this post was submitted on 30 Nov 2023
1501 points (98.1% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55056 readers
186 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

They could have easily crammed the Steam Deck full of stuff to make it hard to use for piracy - locking down everything, making it usable only to play games you legitimately own, force you to go through who knows what hoops in order to play games on it. That's what Nintendo or Apple or most other companies do.

But they didn't, because they realized they didn't have to. It's 100% possible to put pirated games on the Steam Deck - in fact, it's as easy as it could reasonably be. You copy it over, you wire it up to Steam, if it's a non-Linux game you set it up with Proton or whatever else you want to use to run it, bam. You can now run it in Steam just as easily as a normal Steam game (usually.) If you want something similar to cloud saves you can even set up SyncThing for that.

But all of that is a lot of work, and after all that you still don't have automatic updates, and some games won't run this way for one reason or another even though they'll run if you own them (usually, I assume, because of Steam Deck specific tweaks or install stuff that are only used when you're running them on the Deck via the normal method.) Some of this you can work around but it's even more hoops.

Whereas if you own a game it's just push a button and play. They made legitimately owning a game more convenient than piracy, and they did it without relying on DRM or anything that restricts or annoys legitimate users at all - even if a game has a DRM-free GOG version, owning it on Steam will still make it easier to play on the Steam Deck.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (2 children)

Can they?

I'm an indie game developer (3 years at current company). Here's a brief summary of the anti-piracy/anti-cheat history we did -

  • We noticed people were uploading old versions of our games on 3rd party app stores, so we introduced a feature that makes the game refuse to start if it's on too old of a version
    • When we later updated the minimum SDKs, and older devices couldn't update, we had inadvertently remotely bricked a perfectly functional game on their device
  • To prevent cheaters from figuring out how the game worked, we removed all logging from the application
    • EVEN TODAY I spent multiple hours and an Uber to get my hands on a specific device that was having crash issues because whatever logs I could get remotely weren't nearly suffice to debug an issue
  • People were cheating Unity's IAP store, so we installed a plugin that validated IAPs.
    • IAPs took multiple more seconds to process, hurting legit buyers
    • The cheating metrics went down, but because fewer people were buying IAPs, our rankings tanked on various ad networks
  • Hackers were making modded clients, so we added obfuscation
    • This made our builds much more harder to debug, and adds yet another step in our build pipeline
  • Users were editing values in memory to give themselves more levels and beat the leaderboard
    • We manually banned them from the leaderboard. It takes like 5 seconds and happens once a week, not a big deal
  • Users were editing values in memory for more coins
    • It doesn't affect us in any way, at this point we stopped caring
[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

Given enough resources anything can be done. I didn't say it was gonna be easy. But I gotta say, probably easier to make "cracked" movies convenient than games.

To prevent cheaters from figuring out how the game worked, we removed all logging from the application

Why didn't you just encrypt your logs, and make your company the only one to have the key to actually read it? Or is there a risk of someone reading the data in memory before it gets encrypted and written to disk?

[–] [email protected] 2 points 1 year ago (1 children)

Encrypt your logs: exactly what you feared, and someone can just disable the encryption call or edit the key in memory too. Lots of ways to attack it.

[–] [email protected] 4 points 1 year ago (1 children)

For any game with online components, the "ideal" way to combat piracy or cheating is with leaving as much stuff on the server side as possible, not unlike an MMO. Anything left to client side validation will be hacked.

[–] [email protected] 1 points 1 year ago

Zachtronics games are single-player puzzle games with online scoreboards (a killer feature tbh). They validate your scores by uploading your solution to the server and running it.