You might remember that this column used to cover DRM stories a lot. I eventually stopped writing about it because nothing new was happening: Publishers were making the same mistakes again and again, and there are only so many ways I can discuss it before my thesaurus runs out of synonyms for “dumb”. But recently there’s been a new twist in the war between the publishers and the pirates. Ironically, it was a brief success on the publisher’s part that showed just how much of a waste of time the whole thing is.
This time around the story is about the Denuvo anti-tamper system. People are calling it “Denuvo DRM”, but that’s kind of misleading. By itself, Denuvo doesn’t do anything to prevent people from copying your game. It simply prevents them from reading or altering your executable. (When you run a game, the “executable” is the thing that runs.) Basically, it’s a shield to protect your DRM.
Story time: Right around the turn of the century, I was working for a technology company that tried a system that worked this way. It was probably very primitive compared to Denuvo, but it had the same general idea of scrambling the exe to prevent tampering. We weren’t trying to keep people from pirating our software (which was free) but just trying to stop them from altering the game in order to cheat against other players. There was a software company that promised us they could scramble our executable to make it “impossible” for people to hack it. They offered us our money back if the system was broken. (And keep in mind, this was enterprise-level software. We’re not talking about a hundred dollars here.) I think it lasted a week before the kids cracked it wide open and modified versions of the game were floating around again.
The problem is that it’s impossible to scramble an executable in such a way that it can be run, but not tampered with. That’s like me trying to give you a book that you can read but can’t see. It makes no sense. I’ve said before, it’s impossible to make unbeatable self-contained DRM. (By “self-contained”, I mean you don’t have to log in to play. It’s possible to make a game un-crackable by saving all the gameplay to a server. But that’s a totally different set of problems.)
But while you can’t make something impossible to crack, you can make it really annoying, time-consuming, and difficult to do so. And that’s what Denuvo did. It survived for months. It was first used in FIFA 15, and then in Dragon Age: Inquisition. It was finally (reportedly) broken last week. Note that I’m going by forum posts here. I don’t crawl around in pirate sites and I don’t follow the community closely, so this information could easily be out-of-date by the time this article goes live.
Ironically, the fact that Denuvo did so well gives us proof that DRM is useless. There’s always been that excuse, “Well if we could just make a system good enough it would solve all our piracy problems.” Here we had a system that was – as far as anyone could tell – good enough to stop pirates for months. And the result? Not much. Nothing changed.
I know I’m always accusing publishers of being run by people who are unqualified to run technology companies, and it’s because of stuff like this. In particular, Ubisoft and EA feel like companies that need to send their executive team to some kind of remedial information technology class. (Contrast this with, say, Activision. I really hate how they run their company, but Kotick’s team seems to be technologically literate.)
There’s a list of excuses people make for DRM or for why publishers use it. Let’s run through them:
1. Since 95% of players are playing pirated games, then DRM has the potential to make a game twenty times as profitable! Publishers HAVE to try.
I think Denuvo has proven this wrong once and for all. FIFA wasn’t just piracy proof for months, it was piracy proof in a scenario where nobody had any idea how long it would take to crack. (And to be fair, I haven’t found any confirmation that the person who cracked Denuvo on Dragon Age: Inquisition has gone back and cracked FIFA. It’s possible FIFA is still safe.) Everyone who was willing to pay for FIFA, did so. And FIFA has very predictable sales, year-to-year. Did FIFA suddenly sell twenty times as much? Or even double? Did sales increase at all? I doubt it. If the publishers wanted to stop being so secretive with their sales numbers they could shut me up by showing there was some magical spike in sales between FIFA 14 and FIFA 15 on the PC. If there had been a significant rise in sales I’m sure they would have been bragging about it.
The same goes for Dragon Age: Inquisition. It’s doing well, but it’s not a massive record-breaking success. Piracy isn’t stealing 95% of sales. We’ve been shouting this at publishers for ages, but Denuvo gives us the sales numbers to back it up.
2. Publishers claim DRM is there to fight piracy, but it’s really there to kill the second-hand market.
Okay. But Steam already accomplishes this. Why would publishers waste time and money adding additional DRM to Steam games? Moreover, the second-hand PC market is dead now. None of the big chains take PC titles in trade. Why fight against something that no longer exists?
3. Publishers know that DRM doesn’t work, but they put it there to appease stupid shareholders.
I’ve never liked this excuse. I can believe there are shareholders who care nothing about what a company does, as long as the stock goes up. But this idea requires us to believe that a majority of stockholders know enough about the games industry to be aware of piracy and DRM, but are then too ignorant to understand why DRM doesn’t work? They have to be just smart enough to understand what DRM is but too stupid to comprehend that DRM is a bad idea if the company leadership explained it to them? That is a very specific level of dumb, and I have a hard time believing that a significant percent of shareholders would fall into that narrow band.
And anyway, “The shareholders are demanding I do something sub-optimal” is the worst excuse in the world. If you’re put in charge of a multi-billion dollar company then it’s your job to make smart decisions and justify them to skeptics. If you can’t justify not using flawed, unworkable DRM that creates bad press, then you aren’t qualified to run a company that big.
4. The DRM isn’t there to stop pirates forever. It’s only there to protect the first few weeks of sales.
This is probably the best of the excuses. Still, if this really is the only reason to use DRM, then why not patch the DRM out once the game is done selling? One of the big complaints about DRM is that it kills games. Years later you go back to play an old favorite and find that the DRM system doesn’t operate on a new version of windows, or the activation servers have gone down, or whatever. If a publisher removed the DRM after the initial week of sales, then they would get most of the benefit without the long-term costs of maintaining the DRM. (Assuming that there is some benefit to sales. If there is, it must be so small that it can’t be easily measured. We don’t see any kind of link between games with “good” DRM and games with high sales.)
Even better, removing the DRM a couple of weeks after launch – and before the game gets cracked – would really kill the fun for the crackers. Who wants to crack a game when it’s now available DRM-free? You would deny the pirates that big moment of publicly celebrated triumph when they finally slay your latest challenge.
Wrapping up…
It would be one thing if DRM was free. But Denuvo costs money to license. Then you also need to license a DRM scheme. And then you need to spend development time integrating them. And consumers hate DRM. And DRM always carries the risk of additional bad press if it malfunctions. And for what? There’s no upside. The temporary success of Denuvo proves the entire idea is a failure. DRM can’t work, and even if it could, it creates new problems without benefiting the publisher or the consumer.
I can accept that publishers aren’t perfect. Everyone makes mistakes. But to make the same self-destructive mistake, over and over, for a decade? And to do so while tens of thousands of customers keep explaining what you’re doing wrong? That’s not a mistake. That’s willful ignorance.
Shamus Young has been writing programs for over 30 years, from the early days of BASIC programming in the 80’s to writing graphics and tech prototypes today. Have a question about games programming for Shamus? Ask him! Email [email protected]