Malicious software that harms your computer’s performance and security, and prevents you from inspecting and modifying the application, is evil.
I develop software myself. It does not contain anything even remotely resembling Denuvo. I don’t appreciate it when people pirate my software, and I’ve caught them doing it, but that doesn’t mean I’m going to add malicious features that effectively punish my customers for not pirating my software. That would be idiotic.
Making non-user-hostile DRM is a hard problem, though. It has to at least make piracy inconvenient, but at the same time, it has to not stop people from reinstalling on a different computer or using the program offline.
The best solution I can think of is for the program to check in with a server when it runs, so you can’t run it on more than one computer at a time, but allow it to be used offline for up to, say, a week after the last time it was used online, so you can’t easily defeat the DRM by blocking it at the firewall.
Malicious software that harms your computer’s performance and security, and prevents you from inspecting and modifying the application, is evil.
This is fearmongering. What is always left out of these conversations is exactly how Denuvo is a security risk, which is a tech question of this particular software and not a philosophical one. And I’ll be frank with you, I think people vastly overstate how much of a problem Denuvo is as a piece of software.
I’m going to just go ahead and pretend that you politely asked me to explain the problem, instead of incorrectly insulting me.
Denuvo is a security risk because it runs code in kernel mode. Running anything in kernel mode is a security risk, and unlike device drivers, that risk is not justified for DRM.
Malicious software that harms your computer’s performance and security, and prevents you from inspecting and modifying the application, is evil.
I develop software myself. It does not contain anything even remotely resembling Denuvo. I don’t appreciate it when people pirate my software, and I’ve caught them doing it, but that doesn’t mean I’m going to add malicious features that effectively punish my customers for not pirating my software. That would be idiotic.
Making non-user-hostile DRM is a hard problem, though. It has to at least make piracy inconvenient, but at the same time, it has to not stop people from reinstalling on a different computer or using the program offline.
The best solution I can think of is for the program to check in with a server when it runs, so you can’t run it on more than one computer at a time, but allow it to be used offline for up to, say, a week after the last time it was used online, so you can’t easily defeat the DRM by blocking it at the firewall.
Anybody got any better ideas?
This is fearmongering. What is always left out of these conversations is exactly how Denuvo is a security risk, which is a tech question of this particular software and not a philosophical one. And I’ll be frank with you, I think people vastly overstate how much of a problem Denuvo is as a piece of software.
I’m going to just go ahead and pretend that you politely asked me to explain the problem, instead of incorrectly insulting me.
Denuvo is a security risk because it runs code in kernel mode. Running anything in kernel mode is a security risk, and unlike device drivers, that risk is not justified for DRM.
Denuvo uses a kernel-mode driver as part of its overall malware deployment. If you don’t know why that is a problem, I can’t help you.