StarForce

From Wikipedia, the free encyclopedia

You have new messages (last change).
For the video game, see Star Force.
StarForce logo
StarForce logo

StarForce is a controversial software copy prevention brand by the Russian developer Protection Technology. It is designed for Microsoft Windows. Its main strength lies in wrapping executable and DLL files using byte-code, interpreted through its own virtual machine.

It is considered by many to be malware, due to it frequently resulting in degradation of IDE speed, resulting in a number of CD or DVD drives failing completely.[1] Even though StarForce is said to be very difficult to reverse engineer, games using the protection-scheme are still being copied and cracked. The difficulty of making a crack is highly dependent on which StarForce product has been implemented and how many times the protection scheme is used within the game executable.

Contents

[edit] Protection strategies

StarForce is believed to operate by measuring the physical angle between the first and last written sector on the CD. This hardware signature is identical on all copies pressed from the gold master but is currently difficult to reproduce when burning a duplicate CD.

StarForce also blocks the use of SCSI optical drives when IDE optical drives are present in the system, since most optical drive emulators currently work by simulating SCSI drives. StarForce, however, will authenticate discs from a SCSI optical disc drive if there are no IDE optical disc drives installed in the system; a weak point, since a system with the IDE optical drives unplugged can run the protected program from a mounted CD or DVD image.

[edit] StarForce family of products

Currently known official designations of StarForce include:

  • StarForce Pro 3: Requires a "disk key" to be entered when the software is installed. This key is the same for all copies of the game, as it encodes the nature of the protection scheme as present on the master; this disk key is different from -- and thus should not be mistaken with -- the "Serial Number" which games traditionally use for online gameplay.
  • StarForce Keyless: Added optional feature of StarForce 3.x PRO. No disk key is required to be entered, since it is stored on the disk.[2]
  • StarForce 3.5: Added support for 64-bit systems. StarForce-protected software that works on 64-bit Windows can be identified by the presence of a .x64 file in the software's install directory. Earlier versions would reboot the system or simply refuse to run the application on such systems.[3]
  • StarForce FrontLine 4.0: Fully supports x64 applications. Also supports Windows Vista 32/64 bit versions.[4]

StarForce does not provide software updates for end-users, that could for example enable 64-bit or Vista support for older versions of the protection.[3] For this, it requires the developers to create patches — as their license permits — specific for the game or application.

[edit] Reputation

StarForce has a reputation of being extremely difficult to reverse engineer, though all StarForce protected games have been cracked or have other methods in order to run copies. However, the crack is usually released quite long after the release of the game due to the time consuming nature of reverse engineering StarForce.

StarForce has received criticism for installing its own device driver onto computers. The StarForce driver, which is installed along with the protected product or when the protected product is first run, is mostly not uninstalled along with the software and cannot be uninstalled using conventional methods, i.e. a Start Menu shortcut or Add/Remove Programs applet in the Windows Control Panel (some protected products such as Peter Jackson's King Kong will offer to uninstall the StarForce drivers with their uninstallation).

To address this, StarForce developers later published a removal tool to help untrained users remove the driver (download link is provided below). Also, on May 16, 2006, Protection Technologies revealed that VeriTest, an independent testing lab, had certified that the StarForce drivers passed the "Designed for Windows XP" certification test.[5]

In addition, the StarForce drivers are often linked to system instability and computer crashes. Some users claim that the StarForce drivers can cause optical drives to fail, but StarForce claims there is no definite proof of this. StarForce believes that the stability problems were exaggerated and have been resolved in newer versions of the product. There are also several cases of optical drive speeds being slowed down until they reach PIO mode, thus causing damage to the drives. See "External Links" and "News Coverage" sections below. Also, StarForce drivers install with certain game demos and freeware games like TrackMania Nations. The users obviously can not pirate software that is freely downloadable, but StarForce is used to prevent people from hacking the game executable and thus being able to cheat their way into the on-line ladder (the game was produced specifically for ESWC, after all). Still, the end-user agreement for TrackMania Nations never once mentions the StarForce software or drivers and the drivers are installed "silently". In response, Protection Technologies used a different strategy with the game Trackmania United: a Lite version of Starforce is present, without the StarForce drivers, with the game asking for the original CD every three days.

CDV, Ubisoft, Digital Jesters (now defunct), JoWooD, Egosoft, Codemasters, Eagle Dynamics and Bohemia Interactive Studio have used StarForce on some of their products. However, Ubisoft and JoWooD have announced that the North American version of their games will no longer use StarForce, citing "problems with StarForce's software".[6] CDV also announced that they were dropping StarForce for all future games in May 2006 in favor of the TAGES copy prevention system, citing customer complaints as the reason.[7]

Many gamers have advocated boycotts of games or publishers known to use StarForce. Ubisoft decided to investigate the extent of the StarForce boycott and ran a poll on their forums, the outcome of which was against the use of StarForce.[8] For example, in Heroes of Might and Magic V and GTR2, StarForce was replaced by SecuROM.

Recently, Protection Technologies released information that StarForce passed the Vista Compatibility Tests.[9] Older versions of StarForce (3.x) did not support Windows Vista and required driver updates from Protection Technologies.

[edit] Controversy

On January 30, 2006, Boing Boing, a popular weblog, labeled StarForce as malware, alleging several problems associated with the protection system, including disk drive performance degradation, weakening of operating system security and stability.[10] A day later on January 31, 2006 Boing Boing received an email from StarForce, threatening legal action and stating that the article was "full of insults, lies, false accusations and rumors".[11] CNET also ran a similar story, and has received similar email.[12] However, Protection Technologies has never proven these claims are false.

StarForce (all version known until August 2006) creates a real security problem when installed. The access control list of the drivers are set such that any user, including those without administrative rights, are allowed to change the association with the executable. Exploitation is simple: The user changes it to point at any arbitrarily chosen executable, which is executed with full system privileges on next reboot. This can be verified with the security tool "srvcheck2", which detects such potentially insecure driver configurations.

On March 5, 2006, a StarForce employee posted a link to an illegal download source of Galactic Civilizations 2, a game developed by StarDock which does not use mandatory copy protection.[13] StarForce later issued an apology for this act after it received a great deal of attention on the Internet.[14]

On March 24, 2006, Christopher Spence filed a class complaint on behalf of himself and other gamers against Ubisoft.[15] As a result of that complaint, Ubisoft dropped StarForce.[16]

Also in March 2006, the hacker group RELOADED completely reverse-engineered StarForce 3.0, releasing a vast array of documentation about how StarForce works in the system and unveiling how clumsily several procedures were implemented by StarForce, such as emulated virtual machine functions and opcodes.[17]

[edit] References

  1. ^ Raufaste, Laurent. Boycott StarForce. glop.org. Retrieved on 2007-03-06.
  2. ^ StarForce Keyless Protection
  3. ^ a b http://www.star-force.com/protection.phtml?c=83&id=586 StarForce copy protection to support the x64 bit user community
  4. ^ http://www.star-force.com/protection.phtml?c=83&id=862
  5. ^ http://www.star-force.com/protection.phtml?c=83&id=946
  6. ^ http://www.1up.com/do/newsStory?cId=3149611
  7. ^ http://www.gamasutra.com/php-bin/news_index.php?story=9446
  8. ^ http://www.extremetech.com/article2/0,1697,1949621,00.asp
  9. ^ http://www.star-force.com/protection.phtml?c=83&id=1036
  10. ^ http://www.boingboing.net/2006/01/30/anticopying_malware_.html
  11. ^ http://www.boingboing.net/2006/01/31/starforce_threatens_.html
  12. ^ http://news.com.com/5208-7349-0.html?forumID=1&threadID=11535&messageID=86618&start=-184
  13. ^ http://www.galciv2.com/temp/starfo2.jpg
  14. ^ http://forums.galciv2.com/index.aspx?AID=107193
  15. ^ http://eplaw.us/sf/UbisoftComplaint032406.pdf
  16. ^ http://www.gamesindustry.biz/content_page.php?aid=16155
  17. ^ http://www.glop.org/starforce/remove.php

[edit] See also

[edit] External links

[edit] News coverage

Retrieved from "http://en.wikipedia.org../../../s/t/a/StarForce_2084.html"
In other languages