Starforce: why is there no permanent crack?

[Nostromo]

Just curious...why is it so difficult for hackers to rip it out when they
are making the no-cd exes? Is it that pervasive & intrusive across the
entire software, or is there another reason...?

--
A killfile is a friend for life.

Replace 'spamfree' with the other word for 'maze' to reply via email.

[TheSmokingGnu]

Nostromo wrote:
> Just curious...why is it so difficult for hackers to rip it out when they
> are making the no-cd exes? Is it that pervasive & intrusive across the
> entire software, or is there another reason...?
>

No, actually. If one's hands can be got on it, the program executable
has to call a function which checks for the presence of the Starforce
drivers, and does one of two things; either does not find it, installs
it and reboots the computer, or does find it, calls the driver routines
and checks the disc. If this function is not called, Starforce is never
installed, nor is it ever contacted for verification of the source.

Thus, the best way to make Starforce cracks is to remove the call to
this function, in the form of a remote jump in the program code
(basically, telling the program that the next part of the program is
REALLY over at memory address "Y", rather than address "X"). This seems
simple enough on the surface, but to get into the actual program coding
requires arduous hours of reverse engineering and thread-spying. Which
is to say of course, that most people simply do not want to go through
the hassle of deconstructing a large executable, looking for a single
small function, disabling it, recompiling, testing, re-working, and
finally using the modified executable.

Not that I have any idea how to do this, or even what we're talking
about. ;) Bicycles, maybe.

TheSmokingGnu

[Ceowulf]

"TheSmokingGnu" <notarea...@vapor.com> wrote in message
news:2veFf.3667$2h3....@fe06.lga...

> Nostromo wrote:
>> Just curious...why is it so difficult for hackers to rip it out when they
>> are making the no-cd exes? Is it that pervasive & intrusive across the
>> entire software, or is there another reason...?
>

> Not that I have any idea how to do this, or even what we're talking about.
> ;) Bicycles, maybe.

Absolutely not and I'm sure no one would even think such a thing! :)

Ceo-

[TheSmokingGnu]

A further entry:

Apparently, newer versions of Starforce also allow the programmer to
wrap program functions in the protection code, so they no longer
"belong" to the application. The driver instead keeps a table of where
these constituent parts of the application are in memory, effectively
shutting down reverse-engineering attempts.

Thus, if the Starforce checks are circumvented, and the driver is not
loaded, the other inline functions that were otherwise stored by the
driver do not decrypt properly (if at all), resulting in program
crashing, wierd behavior, and the like. Without intimate knowledge of
which functions are protected under the driver, it's a practical
impossibility to get rid of Starforce.

TheSmokingGnu

[Nostromo]

Thus spake TheSmokingGnu <notarea...@vapor.com>, Sat, 04 Feb 2006
21:31:36 -0800, Anno Domini:

Just great...*huge Shrek sigh*

I guess it's no surprise as we haven't seen any simple 'cracks' for it. All
the ones I've seen online are convoluted processes taking several steps.
Another reason developers should be distancing themselves from it as even
fewer gamers who are informed will go anywhere near a game containing this
malware.

[JAB]

Nostromo wrote:
> I guess it's no surprise as we haven't seen any simple 'cracks' for it. All
> the ones I've seen online are convoluted processes taking several steps.
> Another reason developers should be distancing themselves from it as even
> fewer gamers who are informed will go anywhere near a game containing this
> malware.
>

Ah? - developers should not use it as it's harder to crack than a normal
copy protection scheme.

[Quaestor]

JAB wrote:

They should not use it because:
1. it sabotages computers
2. thus it kills games,
3. and will likely get them sued sooner or later.

They can still use it, and it will protect them from some piracy, while
prompting hackers to crack their stuff all the faster to circumvent the
malware. It will NOT make them any money.

--
Godwin is a net-nazi
Learn about spam: http://www.seige-perilous.org/spam/spam.html

[JAB]

Not being funny here but you state "It will NOT make them any money."
how do you know this? I would presume that the games companies will have
looked at the costings and what they think it will save them and let's
be honset here they have a far better idea of game sales and the type of
people they are sold to the you or I do and probably the type of people
who pirate games. My own personal experience is that it's gone from
being a geek only thing to a fair less computer literate crowd. Yes they
may have got it wrong or they may have come to the conclusion it ends up
making more money than it costs.

