During the time of the Soviet Union, it was an urban legend that during supply shortages, Soviet factories would have no real work, but workers needed to keep up the appearance of working, so they would have one line of workers continuously assembling devices, feeding into another line that would continuously disassemble them, all in a loop where nothing gets produced.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
I have a slightly different story, told by a Romanian coworker who was old enough to have worked in a factory under Ceaucescu: the workers stole from the factory, all the time, at every level. Managers would be able to take away complete items for "testing"; ordinary line workers would be limited to what parts they could plausibly conceal in their overalls at the end of the shift, then assemble them in their own time.
As someone who used to be a Pirate Party supporter, piracy has to exist in an equilibrium to avoid killing the host, and I don't know if that's possible on today's internet. Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes. The optimal one is probably somewhere in the "a small number of people who Know A Guy pirate the game, gradually increasing over time" range. But that may not be sustainable either.
> the workers stole from the factory, all the time, at every level.
I think the context is important. These were people in poverty, in an extremely mismanaged society. You could get very little from actual shops. Most things would have to be bartered for. Stealing from the state accounted for a very important part of peoples' sustenance. My grandfather would try to explain it like this: even if you had money, there wasn't anything to buy. In that sense, even the factory managers were poor. Sarah C. M. Paine says that, in terms of buying power, the First Secretary of USSR's wife was poorer than an average American middle-class wife.
Yes. Hence the stories of people (Brezhnev?) being astonished and baffled at simply walking into an American supermarket.
Of course, one reason why there wasn't much on the shelves was it had been already stolen by other people closer to the source ...
(something of a generic problem of low trust societies, not specific to Communism. I think we sometimes don't appreciate how valuable a high trust society is to us in the West, which is why people trying to destroy it by looting from the top are particularly dangerous: the rot spreads from the top)
> Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes.
Fortunately the second one isn't a real thing. There are many games that have already been cracked, or that never had any DRM to begin with, and there are still large numbers of people who pay for them. Because they want the publisher to continue making games more than they want to avoid paying <1% of their annual income for something.
Which is in turn why the DRM not only doesn't work but is actively harmful to the publisher. Getting people to want to pay is a lot easier when you're not actively pissing them off. Meanwhile the DRM gets cracked anyway and then you're worse off than when you started, because not only can they still pirate it, now more of them want to.
Take every nail from the factory post,
You aren't a visitor, you are the host!
And yeah almost everyone was stealing even if it would be
things they absolutely not needed. Then you can change it for something you need or use it weird way in your home repairs.
This is how some people end up with parts of ICBM or space ships as part of their country datcha landscape design.
After all propaganda loved to tell that everything is owned by people's.
most games make a very good chunk of their lifetime revenue during their first weeks. If you can avoid piracy during that period (through wishlisting, preorders and such) piracy is not going to eat into your revenue significantly.
On the other hand, having strongly anticonsumer DRM will certainly affect sales. If you have a loss of performance or make it too much a hassle (mandatory connections, updates, etc) that will eat into your revenue, and twice as you are paying money to third parties to have consumers be shun away.
That assembly line workers are constantly being kept fresh on their skills and processes. If you can't get some component for 3 months, new units can almost immediately be pushed out of the factory when the component does arrive. If you bring on new workers, you train them on the disassembly process first and then move them onto the assembly line once they understand the construction.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
> The US does something similar with the national defense manufacturers.
You also see this with the European space industry especially in the rocket building. A lot of money is poured into the industry even if there are no massive returns or advancements just in order to keep the people and skills. If you let these slip, rebooting the sector would be a decades long affair so doing busy work sometimes is the better option.
Heck, even most large tech companies do this type of busy work assignment. They hire en-masse but many of those people are never really put to work. Their greatest value is that they stay out of the competition's hands, if there is a massive project coming up the people are already there, and they can be dumped in case of emergency to prop up the stick price.
The ākeep up the appearance of workingā story feels like a misleading comparison to me, because the motivations are pretty much reversed. In the hypothetical factory, there's an external social element requiring the appearance of working, some observer to whom it looks good that this is happening: the way I read it, the assemblers and disassemblers may well be cooperating with each other to produce that appearance, so that the absurdity is visible from within (though they could also just be unaware of each other's assigned tasks). In the case of anti-copying technologies, game publishers trying to guard their revenue stream, and other groups trying to distribute or play unauthorized copies, are adversaries whose tactics create relative losses for each other that can bleed into the surrounding society: seems bad that it impacts other users / risks jobs and livelihood / is various forms of unfair (depending on one's moral feelings around which actions are ājustifiedā), but their individual actions are incentive-aligned from within the conflict.
DRM authors and implementors know it doesnt work. The decision is made by people in suits based on traditional business culture that doesnt fit the digital world. The same people making denuvo are also the ones breaking it.
Are you grouping the implementors with the crackers because they understand the limitations of the technology, or are you saying they're directly working with each other to scam the publishers and/or audience (and that this is sufficiently common to overturn the whole framingāa conflict can have some proportion of double agents and defectors while centrally remaining a conflict)? If the former, even supposing that many individual implementors and crackers would agree that the technology is inefficient/breakable/whatever, I still think the driving conflict that causes the implementation and the cracking to happen at all is between a broad cluster of agents around the game publishing activity (including managers, investors, game developers and artists, and more indirectly DRM implementors, integrators, and salespeople) and a broad cluster of agents around the unauthorized copying activity (including people who do ripping and DRM cracks on a technical level, distribution channels, and people who look to those channels to play games without buying them the authorized way). That there are principalāagent inconsistencies within each cluster seems like more of a sideshow; a war doesn't stop being a war because enough of the soldiers have realized that their weapons don't work very well, or because they realize that in some other world they'd have been on the same side.
If you notice, if you said is correct, this means it would be incredibly easy to yank your ownership of GTA 5 simply by retiring denuvo related account.
All that would be publicised would be " GTA 5 denuvo key license is now over" and people would not know
> they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
I've heard that story (or a similar one) about Boeing on a cost-plus contract in the War; one group of employees would dump screws together, and the night shift would sort them apart.
I've had to take a moral stance and move to just playing games on Gog that I can buy and own the files for. No I can't play the latest and greatest but it's not the end of the world as I've so many classics to still play and enjoy. I can't support lockdown and DRM anymore. If I buy I want to own, otherwise I've not bought. It is true, if buying isn't owning, then piracy isn't stealing.
Right where I've landed as well. I just won't buy titles with Denuvo DRM, ever, no matter how much I want the game.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
Surprisingly, there were DRM games praised for good UX, only these were hardware releases.
When Switch 1 launched, it got re-releases (eg: Diablo 3) that were: 1. complete editions with DLCs, 2. came on a cartridge that one could swap between devices or sell, 3. supported offline play.
Online game stores were supposed to offer better UX than hardware releases. I find it interesting, and perhaps a sign of how bad the online experience can get, that the opposite can happen too.
I'm willing to buy on Steam, however not with intrusive DRM. Nor with 3rd party store requirements (like EA games on Steam).
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
Likewise, I will not even consider paying for games (or music) that don't have an unencumbered download option. If the game is open source I will usually buy it without even thinking very hard about whether I'll play it.
You can archive the installed files from Steam though. An example is the pixel art program Aseprite. The devs said just to copy the binary out of the Steam folder and place it elsewhere if you wish.
That's still not "archiving" though. It's one thing to download the installer, and quite another to install the game and copy the files hoping it will all still work. Especially on windows when registry entries are involved.
You have no clue what you are talking about. Registry entries that are required by games are like a thing of the past for like 25 years or something.
I am a heavy pirate and I my favorite games come as raw files torrents with the crack pre-applied. Games these days (with DRM removed) simply execute no matter where you copy and move them they just work. The cracks themselves do not modify any registry entries or make the game write them new or differently because they simply do not use the registry. Games write their savegames in AppData or Documents and THAT IS IT. Installers are glorified copy machines with ads on them (GOG) for example. They copy files and put a shortcut in your start menu and desktop and THAT IS IT, they do not write special registry entries for a game to work. Again this has not been a thing for like 25 years. I think it was when SecureROM was a thing.
So yes some steam games actually come DRM free, and you do not even have to move them out of the original steam install folder you just need to execute the EXE without steam running and they work. So indeed it is in fact achieving if you simply keep the files somewhere. For game with basic steam DRM you can use a crack or use steamless that basically removes the steam DRM that is very basic from the exe and use Goldberg Steam Emu to emulate steam. You do all this after the fact so you CAN for all the game that to not have some advanced DRM like Denovo just achieve the games files and make them work later on without Steam.
It will if it's DRM-free. The login check is an optional call that the developer has to intentionally use. Usually if you're a small developer releasing a DRM-free game you'd make your game degrade gracefully if Steamworks doesn't work, so you can publish the same builds on Steam and on any other store.
I love steam but even if it can barely be called a DRM, it still is. People not into computer science will have no clue how to do it, and that's what matters when talking about owning your own games, you should not require knowledge to keep something you paid for
"Not into computer science" lol. I knew how to copy a damn crack at 13 years or whatever and a barely figured out windows by that time. You act like people are stupid. Sure there are some console gamers who only use their phone for social media and are clueless about computers in 2026, but most people know how to copy some damn files over. They do not need to be in "computer science".
If you really want an installer, just pack the files into a self extracting archive. But IMO the loose files are easier to work with than an installer.
Or are you misunderstanding the fact that you can just copy/back up the Steam game and play it anywhere. That's why I say many people have that misconception about Steam games
The real difference is that for Steam the bulk of the catalog is made up of DRM games and that sends a message. As far as I know Steam isn't actively doing anything to promote "DRM free" in general, they just don't say no to the opportunity to sell those games too.
GOG on the other hand takes an active stance on promoting and supporting DRM-free games. Once storefronts like GOG disappear I don't think Steam will pick up the torch and fight the DRM-free fight. Once Gabe is no longer in charge it might just get overall worse for everyone, although fingers crossed Steam can at least continue as it is.
Is it? Is there even a list of them? I know some are, some arenāt. Sometimes itās even mixed (e.g. Pathfinder Kingmaker is DRM free, the DLCs use Steamworks DRM). As you say, they arenāt promoting it, but Iām not sure they expose that information at all.
While Valve isn't the worst company when you buy on GoG you support a company dedicated to keeping things DRM free and preserving older games. Plus fight the Steam monopoly.
They do, there will be a Linux penguin on the supported OSes list if the game has native support for Linux.
If the game doesn't have native support, and you buy the game on a Linux machine, it will warn you about possible incompatibility.
In any case the reality is that every game I've bought on GOG has worked pretty much perfectly on Wine, I use winetricks.
The main problem with Windows games these days is the DRM which on Wine will crash. Good thing GOG games don't come with any.
GOG and CDPR are not the good guys. They released a complete disaster of an unfinished game with CP2077, and they KNEW it was broken and still shipped this gigantic pile of trash. Their promo also included a bunch of made up hype trash that was completely just artificially created in video, and they made it seem like it was gameplay. So they LIED to hype their unfinished trash game. Much of that never made it to the game.
Also even the fixed game now is just a silly boring sandbox game, what makes it good is the story, but It's for sure overrated. I enjoyed it but still overrated.
They also censor for the CCP, the removed the game Devotion because it had a JOKE inside that was not even visible to the normal player you needed to get out of your way to see some devroom or something with it. The BLACKLISTED a game simply because they make a JOKE of the Chinese president.
All big companies are EVIL by definition. Do not act like they are the good guys because they grift of selling games without DRM, they sell them at higher prices to make big money. They grew into this immoral dirt megacorp.
Denuvo is there to prevent piracy within the first 90 days of release. Something like 60 to 80% of a gameās revenue is during that period. They donāt care that itās eventually cracked, and they absolutely do not care about performance.
Not strictly after 90 days, but Denuvo is usually removed after the peak sales period for a game. It's really at a publisher's discretion when to remove it, as the sales model for Denuvo is that you have to continue paying for it on a subscription basis to keep it active.
This is untrue. Yes Denovo got removed from some games relatively early, but mostly it was long after this "peak sales window" I would have to make a list of how long it took for games, and I am too lazy to even ask AI, but I think it took years in some cases and a lot of community outrage for the devs to remove it, and they did not just remove it after some peak sales window but when the games were actually cracked and the steam forums were flooded with pissed of people who realized pirates had a better experience then actual buyers. THEN they removed it.
So it's more like after they were cracked rather than some time window, sometimes these may have been overlap.
1 year after release is for sure not "peak sales window".
Having the game wishlisted is a signal of players waiting for a sale, or future patches/correction, or simply not bothering to cleanup wishlist, not a signal of someone is eager to pirate the game.
It can, but that seems to be more related to poor implementations by the game devs, and not inherent to it. There are plenty of examples of games with Denuvo that still run fine (give or take your opinion on whether the presence of DRM is inherently "impacted performance").
More modern version: No you are holding your iPhone wrong, it is not a design fault that makes a ground loop in the antenna if you hold two metal surfaces with your hands.
Isn't Denuvo actually implemented in a game by the DRM developers, though? I remember reading that they have a process where the game dev sends Denuvo an unprotected executable, who adds the DRM to that executable and sends it back.
Thus, I believe the poor implementations are directly the fault of Denuvo.
The games run terribly on release because they have Denuvo, and then when the sales volume no longer justifies the licensing costs of Denuvo, the devs strip it out and sell it to the players in patch notes as "optimizing performance."
Someone else mentioned GTA getting more aggressive copy protection out of nowhere. It's not out of nowhere. With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection.
Denuvo has layers upon layers of obfuscation that inflates nearly every instruction and function call, extra code execution that does nothing to throw off someone trying to follow code execution paths, and constant moving around where the game stores stuff in memory, again, to throw someone off watching via debugger.
It's pathetic because one company has been almost entirely responsible for people needing to buy faster and faster CPUs and GPUs trying to eek out more and more performance. CPUs, GPUs, memory - all of it has gotten enormously faster, we have more cores, etc. Despite all that, every new game barely runs at 60fps.
Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
> With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection
How does that justify it? Adding stronger DRM when cracked copies of the same content are already out there is like trying to get insurance after your house has already burnt down.
> Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
If you strictly want to blame Denuvo then that assumes game developers cannot think of a way to spend their extra performance either. Which is obviously not the case.
False. There's lots of side-by-side recordings of Denuvo and non-Denuvo versions of games on YouTube clearly showing that Denuvo does impact performance.
CPU cache space for code is much smaller than GPU memory for models (and the former is more important for performance since many CPU operations like pipeline parallelism are latency bound, not compute bound).
>This. Why spend extra on x3d cpu when you can have a reasonable game size (not that it has large enough cache anyway)
Because game(SW) devs/publishers don't care about spending money to optimize for reasonable size, and the enthusiast gamers want to play the game either way and will gladly fork out the cash for the HW to play it, if anything for the bragging rights.
Remember "will it run Crysis?" vintage 2007? Yeah, enthusiasts will be enthusiasts.
I'm a fan of the free market here. Badly optimized games will hurt their sales and force the studios to change or go bust, if the market decides so.
Denuvo is owned by Irdeto, a digital rights management company in a broad sense. They not only do software and hardware DRM, but also work as a watchdog for movie and music companies to claim DMCA violations for BitTorrent, among all other stuff.
Do the cracks still need you to disable Hyper-V (which leads to disabling WSL and whatever else)?
In addition, Iām not sure why theyāre enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
It's impossible to know which Steam games are DRM-free since Steam games without DRM are not marked in the store. They have to all be assumed to have DRM.
Well, all Steam games have Steam DRM? The Steam store will tell you if there is additional DRM on top of Steam, at least it has in the past.
To the parents question, it is better to use GOG if you care about DRM.
Sometimes the Steam version is qualitatively better because the publisher/dev has supported the Steam version with more updates. Often the updates do turn up on GOG, but it's possible there is a delay.
Wonder what will be the consequences of this. I dislike Denuvo for the performance and stability penalties it gives games, but I do wonder if the "security" it gave publishers wasn't a big part of the reason why we've been getting more and more big name games on PC.
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
Denuvoās market is āfirst 90 daysā revenue protection, not lifelong revenue protection. Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes. If only Microsoft hadnāt fucked up so badly with Windows 11 requiring an account, theyād have a way to stop using it altogether.
>Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadnāt fucked up so badly with Windows 11 requiring an account
This is not true at all as evidenced by the fact that most games do not get Denuvo removed once they are cracked. And the companies that DO remove denuvo only do so after several years because of licensing costs as denuvo transitioned to a SaaS model.
I feel like the "first 90 days" is just because games no longer include a demo, so they force players to commit to a purchase before a wide consensus forms. A lot of people pirate simply to try the game out. Most people who can afford the game would then purchase the game if it were good.
I have not read a study on this but I suspect the percentage of people who would buy a genuine copy of a game they already have pirated would be something like 3-5%
Untrue, where are all the after-90-days-hacked AAA games? Nowhere, denuvo lives on as long as publisher is willing to pay continuous licence, which is usually years.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
I honestly doubt it will make much of a difference.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
Run anti-cheat server-side. Give us private servers again. There's no reason we should have to put up with client-side rootkits written by non-kernel-devs to play a game.
Cheating is a social issue, not a technical one. Communities are the solution.
Private servers are a nice way to do this and do still exist in places. My favorite online game uses them along with server side anti-cheat and while cheating occasionally happens, it has never been an ongoing issue. I've maybe seen a cheater once or twice in all my many hours playing the game over 10 years (elite dangerous, in case you were curious).
Community servers don't want server-side anti-cheat either. Hell they invented client-side anti-cheats back in the day. Even current day community servers like Face-IT have additional anti-cheats, not less. Same with modded GTAV FiveM (even before the main game added anti-cheats)
One has experience writing secure, stable code for drivers, memory management, etc that is subject to broad review by other experienced devs. The other is looking at those things adversarially and pushes out whatever they think is good enough. Crowdstrike served as a useful reminder for who should be allowed in kernel space, and video game anti-cheat has far less justification to be there.
It's not possible, technically, to run effective anti-cheat server-side. Clients need precise enemy location data for things like sound effects. The server can't tell if the client is using the data for unfair purposes or not.
This. There are a lot of online games I loved playing but the cheating got so bad it made it impossible to play. MW1, MW2, Battlefield, CS, etc... you could see the wallhacks and aimbots taking over every lobby. I eventually stopped playing. I tried using Consoles for online gaming after that but never really got into using joysticks.... still prefer mouse and keyboard. Now I play limited games where the cheating isn't quite that rampant.
Im not a big gamer, but playing GTA Online, and getting taken out as soon as you spawn. Or items just spawning in front of you, like ramps. REALLY ruins the experience
The main difference that Denuvo does nothing to improve the experience of the end user.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
There is a user argument for anti cheat as a user = less cheater.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
Kernel level anti-cheat also doesn't introduce a giant performance penalty like Denuvo-style DRM. People just want to play their games without it still stuttering on top of the line hardware.
Anticheats will still have obfuscated code for obvious reasons (they donāt want to be reversed). Not sure they donāt induce some performance drop too - though maybe smaller compared to bad Denuvo implementation.
Pretty strong to say there's no argument. I don't agree with it, but I imagine people would say reducing piracy leads to more money for the studio, which means more resources that can be put toward the game. Lots of people believe that, and we don't have a lot of data on opportunity costs for games including Denuvo.
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
>but I imagine people would say reducing piracy leads to more money for the studio
they be wrong, there have been multiple studies even by the EU on how piracy does not reduce revenue.
Besides that studios continue to pay for denuvo even after there game has been cracked. The article literally is about how all games with denuvo get bypassed on the day of the release, which means they pay for nothing except a worse experience for there paying customers. At this point it's just a compliance checklist by corporate suits and actual people working on games and paying customer pay the price.
Interesting to finally see some action from the mouse again. Was kinda sad to see that Denuvo embodies all the worst of DRM but was so thoroughly metastasized that it was nearly inoperable and they had effectively "won".
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
Yeah, the headline is sensational and the body of the article doesn't do enough to distinguish between the bypass and a real crack. They only resemble one another only in the most shortsighted of ways.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
Info from veeery long ago because I have been out of this stuff for over a decade:
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.
Wow. Great. Congratulations. Achievement earned. You've persisted so long.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from Ļ-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
Fyi, most of them have not been cracked, but bypassed using a hypervisor that operates in ring-1, so it is certainly a security risk..
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game."
At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
Running Windows is a massive risk cus its made by Microsoft and it has ring 0 access to your system. I personally trust a cracker in good standing far more that I would any corp.
Untrue, cracking software necessitates _removing_ the protection from the executable completely. Whereas with a bypass, Denuvo is still running on your computer, albeit ineffectually.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
Ehhh, afaik thats not the case in the community. These hypervisor bypasses are considered a different category. Like look at any scene page, they will 100% say Hypervisor or HV for these.
well, right now Denuvo "remote attests" in a Play Integrity "MEETS_BASIC_INTEGRITY" sense that it has no hardware backing and relies on checking your runtime enviroment for signs of tampering manually and obfuscating said checks.
The endgame is certainly flexing the machinery that is being built up over the last 20 years and spawning a SEV-SNP container on your machine that cannot be debugged, inspected and modified in any way. I don't think this is possible as of writing though.
Once again I'm at odds with TH reporting. Of course you can spoof a server. That happens all the time, especially with videogames. You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
> You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
Itās trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Donāt think the Denuvo devs would be stupid enough to provide a āreturn trueā request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but thatās much harder.
Cryptography goes BRRRRR, with a proper implementation of cryptography you'd need to do things like patch out the keys in memory in order to "spoof" messages.
During the time of the Soviet Union, it was an urban legend that during supply shortages, Soviet factories would have no real work, but workers needed to keep up the appearance of working, so they would have one line of workers continuously assembling devices, feeding into another line that would continuously disassemble them, all in a loop where nothing gets produced.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
I have a slightly different story, told by a Romanian coworker who was old enough to have worked in a factory under Ceaucescu: the workers stole from the factory, all the time, at every level. Managers would be able to take away complete items for "testing"; ordinary line workers would be limited to what parts they could plausibly conceal in their overalls at the end of the shift, then assemble them in their own time.
As someone who used to be a Pirate Party supporter, piracy has to exist in an equilibrium to avoid killing the host, and I don't know if that's possible on today's internet. Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes. The optimal one is probably somewhere in the "a small number of people who Know A Guy pirate the game, gradually increasing over time" range. But that may not be sustainable either.
> the workers stole from the factory, all the time, at every level.
I think the context is important. These were people in poverty, in an extremely mismanaged society. You could get very little from actual shops. Most things would have to be bartered for. Stealing from the state accounted for a very important part of peoples' sustenance. My grandfather would try to explain it like this: even if you had money, there wasn't anything to buy. In that sense, even the factory managers were poor. Sarah C. M. Paine says that, in terms of buying power, the First Secretary of USSR's wife was poorer than an average American middle-class wife.
Yes. Hence the stories of people (Brezhnev?) being astonished and baffled at simply walking into an American supermarket.
Of course, one reason why there wasn't much on the shelves was it had been already stolen by other people closer to the source ...
(something of a generic problem of low trust societies, not specific to Communism. I think we sometimes don't appreciate how valuable a high trust society is to us in the West, which is why people trying to destroy it by looting from the top are particularly dangerous: the rot spreads from the top)
> Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes.
Fortunately the second one isn't a real thing. There are many games that have already been cracked, or that never had any DRM to begin with, and there are still large numbers of people who pay for them. Because they want the publisher to continue making games more than they want to avoid paying <1% of their annual income for something.
Which is in turn why the DRM not only doesn't work but is actively harmful to the publisher. Getting people to want to pay is a lot easier when you're not actively pissing them off. Meanwhile the DRM gets cracked anyway and then you're worse off than when you started, because not only can they still pirate it, now more of them want to.
In Soviet times in Russia there been rhyme:
Which is literally translates as: And yeah almost everyone was stealing even if it would be things they absolutely not needed. Then you can change it for something you need or use it weird way in your home repairs.This is how some people end up with parts of ICBM or space ships as part of their country datcha landscape design.
After all propaganda loved to tell that everything is owned by people's.
most games make a very good chunk of their lifetime revenue during their first weeks. If you can avoid piracy during that period (through wishlisting, preorders and such) piracy is not going to eat into your revenue significantly.
On the other hand, having strongly anticonsumer DRM will certainly affect sales. If you have a loss of performance or make it too much a hassle (mandatory connections, updates, etc) that will eat into your revenue, and twice as you are paying money to third parties to have consumers be shun away.
That assembly line workers are constantly being kept fresh on their skills and processes. If you can't get some component for 3 months, new units can almost immediately be pushed out of the factory when the component does arrive. If you bring on new workers, you train them on the disassembly process first and then move them onto the assembly line once they understand the construction.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
> The US does something similar with the national defense manufacturers.
You also see this with the European space industry especially in the rocket building. A lot of money is poured into the industry even if there are no massive returns or advancements just in order to keep the people and skills. If you let these slip, rebooting the sector would be a decades long affair so doing busy work sometimes is the better option.
Heck, even most large tech companies do this type of busy work assignment. They hire en-masse but many of those people are never really put to work. Their greatest value is that they stay out of the competition's hands, if there is a massive project coming up the people are already there, and they can be dumped in case of emergency to prop up the stick price.
The ākeep up the appearance of workingā story feels like a misleading comparison to me, because the motivations are pretty much reversed. In the hypothetical factory, there's an external social element requiring the appearance of working, some observer to whom it looks good that this is happening: the way I read it, the assemblers and disassemblers may well be cooperating with each other to produce that appearance, so that the absurdity is visible from within (though they could also just be unaware of each other's assigned tasks). In the case of anti-copying technologies, game publishers trying to guard their revenue stream, and other groups trying to distribute or play unauthorized copies, are adversaries whose tactics create relative losses for each other that can bleed into the surrounding society: seems bad that it impacts other users / risks jobs and livelihood / is various forms of unfair (depending on one's moral feelings around which actions are ājustifiedā), but their individual actions are incentive-aligned from within the conflict.
DRM authors and implementors know it doesnt work. The decision is made by people in suits based on traditional business culture that doesnt fit the digital world. The same people making denuvo are also the ones breaking it.
Are you grouping the implementors with the crackers because they understand the limitations of the technology, or are you saying they're directly working with each other to scam the publishers and/or audience (and that this is sufficiently common to overturn the whole framingāa conflict can have some proportion of double agents and defectors while centrally remaining a conflict)? If the former, even supposing that many individual implementors and crackers would agree that the technology is inefficient/breakable/whatever, I still think the driving conflict that causes the implementation and the cracking to happen at all is between a broad cluster of agents around the game publishing activity (including managers, investors, game developers and artists, and more indirectly DRM implementors, integrators, and salespeople) and a broad cluster of agents around the unauthorized copying activity (including people who do ripping and DRM cracks on a technical level, distribution channels, and people who look to those channels to play games without buying them the authorized way). That there are principalāagent inconsistencies within each cluster seems like more of a sideshow; a war doesn't stop being a war because enough of the soldiers have realized that their weapons don't work very well, or because they realize that in some other world they'd have been on the same side.
If you notice, if you said is correct, this means it would be incredibly easy to yank your ownership of GTA 5 simply by retiring denuvo related account.
All that would be publicised would be " GTA 5 denuvo key license is now over" and people would not know
> they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
I've heard that story (or a similar one) about Boeing on a cost-plus contract in the War; one group of employees would dump screws together, and the night shift would sort them apart.
the management must've forgot they literally gave gta 5 away on epic store like 5 years ago, lol.
GTA V got a major update last year that included eg DLSS support. It would perhaps make sense if the DRM changed at that point?
I've had to take a moral stance and move to just playing games on Gog that I can buy and own the files for. No I can't play the latest and greatest but it's not the end of the world as I've so many classics to still play and enjoy. I can't support lockdown and DRM anymore. If I buy I want to own, otherwise I've not bought. It is true, if buying isn't owning, then piracy isn't stealing.
Right where I've landed as well. I just won't buy titles with Denuvo DRM, ever, no matter how much I want the game.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
Surprisingly, there were DRM games praised for good UX, only these were hardware releases.
When Switch 1 launched, it got re-releases (eg: Diablo 3) that were: 1. complete editions with DLCs, 2. came on a cartridge that one could swap between devices or sell, 3. supported offline play.
Online game stores were supposed to offer better UX than hardware releases. I find it interesting, and perhaps a sign of how bad the online experience can get, that the opposite can happen too.
I'm willing to buy on Steam, however not with intrusive DRM. Nor with 3rd party store requirements (like EA games on Steam).
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
Likewise, I will not even consider paying for games (or music) that don't have an unencumbered download option. If the game is open source I will usually buy it without even thinking very hard about whether I'll play it.
Generally any game you can buy on GoG is also DRM free on Steam. I mention since many people have the incorrect notion that all Steam games have DRM
There's still a difference ā GOG provides you with downloadable installers you can archive, Steam doesn't.
You can archive the installed files from Steam though. An example is the pixel art program Aseprite. The devs said just to copy the binary out of the Steam folder and place it elsewhere if you wish.
That's still not "archiving" though. It's one thing to download the installer, and quite another to install the game and copy the files hoping it will all still work. Especially on windows when registry entries are involved.
You have no clue what you are talking about. Registry entries that are required by games are like a thing of the past for like 25 years or something.
I am a heavy pirate and I my favorite games come as raw files torrents with the crack pre-applied. Games these days (with DRM removed) simply execute no matter where you copy and move them they just work. The cracks themselves do not modify any registry entries or make the game write them new or differently because they simply do not use the registry. Games write their savegames in AppData or Documents and THAT IS IT. Installers are glorified copy machines with ads on them (GOG) for example. They copy files and put a shortcut in your start menu and desktop and THAT IS IT, they do not write special registry entries for a game to work. Again this has not been a thing for like 25 years. I think it was when SecureROM was a thing.
So yes some steam games actually come DRM free, and you do not even have to move them out of the original steam install folder you just need to execute the EXE without steam running and they work. So indeed it is in fact achieving if you simply keep the files somewhere. For game with basic steam DRM you can use a crack or use steamless that basically removes the steam DRM that is very basic from the exe and use Goldberg Steam Emu to emulate steam. You do all this after the fact so you CAN for all the game that to not have some advanced DRM like Denovo just achieve the games files and make them work later on without Steam.
But it won't launch without being logging into your steam account
It will if it's DRM-free. The login check is an optional call that the developer has to intentionally use. Usually if you're a small developer releasing a DRM-free game you'd make your game degrade gracefully if Steamworks doesn't work, so you can publish the same builds on Steam and on any other store.
99% of games that use that sort of protection can be cracked in about 5 minutes by simply copying a steam emulator library into the game folder.
thus is not truely DRM free.
I love steam but even if it can barely be called a DRM, it still is. People not into computer science will have no clue how to do it, and that's what matters when talking about owning your own games, you should not require knowledge to keep something you paid for
"Not into computer science" lol. I knew how to copy a damn crack at 13 years or whatever and a barely figured out windows by that time. You act like people are stupid. Sure there are some console gamers who only use their phone for social media and are clueless about computers in 2026, but most people know how to copy some damn files over. They do not need to be in "computer science".
If you really want an installer, just pack the files into a self extracting archive. But IMO the loose files are easier to work with than an installer.
Or are you misunderstanding the fact that you can just copy/back up the Steam game and play it anywhere. That's why I say many people have that misconception about Steam games
The real difference is that for Steam the bulk of the catalog is made up of DRM games and that sends a message. As far as I know Steam isn't actively doing anything to promote "DRM free" in general, they just don't say no to the opportunity to sell those games too.
GOG on the other hand takes an active stance on promoting and supporting DRM-free games. Once storefronts like GOG disappear I don't think Steam will pick up the torch and fight the DRM-free fight. Once Gabe is no longer in charge it might just get overall worse for everyone, although fingers crossed Steam can at least continue as it is.
> the bulk of the catalog is made up of DRM games
Is it? Is there even a list of them? I know some are, some arenāt. Sometimes itās even mixed (e.g. Pathfinder Kingmaker is DRM free, the DLCs use Steamworks DRM). As you say, they arenāt promoting it, but Iām not sure they expose that information at all.
While Valve isn't the worst company when you buy on GoG you support a company dedicated to keeping things DRM free and preserving older games. Plus fight the Steam monopoly.
If GoG starts supporting linux I'll be happy to support them.
They do, there will be a Linux penguin on the supported OSes list if the game has native support for Linux. If the game doesn't have native support, and you buy the game on a Linux machine, it will warn you about possible incompatibility.
In any case the reality is that every game I've bought on GOG has worked pretty much perfectly on Wine, I use winetricks. The main problem with Windows games these days is the DRM which on Wine will crash. Good thing GOG games don't come with any.
It's a website; it works just fine on Linux.
If you want a fancy launcher, there's always Heroic.
Note that they recently were hiring someone to work on the Galaxy launcher for Linux
GOG and CDPR are not the good guys. They released a complete disaster of an unfinished game with CP2077, and they KNEW it was broken and still shipped this gigantic pile of trash. Their promo also included a bunch of made up hype trash that was completely just artificially created in video, and they made it seem like it was gameplay. So they LIED to hype their unfinished trash game. Much of that never made it to the game.
Also even the fixed game now is just a silly boring sandbox game, what makes it good is the story, but It's for sure overrated. I enjoyed it but still overrated.
They also censor for the CCP, the removed the game Devotion because it had a JOKE inside that was not even visible to the normal player you needed to get out of your way to see some devroom or something with it. The BLACKLISTED a game simply because they make a JOKE of the Chinese president.
All big companies are EVIL by definition. Do not act like they are the good guys because they grift of selling games without DRM, they sell them at higher prices to make big money. They grew into this immoral dirt megacorp.
>Also even the fixed game now is just a silly boring sandbox game, what makes it good is the story
Insane statement
I would hope publishers would take note and remove it, having hundreds of megabytes of junk in the executable is just wasteful to put it mildly
Denuvo is there to prevent piracy within the first 90 days of release. Something like 60 to 80% of a gameās revenue is during that period. They donāt care that itās eventually cracked, and they absolutely do not care about performance.
> Denuvo is there to prevent piracy within the first 90 days of release [...] They donāt care that itās eventually cracked
Ah, so Denuvo is always removed after ~90 days after release, as there is no point for them to keep it there?
Not strictly after 90 days, but Denuvo is usually removed after the peak sales period for a game. It's really at a publisher's discretion when to remove it, as the sales model for Denuvo is that you have to continue paying for it on a subscription basis to keep it active.
This is untrue. Yes Denovo got removed from some games relatively early, but mostly it was long after this "peak sales window" I would have to make a list of how long it took for games, and I am too lazy to even ask AI, but I think it took years in some cases and a lot of community outrage for the devs to remove it, and they did not just remove it after some peak sales window but when the games were actually cracked and the steam forums were flooded with pissed of people who realized pirates had a better experience then actual buyers. THEN they removed it.
So it's more like after they were cracked rather than some time window, sometimes these may have been overlap.
1 year after release is for sure not "peak sales window".
Denuvo is sold as a subscription to developers, and it is often removed 6ā12 months after release.
Yet I have a bunch of games on steam wishlist which I've been waiting for years to buy.
The stopper is of course denuvo, which they keep renewing the license of, for no good reason.
Maybe because a lot of users still have those games wishlisted?
Having the game wishlisted is a signal of players waiting for a sale, or future patches/correction, or simply not bothering to cleanup wishlist, not a signal of someone is eager to pirate the game.
A number of publishers have retroactively added Denuvo to their older games, inexplicably.
Any list?
With the hypervisor method they get 0 to 1 day protection
Then DRM should automatically remove itself after that period. Copyright durations should also be adjusted to that same time frame.
The bigger problem with Denuvo is that it appears to significantly impact game performance as well
It can, but that seems to be more related to poor implementations by the game devs, and not inherent to it. There are plenty of examples of games with Denuvo that still run fine (give or take your opinion on whether the presence of DRM is inherently "impacted performance").
If many of your users misuse your tool, that's a design problem not user error
Yeah, goddamn hammers needs to be way softer, do you know how many thumbs worldwide have been hurt by them? Clearly the fault of the hammer.
If I have you hammer with a wax coated handle then it will regularly slip out of your hand.
One could blame the user for not "just" holding it right. Or alternatively reconsider if the handle should have a grippy coating instead.
More modern version: No you are holding your iPhone wrong, it is not a design fault that makes a ground loop in the antenna if you hold two metal surfaces with your hands.
Isn't Denuvo actually implemented in a game by the DRM developers, though? I remember reading that they have a process where the game dev sends Denuvo an unprotected executable, who adds the DRM to that executable and sends it back.
Thus, I believe the poor implementations are directly the fault of Denuvo.
I think that used to be the case years ago but isn't anymore.
The games run terribly on release because they have Denuvo, and then when the sales volume no longer justifies the licensing costs of Denuvo, the devs strip it out and sell it to the players in patch notes as "optimizing performance."
Someone else mentioned GTA getting more aggressive copy protection out of nowhere. It's not out of nowhere. With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection.
Denuvo has layers upon layers of obfuscation that inflates nearly every instruction and function call, extra code execution that does nothing to throw off someone trying to follow code execution paths, and constant moving around where the game stores stuff in memory, again, to throw someone off watching via debugger.
It's pathetic because one company has been almost entirely responsible for people needing to buy faster and faster CPUs and GPUs trying to eek out more and more performance. CPUs, GPUs, memory - all of it has gotten enormously faster, we have more cores, etc. Despite all that, every new game barely runs at 60fps.
Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
> With GTA6 ads out for a while, sales of GTA5 are up as people either play it for the first time or replay it. Sales going up means they can justify copy protection
How does that justify it? Adding stronger DRM when cracked copies of the same content are already out there is like trying to get insurance after your house has already burnt down.
> Do you really believe that year after year game developers and game engines get worse and worse at performance? Of course not.
If you strictly want to blame Denuvo then that assumes game developers cannot think of a way to spend their extra performance either. Which is obviously not the case.
I would assume the cache misses alone will destroy any performance.
The evidence for this supposed performance hit is basically zero.
https://www.youtube.com/watch?v=07NMuobVVwQ
This channel has many comparison videos like this one.
Loading times and 1% or 0.1% low FPS are usually hit the hardest and those stutters are the most immersion-breaking.
False. There's lots of side-by-side recordings of Denuvo and non-Denuvo versions of games on YouTube clearly showing that Denuvo does impact performance.
I would hope that users would just refuse to buy games that use Denuvo and similar malware. I do, but I know most users don't care.
Why would they care for a few hundred MBs when the games are in the 10s of GBs?
CPU cache space for code is much smaller than GPU memory for models (and the former is more important for performance since many CPU operations like pipeline parallelism are latency bound, not compute bound).
This. Why spend extra on x3d cpu when you can have a reasonable game size (not that it has large enough cache anyway)
>This. Why spend extra on x3d cpu when you can have a reasonable game size (not that it has large enough cache anyway)
Because game(SW) devs/publishers don't care about spending money to optimize for reasonable size, and the enthusiast gamers want to play the game either way and will gladly fork out the cash for the HW to play it, if anything for the bragging rights.
Remember "will it run Crysis?" vintage 2007? Yeah, enthusiasts will be enthusiasts.
I'm a fan of the free market here. Badly optimized games will hurt their sales and force the studios to change or go bust, if the market decides so.
Remove DRM and let buyers suffer less? Crazy talk.
Don't forget that the guy behing Denuvo is the same person behind SafeDisc, SecuROM and similar bullshit siblings from the past PC gaming world.
Denuvo is owned by Irdeto, a digital rights management company in a broad sense. They not only do software and hardware DRM, but also work as a watchdog for movie and music companies to claim DMCA violations for BitTorrent, among all other stuff.
Do the cracks still need you to disable Hyper-V (which leads to disabling WSL and whatever else)?
In addition, Iām not sure why theyāre enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
The funny thing is I remember reading about using hypervisor crap to bypass Denuvo in ~2020 (actually the post is from 2019, https://www.unknowncheats.me/forum/2410412-post14.html)
āA friend of mineā told me that disabling hyper V and all that stuff is needed to play Crimson Desert cracked version.
Support GOG, support no DRM.
What games that are on GOG without DRM have DRM on, say, Steam? (Many Steam games have no DRM.)
These games all released with Denuvo on Steam and DRM-free on GOG. (Some of them have subsequently removed Denuvo on Steam.)
Mad Max Middle-earth: Shadow of War Deus Ex: Mankind Divided Yakuza: Like a Dragon
Need to put double spaces to have empty lines in HN
It's impossible to know which Steam games are DRM-free since Steam games without DRM are not marked in the store. They have to all be assumed to have DRM.
Steam flags kernel-level DRM in a game's store page. Denuvo is identifiable (and named!) this way.
Recent example: https://store.steampowered.com/app/3357650/PRAGMATA/
Denuvu anti tamper isn't kernel level though
Well, all Steam games have Steam DRM? The Steam store will tell you if there is additional DRM on top of Steam, at least it has in the past.
To the parents question, it is better to use GOG if you care about DRM.
Sometimes the Steam version is qualitatively better because the publisher/dev has supported the Steam version with more updates. Often the updates do turn up on GOG, but it's possible there is a delay.
DRM is an optional Steamworks feature, the developer can opt out by simply not using it.
https://partner.steamgames.com/doc/features/drm
Very few games on Steam are without drm.
Total number of DRM-free games: 1,744 out of 41,266 games in total.
https://www.pcgamingwiki.com/wiki/List_of_DRM-free_games_on_...
Is that counting Steam's DRM?
Says "flagged as DRM-free" on Steam
Wonder what will be the consequences of this. I dislike Denuvo for the performance and stability penalties it gives games, but I do wonder if the "security" it gave publishers wasn't a big part of the reason why we've been getting more and more big name games on PC.
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
I will hope that does not happen.
Denuvoās market is āfirst 90 daysā revenue protection, not lifelong revenue protection. Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes. If only Microsoft hadnāt fucked up so badly with Windows 11 requiring an account, theyād have a way to stop using it altogether.
>Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadnāt fucked up so badly with Windows 11 requiring an account
I don't understand how that is related at all.
This is not true at all as evidenced by the fact that most games do not get Denuvo removed once they are cracked. And the companies that DO remove denuvo only do so after several years because of licensing costs as denuvo transitioned to a SaaS model.
I feel like the "first 90 days" is just because games no longer include a demo, so they force players to commit to a purchase before a wide consensus forms. A lot of people pirate simply to try the game out. Most people who can afford the game would then purchase the game if it were good.
I have not read a study on this but I suspect the percentage of people who would buy a genuine copy of a game they already have pirated would be something like 3-5%
If this was the case, I'd wait the 90 days before buying a game.
As this isn't the case, I have been waiting for several years to buy many games. Denuvo still hasn't been removed, so I continue to wait.
Untrue, where are all the after-90-days-hacked AAA games? Nowhere, denuvo lives on as long as publisher is willing to pay continuous licence, which is usually years.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
I honestly doubt it will make much of a difference.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
We're not in the early 00s anymore.
> performance and stability penalties
There are none. Or rather they fall in the margin of error.
i think your underwstimating the anticheat value that still exists. many of the online games are trash when theres not strict cheat control.
Run anti-cheat server-side. Give us private servers again. There's no reason we should have to put up with client-side rootkits written by non-kernel-devs to play a game.
Cheating is a social issue, not a technical one. Communities are the solution.
Private servers are a nice way to do this and do still exist in places. My favorite online game uses them along with server side anti-cheat and while cheating occasionally happens, it has never been an ongoing issue. I've maybe seen a cheater once or twice in all my many hours playing the game over 10 years (elite dangerous, in case you were curious).
Community servers don't want server-side anti-cheat either. Hell they invented client-side anti-cheats back in the day. Even current day community servers like Face-IT have additional anti-cheats, not less. Same with modded GTAV FiveM (even before the main game added anti-cheats)
>written by non-kernel-devs
What exactly separates a kernel dev from a non-kernel dev?
One has experience writing secure, stable code for drivers, memory management, etc that is subject to broad review by other experienced devs. The other is looking at those things adversarially and pushes out whatever they think is good enough. Crowdstrike served as a useful reminder for who should be allowed in kernel space, and video game anti-cheat has far less justification to be there.
It's not possible, technically, to run effective anti-cheat server-side. Clients need precise enemy location data for things like sound effects. The server can't tell if the client is using the data for unfair purposes or not.
Too bad. It's not possible for rootkits to be a good idea for a video game.
Once the data is sent to the client, in an untrusted setting, all bets are off. Not your hardware, no control over it.
