Capcom Releases DRM For Street Fighter 5, Promptly Rolls It Back When It Screws Legitimate Customers
from the sigh dept
It should be quite clear by now that DRM is a fantastic way for video game makers to keep people from playing their games. Not pirates, though. No, those folks can play games with DRM just fine, because DRM doesn't actually keep piracy from being a thing. No, I'm talking about legitimate buyers of games, who in example after example after example suddenly find that the games they bought are unplayable thanks to DRM tools that work about as well as the American political system. And yet DRM still exists for some reason, as game makers look for some kind of holy grail piece of software that will turn every past pirate into a future dollar sign.
This search for the perfect DRM continues, as we have just the latest story of DRM gone wrong. This story of the Street Fighter V DRM, though, is a special kind of stupid because it was put in place via a software update release, meaning that a game that worked perfectly one day was bricked the next.
The doodad was announced on Thursday shortly before the update rolled out. Capcom called it “an updated anti-crack solution (note: not DRM) that prevents certain users from hacking the executable.”
They continued, “The solution also prevents memory address hack that are commonly used for cheating and illicitly obtaining in-game currency and other entitlements that haven’t been purchased yet.”
This DRM that Capcom insisted wasn't DRM apparently set off anti-virus software for a ton of legitimate customers, triggered warnings from Windows security software, caused PC crashes for others, and even killed one person's new puppy. Okay, that last one didn't actually happen, but the rest did, and it's the exact sort of thing that DRM shouldn't do: screw those who actually bought the game. On top of that, it seems the update gave the game a rather deep level of access into any PC it was installed on, leading some to warn others off from buying it entirely.
As a result of the backlash, Capcom rolled back the DRM via another update pretty quickly, but one has to wonder just how many potential customers were lost in the meantime and how that number compares with the number of potential pirates that were turned into paying customers during that same time period. It would take more imagination than I have to dream up a version of reality in which the latter outnumbered the former, making this attempt at DRM a complete bust.
But, then again, they're all busts, really. So why are we wasting our time with DRM still?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: drm, legitimate customers, piracy, street fighter
Companies: campcom
Reader Comments
The First Word
“Not just the game
the "update" installs a self-signed driver (using a cert issued by Symantec). That driver has no security, meaning any program can bind to it, and it only has one function: to disable SMEP (an exploit mitigation feature which prevents the kernel from executing code in userspace), and then jumps to a user-provided function pointer.In other words, it gives anyone who cares kernel-level access to your computer.
All to prevent people from bypassing microtransactions
Subscribe: RSS
View by: Time | Thread
NOW you know why I only buy DRM-free games.
GOG rulez!
[ link to this | view in thread ]
"Honest, this /next/ patch won't crash your system like the last one, I promise."
And of course Capcom realized their mistake, apologized, and will never do something that stupid and anti-paying customer again, meaning that people can totally trust the next update Capcom throws out not to trash their systems, right?
Meanwhile in the land of eye-patches and parrots the cracked versions of the game continued to run without a hitch, interspersed with chuckles as the poor sods who paid learned the hard way that in the eternal game of 'whack-a-pirate' some companies insist on playing the pirates are pretty much the only group not affected, quite unlike the paying customers.
[ link to this | view in thread ]
Re: "Honest, this /next/ patch won't crash your system like the last one, I promise."
The (stated) purpose of the DRM was to avoid people playing online with cheats. Can pirates play on Capcom's servers, or is there a server-side way of detecting whether the player is running a modified copy of the game?
[ link to this | view in thread ]
Not just the game
In other words, it gives anyone who cares kernel-level access to your computer.
All to prevent people from bypassing microtransactions
[ link to this | view in thread ]
You know...
The more we see DRM on the level of rootkits, the more it becomes essential for people to use only cracked programs.
Crackers may go to jail for malicious code. The software producers tend to exclude that consequence in their EULAs.
[ link to this | view in thread ]
Between the rock and the hard place
Developers don't have a simple choice and most people don't realize taht differences in the game type make a big difference in strategy. This causes the rest of the world to lump the problems into one big heap of "bad".
Games that have multiplayer as the central feature can get away from DRM (in the true sense of limiting build copies) as the account can be validated when you log in. BUT if you don't have protection on the game code then greifers and cheaters find ways to ruin game play for everybody. Either they will hack in cheats to give them major advantages (and ruin the game balance) or take advantage of free trials to make a bunch of "burner" accounts that they will use to grief others. There are new systems that will kick out players that have stats that are "too good" (and likely using cheats) but those have to be carefully balanced or risk punishing players that are just really good.
Single player games that don't have multiplayer as the central feature will tend to rely more on DRM (to prevent unauthorized copies) as they don't have a constant check to validate the user owns the game like an online game does. Game Developers tried to innovate to find other ways to make money with micro transactions and DLC (so the base game becomes more of a loss leader/commodity) but the community doesn't like that either (it is hard to find the right balance).
Although each pirated copy doesn't equal a lost sale, when you realize that a good game dev is $100K+ a year, hiring a small team of 10 takes a lot of money so maximizing sales becomes critical just to pay the bills. Then add on the producers, managers and scores of QA you need to get a game to a playable state and the space to house them we are talking $$$. Now add in another couple of specialized developers to prevent game hacks, you get my point.
So in the end game developers and publishers have to rely on the goodness of people to buy the game while having to protect them by combating those that just want to grief others or get something for free. Do they get the balance off sometimes... yes, is it malicious or evil... probably not.
The video game industry has a LOT of innovation at all levels from marketing to game code to protecting the assets, gaming companies need to innovate just to survive in a crowded market. But like all innovation, some pans out as good and some is just bad. There are good decisions and bad ones in any company but gamers are a very vocal passionate group so any wrong doing becomes a spectacle.
My 2 cents.
[ link to this | view in thread ]
[ link to this | view in thread ]
No puppy killing from Capcom, but...
People will obsess over anything.
[ link to this | view in thread ]
Sorry about the DRM, legal customers.
[ link to this | view in thread ]
Re: Not just the game
[ link to this | view in thread ]
Re: Between the rock and the hard place
The professional game making industry is burdened by huge numbers of middlemen and publishers sucking things dry. According to your post, indie games should not be possible because there is NO way they could afford to produce a game without "scores of QA". The professional gaming industry is sawing off its own leg to save a foot.
EA, Capcom, Nintendo, Sony and all the other publishers needs to die, just like all of the MafiAA's out there in the media industry that do nothing but devise ways to bilk the consumers & artists out of as much money as they can.
I do not necessarily begrudge the people working in mainstream video games, but at the end of the day. Just like my day job. I work to make my bosses richer while I just make a living while also being fed a line of bullshit about costs that need to be cut on my end of the bargain while the execs waste money left and fucking right.
[ link to this | view in thread ]
Re: Between the rock and the hard place
DRM isn't going to prevent piracy or increase sales. It never has and it never will. Pirates gonna pirate, freeloaders gonna freeload.
What can increase sales is making a better game (take the time and money spent on DRM and spend it on something else) and making the game more available. If you release on Steam only, I'm not going to buy it. I won't pirate it either, but the end result is the same: you get no money from me. But if you release it on GOG, I will buy it if I like it. (Steam and GOG used for comparision purposes only; I'm not tied to either.)
You can't 'fix' the pirate gamers. But you can 'fix' the didn't buy gamers by giving them something they want.
Customers can survive without games. Games cannot survive without customers.
[ link to this | view in thread ]
Re: Re: "Honest, this /next/ patch won't crash your system like the last one, I promise."
[ link to this | view in thread ]
[ link to this | view in thread ]
Game of cheats
[ link to this | view in thread ]
Re: Between the rock and the hard place
Which DOES NOT work! Never has. So what's the point?
[ link to this | view in thread ]
DRM
I mean, from decades of Microsoft pushing 'mandated updates' (until your software no longer works unless you upgrade) to just general 'your time is up' on software you thought you bought, to 'oops, yeah, you bought that movie, but you can't REALLY put it on a 'media server', I've been there. Simultaneously watching as thousands upload pirated movies onto YT, pirated music onto the internet, TV shows, etc. - and nothing happens to them.
Yeah, the protocol shouldn't be 'DRM', it's 'PRF', programmable rape of the customer (pirates need not worry).
[ link to this | view in thread ]
Re: Between the rock and the hard place
If a product costs X to develop, manufacture(code), supply, advertise, and the revenue generated from selling that product < X, you don't make the freakin product.
If it's gonna cost $2billion to make a movie, yet the analysis shows you are only gonna make $0.5bill in revenue, you don't make it.
If a game costs $20mill, yet there are only 10,000 people in the world who will buy it, then you better make damn sure it's good enough that those 10k people will pay the $2000 per copy, or don't make it.
And, guess what? Of course you don't always know beforehand exactly what revenue you are going to get. There are too many variables (especially in an entertainment product - are people even going to like it?) to know exactly beforehand if it's gonna make enough revenue to cover it's costs let alone a profit.
That's the risk you take in business. Sometimes you lose, sometimes you win. The better your analysis of the market vs what you want to make, the more often you'll win.
If you want to make a profit you don't need DRM or anti-cheating/hacking code or whatever.
You need a GOOD product, that people WANT to use, at a price that enough people are willing to pay.
If you miss out on any of those points - sorry, it's not the customers, or pirates, or cheaters fault. Its the businesses fault. Either it was a crap product in the first place (nothing anyone needs, wants, or gives a toss about), or badly implemented (poor manufacturing, poor coding -- i.e. buggy , poor graphics design - crap visuals) or badly marketed (hey look, let's call our product an offensive name that noone wants anything to do with - or let's get Hitler as our spokesperson). And poor management for not performing a market analysis properly first.
Tell me, why is there free, open source products out there that even tho they are free, do actually generate money for some people? You get products where people like it enough that they donate enough to it that the developers make money from it. Or business that charge for value-added-services, e.g. RedHat makes money from the totally free, open source Linux operating system by charging for (and providing) support to those who'd rather pay someone than try to support it themselves. Or the writers who make money on speaking/academic circuits - people pay them stupid money to come to a conference to talk about their product or sometimes anything else.
No, if you aren't making money, you aren't good enough - either the management is bad, the analysts are bad, the producers are bad, the coders are bad, the marketeers are bad, the manufacturers are bad, or just the damn product is bad. End of story.
[ link to this | view in thread ]
Correction: That's the only thing DRM does effectively. It fails at everything it's supposedly designed to do.
[ link to this | view in thread ]
Use of DRM = Profit!
Otherwise... not so much.
[ link to this | view in thread ]
Re: Between the rock and the hard place
Which not only fails and screws legitimate players, but the entire industry somehow built itself without the internet and without reliance on DRM.
"maximizing sales becomes critical just to pay the bills"
True. So, why depend on something that not only fails to do anything of the sort, but actually helps to kill the industry as a whole. There's other factors involved, but I know more than one person who stopped PC gaming altogether following DRM debacles. It's true that consoles are hardly DRM free, but their DRM doesn't have the unpredictability and system-killing capabilities that poorly implemented Windows DRM does.
"So in the end game developers and publishers have to rely on the goodness of people to buy the game while having to protect them by combating those that just want to grief others or get something for free."
As opposed to relying on the goodness of people to buy a shoddy product that may not function at all? The non-DRM version is ALWAYS a better product.
[ link to this | view in thread ]
Re: Game of cheats
Big head modes, infinate ammo/energy/life/gold and so on. Sometimes it helps you learn new strategies, sometimes it lets you blow off steam, usually it is quite fun. It can even be funny, like my completionist friend not realising cheats in one GTA game prevented you getting past 99% completion. His reaction was priceless. XD
[ link to this | view in thread ]
Re: Not just the game
[ link to this | view in thread ]
Re: Re: Between the rock and the hard place
[ link to this | view in thread ]
Re: Use of DRM = Profit!
I worked for a company that made software used by mechanical engineers. It started at $20,000 a year and piracy was rampant. The company added DRM (a special USB key) and sales rose more than 30% in one year.
Now, because the keys are a bit of a pain, the software is all moving to the cloud where piracy is less of a concern. People can share logins, but that's a tiny problem compared to what they were experiencing.
[ link to this | view in thread ]
Re: Re: Use of DRM = Profit!
Hmmm... Not trying to be cheeky, but I wonder what the cause and effect there was?
"The company added DRM (a special USB key) and sales rose more than 30% in one year."
A $20k/year bit of engineering software with a hardware dongle sounds like something rather specialised and thus not particularly comparable to games. I'm guessing there wasn't exactly a lot of competition? Those prices and restrictions don't really work for a commodity nor something typically bought in volume. Dongles are a particular pain in the ass, and there's a good reason why most people look for other methods, and I'd wager that piracy wasn't completely stopped if there was enough of a market for it.
I also wonder how many problems were caused by that DRM for legitimate customers, which is part of the problem being discussed. Turning some piracy back into sales is good for you, but I wonder what the cost was to other businesses. How did the sales look in the years after that, by the way? I'd wager they probably levelled off rather than continue to increase at a similar rate, but I could be mistaken.
[ link to this | view in thread ]
Not the whole story
As explained above the thing was not actually DRM. It required no online communication and didn't even attempt to authenticate the source of any interactions with the program. In fact it did the exact opposite by giving kernel level access and bypassing smep to any program that interacted with it. Capcom used this driver to attempt to keep people from altering data values in the game like health or damage (hacking essentially) which could be used to either beat single player content or unlock items which had to be paid for by fooling the game into thinking you had bought them. It's worth noting that neither of these uses affected online play at all. Due to how online works if you hacked your health or whatever there all you would get is an immediate desync. Additionally some people were hacking to run bots online which was perceived as a problem even though bots were extremely rare and not doing anything illegitimate other than having very good reactions.
Some people extracted the code from this driver Capcom used and based on some code strings heavily suspect that it was simply copied verbatim from a malware site, tweaked a bit, and renamed Capcom.sys.
So, is it DRM? No. Is it literal malware? Oh yes. Thankfully it has been rolled back but I can't fault anyone for having second thoughts about purchasing a the game now.
[ link to this | view in thread ]
Re: Not the whole story
"Some people extracted the code from this driver Capcom used and based on some code strings heavily suspect that it was simply copied verbatim from a malware site, tweaked a bit, and renamed Capcom.sys."
Thus, thanks to the automatic nature of copyright, they installed an infringing product to try to prevent any abuse of their own product. The irony is probably lost on them.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Between the rock and the hard place
[ link to this | view in thread ]
Re: Re: Game of cheats
Sometimes I want to run around with UNLIMITED AMMO and bottomless clips like it was allowed in Halo Reach. Or even very low gravity with stupid high jumping. Let people have fun, try to avoid "dictating" what that fun is.
[ link to this | view in thread ]
Re: Re: Re: "Honest, this /next/ patch won't crash your system like the last one, I promise."
I asked the question in response to somebody who said pirates were unaffected. I think the question of whether pirates were affected *is* entirely relevant to the conversation, because the argument that DRM doesn't work is stronger than the argument that DRM is bad for customers.
If you don't know the answer to my question, that's cool, you don't have to answer. But don't tell me my question is irrelevant. Erecting a strawman instead of just answering my damn question is irrelevant.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Not the whole story
[ link to this | view in thread ]
Re: Between the rock and the hard place
Two: While I understand the importance of preserving balance in online play, there came a point in the development of this piece of software where a developer said "Let's disable the kernel's protections against arbitrary code execution."
You can dress it up however you like, but that's indefensible. Whether it's down to malice or incompetence, that is a completely unacceptable thing to do. The programmer should have known it, his boss who approved it should have known it, and the company should have a team of security testers who would know it.
I'm sympathetic to the importance of preserving the integrity of online play.
I am not at all sympathetic to any suggestion that this justifies disabling kernel-level security features on a customer's machine. Find another way to prevent cheating or don't prevent cheating at all; those are your choices. Deliberately weakening security without a user's knowledge or consent should never be considered an option.
[ link to this | view in thread ]
Re: Re: Not the whole story
[ link to this | view in thread ]
Buying a Bundled Game
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
And now my flatmate can't play the game anymore
As usual, this stuff just hurts the legitimate users.
[ link to this | view in thread ]
Re: Re: Not just the game
[ link to this | view in thread ]
Re: Re: Re: Not the whole story
[ link to this | view in thread ]
Re: Re: Not the whole story
By that definition, at a glance, I would have to say that indeed this does not look like DRM. Malware, definitely, yes - and if the company can push out an update such that you can't run (or newly install) the game without accepting the update which installs the malware, that's a problem of its own, which could indeed qualify as DRM. But the behavior of the code which was pushed out by this update does not sound like DRM to me.
(Examples of a mechanism which would qualify as DRM which would not fail that test would be interesting to me; if you know of any, please do share them.)
[ link to this | view in thread ]
All men are Socrates
[ link to this | view in thread ]
Re: Re: Re: Re: "Honest, this /next/ patch won't crash your system like the last one, I promise."
Doing right by those that PAY YOU is ALWAYS more relevant than anything else. When DRM screws over and alienates your last line of defense, the paying customer, whether or not pirates were affected is absolutely and utterly irrelevant.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: "Honest, this /next/ patch won't crash your system like the last one, I promise."
You could have just said "I don't know."
[ link to this | view in thread ]
Re:
Even better, is how the USB IF consortium deliberately didn't provide a serial port equivalent of UMS (hard drives) or HID (keyboards/mice/etc). It's no wonder that people just use the defacto standard. Reminds me of the old "NE2000 compatible" network cards.
[ link to this | view in thread ]