happen for games like MEPC from Bioware. I know: I’ve asked them on three occassions and gotten no response. And much will depend on how they implement the deactivation tool: it needs to be something that can be done away from the computer in question in case a hard drive fails and you can no longer access the computer to deactivate it. Imagine if you have 10 similar games on your computer and it goes into a shop for service. Unexpectedly they find a failing component that needs replacing. If they fix it, you’ve just thrown away an activation for each of those games. (They’re not going to go through and deauthorise your games for you are they?)
Fifth: EA is being very misleading when they say you can have unlimited installs of 5 computers. All you need to do is upgrade your graphics card, add a harddrive, or a cooling fan, or reinstall windows, and suddenly your old computer has turned into a completely different computer.
I do give you credit for being the first journo that I’ve seen that has pointed out the absurdity of the activation data presented by EA. Good job! Even so, I think you’re understating the data bias. It took EA 17 days to sell 1 million units. At that rate, it would have taken approximately 7 days to reach the number of activations shown in the released data. So the 0.4% figure was only for the first week of release.
You may be weary of the topic, but not half so weary as the consumers are of having to deal with game publishers pointless anti-piracy tactics. Over half a million downloads of Spore have already happened. So how the hell has this DRM done one damned thing to stop piracy of Spore?
As a customer who has to endure the DRM restrictions while pirates download DRM free products, I utterly reject the fallacy that DRM is necessary to stop piracy. If you want to convince me, show me that it actually is [i]effective[/i] in stopping pirates. Until then, I remain convinced that DRm only increases piracy rates by angering paying customers.
September 26th, 2008 at 12:48 pm
I have no doubt a lot of the anti-DRM comments about Spore etc have been bandwagon jumpers, but considering DRM costs money to license or engineer and it’s clearly fails at stopping pirates, why even bother?
There is a difference between the DRM on iTunes and the DRM on games like Spore. iTunes for the most part, is just an encryption rapper around music or video files and the restrictions are a product of key management (you buy a song you get a copy that can be decrypted with your keys). iTunes, does not install low level drivers that alter or hook basic system functions to enforce it’s DRM and prevent copying. When you uninstall iTunes, the DRM stuff goes with it. The same is not true of secuROM.
Finally, iTunes won’t refuse to run because it sees you have or had some software Apple and the RIAA do not like.
I hope these uprising and now a class action lawsuit put a very bad taste in mouth of publishers when they consider DRM.
September 26th, 2008 at 1:05 pm
I’m a PC hardcore user and gamer since the early 286 models, all the way to today’s multi core number crunchers.
I don’t know why you think that the PC is now more unfriendly. Because of
copy protection?
Copy protection was always present in one form or the other.
If anything has changed, it’s the fact that the PC setup and system installation and configuration has gotten TONS easier. Also hardware and software problems have been minimized. Blue screens of death, incopatible drivers or hardware, this or slowly becoming a thing of the past.
Remember back in the day when you had to play with memory managers, you always needed more conventional memory (HIMEM.SYS anyone?), you needed CGA or VGA emulators to run games and you had very little drive space, if at all.
What is different tho is that most people didn’t start with a PC as a gaming platform and see the console as a much more straight-forward sollution for their gaming environment. They don’t see the PC as a gaming device, at least not the casual crowd, which is now buying up all the Wii’s.
DRM or copy protection doesn’t really affect the way that people see the PC.
It’s just not a casual PC gaming platform. It never was.
September 26th, 2008 at 1:18 pm
“To PC gamers: let’s stop turning every inconvenience into the plight of Sisyphus. ”
The problem with this is that if we don’t the publishers don’t do a damn thing except maybe make it worse the next time.
September 26th, 2008 at 1:47 pm
I have not bothered to read any other comments here. This is in response to the Penny-Arcade article. I’m not likely to look up your other article because, realistically, you’ll have much more readership on the Penny-Arcade article than anything you’ve posted solely to your blog.
I don’t think you’re out of line in the article. I’ve pirated games, usually pre-2000ish, and I’ve payed for many many more. Many games I’ve paid for where on a whim, just to try it out. I’m not a member of the moral high road nor do I think all games should be free or even that pirates should not be punished. However, I find your lack of the SecuRom angle disturbing.
I couldn’t care less about number of activations. Hell, I’m perfectly fine with online activation as well. However, rootkits or anything that even resembles a rootkit are just all-around bad. There is no reason that a Game Publisher should ever have the right to secretly install malware, that is near impossible to remove, on a private computer.
There are many arguments that have already taken place on this subject in various arenas. I don’t need to repeat them. My solution is to not buy these games. I very much wish I could, I’ve played Bioshock and Mass Effect on a friend’s machine, but I will not install that crap on mine. Any company that insists that I install malware will not get my cash. I’m ok with that. I’m sure they are as well.
I know your article was not only about SecuRom, but you did bring it up and you mentioned the install limit without mentioning the rootkit aspect. I believe avoiding this issue is telling an incomplete story to people, who like myself, will not likely read anything further by you where you may or may not actually address the issue.
After just reading the Penny-Arcade article, you do come off very much like a DRM proponent who thinks SecuRom is completely on the up and up. Though I doubt you actually think that, this is how I read it.
September 26th, 2008 at 2:03 pm
So your answer to DRM is in essence “Don’t worry ten years from now some russian hcker will figure out a way around this.”?
Just the other day I played a game of Twixt The game and its physical components were created before I was born. Yet I can open the box and play it. The Game is not all that complex and I am quite sure someone with a will and a drill could recreate the game.
The point being that I don’t need a hacker to play the game my father purchased. 3M no longer makes the game and guess what happens if you call them for replacement parts? Nothing. There is no ‘Dead Man’s Switch’ at any of these companies, and if they go under, so does your game.
Your answer to DRM is ‘don’t worry there is a hack’. Yes there is, and it comes as a torrent for many and oddly your solution would be one as well.
DRM has *NEVER* worked. Stop giving them a pass. And you are right, it is not the plight of Sisyphus, it is one of the tasks of Heracles.
September 26th, 2008 at 4:53 pm
You state that we should not turn every debate on DRM into Sisyphus. Allow me to take this from a different angle.
Has the implementation of install limits, in any way, curbed the piracy that Spore has faced?
The answer to that question is vitally important. Now I’m going to say that it outright hasn’t (alright, some people will want to debate that, but frankly, not many will).
Given the fact that publishers are content to implement increasing copy protection measures when no actual prevention of piracy is created from them, the next logical step is obvious. It’s obvious because by now it’s apparent to all concerned that the currently implemented restrictions haven’t stopped the piracy of the game. So the logical conclusion follows: We need tighter DRM. We need to increase our restrictions further. It’s something that happens every wave. At this point, I would argue, we can either ignore the debate altogether and SEE that next wave get far worse each and every time, because hey, it’s not that bad, it’s not so much of an increase on the last batch, it won’t inconvenience too many real customers, OR, we can actually have a real debate about it and try to get them to realise that this isn’t working, and isn’t the way to go.
I can sort of understand your viewpoint, but I don’t necessarily agree with it. Let’s be honest here, how many people were TRULY inconvenienced by Starforce before it? A tiny, tiny minority, easily disregardable in terms of raw sales. If you think that minority that was DIRECTLY affected with problems was anything more than a blip on the sales radar, then you’re kidding yourself. It didn’t matter that it gave itself root access, or played around with drivers that it shouldn’t have. Like you said, MOST home users would neither know nor care. In the end though, Starforce, much like a bad penny, kept turning up again and again as a topic of debate. Not just in forums, or amongst the hardcore anti-DRM brigade, but tech blogs, security websites. It raised a bad profile just by it’s mere existence. This ultimately lead to it being abandoned. It was too much luggage to be weighing down your game with.
So, it’s a debate that turned a molehill into a mountain. If it hadn’t though, we’d still have Starforce in all it’s glory, bigger and better than ever.
So, Sisyphus? Yeah, I can get behind talking about Sisyphus now. Better to have the debate now than cry about it in 10 years time when all the standards have been established and there’s nothing you can do about it. As far as I’m concerned, if they are allowed to put increasing and arbitrary restrictions on products, ESPECIALLY with no return on piracy statistics, then that is also incredibly damaging to the industry, and will also drive PC gamers away. Why should I bother with the hassle of a game that doesn’t like my CD-burning software, or won’t load when my internet goes down, when I can just put it into my 360 and it’ll run? It’s a question I ask myself even now, and it’s getting harder and harder to justify that hassle.
Hey, at least I didn’t go into any conspiracy theories on install limits being there to affect the 2nd hand market eh?
September 26th, 2008 at 5:20 pm
I think it is important to note that the game industry has become a multi-billion dollar industry while having DRM that was laughable at best.
What do they get for the expense of DRM tools? nothing. It just increase the cost, while risking the quality of the game experience.
The effect of DRM on the consumer are many.
A) loss of first sale
B) Wear on CD drives
C) inconvenience
D) Security risks
E) High Cost
The single really irritating thing from your Penny-Arcade story is comparing game DRM with iTunes.
There isn’t a comparison. iTunes I can copy the song into a non DRM format or burn it onto CD.
September 26th, 2008 at 5:55 pm
Aside from that, just because it’s accepted, as you said in your post, doesn’t make it a right or a wrong. You mentioned iTunes because lots of people use iTunes, and have no qualms about it.
Lots of people did use MSN music. Care to mention how few qualms they have about the model?
September 27th, 2008 at 7:49 am
EA seams to have insulted the universe in general with their drm measures for Spore, Mass Effect and maybe Bioshock. I’m sure about the last I never pay attention to who publishes it. Personally, as a developer in training, I think that EA has every right to protect their works but I think they may be going about it the wrong way. Naturally every small game development firm and pro p2p site under the sun is calling it’s audience to arms despite figures proving that at least 75% of people who buy the game won’t even notice it.
But the fact is, drm is really bad news for EA. First there is lost sales. How many people have read these sites condemning EA for making this decision and decided not to buy this game because of it. This will translate to word of mouth which will result in more lost sales. The type of people who will want to buy this game give credence to the opinons of their techie friends demonizing drm will just see this as a headache and won’t buy the game. Next the negative ratings from amazon I imagine will result in more lost sales. They may not be the best measuring stick but from my own personal experience I often forgo cheaper items on amazon with low ratings in favour of more expensive items with consistantly higher ratings. So I can beleive that there are thousands of people out there looking at the ratings on amazon and deciding that they will won’t bother with this game.
Another loss of money is actually investing in drm. You’re paying an external company an
exorbitant amount of money for something that is just a barrier to the customer who just wants to get on with playing the game. You say it’s just to stop casual piracy but if it is why are you employing an external firm to install drivers, background services and maintain servers that lead to more techinical problems and bad press when a simple if statment looking for a file on the dvd will do. Why have it at all? Stardock doesn’t and they seam to be making a nice profit.
Speaking of bad press ye are yet again paying a small fortune on an army of pr people to combat the damage that drm has done to your reputation. I can’t help but think that if you didn’t implement drm this would be another expense that you wouldn’t write off. Do these companies like throwing money away. DRM results in more money paying for drm, technical support on drm, maintence on drm, bad press and pr armies to combat bad press.
What about your customer? How about respecting your customer enough by not making them jump through more hoops to use your product? Someone at Stardock made a brillant post about pc piracy and how pirates always manage to crack the drm. Which I have to admit is one of funniest facts about drm. It’s cracked just days after release and in the case of Spore it was cracked before it was released. But that wasn’t the point I was taking from his post. The point was that people who pirate your game have not bought it and weren’t likely to buy it anyway.
