Denuvo's Anti-Cheat Software Now Getting Ripped From Games At Record Speed Too
from the failing-upward dept
Remember Denuvo? Back in the far simpler times of 2016-2018, which somehow seem light years better than 2020 despite being veritable dumpster fires in and of themselves, we wrote a series of posts about Denuvo's DRM and how it went from nigh-uncrackable to totally crackable upon games being released with it. Did we take a bit too much pleasure in this precipitous fall? Sure, though our general anti-DRM stance sort of mandated dunking on a company that once touted itself as invincible. Either way, it started to get comical watching publishers release a game with Denuvo, have the game cracked in a matter of days, if not hours, and then release a patch to remove Denuvo entirely from the game.
Due in part to this, Denuvo eventually announced it would be shifting its focus away from producing DRM that didn't work to making anti-cheat software. So, how is that going? Well, let's take a look at Doom Eternal, a game which only a week ago added to Denuvo's anti-cheat software via an update.
Doom Eternal has only had Denuvo anti-cheat software for a week, and already Id Software has agreed to take it out following the backlash from some PC players. The anti-cheat software was added last week in Doom Eternal’s first major post-launch update and was aimed at curbing the use of exploits in its online multiplayer mode, specifically on PC. At the time of the update Id Software also said it would be more aggressive in banning players caught cheating and locking them out of all online content.
There were protests almost immediately. Some players complained that the anti-cheat software was setting off their virus protection programs’ alarm bells. Others took issue with the software requiring kernel-level access to their computers, fearing that it would leave them more vulnerable if the software was later hacked. Although Id Software tried to preemptively assuage players’ fears, saying that Denuvo anti-cheat is only active while the game is on and doesn’t take screenshots or scan file systems, thousands of players still took to review-bombing the game on Steam.
Now, review bombing kind of sucks as a rule, but then so does pushing out software that is as invasive as Denuvo's anti-cheat software after people had already purchased the game. In fact, given some of the security concerns and holes that Denuvo's software potentially opens up, one has to wonder seriously about liability here. Either way, you have to work really hard to get a bunch of online gamers for a wildly popular game to not want a tool to stop cheating in that game. And to that extent at least, Denuvo is a success.
For what it's worth, the folks behind Doom Eternal still want to tackle cheating, but perhaps do so in a way that gives players some more choice.
“As we examine any future of anti-cheat in DOOM Eternal, at a minimum we must consider giving campaign-only players the ability to play without anti-cheat software installed, as well as ensure the overall timing of any anti-cheat integration better aligns with player expectations around clear initiatives—like ranked or competitive play—where demand for anti-cheat is far greater,” Stratton wrote.
Whatever choice is presented, however, it appears that Denuvo will not be an option.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: anti-cheat, doom eternal, drm
Companies: denuvo, id software
Reader Comments
Subscribe: RSS
View by: Time | Thread
Who could have seen that coming...
Sell game that turns out to be wildly popular, that contains both single player and multi player aspects to it.
A good while after the game has been brought to market 'update' it with anti-cheat software that has complete access to the computer it's on, such that if it's ever compromised the hackers will have that same level of access to the computer and everything on it.
Require that software to be installed and running for the main game to load, even if it's only in single player mode, such that customers are forced into the position of 'let incredibly intrusive software run on their computer, or refuse and have the game they bought rendered unplayable'.
Yeah, can't imagine why they got backlash from that...
[ link to this | view in chronology ]
Re: Who could have seen that coming...
I dunno. Seemed to work out okay for Steam.
[ link to this | view in chronology ]
Re: Re: Who could have seen that coming...
Steam doesn't have Kernel level access to your system, Steam is very user focused and privacy focused, Steam offers benefits to their DRM and VAC system which offsets the negatives.
People like Steam as they are open, upfront, and don't expose you to serious risks like this does, Steam may have had a few exploits in the past, but they got patched, and got sorted, but none of them gave the attacker Kernel level access which is like being GOD!
[ link to this | view in chronology ]
With any luck, Denuvo won’t even be an available option sooner rather than later.
[ link to this | view in chronology ]
At some point in the future, we will need a different kind of DRM, not to stop consumers from copying, pirating or otherwise altering their software, but to stop publishers from adding rootkits or other malware to their games.
[ link to this | view in chronology ]
Re:
You don't need DRM for this. Windows just needs a better permissions model where you don't have to run as administrator all the time. Afterwards, you (hopefully) get a community that sounds the alarm whenever a non-system program (like a game) requires administrator access to install.
[ link to this | view in chronology ]
Re: Re:
Isn't the root of the problem that Windows already has a proper permission model, and customers are entirely willing to install software that bypasses it? There's lots of software that can be installed without privilege, e.g. by extracting a ZIP file. What can Microsoft do, other than denying everyone the ability to install software Microsoft didn't approve?
