This Dumb Industry: Denuvo and the Death of Piracy

By Shamus Posted Tuesday Jun 20, 2017

Filed under: Column 177 comments

For over a year people have been requesting that I weigh in on Denuvo, the fancy new DRM that has all the publishers excited. What is it? How does it work? How effective is it?

DRM used to be a major part of my writing. I still care about the issue, but I eventually stopped talking about it because I ran out of things to say. You can only write the “Inconveniencing your customers in an attempt to harm people who are not your customers is a stupid idea” rant so many times. I made my case. Nothing changed. End of story.

I wanted to wait to comment on Denuvo until I had something concrete to say. I figured sooner or later we’d have answers to some of the questions I posed above. But even after all this time there doesn’t seem to be much of a consensus.

What is it?

Why make a better padlock when we can just make it EXTRA illegal to open crappy ones?
Why make a better padlock when we can just make it EXTRA illegal to open crappy ones?

The term “Digital Rights Management” is such a deviously constructed bit of PR. It sounds like a good thing. “Digital Rights”. Those are good, right? But calling anti-copying software “Digital Rights Management” is like calling prison “Freedom Management”. It’s technically true, while also being a pretty good example of real-world doublespeak.

In the case of videogames, DRM is any system intended to “manage” (limit) what you can do (your rights) with the software through various software tricks. The argument usually goes something like this:

This DRM system makes sure that you can’t pirate the game.

But now I can’t make backups of my software! And it’s really inconvenient!

Sorry, but we need this system to stop pirates.

But (vague reference to court case) guarantees that I have the right to make backups for personal use!

Actually you gave up that right when you broke the seal on the package / clicked “I Agree” on the EULA.

By that logic, any consumer right could be negated at any time by any company, simply by making waiving that right a requirement for using the product.

These measures are helping us fight piracy.

But it doesn’t stop pirates! Games are always available to the pirates, sometimes even before launch!

By the way, even if you DON’T accept the EULA, you can’t return the product.

This is bullshit!

Thanks for being a valued customer!

The argument reached this stalemate roughly a decade ago, and it’s been stuck there ever since. It wasn’t until Denuvo showed up that the landscape began to change.

Denuvo is DRM. No wait, according to other people it’s not DRM, but instead it’s a wrapper for DRM to protect it from tampering. No wait, according to the Wikipedia page it’s both:

Denuvo Anti-Tamper, or Denuvo, is an anti-tamper technology and digital rights management (DRM) scheme developed by the Austrian company Denuvo Software Solutions GmbH, a company formed through the management buyout (MBO) of Sony DADC DigitalWorks.

Whatever. For the purposes of this discussion, it’s DRM.

How Does it Work?

Metal Gears. Solid.
Metal Gears. Solid.

That’s an excellent question. This Reddit thread begins with someone who claims they’ve studied Denuvo. They say it is specifically NOT “shrink wrap DRM”. (More on that in a minute.) Instead they describe it as a system where certain non-performantParts of the code that don’t need to go fast. parts of the code are removed from the executable. When you activate the game, you are given the missing bits of code. However, these are specifically engineered to only work on your particular make, model, and revision of CPU. There are thousands of CPUs out there, which means that if you uploaded your build of the game to the torrents, only people with the exact same CPU thumbprint could run it.

But then the top reply to that post is another person, claiming this is all nonsense. They also have studied Denuvo and they insist it works differently. They claim that, “It uses a modified version of VMProtect 3 to virtualize many game functions, and a custom library that’s different from VMProtect’s for anti-debug, initial game decryptions as well as to implement some SDK features that lets the game check if it has been unpacked (known as “triggers” in older protections). Before running game code, it will call a DRM library which is specific to the underlying platform, such as Steam or Origin and others.”

That’s two different people making opposing, yet highly technical and very specific claims about how Denuvo works.

The Chinese pirate group 3DM has also worked on Denuvo. (And even cracked a version of it in 2014.) They claimed that the technology involves a “64-bit encryption machine” that requires cryptographic keys unique to the specific hardware of each installed system. That sounds like “shrink wrap DRM”, which contradicts both of the previous claims.

I obviously have no idea. The most likely cause of this confusion is that Denuvo takes many forms. It’s evolved rapidly over the years, and perhaps each of these people have encountered different versions of it. It’s also possible that Denuvo has many different “products” they license to developers at different price points, and each DRM product is a little different.

Shrink Wrap DRM

I'll bet this is SOMEONE'S fetish.
I'll bet this is SOMEONE'S fetish.

“Shrink Wrap” isn’t a specific DRM technique. Instead it’s a style of protecting software from tampering. It means you make standalone software, and before you deploy it you feed the executable (and maybe some other assets) into the DRM-O-Tron and it will spit out a version of the program that (in theory) is difficult to modify. The point being that your developers can wrap their program inside of the anti-tamper system without needing to add the DRM crap to their source code or complicate development.

I’ve mentioned before that I used to work at Activeworlds. Back in 1998 or so, we had a problem with people hacking the client. Since a lot of the netcode had been designed in the naive, pre-dystopian internet of 1994, we had the unfortunate problem that the server always trusted the client. When someone sent a chat message, the client would send the text of the message, along with the user’s name. The server made no effort to make sure that the person supposedly sending the chat message was the same as the person’s account name. So you could hack your client to change how your name was displayed to other users. This means Bob could log in with his hacked client and begin typing chat messages that would appear (to other users) to be coming from Alan.

Now, this didn’t mean Bob had stolen Alan’s identity. Bob didn’t have Alan’s rights or powers. If Alan was an admin then his chat messages would appear in bold. If Bob impersonated him, Bob’s fake messages would not be bold. Still, this was a source of trouble for some time. Someone would drop into a densely populated area and begin putting words in other people’s mouths. A few racist slurs and threats was all it would take to turn a polite discussion into complete chaos and a bunch of complaints against people who hadn’t done anything wrong.

This is just one of many problems with the server trusting the client. Some of them could be fixed by making changes to the server, but some of them couldn’t. Eventually we decided to try to stop the troublemakers by using shrink-wrap anti-tamper software. I forget the name of the product we usedI wasn’t on the full time coding staff yet, so I didn’t use it directly. I was still on the art team and authoring tools., so let’s say it was called WidgetProtect. WidgetProtect promised that our software would be 100% tamper-proof, or our money back.

The hackers cracked it in two days.

We did not get our money back.

Their developers worked with ours for a few iterations, trying to tighten things up, but it was a lost cause. I’m pretty sure WidgetProtect just scrambled the executable on the disk, and then un-encrypted it into memory when the program was run. That’s hilariously primitive by today’s standards, but at the time it was good enough that the WidgetProtect guys thought they were unbeatable.

So How Good is Denuvo?

The best security system in the world won't help you if your guards leave the stupid door open.
The best security system in the world won't help you if your guards leave the stupid door open.

Once again, it depends on who you ask. In January 2016, cracking group 3DM warned that by 2018 games would be un-crackable. In the decades-long arms race between crackers and DRM, the DRM was finally pulling ahead. While it’s still true that unbeatable DRM is impossible, it is possible to make DRM so tedious and time-consuming to break that it’s no longer worth the effort. It took two and a half months to crack DOOM last year, which is enough to protect a game for the majority of its sales and relevance.

On the other hand: A few days after DOOM was cracked, Inside and Rise of the Tomb Raider were cracked using the same technique. So maybe the arms race is on again?

Obviously to answer this question you’d have to study the problem. But as the conflicting reports demonstrate, even supposed experts can have wildly different opinions on how things work and what is and isn’t possible.

While I haven’t been able to answer anyone’s pressing questions about Denuvo and how it works, I think the whole thing has been very illuminating for gaming culture as a whole.

What Have We Learned?

I gotta say that's some badass math for a bunch of kids to tackle with crayon and construction paper.
I gotta say that's some badass math for a bunch of kids to tackle with crayon and construction paper.

For a long time publishers hit us with dire claims about how 90% or even 99% of game copies were pirated. We were told that piracy was destroying the industry and causing a huge loss of income. Many of us were skeptical about this rhetoric, but it wasn’t the sort of thing you could disprove.

But now we’ve had several AAA games arrive on the scene and remain safe from piracy for months, and it’s pretty clear that the dire claims were just as ridiculous as we suspected. Game profits have not shot up. Rise of the Tomb Raider didn’t attain 10× the typical PC sales, despite the fact that for 8 long months it was unavailable to those pirates that made up 90% of the player base. If Denuvo caused a visible spike in PC sales then they surely would have begun crowing about it by now.

Piracy is no longer a handy scapegoat for publishers. They blamed piracy for studio closures, low profits, and high prices. But Denuvo put a serious dent in piracy without any of those things changing. (And why would they? The public has already demonstrated they’re willing to buy games for $60 + DLC, so the only reason to lower prices is to be nice.)

The one good thing about Denuvo is that it seems to be painless for us non-pirates. I’ve apparently played a number of Denuvo games without even knowing it. I didn’t have Denuvo lock me out of a game because I plugged in a USB audio device, or make me type in some stupid activation key, or make me log in to some nonsense server. I’ve said before that convenience is king, and Denuvo is at least built so as to not make a product more inconvenient to use.

Then again: What happens in the future? If Denuvo is based on CPU thumbprint or some other nonsense, then what happens on the new processors of the future? Will the game fail to install? Fail to activate? Fail to run? Impossible to say.



[1] Parts of the code that don’t need to go fast.

[2] I wasn’t on the full time coding staff yet, so I didn’t use it directly. I was still on the art team and authoring tools.

From The Archives:

177 thoughts on “This Dumb Industry: Denuvo and the Death of Piracy

  1. Infinitron says:

    This post would have been more relevant a year ago. Denuvo now seems thoroughly cracked.

    1. Anorak says:

      Wow, you’re right. I guess the arms race is back on?

      1. Galad says:

        Got some links to read about that? Is Denuvo cracked in mere days now?

        1. Anorak says:

          Well, all I did was go to the Denuvo wikipedia page to see what games I’d bought recently that included it. Prey did, and was cracked about a month ago (disclaimer- no I didn’t pirate it, nor have I tried out the crack)

        2. AReasonWhy says:

          While I don’t have any links for you, I follow the releases pirates put out and there seems to be more new people involved in cracking. The mentioned 3dm kinda just disappeared as well as some older ones but theres a couple new ones. One of them especially seems to be going back and just cracking and releasing some of the previously deemed “forgotten” (games that just didn’t garner enough interest to be focused on close to release), while at the same time occasionally releasing very new recent games.
          The most recent one I can remember was tekken 7 and I do have a link for that lol:
          4 days. That’s not really great. For the publisher I mean.

