The “inevitability” of video game piracy

Standard

I just read yet another person say something along the lines of “there will always be piracy, it’s inevitable”. This line of thought bugs me. No, it’s not inevitable. It’s the best we can do right now for a variety of mostly non-technical reasons but it’s not that hard to come up with some rough proof-sketches that piracy can be 100% avoided, technically.

At the extreme you could have built in signature verification on the CPU itself so it will simply refuse to load any code that isn’t cryptographically signed for that chip and that chip alone, then distribute executables as DLC, with per-customer signatures.

Will this work? Well, the world’s armed forces somehow manages to communicate securely with themselves and another, with very high incentives to breach each others communications. That should be enough to tell you that if we really wanted to, we could make sure you and only you see what we (and only we) want you to see.

Another simple existence proof is something like OnLive. If you released a game only on a streaming service so that customers never even have any code running on their machine then it’s obviously impossible for them to pirate it (assuming you maintain security of the main servers which do have the code).

Piracy is inevitable with the current business model, but in a future with digital distribution only (at least for the executable), this is totally a solvable problem, and there’s pretty strong incentives to get it done too.

Not to mention the fact that both the PS3 and to a lesser extent the 360 had a pretty good run of being piracy free. The number of security holes is finite, so eventually you’d expect to be able to plug all of them, and get zero piracy even with the current business model.

Advertisements

4 thoughts on “The “inevitability” of video game piracy

  1. “At the extreme you could have built in signature verification on the CPU itself so it will simply refuse to load any code that isn’t cryptographically signed for that chip and that chip alone, then distribute executables as DLC, with per-customer signatures.”

    Then the owner of that code needs to have the master key to encrypt the code to run on that chip. There’s a dissemination issue (unless you centralize everything as I’m sure the console owners do, but on PC which is – still – an open platform it’s harder). Of course maybe your plan is to have the PC as closed as the console, in which case no objection. But any sign of openness could potentially be exploited ? Also who owns the master key : the maker of the chip (say Intel), or the maker of the OS/shop (say Microsoft) ? Once again, open platforms being built from parts. =/= closed platform where the seller also controls every part.

    “Well, the world’s armed forces somehow manages to communicate securely with themselves and another, with very high incentives to breach each others communications”

    I think this is a common fallacy, to treat one form of communication like another. There’s a fundamental difference between stuff that needs trust between two parties (and only two) and stuff where your concern is to have the maximum of eyes (or ears) to see it, but want to control through what channel they see it.

    Of course the interactiveness of games, could make the onlive solution feasible, because a large part of the experience is the code that doesn’t have to travel to your device.. But then, there are still games that are being enjoyed being cut from any communication source.

    Also to push your reasoning further, game logic can be reversed engineered and games can be cloned (it’s already the case today but we might see more litigation in the future once piracy becomes “airtight” as you expressed wishes). Aren’t all Wow clones taking away some of its value by offering free to play gameplay that is maybe not fully comparable but a close second ?

    • You wouldn’t need a “master key” necessarily, public/private key encryption schemes could work. You give money to the game publisher and hand them your public key, they give you a custom signed executable that can only run on your CPU. Nobody needs to “own” this public key but you. Again, this is an extreme scenario, and perhaps the OnLive type scenario is an easier existence-proof that piracy can be eliminated. The point is that if you actually wanted to eliminate piracy there aren’t any laws of nature mandating that this will inevitably be broken. Secure communication is possible. I’m not saying there aren’t any technical implementation challenges, mind you.

  2. I challenge your assumption that it’s possible to remove piracy by modifying the end-user’s ability to run pirated code.

    Because that’s impossible. Here’s why:
    Maybe the chip refuses to load anything that isn’t signed with its own public key. But that means that it has a private key. So you download the code, use your chip to decode it with the private key, then send it to all your friends. Your friends sign it with their own private keys and play the game for free.
    OK, you say, make the private key hardware-inaccessible.
    That’s not possible.
    So what you do is, you hack up a chip to have a known private key and buy the game for that chip. Or you use an electron microscope to analyze the circuitry to grab the private key. Either way, it’s now trivial to decrypt and re-encrypt the code for your friends to use.

    • The public key (stored in your system) and the unencrypted executable would not be accessible. You can’t hack up your own chip with a known key, because the corresponding private key would not be in the list of approved keys that the copyright holder has.

      If you do take it apart in a clean room and manage to get the bits out (this would of course be intentionally obscured) you only have a single key, which can be easily revoked by the copyright holder if they find out that multiple people are using it. So at most you’ll have access to the current library that corresponds to that key, but you can’t ever download anything new.

      BTW, this assumes that you can pull apart the chip and read the bits off of the private key, which I don’t think is practical. Has anyone ever figured out the key for Xbox 360 or PS3 discs? To my knowledge the answer is no.

      Even if you go through that, the encrypted code isn’t useful. Your friends *can’t* sign it with their own private key because they don’t have access to it. That key is secret and lives in some master list with the platform owner. They only have the key that’s on their chip (which is “public” but very hard to find).

      So you’re left with the highly implausible option of 1) extracting the a key using a clean room environment and sophisticated HW debugging equipment (a key which will be invalidated as soon as the platform holder detects any mischief so no new games for you), 2) using this key to decrypt SW 3) running this software on a third party compatible “console” that doesn’t have any encryption scheme.

      All of this, of course, can be prevented in turn by putting parts of the game experience online. If some of your gameplay code runs in the cloud, then you can’t get that stuff because the code is not accessible to you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s