Now here is a point that should be seized on. Weren’t likely to buy it. People who pirate your product are not likely to buy it. Even if it isn’t cracked, they aren’t likely to go out and buy it. So you are implementing drm to protect your product from someone who isn’t going to buy it. And they will get to play it anyway because the drm is always cracked which just leaves you with a product that could potentially cause headaches for your customers and a lot of bad press.
I have a novell concept. How about giving your customer an incentive to actually buy your product. Drop the drm, keep the cd-key but expand on it. Firstly allow the product to be installed and played without it. But before releaseing a patch trawl though the warez sites for cdkeys and blacklist them in the patch. Then when launching the game after been patched check the cdkey against the blacklist. If the key is on the blacklist tell the user so and offer to sell them a legitimate key but tell details of where the key was found and provide a way to receive a refund or new key if they can prove that they bought it legitimately and someone has stolen it. If they haven’t entered a cdkey prompt for it and be nice about it and if they cancel offer to sell them a new key. But finaly if they have a legitimate key tell the customer you love them.
All games have community forums now. Enhance them. Provide an extra place for legitimate users. This should be easy to implement using the cdkeys. In the extra place have piority tech support. Q&A with the developers at least once a week. Prioritise bug fixes and implement features from requests in this area. Interact with your community and make the customer feel loved.
Give your customers an idea on how long you’re going to support the game. When you announce your profit vs loss on the game announce to the community what your plans are for the game. If you’re actually interested in your customers it shouldn’t be so hard to take a chunk of the profits to fix the bugs and offer new features. If you’re making a loss tell the community so that we at least understand why there is no support.
For anyone who pre-ordered Demigod they got an automatic invite to the beta. This I feel is a brillant idea. Not only do you give your customer a sneak peek at what you’re doing but you’re also collecting valuable data on what your user base wants. You’ve got an army of thousands finding bugs for your game not to mention offer ideas for improvements and extra features. This will greatly help polish the finished product.
Hardware considerations is very important for pc gamers. We all don’t have a Q9750 and 4870×2 crossfire setup. Take a page out of the Crysis team’s book. Build an atypical pc and build your application so that it runs on the highest settings on that. You shouldn’t be aiming for the hardcore section of the market is a fools idea. That’s less than 5% of the market and when you’re spending twenty two million dollars to develop a game you want as many people to be able to enjoy it.
For the most part stop treating us, your customer, like cows whom can milk when you like and ignore us the rest of the time. Treat us like the human beings that we are.
September 27th, 2008 at 9:07 am
I enjoyed the post you left on the Penny Arcade site, and have taken it upon myself to peruse some of the older posts in the archives. I must say I highly enjoy your style of writing. It has a hint of pseudo-research that is really more from personal experience than browsing through old Kotaku and Boing-Boing postings. It gives the whole blog a less generic, more personable feel.
My own feelings on piracy are still mixed, sad to say. I am very against pirating new games like Spore or Crysis, but I am usually more lenient when it comes to titles whose year of birth is “19XX.” Some would call that picking and choosing, but life is sadly full of hypocrisy in this way, where what would be immoral and unthinkable to a person one moment seems genuinely acceptable at some unseen marker of time. It’s nothing I am proud of, but rather something that is, frankly, just part of what I am.
On the note of the ‘pre-company-death DRM removal patch release,” it is my experience that that does not happen. I have a slew of games from one of my old favorite companies that went out of business a few years back, and the CDs are all worthless now. When it comes to piracy, as you have said, “It’s not the best solution, but it’s a lot easier to justify if it becomes, literally, the only solution.” Sad, but true.
September 27th, 2008 at 12:42 pm
That was actually the one stance I disagreed with the most in the entire article I’m afraid. There were actually a lot of good points, I especially agreed that it’s unlikely to be the priority of any company going out of business to suddenly think of freeing up their old games. However, the final point, about how it’s acceptable because somebody will have already cracked it?
I can’t get behind that. I do not agree with letting companies off the hook for hobbling their product and making someone else shoulder that responsibility of making them work again. I do not agree with driving up piracy statistics even more in order to play a game that was legitimately purchased. I do not agree that it is a ‘virtual guarantee’ that such things will even be available for the product that I purchased, nor should I have to depend on a 3rd party who can just as easily infect my PC with 100 shades of malware in order to provide my solution.
You state that “it’s not the best solution.” I state that allowing companies to proceed along this path because we even accept it as a solution is actually part of the problem. They have no requirement to fulfil whatever expectations we have of their products so long as we blithely accept that it’s not their responsibility, someone else might do that work for them. Justifying such action only lets them off the hook for providing one themselves, and is the reason why they’ll never bother to actually GIVE us one themselves.
The games industry cannot have it both ways. Either the crackers have no right to exist, and they decide to provide those solutions THEMSELVES, or they have no right to say that the crackers shouldn’t provide the DRM solutions that people are asking for. That is not the way the industry has gone, read any EULA and it’ll be spelled out quite clearly that you’re not allowed to alter any of the DRM that they installed.
It’s not just an imperfect solution, it’s not a solution period, at least not one that I’m happy to just accept. If games companies intend to have expectations of us to buy their products, then we have a right to expect a usable product, yes even 10, 20 years down the line. I expect nothing less from my DVD’s, from my books, from my music CD’s, I’m not happy to accept different from my games.
September 27th, 2008 at 6:06 pm
YOU GUYS JUST DON’T UNDERSTAND DRM KILLED MY ENTIRE FAMILY THIS IS SERIOUS BUSINESS FUCK PC GAMING
September 28th, 2008 at 11:38 am
Your post seemed relatively balanced, but I’d like to hear your thoughts on the actual validity of your iTunes example. Look at MSN Music (activation servers now down), Yahoo Music (same) and Walmart’s online music store (same on October 9th). That’s 3 large names that gave up on versus iTunes that’s still holding on. Doesn’t seem like a good reason to trust EA to keep their servers up.
To make things worse, as has been posted above, the install limit is absolute thus far, with no indication it’ll ever be lifted. So a game will stop installing after a limited number or it’ll stop doing so after a nameless exec at EA decides to save a few pennies, whichever comes first.
The worst bit of course, is that pirates now aren’t just competing on price (where they couldn’t be beat anyway), EA is essentially handing them the ability to easily provide a better product. This seems counterproductive, at best.
September 28th, 2008 at 3:36 pm
I’m not going to add to the brou-ha-ha here, but I wanted to correct you on something in your post.
“It looks like we’re at five activations per game now, up from three; that’s unlimited installs on each of five PCs, as I understand it”
An “activation” occurs and is used up when the game *detects* that is on a different PC. This might sound like a distinction without a difference, but depending on how their hardware profiling works, it is highly conceivable that changes made to the same physical box would be seen as a new PC, causing the game to re-authorize itself. It may require something large-scale such as a replaced motherboard to trigger, it may be something as small as popping in a stick of ram or enabling a virtual cd-rom drive, and as far as I know they have not disclosed how this works.
So, theoretically, yes: unlimited installations on 5 computers. In reality, things go wrong, upgrades happen, hardware failures occur, and you don’t always have a chance to de-authorize before they do.
Just wanted to point that out.
September 29th, 2008 at 8:19 am
I own a lot of computer games. I occasionally like to pull out an old classic and play it. I don’t routinely keep old games on my hard drive (except maybe Angband and Nethack), so recently, I reinstalled Sid Meier’s Alpha Centauri to have another go at it.
Under the Spore drm scenario assuming I buy Spore, how long do you think it will be before I won’t be able to play it? If the drm doesn’t allow me to still be playing the game 5-10 years from now, I don’t need it.