They could add better filesystem isolation perhaps, so a game can't access your financial documents. But this was a kernel-mode extension; by definition and by intentional design, it bypasses all those checks, because what hides your financial documents could equally well hide my cheating software.
[ link to this | view in chronology ]
Re: Re: Re:
Windows does not have a proper permission model. A proper permission model doesn't require you to give give something like a videogame admin privileges just to be able to install it.
And in my opinion, there is usually no legitimate reason why third-party software should ever be allowed kernel mode access at all. Where there is a reason to allow it, it will not be at the authority or expertise of a clueless user blind-clicking "OK" without reading the question.
[ link to this | view in chronology ]
Re: Re: Re: Re:
"A proper permission model doesn't require you to give give something like a videogame admin privileges just to be able to install it."
No, that's an issue with the software, not the OS. If the game is built in such a way that it requires admin-only kernel functions, it's not the OS's fault that it correctly allows you to run the installed as admin. If I install a package on Linux and it requires sudo to install correctly, it's not Red Hat's fault if you don't think that articular type of package deserves such access.
You can argue that it's a fault of the OS that it then allows the software to run as admin every time without further permission being asked from the user, but the issue here is games being designed to require admin control in order to use it.
[ link to this | view in chronology ]
Well, naturally. Hindsight, after all, is 2020.
... I'll get my coat.
[ link to this | view in chronology ]
I think what's happened here is more a branding failure than anything else. Denuvo is a toxic brand in the PC gaming community for its DRM shenanigans so Irdeto (the company behind Denuvo) has a lot to answer for here as they used that same toxic brand for anti-cheat (which is generally far more palatable than DRM).
Id Software/Bethesda aren't completely blameless here - a clear separation of SP and MP needed to happen before introducing anti-cheat.
Regarding the kernel mode driver, this is not a new concept with various other anti-cheat systems (including the ones used by PUBG and Fortnite) also doing the same thing and not even raising an eyebrow. Riot Games (League of Legends) is also doing the same thing with their in-house anti-cheat system which is being deployed with the upcoming release of Valorant. One of their anti-cheat team members provided a deep dive into the reasoning behind it in this post. https://na.leagueoflegends.com/en-us/news/dev/dev-null-anti-cheat-kernel-driver/
[ link to this | view in chronology ]
Re:
Kernel mode drivers have the keys to the kingdom on PC. Denuvo has very high profile if not infamy in the gaming world and as such it permanently under attack by hackers. That is a really bad combination when it comes to data security. Even if Denuvo doesnt mess with the files on its host computer, once hacked into, its kernel level access is the holy grail for any malicious hacker. Exploits to bypass copy protection or anti cheat software circulate rather fast giving even more exposure to people's computers.
[ link to this | view in chronology ]
Re: Re:
Cheats use any number of tricks to gain kernel mode access and abuse that to pass data to user-mode anti-cheat systems that looks like it's legitimate. The kernel mode driver is designed to verify that this hasn't happened.
Yes there will be concerns about vulnerabilities in the driver (as there are with any piece of software). For Riot's part, they've been very upfront about what they're doing to mitigate such concerns as per this ArsTechnica article. https://arstechnica.com/gaming/2020/04/ring-0-of-fire-does-riot-games-new-anti-cheat-measure-go-too- far/
[ link to this | view in chronology ]
Re: Re: Re:
Because Kernel mode is akin to being GOD!, a lot of people (Myself included) are always cautious when systems, services, applications, or games do this without being upfront about it.
[ link to this | view in chronology ]
Re:
"various other anti-cheat systems (including the ones used by PUBG and Fortnite) also doing the same thing and not even raising an eyebrow. Riot Games (League of Legends) is also doing the same thing with their in-house anti-cheat system which is being deployed with the upcoming release of Valorant"
There's several things to note here. First, all those games you mentioned are F2P, which obviously has different expectations to a full priced AAA title. Second, they are all primarily multiplayer games, whereas many would be playing Doom Eternal as a primarily single player title. Third, the titles you mention are heavily used in major e-gaming tournaments, whereas to my knowledge Doom would be a more casual experience for most players.
The Denuvo brand is indeed toxic for something that requires a great amount of trust on behalf of the player - especially as that trust has already been violated by applying the system after launch - but it's not exactly correct to compare them directly with those other titles.
[ link to this | view in chronology ]
Re: Re:
PUBG isn't free to play (at least not on Steam) but yes it is an MP game.
I just pulled this list of games that use EasyAntiCheat (one of the anti-cheat systems mentioned in that Riot Games post) and there's a number of AAA titles represented. https://www.easy.ac/en-us/partners/
BattlEye (another of the systems mentioned in that Riot Games post) also has a similar list on their homepage with a few AAA titles there. https://www.battleye.com/
[ link to this | view in chronology ]
It's more than that...
