Bioshock: Miss Misinformation

By Shamus Posted Monday Aug 27, 2007

Filed under: Game Reviews 41 comments

It’s amusing following the 2kGames forums in this BioShock DRM fiasco. The main spokesperson for 2kGames in the forums is “2KElizabeth”, a woman who has been sent out, unarmed, to face the pitchfork-wielding crowd currently beating on the gates of the 2kGames castle. She doesn’t understand the principles behind the fan backlash, she doesn’t know what SecuROM really is, and she doesn’t have the power to fix anyone’s problems. She just repeats what she’s told, and some of the things she’s been told are (at best) misinformation or (we hope not) outright lies.

Witness the thread where she flat-out claims that the BioShock demo does not contain SecuROM, to which someone replies:


That isn’t the only screenshot of this sort in the thread, either. And that thread is one of dozens. (On a further note, this and this are hilarious.)

At another point she says of SecuROM:

securom is not spyware, either. it is helping finish the install of your game, and so it is putting the exe properly on your computer, which is raising a red flag from your anti-virus software, but this is NOT a rootkit. we do not open your computer up to viruses nor are we looking for secret information or a backdoor to your admin settings.

(Emphasis mine.) See! It’s just helping! Nothing to worry about. Although, if it is just “helping” with the install, then one does wonder why the program wouldn’t just run once during install, instead of running 24/7 forever after.

It’s amazing to witness a situation where the publisher seems to know so little about what they’ve published.

EDIT: In the 2K forums and in the comments below there are links to articles describing why SecuROM isn’t a rootkit. But most of the people throwing the word “rootkit” around (myself included) don't have the technical savy to truly understand what secuROM is doing.

People are using the word “rootkit” to mean, “software which is installed in secret and which gives itself special rights and which can't be uninstalled”, because that sounds a lot like the last “rootkit” scandal. SecuROM does indeed do all of these things, even though it isn't a “rootkit”.

So, this is more of a problem of misunderstanding the term “rootkit”, not a problem with understanding what SecuROM is doing.


From The Archives:

41 thoughts on “Bioshock: Miss Misinformation

  1. Lee from Sheboygan says:

    And I was all excited about Bioshock, as well. Ah well. I probably wouldn’t finish it anyway.

  2. Telas says:

    Tonight only… live in concert…

    Bioshock and the DRM!!!!

    (feat. Rootkit)

  3. Redguy says:

    Hm, now I have a moral dilemma: I was planning to get Bioshock for my brand new X360, but now I’m considering wasting my money on something else instead. Even though there’s no DRM in X360 version (well… there’s this whole closed and locked hardware thing, but that applies to all console games), maybe it would be nice gesture of support to PC gamers? What do you think? Is there any community protest web site? Petition?

  4. RibbitRibbit says:

    Redguy: Not buying is not a gesture of support to PC gamers. Buying is a gesture of support to 2Kgames and their dubious business practices.

  5. InThane says:

    As someone who does understand rootkits, I will say that Securom is not a rootkit. The people who required it on this program should be taken out back and shot, yes, but it isn’t a rootkit.

    I’ve also completed Bioshock, and I will say it is the first game that made me tear up at the end. It is really that good.

    (I picked it up on Steam before the whole controversy boiled over, and just kinda said “the hell with it” at that point. Besides, I couldn’t really ask for a refund. :P)

  6. Deoxy says:

    Rootkit? Hard to say.

    Wikipedia’s definition of “rootkit” does make that point vrey debatable, and, while the Bioshock Wikipeida entry claims it’s not a rootkit, it references that same article Zaghadka just posted, and I don’t find that completely persuasive. Basically, it depends on EXACTLY how you define “rootkit”, and either way, it is at least skirting right up to the line.

  7. Dev Null says:

    Dude. Who _cares_ if its really technically a rootkit. Call it something else then if you like. It is a piece of software being installed on my machine which runs all the time, gives itself permissions I did not authorise, performs a function which is not the one I paid for, and cannot be uninstalled. If they made all of this clear on the package before you bought it then it would be part of the app you were paying for and you could chose not to buy it; the fact that they’re (still, apparently!) trying to hide aspects of this through misinformation should make it criminal.

    You call it what you like; I think I’ll call it shiteware.

  8. Deoxy says:

    All this crap… and they managed to keep the game from being cracked for…

    “wait for it…”

    less than 2 days. Morons. Why do they BOTHER?!?!? I really don’t understand. It has noticeable negative impact, and essentially NO positive impact. Don’t they understand that it doesn’t WORK? So why even pay SecuROM for their services (so-called), much less tick off their fan base?

