During the time of the Soviet Union, it was an urban legend that during supply shortages, Soviet factories would have no real work, but workers needed to keep up the appearance of working, so they would have one line of workers continuously assembling devices, feeding into another line that would continuously disassemble them, all in a loop where nothing gets produced.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
I have a slightly different story, told by a Romanian coworker who was old enough to have worked in a factory under Ceaucescu: the workers stole from the factory, all the time, at every level. Managers would be able to take away complete items for "testing"; ordinary line workers would be limited to what parts they could plausibly conceal in their overalls at the end of the shift, then assemble them in their own time.
As someone who used to be a Pirate Party supporter, piracy has to exist in an equilibrium to avoid killing the host, and I don't know if that's possible on today's internet. Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes. The optimal one is probably somewhere in the "a small number of people who Know A Guy pirate the game, gradually increasing over time" range. But that may not be sustainable either.
> the workers stole from the factory, all the time, at every level.
I think the context is important. These were people in poverty, in an extremely mismanaged society. You could get very little from actual shops. Most things would have to be bartered for. Stealing from the state accounted for a very important part of peoples' sustenance. My grandfather would try to explain it like this: even if you had money, there wasn't anything to buy. In that sense, even the factory managers were poor. Sarah C. M. Paine says that, in terms of buying power, the First Secretary of USSR's wife was poorer than an average American middle-class wife.
> Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes.
Fortunately the second one isn't a real thing. There are many games that have already been cracked, or that never had any DRM to begin with, and there are still large numbers of people who pay for them. Because they want the publisher to continue making games more than they want to avoid paying <1% of their annual income for something.
Which is in turn why the DRM not only doesn't work but is actively harmful to the publisher. Getting people to want to pay is a lot easier when you're not actively pissing them off. Meanwhile the DRM gets cracked anyway and then you're worse off than when you started, because not only can they still pirate it, now more of them want to.
Тащи с завода каждый гвоздь - ты здесь хозяин а не гость.
Which is literally translates as:
Take every nail from the factory post,
You aren't a visitor, you are the host!
And yeah almost everyone was stealing even if it would be
things they absolutely not needed. Then you can change it for something you need or use it weird way in your home repairs.
This is how some people end up with parts of ICBM or space ships as part of their country datcha landscape design.
After all propaganda loved to tell that everything is owned by people's.
most games make a very good chunk of their lifetime revenue during their first weeks. If you can avoid piracy during that period (through wishlisting, preorders and such) piracy is not going to eat into your revenue significantly.
On the other hand, having strongly anticonsumer DRM will certainly affect sales. If you have a loss of performance or make it too much a hassle (mandatory connections, updates, etc) that will eat into your revenue, and twice as you are paying money to third parties to have consumers be shun away.
That assembly line workers are constantly being kept fresh on their skills and processes. If you can't get some component for 3 months, new units can almost immediately be pushed out of the factory when the component does arrive. If you bring on new workers, you train them on the disassembly process first and then move them onto the assembly line once they understand the construction.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
> The US does something similar with the national defense manufacturers.
You also see this with the European space industry especially in the rocket building. A lot of money is poured into the industry even if there are no massive returns or advancements just in order to keep the people and skills. If you let these slip, rebooting the sector would be a decades long affair so doing busy work sometimes is the better option.
Heck, even most large tech companies do this type of busy work assignment. They hire en-masse but many of those people are never really put to work. Their greatest value is that they stay out of the competition's hands, if there is a massive project coming up the people are already there, and they can be dumped in case of emergency to prop up the stick price.
The “keep up the appearance of working” story feels like a misleading comparison to me, because the motivations are pretty much reversed. In the hypothetical factory, there's an external social element requiring the appearance of working, some observer to whom it looks good that this is happening: the way I read it, the assemblers and disassemblers may well be cooperating with each other to produce that appearance, so that the absurdity is visible from within (though they could also just be unaware of each other's assigned tasks). In the case of anti-copying technologies, game publishers trying to guard their revenue stream, and other groups trying to distribute or play unauthorized copies, are adversaries whose tactics create relative losses for each other that can bleed into the surrounding society: seems bad that it impacts other users / risks jobs and livelihood / is various forms of unfair (depending on one's moral feelings around which actions are ‘justified’), but their individual actions are incentive-aligned from within the conflict.
DRM authors and implementors know it doesnt work. The decision is made by people in suits based on traditional business culture that doesnt fit the digital world. The same people making denuvo are also the ones breaking it.
> they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
If you notice, if you said is correct, this means it would be incredibly easy to yank your ownership of GTA 5 simply by retiring denuvo related account.