I believe the larger problem wasn't the anti-cheat software itself, even if it was created by Denuvo, it was how Id/Bethesda chose to implement it.
The developer either knew or strongly suspected that it would be unpopular with a significant portion of the gaming community. So, instead of including it at launch, where people would have known and potentially avoided the title for that reason, they tried to pull a fast one and add it post purchase as an update.
They got caught with their fingers in the cookie jar and had their hand slapped. Hopefully it's enough to prevent them from trying it again. At least in the near term.
[ link to this | view in chronology ]
Re: It's more than that...
It's more likely (especially given COVID-19 disruption really started kicking off around February/March) that the anti-cheat just wasn't ready in time for day one deployment. That left Id/Bethesda with two choices - delay the game again until the anti-cheat is ready (which would throw their marketing campaigns into chaos and annoy a larger contingent of their player base given the game had already been delayed once) or ship the game on schedule and deploy the anti-cheat post-launch (which would annoy some of their player base).
Historically, multiplayer hasn't really been a selling point of Doom games for a while now (and Id/Bethesda most likely had data on Doom 2016's multiplayer that backed this up) so the decision was made to focus on getting the game out there on schedule and let people enjoy the single player parts while the anti-cheat was polished for post-launch deployment.
[ link to this | view in chronology ]
online survey
In this post, I have been given all the information.
https://customersatisfactionsurvey3.home.blog/2020/03/05/mycfavisit/
[ link to this | view in chronology ]
There's a very easy way to make anti-cheat software (for online games).
Have the server fully validate input from the clients.
Thats what basically every networking protocol that doesn't inherently trust a remote client does.
[ link to this | view in chronology ]
Re:
Won't work if the chest is to expose information to the player that the player should not have. Some examples would be seeing through walls, maps showing locations of enemies, etc. Then you have cheats that send legit commands, but beyond human capability; aimbots for example. Plenty of ways to chest that wouldn't be prevented by mere data validation.
[ link to this | view in chronology ]
Re: Re:
Most, (but not all) of those are trivially addressed by spending few moments looking at the problem.
The biggest solution is: "Don't tell people information they aren't supposed to know yet".
I won't try and give every possible technical solution to every possible technical problem: but to list a few, it's not actually necessary to send info about other players until (approximately) they need to interact. The entire map doesn't need to be sent all at once.
Or another technical hint: some of the information could be pre-sent... but left encrypted: where the encryption key is sent when it become needed.
I will concede though that attempts to prevent bots are resolvable as currently framed. For example: I could make a 'usb keyboard' that inputs all the commands I want... I could even hook it up to a video parse of a webcam viewing the screen, and there's no way to stop it: even kernel level access can't stop that. However that's obviously extremely difficult (especially the webcam parsing bit, making an input device for quick 'macros' is fairly easy, in fact many gaming keyboards already include that functionality). You can only do stuff to make bot-ing a bit more difficult.
My point is: The problem this (and most other) "DRM" (and this anti-cheat is a form of DRM) is trying to solve is "how to trust a thing controlled by a adversary with out taking away the adversaries control of it", it's an unsolvable problem (hence why Intel is building hardware backdoors into their CPUs... and then finding out that human error is preventing them from always working correctly).
[ link to this | view in chronology ]
Re: Re: Re:
A large problem with this is latency.
If the client has the information, it can pre-calculate images, icons, terrain, etc. But as has been said, that information being in the hands of the client renders it exposed.
Contrarily, the host can do the calculations, but it then is bottlenecked by the bandwidth and computation resources. Either way, you're waiting one round-trip to the server. Of the server was supposed to do pre-rendering as well, then you have transmission issues as well. Yay.
[ link to this | view in chronology ]
Re: Re: Re:
If it's so trivial, what is your explanation for why cheating still occurs?
[ link to this | view in chronology ]
Re: Re: Re: Re:
because the publishers haven't bothered looking at the problem. the client needs things like terrain data and character models in advance so they don't need to be loaded during the game, but it does not need the coordinates of characters on the other side of the map. all the server needs to do is withhold those and wall-hacks would be a thing of the past
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Did you read that somewhere, or just make it up?
[ link to this | view in chronology ]
Now, review bombing kind of sucks as a rule
I suppose, but there isn't really much else people can do. People have bought/licensed a product and then had the goal post shifted greatly. How else are people supposed to express their appointment/distrust? Especially when steam are actively refusing refund requests eventhough this was added after release and there is not information beforehand to say this was going to happen. Also the doom games have been a largely single player experience with multiplayer tacked on as an afterthought. (don't misunderstand me, im sure its great but the focus is the single player campaign).
In truth, I think review bombing is a last resort of customers who aren't being listened to or even informed of decisions that directly affect them.