    What do these companies get out of this? Not more money… ?

    Of course, one of my core beliefs is that all human beings, without exception, are stupid. It would be nice to find a counter-example, though.

  9. BigFrank says:

    It’s not a rootkit! (to the same tone as “It’s not a tumor!”).

    At least, not to the extent of the famous Sony rootkit fame. It doesn’t install at Ring 0, which would give it complete and unfettered access to even core OS operations, nor does it muddle with existing processes. However, it will cause issues with certain programs (such as Process Explorer, for some ungodly reason). I’d chalk that up to poor design rather than willful negligence.

    The fact that they used SecuROM doesn’t really bother me (I’m somewhat in that sort of field myself), nor does SecurROM bother me too much in what it does….BUT! The attitude of 2K Games in addressing this situation has been rather substandard, to my mind. Ignorance, downplaying, outright lies, veiled accusations….and extremely vague promises of dealing with the situation aren’t the way to handle customer service. I was laughing myself silly when one of the devs made a comment along the lines of ‘oh, the authentication server will be there in ten years’. A LOT of software companies have made such claims, and weren’t able to back them up. As such, I’ve got no interest whatsoever in buying it or any of their products. Fortunately, there are plenty of other games out there, so I don’t think I’ll be TOO upset at missing out on the fun.

    Dev Null: Same gripe I had with Splinter Cell Chaos Theory. It wasn’t until reading the EULA during install that you got the vague “software may employ techniques of copy protection” line in paragraph 23, section 5, index a, subsection 9. It wasn’t until it wouldn’t run due to my CD-ROM drive that I found out it had Star Force on it. And of course, since the sucker was already opened, EB wasn’t going to let me return it…except for another copy of the same thing, or as a ‘trade in’ at a drastically reduced value. Complete BS.

  10. Tim Keating says:

    SOME people have had a clue about this for YEARS:

    Brad Wardell is my hero.

  11. Eric the slacked-jaw yokel says:

    It’s because of times like these, is when i think consoles have a huge advantage, and what i mean by that is console’s don’t really have to worry about pirating. Don’t get me wrong it happens, but 95% of all console gamers are loyal to their favorite gamemakers that they could come up with a game thats pure garbage, and still buy it without trying to download a rom of the interwebs. Pc gamers are quite the opposite in my opinion, the game could be the best damn game of the year, well worth your fifty smackaroos, but instead opt to go for the free pirated copy. I don’t agree with what 2k did by puttin on securom, but at the same time should you not hold responsible the gaming pirateers just as much, because if they didn’t pirate as much as they do we wouldn’t be in this perdicament. Also I’m guilty of pirating games from the pc like a decade ago but i don’t anymore. I didn’t want anyone to think I’m some kinda computer saint.

  12. Agreed. I’m a game developer, and I’ve had my bad experiences with piracy. And I always assumed copy protection is a good thing, in moderation.

    And I still believe that. Keep Joe Gamer from sharing his full ownership rights with everyone in the office. That’s a good thing. Keeping the honest people honest is what it should be about. But I’m increasingly of the opinion that some of these schemes are actually encouraging piracy in the long run.

    It’s not about online registration, or the number of times you can reinstall, or registry entries that don’t get deleted on uninstall. It’s about the rights of the consumer.

    In my mind, it’s those rights that I’m purchasing when I shell out my money for a new game. But if you abuse me, erode those rights down to nothing, then what am I really paying for? My perception of what constitutes the “product” also shrinks, to the point where I can’t really see the crime in piracy. After all, if I’m getting nothing in return, what harm is there in paying nothing for it?

  13. Allan says:

    I heartily support StarDock’s copy-right stance, and I would have joyously bought Galactic Civilizations II , had it not turned out to be a shambolicly harrowing pile of rubbish, so I’ll still be approaching Sins of a Solar Empire with caution.

    Also though, this whole Bioshock situation has thrown me a bit. I remember reading Shamus’s earlier post about the uselessness of reviews, I remember thinking as I read it “Ah, not my PC Gamer UK, never steered me wrong.” But as this Bioshock DRM has stumbled into light I realised with horror that there was not a SINGLE mention of the uber-draconian copy-protection measures, not one. Not even a sidenote. Coupled with their decision to put World of Warcraft 1st in their top 100 games of all time I’m seriously considering ending my subscription.

  14. Dave says:

    yup.. humans are stupid.. they just have a language .. which makes it so they can seem smart by passing along information.. Humans are like domesticated turkeys.. dumb.. but willing to do whatever the other guy did just in cast that guy knows something… dumb.

  15. Eltanin says:

    Thanks for posting about this stuff Shamus. I don’t have time to follow the fun on the 2k forums, but I am very much enjoying your news updates about it. Please keep them coming as the fancy strikes you!

    I also loved your “Reviews are worse than useless” post. Spot on.

  16. General Ghoul says:

    Due to an incredible slow period at work, I have a lot of free time on my hands. I cannot believe how entertaining the Bioshock forums are right now.

    1. The fans who can get enough of the game no matter what, “An electric anal plug to play the game, where do I sign up.”

    2. The death to copy protection NAzis, “Its a rootkit, no its malware…”

    3. The peaceniks, “Please don’t fuss, I am sure they didn’t mean to lie about the game and there will be a fix posted shortly.”

    4.My personal favorite, “I just registered for this forum to say I’ll be pirating this as soon as I finish typing this reply!!” This IP has been BANNED.

    Its like a cyber soap opera, I can’t get enough.

  17. Thanks for keeping on top of this, Shamus. You’ve saved me the cost of the game.

  18. Epizootic says:

    Thanks for raising my awareness of this issue. I posted on the forums to ‘vote’ for dropping securom.

  19. Hawkehunt says:

    Although I don’t have anything to contribute on the rootkit debate, I would like to suggest that it’s probably not the greatest idea in the world to rely on Wikipedia definitions for serious issues

  20. Cenobite says:

    Isn’t this just a replay of the StarForce incident?

  21. scragar says:

    Can I just say that because of this SecureRom things I can’t even install it onto my computer, I run Ubuntu so apparantly wine protects me from SercureRom… On an intresting note I created a new partition, installed windows on it, installed then copied the files over and removed the partition with a lot of hassle, but I’m guarranteed to be free of it and without compramising my system or any risk. :P

  22. guy says:

    would it be possible to set it up so it would degenerate into unreadability if you tried to copy it from the computer hard disk? that might make piracy more complex without inconveniencing legit users much.

  23. steve h says:

    Rootkit is the wrong word. Trojan horse malware that installs a back-door into your system without notification or permission in violation of federal and state laws is the right word, but it’s a bit too long.

  24. Shinjin says:

    “Keeping the honest people honest is what [anti-piracy measures] should be about.”

    This statement baffles me. I’m hoping it was a typo. After all, if a person is honest, then there is nothing to fear from them as far as piracy goes. They already know what’s ok and what’s not. Adding measures to “force” such a person to “do the right thing” is insulting.

    And more to the point, its useless. The person is by nature honest and so by definition not going to pirate. Congratulations, you just wasted development time inserting code that will not even be used to protect you from your prime target pirate (the non-pirate) since they won’t even consider piracy in the first place.

    An analogy (albeit inflated). Honest citizens don’t steal, right? So let’s hire a cop to follow each one everywhere they go to make sure they don’t steal by accident.

  25. Corsair says:

    Has anyone who’s been whining about it actually played the game? I mean, you’re getting enraged about it, when the only people who really have any reason to be annoyed by it are the people who actually purchased the game. ‘Course, I’m sure some of you have decided to pirate it to ‘teach DRM and 2K a lesson.’

  26. James says:

    SecuROM aside, I can’t even play the demo on my machine. And I have a Radeon 9800XT! Downloaded the BioShock hotfix from ati, and still, nothing.


  27. Ian says:

    Corsair: Saying that people who haven’t purchased the game have no right to get upset is ludicrous at best (after all, not everyone owns a 360 and not everyone wants buggy, shady “protection” software installed on their system). BioShock is a damn good game ruined by an awful copy “protection” put into place for the PC version. I fail to see why people shouldn’t be bothered by that.

    And finally, don’t accuse people of piracy just because they don’t want to put up with that sort of bull. I, for one, want to actually own a copy of the games that I purchase and not have to be forced to authenticate them every time I install them. I also don’t want to lose my right to play the games that I shelled out $50 for should my hard drive crash or I forget to uninstall them before formatting my system.

  28. Ozy says:

    Shinjin, you’re misunderstanding the phrase, “Keeping honest people honest.” It’s an English idiom to distinguish the common criminal from the hardcore lawbreakers.

    For instance, suppose you have a nice lawnmower. Do you leave it out in the front yard over night, or do you lock it in a shed in your back yard? Most likely you lock it in a shed. But surely you realize that if someone REALLY WANTED TO, they could jump the fence, cut the lock, lift your lawnmower over the fence, and pawn it off despite your security measures. Nothing you would seriously consider doing can hope to stop a reasonably determined individual from taking your lawnmower, but that’s not what locked sheds are for: they’re for stopping the much more common individual who is willing to commit criminal acts when there is very little risk or difficulty. Thus, it may be said that putting your mower in a locked shed in your back yard instead of leaving it out front is a means of, “Keeping honest people honest.”

    As it relates to DRM, this might mean requiring that the disk be in the drive while the game is played or the use of serial numbers on jewel cases. These are both examples of DRM from before it was even called DRM that nobody really got all up in a tizzy about, even if the CD-in-drive thing was mildly annoying from time to time. This didn’t stop dedicated pirates, but it would stop the majority of people and that was enough. Thus, the difference in effect-on-piracy between no DRM at all and a little bit of DRM is huge, because it changes the cost of the crime from 0 to non-0. At the same time, the difference between a little DRM and a metric assload of DRM that takes up more space on the disk than the game has very little notable effect whatsoever because the people who were pirating the game before are still pirating the game now and are not so easily deterred. They are the equivalent of the fence-jumping, lock-cutting lawnmower thief from the explanation above, and the only things that can stop them are so ridiculous as to not be worth the effort. We’re talking, having an agent of the game company personally observe every disk sold at all times.

    Unlike with lawnmowers, an individual doesn’t have to have an extreme dedication to crime in order to steal software. They can just download it from someone who does. But even so, it basically remains true that, “Keeping honest people honest” will be far more effective and practicle than, “Stopping piracy.” Anything past that is an inconvenience to the aforementioned honest people and only serves to push them towards theft. After all, all games released in the past 10 years have been equally difficult to crack: Download game, download crack, play. The only change in difficult is with the crackers, and they probably welcome the challenge as much as anything.

  29. Corsair says:

    You’ve got a point. The copy-protection is annoying. But all these hypothetical situations are a little ridiculous. Yes, if 2K goes under, you’ll have some problems. On the other hand, by the time 2K goes under, there will be ways around it. The 5 installation limit is annoying, yes. But who really needs to install a game on five computers anyway? As for installation errors, like I said, by the fifth time you want to play the game, there will likely be ways around it. Besides, I’d really like to read Shamus’ review of the game.

  30. malfunction84 says:

    For 2K Games, the decision was simply between losing money to piracy or losing money to bad publicity. It’s a trade-off, and somewhere along the continuum of DRM invasiveness, they hoped to find the optimal value that would maximize sales. They chose… poorly.

    I guess we’re doing our part to make that bad publicity a reality. Here’s hoping the developer and the publisher don’t get conflated in the aftermath.

    I’m curious, Shamus: what would you do if someone purchased the game for you as a gift?

  31. Shamus says:

    malfunction84: Optimally, I’d return it and buy something less troublesome.

  32. Corsair says:

    I’d hate to see his expression. It’s against his principles, but it’s also System Shock’s successor.

  33. guy says:

    I still suggest making it unreadable if recopied to a CD, plus having it balk at being copied to a CD drive, by making it copy protected and imposable to install to a CD.

  34. Mari says:

    For the most part, I’ve avoided weighing in on this debate since I’m not likely to buy Bioshock with or without the removal of SecureROM, but I have been avidly following the news and discussions. A couple of points I have to make after reading this and the comments, though.

    SecureROM isn’t a rootkit. It is trojan malware. Malware is something most of us pay actual money to keep off our systems. It’s also booming business for cyber-baddies who develop trojans to give them access to computers they shouldn’t have access to. SecureROM certainly isn’t the only trojan out there. In fact, it’s becoming increasingly common to pick up nasty varieties of malware just from surfing by some website. Just like with the SecureROM bundled in Bioshock, you never gave permission for this crap to be loaded onto your computer just by hitting a webpage. The difference? You usually didn’t pay money to pick up the trojan from

    As for the anti-piracy debate in general, I have an illustration that might help explain things. When I walk into almost any chain retailer in the world, I am usually being observed not only by store clerks but also by camera surveillance for evidence of shoplifting. In addition, in most stores, merchandise is protected against shoplifting by means such as security tags that set off alarms at the door if they’re not disabled. I’m not warned of those things at the front door of the store. It’s been going on for so long that I simply know and accept that fact.

    But I remember a time when the world was young and I walked with dinosaurs when those things weren’t the case. And I remember when they started becoming accepted practices to keep me and my fellow consumers from stealing merchants blind. At first there were signs up everywhere. The signs were part deterrent themselves but they were also liability limiters. At the front door to a shop, I was warned that there were VIDEO CAMERAS watching me. I was warned that getting too close to the doors would set off the ELECTRONIC ANTI-THEFT DEVICES. After five or ten years, this became an accepted norm of retail shopping and the signs slowly went away.

    If, however, I walked into a store tomorrow and shopped then attempted to leave the store only to discover that the merchant has now instituted strip searches and cavity probes on every customer as a new anti-shoplifting measure and by entering the store I had agreed to said practice despite lack of warning, I have a right as a customer to be outraged. Strip searches and cavity probes are invasive personal procedures to which I would not have submitted had I been warned. Some people would have and that’s certainly their right. And if enough people had submitted to them, it would eventually become commonplace to undergo such procedures at every retail outlet. And in five or ten years, the warning signs would go away again because people would just know that strip searches were an accepted part of limiting shoplifting.

  35. Deoxy says:


    Generally, the vast majority of copy protection schems are cracked before they are even officially released. That it took 42 hours AFTER release for this to be cracked is actually pretty darn good… which is to say, considering the amount of grief gotten from paying customers over this, when it still made essentially NO difference whatsoever, trying to actually and completely stop piracy is STUPID. It is both a waste of resources AND bad PR (because of crap like this). There is no such thing as burlar-proof, either in the real world or the cyber one – the world’s absolute best burglar prevention systems are designed to delay the professional thief long enough for an actual person to get there and stop them, as that’s all that’s really possible.


    Ozy’s explanation is pretty good, but I’d say the saying actually came about from dealing with actual honest people who had fallen on hard times. That is, if you leave something valuable in plain sight, such that it can simply be picked up and walked off with easily, a desperately poor person, even one who is inherently honest, would be tempted by their dire need to take it. Even employing so simple a counter measure as a knotted rope to keep said article in place helps greatly with said temptation. Every countermeasure above and beyond said knotted rope is subject to a powerful law of diminishing returns – most 3-dollar-digit safes stop a professional thief for less than 15 minutes (usually less than 5).


    “As for installation errors, like I said, by the fifth time you want to play the game, there will likely be ways around it.” Meaning… it will be CRACKED? Yeah, nice – I have to go to a hacker to play the gam I paid for? Don’t think so. And no, this is not remotely hypothetical – I’ve made backup copies of patches for old games I like, because the “official servers” which used to give them no longer exist… you think authentication servers will last longer? You’re dreaming. (Examples: Master of Orion II, Heroes of Might and Magic 2)

  36. Shinjin says:

    “Keeping honest people honest.”

    Being American, I’m unfamiliar with many idioms from other cultures. So I think my misunderstanding of the poster’s intent is reasonable.

  37. RibbitRibbit says:

    Keeping honest people honest – should not IMHO include installing a proximity device with a combination lock on the lawnmower, whose activation code is known only to the guy that sold them the lawnmower, and that nevertheless malfunctions every now and then for no apparent reason. Said people will then dump the piece of crap and go buy a lawnmower that doesn’t have this “protection measure” and that they can leave on their front porch if it damn well pleases them.

    After all, it’s supposed to be their property, right?

    But as this is not my native language, I can’t say with 100% certainty what “property” really means in the English-speaking world anymore.

  38. Corsair says:

    Oh, please, Deoxy, like you’ve never gotten a crack for a game you acquired legally before.

  39. Lazuli says:

    For some reason I’m finding this debacle more amusing that annoying. It’s probably because I decided a while back that I wouldn’t purchase it. Mainly because if I were to purchase it, I’d spend all my spare time playing it to the point of not doing anything productive with my spare time. And possibly using up time reserved for important things like interaction with other people, eating, and sleep.

    Having recently upgraded my service from dial-up to DSL, I’ve eaten up a great deal of time delving through areas of the internet that would normally be prohibitive to dial-up by the mere fact of download-times. I’ve accidentally gone without sleep several times this month. Well, I’ve done that before with computer games as well, especially those with compelling storylines and good art. Now, if I were to apply my level of attraction to shiny things to Bioshock, I think it’s possible I might actually kill myself through self-neglect.

Thanks for joining the discussion. Be nice, don't post angry, and enjoy yourself. This is supposed to be fun. Your email address will not be published. Required fields are marked*

You can enclose spoilers in <strike> tags like so:
<strike>Darth Vader is Luke's father!</strike>

You can make things italics like this:
Can you imagine having Darth Vader as your <i>father</i>?

You can make things bold like this:
I'm <b>very</b> glad Darth Vader isn't my father.

You can make links like this:
I'm reading about <a href="">Darth Vader</a> on Wikipedia!

You can quote someone like this:
Darth Vader said <blockquote>Luke, I am your father.</blockquote>

Leave a Reply

Your email address will not be published.