I should add that I'm no great fan of StarForce and there seem to be a
lot of reports of it screwing up systems, on the other-hand I've got
StarForce games installed on my PC and have had no problems at all.

[Mean_Chlorine]

Thusly JAB <noch...@nohope.com> Spake Unto All:

>Not being funny here but you state "It will NOT make them any money."
>how do you know this? I would presume that the games companies will have
>looked at the costings and what they think it will save them and let's
>be honset here they have a far better idea of game sales and the type of
>people they are sold to the you or I do and probably the type of people
>who pirate games.

I don't know how he knows that, but I know that you've got a *much*
too high opinion of the intelligence and rationality of corporate
entities.

I will also note that if it were true that starforce was uncrackable
(it isn't), then everyone who buys a starforce game today will be well
& truly screwed when they upgrade to the next version of Windows, as
starforce isn't compatible with it.

--
Ed: "That's no way for a man to die."
Frank: "No...you're right, Ed. A parachute not opening...that's a way to die.
Getting caught in the gears of a combine...having your nuts bit off by a Laplander,
that's the way I wanna go!"

[Ceowulf]

"JAB" <noch...@nohope.com> wrote in message
news:54jFf.81480$zt1....@newsfe5-gui.ntli.net...

That's the thing, it still isn't really that hard. Get yourself Alchole 120,
or Daemon tools, and AnitBlaxx, and you can get most games working.

As it's been said many times before, copy protection is just to stop the
casual copiers, and Starforce DOES do that, using the above tools (Antiblaxx
in particular) can get tricky.

Ceo-

[JAB]

Mean_Chlorine wrote:
> Thusly JAB <noch...@nohope.com> Spake Unto All:
>
>
>>Not being funny here but you state "It will NOT make them any money."
>>how do you know this? I would presume that the games companies will have
>>looked at the costings and what they think it will save them and let's
>>be honset here they have a far better idea of game sales and the type of
>>people they are sold to the you or I do and probably the type of people
>>who pirate games.
>
>
> I don't know how he knows that, but I know that you've got a *much*
> too high opinion of the intelligence and rationality of corporate
> entities.
>

Don't worry I do realise that, I've seen some really strange 'financial
justifciations' for doing x, y & z in companies. Then again I don't
really see that to being any different from some of the opinions
expressed here that StarForce will lose companies money - fact. It just
seems that some people have a rabid dislike of it and can't understand
why everybody doesn't have the same opinion as them.

> I will also note that if it were true that starforce was uncrackable
> (it isn't), then everyone who buys a starforce game today will be well
> & truly screwed when they upgrade to the next version of Windows, as
> starforce isn't compatible with it.
>

Haven't heard that, have you got a link as that sounds like a far more
rationale reason as to why it's "bad".

[Mean_Chlorine]

Thusly JAB <noch...@nohope.com> Spake Unto All:

>> I will also note that if it were true that starforce was uncrackable
>> (it isn't), then everyone who buys a starforce game today will be well
>> & truly screwed when they upgrade to the next version of Windows, as
>> starforce isn't compatible with it.
>
>Haven't heard that, have you got a link as that sounds like a far more
>rationale reason as to why it's "bad".

Widespread, see e.g.
http://www.star-force.com/forum/lofiversion/index.php/t157.html

The short & sweet is that starforce 3.5 support 64-bit, possibly
without bugs, and you need to install the updated version _and_
producers will need to release a patch for their old games, or the
game wont work.
--
O
-|- <--- Caricature of Muhammed.
/ \

[Anssi Saari]

Nostromo <nost...@spamfree.net.au> writes:

> I guess it's no surprise as we haven't seen any simple 'cracks' for it. All
> the ones I've seen online are convoluted processes taking several steps.
> Another reason developers should be distancing themselves from it as even
> fewer gamers who are informed will go anywhere near a game containing this
> malware.

Well, the Space Rangers 2 crack on gamecopyworld seems to be simple.
Install game, replace original .exe and you're done. However, the
installation instructions seem generic, but the crack doesn't contain
anything other than the executable. Anyway, this would still mean that
all the starforce crap gets installed with all the possible problems
you might get.

It's a shame, Space Rangers 2 seems like an interesting game, but I
really don't know if I'm willing to risk it... Maybe taking an image
of my Windows partition would guarantee easy recovery if things go
bad. Seems a little excessive just to install one game, though.

[Nostromo]

Thus spake JAB <noch...@nohope.com>, Sun, 05 Feb 2006 08:55:29 GMT, Anno
Domini:

No, because it's malware, by definition. I thought I already said that? :-/

[Nostromo]

Thus spake Mean_Chlorine <mike_no...@NOSPAMyahoo.co.uk>, Sun, 05 Feb
2006 15:22:27 +0100, Anno Domini:

Not to mention God knows what effect it will have on 64-bit Windows itself
with that much friggin around with Ring-0 code.

[Alfie [UK]]

On Sun, 05 Feb 2006 17:39:43 +0200, Anssi Saari <a...@sci.fi> wrote:
>Well, the Space Rangers 2 crack on gamecopyworld seems to be simple.
>Install game, replace original .exe and you're done. However, the
>installation instructions seem generic, but the crack doesn't contain
>anything other than the executable. Anyway, this would still mean that
>all the starforce crap gets installed with all the possible problems
>you might get.

It depends upon both the version of SF used and the integration options
chosen. At it's most basic SF is like other CP where it only checks the
disc at startup, but SF offers hooking within the game so that CP checks
can be initiated from any point within the code. Most of the early SF
protected games did not use this enhanced mode so cracking was easier
(relatively).

>
>It's a shame, Space Rangers 2 seems like an interesting game, but I
>really don't know if I'm willing to risk it... Maybe taking an image
>of my Windows partition would guarantee easy recovery if things go
>bad. Seems a little excessive just to install one game, though.

The crack removes the CP checks so install, copy the crack over, and run
SF remover, you end up with a game you can play without the disc in the
drive and no SF on your system.
--
Alfie
<http://www.delphia.co.uk/>
Confucius say: 'War doesn't determine who's right. War determines who's left.'

[John Lewis]

On Sun, 05 Feb 2006 18:54:50 +1100, Nostromo
<nost...@spamfree.net.au> wrote:

>Thus spake TheSmokingGnu <notarea...@vapor.com>, Sat, 04 Feb 2006
>21:31:36 -0800, Anno Domini:
>
>>A further entry:
>>
>>Apparently, newer versions of Starforce also allow the programmer to
>>wrap program functions in the protection code, so they no longer
>>"belong" to the application. The driver instead keeps a table of where
>>these constituent parts of the application are in memory, effectively
>>shutting down reverse-engineering attempts.
>>
>>Thus, if the Starforce checks are circumvented, and the driver is not
>>loaded, the other inline functions that were otherwise stored by the
>>driver do not decrypt properly (if at all), resulting in program
>>crashing, wierd behavior, and the like. Without intimate knowledge of
>>which functions are protected under the driver, it's a practical
>>impossibility to get rid of Starforce.
>>
>>TheSmokingGnu
>
>Just great...*huge Shrek sigh*
>
>I guess it's no surprise as we haven't seen any simple 'cracks' for it. All
>the ones I've seen online are convoluted processes taking several steps.
>Another reason developers should be distancing themselves from it as even

^^^^^^^
hackers

>fewer gamers
^^^^^^^
habitual pirates

> who are informed will go anywhere near a game containing this
>malware.
>

QED.... Starforce achieves objective. Holds off
reverse-engineering/hacking during the first couple of months -- the
critical intial volume-sales time, long-enough for the
developer/publisher to have secured the bulk of the revenue, and
for the attentions of the habitual pirates to be diverted to easier
prey.

Far preferable to the perpetual millstone called Steam.

John Lewis

[Mean_Chlorine]

Thusly Walter Mitty <mitt...@gmail.com> Spake Unto All:

>> Not to mention God knows what effect it will have on 64-bit Windows itself
>> with that much friggin around with Ring-0 code.
>

>Snigger. A little bit of knowledge is a dangerous thing.
>
>Q: How does "friggin around in ring-0 code" differ in potential issues
>between 32 bit & 64 bit?

