Page 1 of 4 123 ... LastLast
Showing results 1 to 10 of 33

Thread: Securom FAQ Updated, Big BS

  1. #1

    Beitrag Securom FAQ Updated, Big BS

    Hi there LocutusofBorg. Iґm Inspector Switchblade, better known as Sblade. Iґve helped thousand of gamers run Securom protected gamers for some years with my TECH FAQ

    I donґt mind DRMґs like TAGES, but Securom is built in a way that is invasive, risky and annoying to say the least....

    Iґm joining the lawsuit against EA for their use in Spore. Now short after the lawsuit, assh**es updated their FAQ:

    SecuROM


    2.2 Is SecuROM actually loaded onto my computer?
    SecuROM is a DRM system used by software publishers to protect their intellectual property. In the course of applying the solution, certain files are placed onto the computer for the system to work properly


    Cool, no prob with that.


    2.3 Does SecuROM install a driver or any other software at the kernel level ("Ring 0") of my PC?
    No, SecuROM does not install any components or perform any processes at the kernel or ring 0 level. All SecuROM components and processes occur at ring 3, the normal application level.



    Well hereґs my question LocutusofBorg. How they can find your DT application then?

    SecuROM

    Your software is legal, if I were you Iґll sue their butts ASAP, but that is entirely up to you....

    What I want to know is if thereґs any chance they can detect RING0 virtual drives by running at RING3? I highly doubt it....


    Looking forward to your answers
    Regards
    Sblade

  2. #2
    GERMAN TRANSLATOR

    Blazkowicz's Avatar
    Join Date
    09.11.2005
    Posts
    6,401

    Default

    They can detect several registry keys and also, of course, file names.
    Make something idiot proof, but then they just make a better idiot
    Peace Through Power

  3. #3

    Default

    I understand in my book that Securom doesnґt detect IDE drives emulation in DT PRO.... canґt they detect those keys you are talking about?

  4. #4
    GERMAN TRANSLATOR

    Blazkowicz's Avatar
    Join Date
    09.11.2005
    Posts
    6,401

    Default

    They do in latest SecuROM version.
    Make something idiot proof, but then they just make a better idiot
    Peace Through Power

  5. #5

    Default

    How they Distinguish between legit and emulated IDE drives? I mean thereґs no way to tell... since emulating hardware is required to be at RING0 they canґt tell the difference...

    and blacklisting would be a baaaad idea...

  6. #6
    Experienced User

    Join Date
    27.09.2005
    Posts
    822

    Default

    sure, theres ways to tell, however your limited (even then you dont admit it) knowledge and experience makes you guess (incorrectly)...

    to 'take on' an enemy, its usually a good idea to understand them first, not make guesses....

  7. #7

    Default

    OK, I found the post you donґt like evlcrn8...

    http://www.daemon-tools.cc/dtcc/f23/...html#post51276

    Foolish Chris. He is paranoid about DT, not paranoid about a Sony DRM similar to XCP...ignorant completely of the risks that implies running Securom games...

    So DT works now in Ring3? if DT virtual drives runs still in RING0, canґt you write a rutine that will always fool Securom RING3 access?

  8. #8
    Experienced User

    Join Date
    27.09.2005
    Posts
    822

    Default

    dt agent and other program run in ring r3 (userland), the daemon tools device is handled by the ring 0 drivers (the daemon tools one.. and the sptd one)... there's no 100% way to hide ring 0 from ring 3 because registry keys, interfaces for ioctl and so on have to exist for communication purposes... if a ring 3 program crashes, it doesn't (usually) take out the system with it... if ring 0 crashes its game over.. typically a bugcheck -> bsod...

    as for writing a routine that blocks securom ring 3 access, look again.. what do you think yasu does, curerom does/did , seculauncher and various other utilities out there do/did?...

    not sure what you mean about the post i don't like.. the one you posted makes no sense or not, if i didn't like daemon tools i wouldn't have the customer tag now would i?

    nor (if i thought it was a rootkit) would i have bought it... sure, it uses some rootkit-like things (api hooking in ring 0 for example) which may make people feel paranoid but that all depends on your trust of the developers..

  9. #9

    Default

    I trust DT. I donґt trust Securom using RING 0 countermeasures to flag/stop DT.

    Sony has a history of invading systems. DT not.

  10. #10

    Default

    Quote Originally Posted by evlncrn8 View Post
    dt agent and other program run in ring r3 (userland), the daemon tools device is handled by the ring 0 drivers (the daemon tools one.. and the sptd one)... there's no 100% way to hide ring 0 from ring 3 because registry keys, interfaces for ioctl and so on have to exist for communication purposes... if a ring 3 program crashes, it doesn't (usually) take out the system with it... if ring 0 crashes its game over.. typically a bugcheck -> bsod...

    as for writing a routine that blocks securom ring 3 access, look again.. what do you think yasu does, curerom does/did , seculauncher and various other utilities out there do/did?...

    We know that the utilities that you have mentioned don´t work with latest Securom version if they aren´t updated....

    Ring 3 detection routines still have to go into Ring 0 if the program is in stealth mode. It already hides itself in the registry in that mode otherwise it would have been easy for DRM's to circumvent the circumvention.

    Securom starts in RING3 and monitors the RING0... otherwise nothing will prevent DT stealth to false registry data and fool Securom.... when I say registry data.... what data CAN´T be falsified from RING0 to the naive RING3?

    Ring0 overrule Ring3, that´s a simple fact no one can deny...
    Last edited by Sblade : 09.11.2008 at 23:45 Reason: quoting

Page 1 of 4 123 ... LastLast

Bookmarks

Posting Rules

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •