Sunday, February 26, 2006

Game copy protection opens security holes

Boycott Starforce is a webpage encouraging users to boycott copy protection software that's used by a number of modern PC games. The problem with this copy protection software is that, like Sony's rootkit DRM software, it can wreak havoc with your computer and open up security holes:
The Starforce drivers are often linked to system instability and computer crashes. If these problems occur, the end-user would be unware as to the cause of the problem, and would be helpless to solve the problem.

For example, here's one of the common problems brought by Starforce: under Windows XP, if packets are lost during the reading or writing of a disk, XP interprets this as an error and steps the IDE speed down. Eventually it will revert to 16bit compatibility mode rendering a CD/DVD writer virtually unusable. In some circumstances certain drives cannot cope with this mode and it results in physical hardware failure (Most commonly in multiformat CD/DVD writer drives). A sure sign of this step down occurring is that the burn speeds will get slower and slower (no matter what speed you select to burn at). Starforce, on a regular basis, triggers this silent step down. ...

Moreover, the Starforce drivers, installed on your system, grant ring 0 (system level) privileges to any code under the ring 3 (user level) privileges. Thus, any virus or trojan can get OS privileges and totally control your system. Since Windows 2000, the Windows line security and stability got enhanced by separating those privileges, but with the Starforce drivers, the old system holes and instabilities are back and any program (or virus) can reach the core of your system by using the Starforce drivers as a backdoor.
There's a list of games that use Starforce here; thankfully Civ IV isn't on the list, but I'm saddened to learn that Freedom Force vs. The Third Reich (which I bought a few months ago) uses the copy protection system.

You can read more about Sony's rootkit DRM debacle at Sony DRM rootkit roundup IV (on BoingBoing; the article links to all previous roundups they've written)

(via BoingBoing)

No comments: