Game Security

Some genres of game play are just not suited for online play. They have natural dominant strategies or are vulnerable to fast, offline computation of their solutions. Number, word, and point-and-click games work just fine for single player games, but once they are put into online, competitive applications... they are in trouble.

Dictionaries can be used against word games, calculators against number games, and point-and-click games can be simply reverse engineered or attacked via trial-and-error.

Of course, letters, numbers, and clicking can be used in a way where they are not vulnerable to attack.. often the letters and numbers are simply used as abstract symbols and don't have their usual meaning. It will be interesting to see how games like the upcoming SCRABBLE Cubes from FUN Technologies works.

Reuters has an odd article discussing the problem of Virtual Asset Theft. The reporter interviews Dave Weinstein of Microsoft about the problem of hackers subverting computers to steal MMO account information and then looting the accounts.

The problem here is that the player can place a value on the account at $10,000 (as can the crook, apparently) while the game company puts the value of the account at $0.

Combine this with the difficulty of getting law enforcement to take any computer crime seriously, much less the theft of virtual swords and such, and you have a real criminal windfall. A crime with easily transferrable items that can be stolen from around the world and very little chance of being either caught or effectively prosecuted.

Game companies are going to need to handle this problem one way or another. They are either going to have to change their game economies to actually make virtual asset theft worthless or they are going to need to start putting a real value on these virtual items and set up suitable tracking and control mechanisms.

UPDATE

Everybody loves a Mafia story even though the cited story didn't talk too much about organized crime, it sure made the tag lines of media:

Gamespot - Microsoft: Mobsters targeting MMOGs

CNN - Microsoft: MMO games face security risk

BBC - Microsoft warning on online games... this article has a bit more analysis and cites the incidents related to trojans being used to steal game account info.

Or, you can read my old article MMO Mafia.

If anyone can get a copy of Mr. Weinstein's briefing, please let me know.

For those of you who think consoles are resistant to attack, enjoy these videos of humorous manipulations of Resident Evil 4 for Sony's PS2 and Nintendo's Gamecube. If a hacker can modify a character's breasts, they can certainly attack game state for cheating and licensing information for piracy.

The bottom line is that if a player has access to the platform, they will hack it, so design your game's and security with this basic assumption.

Sony has used the upgrades of the firmware for the PSP to battle pirates & homebrew enthusiasts. This excellent article discusses how the Internet browser included with the version 2.8 update works including features to detect version, region, product code, and calling application. One of the purposes of this feature is for PSP plugins to support game unique features. Another feature, however, may turn Internet browsing into a license and firmware authentication tool.

Since firmware downgraders have been made available for the PSP at regular intervals, this feature is likely only to have a deterrent effect on casual homebrew users and none-too-serious pirates.

It is curious that this feature is being added to the PSP only in version 2.8 - the later this feature is in place, the fewer games and other applications will suport it.

This seems to be a habit with the PSP (and many other security products)... to add security features incrementally. Actually, addressing security problems is like other pests - it is better to be more aggressive quickly to knock the problem out rather than giving the troublemakers a chance to incrementally respond to security updates.

Of course the biggest problem for Sony is that the PSP has not sold well making the automatic updates and other means of adding security features into the product less meaningful.

August Piracy Month continues...

It is interesting to hear about US, European, and Japanese game developers complain about "Asian" game markets and computer gaming in other developing countries. They basically concede these markets to the pirates... essentially abandoning billions of potential customers. The basic belief is that the only type of games that work in these markets are MMOs. Conversely, Asian game developers, also seem to believe that the only type of games that work are MMOs.

However, if game developers step back and look at the basic differences in the way computers are used, they may be able to reach into these markets with different kinds of games and game businesses.

The basic difference between "Asian" and "Western" games is their licensing or security model.

- In the West, games are licensed based on an Instance of the game - a physical copy, preferrably tied to its unique initial distribution media. This is a function of history. In the West, a game is "owned" by an individual and used on a dedicated platform.

- In Asia, games are licensed based on an Account for the game - an (online) user identity that provides access to game play. There is still a physical instance of the game, but it is not usually the element that is controlled. In Asia, because computers and network connectivity and games are relatively expensive, players share access to games through Internet Cafes (PC Bangs, in Korea).

Most game developers in both regions build their game to use one model or the other, but not both. But, by designing the game business model from the beginning to support both models, the "Other" market can be reached. This changed view needs to drive the game's design from the beginning, but it can offer a number of other capabilities:

- Family Licensing - allowing a single physical game copy to be shared by multiple family members "The family that plays together, stays together".