All that would be publicised would be " GTA 5 denuvo key license is now over" and people would not know
I've heard that story (or a similar one) about Boeing on a cost-plus contract in the War; one group of employees would dump screws together, and the night shift would sort them apart.
I've had to take a moral stance and move to just playing games on Gog that I can buy and own the files for. No I can't play the latest and greatest but it's not the end of the world as I've so many classics to still play and enjoy. I can't support lockdown and DRM anymore. If I buy I want to own, otherwise I've not bought. It is true, if buying isn't owning, then piracy isn't stealing.
Right where I've landed as well. I just won't buy titles with Denuvo DRM, ever, no matter how much I want the game.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
Surprisingly, there were DRM games praised for good UX, only these were hardware releases.
When Switch 1 launched, it got re-releases (eg: Diablo 3) that were: 1. complete editions with DLCs, 2. came on a cartridge that one could swap between devices or sell, 3. supported offline play.
Online game stores were supposed to offer better UX than hardware releases. I find it interesting, and perhaps a sign of how bad the online experience can get, that the opposite can happen too.
I'm willing to buy on Steam, however not with intrusive DRM. Nor with 3rd party store requirements (like EA games on Steam).
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
Likewise, I will not even consider paying for games (or music) that don't have an unencumbered download option. If the game is open source I will usually buy it without even thinking very hard about whether I'll play it.
While Valve isn't the worst company when you buy on GoG you support a company dedicated to keeping things DRM free and preserving older games. Plus fight the Steam monopoly.
Denuvo is there to prevent piracy within the first 90 days of release. Something like 60 to 80% of a game’s revenue is during that period. They don’t care that it’s eventually cracked, and they absolutely do not care about performance.
It can, but that seems to be more related to poor implementations by the game devs, and not inherent to it. There are plenty of examples of games with Denuvo that still run fine (give or take your opinion on whether the presence of DRM is inherently "impacted performance").
CPU cache space for code is much smaller than GPU memory for models (and the former is more important for performance since many CPU operations like pipeline parallelism are latency bound, not compute bound).
Denuvo is owned by Irdeto, a digital rights management company in a broad sense. They not only do software and hardware DRM, but also work as a watchdog for movie and music companies to claim DMCA violations for BitTorrent, among all other stuff.
Ah, yes, a problem so huge it killed the industry… wait.
This is the same thing with music / cinema piracy : it’s a mix of "pirates will always pirate" (whatever the reason, be it financial issues or not), and anti-piracy solutions always hitting legitimate customers first.
People want convenience first and foremost. Piracy being a « massive issue is a lie defended by lobbies.
Case in point, I have a legit copy of a EA game I cannot play legitimately anymore, because SafeDisc relies on a vulnerable Windows driver (basically a free rootkit) that was blacklisted by MS.
See also the other comment mentioning SecuROM that basically killed SPORE on launch.
SecuROM back in the day caused plenty of legitimately purchased copies to not work. You'd have a physical disc with the game on it from the store, and SecuROM decided it won't work on your computer for unknown, undebugable reasons. .
Piracy may be a problem, but that's a problem to customer who were willing to give a company money. We stopped buying anything with SecuROM on it after 1-2 of those situations.
It's fairly well demonstrated that piracy is a service problem. For example, many people will pay hundreds of dollars for a game on Steam rather than play it for free on Epic (Rocket League). So clearly the free price point is not the problem
I don't think piracy has much to do with it. AAA (of even AA) single player games sell really well. Just not well enough to be the equivalent of a money-printing machine like Fortnite. Spiderman 2 sold something like 17 million copies between PC and PS5. Still nothing compared to the $30+ billion in revenue that Fortnite has generated so far. So everyone is chasing that Fortnite $$$.
Do the cracks still need you to disable Hyper-V (which leads to disabling WSL and whatever else)?
In addition, I’m not sure why they’re enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
It's impossible to know which Steam games are DRM-free since Steam games without DRM are not marked in the store. They have to all be assumed to have DRM.
Wonder what will be the consequences of this. I dislike Denuvo for the performance and stability penalties it gives games, but I do wonder if the "security" it gave publishers wasn't a big part of the reason why we've been getting more and more big name games on PC.
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
Denuvo’s market is ‘first 90 days’ revenue protection, not lifelong revenue protection. Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes. If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account, they’d have a way to stop using it altogether.
>Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account
This is not true at all as evidenced by the fact that most games do not get Denuvo removed once they are cracked. And the companies that DO remove denuvo only do so after several years because of licensing costs as denuvo transitioned to a SaaS model.