This. There are a lot of online games I loved playing but the cheating got so bad it made it impossible to play. MW1, MW2, Battlefield, CS, etc... you could see the wallhacks and aimbots taking over every lobby. I eventually stopped playing. I tried using Consoles for online gaming after that but never really got into using joysticks.... still prefer mouse and keyboard. Now I play limited games where the cheating isn't quite that rampant.
Im not a big gamer, but playing GTA Online, and getting taken out as soon as you spawn. Or items just spawning in front of you, like ramps. REALLY ruins the experience
Or everyone in the lobby getting nuked over and over.
Or trying to do heists and having a cheater in every session.
I'd like to play the game again but it's just not fun.
There are still some servers online for games like the first CoD or United Offensive. No hackers as far I can tell anymore. They have all moved on
"Protected" is the wrong word. "Restricted" is much more honest regarding what Denovo does.
Good riddance.
> "Restricted" is much more honest regarding what Denovo does.
I'd suggest "encumbered" or even "infected".
Does anyone have a link to how the crack works? I would love to see something more technical.
I only know of the one text file MKDEV added to their Persona bypass: https://pastebin.com/hps67mkh
Couldn't have happened to a nicer piece of software, etc.
I find it ironic people mad at Denuvo and yet play games like Battlefield which enforces kernel level spyware nonetheless haha
The main difference that Denuvo does nothing to improve the experience of the end user.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
I would say it was wildly successful in Valorant.
There is a user argument for anti cheat as a user = less cheater.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
Kernel level anti-cheat also doesn't introduce a giant performance penalty like Denuvo-style DRM. People just want to play their games without it still stuttering on top of the line hardware.
Anticheats will still have obfuscated code for obvious reasons (they donāt want to be reversed). Not sure they donāt induce some performance drop too - though maybe smaller compared to bad Denuvo implementation.
Pretty strong to say there's no argument. I don't agree with it, but I imagine people would say reducing piracy leads to more money for the studio, which means more resources that can be put toward the game. Lots of people believe that, and we don't have a lot of data on opportunity costs for games including Denuvo.
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
>but I imagine people would say reducing piracy leads to more money for the studio
they be wrong, there have been multiple studies even by the EU on how piracy does not reduce revenue.
Besides that studios continue to pay for denuvo even after there game has been cracked. The article literally is about how all games with denuvo get bypassed on the day of the release, which means they pay for nothing except a worse experience for there paying customers. At this point it's just a compliance checklist by corporate suits and actual people working on games and paying customer pay the price.
>a worse experience for there paying customers
Actually, the legit buyers experience is better because this bypass is not a "proper" crack
1. They have to disable Windows security features before playing
2. Reboot their PC twice (before and after)
3. They're still running Denuvo code, same as legit buyer
Legit buyers experience is thus significantly better than pirates.
How are you protecting yourself at the game itself spying on you?
Interesting to finally see some action from the mouse again. Was kinda sad to see that Denuvo embodies all the worst of DRM but was so thoroughly metastasized that it was nearly inoperable and they had effectively "won".
No, it hasn't:
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
Yeah, the headline is sensational and the body of the article doesn't do enough to distinguish between the bypass and a real crack. They only resemble one another only in the most shortsighted of ways.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
This. It's bypassed, not cracked. All the games released need HVB to work. They use legit Denuvo licenses from other systems.
Do any of the legit scene groups sign their binaries? How do you know a release isnāt tainted?
Info from veeery long ago because I have been out of this stuff for over a decade:
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
Relying on CRC32 for integrity under hostile circumstances feels deeply flawed.
A) there is no real scene any more
B) no one is getting āproper scene releasesā from āproper sourcesā any more.
It's not a scene release. You know a release isn't tainted when you grab it from the source...
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.
Wow. Great. Congratulations. Achievement earned. You've persisted so long.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from Ļ-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
good riddance. crazy to see game developers hemorrhaging money for malware
That's all you need to know about DRM - when "pirates" bypass it, paying users are taking the hit.
And I'm not speaking about cost of implementing a technology to actively make the product worse.
Fyi, most of them have not been cracked, but bypassed using a hypervisor that operates in ring-1, so it is certainly a security risk..
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game." At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
All software piracy is a security risk since they could embed malware in the game.
Running Windows is a massive risk cus its made by Microsoft and it has ring 0 access to your system. I personally trust a cracker in good standing far more that I would any corp.
Cracking refers to all methods of circumventing copy protection. Bypassing is just another way of cracking something.
Untrue, cracking software necessitates _removing_ the protection from the executable completely. Whereas with a bypass, Denuvo is still running on your computer, albeit ineffectually.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
Ehhh, afaik thats not the case in the community. These hypervisor bypasses are considered a different category. Like look at any scene page, they will 100% say Hypervisor or HV for these.
They are referred to as Hypervisor cracks.
They are (correctly and most commonly) called hypervisor bypasses because they do not remove the DRM from the executable.
Yeah I guess I was being pedantic. It doesnt matter. The important thing is that Deunvo is getting royally fucked.
Last scene release with Denuvo crack was like 6 years ago.
I'm very interested to see how it was cracked, and how the anticheat works.
Great news! I can finally feel comfortable buying games that have Denuvo day 1!
Tough to decide who I trust less, denuvo or a ring-0 hypervisor I downloaded off BitTorrent.
Are Denuvo using games marked on Steam these days?
I've been getting mostly indies so I feel safe, but maybe I should check...
There's a yellow? box just above payment options that informs you of DRM.
Oh right, it's still there. Nothing on my wish list has it :) I had to go to the store page for NBAsomething to see it.
Yes they are. On the store page.
steamdb.info should have the info too I think?
This will be used as reason to introduce remote attestation to games.
That already is how it works. Denuvo can not authenticate your game without internet access.
well, right now Denuvo "remote attests" in a Play Integrity "MEETS_BASIC_INTEGRITY" sense that it has no hardware backing and relies on checking your runtime enviroment for signs of tampering manually and obfuscating said checks.
The endgame is certainly flexing the machinery that is being built up over the last 20 years and spawning a SEV-SNP container on your machine that cannot be debugged, inspected and modified in any way. I don't think this is possible as of writing though.
Once again I'm at odds with TH reporting. Of course you can spoof a server. That happens all the time, especially with videogames. You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
> You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
Itās trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Donāt think the Denuvo devs would be stupid enough to provide a āreturn trueā request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but thatās much harder.
Cryptography goes BRRRRR, with a proper implementation of cryptography you'd need to do things like patch out the keys in memory in order to "spoof" messages.
A great use of LLM