SecuROM

From Wikipedia, the free encyclopedia

The neutrality of this article is disputed.
Please see the discussion on the talk page. (September 2008)
Please do not remove this message until the dispute is resolved.

This article may contain original research or unverified claims. Please improve the article by adding references. See the talk page for details. (November 2008)

SecuROM is a CD/DVD copy protection product, most often used for computer games running under Microsoft Windows, developed by Sony DADC. SecuROM aims to resist home media duplication devices, professional duplicators, and reverse engineering attempts. The use of SecuROM is highly controversial because certain aspects of the protection are similar to functions of malware, and users are not always informed when SecuROM is included with a product.^[1] Numerous class action suits have been filed against Electronic Arts for this very issue.^[2]

1 Versions, detection and technology of SecuROM
2 Controversies
3 See also
4 References
5 External links

[edit] Versions, detection and technology of SecuROM

[edit] SecuROM v1.x–v3.x

One of the following files should exist in the installed directory (Depending on the operating system) or in the root of the original CDs:

CMS16.DLL
CMS_95.DLL
CMS_NT.DLL.

The protection can also be recognized by DADC on the inside ring of the CD. DADC is a CD manufacturing plant; the more recent SecuROM protected games are also pressed in other plants. Open the main executable using a hex editor and search for the following ASCII text (it should appear twice): CMS

[edit] SecuROM v4.7 and above

After development on SecuROM had apparently been stopped, SecuROM v4.7 was the first updated version for months. The new SecuROM brought several major changes in the way the protection works and how it is integrated into the target program.

Unlike SecuROM v4.6, which relied on non-compliant SubQ-Information, the new scheme utilizes "data density measurement" (not to be confused with "data position measurement" as being used by other protections). While the data density on normal CD/DVD-ROMs constantly degrades from the most inner to the most outer sector, data density on SecuROM v4.7 (and up) protected CD/DVD-ROMs is diversified by a certain, vendor specific pattern. This pattern can be reconstructed by high-precision time measurement during software<->CD/DVD-drive interaction and reflects the vendor-key as mentioned above.

To do so the protection defines a set of locations spread over the disc and issue two SCSI-read-commands per location to the drive. As the disc spins, the time it takes for the second command to return depends on the time it takes the disc to do a full round and thus depends on the data-density. To achieve the required timing-precision, the RDTSC instruction is used, which typically has a resolution better than 0.01 microseconds.

The pattern is made up from 72 locations, each either with normal or higher than normal density and thus reflects a binary pattern which assembles to the vendor specific key mentioned above.

SecuROM v4.84 and beyond includes "Trigger Functions" which allow the developer to program multiple and fully customizable authentication checks throughout the entire application. As the protection places itself between the application's code and the OS, it can alter the behaviour of selected system functions.

Consider the following pseudocode:

if (GetCurrentDate() == '13-32-2999') then 
    WorkCorrectly()
else
    PreventProgramUse()
end if

Obviously, a "normal" GetCurrentDate() function will never return '13-32-2999'. However, as SecuROM can modify the function's result, the application can check for the protection's presence during runtime; if the protection has been removed, the function will return with some other valid value, giving the application the opportunity to display an error message or render the application unusable (e.g. provoking a crash to desktop or making enemies invincible).

There are many different ways how "triggers" can be integrated into a program, making it much more complicated to universally circumvent the protection.

[edit] SecuROM v 7.x

Latest SecuROM Versions are all 7.x versions which are released and updated continuously.^{[citation needed]}

SecuROM 7.x, if run under a non-admin user account, installs its own service called UAService7.exe, which works in ring 3 of the computer's operating system.^{[citation needed]}

Securom has said: "it has been developed to enable users without Windows administrator rights the ability to access all SecuROM features."^[3]

SecuROM 7.x was also the first version of the software to come with an uninstall utility, created to satisfy customer demands on the issue.^[4]

[edit] Known problems

The version of SecuROM that comes with Grand Theft Auto IV, Armed Assault, S.T.A.L.K.E.R (European release only), Neverwinter Nights 2, Command & Conquer 3: Tiberium Wars (patched to v1.04), Tomb Raider Anniversary (demo and full version), Overlord (However, the Steam edition does not contain SecuROM), BioShock (demo and full version), Hellgate: London (single player mode), Rayman Raving Rabbids (PC version), World in Conflict (single-player campaign only) and Spore (full game and Creature Creator) prevents the game from running at all if older versions (before v11) of Process Explorer, a free tool by Sysinternals/Microsoft, has been run since the previous reboot. Microsoft has worked around this particular bug with Process Explorer v11.0.

Under Windows Vista, this same version of SecuROM also prevents the game from running if Explicit Congestion Notification is enabled in Vista's networking configuration.^[5]

The version of SecuROM that is installed with the first German retail version of the game Das Schwarze Auge: Drakensang installs a shell extension that makes explorer.exe crash on at least some systems running Windows XP. The same can be seen in systems running Windows Vista with the version of SecuROM that comes with Neverwinter Nights 2. SecuROM is hosting a fix to the issue that apparently removes the extension. As of version 1.0.1, this fix is not included in the official patches.

Some versions of SecuROM install a shell extension named CmdLineContextMenu Class, which checks every executable file when context menu is opened. If the file has a path non-native to the system locale, the extension malfunctions and block the Windows shell. This makes Windows explorer unresponsive and context menus unavailable.