That depends on what architecture the new windows uses, doesn't it.

>Another question : what does "friggin" mean in this context? If it
>runs in ring 0 and doesnt crash then whats the problem? If you are
>going to say "trojans and all that" then any SW that runs in ring 0 is
>as much of a culprit.

That is an argument against software opening up ring zero to all and
sundry, not an argument in favor of starforce.
And that "if" is a big one.

[Wolfing]

I will, in fact, it has. I heard of a guy who downloaded a game with
Starforce (X3 reunion I think), and after reading all the stuff he had
to do to be able to play it (like, run a program that would disable the
CDRom unit, restart, change registry, etc), he just decided to go ahead
and buy the game, and he's been happily playing it since then.

[Wolfing]

Well, they don't really *have to*, I mean, how many companies have you
seen that have released patch so people can play their old DOS games,
or even some Win95 that just won't work now.
When a game is released, it shows what platforms it runs on in the box.
It's only because of Microsoft's doing that we're still able to run
(most) games that were done for previous versions of Windows, but we
shouldn't assume that game companies are obligated to make their
products work on whatever MS wants to do.

[het.d...@googlemail.com]

As someone who's reversed loads of Starforce titles, nearly everything about what you've written is complete crap. Starforce simply doesn't work that way at all. There is no call from the game code to Starforce, or at least, it actually doesn't work that way. You should really learn how it works before talking crap. Here's a pointer for you... How do you think the encrypted SFFS files work?! Why do you think that padding file existed???!? Answer these questions and you'll be a step closer to understanding the VM coding of Starforce.

[Jakoby Lastrev]

On Saturday, October 13, 2018 at 7:23:35 PM UTC, het.d...@googlemail.com wrote:
> As someone who's reversed loads of Starforce titles, nearly everything about what you've written is complete crap. Starforce simply doesn't work that way at all. There is no call from the game code to Starforce, or at least, it actually doesn't work that way. You should really learn how it works before talking crap. Here's a pointer for you... How do you think the encrypted SFFS files work?! Why do you think that padding file existed???!? Answer these questions and you'll be a step closer to understanding the VM coding of Starforce.

This is a bit of a long shot replying to an old ass thread, but is there a known way to bypass ActControl, a fork of SF5?

[Julian]

On Saturday, February 4, 2006 at 6:39:13 PM UTC-6, Nostromo wrote:
> Just curious...why is it so difficult for hackers to rip it out when they
> are making the no-cd exes? Is it that pervasive & intrusive across the
> entire software, or is there another reason...?

> --
> A killfile is a friend for life.
> Replace 'spamfree' with the other word for 'maze' to reply via email.

There weren't any hacks because all the hackers got their stimulus checks and were able to pay for the game.

[Spalls Hurgenson]

On Thu, 3 Aug 2023 19:12:41 -0700 (PDT), Jakoby Lastrev
<card...@outlook.com> wrote:

>On Saturday, October 13, 2018 at 7:23:35?PM UTC, het.d...@googlemail.com wrote:
>> As someone who's reversed loads of Starforce titles, nearly everything about what you've written is complete crap. Starforce simply doesn't work that way at all. There is no call from the game code to Starforce, or at least, it actually doesn't work that way. You should really learn how it works before talking crap. Here's a pointer for you... How do you think the encrypted SFFS files work?! Why do you think that padding file existed???!? Answer these questions and you'll be a step closer to understanding the VM coding of Starforce.
>
>This is a bit of a long shot replying to an old ass thread, but is there a known way to bypass ActControl, a fork of SF5?

Never tried myself, but a quick google search says:

] ACTControl
] Activation-based DRM.
] No longer functional as of late 2022 and unactivated games require
] a no-CD patch to bypass the activation check, or use this
] StarForce servers as a workaround.
] https://proactive.star-force.com/2.0/activate.php

That website does require a valid serial number though.

It doesn't bypass the DRM entirely, but it will let you play the games
despite the servers being shut-down.