- Cafe Single-Player Games - games do not need to be massively multi-player. A game account & profile system can be used to allow players to play single player games in a Internet Cafe environment. Piracy is still a consideration, but proper system and business model design should make this option appealing.

- Viral Marketing - make game-sharing and recommendation become a revenue source, not a piracy problem.

The First Person Shooter (FPS), F.E.A.R Combat, is including Even Balance's PunkBuster cheat detection service. The game is to be released on August 17th. This has been a good year for Even Balance as they have added a number of titles to their service.

For a complete list of the games that currently use PunkBuster, visit their site.

Piracy Month continues here at PlayNoEvil.

Anti-Piracy techniques do not need to be technical. They can be part of the game design, the business model, marketing strategy, or, in the case of pricing, just good business sense.

Xbox 360 Problems in Korea

First, the bad news. The DVD drive hack that was described and weaponized earlier this year is apparently spreading like wildfire in Asia. The hack basically allows ordinary DVD-R's that have copies of Xbox 360 games to be played like legitimate game disks. Last week, there was news about the widespread availability of Xbox 360s modded to support this hack in China. (see previous entries)

This week, the news is from Korea. The mod to the Xbox 360 costs about 70,000 Won (around $70). Now the mod does void your warrenty, but the pirated disks are available for 15,000 Won (around $15) instead of 40,000 Won (around $40), so, basically, the hacked box pays for itself once you've purchased 3 games.

An official from Microsoft claims that they can detect this mod and kick you out of Xbox Live. I am skeptical of this assertion. The API to a DVD drive (which is the only place where you can detect the mod) is not likely to be very smart. The only real way to detect this mod would be to read out the EEPROM code stored in the DVD drive ... not a function that is typically provided. MS could try to read out the code version, but this can also be spoofed (remember, the DVD drive is not an Xbox 360 unique component, it is a standard commercial part).

Back to Pricing

Now, note that the pirated disks run about $12 as opposed to a retail price of around $40. There is obviously price flexibility where people will pay for a legitimate game because it is priced at a "convenient" point. I read an interesting article somewhere (I think it may have been at GameIndustry.biz) on the notion of reconsidering pricing for the game industry. Well, fighting piracy is yet another reason to do so.

Let's take a quick look at music. The power of iTunes is that it set the price for a legitimate song at $0.99 - a number most people are willing to pay for the convenience of getting the songs they want. This price point is what has curbed piracy. Not Apple's FairPlay system which has been hacked (like pretty much every other DRM system).

Games, like movies are seen as a bigger "chunk" of entertainment and it seems people are comfortable paying around $20 for these services and, given the data in Korea, it would seem reasonable that legitimate games would sell for $20 with much less piracy.

The Console Trap

Here is where things may be getting interesting. Since consoles are typically sold as "loss leader" items (their price is often much less than the cost to make them), the console manufacturers recover this loss from licensing revenues for the games. This forces console games to be more expensive to help recover the losses for the device itself. And, if the list price of a console game was $20 instead of $50, there is much less space for the console manufacturer to make his return.

The PC, on the other hand, as an open platform without licensing fees, could be a real market for releasing games at a $20 price point. This may have multiple benefits in that it will open up the number of potential purchasers (since the decision to spend $20 is much less than that to spend $50) and, the piracy problem becomes less significant because the pain associated with a pirated game is more than a legitimate one (especially if pricing is part of an overall anti-piracy strategy).

There is still hope, for Microsoft at least, they have an additional revenue stream from Xbox Live. The Xbox Live service could be the place where Microsoft actually gets its profit from the game customers. This does look to be the case with the high 60% attach rate (though there is no break out that I have seen on how many users have gone for the Gold, paying level, of service instead of the free, Silver level). And, it also seems, a lot of players are buying items through the Live Marketplace... all of which should allow Microsoft to make money in the system... even with much less expensive games.

So, yet another reason to make PC games - you can price them below the threshold of compelling piracy.

I saw this article at GameSetWatch and I was kind of worried - someone else had beaten me to writing a book about game security.



But, it looks like I'm safe. Addison-Wesley has published an e-book (about 43 pages) on game cheating & such. If you look at the Table of Contents, you will see that the book is mostly about Blizzard's Warden monitoring tool (p 9-13) and the author's tool Governor that monitors Warden (p32-43). So, out of a 43 page book, you have 15(!) pages on Warden and Governor with 11 of those pages on Governor. The entire rest of the world of cheating, even if restricted to MMOs, is allocated a whole 28 pages (and, of course, a good chunk of that is intro material and such). You can order the ebook here.

