PlayNoEvil Game Security News and Analysis wrote an interesting post regarding DRM as a broken system. Microsoft’s Digital Restrictions Management for Windows has been defeated. Again. Nothing too newsworthy about it.
What’s interesting is the following statement:
In fact, as I’ve noted before (repeatedly), DRM is built on a flawed model.
Traditional cryptographic security systems are designed to heal themselves to protect new data. This is completely inconsistent with the underlying model that content protection is built on – the protection of existing data.
This article isn’t bashing Microsoft specifically. It’s pointing out the flaws in a system that is not well designed to do what it is supposed to do. Food for thought if you are one of those people who still believe that copy protection is a “vital” part of game development. If DRM isn’t actually doing a good job of preventing copyright infringement, and it frustrates your paying customers, why use it?
It seems that using regular copy protection techniques will be much more effective than anything that resembles DRM.
2 replies on “So-Called DRM is Fundamentally Flawed”
So, what are the options? How can we protect games without DRM?
Tim, as the author of the article states, conventional private key works better. It may not be ideal, but DRM is clearly far from ideal. Why continue to use a restrictive, anti-customer, impotent means of protecting your data?
Developers and publishers have more options than using an implementation of a flawed model. I can’t pretend to know of all of them, but if you assume that your games need to be protected, you do have other options that probably won’t frustrate a paying customer.
After all, how would you feel if you just paid good money for a game that requires you to jump through hoops and give up some privacy, only to see that a cracked version of the game is available that removes those annoyances? Some people use hardware locking or require dongles, but any DRM system is invasive. Imagine how much repeat business you can do when your customer finds out that they are being punished with incredibly annoying DRM in exchange for their money while others can get away without paying for software AND have it easier.
What kind of incentive did people have to continue purchasing music CDs after Sony’s rootkit debacle was made public? No one saw what happened and thought, “Ooh, more for me, please!”
Some companies do well with separate demo and full versions. Others use ad revenue from web games. Still others use regular registration keys. I think that developers will really need to analyze what it is they are trying to do with copyright protection and what they are willing to pay for it in terms of customer goodwill and support costs, among other considerations. Unless you’re actively trying to frustrate paying customers and don’t care about protecting your game, you should avoid DRM since it won’t do what you want.