          My educated guess is, 3dm’s people just lost interest or went away and those left in that group were just bad at coding. After a while fresh people came in and starting doing work learning how to crack. While a lot of people were panicking at the time about the end of pirated games, it was silly. Denuvo was used mostly by high profile games who could afford it anyway so most indie games and a lot of mid tier games were free of it anyway so its not like pirates would suddenly run out of games to play. And it just took time and effort for a couple of people to figure it out and we now have denuvo games getting pirated between at launch and a couple months away. The only games I can think of not getting cracked are always online games, and I was afraid of that kind of protection (especially if I want to play them years down the line) but interestingly enough, even these got cracked, both Hitman and that explosion sandbox game (I swear I forgot the dumb name) in time. The only one left uncracked I know of that has online is the need for speed reboot, and I am pretty sure that one was just untouched because no one gives a fuck about it. Hell, I remember the sim city reboot getting cracked in a matter of one two weeks despite “on server simulation” bs and other lies EA told us. Pirates got a single player version, consumers not so much. Heck, sims 4 keeps getting pirated updates and expansions and people who like it seem to lose their shit if a new update or expansion doesn’t get cracked in two days, I dunno whats up with that.

          I think the funniest thing is that as Shamus said, the sales of these games that went on protected didn’t rise one bit. None of them sold smashing millions, despite being uncracked from days to months.

          1. Daemian Lucifer says:

            And it just took time and effort for a couple of people to figure it out and we now have denuvo games getting pirated between at launch and a couple months away.

            This was always the case.3dm never said that denuvo was impossible,but that it was too labor intensive.Thats why they decided to move on to other things.Spending a month cracking a single game isnt really that enticing.Especially when after that all your efforts will be worthless once denuvo makes a new version.

    2. Daemian Lucifer says:

      No,that is not true.While some denuvo games have been cracked,the system is still solid.And how much time is required to go past it is a crapshoot.It can be just a day,if the crackers get lucky*,and it can be months if they are not.But the system is constantly being refined,so its only a matter of time when it actually “kills”** piracy.

      *Usually this luck involves having someone on the inside who will provide a clean copy.
      **Obviously it cannot kill it completely,but it can make it hard enough for most pirates to simply give up,which has been the case with many denuvo protected games already.

      1. Richard says:

        Unfortunately fundamental computer science and mathematics says that no, it is impossible to make a system such as Denuvo’s that cannot be cracked in a reasonable amount of time.

        You can’t tell Bob’s CPU how to run your application and at the same time not tell Bob’s CPU how to run your application.

        By definition, the instructions required to run that application are sat on my hard disk, are decoded by my hardware and the result placed in my RAM and cache lines. I have physical access, so I control everything and can always get the executable result because I already have it.

        It’s encrypted? Well, I have the decryption key. I must do – otherwise I couldn’t run it.
        It requires special recompilation? I have the compiler. I must do – otherwise I couldn’t run it.

        It is however much harder to crack a system that asks a 3rd party under your control (physical hardware key with physical protection, contact with your central server) to authorise Bob – that moves the problem into one of impersonation, which is a tougher problem than standalone authorisation and yes, probably is possible to make too difficult.

        1. TheJungerLudendorff says:

          Doesn’t the Denovuo system (or some versions of it anyway) need to call home at least once to authenticate?
          At least I recall some people saying that.

          1. Daemian Lucifer says:

            Yes.During installation and hardware change.

        2. Uristqwerty says:

          In theory, your PC could come with a TPM pre-configured with a decryption key embedded in specially-protected hardware. When you install a game, your copy of the game is encrypted with a unique key, and that key is encrypted in a way that only your TPM can decrypt it, and then store internally, but is never revealed to the OS or even the CPU. Fortunately, I don’t think that such hardware is fast enough (yet!) to offload a non-trivial amount of the game to, but it’s already plausible that it could be used to digitally sign the opening packets of a server connection in a way that uniquely identifies you and cannot be duplicated to another PC.

          1. Decius says:

            You don’t have to duplicate the hardware- you just have to impersonate it.

    3. Kewlzter says:

      I had to check the date on this article twice. After reading the comments, I had to check my calendar! Not only is Denuvo thoroughly cracked, they lost their license for the ANTITAMPER tech they were using, and are being Sued!

      1. Daemian Lucifer says:

        Not only has it not been thoroughly cracked(it still takes months to bypass it,with a few exceptions here and there),but they arent being sued either.

    4. guy says:

      Last I heard, the conclusion was that there was no denuvo master key; they have cracking techniques but it still takes a while to crack each individual game using it.

      1. Daemian Lucifer says:

        Thats basically it.Each version of denuvo has some exploits in it,and once you crack one game youll have it slightly easier to crack another game with that version(and possibly older ones),but the next version will set you back.And so the cycle continues.Thats why every few months youll see a huge batch of games being cracked,and all the articles of “Denuvo is dead!” will prop up,but thats precisely what the makers of denuvo expected practically from the start.Thats why they are constantly working on making new versions.

    5. Elemental Alchemist says:

      Denuvo now seems thoroughly cracked.

      The current version at least, but the Denuvo developers have been shown to react to holes in their implementation fairly quickly. What we are seeing now is basically the same pattern that has happened before: someone manages to bypass the current iteration, and this can be applied to a raft of games that uses the same version. Then this gets plugged and there is another period of a few months of games being protected. Your classic cat and mouse game.

      It should be noted that Denuvo has never actually been “cracked”, in the proper sense of the word (i.e. all copy protection being stripped out). All that is happening is that whatever fingerprint it is looking for is being emulated. This is why non-scene releases typically start off only supporting only a small number of mainstream Intel CPUs, with those using older models or AMD having to wait for those to be added later.

      As I understand it, the reason that Denuvo has had such an impact is twofold. First, the switch to x64 which initially made disassembly difficult. Second, the PC game warez scene was already well in decline before Denuvo came along, to the point that when it emerged, all the top crackers were long gone. The fact that even now there are still only a handful of people even managing to bypass it says a lot. All the old school release groups dissolved/dispersed years ago, and few true successors have emerged to take their place. It was Time more than anything that won a victory the game industry never could.

    6. F***sse4.1DRM says:

      When they use it, they lock millions of player that dont have stupid sse4.1/4.2! Phenom II have even better ipc then fx but not x64 for you (Warthunder) play on x32 with x64 cpu and have fun ……….! Denuvo all phenom user hate you to the highest point!

  2. Anorak says:

    Denuvo was very inconvenient for me, since it’s not supported by WINE (and probably never will be).
    I do as much of my gaming in Linux as possible, and I’ll usually try games out on WINE if I pick up something that is Windows only.

    The irritating thing was that DOOM 2016 Demo ran perfectly in WINE, and when I say perfectly I mean “indistinguishable from Windows”, instead of the definition of “perfect” I normally use for WINE games, which goes “Ran pretty well with a load of tweaks and specific versions of obscure libraries, and a performance drop”.

    But the full game came out and I couldn’t play it in WINE, which meant booting up my rusty Windows 7 partition, only to find it had decided to update to Windows 10 since I last used it.
    Then I spent a while futzing around trying to get the DOOM files from linux to windows, and then updating graphics drivers, etc, etc, etc.

    The game was great though!

    Once the game DID get cracked, I think Bethesda went and removed Denovu from the game altogether, which is a compromise I can get behind, but not every company is going to do this, and not every game is going to get cracked.

    It’s similar to how publishers used to promise to make non DRM’d versions of their executable public if they ever went under, but that’s such an idiotic promise to make.

    1. Daemian Lucifer says:

      but not every company is going to do this

      In the case of denuvo,they will.Because its their policy that every game protected by denuvo has to have it removed if the game gets cracked.So even if bethesda didnt want to do this,they had no choice.

      1. Anorak says:

        That’s Denuvo’s policy? Interesting – I’d assumed it was Bethesda.

        1. AReasonWhy says:

          I am not sure where he is pulling the information from, its not true:

          Look at the column where it says Denuvo removed?

          1. Daemian Lucifer says:

            My mistake.I was misremembering what they were saying about the deals they made with publishers about refunds if the game gets cracked in a certain time frame.It was that publishers are free to remove denuvo after that,not that they are encouraged.

            1. Decius says:

              Since publishers own the game, isn’t it their absolute right to release it however they want? Or do some DRM platforms encumber the original work in a complex manner?

              1. Daemian Lucifer says:

                All of them encumber the work.Some more noticeably than others.Denuvo requires online connection when the game is being installed or patched or when the hardware is being changed.Its not much compared to some other schemes,but still.

            2. There are no refunds either. Denuvo stated so in a public message after some rumors about that floated around.
              There’s a ton of misinformation around Denuvo, which is ironic as DRM usually work with obfuscation.

  3. Kreek says:

    im pretty sure Denuvo uses cpu resources, thus, potentially slowing down any games/programs its on (atleast if the coders are a bit overzelous with its DRM checks, see RIME)

    1. Daemian Lucifer says:

      Seeing how its relevant only during launch,its not likely.Maybe some games try and reverify the exe in the middle of it,but its not a long or continuous process.Or at least,it shouldnt be.Though I wouldnt be surprised if someone like ubisoft added more verification procedures,which would definitely lead to slowdowns.

      1. Sleeping Dragon says:

        So far I heard the rumours tha Denuvo murders SSDs, uses ridiculous amount of CPU cycles (and according to at least one rumour GPU… for some reason), that it causes errors while unpacking files and so corrupts grafics and lowers audio quality, that it both throttles your internet connection and burns through your transfer if you have a limit… Basically I’ve seen it blamed for everything except global warming and cancer, and I haven’t looked for that connection specifically so probably someone does.

        Now, I don’t know a whole lot about how Denuvo works but I’m about 99% sure it has literally nothing to do with most of these processes or parts and seeing how most of those claims lack sources or cite something like “my uncle who works at company X” it’s probably not a coincidence that some people want for everyone to think the notoriously hard to crack DRM is pretty much the literal devil.

        1. TheJungerLudendorff says:

          In general, i’m inclined to agree. The complaints are too scattershot, and Denuvo too badly understood, to really blame it for any kind of problem.

          I do recall hearing about some fairly big game where Denuvo had serious performance impact because it was implemented badly.

          According to the grapevine, Denuvo (or this version anyway) had a metric ton of little checks integrated into the files which would have to be rooted out one by one, which would take a massive amount of man-hours. (this might also explain the SSD-murdering complaints)

          Unfortunately, the devs implemented the checks badly, and then made way too many of them. Meaning that Denuvo checked things so often that it caused an actual performance drop.
          But again, that seemed to be because the devs botched it, not because of Denuvo

        2. Smejki says:

          This has been debunked as far as I know

    2. I think it was only that one game where the devs did something stupid and caused millions of calls during launch and thousands of calls per sec during gameplay. Other games have not been that zealous yet.

  4. Sunshine says:

    I saw the whole article on the front page, so now I feel like a member of the club.

    1. methermeneus says:

      Welcome! Here’s your badge and complimentary hair cut.

  5. Darren says:

    “The public has already demonstrated they're willing to buy games for $60 + DLC, so the only reason to lower prices is to be nice.”

    I just want to thank you for saying this, because it comes up all the time when discussing the price of goods–not just games, but anything–and I’m so tired of hearing arguments that prices will drop if we just get rid of regulations/increase competition/whatever.

    1. Bloodsquirrel says:

      That’s a rather absurd leap, seeing as $60 is a price that has been reached by the market, and not one that was imposed by any external regulations.

      1. Alan says:

        “reached by the market, and not one that was imposed by any external regulations.*”

        * excepting external regulations establishing a private monopoly.

        1. Bloodsquirrel says:

          What monopoly are you talking about, exactly? $60 isn’t even a universal price point. It’s the most common one for AAA games from big publishers (until they drop them after the game has been out a year), but developers who don’t think their games will sell at that price regularly price them lower.

          1. Syal says:

            Maybe Australia does? Folks there usually have horror stories about $100 games or some lunacy.

            1. Kylroy says:

              Think that’s a holdover from when transport of a physical product and taxes really did make getting a game to Australia more expensive. Heck, it’s a great example of how an oligopoly’s sticky price point works – the market tacitly agreed to $100 because that’s what was needed to turn a profit with the higher costs involved, and even though those higher costs have disappeared the $100 price remains.

          2. Alan says:

            The monopolies protected by international agreements, for example the Berne Convention, and implemented by a variety of local laws; Title 17 in the United States is one such set.

            I’m not saying that these laws are a bad idea, mind you! But there is absolutely government interference in the market, and it is impacting the resulting prices. Maybe the prices would settle back out at $60 in a free market, but history suggests monopolies drive up prices beyond what would be possible in a more competitive market.

      2. Zak McKracken says:

        Any regulations are part of the market — you can’t sneeze in a marketplace and be sure you did not affect prices.

        Also, I never was and am still not willing to shelve out that much money for a game if I’m not even sure whether it will run on my next machine if the company decides to abandon the game in the meantime.

        I’m hoping that by sticking to cheaper and non-DRM’d games some part of “the marketplace” learns a lessen that customer protection laws have failed to teach.

    2. Moridin says:

      Going from no competition to competition almost always DOES result in price drops. For instance, you can bet that Intel’s new 10-core consumer CPU would NOT be selling for $1000 if AMD’s new architecture was a failure. For comparison, their last gen 10-core CPU costs $1700.

      1. Daemian Lucifer says:

        It depends on the competition however.Sometimes,they just achieve an oligopoly,like the cable and cell phone companies in the usa.

        1. Bloodsquirrel says:

          Cellphone companies are actually pretty competitive. There are a lot of companies in the market considering how high the price of entry is. Cable companies are often granted monopolies by municipalities.

          1. TheJungerLudendorff says:

            If they have an oligopoly/cartel, then by definition there will be very little competition. So the point still stands.

            Unfortunately, quality also tends to drop when you go towards the free market, since quality is expensive and doesn’t automatically translate into a bigger bottom line. Which is one reason why regulations are so useful.

      2. Kylroy says:

        Yes, that would be what happens when a monopoly is broken. But gaming is not a monopoly – while Steam may have represented a horizontal monopoly, they were never absolute and rival platforms mean they’ve never truly acted like one. AAA gaming is very much an oligopoly, and it’s sticky price point has been set at $60 + DLC.

        1. Bloodsquirrel says:

          Steam doesn’t set prices. Even if they did have a monopoly, it would have little effect on the $60 price point because that would still be the price that gamers have decided that a AAA game is worth.

          Games are a fiercely competitive market. Even if there aren’t that many publishers the size of Ubisoft (although there are plenty- Activision, EA, Microsoft, Sony, Nintendo), there are tons of independent developers, often making individual games that are just as big as most of what those six put out. Riot might not be as big as Activision, but League of Legends is bigger than most of their games.

          The $60 price point is “sticky” because it’s hard to introduce a lot of nuance into game pricing. They’re not like graphics cards, where you can benchmark them and say “This card is 10% faster, but 15% more expensive”. A game might provide hundreds of hours of serviceable play, a few hours of content that leaves an impact that lasts for years, or it might turn out to be garbage. Thus our expectations of game pricing are painted very broadly.

          Even if there was a monopoly in game development, it still wouldn’t benefit the monopolist to hold to a single price point. Even a monopoly has to deal with supply and demand; if they set their game prices at $1000 each, nobody would be buy them, even if there weren’t any other games on the market. Having a monopoly merely drives prices to the most profitable point on the supply/demand curve, rather than the point of the minimum viable level of profit. This means that we’d see the mega-hits priced higher than the new IPs, since the demand for them would still be higher. We don’t see this, though, because the market wants a more-or-less uniform price for their games, and publishers aren’t willing to challenge it.

          After all, if $60 is the product of a oligopoly and market forces have no bearing on it, then why not $70? Or $80? We can actually see direct evidence that the $60 price point isn’t artificially inflated: Even at $60, plenty of games wind up being unprofitable. EA, on a whole, was still losing money for a while (they still might be, I haven’t checked). But, on the other hand, collector’s editions and DLC show that some people are still willing to pay more, which indicates that games are probably fairly well priced at $60.

          1. Kylroy says:

            *Games* are a fiercely competitive market – that’s why we see Steam routinely selling titles for $5 or less. *AAA games*, on the other hand, are an oligopoly – only a handful of companies have the money and resources to drop $50 million on a single game.

            wswordsmen covers the kinked demand curve and sticky price that an oligopoly generates downthread. To answer “Why $60”? Because that’s the price every producer tacitly agreed on, and anyone who strays from it, up or down, loses money.

            1. Bloodsquirrel says:

              Indy games directly compete with AAA games, though. They might not be able to produce the same kind of games, but the same dollars are being split between them.

              Also, having six major players in the market is plenty to keep them competitive. Two players in a market can be competitive. The competitiveness of a market is determined by the willingness of a consumer to switch between options and their drive to maximize their value between the two, not the number of providers. The console market, despite only having three players, was competitive enough for Sony to begin selling at an initial loss.

              The fact that publishers are spending 50 million dollars to make these games when they can’t always recover it proves that it’s a competitive market.

              Again, the if the $60 price point was an arbitrary agreement by publishers, why not $70?

              wswordsmen has a few flaws in his analysis, which I intend to point out.

              1. Kylroy says:

                Well, and the “same dollars” are being spent on every source of entertainment. I’m arguing that the audience for AAA games is different than the audience for indie titles, and that spending does not flow seamlessly between those two categories. Someone turned off by Shoot Guy 6 might spend their money on Indie Darling Game instead…or they might go see a play.

                We’re not saying it’s not competitive. We’re saying that when you have very few producers (like 6), it’s an oligopoly, and oligopolies function differently than wide open markets. For starters, they work *very* hard to never compete on price.

                Why not $70? Because when the 360 came out, Microsoft decided to edge the price up from $50 to $60, and their competition decided to join them; if they’d gone with $70, their competitors likely would have guessed that was too big a jump, not followed, and Xbox sales would have suffered.

                An illustration of how price stickiness prevents prices from declining can be seen in Australia – the market prices for games in Australia hovers around $80-100, because in the days of physical media it really did cost more to get a game to that country. With digital distribution, that’s no longer an issue – but nobody’s cutting prices, because they would not sell (enough) additional games if they did.

                1. Bloodsquirrel says:

                  Well, and the “same dollars” are being spent on every source of entertainment.

                  This is true, and important. While there is a greater resistance to gaming dollars going over to movies than from AAA game to indie games, game dollars are still in competition with everything else, including food. Some people don’t buy games because they need that money to eat instead. There’s isn’t a fixed pool of money out there that the whole industry just splits up; if they price their games too high, the overall amount of money the industry takes in will go down.

                  I'm arguing that the audience for AAA games is different than the audience for indie titles, and that spending does not flow seamlessly between those two categories.

                  You’re asserting it, but on what basis? Why do you think that Dragon Age is competing more directly with Halo than with Pillars of Eternity? “AAA” is just a budget, not a genre. Indy games today have higher production values than a lot of AAA games that came out 10 years ago.

                  We're not saying it's not competitive. We're saying that when you have very few producers (like 6), it's an oligopoly, and oligopolies function differently than wide open markets. For starters, they work *very* hard to never compete on price.

                  What a market competes on has much more to do with the nature of the market than with the number of companies involved. A two-player commodities market will compete fiercely on price, because it’s the only thing that differentiates commodities. Entertainment tends to be more fixed in price because the products aren’t similar enough to compare directly enough to make a small price difference decisive in buying habits.

                  Why not $70? Because when the 360 came out, Microsoft decided to edge the price up from $50 to $60, and their competition decided to join them; if they'd gone with $70, their competitors likely would have guessed that was too big a jump, not followed, and Xbox sales would have suffered.

                  You’re just restating my point here. $60 wasn’t arbitrary, it was an informed guess as to the optimal price.

                  An illustration of how price stickiness prevents prices from declining can be seen in Australia ““ the market prices for games in Australia hovers around $80-100, because in the days of physical media it really did cost more to get a game to that country. With digital distribution, that's no longer an issue ““ but nobody's cutting prices, because they would not sell (enough) additional games if they did.

                  Digital distribution hasn’t completely taken over yet, though. Publishers are wary of setting prices for digital distribution lower because they don’t want to piss off brick and mortal stores, which (especially in the console market) are still an important driver of sales, especially consoles which still have to be physically shipped.

              2. Shamus says:

                I’m replying to Bloodsquirrel here but I’m actually responding to the entire thread.

                One of the reasons I ban politics is because these kind of reductive conversations drive me nuts.

                Explanations exist; they have existed for all time; there is always a well-known solution to every human problem “” neat, plausible, and wrong. – H. L. Mencken

                Two different people look at the same data and come to opposing conclusions that (as luck would have it) match their preconceived notions. The free market is a sham! No! The free market saves all! Unions will save us. No! Unions are a sham!

                We have an innate desire to take complex problems and attempt to solve them with simple axioms. If a solution worked in one context, then we are duty-bound to mindlessly advocate for that same solution to all other problems in the same domain!

                If there’s one idea I wish people would embrace it’s that Stuff is Really Complicated. We’ve got imperfect data on the behavior of hundreds of millions of distracted buyers working from imperfect information to make impulsive buying decisions based on their imperfect knowledge of goods and their individual guesses on what prices will do in the future.

                Bread companies compete for my food money. Car companies compete for my transportation money. Gaming companies compete for my entertainment money. But these three goods are very different. I’m not going to be NEARLY as picky about bread as I am about games. If the price of Modern Warfare gets cut in half, I’m not going to stop buying Batman games and switch to military shooters. So every publisher has this soft, vague, monopoly-esque control over a particular franchise. There are many brands of bread that are functionally identical as far as my mouth is concerned, but there’s only one Arkham series. (And Spider-Man and Shadow of More Dumb illustrate that it’s not an easy formula to get right, which means direct competition will continue to be weak.)

                Some people are willing and able to pay far MORE than $60 for a game. Other people won’t buy anything above $40 regardless of quality. Other people might pay launch prices or they might wait for discounts, depending on buzz and review scores.

                If you’re a publisher and you’re trying to make sure you turn a profit, then you’ve got a lot of blanks you need to fill in. If I charge $80 for a game will the extra income cover what I lose when some people refuse to buy the game at that price? If I lower the price to $40 will I make up the difference in increased volume? Where’s the break-even point?

                My concern with publishers isn’t that they’re “price gouging” us. It’s that I don’t think they’ve done the required homework. Their behavior indicates what I talked about above: A simplistic view of the market that looks for simple answers to complex questions. Shit, EA has shown they barely understand genre boundaries, so I don’t think they’re equipped to understand this problem with the required level of nuance. Madden players are going to respond differently to pricing fluctuations than (say) shooter fans. And both will have different behavior than (say) Sims fans.

                The sad unraveling of THQ shows that fortunes can turn on a dime. You can be raking in money one year, barely getting by the next, and then losing your shirt the year after that. It’s easy for us to sneer at their “greed”, but from their point of view it’s probably just a scary game of making sure that one blunder (The uDraw tablet, in the case of THQ) or missed opportunity (their inability to pivot to serving a hardcore market before the crappy movie-license gravy train ended) doesn’t kill you. One person’s “maximizing profits” is another person’s “making sure I don’t steer this company off a cliff and ruin the lives of my 7,000 employees”.

                Dang it. I just wrote a column in the comments again. Anyway: tl;dr – Shit is complicated and anyone can pull out an isolated anecdote or example to support whatever they want to believe.

                1. Shamus says:

                  Also note I didn’t just open the door for political arguments. Note that while I acknowledged that particular positions exist, I worked very hard to avoid advocating for any of them. I’m not trying to sell a particular ideology, I’m trying to caution against using something this complex to make such arguments.

                  And again, this is a broad comment on the whole thread (and many other threads like it) and not any one comment.

                  1. Joshua says:

                    Well, plus the whole Marketing dilemmas of perceived value per a price point in addition to the Accounting Gross Margin. If virtually all AAA titles are $60 and you run the numbers and calculate you can still make a good profit selling it at $10, should you? Or will potential customers perceive the game to be shovelware?

                    *Actually, games might be ok because there are plenty of opportunities to read reviews out there that would say that this game is awesome and an incredible value, but plenty of other products will actually sell less if the price is lowered unless there is a considerable amount of public awareness of the product.

                2. Bubble181 says:

                  If you’re not picky about your bread, you’re Just Plain Wrong! Good bread makes or breaks a sandwich, and I will now launch into a 5 paragraph Wall of Text to prove it!

                  Well, no, but I will say that American views of what constitutes “bread” are very different from what they are over here, and that there really is a big difference between good bread and crappy sponges :P

                  1. Daemian Lucifer says:

                    Wait,there is such a thing as good bread?As in not a bland lump of dough used for nothing but killing taste in other food?

                    1. Mephane says:

                      I don’t know where you live, but here in Germany we have the full range from tasteless spongy filler mass to crunchy airy deliciousness.

                    2. Rack says:

                      You don’t know this? Oh man good bread is DELICIOUS. It’s a similar difference between good and bad bread as prime steak and cheap meat made of beaks and rusk.

                    3. Daemian Lucifer says:

                      I was joking because I just dont like bread.Yes,I know there are some breads that are better than others,but to me the good one is merely tolerable,not something Id actively seek to eat.

                    4. Good bread is simple to identify.

                      1. It must not taste/smell burnt.
                      2. It must not taste/smell like flour.
                      3. It must not taste /smell like yeast.
                      (4. It must not be too dry or too wet.)

                      I put Nr4. in parenthesis as bread tend to go dry eventually. Points 1-3 are essential for I dare say a objectively good bread.

                3. Radiosity says:

                  Dang it. I just wrote a column in the comments again.

                  lol, I was just going to say, you could’ve made that a post all by itself.

          2. Decius says:

            Steam likely has a near-monopoly on indie PC game distribution, but GOG is a credible enough competitor to prevent Steam from taking too much of a cut.

          3. TheJungerLudendorff says:

            Just my 2 cents on Shamus’s comments above:

            In my experience, “Stuff is really complicated” basically sums up everything in life ever.

            Every time I thought something was simple and clear-cut, I was either massively simplifying the situation, or either ignoring or ignorant of a lot of new information and viewpoints.

            Take this discussion: We are discussing a massively complicated financial/entertainment/goods/service industry and how it interacts with hundreds of millions of individual, complicated minds. An industry which itsself consists of millions of individual, complicated actors. And every one of them is influencing the whole in some small way. And we’re trying to predict this giant, confusing mess of people, opinions, actions and consequenses.

            Oh, and there is this entire world that people live in, where billions of people affect each other every day in a million ways, big and small, where people constantly enter or leave, and which affects everything and is affected by everything.
            It’s like Dwarf fortress, but orders of magnitude more complex, and with 8 billion dwarves.

            Oh, and that argument? We’re doing that by sending messages through this arbitrary pattern of lines and dots which we managed to agree on and collectively train everyone to use, with millions of arbitrary combinations, many of which have multiple meanings, or can change meanings based on their relative position to each other, or can have different meanings than what they actually are supposed to mean. And that’s ignoring the combinations that people just make up and just sort of shuffle into our collective library of patterns.

            Oh yeah, and we’re creating those patterns by hitting bits of plastic in a certain order to make these lines appear in this specifically denominated area on our screen. Which only works because those bits of plastic use small bits of electrical energy to send their own messages to a set of ridiculously complex machinery that performs more actions in a second than the number of days you have in your entire life. But it’s really dumb, so someone somewhere had to spell every single one of those actions out beforehand. To the point that we developed an entire craft dedicated to writing out as many actions as possible with the minimal effort.

            And that’s still vastly understating the complexity. People could (and did) write entire libraries worth of books about any single word in this paragraph (barring words like “the” and “And”. And even for those i’m not certain.)

            Oh and did I mention the Internet? That giant network of ridiculously complex machines we use to transfer and store these communications?

            And don’t get me started on the human body, biochemistry, how your eyes work to read this, or heavens forbid: The human brain. You could read enough paper about that one to fill the Marianna Trench and still not fully understand how it works (mostly because we haven’t really got a clue yet). And that’s the complexity of ONE human. And then they start affecting each other.

            So yeah. Life is really, really complicated.

            (man, shamus’s comment-columns appear to be infectious :D)

        2. Zak McKracken says:

          Gaming is not really a monopoly but Valve has a near-monopoly on sales of PC games, and Microsoft is trying hard to tie games, gamers and software sales in general to their Windows 10 store and stuff.

          Generally, and “platform” thing gives the owner monopoly-like power over (some) users because once you have a bunch of games on steam, or a bunch of iGadgets which only work in the Apple universe (or the equivalent Android set-up…), or whatever, you have a huge threshold to leaving the platform because that would mean losing access to “your” stuff (which of course isn’t really actually yours, you just bought licences, not things!)

          ..and that’s why I think that open standards and DRM-free stuff should get a lot more support from consumers, and from consumer protection laws — because it’s way better for us.

      3. Echo Tango says:

        People are paying > $200 for CPUs? For not-research-supercomputers?!?

        1. AReasonWhy says:

          Have you not heard of graphics card costing up to a thousand? There’s rich tucks who just like to burn money on this hobby even when it doesn’t really bring them more fps.
          I am personally still baffled that people ate the 4k spiel and how upgrading for that is “important” when games can barely run 60fps on 1080p resolutions sometimes.

        2. Philadelphus says:

          People are paying > $200 for CPUs? For not-research-supercomputers?!?

          I dunno about you, but I’m building a gaming computer, not a “light-internet-browsing-and-word-processing” computer. ;)

          Oh, and video editing, I do a bit of that as well.

          1. AReasonWhy says:

            you dont need more than 200$ for a cpu for a gaming machine
            video editing granted tho thats a different thing entirely

            1. Philadelphus says:

              Well, the games I play tend to be CPU-bound rather than GPU-bound, so it’s actually good…though you’re probably right that I’m getting better use out of it with my video editing. :)

          2. Echo Tango says:

            My entire gaming computer cost $1400. If you want to spend that much just on one of the processors, be my guest. I don’t spend past the elbow in the graph of power / cost. :)

            1. Philadelphus says:

              Mine actually only cost $240, so in actuality it only just passes that threshold. :)
              But yes, it’s good for the types of CPU-intensive games I mostly play (grand strategy games, etc.) plus some non-gaming tasks I do.

