StarForce

From Wikipedia, the free encyclopedia

You have new messages (last change).
For the video game, see Star Force.

StarForce is a controversial software copy prevention brand by the Russian developer Protection Technology, and considered by many to be malware. Its various implementations are compatible with different versions of the Microsoft Windows operating systems. Its main strength lies in wrapping executable and DLL files using byte-code, interpreted through its own virtual machine. Even though StarForce is said to be very difficult to reverse engineer, games using the protection-scheme are still being copied and cracked. The difficulty of making a crack is highly dependent on which StarForce product has been implemented and how many times the protection scheme is used within the game executable.

Contents

[edit] Protection strategies

StarForce is believed to operate by measuring the physical angle between the first and last written sector on the CD. This hardware signature is identical on all copies pressed from the gold master but is currently difficult to reproduce when burning a duplicate CD.

StarForce also blocks the use of SCSI optical drives when IDE optical drives are present in the system, since most optical drive emulators currently work by simulating SCSI drives. StarForce, however, will authenticate discs from a SCSI optical disc drive if there are no IDE optical disc drives installed in the system; a weak point, since a system with the IDE optical drives unplugged can run the protected program from a mounted CD or DVD image.

[edit] StarForce family of products

Currently known official designations of StarForce include:

  • "StarForce Pro 3": Requires a "disk key" to be entered when the software is installed. This key is the same for all copies of the game, as it encodes the nature of the protection scheme as present on the master; this disk key is different from -- and thus should not be mistaken with -- the "Serial Number" which games traditionally use for online gameplay.
  • "StarForce Keyless": Added optional feature of StarForce 3.x PRO. No disk key is required to be entered, since it is stored on the disk. (See the official whitepaper [1].)
  • "StarForce Pro 3.7": Added support for 64-bit systems. StarForce-protected software that works on 64-bit Windows can be identified by the presence of a .x64 file in the software's install directory.

[edit] Reputation

StarForce has a reputation of being extremely difficult to reverse engineer. However all of the StarForce protected games have been cracked or have other methods in order to run copies, although usually a crack is released quite long after the release of the game due to the time consuming nature of reverse engineering StarForce.

StarForce has received criticism for installing its own device driver onto computers. The StarForce driver, which is installed along with the protected product or when the protected product is first run, is mostly not uninstalled along with the software and cannot be uninstalled using conventional methods, i.e. a Start Menu shortcut or Add/Remove Programs applet in the Windows Control Panel (some protected products such as Peter Jackson's King Kong will offer to uninstall the StarForce drivers with their uninstallation). StarForce developers have later published a removal tool to help untrained users remove the driver (download link is provided below). StarForce 4.0 and above has been updated to remove itself from the computer after the game is uninstalled.

In addition, the StarForce drivers are often linked to system instability and computer crashes. Some users claim that the StarForce drivers can cause optical drives to fail, but StarForce claims there is no definite proof of this. StarForce believes that the stability problems were exaggerated and have been resolved in newer versions of the product. There are also several cases of optical drive speeds being slowed down until they reach PIO mode, thus causing damage to the drives. See "External Links" and "News Coverage" sections below. This is incorrectly blamed on Starforce, this is actually a very known problem with Windows. Windows reverts any drive that has reported 6 errors to PIO mode. The errors don't even have to be consecutive. Just 6 total errors throughout the drives life. Microsoft has released a registry tweak to fix this problem in this Microsoft knowledge base article.

Also, StarForce drivers install with certain game demos and freeware games like TrackMania Nations. The users obviously can not pirate software that is freely downloadable, and yet StarForce is installed anyway. The end-user agreement for TrackMania Nations never once mentions the StarForce software or drivers and the drivers are installed "silently".

CDV, Ubisoft, Digital Jesters, JoWooD, Egosoft, and Codemasters have used StarForce on some of their products. However, Ubisoft and JoWood have announced that the North American version of their games will no longer use StarForce, citing "problems with Starforce's software". [1] CDV also announced that they were dropping StarForce for all future games in May 2006 in favor of the TAGES copy prevention system, citing customer complaints as the reason. [2]

Many gamers have advocated boycotts of games or publishers known to use StarForce. Ubisoft decided to investigate the extent of the StarForce boycott and ran a poll on their forums, the outcome of which was against the use of StarForce. [3] For example, in Heroes of Might and Magic V and GTR2, StarForce was replaced by SecuROM.

[edit] Controversy

On 30th January 2006, Boing Boing, a popular weblog, labeled StarForce as malware [4], alleging several problems associated with the protection system, including disk drive performance degradation, weakening of operating system security and stability. A day later on 31 January 2006 Boing Boing received an email from StarForce [5], threatening legal action and stating that the article was "full of insults, lies, false accusations and rumors". CNET also ran a similar story, and has received similar email. [6] However, Protection Technologies has never proven these claims are false.

StarForce (all version known until August 2006) creates a real security problem when installed. The access control list of the drivers are set such that any user, including those without administrative rights, are allowed to change the association with the executable. Exploitation is simple: The user changes it to point at any arbitrarily chosen executable, which is executed with full system privileges on next reboot. This can be verified with the security tool "srvcheck2", which detects such potentially insecure driver configurations.

On 5th March 2006, a StarForce employee posted a link [7] to an illegal download source of Galactic Civilizations 2, a game developed by StarDock which does not use mandatory copy protection. StarForce later issued an apology for this act after it received a great deal of attention on the Internet. [8]

On 24th March 2006, Christopher Spence filed a class complaint on behalf of himself and other gamers against Ubisoft. [9] As a result of that complaint, Ubisoft dropped Starforce. [10]

[edit] References

  1. ^ http://www.1up.com/do/newsStory?cId=3149611
  2. ^ http://www.gamasutra.com/php-bin/news_index.php?story=9446
  3. ^ http://www.extremetech.com/article2/0,1697,1949621,00.asp
  4. ^ boingboing.net
  5. ^ boingboing.net
  6. ^ http://news.com.com/5208-7349-0.html?forumID=1&threadID=11535&messageID=86618&start=-184
  7. ^ http://www.galciv2.com/temp/starfo2.jpg
  8. ^ http://forums.galciv2.com/index.aspx?AID=107193
  9. ^ http://eplaw.us/sf/UbisoftComplaint032406.pdf
  10. ^ http://www.gamesindustry.biz/content_page.php?aid=16155

[edit] See also

[edit] External links

[edit] News coverage

Retrieved from "http://en.wikipedia.org../../../s/t/a/StarForce_2084.html"
In other languages