
Bethesda apparently broke its own Denuvo protection for Doom Eternal - Tomte
https://arstechnica.com/gaming/2020/03/bethesda-apparently-broke-its-own-denuvo-protection-for-doom-eternal/
======
dmix
This is good news, Denuvo (the evolution of SecureROM DRM) was found to cause
performance issues in games, inlcuding spiking the CPU and tons of excessive
writes, which may reduce the lifespan on SDDs:

[https://www.extremetech.com/gaming/282924-denuvo-really-
does...](https://www.extremetech.com/gaming/282924-denuvo-really-does-cripple-
pc-gaming-performance)

~~~
Agentlien
Interestingly, Denuvo was the cause of one of the most annoying bugs I've ever
had to look at. A crash bug which only appeared after applying their patch to
the executable.

------
Plasmoid2000ad
Anyone remember the Unreal Tournament 2003 (or was it 2004?) Demo, which had
an exe that was compatible with original retail release as a DRM free copy.

Of course, Unreal Tournament was a mostly online multiplayer game, and relied
on cdkeys as well.

I'm surprised with everything i've heard about release pressure and crunch
time that this doesn't happen more often.

~~~
dannyz
For the original unreal tournament (1999) you could download the demo and then
apply the "nodelta" official update to get the full version of the game.

------
zelon88
Anyone else remember the DOS days where you would start an application and it
would tell you in a cryptic font "Pg351, P2, Ln3, Ch3 thru 10" and you would
just have to know that meant you had to open the user manual to page 351 and
type characters 3 through 10 from line 3 paragraph 2.

Then there were some creative ones like B-17 Flying Fortress which had a paper
decoding tool where you slid the paper rings to match the symbols on the
screen. This revealed another symbol through a hole in the paper that you
selected on the computer from a list to "prove" you had a legitimate copy of
the game.

~~~
Nihilartikel
Old XCOM-UFO Defense had this too. Also my first experience with a hex editor
to remove tedious DRM by setting the expected words in the binary to 'xxxx'.

------
yborg
They didn't "break" anything, someone screwed up and left the unprotected
executable accessible.

------
gentleman11
I have really enjoyed GOG lately for the lack of DRM

------
zeveb
> That 67MB file can reportedly replace the 370MB, DRM-protected executable in
> the main game folder with minimal effort and no practical effect on
> playability.

What other things is that 370MB executable doing that it needs to be over 5½
times as large as the game itself? Sending every keystroke home? Searching the
hard drive for crimethink? Running a Bitcoin miner?

~~~
kllrnohj
Mostly just obfuscation, but obfuscation via injecting more code rather than
just symbol mangling. It's designed to ram tamper checks & other validation
all over the place, making it hard to identify & remove.

And if you're thinking "but surely all that injected overhead would slow the
game down?" then yes that's absolutely correct, it does:
[https://www.extremetech.com/gaming/282924-denuvo-really-
does...](https://www.extremetech.com/gaming/282924-denuvo-really-does-cripple-
pc-gaming-performance)

------
jimbob45
I don’t understand the relationship between the two companies, id and
Bethesda. I see that they’re both owned by ZeniMax but nothing else. Is this
just a temporary marriage of convenience?

~~~
a_e_k
There are two Bethesdas. Bethesda Game Studios is a developer and makes
Oblivion and Skyrim and so forth. Bethesda Softworks is the publisher for the
ZeniMax-owned development studios like BGS and id.

------
LeoNatan25
A similar thing happened with Rage 2. Soon after release, they removed the
protection. Here's a hoping the same thing happens here.

------
29athrowaway
Someone is going to be fired over this.

------
Jyaif
This is going to cost them tens of millions of loss in sales.

~~~
AdmiralAsshat
Not really. Doom has enough of a brand name that the average person probably
isn't going to say, "Great, now that I know a DRM-free version exists, I will
pirate it!"

More likely, someone like me would just say, "Sweet! Now if I buy the game, I
can get at a version that won't slow down my performance with all of the
obnoxious DRM crap running in the background!"

~~~
henriquez
This is part of why I quit PC gaming and took the plunge to Linux. It seems
like every PC game recently requires a social login with its own launcher and
a dedicated DRM rootkit. And the privacy policies for all of this stuff are
very "permissive." After a certain point you realize you aren't in control of
your own computer.

At least with consoles you _know_ going in that the manufacturer has every
executable on lockdown. But I couldn't stomach _not knowing_ if some poorly
coded DRM or RGB control service was opening up my private files to remote
code execution[1].

[1]:
[https://twitter.com/gsuberland/status/1175570500292108289](https://twitter.com/gsuberland/status/1175570500292108289)

~~~
ahartmetz
Please don't say PC when you mean Windows. Playing games on a Linux PC is
still PC gaming.

(I play games on a Linux PC myself.)

~~~
eu7durb3rjdur
It's gaming in the sense that racing in the Special Olympics is still racing.
Sure, but for the purposes of the marketplace it may as well not exist unless
you're talking about Linux+Android gaming.

~~~
ahartmetz
There are other valid perspectives than the marketplace's.

~~~
eu7durb3rjdur
Not if the market's is also the colloquial definition.

------
google234123
Who ever is in responsible on or for the team that made this mistake twice
should be fired. Doing the same hugely expensive mistake twice in a row is
ridiculous.

~~~
RealStickman
I would not say that this will necessarily be hugely expensive. People who
would have waited for a crack would not have paid anyways. The only impact is
them getting to play the game at the same time as everybody else.

------
smoyer
> Denuvo says it still considers even a few days of effective DRM protection
> to be valuable to its publisher customers

This is a pretty ridiculous position and should be embarrassing if you work at
Denuvo. Would you buy anti-virus software or any other security product with
that claim. (Police officer to homeowner) I see you bought a lock for your
front door that only offered two days of protection ... it's been 3.5 so we're
not going to investigate and your insurance probably won't cover it.

~~~
vidarh
This is a poor example. Most locks - like most DRM - does not stop the most
determined people from gaining access. It makes it slightly harder, more time
consuming and/or more resource consuming to get access, with the hope that it
will deter the most opportunistic attackers, and slow the more determined ones
"enough" where "enough" is a function of the cost of the protection vs. the
benefit of delaying access.

We accept that because we recognize that there is a cost/benefit tradeoff to
be made to protection - it is relatively rare for a protection to need to be
absolute to be worthwhile; in fact in a lot of settings protections that
attempts to be "absolute" will be prohibitively expensive and/or complicated.

~~~
roywiggins
A lot of DRM isn't like locks because a crack can be applied by casual
enthusiasts, not just experts. Keygens are not hard to use, whereas lockpicks
require a bit of skill, time, and equipment that you can't just download.

(Some DRM does actually act more like a lock, such as console DRM that require
hardware mods and would void the warranty)

~~~
eu7durb3rjdur
Lockpick guns aren't hard to use either and can be employed by casual
enthusiasts, the idea that lockpicking is hard is a myth that comes from
outsiders observing the hobbyist communities and failing to realize that they
aren't devoted to simply opening locks but rather the cultivation of skills to
open locks in a particular manner.

------
alkonaut
How hard can it be to protect AAA games when can't be bought or played without
an internet connection? (Can't be bought because you don't buy stuff on
physical media any more, and can't be played because there is a huge patch
every 3 days that you'll need if you expect to be able to finish it).

Just make the damn thing require an internet connection all the time. I don't
care. If you are a good publisher then you promise to remove this restriction
after 1 or 2 years and enable offline play.

~~~
rurounijones
> Just make the damn thing require an internet connection all the time. I
> don't care.

Not everyone has perfectly reliable access to the internet.

~~~
alkonaut
Most people who can download a 50GB game tend to at least be able to have a
connection that allows the game to phone home once a minute or so.

~~~
RealStickman
Maybe that person went to a place where they could get Internet, downloaded
the game to a suitable storage medium and dragged it over from there into
their steam folder at home.