I feel like the "first 90 days" is just because games no longer include a demo, so they force players to commit to a purchase before a wide consensus forms. A lot of people pirate simply to try the game out. Most people who can afford the game would then purchase the game if it were good.
Untrue, where are all the after-90-days-hacked AAA games? Nowhere, denuvo lives on as long as publisher is willing to pay continuous licence, which is usually years.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
I honestly doubt it will make much of a difference.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
Run anti-cheat server-side. Give us private servers again. There's no reason we should have to put up with client-side rootkits written by non-kernel-devs to play a game.
This. There are a lot of online games I loved playing but the cheating got so bad it made it impossible to play. MW1, MW2, Battlefield, CS, etc... you could see the wallhacks and aimbots taking over every lobby. I eventually stopped playing. I tried using Consoles for online gaming after that but never really got into using joysticks.... still prefer mouse and keyboard. Now I play limited games where the cheating isn't quite that rampant.
The main difference that Denuvo does nothing to improve the experience of the end user.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
There is a user argument for anti cheat as a user = less cheater.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
Kernel level anti-cheat also doesn't introduce a giant performance penalty like Denuvo-style DRM. People just want to play their games without it still stuttering on top of the line hardware.
Pretty strong to say there's no argument. I don't agree with it, but I imagine people would say reducing piracy leads to more money for the studio, which means more resources that can be put toward the game. Lots of people believe that, and we don't have a lot of data on opportunity costs for games including Denuvo.
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
Interesting to finally see some action from the mouse again. Was kinda sad to see that Denuvo embodies all the worst of DRM but was so thoroughly metastasized that it was nearly inoperable and they had effectively "won".
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
Yeah, the headline is sensational and the body of the article doesn't do enough to distinguish between the bypass and a real crack. They only resemble one another only in the most shortsighted of ways.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
Info from veeery long ago because I have been out of this stuff for over a decade:
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.
Wow. Great. Congratulations. Achievement earned. You've persisted so long.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from π-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
Fyi, most of them have not been cracked, but bypassed using a hypervisor that operates in ring-1, so it is certainly a security risk..
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game."
At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
Running Windows is a massive risk cus its made by Microsoft and it has ring 0 access to your system. I personally trust a cracker in good standing far more that I would any corp.
Untrue, cracking software necessitates _removing_ the protection from the executable completely. Whereas with a bypass, Denuvo is still running on your computer, albeit ineffectually.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
Ehhh, afaik thats not the case in the community. These hypervisor bypasses are considered a different category. Like look at any scene page, they will 100% say Hypervisor or HV for these.
well, right now Denuvo "remote attests" in a Play Integrity "MEETS_BASIC_INTEGRITY" sense that it has no hardware backing and relies on checking your runtime enviroment for signs of tampering manually and obfuscating said checks.
The endgame is certainly flexing the machinery that is being built up over the last 20 years and spawning a SEV-SNP container on your machine that cannot be debugged, inspected and modified in any way. I don't think this is possible as of writing though.
Once again I'm at odds with TH reporting. Of course you can spoof a server. That happens all the time, especially with videogames. You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
> You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
It’s trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Don’t think the Denuvo devs would be stupid enough to provide a “return true” request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but that’s much harder.
Cryptography goes BRRRRR, with a proper implementation of cryptography you'd need to do things like patch out the keys in memory in order to "spoof" messages.
During the time of the Soviet Union, it was an urban legend that during supply shortages, Soviet factories would have no real work, but workers needed to keep up the appearance of working, so they would have one line of workers continuously assembling devices, feeding into another line that would continuously disassemble them, all in a loop where nothing gets produced.
In many ways, it feels like we are seeing this today in the digital world. As a specific example, GTA 5 (singleplayer) is a game that has been pirated for about 10 years now, and has received zero content updates in that time, yet somewhat recently (maybe a few years ago?) they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days. Nothing worthwhile was produced by this endeavor, that's for sure.
I have a slightly different story, told by a Romanian coworker who was old enough to have worked in a factory under Ceaucescu: the workers stole from the factory, all the time, at every level. Managers would be able to take away complete items for "testing"; ordinary line workers would be limited to what parts they could plausibly conceal in their overalls at the end of the shift, then assemble them in their own time.
As someone who used to be a Pirate Party supporter, piracy has to exist in an equilibrium to avoid killing the host, and I don't know if that's possible on today's internet. Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes. The optimal one is probably somewhere in the "a small number of people who Know A Guy pirate the game, gradually increasing over time" range. But that may not be sustainable either.
> the workers stole from the factory, all the time, at every level.
I think the context is important. These were people in poverty, in an extremely mismanaged society. You could get very little from actual shops. Most things would have to be bartered for. Stealing from the state accounted for a very important part of peoples' sustenance. My grandfather would try to explain it like this: even if you had money, there wasn't anything to buy. In that sense, even the factory managers were poor. Sarah C. M. Paine says that, in terms of buying power, the First Secretary of USSR's wife was poorer than an average American middle-class wife.
1 reply →
> Both "absurdly onerous DRM making the game unplayable, especially once abandoned" and "Rockstar spends $265m making the game, one person buys a copy, and everyone else pirates it" are bad outcomes.
Fortunately the second one isn't a real thing. There are many games that have already been cracked, or that never had any DRM to begin with, and there are still large numbers of people who pay for them. Because they want the publisher to continue making games more than they want to avoid paying <1% of their annual income for something.
Which is in turn why the DRM not only doesn't work but is actively harmful to the publisher. Getting people to want to pay is a lot easier when you're not actively pissing them off. Meanwhile the DRM gets cracked anyway and then you're worse off than when you started, because not only can they still pirate it, now more of them want to.
In Soviet times in Russia there been rhyme:
Which is literally translates as:
And yeah almost everyone was stealing even if it would be things they absolutely not needed. Then you can change it for something you need or use it weird way in your home repairs.
This is how some people end up with parts of ICBM or space ships as part of their country datcha landscape design.
After all propaganda loved to tell that everything is owned by people's.
most games make a very good chunk of their lifetime revenue during their first weeks. If you can avoid piracy during that period (through wishlisting, preorders and such) piracy is not going to eat into your revenue significantly.
On the other hand, having strongly anticonsumer DRM will certainly affect sales. If you have a loss of performance or make it too much a hassle (mandatory connections, updates, etc) that will eat into your revenue, and twice as you are paying money to third parties to have consumers be shun away.
That assembly line workers are constantly being kept fresh on their skills and processes. If you can't get some component for 3 months, new units can almost immediately be pushed out of the factory when the component does arrive. If you bring on new workers, you train them on the disassembly process first and then move them onto the assembly line once they understand the construction.
The only downsides are paying the factory workers to spin their wheels and the 2x wear and tear on tools and replacement costs of any components damaged by the constant handling.
The US does something similar with the national defense manufacturers. We don't necessarily need more of a vehicle but if that factory sits dormant for 2 years until we do need replacements, it's going to take a long time to train workers. And you run a risk of losing any tribal knowledge those workers carried. You can lower production rates so you aren't buying too many things at once but keeping a small crew busy will allow you to quickly ramp production if necessary.
> The US does something similar with the national defense manufacturers.
You also see this with the European space industry especially in the rocket building. A lot of money is poured into the industry even if there are no massive returns or advancements just in order to keep the people and skills. If you let these slip, rebooting the sector would be a decades long affair so doing busy work sometimes is the better option.
Heck, even most large tech companies do this type of busy work assignment. They hire en-masse but many of those people are never really put to work. Their greatest value is that they stay out of the competition's hands, if there is a massive project coming up the people are already there, and they can be dumped in case of emergency to prop up the stick price.
The “keep up the appearance of working” story feels like a misleading comparison to me, because the motivations are pretty much reversed. In the hypothetical factory, there's an external social element requiring the appearance of working, some observer to whom it looks good that this is happening: the way I read it, the assemblers and disassemblers may well be cooperating with each other to produce that appearance, so that the absurdity is visible from within (though they could also just be unaware of each other's assigned tasks). In the case of anti-copying technologies, game publishers trying to guard their revenue stream, and other groups trying to distribute or play unauthorized copies, are adversaries whose tactics create relative losses for each other that can bleed into the surrounding society: seems bad that it impacts other users / risks jobs and livelihood / is various forms of unfair (depending on one's moral feelings around which actions are ‘justified’), but their individual actions are incentive-aligned from within the conflict.
DRM authors and implementors know it doesnt work. The decision is made by people in suits based on traditional business culture that doesnt fit the digital world. The same people making denuvo are also the ones breaking it.
1 reply →
> they updated the game on Steam to have new DRM that constantly conflicts with the Steam Deck sleep mode and kicks you out of the game at random after waking up, or just won't even let you launch if you're without internet and haven't launched it within a few days
Meanwhile the "pirates" enjoy a superior experience. They don't have to put up with this nonsense. They can use the devices they want. They can install the games on as many machines as they want. They can play the games offline. Their games are faster because there's no obfuscated nonsense code running. They don't have to suffer idiotic invasive kernel mode DRM nonsense on their computers, software whose only difference from literal malware is legal boilerplate in a document that nobody reads but that everybody theoretically accepted when they fast forwarded through the installation screens furiously clicking next so they could play the game they paid for.
Makes me feel like a total moron for buying games every single time.
If you notice, if you said is correct, this means it would be incredibly easy to yank your ownership of GTA 5 simply by retiring denuvo related account.
All that would be publicised would be " GTA 5 denuvo key license is now over" and people would not know
I've heard that story (or a similar one) about Boeing on a cost-plus contract in the War; one group of employees would dump screws together, and the night shift would sort them apart.
the management must've forgot they literally gave gta 5 away on epic store like 5 years ago, lol.
GTA V got a major update last year that included eg DLSS support. It would perhaps make sense if the DRM changed at that point?
I've had to take a moral stance and move to just playing games on Gog that I can buy and own the files for. No I can't play the latest and greatest but it's not the end of the world as I've so many classics to still play and enjoy. I can't support lockdown and DRM anymore. If I buy I want to own, otherwise I've not bought. It is true, if buying isn't owning, then piracy isn't stealing.
Right where I've landed as well. I just won't buy titles with Denuvo DRM, ever, no matter how much I want the game.
Was pleasantly surprised to find Doom Eternal is now on GOG a couple of days ago. If you're willing to wait, some AAA titles show up that previously had draconian DRM.
Surprisingly, there were DRM games praised for good UX, only these were hardware releases.
When Switch 1 launched, it got re-releases (eg: Diablo 3) that were: 1. complete editions with DLCs, 2. came on a cartridge that one could swap between devices or sell, 3. supported offline play.
Online game stores were supposed to offer better UX than hardware releases. I find it interesting, and perhaps a sign of how bad the online experience can get, that the opposite can happen too.
I'm willing to buy on Steam, however not with intrusive DRM. Nor with 3rd party store requirements (like EA games on Steam).
E.G. I'd like to own a copy of the modern Persona games. I'm in no particular rush. If the studios want my money when they're on sale for like 50% off launch price, gain some profit per sale and additional sales by axing the useless DRM.
Likewise, I will not even consider paying for games (or music) that don't have an unencumbered download option. If the game is open source I will usually buy it without even thinking very hard about whether I'll play it.
Generally any game you can buy on GoG is also DRM free on Steam. I mention since many people have the incorrect notion that all Steam games have DRM
There's still a difference — GOG provides you with downloadable installers you can archive, Steam doesn't.
12 replies →
While Valve isn't the worst company when you buy on GoG you support a company dedicated to keeping things DRM free and preserving older games. Plus fight the Steam monopoly.
6 replies →
I would hope publishers would take note and remove it, having hundreds of megabytes of junk in the executable is just wasteful to put it mildly
Denuvo is there to prevent piracy within the first 90 days of release. Something like 60 to 80% of a game’s revenue is during that period. They don’t care that it’s eventually cracked, and they absolutely do not care about performance.
> Denuvo is there to prevent piracy within the first 90 days of release [...] They don’t care that it’s eventually cracked
Ah, so Denuvo is always removed after ~90 days after release, as there is no point for them to keep it there?
7 replies →
A number of publishers have retroactively added Denuvo to their older games, inexplicably.
1 reply →
With the hypervisor method they get 0 to 1 day protection
Then DRM should automatically remove itself after that period. Copyright durations should also be adjusted to that same time frame.
The bigger problem with Denuvo is that it appears to significantly impact game performance as well
It can, but that seems to be more related to poor implementations by the game devs, and not inherent to it. There are plenty of examples of games with Denuvo that still run fine (give or take your opinion on whether the presence of DRM is inherently "impacted performance").
10 replies →
The evidence for this supposed performance hit is basically zero.
2 replies →
I would hope that users would just refuse to buy games that use Denuvo and similar malware. I do, but I know most users don't care.
Why would they care for a few hundred MBs when the games are in the 10s of GBs?
CPU cache space for code is much smaller than GPU memory for models (and the former is more important for performance since many CPU operations like pipeline parallelism are latency bound, not compute bound).
2 replies →
Remove DRM and let buyers suffer less? Crazy talk.
Don't forget that the guy behing Denuvo is the same person behind SafeDisc, SecuROM and similar bullshit siblings from the past PC gaming world.
Denuvo is owned by Irdeto, a digital rights management company in a broad sense. They not only do software and hardware DRM, but also work as a watchdog for movie and music companies to claim DMCA violations for BitTorrent, among all other stuff.
