StarForce
- For the video game, see Star Force.
StarForce is a software copy prevention brand by the Protection Technology company for Windows, which recently achieved Microsoft Certified Partner Level [1].
Its main protection scheme lies in wrapping executable and DLL files using byte-code, interpreted through its own virtual machine.
Although StarForce is claimed by Protection Technology to be very difficult to reverse engineer,[citation needed] games using the protection scheme are eventually cracked. The difficulty of making cracks is highly dependent on which StarForce version has been implemented however, and how many times the protection routine is used within the game executable by the developer.
Known protection strategies
StarForce is believed to operate by measuring the physical angle between the first and last written sector on the CD. [citation needed] This hardware signature is identical on all copies pressed from the gold master but is currently difficult to reproduce when burning a duplicate disc. Certain programs can spoof this angle by intercepting communications between the CD drive and the protected application, effectively disabling the protection.
Versions of StarForce prior to 4.0 blocked the use of SCSI optical drives when IDE drives are also present in the system, since most optical drive emulators currently work by simulating SCSI drives. StarForce, however, authenticated discs from a SCSI optical disc drive if there are no IDE optical disc drives installed in the system; a weak point, since a system with the IDE optical drives unplugged or disabled can run the protected program from a mounted CD or DVD image.
StarForce family
Currently known official designations of StarForce include:
- StarForce Pro 3
- Requires a "disk key" to be entered when the software is installed. This key is the same for all copies of the game, as it encodes the nature of the protection scheme as present on the master; this disk key is different from -- and thus should not be mistaken with -- the "Serial Number" which games traditionally use for online gameplay.
- StarForce Keyless[2]
- Added optional feature of StarForce 3.x PRO. No disk key is required to be entered, since it is stored on the disk.
- StarForce 3.5[3]
- Added support for 64-bit systems. StarForce-protected software that works on 64-bit Windows can be identified by the presence of a .x64 file in the software's install directory. Earlier versions would reboot the system or simply refuse to run the application on such systems.
- StarForce FrontLine 4.0[4]
- Fully supports 64-bit applications.
- Fully supports Windows Vista 32/64 bit.[5]
- The first version of StarForce to pass WHQL Testing and be "Certified for Microsoft Windows Vista" .
- StarForce FrontLine 4.7[6]
- Seems it is just an evolution of 4.0. No additional information available.
- StarForce Frontline 5.0 [7]
- Provides a user interface for driver removal
- Allows for the deactivation and reactivation of online-authenticated applications
Protection Technology provides driver update tool, but it does not widen compatibility for StarForce-protected games. For example, to add 64-bit support to a game built before StarForce supported it, a developer would be required to create patches specific to their product(s).
Protection levels
There are two confirmed "tiers" of StarForce protection:
- Basic
- "An inexpensive solution for protection of budget products that does not require access to the product's code. It is designed for publishers and developers of software distributed on popular media or via Internet. It allows to protect the executable Windows file of the application and provide control of creation and distribution of licenses during the product’s lifetime."
- Pro
- "A powerful multilevel solution that provides professional protection for software against computer piracy. It has been designed for software publishing and developing companies that distribute their software on different media and online. Pro ensures reliable protection of original data and code as well as control over creation and distribution of licenses during full life cycle of software products."
According to the Boycott StarForce Wiki, some of the games known to use the Pro level of protection are Bet on Soldier, Splinter Cell: Chaos Theory, Toca Race Driver, Trackmania Sunrise, and Ubersoldier. It also cites a rumoured "Elite" level of protection, which is not known to be being used in any released games.[8]
StarForce 3.0 Reputation
StarForce 3.0 has a reputation of being extremely difficult to reverse engineer, though StarForce 3.0 protected games are eventually cracked, or through other methods have their protection bypassed.[citation needed] Cracks are sometimes released a couple of days after the official release of the game, but some games survive months or years before being compromised: Splinter Cell: Chaos Theory held 422 days before being cracked.[9] Other games require manuals to apply cracks to, and after that step require supplemental cracks to prevent crashes, such as Colin McRae Rally 2005.[10]
Splinter Cell: Chaos Theory's cracking involved the complete reverse-engineering of StarForce 3.0, and with the crack was released a vast array of documentation about how StarForce 3.0 works. Alongside many technical details, it revealed how several resource-intensive procedures were implemented by StarForce, such as emulated virtual machine functions and opcodes, while its checks were being carried out. [11]
Driver installation
StarForce 3.0 has received criticism for installing its own device driver onto computers along with the protected product or when the protected product is first run, which is generally not uninstalled along with the software (Peter Jackson's King Kong being one exception). While Protection Technology do provide a removal tool, it has yet to be advertised or provided to users anywhere within protected games.
Further to this, the presence of StarForce drivers is rarely if ever revealed to users before or during installation.
Lite/driverless
StarForce 3.0 drivers are installed with certain older game demos, freeware and downloadable games, like TrackMania Nations. Their presence is intended to prevent crackers from using demo executables to help break retail executables (as the two will usually be quite similar), and can also help to prevent online cheating.[citation needed] In response to criticism over this, Protection Technologies now offer a new solution: a Lite version of StarForce is present, without drivers, which instead sees the game asking for the original CD every three days. The lite version is also used in all StarForce-protected demos and downloadable games, minus the requests for discs (or any connection requirement).
Clients
CDV, Ubisoft, Digital Jesters (now defunct), JoWooD, Egosoft, Codemasters, Eagle Dynamics, Midway Games, and Bohemia Interactive Studio have used StarForce 3.0 on some of their products.
