Re: Software authentication (was RE: Gibson (was Crack Office XP))

[Mark Collins <me () thisisnurgle org uk>]

> I had been thinking a little about this when HL came out, glad it came
> up. Do games like Halflife that don't require a central server really
> *need* to be authenticated by a central server? In other words,
> instead of generating bogus or stealing legit serialz, you just disable
> the client-side registration code and/or spoof the confirmation of
> authentication from the central server.  That would tend to break systems
> like Ultima Online, where a user merely runs a client, he doesn't host
> games, but in the Quake/HL model, would anything break? I've noticed that
> HL runs just fine without authenticating over a LAN-- no central server
> needed there.  This technique might keep you off the WON, but not the net.

I think it's due to the current underground culture. As the traditional 
crackers went pro (many of the people who cracked games now work in the games 
industry), the new breed didn't understand how to do the more complex 
cracking (reverse engineering the copy protection). Instead, they focused on 
generating serial numbers.

Call it a degradation of skills over time, if you will.

> And... why not pirate servers that perform whatever game administration
> is required? Can't be that tough to set up a server that listens to
> broadcasts and requests; I don't think WON has the market cornered there.
> And legitimate users could also set up proxies that re-serve the game
> listings coming off the WON. My guess is that folks join the game through
> direct connection anyway,  so it really would be fairly trivial.

If the authentication server is hardcoded and obfuscated, it would be be 
nearly impossible to change it.

Some serious hacking of the TCP stack would be in order (if it addresses the 
auth server by IP only), and I'd expect most people who are capable of such 
would either a) be white-hat or b) be too 'leet to release it.

> I think it's premature to declare the warez scene dead.

The cracking scene died with the demo scene though... it was more about fame 
than piracy, Unfortuneatly, people started ignoring the skilled ones and just 
got the software. The incentive for inventive cracks is no longer there, so 
all that remains are the people who just do the piracy...

> Without actually looking at current implementations of this method in
> various games, my guess is that it's probably done badly.

There was a recent discussion about this on the Linux Game Developer list. 
Having 2 copies of the auth key, one which is MD5 encoded and well hidden 
would make changing the addresses pretty tough.

Alas, most of the copy protection for games these days uses third party 
software. The traditional rivalry between the developers and the crackers is 
no longer there, so the developers don't have the input from the crackers.

A little bit of history for you:
Some developers used to leave hidden messages in the code for the more well 
known crackers. In return for this fame, the crackers would help the 
developers imporve the copy protection (so the cracker would have a greater 
challenge).

Mark 'Nurgle' Collins
===
Lead Author - Linux Game Programming