[flagged]
Surely, this has nothing to do with the fact that live service and subscription games generate more revenue, whether or not piracy is involved.
38 replies →
Ah, yes, a problem so huge it killed the industry… wait.
This is the same thing with music / cinema piracy : it’s a mix of "pirates will always pirate" (whatever the reason, be it financial issues or not), and anti-piracy solutions always hitting legitimate customers first.
People want convenience first and foremost. Piracy being a « massive issue is a lie defended by lobbies.
Case in point, I have a legit copy of a EA game I cannot play legitimately anymore, because SafeDisc relies on a vulnerable Windows driver (basically a free rootkit) that was blacklisted by MS. See also the other comment mentioning SecuROM that basically killed SPORE on launch.
SecuROM back in the day caused plenty of legitimately purchased copies to not work. You'd have a physical disc with the game on it from the store, and SecuROM decided it won't work on your computer for unknown, undebugable reasons. .
Piracy may be a problem, but that's a problem to customer who were willing to give a company money. We stopped buying anything with SecuROM on it after 1-2 of those situations.
It's fairly well demonstrated that piracy is a service problem. For example, many people will pay hundreds of dollars for a game on Steam rather than play it for free on Epic (Rocket League). So clearly the free price point is not the problem
1 reply →
Do we have a reasonable metric of pirate -> customer conversion rate of Denuvo?
I don't think piracy has much to do with it. AAA (of even AA) single player games sell really well. Just not well enough to be the equivalent of a money-printing machine like Fortnite. Spiderman 2 sold something like 17 million copies between PC and PS5. Still nothing compared to the $30+ billion in revenue that Fortnite has generated so far. So everyone is chasing that Fortnite $$$.
Do the cracks still need you to disable Hyper-V (which leads to disabling WSL and whatever else)?
In addition, I’m not sure why they’re enabling test signing instead of using kdmapper or the like. Sure, anticheats will get way more mad at you having a manual mapped driver, but one imagines rebooting once (after playing your cracked video game) beats rebooting twice (to enable test signing, then after playing the game).
The funny thing is I remember reading about using hypervisor crap to bypass Denuvo in ~2020 (actually the post is from 2019, https://www.unknowncheats.me/forum/2410412-post14.html)
“A friend of mine” told me that disabling hyper V and all that stuff is needed to play Crimson Desert cracked version.
Support GOG, support no DRM.
What games that are on GOG without DRM have DRM on, say, Steam? (Many Steam games have no DRM.)
It's impossible to know which Steam games are DRM-free since Steam games without DRM are not marked in the store. They have to all be assumed to have DRM.
4 replies →
These games all released with Denuvo on Steam and DRM-free on GOG. (Some of them have subsequently removed Denuvo on Steam.)
Mad Max Middle-earth: Shadow of War Deus Ex: Mankind Divided Yakuza: Like a Dragon
1 reply →
Arkham Knight, Yakuza: Like a Dragon still have Denuvo on Steam but no drm on GOG
Very few games on Steam are without drm.
3 replies →
Wonder what will be the consequences of this. I dislike Denuvo for the performance and stability penalties it gives games, but I do wonder if the "security" it gave publishers wasn't a big part of the reason why we've been getting more and more big name games on PC.
This isn't about being right or wrong but about what the publishers will do when they see their games are again getting cracked day one, and if it'll be a catalyst to again return to getting either less PC releases or at least delayed releases compared to consoles.
I will hope that does not happen.
Denuvo’s market is ‘first 90 days’ revenue protection, not lifelong revenue protection. Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes. If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account, they’d have a way to stop using it altogether.
>Lots of games using their crap remove it after a few months to shut down the flood of support issues the DRM causes.
No, the overwhelming majority of denuvo games released after ~2020 (when they changed there licensing model to SaaS) have it removed after 2-4 years not because of user complaints but because of licensing costs, contracts and compliance.
If anything with many games it is very clear that the developer/publisher do not care for the user, since even when the DRM gets broken and has lost its purposes, many still refuse to remove it and give paying customers the same better non DRM experience as pirates.
>If only Microsoft hadn’t fucked up so badly with Windows 11 requiring an account
I don't understand how that is related at all.
This is not true at all as evidenced by the fact that most games do not get Denuvo removed once they are cracked. And the companies that DO remove denuvo only do so after several years because of licensing costs as denuvo transitioned to a SaaS model.
I feel like the "first 90 days" is just because games no longer include a demo, so they force players to commit to a purchase before a wide consensus forms. A lot of people pirate simply to try the game out. Most people who can afford the game would then purchase the game if it were good.