        3. Richard says:

          Yep. The CPU I’m (probably) buying in a month or so is currently £324
          – Or £500-650 bundled with one of the motherboards I’m considering. Haven’t decided whether I actually need the extra PCI-E slots yet.

          I’m hoping that it’ll drop a little before I pull the pin, but I doubt it.

        4. TheJungerLudendorff says:

          A high-end gaming computer can easily run into several thousands of euro’s.
          For such a vital component, 200 euro’s wouldn’t actually be that much.

    3. Matt Downie says:

      I’m not willing to spend that much…

  6. Nixorbo says:

    “By that logic, any consumer right could be negated at any time by any company, simply by making waiving that right a requirement for using the product.”

    Mandatory Binding Arbitration.

    1. Ciennas says:

      Ulgh. I hate this nonsense. It violates so many common law rules and simply upends how things work in America and abroad.

      I tolerated the don’t copy that floppy, because I agreed with the basic premise- if you fail to pay people, then they will find something that will, and you will have peed on your own cornflakes.

      But this ‘Get out of Lawsuit Free’ nonsense is dangerous and every inch the power grab and overbearing maneuver that was done by corporations and governments in the late 80’s/90’s dystopic movies presented.

      In the US, lawsuits are the last resort of a very underpowered citizen versus a very mighty corporation. Taking away a civil action of last recourse doesn’t make for a happy ending for any party.

      It scares me. I don’t like any of the other options presented when they take away all the civil discourse methods for problem resolution- all that remains is terrible.

  7. Jonn says:

    Typo and odd capitalisation:

    The point being that your developers can wrap their program inside of the anti-tamper system without needed to add the DRM crap to their source code or complicate development.

    I didn't have Denuvo lock me out of a game because I plugged in a USB audio device, or make me type in some stupid activation KEY, or make me log in to some nonsense server.

  8. Daemian Lucifer says:

    I tend to believe the crackers because of how long they have been doing this,and their policy to give out things freely.So if they say denuvo is an encryption method,its almost 100% true that its an encryption method and not anything some redditer may speculate.Unless someone who actually made denuvo says differently,thats what Ill go by.

    As for how effective it is,its super effective.Sure,its not perfect,and every denuvo protected game CAN be cracked,but its not that likely that they will.Its a very time consuming job,requiring days,or even months to accomplish.Unless the pirates have someone on the inside(which they often do),or they get lucky and find an exploit in the current version of denuvo that they can use on a whole set of games protected by it,most of them wont even bother trying.But because the program is being regularly updated,chances are the exploits found in one version will soon be removed in the next.In fact,pirates help the company by cracking these games by finding these exploits that were missed so they can be patched.

    1. AReasonWhy says:

      As for how effective it is:
      not really that effective.
      And of the uncracked games 4 of them are online only. I am pretty sure we all know why no one is cracking something like Train Sim World: CSX Heavy Haul.

      1. Daemian Lucifer says:

        Not that effective?Most of those games went uncracked for months.I call that super effective.The point was never that denuvo is perfect,but that it takes a lot of time to bypass it.

        1. AReasonWhy says:

          I think we have wildly different stances on what is effective drm.
          Yes some games went long without cracks, but at the same time many stayed uncracked just under a week, quite a few big name games too. If I was a publisher investing in DRM this would look like a gamble to me.
          On the other hand, for the person who can’t afford a game in the first place its not a huge deal to wait a couple months. They’ll lose out on the conversation on the internet some but besides that they’ll get the game eventually.
          So in my book, denuvo only worked a little bit, and only in the first moments when 3dm was in over their heads and created panic for no reason.

          1. Daemian Lucifer says:

            Considering that they make a contract with the publishers to refund them if the game gets cracked before a certain time expires(they didnt go into details,but a couple of weeks seems reasonable),thats not much of a gamble for the devs.

            Also,you are discounting the fact that its not always denuvo that fails.For example,doom got cracked because someone tampered with the files from the free demo* and incorporated those into the game proper.

            *The first time.That was fixed with a patch,and after a while the protection failed as well.But thats irrelevant.

            1. AReasonWhy says:

              I don’t see how the doom demo means denuvo is more effective? it shows that its exactly ineffective, because there’s many things that might allow a cracker a backdoor.
              Also mate I have no clue why you’re responding to basically every person in this comment section defending denuvo like you work for them or something. They are not worth defending, and you are obviously misinformed on a few points about the cracking scene, so I’d chill out if I were you.

              1. Daemian Lucifer says:

                it shows that its exactly ineffective, because there's many things that might allow a cracker a backdoor.

                Umm,being able to get unprotected files from a third party means that theres a backdoor in the protection system?….Technically yes,in the same way that a password is weak because people are writing them on pieces of paper.

                Also mate I have no clue why you're responding to basically every person in this comment section defending denuvo like you work for them or something.

                Primarily because the people Im responding to keep repeating the same few incorrect things that Ive been hearing for the past two years.And when someone is wrong on the internet,I cannot sleep.But also because denuvo is the first piece of digital protection that I dont feel as intrusive.

                and you are obviously misinformed on a few points about the cracking scene

                Really?You think that because you read one reddit article without understanding the difference between protection forever and protection for months you understand the cracking scene better than me?

                1. You assume you know more about the scene that some other people here. Unless you are in the scene (which it appears you are not) then I’m guessing there are others here that know better than you as they actually are in the scene (not gonna name names).

                  Also. There is a scheme that is 100% unintrusive compared to Denuvo. It’s called

                  And your denuvo refund thing you keep repeating is false. Just google “denuvo refund” and the first three results show you that statement is untrue.
                  It’s not a refund. What the deal is, is that if Denuvo is cracked for the game within a certain time (3 weeks it seems) then the developer (or rather publisher) won’t have to pay their monthly fee (or whatever) any longer.
                  I’m assuming Denuvo bills companies for “days protected” each month, or get a percentage of sales.

    2. Zak McKracken says:

      I’d say it is probably all of the above: You can’t make effective DRM without some stuff being encrypted, and using encryption would not prevent it from doing any of the other things it’s said to be doing.

      That’s a bit like one person saying that cars drive because of their engines, and another saying it’s because of the wheels…

      1. Daemian Lucifer says:

        If it were an actual drm there wouldnt be a layer of other drm on top(well,underneath it)for every game as well.Its there just to prevent someone from getting to the drm in place and removing it.

        1. There seems to be three layers to this.
          a Virtualmachine made by some other company that wraps Denuvos stuff (or Denuvos stuff runs in that VM), the Denuvo stuff is hooked into the game’s DRM in some way, that part is game dependent.
          So it’s VM+Denuvo+DRM.

          The VM or the game hooks are the weak points, and will always remain as such. In the scene there are also arguments on whether this or that game is cracked or not as some seem to only call something cracked if the DRM is removed while others say it’s cracked if some stuff is emulated. I think it was Just Cause 4 that was cracked then not cracked then sorta cracked then who knows due to that, it certainly confused a few news sites for a while.

  9. Daemian Lucifer says:

    The one good thing about Denuvo is that it seems to be painless for us non-pirates.

    Not the only good thing.It also removes the need for always online protection and other intrusive drm schemes.Also,the company that makes it is not a dick corporation like ubisoft,and their policy is to ask the publishers to remove denuvo from all the games that have been cracked(or at least this was the policy some six months ago when I last had interest in it).So yeah,plenty of good things about this one.

    1. Kylroy says:

      About the only bad thing I can think of is that, by making effective DRM, Denuvo has proved Shamus’ (and every anti-DRM person’s) point: preventing your game from being pirated has no meaningful effect on sales.

      Bad from publishers’ point of view, anyway.

      1. Echo Tango says:

        It also would show that it’s got no negative effect on sales either, and it might have other unknown benefits. So, they’ll probably keep putting in DRM for a long time, just to be safe. :)

        1. Kylroy says:

          I think they’ll keep putting it in for a simple reason: nobody likes getting their stuff stolen. Money concerns aside, I can see professionals taking offense that their work is being used by people who regard the labor to make it as, economically, of no value – the same way American and English authors did when copyrighted works weren’t being respected on the other side of the Atlantic.

          1. Daemian Lucifer says:

            But plenty of people have already shown that its not true.Not just denuvo,but gog,stardock and steam as well.Those who dont respect your labor will not respect it no matter what you do,and those who do respect you will do even without some hoop to jump through.

            1. Kylroy says:

              I didn’t say it was logical. Even if all the analysis in the world says “it will be cheaper to let people steal your work”, there are some folks who will pay money to assert some control over how their work is used. Plus, I strongly suspect Denuvo’s sales pitch *doesn’t* say “it will be cheaper to let people steal your work”, which will be listened to by folks who’d like to think what they want is also financially responsible.

            2. Richard says:

              Indeed, and that’s why it’s stupid.

              Spend tens of thousands of dollars on something that at best has no effect at all, and has the potential to completely destroy your sales if it goes wrong?

              That’s a strange bet.

        2. AReasonWhy says:

          Actually, I know quite a few people who don’t buy denuvo protected games because of all the horror stories, so I’d say it actually does have a negative impact. Probably a really small one though.

          1. Daemian Lucifer says:

            Considering that all those stories were not true,they are as numerous as people who werent buying games because of all the other rumors.

            1. Kylroy says:

              Exactly. I don’t doubt that someone, somewhere, has foregone a purchase they legitimately would have made after finding out a game had Denuvo. Just that these people, relative to the millions of folks buying the AAA games that use Denuvo, are statistically insignificant.

              1. AReasonWhy says:

                I wish we actually knew how much % these possible buyers are. But they are etheral just as the pirates who are lost sales probably.

      2. Matt Downie says:

        I’m not sure there’s a direct comparison method to show how much these games would have sold in an alternative universe where they were widely pirated.

        1. AReasonWhy says:

          There’s no direct comparison but enough high profile games went uncracked for a long while, and yet we are not seeing anything even close to 90% more sales. Heck, if I was a publisher I’d be glad if denuvo just made for 1% more sales, which is disputable.

          1. Droid says:

            If 90% of games were pirated, blocking the pirates would lead to up to 900%(!) more sales, not up to 90%. I know those are unrealistic numbers either way, but it just drives home the pure madness of the original claim even more.

            1. Daemian Lucifer says:

              Youve just reminded me that there was a case where we had the same game sold to us twice,first without denuvo,then with denuvo:tomb raider and rise of the tomb raider.Remember how tomb raider flopped,selling only 3 million copies,while rise of the tomb raider sold 27 million copies?

              1. Echo Tango says:

                Sarcasm aside, according to Wikipedia, the first game sold a total of 8.5 million, and the second sold 1 million. So…yeah…

        2. Daemian Lucifer says:

          True,but there are game series like fifa and maden that have had a steady trend in sales regardless of what drm was used for a given version.

          1. Abnaxis says:

            That’s actually a fair point.

            Who knew yearly release cycles could actually be useful for something? Somebody should actually look into that. Probably couldn’t come up with anything conclusive, but it’d be cool to look at the data and see what it looks like

          2. Viktor says:

            There’s also console vs PC releases. You’d need some serious data analysis chops and a lot of different games/series/Time-to-DRM Crack data points to cancel out the random noise, but it’s definitely a source of numbers.

        3. Abnaxis says:

          AReasonWhy kind of already said this, but I think it beats repeating–yes, we don’t have access to a parallel universe to see how sales would change if there was a day 0 crack. However, Shamus was not being hyperbolic–publishers have LITERALLY tried to say their sales were a full order of magnitude smaller due to pirates. AAA tentpole A selling TEN TIMES as much as competitor tentpole B is not something that would be missed.

    2. Zak McKracken says:

      ” painless for us non-pirates.”

      …I have my doubts about that. I’ve not (yet?) bought a Denuvo-“protected” game but as I understand you still need to activate it, right?
      So at the very least my use of the game is limited to however long the activation servers are working. Depending on who buys who that may not actually be a terribly long time. I know that the argument will be that “it’s not affecting many people”, but behaving badly to “not many people” is still behaving badly.

      1. Daemian Lucifer says:

        Considering how publishers are patching it out after it gets cracked,in most cases you wont rely on the servers.Also,you have to activate it when you install it,and seeing how most of these games require at least some files to be downloaded before installation,you are more screwed by that than by denuvo.

        1. Zak McKracken says:

          Of all the games with Denuvo, how many have had it removed later? It’s nice that the company encourages this practice but it’s still a thing that somenody needs to do, which means it costs money, which means that I can’t imaging that nobody is skipping that step.

          Regarding downloads at installation: Well, there are games with patches on day 1 but once at least all the stuff I buy on GOG allows me to download it and install it when and where I want. The same goes for a couple of my older games which I bought on DVD or even CD.

          I can still install and play Starcraft, Age of Empires II, or Neverwinter Nights. (In fact, I sometimes even do!), but I’m not convinced that is possible with any Denuvo games. And by now, the Games industry has been so cavalier about removing such possibilities from me, for such a long time, that I reserve the right to be skeptical. Now they need to prove to me they’re not trying to pull tricks, because my default assumption is that after more than a decade of being treated as untrustworthy, I can’t just trust them.

          Case in point: I can indeed still play networked games of NWN, because the server runs locally. With for Honor, the ability to run the server locally is treated by most reviewers as a disadvantage. I mean, if it’s not running stable that needs to be fixed of course, but why would a sensible consumer require that part of the game (the server component) be removed from their own domain and moved to a publisher-operated server which will at some point in time fail?
          I very much preferred the model of Counterstrike or Starcraft: There are (were) some official servers, but in addition everyone’s free to run one themselves. That’s really the only way to make sure that players can truly own the game.

          1. Daemian Lucifer says:

            Well, there are games with patches on day 1 but once at least all the stuff I buy on GOG allows me to

            Gog does not have all games either.You ask the percentage of games that had denuvo removed,but whats the percentage of games that gog has removed drm from?If its not on gog,you cannot own it legally and play it forever.Sooner or later,either the cd will wear out,or youll lose the activation code paper/booklet.And since we are talking big companies maintaining their servers,how long is gog going to stay alive?Why is gog going under so much less possible than bethesda going under?Why is gog purging games from its servers so much less possible than bethesda removing the activation server?Unless you have that game backed up on your own devices,you are still relying on the benevolence of others,and that is arguing over degrees of benevolence.

            Compared to other forms of drm,denuvo is far far less limiting for the consumer.

            1. Unless devs provide a “sunsest patch” then Denuvo is as limiting as all other modern DRM.
              I highly doubt there is a timed self destruct in Denuvo protected games. And that still leaves the DRM solution Denuvo protects/encapsulates (insulates?). How many years will Denuvo run their servers, how many years will Denuvo v1 protected games still work?

  10. Echo Tango says:

    Piracy is no longer a handy scapegoat for publishers. They blamed piracy for studio closures, low profits, and high prices. But Denuvo put a serious dent in piracy without any of those things changing. (And why would they? The public has already demonstrated they're willing to buy games for $60 + DLC, so the only reason to lower prices is to be nice.)

    The other reason to lower prices, is if the public isn’t willing to pay large amounts of money for games. There’s very few games[1] I’m willing to pay that price for, and the rest of my game collection is somewhere around the $20 mark, or the $10 mark. There’s a lot of games by smaller companies and indies, which have great gameplay, artistic aesthetics, worlds, story, etc. But I guess that makes me not the target demographic, so they can price their games as high as they want. :)

    [1] Stellaris, plus the Metro games is it, I think. Plus those aren’t even normal AAA games (more like AA), so I’m not sure I even qualify as a member of the $60 price-point demographic.

    1. Daemian Lucifer says:

      But I guess that makes me not the target demographic, so they can price their games as high as they want

      Same.There are plenty of scummy practices,like preordering,Im not willing to engage in that thrive because Im the minority in that respect.

    2. Kylroy says:

      Thing is, “the public” is an awful vague term here. For the purposes of your first sentence, it effectively means “a group of consumers large enough for AAA games to be profitable”. I don’t think they’d double their sales by selling the game for #30, nor do I think there’s any place between $30 and $60 where the math works in the publishers’ favor. Studios have found a way to make $50 million games profitable (for now…), and I can’t see them messing with it.

    3. AReasonWhy says:

      If you don’t preorder 3 months in advance, don’t get massively hyped by e3, and buy games at 60$ and more! (dlc! season pass! special deluxe complete collectors editions!) then I got bad news for you: you’re not their focus sales groups. You’re trail sales.
      Who cares tho? You having fun with their products for much cheaper? Thats great!

      1. Echo Tango says:

        Actually, I’m just not buying their games. I’ve got other, more reasonably priced games to play. That also usually have better story. And gameplay. And characters. And… :)

        1. AReasonWhy says:

          I presume you’re talking about indie games and specific older titles?

          1. Echo Tango says:

            The two games I pointed out in my previous post were at the ~~ $60 price point, and both brand new.

    4. Ciennas says:

      The only machine I’ve got that can play any game made this generation is an Xbox One that a friend gave me.

      On it, I have only preordered two games- coincidentally, the only two I have ever preordered.

      ESO: Morrowind’s Collector’s Edition upgrade, and Destiny 2.

      Coincidentally, they were expansion packs of games I already love to play and have friends on.

      I’m not jumping on some new IP for a preorder. No Man’s Sky was the last property that excited me, and even then I waited.

      Still haven’t played it, come to think of it.

    5. Bloodsquirrel says:

      But I guess that makes me not the target demographic,

      Not true; if you’re interested in the game in the first place, you’re part of the demographic. You’re merely fitting into their price discrimination scheme- if they can sell the game to one person at $60, but another won’t buy it at more than $20, then why not find a way to sell it at both prices? But using time- lowering the price some months or years after the release date- they can do just that. This is the same tactic behind collector’s editions; if someone is willing to pay $120 for a game, why not give them a way to do that while still selling them to people who won’t go above $60?

    6. Zak McKracken says:

      Similar here. Almost all of the money I’ve ever spent on games was below 20€ per game.

  11. Zaxares says:

    Heh, the bit about how Denuvo not causing a sharp uptick in sales only confirms what I really knew. The people who would pirate your game are people who would NOT have bought your game under any circumstances anyway. It’s exacerbated by the fact that, today, gamers are spoilt for choice. There are hundreds, if not thousands, of games now available, across an incredibly wide array of platforms, and the player base is starting to become fractured into ever smaller pieces of a pie that many developers are chasing. The recent rise of indie and classic games is only further biting into this market. No, if you want people to buy your game, you not only have to make a game that your target market wants to play, but you also need to make a personal connection with your player base. They have to get to know you, your team, feel that THEY, and their opinions, matter to you. In short, they almost need to become your friends. But once that happens, they will be willing to throw an astonishing amount of money your way.

    1. Kylroy says:

      The issue is that AAA games take staffs of dozens to hundreds of people to make – you *can’t* humanize that many people. I suppose Blizzard has given this a try in Overwatch by making Jeff Kaplan the face of the game, but that’s a far cry from the connection in, say, the Dwarf Fortress community.

      1. AReasonWhy says:

        Besides that, developers actually really like their games and people who play them.
        But you got thousands people between them and the players doing all the business and marketing and publishing.

    2. Rosseloh says:

      They have to get to know you, your team, feel that THEY, and their opinions, matter to you.

      There’s two games that are basically doing this right now, at least to my mind:

      For indie studios: Subnautica is coming along really well, and with nearly transparent development. They use a public board for tracking…well basically everything in the development process, that anyone can view. The individual developers also are constantly in the public Discord server, often times commenting on suggestions and questions. It’s actually quite close-knit.

      And for a larger, “AAA” studio…Regardless of what anyone might think of the project overall (and I really don’t want to argue about it, so please refrain), Star Citizen is REALLY coming along and it’s been mostly transparent the whole way. I’d never actually seen the game dev process in such detail before backing SC. Especially in the last year, where they’ve started releasing weekly schedule updates that are, minus a few spoiler-related cuts, their internal schedules…delays and all. And like the Subnautica guys, they’re always in the various chat channels, Discord server, Reddit, replying to and taking ideas from the community. Us as backers are really not just people “preordering” a game, we’re investors. Investors who get a very solid look at the development process, from the beginning when they hadn’t even formed a proper company yet and had like, 10 people, to now where they’re a global organization with 4 locations and hundreds of employees.