[edit] Controversies

[edit] Conflicts with other software

Some versions of SecuROM, particularly older 2.x versions, may silently install a shell extension that prevents Windows Explorer from deleting 16-bit executables.^{[citation needed]}

[edit] BioShock and rootkit accusations

BioShock, a game using SecuROM protection, has been accused of installing a rootkit. An official announcement was made denying the use of any type of rootkit.^[6]^[7] The detection of a possible rootkit is difficult, due to limitation in rootkit detection tools. Use of a common Microsoft rootkit detection tool known as RootkitRevealer flags issues related to BioShock's copy protection which indicate a need for additional scrutiny. In this case, the flag is raised on account of a null byte in a string of characters in one of the related registry entries. Null bytes in value strings are generally interpreted by common registry visualization tools as end-of-string characters; such tools tend to fail to display the whole string. This is caused by the limitations of those tools and can be used by malicious parties to conceal data.

[edit] The Sims controversy

The Sims 2 and some of its add-ons had previously used SafeDisc for copy protection until April 2007. Electronic Arts replaced SafeDisc with SecuROM v 7.x software protection since, beginning with The Sims Pet Stories. This includes The Sims Castaway Stories, The Sims 2 Deluxe, The Sims 2: H&M Fashion Stuff, The Sims 2: Bon Voyage, The Sims 2: Teen Style Stuff, The Sims 2 Double Deluxe, The Sims 2: FreeTime, The Sims 2: Kitchen & Bath Interior Design Stuff, The Sims 2: IKEA Home Stuff, The Sims 2: Apartment Life, and The Sims 2: Mansion & Garden Stuff. Claimed problems relating to SecuROM include prevention of proper launching of games, disabling of CD/DVD/Blu-ray disc burners, and disruption of antivirus programs. Some users have reported severe damage caused by SecuROM, resulting in system failures that required complete system reformats to fix. EA attempted to address some of these concerns on the official website.

[edit] Mass Effect controversy

In May 2008 EA announced that Mass Effect for the PC would be using SecuROM 7.x requiring a reactivation of the software every 10 days.^[8] Due to a massive outpouring of complaints, EA removed the 10-day activation while keeping SecuROM tied to the installation. SecuROM's product activation facility was still used to impose a limit of three times that a customer is allowed to activate the copy of Mass Effect they purchased. The game becomes unplayable "as is" after the activations are used up, until EA's customer support is contacted to reset the activation limit, or until activation is bypassed using one of a number of available tools. Unlike BioShock, uninstalling the game does not refund a previously used activation.^[9]

[edit] Spore controversy

On September 7, 2008 EA released Spore using SecuROM. Spore has seen relatively substantial rates of piracy among peer-to-peer groups, possibly as a result of the backlash against its SecuROM-based DRM. As a result of its inclusion within Spore, a class-action lawsuit was filed by Maryland resident Melissa Thomas within U.S. District Court against Electronic Arts.^[10]^[11] The lawsuit has been followed up by several others.

[edit] Sacred 2 - Fallen Angel

This section needs sources or references that appear in reliable, third-party publications.
Primary sources and sources affiliated with the subject of the article are generally not sufficient for a Wikipedia article. Please include more appropriate citations from reliable sources, or discuss the issue on the talk page. (November 2008)

Sacred 2 contains SecuROM. Developer Ascaron claims that the version of SecuROM installed with Sacred 2 is a customer friendly version, and will come with two activations which need to be deactivated before any further installations. Once the installation process is completed, the game DVD is no longer required in the computer's CD drive. Sacred 2 allows two players in single-player mode and LAN mode per copy, and one player over the Internet per copy. However, there has recently been controversy when it was found that the aforementioned version of SecuROM in this game caused some technical issues which it is claimed can only be removed via a system reformat.

[edit] Fallout 3

Bethesda Softworks assured the public that they would not be utilising any remote-activation DRM for Fallout 3 but merely the basic disc-checking version. However, shortly after the release customers discovered that this was not true, and instead the game contains a version of SecuROM v7.36 which checks for the disc as previously stated but also has an invasive kernel-mode driver^{[citation needed]} which checks for commonly used CD/DVD writing software on the system; if detected, the installation is aborted. The version sold on Steam does not have this restriction. The game's copy protection can easily be bypassed completely by running the main executable ("Fallout3.exe") instead of the separate launcher ("FalloutLauncher.exe"). This, however, will disallow the user with no CD to access preset video setting levels and manage mods with the internal "Data files" menu (certain third-party utilities such as Fallout Mod Manager can do this as well).

[edit] Grand Theft Auto IV controversy

The Windows release of Grand Theft Auto IV also uses SecuROM. While it does allow unlimited re-installs, it still requires the DVD to remain inserted at all times to run the game. SecuROM is also present in the Steam version of the game^[12], despite that version not requiring a disc to run. This, along with a reliance on the Games For Windows service, has caused upset among fans of the series, who are having technical issues with the game. It uses a similar method of DRM to BioShock. ^[13]

Software cracking groups have managed to reverse-engineer the game's SecuROM protection. However, early attempts to bypass the online activation and DVD check usually result in odd or even fatal consequences, such as vehicles accelerating without player intervention or camera issues. Despite this, scene groups such as Razor 1911 and FED0R have made a loader that bypasses the DRM protection and fixes the issues caused by cracking the game.^[14]^[15]

[edit] See also

[edit] References

[edit] External links

Retrieved from "http://en.wikipedia.org/wiki/SecuROM"

Hidden categories: NPOV disputes from September 2008 | All NPOV disputes | Articles that may contain original research since November 2008 | All articles that may contain original research | All articles with unsourced statements | Articles with unsourced statements since September 2007 | Articles with unsourced statements since September 2008 | Articles with unsourced statements since November 2008 | Articles lacking reliable references from November 2008 | All articles lacking sources | Articles with unsourced statements since December 2008