1 reply →
If this was the case, I'd wait the 90 days before buying a game.
As this isn't the case, I have been waiting for several years to buy many games. Denuvo still hasn't been removed, so I continue to wait.
Untrue, where are all the after-90-days-hacked AAA games? Nowhere, denuvo lives on as long as publisher is willing to pay continuous licence, which is usually years.
And users complaining because denuvo messes up their Windows, sometimes games don't run and so on? Just cost of doing business, as long as enough people buy it who cares.
I honestly doubt it will make much of a difference.
A good percentage of people who would download the cracked games would not have bought those anyway. And with Steam being so convenient it's hard to decide to go for a cracked copy of dubious origin that might install god knows what into your machine.
We're not in the early 00s anymore.
> performance and stability penalties
There are none. Or rather they fall in the margin of error.
i think your underwstimating the anticheat value that still exists. many of the online games are trash when theres not strict cheat control.
Run anti-cheat server-side. Give us private servers again. There's no reason we should have to put up with client-side rootkits written by non-kernel-devs to play a game.
8 replies →
This. There are a lot of online games I loved playing but the cheating got so bad it made it impossible to play. MW1, MW2, Battlefield, CS, etc... you could see the wallhacks and aimbots taking over every lobby. I eventually stopped playing. I tried using Consoles for online gaming after that but never really got into using joysticks.... still prefer mouse and keyboard. Now I play limited games where the cheating isn't quite that rampant.
3 replies →
"Protected" is the wrong word. "Restricted" is much more honest regarding what Denovo does.
Good riddance.
> "Restricted" is much more honest regarding what Denovo does.
I'd suggest "encumbered" or even "infected".
Does anyone have a link to how the crack works? I would love to see something more technical.
I only know of the one text file MKDEV added to their Persona bypass: https://pastebin.com/hps67mkh
Couldn't have happened to a nicer piece of software, etc.
I find it ironic people mad at Denuvo and yet play games like Battlefield which enforces kernel level spyware nonetheless haha
The main difference that Denuvo does nothing to improve the experience of the end user.
I don't like Anti-Cheat solutions with elevated privileges but they have (at least for some time) reduced the number of Cheaters in games like Valorant or BF, for most users this is at least a somewhat understandable tradeoff. Denuvo on the other hand is DRM and a pure tradeoff in favor of the publisher at the cost of the consumed.
I would say it was wildly successful in Valorant.
There is a user argument for anti cheat as a user = less cheater.
There is no user argument for DRM, if anything there are many against it = higher game price/less money for the actual game and devs, indirect funding of DRM software, worse performance, higher system requirements, worse preservation, worse privacy, longer loading times, online requirements, worse usability, machine activation restriction, bugs...
Kernel level anti-cheat also doesn't introduce a giant performance penalty like Denuvo-style DRM. People just want to play their games without it still stuttering on top of the line hardware.
1 reply →
Pretty strong to say there's no argument. I don't agree with it, but I imagine people would say reducing piracy leads to more money for the studio, which means more resources that can be put toward the game. Lots of people believe that, and we don't have a lot of data on opportunity costs for games including Denuvo.
I personally just hate it and think Piracy is overblown. The only other industry I've seen be this hostile to users is Music/Photoshop. Putting an iLok key into my computer feels bad.
2 replies →
How are you protecting yourself at the game itself spying on you?
Interesting to finally see some action from the mouse again. Was kinda sad to see that Denuvo embodies all the worst of DRM but was so thoroughly metastasized that it was nearly inoperable and they had effectively "won".
No, it hasn't:
> in late 2025, the MKDev collective and the prolific DenuvOwO came up with a hypervisor-based bypass (HVB) that installs a kernel-level driver to intercept and respond to Denuvo's checks. While that's not an actual crack, it's good enough for piracy work, as the saying goes.
Yeah, the headline is sensational and the body of the article doesn't do enough to distinguish between the bypass and a real crack. They only resemble one another only in the most shortsighted of ways.
One big difference is that the bypass method _requires_ Microsoft Windows in order to function. You cannot use the bypass on Linux.
I don't have a Windows install anywhere, so if I want to play the game I have to either purchase it, or wait for a crack that will remove Denuvo from the executable.
I get this probably doesn't matter to most people because they're on Windows anyway and will happily disable whatever security is required to access free games, but it's disappointing to have the technical distinctions and broader implications glossed over.
This. It's bypassed, not cracked. All the games released need HVB to work. They use legit Denuvo licenses from other systems.
Do any of the legit scene groups sign their binaries? How do you know a release isn’t tainted?