However, Ubisoft and JoWooD announced in 2006 that the North American version of their games would no longer use StarForce, citing "problems with StarForce's software".[12] CDV also announced that they were dropping StarForce for all future games in May 2006 in favor of the TAGES copy prevention system, citing customer complaints.[13]
Community response
Some gamers have advocated boycotts of games or publishers known to use StarForce.[14] These gamers claim that StarForce software causes system instability and crashes, and that Production Technology refuses to address the damage their software causes. Ubisoft decided to investigate the extent of the StarForce boycott and ran a poll on their forums, the outcome of which was against the use of StarForce.[15] As a result (along with a lawsuit[16] and general discontent on the web[17][18]), in Heroes of Might and Magic V and GTR2, StarForce 3.0 was replaced by SecuROM.
Controversy
Software
Driver security
StarForce 3.0 (until August 2006) creates a security problem when installed on a limited-access user account, as might be found on a corporate network. The access control list of the drivers are set such that any person with control over the computer, including those without administrative rights, is allowed to change the code that is run by the driver. Exploitation is simple: The user changes it to point at any arbitrarily chosen executable, which is executed with full system privileges on next reboot. This can be verified with the security tool "srvcheck2", which detects such potentially insecure driver configurations.
Company conduct
Boing Boing
On 2006-01-30, Boing Boing, a popular weblog, alleged that StarForce was malware, citing several problems associated with the protection system, including disk drive performance degradation, weakening of operating system security and stability.[19]
A day later on 2006-01-31 Boing Boing received an email from StarForce, threatening legal action and stating that the article was "full of insults, lies, false accusations and rumors".[20] CNET ran a similar story and received similar email.[21] However, Protection Technologies has never proven these claims to be false (see Negative proof).
During the controversy well-known Sysinternals programmer Mark Russinovich analysed StarForce and found "nothing overtly unstable" about it:[22]
I've taken a look at StarForce and other than some unorthodox ways of monitoring Cd-Rom traffic and intercepting the creation of all processes and threads, there's nothing overtly unstable about its implementation. What I did find is that the uninstall for Silent Hunter III does not uninstall StarForce, something that's absolutely inexcusable. That's Ubisoft's responsibility, however, not StarForce's.
Stardock
On 2006-03-05, a Protection Technology employee posted a link to an unauthorised download source of Galactic Civilizations 2, a game developed by StarDock which does not use mandatory copy protection, as a demonstration of what a lack of protection can lead to.[23] StarForce later issued an apology for this act after it received a great deal of attention on the Internet.[24]
See also
- SecuROM
- SafeDisc
- Extended Copy Protection ("XMP")
References
- ^ StarForce achieved Microsoft Certified Partner Level
- ^ StarForce Keyless Protection
- ^ StarForce copy protection to support the x64 bit user community
- ^ StarForce FrontLine Driver passed "CERTIFIED FOR MICROSOFT WINDOWS VISTA" tests.
- ^ StarForce FrontLine 4.0 – dramatic improvements in copy protection system!
- ^ StarForce FrontLine 4.7 – new version of StarForce DRM system.
- ^ "StarForce FrontLine 5.0 – evolution in copy protection!". Official press release. 2007-05-23. Retrieved 2007-07-10.
{{cite web}}
: Check date values in:|date=
(help) - ^ "Starforce: Description". Boycott StarForce.net. 2006-11-10. Retrieved 2007-05-10.
{{cite web}}
: Check date values in:|date=
(help) - ^ [1]
- ^ "Colin McRae Rally 2005 - No-CD No-DVD Trainers & Game Fixes". GameCopyWorld. 2004 to 2007. Retrieved 2007-05-10.
{{cite web}}
: Check date values in:|date=
(help) - ^ http://www.glop.org/files/rld-sfrt.rar
- ^ http://www.1up.com/do/newsStory?cId=3149611
- ^ http://www.gamasutra.com/php-bin/news_index.php?story=9446
- ^ "Boycott StarForce.net".
- ^ http://www.extremetech.com/article2/0,1697,1949621,00.asp
- ^ http://eplaw.us/sf/UbisoftComplaint032406.pdf
- ^ "Starforce software removed from TrackMania: United".
- ^ "Ubisoft Dumps Starforce (Note the heated commentary following the actual story)".
- ^ http://www.boingboing.net/2006/01/30/anticopying_malware_.html
- ^ http://www.boingboing.net/2006/01/31/starforce_threatens_.html
- ^ http://news.com.com/5208-7349-0.html?forumID=1&threadID=11535&messageID=86618&start=-184
- ^ "Topic: Mark's Sysinternals Blog".
- ^ http://www.galciv2.com/temp/starfo2.jpg
- ^ http://forums.galciv2.com/index.aspx?AID=107193
External links
- Official site
- StarForce Drivers Removal Tool Location
- A page gathering information about why and how Starforce sux
- Boycott StarForce .net Boycott site with regional lists of StarForce protected games and detection methods. Also contains removal instructions and other information.
News coverage
- "StarForce Interview and Piracy Discussion": interview with Abbie Sommer of StarForce (FiringSquad, August 18, 2004)
- "Irritation-Ware: Copy protection with a mean streak", (Broadband Reports, July 12, 2004)
- "StarForce Copy Protection Causing User Ire" (Slashdot, June 11, 2004)
- The War on Game Pirates
- Boing Boing's article alleging StarForce is malware (31 January 2006); StarForce's response
- CNET article regarding StarForce. StarForce response.
- "Opinion: The Problem with Protection" PC Gamer editor-in-chief Greg Vederman talks about his problems with StarForce
- StarForce enforces DRM by instant reboot (without warning)
- Computer Gaming World reports that under certain circumstances, StarForce will cause Windows to access optical drives in Programmed input/output (PIO) mode.
- Schadenfreudian Slips: Copy Protection Racket (Gamasutra feature by Schadenfreude Interactive, August 30, 2006), featuring a parody of StarForce.