Just for reference, my Game Security presentation (which is available as a one day training course) is almost 120 slides (and these aren't those pretty picture slides either, they are full of text) so far.

Piracy, piracy, piracy - the game industry is on a tear about piracy. Kevin Cloud and Todd Hollenshead of id Software at Quakecon raised the alarm this week, but they are far from alone. Everyone in the industry is concerned about pirates... except, that is, one group... the players.

And this is the biggest problem. Companies see players as the enemy. Potential thieves who are out to rob game developers and publishers of the rightful proceeds of their work.

What is even more interesting about this is that for all of the Sound and Fury about piracy, is that the industry does precious little about it. Security and piracy are afterthoughts in the game development and production process. This makes the job of a security provider much more difficult, if not impossible.

"Fix This, oh, and don't cost too much, and by the way, its shipping next week (or already did)".

"Oh, and, by the way, we didn't bother to secure our development process, so the code base was compromised a month ago."

And, since fighting piracy is a number one priority for our company, the person you will be working for is our deputy assistant for quality assurance (or testing or production) who is about 4 levels down in the food chain and has no budget authority.

(end of rant, perhaps)

First Security Principle - If Security is easy to add, it is easy to remove.

So, basically, if you are adding your "security" after the game is complete in the production process, it can be stripped out. This is the inevitable problem that DRM, media security, and other such solutions face - they are not really part of the game. Now, Macrovision has some clever "soft failure" tools that get compiled into the game that bind the security into the game at a code level, but these solutions are still attackable - and, Macrovision is also honest enough to only claim to keep the bad guys out for a month.

The only place where people seem to kind of sort of think about security up front is the decision to go to consoles. Now, I don't really know if anyone honestly makes that decision, but if they do, it isn't a very good one. The reputation of consoles for fighting piracy is not that good. Every available console on the market today has some notable hacks that enable piracy and, according to some data, the piracy rates for consoles are not much better than for PCs.

So, what's a game developer to do?

Think about security and piracy from day one. You know its a problem, consider it in your business plan and game design. Security is as much a part of a (commercial) game as graphics and good game play.

Second Security Principle: Security is strengthened by multiple interactions.

If I leave a bike outside with the best lock I can find and put a sign on it "I'm not coming back"... its not going to be there long. Security systems are interactive systems, just like games. They are also not perfect (also, like games), so they need a way to reconstitute themselves. That means multiple transactions.

In my security presentations and training on Game Security I talk about the key notion of a Rich Transaction System for game security. Basically, game companies need to create an environment of multiple interactions with their customers to keep honest players in, knock dishonest players out, and recover in case of failures.

The MMO Lament is that the only way to do this cost-effectively is with an MMO game with a monthly subscription. This is untrue (and, in fact, can be undone through compromise of the game server code as has occurred for a number of games).

Game companies need to systematically design Secure Rich Transaction Systems that draw players in and keep them part of the legitimate game community. The system does not have to be perfect, but it should be robust. Look at Battle.Net - here is a system that players see as a benefit that has a strong anti-piracy component under the hood.... there is no requirement that a security system needs to "feel" like a security system - it can be seen as a feature by customers.

Ironically, id Software, Epic, and Valve, as well as other game engine makers, are positioned to lead in this area as they are becoming gaming's infrastructure.

And, for publishers, game security infrastructure may be the key to their survival.

Consoles are no easier to secure than PCs, though the attack tools are sometimes a bit more expensive. Datal has released a cheat tool that basically wraps the Nintendo DS operating system to allow a game cheater to load cheat codes and edit data for games. Basically, this device is a Nintendo DS game card that has been programmed to act as a "shell" that wraps calls to the DS low level OS. It is inserted first and the DS boots into "cheat mode". Then, the cheating player puts the game in and sets the cheat codes they want from a menu.

New cheat codes can be uploaded to this card from a PC and a USB 2.0 connector.

This is actually a relatively benign use for this tool. In the hands of a malicious user, the card should be able to be used for piracy. If the card has enough memory to store a game, instead of the "DSos proxy", a malicious player could then install pirated copies of DS games. Apparently, a more powerful version of the tool is coming soon in the form of a Trainer Toolkit (see also previous entry on DS piracy).

Given that the Xbox 360 has a serious piracy hack, the PSP has some notable hacks, no one should bet that the console or other platform is really going to protect your game from piracy.

More to follow - I think August is Piracy Month here at PlayNoEvil.