Info from veeery long ago because I have been out of this stuff for over a decade:
The release will have an .sfv file with a CRC32 checksum for each rar file.
The FTP server checks them after the upload completes. Back in the day glftpd with zipscript was a very popular tool to manage an FTP site. This Readme sums it up well: https://github.com/pzs-ng/pzs-ng
The sfv can be tampered with but the propagation of releases to FTPs happens very fast, within minutes. It would take you longer to meaningfully alter it than it takes the racers to distribute the original files. And once the release is completely uploaded you can't modify the files anymore.
If the release is bad, for example if it doesn't work at all or if it contains a virus, then it simply gets nuked. This propagates within minutes.
Relying on CRC32 for integrity under hostile circumstances feels deeply flawed.
A) there is no real scene any more
B) no one is getting “proper scene releases” from “proper sources” any more.
It's not a scene release. You know a release isn't tainted when you grab it from the source...
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.
good riddance. crazy to see game developers hemorrhaging money for malware
Wow. Great. Congratulations. Achievement earned. You've persisted so long.
Now stop creating new DRMs. You can see what is the outcome. The definition of insanity is doing the same thing over and over again and expecting a different result.
The only thing that made me switch to Netflix from π-rated movies was the accessibility, availability, languages support, speed and quality. The same with games. I buy games from gog mostly because they are missing DRM (and because I'm an old dinosaur so not interested in the bleeding edge new games).
Please focus on the added value. And the wealth will come. Don't pay for denuvo - it's waste of money
That's all you need to know about DRM - when "pirates" bypass it, paying users are taking the hit.
And I'm not speaking about cost of implementing a technology to actively make the product worse.
Fyi, most of them have not been cracked, but bypassed using a hypervisor that operates in ring-1, so it is certainly a security risk..
Personally I've been voting with my wallet and *never* supporting DRM, so there have been some games where I'm just "Well, I guess I'll never play that game." At least I have an ethical option to play certain games now, I'm just gonna use a seperate blank pc cus these bypasses are novel.
All software piracy is a security risk since they could embed malware in the game.
Running Windows is a massive risk cus its made by Microsoft and it has ring 0 access to your system. I personally trust a cracker in good standing far more that I would any corp.
Cracking refers to all methods of circumventing copy protection. Bypassing is just another way of cracking something.
Untrue, cracking software necessitates _removing_ the protection from the executable completely. Whereas with a bypass, Denuvo is still running on your computer, albeit ineffectually.
This has implications - the bypasses cannot run on Linux for example where a cracked executable could. They are not the same thing.
Ehhh, afaik thats not the case in the community. These hypervisor bypasses are considered a different category. Like look at any scene page, they will 100% say Hypervisor or HV for these.
4 replies →
I'm very interested to see how it was cracked, and how the anticheat works.
Great news! I can finally feel comfortable buying games that have Denuvo day 1!
Tough to decide who I trust less, denuvo or a ring-0 hypervisor I downloaded off BitTorrent.
Are Denuvo using games marked on Steam these days?
I've been getting mostly indies so I feel safe, but maybe I should check...
There's a yellow? box just above payment options that informs you of DRM.
Oh right, it's still there. Nothing on my wish list has it :) I had to go to the store page for NBAsomething to see it.
Yes they are. On the store page.
steamdb.info should have the info too I think?
This will be used as reason to introduce remote attestation to games.
That already is how it works. Denuvo can not authenticate your game without internet access.
well, right now Denuvo "remote attests" in a Play Integrity "MEETS_BASIC_INTEGRITY" sense that it has no hardware backing and relies on checking your runtime enviroment for signs of tampering manually and obfuscating said checks.
The endgame is certainly flexing the machinery that is being built up over the last 20 years and spawning a SEV-SNP container on your machine that cannot be debugged, inspected and modified in any way. I don't think this is possible as of writing though.
Once again I'm at odds with TH reporting. Of course you can spoof a server. That happens all the time, especially with videogames. You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
> You may not immediately be able to figure out what the call/response is, but without knowing what the check is, it could just be a simple endpoint that returns "true" on every request. Very speculative to say that whatever they do will be impossible to mimic.
It’s trivially easy to use a signed response that is encoding some part of the metadata of your system in the signature to make it impossible to emulate the server. Don’t think the Denuvo devs would be stupid enough to provide a “return true” request for a server call.
Can the underlying function that checks if the server call is correct be bypassed? Sure, but that’s much harder.
Cryptography goes BRRRRR, with a proper implementation of cryptography you'd need to do things like patch out the keys in memory in order to "spoof" messages.
[dead]
A great use of LLM