StarForce going down?

I've tried to crack some SF protected cdrom from a company called Emme productions but i failed I guess many new protection products like SF and CDCOPS3 use the DPM (Data Position Measurement) method which is physically impossible to crack but one may attack the software driver/ lock checking code. Anyone has played with this? I'm also interested in how these DPM kind of locks work (Alcohol 120% can measure and make images of theses protected cdroms).

[dyn!o]

Doug: Well... I have to negotiate . First of all you are right about SafeDisc, but... this thread discuss StarForce malfunctions. Besides, as far as I know, SafeDisc is the most compatible CD protection on the market.

"All CD copy protections install device drivers now - none of them warn the user about it."

I would rather say: almost all CD protections use device drivers nowadays (for instance: look at hxxp://www.softlock.net - they don't use device drivers, also there are two other which don't use) - none of them warn the user about it - that's right.

Seyedorf: DPM? I am not in any way CD protection specialist but I thought it was emulated already... like twin sectors did. Please attach some more informations if you can.


Regards.

Yes, it is emulated , like Alocohol 120% can make images of such cds and mount them on a virtual cdrom and emulate the DPM so the lock checking is fooled as it is the original cd, but this is only an image file, you can not duplicate the locked cd this way. Any attempt to copy these kind of protected cds will cause the physically change in DPM so the copies won't simply pass the lock check. I have not seen also anyone cracked the lock checking routines, this can give us a generic patch for the lock.

still waiting...

[dyn!o]

Ahh... that's right but who cares about physical CD? It's not about physical copy but rather cracking the protection in general - no matter what way. The game protected by a CD check only always carry the highest risk - much higher than other software protections because it can be attacked from both sides: CD cloning and/or executable cracking.

The last solution, not implemented yet, is to calculate CD access and sectors read speed timings. At the moment it will fool all virtual drives but if someone will implement such a protection then very quickly Aclohol/CloneCD/DaemonTools will contain anti-timing features... and so on... and so on...

The question is if someone will invent a stable CD protection technology which force cracker to break each title manually (like Armadillo and ACProtect do). Then, in some countries, games piracy rate would be lowered - noticeably lowered.

Regards.

[taos]

Perhaps the solution could be that Armadillo uses a CD API protection like Krypton 0.5 but with a strong EXE packed with nanomites...

[peleon]

Hi Fellas,

Very good those links dynio Didnt know that starforce was going down but the opposite. I agree that drivers are a bad to make protection...though it's true they are harder to crack. So, it's a bit of compromise.

I tried SF3 long time ago but not success. Does anyone know if there are tutorials or papers explaining about this protection and how to break it? I know that russian guys have tried a lot with SF3 but dont know if they broke it.

Regards.

[taos]

I don't understand why device drivers are very hard to break...

I think that it's very hard to unpack "some" device drivers.Only that.

For example:

Any device driver (NT) is a SYS file. If you have the SYS file unpacked, then you can reverse (using IDA or other) when you reboot your SO in safe mode.
You can modify all the protection in the sys file (debugger detection, CRC,etc...). When you disable debugger detection, you can use your ring 0 debug. I know it's a hard job but I think it's not very very hard.

Regards