Hacker News new | past | comments | ask | show | jobs | submit login
Steam version of Max Payne 2 is a version cracked by pirate group Myth (steampowered.com)
187 points by aresant on May 13, 2010 | hide | past | web | favorite | 48 comments

My guess, on no basis apart from outside knowledge of some other game developer build systems, is that they couldn't actually build this game any more.

I bet either their build system fell apart from disuse, or the one person who understood it left, or it wasn't documented and people just forgot over the years. It was all too time-consuming, manual, and complex compared to using the cracked executable.

That would make sense, since the original creators of Max Payne sold the rights to the game and aren't involved anymore.

Seems the most likely, the software industry is pretty bad about maintaining old tooling for this sort of thing.

Sometimes tool vendors deliberately sabotage your maintenance efforts.

A friend of mine called me over to show me his codebase, which is diligently maintained over 12 years using MS Visual Studio 6. As he booted the machine, a .NET update dialog popped up and he clicked "OK". .NET was updated, along with some important VS6 components, and when he fired up the IDE it told him it need to upgrade VS. After upgrading VS, reluctantly, he was no longer able to build the project.

To be pedantic, that's not MS deliberately sabotaging the project. That's perhaps MS being reckless with their upgrades, resulting in (I would suspect), an alienated customer.

My lesson from this comment and the story is that configuration management is more important than I thought.

The code doesn't even have to be that old - in my indie game company, my partner and I often run into issues just moving code between my machine and his. Things like compiler versions, C++ library versioning issues, third party libraries. I never understood before why big businesses' IT departments are so conservative about upgrading and changing systems, until one day as I was spending my whole weekend fixing problems caused by (needlessly) upgrading to the latest version of GCC I had the epiphany, "You know, this was avoidable."

Did you have a separate build machine, preferably that built automatically on every checkin, so there was a canonical "it's broken here, but not there" point?

(Not that this avoids this problem, it's just - in my experience - it makes it easier to pinpoint and fix.)

Why can't they crack it themselves?

Would have probably been more work.

The other scary thing is this isn't based on decompilation and analysis of the instructions. It's based on Notepad.

Which implies that Rockstar not only used the crack, they didn't even verify what the crack changed in their binary (otherwise I assume they would seen the logo and at least blanked it out.)

This, in my opinion, crosses the line from "inventive, unethical and lazy" to "extremely reckless, unethical and lazy."

Rockstar not only used the crack

If I recall correctly Myth was not just a cracking group (as in ISO release), they did ripping as well. This basically means that you remove some content from the game (or by other means making the game smaller) in order to fit it into whatever space is the current standard.

Unfortunately I can't find a .NFO regarding the release that lists Myth as the cracker... But it makes me wonder if something was ripped here. :)

NB: Only searched here: http://www.nfohump.com/index.php?menu=quicknav&item=sear... -- enter Myth into "Group" field if you are curious about what else they were up to.

Edit This was Myth's farewell note: http://www.defacto2.net/groups/myth/mythbye.nfo which states that they did ripping:

     We believe that the rip scene is one of incredible skill. Not only 
     is there the cracking talent needed to be successful like that of ISO,
     you must have dedicated coders and rippers to fully complete the task. 
     Much time is needed to perfect a rip like that of Neverwinter Nights. 
     (We'll never forget you old friend)
A bit later on in that same paragraph they continue with saying "We see groups throw out games now with stolen cracks...". Now, who would have thought that Rockstar...

That said, I am not 100% convinced that this was actually a stolen crack. I'll wait for Rockstar to confirm or deny this (or if someone actually has the original release and does a full diff). I base this mainly on three things:

1) I could not find any release information stating Myth as the release group of MP2. This does not mean much, however. And it was just a quick search.

2) It could actually be a joke by Rockstar. I mean, imagine you sit there with the task to remove the copy protection of the game, you bounce it with your boss he laughs and nods and you throw in that Myth logo.

3) It's also not completely unlikely that the guy recompiling the game had some connection with Myth once upon a time. Back in the day (teenager, very long ago <sigh>) we were a bunch of people cracking games for the fun and the race and the majority of them actually went on to work in the gaming industry.

So, can anyone do a diff of the binaries? :)

Yeah, this is weird. Max Payne 2 was originally "scene released" by DEViANCE. There is no hint at Myth anywhere on any pre-db I checked. Seeing as many of the Remedy Entertainment developers had their origins in the demoscene, a connection to the warez scene and thus an ex-scener "faking" this does not sound too unlikely.

See my comment below. Myth and DEViANCE were partners.

You are right, the DEViANCE executables both have the Myth logo in them.

The ripping groups had the best crackers, while the ISO groups had the best suppliers. It was normal for Myth to partner with an ISO group to get a game, crack it for them, and then rip the audio/videos and release the 0day version.

> So, can anyone do a diff of the binaries? :)

Probably not easily. SecureROM and similar do full file encryption, so you'd have to crack it yourself and then diff.

I'd like to believe #3, but I'm guessing someone needed to "get it done today", googled up a nocd, and went home early.

Me too. And yeah, you are most likely right (on both accounts). But I couldn't help but throw in the speculation. :)

This doesn't sound plausible as a joke. If you were going to do such an obscure joke, why choose Myth? Why not say "Gotcha" or make up an obviously fake cracking group name.

Number 3 is at least plausible, but anyone who could do this would have to also know that he'd be caught if someone read the binary. Now, if someone wanted to play a real practical joke, it would be to patch the compiler binary so that the compiler automatically inserts this binary watermark in whatever is compiled.

They're playing with fire. If I can't trust Steam games to be 100% virus free I'm a heck of a lot less likely to continue buying them. They owe their customers a full and complete explanation.

Unless it was intentionally left there as some kind of in-joke, I suppose.

Cracking groups have as much of an incentive not to add viruses to executables than companies do. Their only worth is their fame and the status it procures them. Hurting it through delivering a botched product would erase years of work in building that reputation.

Pretty funny, but seems like a perfectly valid approach. Some dude at Rockstar could either code a no-cd workaround himself to get it listed on Steam, or just reuse one that already works (and was extremely well tested by the pirate community). Imagine trying to obtain (and understand) the source code for a game binary released 7 years ago

No brainer if you ask me. He just forgot to remove the credits.

As backwards as it seems... isn't that copyright infringement?

What, infringing Myth's copyright on the crack? Even if you're right- they had a copyright, and it was enforceable- I doubt there is a person who would be willing to step forward and claim ownership of the crack. Whole point of anonymous groups was nobody could pin it on you.

Plus, restitution of copyright infringement is usually based on damages done. Considering Myth's 'product' was free, there are no sales damages.

Technically, restitution could come in form of statutory damages instead of actual damages. In the US though, the work has to be registered and the crack would certainly fall foul of the DMCA anyway. It would be interesting if a cracker in another country claimed infringement.

If you accept the other poster's theory that the crack is a reconstructed binary, then the crack itself is copyright infringement.

Sounds like the advantages of open source. What they should have done is "accidentally" leaked the code several years ago and now they'd have tons of extras and addons to sell.

Are you sure that the binary is virus free? Why do you believe so?

(I suspect it is, but how do I know?)

and was extremely well tested by the pirate community

and perhaps stuffed with a trojan or two for good measure

provided it came from a high level source (ie they didn't download it off limewire) then i very much doubt it. the original group doing something like that would be scene suicide. keep in mind these groups are only doing it for the kudos.

There is no evidence that this particular version was an original.

It is beyond their control if some hackers in Russia downloads the original, stuffs a trojan, and then passes it off as a copy.

I guess a lot of the stigma is associated with the cracks, as well as the warez websites themselves that would constantly infect computers.

This was probably more than just a no-cd crack. Most retail games are protected by some type of packing system (meaning the .code section of PE executable is encrypted on the hard disk and then decrypted once in memory). The cracker has to dump the .code section to the disk once it is unpacked while in memory and then rebuild the executable (hence the ability to put the Myth logo in the file) to run properly (and probably cracking the additional no-cd checks).

So this is could be bad, real bad, since it's a executable that was basically rebuilt from a memory dump, not by a compiler.

Electronic Arts did a similar thing when creating the C&C First Decade collection DVD: Red Alert 2 was recompiled to modify CD checks (the game compares the CD label against a hardcoded one, on top of the usual CD checks), but its expansion pack, Yuri's Revenge, was hex-edited instead to the same effect. This was done to maintain compatibility with the community-made patch that hooks into the EXE at assembly level to add new functions and fix bugs. (I'm the current lead developer for said patch.)

See, EA is not all bad. :-)

Maybe the Myth team now work for Rockstar and just wanted to reuse their own code haha.

Max Payne 2 just updated on Steam. I'll give you guys two guesses at what happened to the executable.

I remember years ago the same thing happened to another steam game?

Yeah, Ubisoft used a Reloaded crack for Rainbow 6: Vegas 2. :)

uh, will someone just do a fc.exe /B already?

Not sure why you were down modded. I'm pretty curious myself.

(fc.exe = filecompare)

I think he is getting down modded because game executables are usually packed when they come from the distributor and the crack groups pack them again some more to save space and protect the changes they made from competition.

Cracking a game like that involves running it getting the image of it from memory (perhaps multiple times) and then reconstructing important loader structures (library imports, sections, resources). And only after that can you actually concern yourself with removing or overcoming the actual software protection

I know how they are cracked (http://news.ycombinator.com/item?id=1343066). I was wondering why no one was doing a file compare on the original Myth cracked exe and the one from Steam.

But you're wrong about game exes being packed by release groups. There is nothing to "hide" from other groups. Once you remove the commercial protector (SecureROM, etc.) the rest of the patches are pretty trivial.

Probably just a Martian face. I suspect you could find equally plausible logos in many binaries by trying enough combinations of screen width & formatting and doing some kind of image recognition on the ascii art.

It's much easier to see when you use the proper font.


+1 for DAMN NFO Viewer ;) old skool

Thanks for the picture. This is a minor but persistent pet peeve of mine. The first thing I do on a fresh Linux install is grab terminus.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact