LOMAC v1.1 copy protection – good news/bad news

[tflash]

Hey, I got the impression I missed the point here and want to say a few things in support of Stormin and ED:

 

1) I see people feel our candid discussion is a reason to uninstall the demo or think it is damaging their system.

 

--> this is absolute BS: you are not running into any extra risks by having this demo installed. There is no clear and present danger here and the theoretical problem with the StarForce driver is to my opinion a minor threat compared to a wealth of other, more imminent threats to the security of your computer already present. I totally disagree with claims the demo makes your PC unsafe.

 

2) The fact that a StarForce key could be cracked is in no way a sufficient argument against it: the whole point why StarForce is used in the gaming industry is that it takes relatively longer to crack, and that's the whole and only point of such a protection.

 

If the protection can help delay massive replication for a few months, that's enough in commercial game terms. The only thing is I think other products should be carefully assessed, because we want a good protection with the least possible discomfort for the customer, and I'm not sure StarForce would be my favourite in this respect.

[Mako]

Like my ol' Pappy used to say; "When in worry or in doubt, run in circles, scream and shout!"

 

:lol:

[schimmel]

No, this guy is probably from Germany or France... ;)

 

heh... now you got me :P :)

[Dmut]

In this thread Dmut said Russian CD version of 1.1 was to be protected by “Starforce 3 Pro”.

In this thread Dmut said Western "download" version was to be protected by “StarForce ProActive 1.1”.

As I understand - both current versions of StarForce products.

Dmut tested and confirmed that both packages of StarForce software that ED has - sucsaptable to "priviege escalation vulnurability".

well I must say that both of you are right. Yes, there is a minor vulnerability in both versions of SF that I've tested and there is an exploit of this vulnerability. I called it "minor" since it is a local privilege escalation, so malicious code must be already runned to get an advanced of SFs vulnerability. Also, yet I don't know a real malware that uses this vulnerability, which itself is quite old.

Looks like most people overstate the security risk of this issue.

Here is a short example how it works - if malware is somehow gets runned on your system, it has a choice: try to delete all your files, try to connect to internet to the master, try to send itself to all recipients from your address book or try to use an SF's vulnerability to get a system account and to do basically the same previous things. The idea I want to say is:

1) if malware is executed on your box right now, then it's really doesn't matter if you have an SF or not.

2) SF doesn't helps you to be infected by a malware, since it doesn't open a remote vulnerability.

Another example - all of your have a "format.com" in Windows SYSTEM32 folder. it's a major vunerability - malware could used it to format your drive :D

 

Also I must say that I didn't tested exactly the same version of "SF ProActive 1.1" which FC used, because I don't have a FC. I've tested SF ProActive from another game (not from ED), which drivers are 2005 January old.

 

As for me, I don't care about that SF issue much, because the primary concern of my security system is to prevent malware from being execute on my box. I have a buch of SF-protected games installed and I don't have a problems neither with CD recording software nor CD-emulators. Also I have no virus runned on my box for a years ( and don't say that I just didn't noticed it :cool: )

[Cosmonaut]

When software like SF is installed with out your/our knowledge it does raise concerns and people want to know why. Its not good enough just to say the risk is minimal or you have nothing to worry about.. that kind of “Stepford Wives” attitude is hard to swallow when I didn’t agree to the install in the first place...You can call it paranoia, hysteria or what ever you like but the fact is that raising these concerns got us some answers that I personally am glad to have. People can still run around saying those that were raising issues of the possible threats were overreacting but had this been a transparent install then possibly things would have been different. I for one am pleased that we had a statement from ED and I can now appreciate the fact that ED just made a mistake and they are still in the process of deciding on which type of copy protection they will use. I just hope this progresses from here in a way that will suite all of us. As I said in the ubi forums “they haven’t let us down yet and I’m confident they wont this time either…”