[ link to this | view in chronology ]
Re:
appointment should've been disappointment
[ link to this | view in chronology ]
Anti-cheat
In the end, there's little you can do against a determined cheater. That's why tournaments generally have systems setup by the tournament and overseen by actual people - it's the only real way to eliminate virtually any kind of cheating. At some point, you have to ask if alienating the customer is worth getting cheaters. Perhaps the way to go is something more like enticing cheaters away from the normal servers - have server specifically setup for cheaters... allow anything at all and proclaim the winner there as the best cheater. Let the cheaters compete to see who cheats the best.
[ link to this | view in chronology ]
As far as i know, Burnout Paradise Remastered has never been cracked.
[ link to this | view in chronology ]
Re:
I found it on Skidrow/Reloaded in about five seconds with a Google search. It's been cracked. Dunno how quickly it was cracked, it's been cracked.
From what I've observed, a game not getting cracked is usually more indicative of the game not being a particularly popular game, more so than the difficulty of the crack.
[ link to this | view in chronology ]
Re: Re:
I saw a bunch of references to a cracked version, but they were always on forums that wanted you to register, or install their software or the links just sent you to scam sites. Also, I couldn't find it on The Pirate Bay, which is strange if an actual crack exists, because EVERYTHING gets uploaded there.
Not according to the Crack Watch site;
https://crackwatch.com/game/burnout-paradise-remastered
There's also nothing on any of the scene release databases I checked. I saw one entry for the PS4 version, but that was it. There were copies of just Burnout Paradise for Windows, but that never had most of the DLC ported to it.
[ link to this | view in chronology ]
Re: Re: Re:
At some point it's surely easier to realise that not everybody shares your unique obsession with that game and just buy a copy?
[ link to this | view in chronology ]
Re: Re: Re: Re:
I'm using it as an example because it's the one relatively recent game I'm actually interested. I'm sure there are others.
People always say that the pirates will preserve everything. This is proof that they won't. The Windows release of the remastered edition is digital download only and requires activation. Which means that you can't "buy" it in any meaningful sense of the word.
Without a pirated copy, the Windows version will be become a lost game in a few years when the music licenses expire and the game has to by pulled from distribution.
Not that the console versions are much better, since they all need patches which can only be obtained by connecting the console to the company's network. At least a fully patched version of the original with all the DLC seems to exist for the Xbox 360, so there's that.
But this isn't just about this one game, it's about the fact that digital distribution combined with online activation and tying games to online accounts for life will render whole libraries of games unavailable in the future.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
"People always say that the pirates will preserve everything. This is proof that they won't"
No, it's proof that they haven't bothered yet, or at least that they haven't in place you thought of looking. By the way, in your previous conversation about this, weren't you specifically whining that you didn't have a PC capable of running it?
"Without a pirated copy, the Windows version will be become a lost game in a few years when the music licenses expire and the game has to by pulled from distribution"
Huh. So you did finally grasp the concept I was trying to repeated get through to you.
"But this isn't just about this one game, it's about the fact that digital distribution combined with online activation and tying games to online accounts for life will render whole libraries of games unavailable in the future."
This is indeed a problem, but not a unique one. As I was telling you before, you only just noticed it because licence expiry in the digital world means blocked from sale, rather than just blocked from re-release.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Even if I can't actually find a location to download a copy of a particular pirate release, when one exists, evidence of that release isn't too hard to find on the net. There are multiple databases that catalog such releases.
No, I stated that my current system won't run it. That doesn't mean that I will never have a computer capable of running it. Years ago, a new close-out style store opened up near here and they initially had a ton of computer games, all for $5 each. I bought a bunch of them, even though I knew my system at the time was too slow to run some of them at an acceptable framerate. I even bought some DOS games that I was unable to get working until I had a system fast enough to run DOSBox at an acceptable speed. I've also downloaded and archived freeware games that require newer versions of Windows, just so that I'll have them when I eventually get a newer system.
I just figured I'd throw that in there. There can be other reasons for a game to become unavailable, including the publisher not considering it worth their time to keep offering and supporting it. However I know that all the Burnout games past the first two have included a bunch of licensed songs.
No, I've been aware of this problem ever since online activation reared its ugly head. Someone once offered me their used copy of Half-Life II. They played it and moved on to other games. I couldn't use it of course, because it was already tied to their Steam account for life. I would have to install Steam (something I don't want) and "buy" a copy, even though I'd have the physical discs sitting in front of me.
In fact, before buying a used copy of the original Half-Life (GOTY edition with Opposing Force and Counterstrike), I contacted Sierra and asked about online play. I was informed, that even though I might have a fully legitimate physical copy, I would have to pay for a new license, at full price, to be able to play it online. I told them to go screw themselves and only ever played the single-player campaigns. In fact, it might be that experience that soured me on the whole online, multiplayer experience in general, as I've never bothered trying to go online with any other games.
[ link to this | view in chronology ]