It doesn't prove that DRM free is not a viable business.
I also grew up pirating, but I haven't been pirating games for more than 10 years now.
A few bucks costs much less to me these days than a headache with finding a cracked version and installing potential malware on my computer. Not even talking about supporting the artists and developers.
Gabe is right that piracy is a service problem. If you have proper easy installers, easy buying, easy refunds and you are from a middle class and higher - it doesn't make sense to download random executables from the internet. And if you have low-income, you won't buy stuff regardless of DRM and just wait someone to crack it.
This is a valuable lesson I learned when I worked with someone, not at Elastic, but who had previously worked at Elastic. Elastic was one of the original companies who made FOSS but with enterprise licensing work well. We were discussing in a meeting at this place we worked how to design license checking into the product.
What the guy said I found very insightful: he said that you don’t really need to spend a bunch of time and effort creating sophisticated license checks, you just need perhaps a single phone call to a server or something else that can be trivially defeated for anyone with a reasonable amount of technical knowledge. Why? Because the people who would defeat it are the kind of people who make horrible enterprise customers anyway. So in a way it’s just like a cheap lock. Won’t defeat anyone determined, because it’s not designed to. It’s designed to keep already honest people honest
I did something that was almost the same. Used to work for an educational software company that almost solely sold to schools, universities, and government institutions. Sometimes to corporate learning centers. Every sale was on a per-seat basis.
Every single customer we had wanted to be legal. Didn't want to exceed their seats or do anything which would violate their sales agreement. In the case of our government clients, such violations could lead them into legal penalties from their employer.
Despite having an unusually honest customer base, the company insisted on horridly strict and intrusive DRM. Even to the point of using dongles for a time. It frequently broke. Sometimes we had to send techs out to the schools to fix it.
I ended up just ripping all of that out and replacing it with a simple DLL on the Windows client. It talked to an tiny app server side. Used a barely encrypted tiny database which held the two numbers: seats in use & total seats available. If for some reason the DLL couldn't make contact with the server, it would just launch the software anyways. No one would be locked out due to the DRM failing or because the creaky school networks were on the blink again.
This system could have been cracked in five seconds by just about anyone. But it didn't matter since we knew everyone involved was trying to be honest.
Saved a massive amount of time and money. Support calls dropped enormously. Customers were much happier. It's probably my weakest technical accomplishment but it's still one of my proudest accomplishments.
Yeah this - people who grew up gaming in the 80s and 90s now have significant disposable income and are time poor. A game that offers tens or hundreds of hours of entertainment is seriously cost effective when a movie ticket costs half a videogame or a round of drinks.
Malware is potentially very expensive if you have any capital (tradfi or defi) that is anywhere near your gaming rig. Even a brokerage of 5 figures isn't worth touching something that could have malware.
Most the games young players play are all service oriented games anyway
Similar here. When I pirated I did not have the extra money to buy the games anyway, so I would not have bought them. I would also rent a bunch from a video game store, when this was actual a thing back then, which was much cheaper. And a couple that came with pc magazines. Not sure how that worked in the context of the video game industry, but anyway downloading a full game over these internet speeds was a pain.
Once I was more economically stable, I did not download pirated games anymore, and I even bought a bunch that I had played and really liked, even if I barely played them again.
I am not putting any moral stance on this, I was not entitled to play anything without money to pay, but my point is that for me a lack of option to pirate these games would not have implied me paying for them. Probably I would have done something else with my time.
I wish they had a way to transfer licenses. I have a huge steam library and my son is the biggest user. No big deal when he was 7 but now I just want to play my ancient games… and we kick each other out sometimes!
And yeah.. it’s trivial to bypass, but I’d rather have a choice not to.
If you want to play the same exact title, yes. But previous versions would kick you out from playing a shared game if the owner was playing any other title in their library, and they've recently removed that behaviout.
The first game I ever sold had no DRM, it was distributed by cassette tape. I did very well making games for CD-ROM, up until CD burners got cheap.
There's nothing stopping anyone from making a business selling DRM free games. I think you can get original DRM free games on itch.io. There are probably other places. GoG is great, but they don't typically sell new games.
If someone thinks they can make high production value games without DRM I hope they try and succeed. Anyone here who is certain it is possible is welcome to try.
> If someone thinks they can make high production value games without DRM I hope they try and succeed.
CD Projekt RED did exactly that with both Witcher 3 and Cyberpunk 2077, which were available on GOG day #1 (and the Steam version did not have any DRM whatsoever) and while the latter had a rough start because of technical issues, they both sold very well and were positively received (after some patches for CP2077 anyway).
GOG also releases many new high production value games on day #1 too, e.g. Expedition 33 (which won a crapton of awards in recent times) was released on it the same day as on Steam. Baldur's Gate 3 was also on GOG on release date as is Tainted Grail: The Fall of Avalon right now, which also seems to be a high production value game with relatively well reception.
The only games missing are those by companies whose business models rely on sucking out gamers' wallets dry with microtransactions (so they need the "protection" from their own customers that DRM provides) or companies that have people making decisions based on assumptions stuck in past decades.
> GoG is great, but they don't typically sell new games.
Many big studios/publishers avoid gog indeed, but others don't, and definitely a lot of new DRM-free games come out there all the time. Maybe it is because of the types of games I want to play, I usually I have no trouble finding them there, with some notable exceptions of course (souls games, outer wilds).
Both clair obscur and Baldur's Gate 3 (goty 2025 & 2023) were in gog since the beginning (bg3 already since its beta). They both definitely sold very well, despite(?) that. All Larian and Obsidian games get there as they come out, as are quite many CRPGs in general, not even counting CDPR's ones. A lot of great/popular indie titles appear in gog around the same time as they do on steam in the last years.
People pirate Steam Games anyway. Stating that people pirate too much to make it viable is purely opinion and not based on numbers. Sure, for AAA games you get 2 to 3 months without a cracked version, but this stops afterward. For non-AAA games, the steam version is usually crackable from day-1.
>The fact that many people pirate is not an opinion.
That's not the opinon part.
That pirating is the reason a game business isn't viable is.
Would you have bought every game you pirated?
How much money did you spend on gaming because you got hooked because you could play more games than you could afford otherwise?
If the Apple II had something similar to Steam do you think you would have pirated as much? Ignore the fact that the tech wasn't ready yet and imagine a world where buying Apple II software was as frictionless as buying a Steam game. Also imagine that the software went on deep discounts regularly that allowed you to build up a big backlog of games to play. Do you think you would have been motivated to seek out the seedy underbelly of the software world looking for illicit copies to add to your backlog? Certainly there are some people like that, but they might be a fairly small minority. And then suddenly DRM isn't really helpful because even if it might stop a minority of people who weren't going to buy your game in the first place it always costs you in frustration for paying customers.
It's because the poster assume that each pirated copy ought to have been paid for - which if they had been, then a previously failing game would've been viable.
But this doesn't make the statement true - because the assumption that each pirated copy would've been paid for had there been no piracy. This is the same incorrect logic that music/movie copyright holders use to count pirated works' financial "damages".
It's an opinion that "Most" people pirate games and it's also an opinion that pirating games translates directly to lost sales. As Gabe said and I agree with him piracy, if it's anything a service related problem. You don't need DRM to overcome that. You just need to make a good product and respect you audience. The people that pirate for the wrong reasons will do it anyway and you don't gain much from restricting copies.
>> The people that pirate for the wrong reasons will do it anyway and you don't gain much from restricting copies.
That is also an opinion. Also-- as an aside-- I am curious what you think the "right" reason is for piracy. DRM free games is not a new idea. They have always existed and people have tried different models with them like including advertising. Do you remember the Ford driving simulator? The skittles game. there have been other models and there is a huge universe of DRM free games for decades.
If you don't gain much from restricting copies, please explain to me why it is so common in the best games?
Are you confusing the absence or presence of copy protection with how a game is supposed to make money?
> why it is so common in the best games?
What best games? It's common in design by commitee predatory crap like EA/Ubisoft titles.
Thing is, a pirated copy isn't a lost sale. It's more like free marketing. It's possible that the above assholes would make more profit if they stopped spending on copy protection and advertising and just made and sold games.
In a world where it would be impossible to pirate software, I bet they would have at best 25% more sales. No one can afford to pay for every game, especially at launch price, so they'll just make do with fewer of them.
the CMA says that "this publisher also submitted that for one of its major franchise’s development costs reached $660 million and marketing costs peaked at almost $550 million."
Oh, Darkened Skye? Funny how it's just a fairly bland fantasy 3rd-person action-adventure game and then you get to spellcasting and it's skittles. Also, when I think of video game advertising, I think Cool Spot.
A 'right' reason for illicitly obtaining a video game would be if the game is unobtainable because of licensing shenanigans. Project Cars 2 has the best single player career mode of any existing circuit racing game and it being unavailable because the licenses to the cars (and maybe also the tracks?) expired is a shame.
Exactly. Games are just software, there's no real unit cost to factor in when setting minimum prices, just market strategy. Running sales with different levels of discounts is as close to optimal as possible $/customer without doing stuff like individualized pricing (which surely requires a vast amount of computing power and human effort to do at scale). Only the truly penniless or retro-game fans need to pirate nowadays.
The real unit cost is worker development cost. Like any other tech company, this cost gets muddied in the platform/framework development costs versus more product focused costs.
Zero intention to speak badly of the deceased… Just an anecdote - I started at IBM in the early 2000s right out of college. At the time his immediate legacy was the divestiture of a big chunk of IBMs real estate. As a new IBMer that meant hot-desking if I went to the office and a very liberal work from home policy 20 years before its time. I love work from home but experienced first hand how hard it can be on young people. In my first professional job I maybe saw my bosses (yes plural because of org changes and the IBM matrix) twice a year.
I did a couple of internships at IBM (1995 in Boca Raton and 2000 in Hawthorn). It was hard on young people even if you were in the office. You'd see your manager occasionally, but...it just felt like a place lacking in energy and was way too big corp to be very interesting. IBM is a big reason I delayed starting my career via grad school, a post doc in Switzerland, and then working for Microsoft in China of all places. I just didn't want the mundane techie experience, and was sort of so traumatized by IBM that I searched for different paths.
I am pretty self-sufficient and had colleagues who had been in the same role for 20+yrs that I could depend on. But they were also not local. Was weird but workable. Lots of sametime.
Why is this is downvoted? What is the difference between the anger being expressed here and the anger of the original email recipient? Do I need to revisit the community guidelines? I assume this is the first time this person has seen the Rob Pike post.
I am unconcerned about it being downvoted. If it makes people defensive enough to downvote it, it did its job, and maybe through attrition it, with other people’s disgusted rage, will contribute to educating the sociopathic Valley tech industry that things are going badly wrong.
One more seemingly futile fist punched at the wall that traps us in the world that unfettered tech industry greed has made for us. Might take millions of us to make an impression but we will.
FWIW I am British and “fuck all of these people” is something you might expect even the most balanced, refined British person to say, because we’re less afraid of language or the poetry of some of our older, more colourful words, and because there is no more elegantly robust way to put it.
I know I shouldn’t but I find it hilarious that whoever wrote this wrote the malware so explicitly. Something about functions like exfiltrateCredentials and clear comments for the backdoor makes me chuckle. They went through all the trouble to detect debuggers and sandboxes and did not even bother to obfuscate the code.
The author specifically calls it out in the post, no?
> They also left helpful comments in their code marking the malicious sections - professional development practices applied to supply chain attacks. Someone probably has a Jira board for this.
It also has me musing… do they have good test coverage for their 27 debugging traps? And it must be such a headache to even functionally test your malware. What a time to be alive!
I agree with this but I am not sure the personal risk of loss is very high with Apple. It is real but is it even on the same order of magnitude of losing your family photos in a house fire 30yrs ago? I used to keep a disk in a safe deposit box with my pics but got lazy. Is that good practice or paranoia?
Seems like good practice to me to keep digital backups in your safe deposit box. Probably a good idea to check/refresh them every couple years too. When it comes to things like house fires and getting screwed by cloud providers everybody thinks that it can never happen to them even when examples of it happening to others exist. The important thing to make sure that you're covered in the event that the rare but catastrophic event does occur. Especially when the cost of doing so is so low. For back ups it amounts to little more than a thumb drive and a visit to your bank every couple years.
If I wasn't in IT I think I'd love the military, not the stupid political stuff and killing people, but the organization, discipline, routine, focus on predictability, protocols, etc.
Yeah it's boring if it all works but boring is good. And we've been trying to apply this to software development for ages as well - think "continuous deployment" practices (or its new name, DORA metrics in the 2020's).
I wish software wasnt like the wild west where everyone can do as they please... Well defined proven standards would be so cool to have, but no, we have like 20 different ways to do auth and none of them are secure, regular switches from favoring SSR to client side rendering back to SSR again. Just to name some examples.
Hmm, I've been doing webdev for a living since 1998, intimately familiar w/ the complete history and modern practices, and I respectful disagree. Pretty sure it's a good thing we're not all forced to do things the same way. And the new SSR with CSR capabilities is not at all the same as the old SSR. You're right that auth is kind of a hot mess though.
> And the new SSR with CSR capabilities is not at all the same as the old SSR
Yea I know its just a display of the industries indecisiveness. Everytime we need something new and fresh some old favorite is revived until after 5 years its old again. I like being able to do things differently, I hate having to implement "security" features knowing all too well that they aren't secure at all. Minimizing attack surface should not be the default. And its not like this is a new problem. For some reason web devs love to work around a problem instead of fixing it.
reminds me of top age of empires II players making tons of clics per minute
the game appears so smooth when watching it as a spectator (without seeing the player's mouse and clicks but only the units moving)
That is a fast track from cars to societal collapse. But agree cars are terrifying. I live in what should be a walking friendly part of Boston that is very pedestrian unfriendly because drivers are overly aggressive, on their phones, or commuting through to avoid traffic and do not care. It is the only reason our 10 year old is not yet wandering around on his own. I have spent years writing local politicians about improved intersections and traffic enforcement and have given up. No one seems to care. The car is king in the US. Even in a corner of the country where there is a lot of room to design around them not for them.
Agree massive headache. Our kids go to the boys and girls club after school where they were playing roblox during computer time. Some parents apparently complained and it’s now banned. Not sure of that is local or nation-wide. They were kind of annoyed but they seem to understand why. I am definitely worried about giving them the tools they need to navigate the online jungle when they are older.
School (or parents) running local servers for kids in school to play to avoid the whole bunch of dangers of open online would be interesting turn back to gaming roots
https://www.weather.gov/images/nerfc/ops/nohrsc_full_sd.png
I usually use this one but the previous includes Quebec.
https://www.weather.gov/images/nerfc/ops/NOHRSC_SD_highcontr...
reply