      Now, it’s not like I know the people at these companies well enough to say, take them out for a beer on a Friday night (though I probably could if I lived near any of them). But to my mind, it’s quite close to what you’re talking about. And it’s one of the major reasons I’m so invested in the development of both games.

    3. Philadelphus says:

      In short, they almost need to become your friends. But once that happens, they will be willing to throw an astonishing amount of money your way.

      Exhibit A: Me and Paradox Development Studio games and DLCs.

    4. On the mark there. Yep. If somebody are unable to pirate a game a very small number may decide to buy it, but a possibly equally large number of non-pirates be decide to not buy it (because of the DRM).
      Those who are unable to pirate it will either wait until it’s cracked or they will simply ignore that game entirely.
      A few may turn around if the game end up on GOG a few years later though.

  12. Ivan says:

    Uplay’s still a thing tho, right? So Denuvo still has some work to do. Do Ubisoft games use Denuvo at all, or just Uplay. Or Uplay and Steam, when you buy it on Steam, cos of course 2 layers is what we want between us and our games.

    1. AReasonWhy says:

      Funny enough, they weren’t really using it all these years but a lot of their upcoming games will be using it. Oh ubisoft…

  13. wswordsmen says:

    Probably the biggest reason you won’t see a price drop from the AAA industry is something called the Kinked Demand Curve.

    Basically if your competition is few enough in numbers that they can all be monitored, like the AAA games industry, that decisions by one firm will affect the action of all of them, game theory dominates firm behavior.

    Game theory would say in almost all cases that a price drop will be matched by competitors while price hikes will be ignored. This means when trying to maximize profits, which in this simplified example is linear to revenue, they want to sell the most units at the highest price. That point is exactly what the price is, because a lower price will be matched by competitors and you will sell the same number at a lower price, and price hikes will be ignored and fewer sales will be made at a higher price that results in a net loss. The resulting demand curve is composed of 2 sections with a kink in it at the current price, which is where maximum revenue and therefore profits can be achieved.

    Now you ask how did the industry raise prices to $60 in the first place? Collusion, when the 360 came out the whole AAA industry agreed to make their games $60 at the same time which changes the math.

    1. Syal says:

      And that’s assuming equal product quality, which customers don’t. If you drop your price for a new game, the customers can assume the lower price means your product isn’t as good and you can actually lose sales.

    2. Bloodsquirrel says:

      Game theory would say in almost all cases that a price drop will be matched by competitors while price hikes will be ignored.

      That’s not true at all. A price drop will only be matched if it’s likely to affect the competitors’ sales, and if they can still be profitable at that point. A price increase will only be ignored if matching it will reduce sales below what the additional margins per sale will make up for.

      Prices are driven by supply and demand. We can see this in the most pure form in a commodities market, where the products are the most interchangeable, leaving price as the only point on which companies can compete. There, we see prices rise as often as we see them fall. The reason is simple: if someone selling at a lower price can’t meet the full demand, buyers will go to someone selling at a higher price. We also regularly see prices rise when upstream costs rise; companies know that their competitors will have to raise their prices as well to stay in business, and count on it.

      In the games market, where individual copies are trivial to produce, we see companies compete through features and quality. That’s why the price point is as sticky as it is; if you have Battlefield, then your competition can’t sell Battlefield at $55 to your $60. But they can try to get gamers to buy COD instead. Since “How much worse is it alright for a game to be before I buy it at $55 instead of $60” is a very difficult question for people to evaluate, and they won’t know how good either game is until they play it anyway, there isn’t much pressure to fine-tune prices.

      Now you ask how did the industry raise prices to $60 in the first place? Collusion, when the 360 came out the whole AAA industry agreed to make their games $60 at the same time which changes the math.

      Collusion implies that everybody actually sat down and came to an agreement. Collusion doesn’t work if there are outsiders to disrupt the scheme, and the gaming industry has too many independent developers to make that work. Besides, if they could set prices that easily, why not $70? Why not raise it again when the Xbox One came out? Microsoft just gambled on gamers being willing to spend $60, turned out to be right, and had everyone follow them after that. If their $60 first-party games had bombed it would have been a different story. Demand in the games market is really too elastic for collusion to work; even if there was only one company selling video games, people could still just choose not to buy them, or to buy fewer of their games. It’s not like, say, internet access, where everyone in the modern world needs it and needs exactly one of it.

      We have plenty of indy games that sell at well below $60, and while indies can’t put out the exact same kind of game that a AAA developer can, they’re still competing over the same dollars. Some indies even do sell at that price point, because it’s turned out that there is solid demand for isometric RPGs at that price. Meanwhile, we’ve seen free-to-play models pop up, DLC, collector’s editions, and tons of other variant pricing in games.

      The $60 price point really isn’t all that sticky. It’s more or less the ceiling of the upfront cost that most people will play, and it’s about what you need to charge if you’re making a 50 million dollar single-player shooter, but no amount of collusion seems to have succeeded in convincing developers that they should be selling their MOBAs at $60 or kept MMO monthly subscription fees around. The variation in pricing we see all over the market whenever games aren’t constrained by the exact circumstances that AAA action game developers are in clearly suggests that the market is quite flexible in pricing. $60 is just plain the right price for that one segment.

    3. Unless you are Paradox in which case you are in your own world.
      Some of their games has remained at the same price for like a decade, and have like hundreds of dlcs, total cost several times that of a AAAA game.
      Paradox even raised their prices (in certain regions) now to try and get more money, they obviously did not state that instead saying they adapted their pricing to regional markets.

  14. el_b says:

    In the mid to late to thousands when tech was coming out really fast there wasn’t really any guarantee again would work on release because there were so many different systems out there. I bought stalker clear sky and it would hard crash constantly until one month in six patches later when it had dropped by £20 and when I had my system slightly altered it wouldn’t work any more.
    Because of stuff like that I’ve always used pirated versions as demos so that I can make sure something works before release, and it’s just as necessary now since instead of not being able to test every version of a PC, they just use us as beta testers for unfinished games…And it’s not like online activated games are return friendly. Games used to drop in price a lot faster as well whereas now they’ll sometimes stay full price for yearsand tack on a bunch extra for all the little DLC. The markets been getting a lot less friendly for a while now and you can understand why a lot of people just opt out.

    1. A good rule of thumb would be if you reach the end of the main story of a game, if you did then you should probably throw some cash in the direction of the developer.

      If you can’t reach the end due to bugs, or because the story sucks so badly you can’t finish it then I’d say your in a grey area.

      Nothing worse than reaching the end of a main game story and the ending sucks, and we’re not talking ME3 stuff here but instead you can feel the life of the writes vanish, add bad voice directing and acting and spotty audio quality and I’d say you might have the moral highground if it’s a 60 dollar game.

      Buggy games can and should be fixed in a timely fashion. If they are not then perhaps that company do not deserve your cash.

  15. SkrEEmeR says:

    Yeah, this post seemingly is ignoring the fact that we had about 15 games protected with Denuvo broken in the last two weeks. Tekken 7 was released with Denuvo and broken within 4 days, Resident Evil 7 was broken within a week. Denuvo has already lost the arms race.

    1. Daemian Lucifer says:

      A bunch of games that were uncracked for months got cracked in june and that somehow means that denuvo lost?

      I keep hearing this same thing for the last two years,from people completely ignoring that after such a burst there are months long periods when no denuvo protected games are cracked.Always the same “ZOMG DENUVO FINALLY FALLS!!!oneeleven”,and its never true.

      1. Kylroy says:

        They clearly lost this battle, but that doesn’t mean the war’s over.

        1. Steve C says:

          No! They didn’t lose this battle! The objective was to stop cracks during the volume of sales at release. It did that.

          1. But did it improve sales during the launch window of the games though?

            Unless there are two identical games one with DRM and one without, and both get the same DRM and are identically in all other ways then there is no way to compare them. Just launching a game the next year on a different week can cause huge fluctuation in launch window sales.

    2. AReasonWhy says:

      I am giving shamus the benefit of the doubt that he was researching this topic for a long time before publishing it. The recent cracks really did happen like the last two weeks and he probably just was not aware of it.

      1. Shamus says:

        This column was set to publish over a month ago, but then the Zenimax vs. Facebook series happened and it got pushed back.

        1. Steve C says:

          Shamus, you were properly informed, and your column is not wrong!

          FFS. So many people in this thread saying “Denuvo is cracked” and completely missing the point. Of course it was cracked. The point is, did a DRM put serious dent in piracy without the publishers receiving the reduction in losses that they have always claimed? And yes, Denuvo did make a serious dent in relevant volume sale time periods. And no, publishers didn’t see the reclaiming of losses they’ve always used to justify DRM.

          This criticism you are receiving is not valid.

          1. AReasonWhy says:

            I don’t see the peoples comments as criticism. That said, its an ongoing battle, and there were just recent developments. You know how people on the internet can be “THATS NOT THE TRUE FACTS” and completely miss the point. I agree with you that despite the recent developments the articles points doesn’t really change. He himself said no DRM will be left uncracked if worth the effort, and we’re seeing that happening these days.

          2. Denuvo did not put a dent in piracy. The pirates simply went for other games instead. So the non-Denuvo games actually got a popularity boost in Piracy land.

            I wonder if it’s possible to quantify word of mouth difference for DRMed vs non-DRMed games. Heck even Steam vs Denuvo.

  16. DosFreak says:

    Sigh. Denuvo is only painless for those who don’t give a shit or are always online. Denuvo dials out to 3rd party servers in certain situations such as when your game is patched. The Denuvo website and the media always refer to the software as anti-tamper and always state that it is not DRM whereas it’s been proven by those who care that it is DRM. Unfortunately if you care that it is DRM you are labeled as a “pirate” for giving a shit about the software you buy or refuse to buy.

    Sadly you see people defending this for some unknown reason probably the same reason people like different sports team some tribal bullshit most likely.

    Good luck trying to play your Denuvo games (that haven’t been cracked) in the future but I’m sure you’ll be happy paying for the same game again once that time comes for $59.99.

    1. Echo Tango says:

      Denuvo dials out to 3rd party servers in certain situations such as when your game is patched.

      If the game needs to download a patch, then by definition you’ll already need to be online. If Denuvo was periodically phoning home while the game was being played, that’d be something I’d be annoyed with.

      1. DosFreak says:

        If the game is patched but not launched and you are offline (home issue, ISP issue, cloud issue, drm server issue) when you launch the game then you will not be able to play the game. Just remembered another one. Hardware changes, driver changes and OS upgraded (like the frequent OS upgrades Windows 10 gets now). Supposedly if you have you run your games in offline mode then after a certain period of time then Denuvo will need to reactive.

        Again these are only the instances I can remember and only because the community has found them out. The company is very secretive on the operation of their DRM.

        1. “The company is very secretive on the operation of their DRM”

          Well its’ all based on obfuscation.

  17. Nick-B says:

    Interestingly enough, there was a bit of Denuvo death news recently. Torrentfreak (a news site that despite it’s name doesn’t host torrents, nor does it link to them, it just has news about DRM, piracy, and companies’ misguided attempts to prevent said theft) reported that a mystery group nobody’s heard of claimed to have cracked Dishonored 2, which was supposed to have some new form of Denuvo that hadn’t been cracked yet.

    The really interesting bit about it, is that the group didn’t just simply crack the game and release it, but possibly included a freaking key generator for Denuvo. It quite possibly would enable bypassing of all Denuvo releases, not just Dishonored 2. But I haven’t heard more from that since.

    Also interesting, is the group’s use of VMProtect to “protect” their keygen from scrutiny. This is the same product used by Denuvo to protect THEIR anti-tamper protection, of which – amusingly enough – they are being sued for using an illegal unlicensed copy of.

    Lastly, RiME – a recent release who promised to remove Denuvo if it was cracked – was cracked. Within a week, there was an article referring to the cracker group’s removal of the calls the game makes to verify that it is legit. Apparently, in simply loading up the game or loading a save file, the game makes upwards of 300,000 calls to the anti-crack protection. Since previous games made upwards of 1000 during this time, this appears to be a 300 fold increase in the effort to protect it. Then, in about 30 minutes of gameplay, the number of calls made started to number in the millions.

    1. Shamus says:


      So a DRM company was using pirated VMProtect software to make DRM.

      Then an anti-DRM group broke it. Then they used the same VMProtect to put DRM on their DRM removal tool.

      This sounds like a Neal Stephenson novel.

      1. Richard says:

        I love that and so hope it’s true :)

    2. Abnaxis says:

      “Only making matters worse, the cracker says, is the fact the triggers are heavily obfuscated under a virtual machine, which further affects performance.”

      Wait, wat? Are they seriously running game code through a VM for DRM?

      1. Richard says:

        As I understand it, nearly all the game is native code, but some parts are run inside a ‘locked’ VM instead where it’s supposed to be very difficult to see what the code in the VM is doing.

        Of course, that alone would be trivially patched out, so there must be more to it.

    3. Daemian Lucifer says:

      The first article:Articles like that have been popping up ever since denuvo was released into the wild.It always turned out that either they lied and didnt crack shit,or that what they did worked only for a game or two and the new version of denuvo still made them stumble.

      The second article:This is still just rumors seeing how everyone is just going by a single forum post from That Guy,with no confirmation from either denuvo or the court documents.

      EDIT:Ah yes,that article has an update that says there is no lawsuit.So not just a rumor,a false rumor.

      Third article:This wouldnt be the first time the developer screwed up when implementing denuvo.That is not how it should work,and that is not how it works on anything else.

      1. Nick-B says:

        Sure, I was disappointed to hear nothing more come out from it. Plus, it seems strange to me that a keygen wouldn’t be based on the game itself, allowing a master keygen to work from game to game.

        To the second article, sure, I guess I’m also skeptical of “lone ranger disgruntled employee leaking info on a forum you never heard of” news, but that alone doesn’t make it fake. Of course both companies involved will deny the claim, even were it to be true. I do admit to not noticing the “a post on a forum” source, though.

        And for the last article, again it can be considered a “post on a forum” source, and certainly not one that would be completely unbiased, but I also wouldn’t put it past a company like Denuvo to put in so many hooks to prevent piracy after all the cracked games recently.

        1. Daemian Lucifer says:

          But why would they do that since one of the very first things they said about denuvo was that it was not uncrackable,it was just meant to prevent pirating of games during its launch sales.And why would they go bonkers now when they did not do so for their earlier versions which had similar waves of denuvo being bypassed.

          1. Nick-B says:

            Who knows? I certainly hear news after news after news about Denuvo being cracked within days of release, which can’t be good news for the previous king of DRM. It’s possible that general gamer pushback against Denuvo (steam forum posts for games with it) combined with it’s inability to protect a game for long, added to this supposed “promise” to refund the cost if the DRM is cracked, can possibly lead Denuvo to slam as much as they can into a release to delay it as long as they could.

            It’s too bad we’ll never know the truth. Denuvo certainly isn’t going to speak up about all this, and devs are probably under a non-disparagement contract.

  18. MichaelGC says:

    Does anyone have any idea how this would work? (Er, speaking of *waves hands vaguely* encryption and thus & such. Sorry! – I know this is not really on-topic, but I doubt there’ll be a more-appropriate post to hijack for a while.)

    Cisco says it can detect malware without decoding encrypted traffic

    1. Agamo says:

      It’s not completely out of the realm of possibility. There is a form of encryption called homomorphic encryption that allows operations to be performed on ciphertext without any decryption occurring.

      However, I’m somewhat skeptical of Cisco’s claim, particularly regarding privacy. To me, it seems that if it were possible to determine whether or not certain traffic is malware, it would be possible to distinguish other forms of traffic as well, which could lead to a violation of privacy.

      1. Richard says:

        Cisco’s claims are based on analysis of the metadata – who’s talking to whom – rather than the data itself.

        There are quite a few classes of malware that could be easily spotted that way
        – eg something that uploaded all your trade secrets to a competitor might involve a connection being made to a suspicious-looking “dead drop” remote server and a lot of data being transferred.

        Of course, this doesn’t help when it blocks you uploading to your AWS mirror.

        1. MichaelGC says:

          A-ha, I see. Thanks! And the homomorphic encryption stuff was interesting too, although I now have a mild headache.

        2. Agamo says:

          Interesting. I suppose I was quick to jump to homomorphic encryption (mostly because it’s so damn cool, even though I can’t really wrap my head around how it actually works).

  19. Paul Spooner says:

    I kind of want to play a DRM cracking game now. Each level is protected behind the DRM of the previous level. It starts out with simple cypher book stuff and ends somewhere near remote-server and hardware spoofing. The final level unlocks the dev tools, so you can add your own DRM and put your version on the torrentz.

    1. mike says:

      Not precisely what you asked for, but:

  20. SPCTRE says:

    Forgive me Shamus, but have you considered updating the title image for your TDI column?

    The fact that it is an outdated controller (I know, it’s very much still popular especially with the PC crowd) somehow is triggering my OCD in a column talking about the contemporary industry at large.

    (Feel free to strangle me with a corded 360 controller for this.)

    1. Daemian Lucifer says:

      Its a future retro aesthetic.

  21. Radiosity says:

    My biggest issue with Denuvo is that it’s the same people who brought us the lovely SecuROM rootkit. These people cannot be trusted under any circumstances, and if no one truly knows how Denuvo even works, who’s to say exactly what it’s doing on your machine when running?

    If a dev wants to try and hold back the ocean with this, they should at least commit to removing it after a few weeks or a month, those are the most important weeks for any new release, so fine, try and protect it. But after that? No reason to keep it in there. Least ‘some’ companies do seem to remove it eventually (though I believe it took a year before DOOM’s was removed… mere weeks after I refunded it once I found out it had Denuvo heh).

    1. Daemian Lucifer says:

      and if no one truly knows how Denuvo even works, who's to say exactly what it's doing on your machine when running?

      Those who bypassed it do know.

      A bit of scepticism is fine.But to forever feel that someone is tainted* because of what they did previously,even when the evidence points the other way,thats ridiculous.Securom was terrible,and it didnt work.Denuvo is not terrible,and it does work.Judge the product on its own merits.

      *The reverse is just as silly.Dont constantly excuse someone because they did good in the past.

      1. Radiosity says:

        Nope. Once someone has shown they’re willing to do that type of thing, that’s it, I won’t trust them again. Besides that, I simply won’t tolerate being treated like that as a customer. You may enjoy being taken for a ride. I don’t.

      2. Syal says:

        How many products ago was SecuROM?

      3. Richard says:

        I very much doubt that bypassing it requires knowing everything it does.

        You only need to reproduce the effects observable by the rest of the game software.

        If the game calls out to a library that ties your computer serial number to a pigeon leg, sends the pigeon, waits for a pigeon to come back, checks the message on its leg and then replies back to the game “Yes/No”, it can be replaced by a simple wait followed by a “Yes”.

        If the library uploads your entire hard disk to a remote server and then replies “Yes/No”, it can be replaced by a “Yes”.

        The unobservable (or simply unobserved!) side effects of the calls into the library don’t need to be copied or even known about in order to replace it.

        1. Daemian Lucifer says:

          What you write is correct.However,before you can figure out what response needs to be inputed,you have to know the ins and outs of the system.Otherwise,every game would take almost a year to get cracked by brute force,instead of every game with the same version of denuvo getting quickly cracked after the first one which takes the longest*.

          *This is an oversimplification,of course.Figuring out what to do with one game does not automatically lead to full understanding of the current version of denuvo,nor what exploits there are.But its the general framework.

  22. Nick Powell says:

    You may not want to know this, but shrink-wrapping is, in fact, a real fetish. You’ll be able to find examples if you look, but I’m not sure why you would…

Thanks for joining the discussion. Be nice, don't post angry, and enjoy yourself. This is supposed to be fun. Your email address will not be published. Required fields are marked*

You can enclose spoilers in <strike> tags like so:
<strike>Darth Vader is Luke's father!</strike>

You can make things italics like this:
Can you imagine having Darth Vader as your <i>father</i>?

You can make things bold like this:
I'm <b>very</b> glad Darth Vader isn't my father.

You can make links like this:
I'm reading about <a href="">Darth Vader</a> on Wikipedia!

You can quote someone like this:
Darth Vader said <blockquote>Luke, I am your father.</blockquote>

Leave a Reply

Your email address will not be published.